Skip to content

Instantly share code, notes, and snippets.

@hackermondev
hackermondev / zendesk.md
Last active November 16, 2024 12:28
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@ghfields
ghfields / Ubuntu 19.10 zfs installer Encryption
Last active January 7, 2022 22:44
Fix Ubuntu 19.10 zfs installer /usr/share/ubiquity/zsys-setup (encryption)
1) Start in uefi mode.
At Line 216 use:
echo password | zpool create -f \
-o ashift=12 \
-O compression=lz4 \
-O acltype=posixacl \
-O xattr=sa \
-O relatime=on \
@miguelmota
miguelmota / README.md
Last active April 2, 2023 09:39
Bash `which` vs `type`

which vs type

  • which

    • finds executable in your $PATH
    • lives in /usr/bin/which
  • type

    • determines if command is alias, function, built-in command, cached executable (hashed), binary in $PATH, etc
  • shell builtin

@karthikax
karthikax / dosu.php
Last active December 31, 2022 06:16
PHP Download file to server from URL
<html>
<p style="width: 70%;margin: auto;margin-top: 5%;font-size:larger;text-align:center">
Download a file from any URL</p>
<form method="post" style="width: 70%;margin: auto;margin-top: 10%;">
<input name="url" size="50" placeholder="Source URL" style="width: 100%;height: 10%;font-size: 1.5em;padding:10px" required>
<input name="submit" type="submit" value="Download" style="width: 30%;height: 10%;margin: 5% auto; display: block;">
<p style="width: 70%;margin: auto;margin-top: 10%;font-size:larger;text-align:center">
To <?php echo getcwd(); ?></p>
<p style="width: 70%;margin: auto;font-size: smaller;text-align: center;position: fixed;bottom: 0;background: #fff;">
Powered by: <a href="https://karthikbhat.net/portfolio" target="_blank" style="color:#f60;text-decoration:none;">Karthik</a></p>
@gusennan
gusennan / crypt_unlock.sh
Created March 7, 2015 17:57
initramfs-hook for unlocking LUKS-encrypted LVM partition
#!/bin/sh
PREREQ="dropbear"
prereqs() {
echo "$PREREQ"
}
case "$1" in
prereqs)
@mmdemirbas
mmdemirbas / set-ntfs-ro.ps1
Created March 23, 2013 20:54
PowerShell script to set or clear NTFS read-only flag of a volume by volume label
#########################################################################
# #
# Script to set or clear read-only flag of an NTFS volume. #
# #
# Usage: .\set-ntfs-ro.ps1 set "MY DISK LABEL" #
# .\set-ntfs-ro.ps1 clear "MY DISK LABEL" #
# #
# Author: Muhammed Demirbas, mmdemirbas at gmail dot com #
# Date : 2013-03-23 #
# #