{
"type": "FeatureCollection",
"features": [
{
"type": "Feature",
"properties": {},
"geometry": {
"coordinates": [
[
Steffen Gransow graste
graste
/ RequestValidatorListener.php
Created
December 25, 2022 20:05
— forked from ismail1432/RequestValidatorListener.php
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| namespace App\EventListener; | |
| use Symfony\Component\EventDispatcher\EventSubscriberInterface; | |
| use Symfony\Component\HttpFoundation\Request; | |
| use Symfony\Component\HttpKernel\Event\RequestEvent; | |
| use Symfony\Component\HttpKernel\KernelEvents; | |
| use Symfony\Component\Validator\Validator\ValidatorInterface; | |
| use Symfony\Component\Validator\Constraints; |
graste
/ reconnecting_pdo.php
Created
December 1, 2022 13:24
— forked from extraordinaire/reconnecting_pdo.php
Reconnectable PDO
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| class ReconnectingPDO | |
| { | |
| protected $dsn, $username, $password, $pdo, $driver_options; | |
| public function __construct($dsn, $username = "", $password = "", $driver_options = array()) | |
| { | |
| $this->dsn = $dsn; | |
| $this->username = $username; | |
| $this->password = $password; |
graste
/ geojson.md
Created
November 12, 2022 20:31
graste
/ writeup.md
Created
November 4, 2022 16:44
— forked from loknop/writeup.md
Solving "includer's revenge" from hxp ctf 2021 without controlling any files
The challenge was to achieve RCE with this file:
<?php ($_GET['action'] ?? 'read' ) === 'read' ? readfile($_GET['file'] ?? 'index.php') : include_once($_GET['file'] ?? 'index.php');Some additional hardening was applied to the php installation to make sure that previously known solutions wouldn't work (for further information read this writeup from the challenge author).
I didn't solve the challenge during the competition - here is a writeup from someone who did - but since the idea I had differed from the techniques used in the published writeups I read (and I thought it was cool :D), here is my approach.
graste
/ gnupg_scdaemon.md
Created
January 9, 2022 12:45
— forked from artizirk/gnupg_scdaemon.md
OpenPGP SSH access with Yubikey and GnuPG
Yubikey, Smart Cards, OpenSC and GnuPG are pain in the ass to get working. Those snippets here sould help alleviate pain.
To reset and disable not used modes on Yubikey you need the ykman program
You can install it using those commands
graste
/ rick-roll-content-scraper.js
Created
August 19, 2020 20:59
— forked from troyhunt/rick-roll-content-scraper.js
A Cloudflare worker to redirect image requests from dickhead content scraper's site to a Rick Roll
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| addEventListener('fetch', event => { | |
| event.respondWith(fetchAndApply(event.request)) | |
| }) | |
| async function fetchAndApply(request) { | |
| let response = await fetch(request) | |
| let referer = request.headers.get('Referer') | |
| let contentType = response.headers.get('Content-Type') || '' | |
| if (referer && contentType.startsWith('image/')) { |
graste
/ fastmail-jmap-quickstart.js
Created
August 18, 2020 21:15
— forked from jvns/fastmail-jmap-quickstart.js
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| const fetch = require('node-fetch'); | |
| async function run() { | |
| let username = "YOUR USERNAME HERE"; | |
| let password = "YOUR APP PASSWORD"; | |
| let authBasic = new Buffer(username + ':' + password).toString('base64'); | |
| let session = await (await fetch('https://jmap.fastmail.com/.well-known/jmap', { | |
| headers: { | |
| "Authorization": "Basic " + authBasic | |
| } | |
| })).json(); |
graste
/ smoothscroll.css
Created
August 18, 2020 19:18
— forked from zachleat/smoothscroll.css
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| html { | |
| scroll-behavior: smooth; | |
| } | |
| @media (prefers-reduced-motion: reduce) { | |
| html { | |
| scroll-behavior: auto; | |
| } | |
| } |
graste
/ 20111011_SteveYeggeGooglePlatformRant.md
Created
August 15, 2020 11:03
— forked from chitchcock/20111011_SteveYeggeGooglePlatformRant.md
Stevey's Google Platforms Rant
I was at Amazon for about six and a half years, and now I've been at Google for that long. One thing that struck me immediately about the two companies -- an impression that has been reinforced almost daily -- is that Amazon does everything wrong, and Google does everything right. Sure, it's a sweeping generalization, but a surprisingly accurate one. It's pretty crazy. There are probably a hundred or even two hundred different ways you can compare the two companies, and Google is superior in all but three of them, if I recall correctly. I actually did a spreadsheet at one point but Legal wouldn't let me show it to anyone, even though recruiting loved it.
I mean, just to give you a very brief taste: Amazon's recruiting process is fundamentally flawed by having teams hire for themselves, so their hiring bar is incredibly inconsistent across teams, despite various efforts they've made to level it out. And their operations are a mess; they don't real
graste
/ phpda.yml
Created
May 27, 2020 15:07
— forked from goetas/phpda.yml
Doctrine Migrations dependency analysis
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| mode: 'usage' | |
| source: './lib' | |
| filePattern: '*.php' | |
| formatter: 'PhpDA\Writer\Strategy\Svg' | |
| target: './complex-cycle.svg' | |
| groupLength: 3 | |
| visitorOptions: | |
| PhpDA\Parser\Visitor\Required\DeclaredNamespaceCollector: {minDepth: 2, sliceLength: 6, excludePattern: '/^((?!.*(Doctrine\\Migrations))|(?=.*Exception)).*$/'} | |
| PhpDA\Parser\Visitor\Required\MetaNamespaceCollector: {minDepth: 2, sliceLength: 4, excludePattern: '/^((?!.*(Doctrine\\Migrations))|(?=.*Exception)).*$/'} | |
| PhpDA\Parser\Visitor\Required\UsedNamespaceCollector: {minDepth: 2, sliceLength: 4, excludePattern: '/^((?!.*(Doctrine\\Migrations))|(?=.*Exception)).*$/'} |