moscowchill
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #cloud-config | |
| # Update package cache | |
| package_update: true | |
| package_upgrade: true | |
| # Install base packages | |
| packages: | |
| - curl | |
| - wget |
moscowchill
/ connpolicy_swallowed_err_test.go
Created
February 9, 2026 07:39
PoC test: mTLS fail-open due to swallowed errors in Caddy connpolicy.go
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package caddytls | |
| import ( | |
| "crypto/ecdsa" | |
| "crypto/elliptic" | |
| "crypto/rand" | |
| "crypto/tls" | |
| "crypto/x509" | |
| "crypto/x509/pkix" | |
| "encoding/pem" |
moscowchill
/ host_case_bypass_test.go
Created
February 9, 2026 08:05
PoC: Caddy MatchHost case-sensitive binary search bypass (>100 hosts)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package caddyhttp | |
| import ( | |
| "context" | |
| "fmt" | |
| "net/http" | |
| "testing" | |
| "github.com/caddyserver/caddy/v2" | |
| ) |
moscowchill
/ vote_security_test.go
Created
February 9, 2026 10:03
PoC: BSC double-sign evidence self-comparison bug (core/types/vote.go:110)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package types | |
| import ( | |
| "bytes" | |
| "testing" | |
| "github.com/ethereum/go-ethereum/common" | |
| ) | |
| // TestSelfComparisonBug_DifferentAddressesAccepted proves that |
OlderNewer