Skip to content

Instantly share code, notes, and snippets.

View Pozo's full-sized avatar

Zoltan Polgar Pozo

View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active November 4, 2024 18:32
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

@GavinRay97
GavinRay97 / Makefile
Created December 8, 2022 21:21
A Makefile to compile a Maven/Gradle-style project layout using a custom JDK (for use w/ IE, Valhalla)
# Makefile to compile and run Java sources manually
# because JDK 20 Valhalla support is not yet available in IntelliJ IDEA
JAVA_VERSION = 20
JAVAC = /home/user/downloads/jdk-20-vahalla-20-75/bin/javac
JAVA = /home/user/downloads/jdk-20-vahalla-20-75/bin/java
JAVA_COMPILE_OPTIONS = --enable-preview --release $(JAVA_VERSION)
JAVA_OPTIONS = --enable-preview
JAVA_MAIN_CLASS = org.example.Database
<!-- plug-in configuration to put into your parent POM for avoiding any usages of
outdated log4j2 versions, some of which are subject to the RCE CVE-2021-44228
("Log4Shell"), CVE-2021-45046, and CVE-2021-45105. Make sure to check for the
latest version of log4j2 at
https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core -->
...
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-enforcer-plugin</artifactId>
<version>3.0.0</version>
@LinusU
LinusU / DSP-W115.md
Created October 18, 2018 06:20
Information about the DSP-W115 Smart Plug

DSP-W115

The deice creates an ad-hoc network that will be named DSP-W115-XXXX (where XXXX will be device dependent). When connecting to this network, my Smart Plug had the address 192.168.0.20, navigating to http://192.168.0.20/ took me to a login page. The credentials for logging in were: username = Admin, password = pin code printed on device.

After logging in, the device presents a page with some current information about the device:

Firmware Version: 1.00-b11
Date: Nov 17, 2017
Checksum: 0x13A44B58
1. Setup a project
2. Add groovy SDK support:
https://www.bonusbits.com/wiki/HowTo:Add_Groovy_SDK_to_IntelliJ_IDEA
3. Download http://(yourjenkinsurl)/job/(yourpipelinejob)/pipeline-syntax/gdsl
- this will give you the .gdsl file - download this to the src folder of your project.
4. Finally follow this step - right click on the src folder -> Mark directory as -> Sources Root
@franz-josef-kaiser
franz-josef-kaiser / sshfs.sh
Last active March 24, 2021 09:36
Example of SSHFS remote filesystem mounting. Useful in case one needs to access files created on a remote server on a regular basis
#!/usr/bin/env bash
sshfs \
[email protected]:/home/user/project /local/folder/to/project \
-o ServerAliveInterval=15 \
-o ServerAliveCountMax=20 \
-o reconnect \
-o defer_permissions \
-o negative_vncache \
-o volname=vendorname \
@etiennestuder
etiennestuder / speak.gradle
Last active March 14, 2024 07:30
Voice notification when when Gradle build finishes (for Mac OS X)
// When runnning a Gradle build in the background, it is convenient to be notified immediately
// via voice once the build has finished - without having to actively switch windows to find out -
// and being told the actual exception in case of a build failure.
// Put this file into the folder ~/.gradle/init.d to enable the acoustic notifications for all builds
gradle.addBuildListener(new BuildAdapter() {
@Override
void buildFinished(BuildResult result) {
@rponte
rponte / build.gradle
Last active February 20, 2024 06:44
Configuring Gradle compiler encoding
apply plugin: 'java'
apply plugin: 'eclipse'
sourceCompatibility = JavaVersion.VERSION_1_8
targetCompatibility = JavaVersion.VERSION_1_8
eclipseJdt << {
ant.propertyfile(file: ".settings/org.eclipse.core.resources.prefs") {
ant.entry(key: "eclipse.preferences.version", value: "1")
ant.entry(key: "encoding/<project>", value: "utf-8")
@JoaquimLey
JoaquimLey / create_new_ssh_key.md
Last active April 4, 2024 11:07
Generating a new SSH key and adding it to the ssh-agent

Generating a new ssh-key

Open Terminal. Paste the text below, substituting in your GitHub email address.

ssh-keygen -t rsa -b 4096 -C "[email protected]"

This creates a new ssh key, using the provided email as a label

Generating public/private rsa key pair.

@indrora
indrora / 00readme.md
Last active November 12, 2021 07:24
DeadUpdate: Kickin' it bigtime.

... my first disclosure. Man, it feels weird doing this.

update 6/6/16 I would like to stress something: I'm not saying "Don't buy an ASUS device" -- I see a lot of people who want to lambaste ASUS for this and boycott their hardware. This isn't what I want people to be doing by any stretch. Stupidly, I like the ASUS hardware I have (it's nice for the price) and I would rather see a pressure on ASUS as an OEM to stop shipping "value added software" to consumers; If you want to help Microsoft in pushing this mentality, go buy a signature machine from them. Microsoft provides support, but also only ships windows and a few select utilities that are essential to the functioning of the system (think: Radeon/Optimus and nVidia control panels) and fall heavily on the hardware makers (ATI, nVidia, Intel) to provide support for the harware.

Consider an ASUS device all you want. Start putting pressure on Microsoft that consumers want bloat-free devices and start voting with your money. Microsoft's store