Skip to content

Instantly share code, notes, and snippets.

View axeII's full-sized avatar
🤺
Breaking home network again

Alesh Lerch axeII

🤺
Breaking home network again
18 followers · 69 following
View GitHub Profile
@hackermondev
hackermondev / zendesk.md
Last active November 16, 2024 02:34
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@dumindu
dumindu / userChrome.css
Last active July 25, 2024 19:50
Firefox Night Owl - V2
@namespace url("http://www.mozilla.org/keymaster/gatekeeper/there.is.only.xul");
:root:-moz-lwtheme-brighttext {
--chrome-background-color: #424242 !important;
--chrome-color: #8f8f8f !important;
--chrome-secondary-background-color: #363636 !important;
--toolbox-border-bottom-color: #333333 !important;
--url-and-searchbar-border-color: #333333 !important;
--focus-ring-box-shadow: #191917 !important;
--url-and-searchbar-background-color: #363636 !important;
@gbaman
gbaman / graphql_example.py
Created November 1, 2017 00:18
An example on using the Github GraphQL API with Python 3
# An example to get the remaining rate limit using the Github GraphQL API.
import requests
headers = {"Authorization": "Bearer YOUR API KEY"}
def run_query(query): # A simple function to use requests.post to make the API call. Note the json= section.
request = requests.post('https://api.github.com/graphql', json={'query': query}, headers=headers)
if request.status_code == 200:
@gagarine
gagarine / install-clamav-osx.md
Last active October 1, 2024 20:38
Howto Install clamav on OSX with brew

Howto Install clamav on OSX with brew

Note: on legacy intel system the path may be /usr/local/etc/clamav instead of /opt/homebrew/etc/clamav/

$ brew install clamav
$ cd /opt/homebrew/etc/clamav/
$ cp freshclam.conf.sample freshclam.conf
@devdrops
devdrops / example.md
Last active July 23, 2024 14:20
Mysqldump from Docker container

Mysqldump from Docker container

docker exec -i mysql_container mysqldump -uroot -proot --databases database_name --skip-comments > /path/to/my/dump.sql

OBS

  • This will generate a dump.sql file in your host machine. Awesome, eh?
  • Avoid using --compact on your dump. This will make MySQL check your constraints which will cause troubles when reading your file (damm you MySQL). And don't use --force to fix this scenario: recreate your dump without --compact ¯_(ツ)_/¯
@bastman
bastman / docker-cleanup-resources.md
Created March 31, 2016 05:55
docker cleanup guide: containers, images, volumes, networks

Docker - How to cleanup (unused) resources

Once in a while, you may need to cleanup resources (containers, volumes, images, networks) ...

delete volumes

// see: https://github.com/chadoe/docker-cleanup-volumes

$ docker volume rm $(docker volume ls -qf dangling=true)

$ docker volume ls -qf dangling=true | xargs -r docker volume rm

@pkirkovsky
pkirkovsky / yubikey-reset.sh
Last active September 9, 2024 12:25
Utility for resetting a Yubikey to factory defaults using gpg-connect-agent. This will wipe out any stored keys and reset PINs to default values.
# Adapted from https://developers.yubico.com/ykneo-openpgp/ResetApplet.html
gpg-connect-agent <<EOF
/hex
scd serialno
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 81 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
scd apdu 00 20 00 83 08 40 40 40 40 40 40 40 40
@githubutilities
githubutilities / Uninstall-pkg.md
Last active September 18, 2024 13:00
Uninstall pkg manually in OS X

Mac Uninstall pkg Manually

  • using pkgutil
# list all your installed packages
pkgutil --pkgs

# show your package info
pkgutil --pkg-info
@andreif
andreif / simplest-osx-python-app.md
Last active January 20, 2020 15:00

Simplest app can be created via https://gist.github.com/mathiasbynens/674099 e.g.

mkdir -p MyApp.app/Contents/MacOS
printf '#!/bin/bash\nsleep 5' > MyApp.app/Contents/MacOS/MyApp
chmod +x MyApp.app/Contents/MacOS/MyApp
echo "<plist><dict></dict></plist>" > MyApp.app/Contents/Info.plist

But more "appy" app can be done via the followning steps

@rmondello
rmondello / gist:b933231b1fcc83a7db0b
Last active October 6, 2024 20:11
Exporting (iCloud) Keychain and Safari credentials to a CSV file

Exporting (iCloud) Keychain and Safari credentials to a CSV file

Update (October 2021)

Exporting password + one-time code data from iCloud Keychain is now officially supported in macOS Monterey and Safari 15 (for Monterey, Big Sur, and Catalina). You can access it in the Password Manager’s “gear” icon (System Preferences > Passwords on Monterey, and Safari > Passwords everywhere else), or via the File > Export > Passwords... menu item). You shouldn't need to hack up your own exporter anymore.

Original, Obsolete Content (2014)

After my dad died, I wanted to be able to have access any of his online accounts going forward. My dad was a Safari user and used iCloud Keychain to sync his credentials across his devices. I don’t want to have to keep an OS X user account around just to access his accounts, so I wanted to export his credentials to a portable file.