Skip to content

Instantly share code, notes, and snippets.

View iphoting's full-sized avatar

Ronald Ip iphoting

33 followers · 25 following
View GitHub Profile
@iphoting
iphoting / pin_gen.rb
Created November 18, 2012 09:24
Simple Numeric PIN Generator
#!/usr/bin/env ruby
#
# A simple numerical PIN generator.
# For passphrases, use pwqgen.rb.
#
# Usage:
# gem install docopt
# ./pin_gen.rb --help
#
@takeshixx
takeshixx / hb-test.py
Last active June 18, 2026 05:00
OpenSSL heartbeat PoC with STARTTLS support.
#!/usr/bin/env python2
"""
Author: takeshix <takeshix@adversec.com>
PoC code for CVE-2014-0160. Original PoC by Jared Stafford (jspenguin@jspenguin.org).
Supportes all versions of TLS and has STARTTLS support for SMTP,POP3,IMAP,FTP and XMPP.
"""
import sys,struct,socket
from argparse import ArgumentParser
@psyark
psyark / keyboard-us.reg
Created April 28, 2014 02:25
US Keyboard
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\services\i8042prt\Parameters]
"PollingIterations"=dword:00002ee0
"PollingIterationsMaximum"=dword:00002ee0
"ResendIterations"=dword:00000003
"LayerDriver JPN"="kbd101.dll"
"OverrideKeyboardIdentifier"="PCAT_101KEY"
"OverrideKeyboardType"=dword:00000007
"OverrideKeyboardSubtype"=dword:00000000
@kyledrake
kyledrake / ferengi-plan.txt
Last active November 14, 2025 04:39
How to throttle the FCC to dial up modem speeds on your website using Nginx
# The blog post that started it all: https://neocities.org/blog/the-fcc-is-now-rate-limited
#
# Current known FCC address ranges:
# https://news.ycombinator.com/item?id=7716915
#
# Confirm/locate FCC IP ranges with this: http://whois.arin.net/rest/net/NET-165-135-0-0-1/pft
#
# In your nginx.conf:
location / {
@sivel
sivel / better-ssh-authorized-keys-management.md
Last active June 28, 2026 04:30
Better SSH Authorized Keys Management

Better SSH Authorized Keys Management

A seemingly common problem that people encounter is how to handle all of your users authorized_keys file.

People struggle over management, ensuring that users only have specific keys in the authorized_keys file or even a method for expiring keys. A centralized key management system could help provide all of this functionality with a little scripting.

One piece of functionality overlooked in OpenSSH is the AuthorizedKeysCommand configuration keyword. This configuration allows you to specify a command that will run during login to retrieve a users public key file from a remote source and perform validation just as if the authorized_keys file was local.

Here is an example directory structure for a set of users with SSH public keys that can be shared out via a web server:

@OnlyInAmerica
OnlyInAmerica / make-mega-adblock-hostsfile.sh
Last active September 24, 2024 14:40
Create Mega Adblock Hostsfile for use with Dnsmasq (Modified from Pi-hole)
#!/bin/bash
# Modified Pi-hole script to generate a generic hosts file
# for use with dnsmasq's addn-hosts configuration
# original : https://github.com/jacobsalmela/pi-hole/blob/master/gravity-adv.sh
# The Pi-hole now blocks over 120,000 ad domains
# Address to send ads to (the RPi)
piholeIP="192.168.1.1"
outlist='./final_blocklist.txt'
@jamesmacwhite
jamesmacwhite / Workarounds for Netflix and the blocking of IPv6 tunnels.md
Last active June 20, 2026 21:45
Prevent proxy/VPN streaming error messages from Netflix when using a Hurricane Electric IPv6 tunnel.

Workarounds for Netflix and the blocking of Hurricane Electric IPv6 tunnels

The dreaded "You seem to be using an unblocker or proxy." error message. Cool story bro.

This gist was essentially created out of my own rant about Netflix being hostile to IPv6 tunnel services since June 2016. You are welcome to read my opinion on the matter, this is the more technical side to the issue and how to combat it within your own network.

Since I wrote this, various GitHub users have contributed their thoughts and ideas which has been incorporated into this gist. Thank you to everyone who have contributed their own methods and implementations.

The problem

Netflix now treats IPv6 tunnel brokers (such as Hurricane Electric) as proxy servers. A while ago it became apparent to users and Netflix that somewhat by accident, IPv6 tunnel users were being served content outside of their geolocation because of the way Netflix was identifyi

@jamesmacwhite
jamesmacwhite / Netflix WPAD bypass rules.md
Last active August 9, 2023 13:24
Bypass rules for Netflix when using a WPAD based proxy deployment

Netflix and direct bypass rules using WPAD

If your like me you might already use a VPN to route your traffic through. The problem is some sites just don't like VPN services and will actively block you from using them without disabling or bypassing it.

Netflix is a prime example of a website that does not like VPN services, because they are seen as a way to circumvent the geo-restrictions imposed on the content library offered.

Below are WPAD rules I use to essentially send Netflix traffic directly and avoid any VPN errors/dreaded unknown error network messages. Error messages that Netflix throws back at you related to VPN usage when streaming might include:

  • "You seem to be using an unblocker or proxy"
  • VPN/proxy error M7111-1331-5059
@rafecolton
rafecolton / brew-go-get.bash
Created August 13, 2017 19:43
brew-go-get
#!/bin/bash
# https://blog.filippo.io/cleaning-up-my-gopath-with-homebrew/
set -euo pipefail
if [[ $# -lt 1 ]] || [[ "$1" =~ -h|--help ]] ; then
echo "Usage: brew-go-get github.com/foo/bar ..."
exit 1
fi
@darkn3rd
darkn3rd / chefdk_rvm_setup.sh
Last active September 15, 2020 09:44
ChefDK RVM Setup
# create $HOME/.chefdk
chef gem update json
CHEF_RUBY_VERS=$(ls /opt/chefdk/embedded/lib/ruby/ | grep '[0-9]')
CHEFDK="/opt/chefdk/embedded"
CHEFDK_USER="$HOME/.chefdk/gem/ruby/$CHEF_RUBY_VERS"
RVM_GEMS="$HOME/.rvm/gems"
RVM_RUBIES="$HOME/.rvm/rubies"
RUBY_NAME="ext-chefdk-ruby"