Skip to content

Instantly share code, notes, and snippets.

View mrunkel's full-sized avatar

Marc Runkel mrunkel

8 followers · 7 following
  • plusForta, GmbH
  • Düsseldorf, Germany
View GitHub Profile
@mrunkel
mrunkel / 0-hidden-service-subdomains.md
Created February 15, 2018 09:45 — forked from mtigas/0-hidden-service-subdomains.md
Example code for running a (HTTP/HTTPS) Tor hidden service supporting subdomains.

The following files show an example of how to create subdomains for onion site hidden services. (This hasn't been tested for hidden services for anything other than HTTP/HTTPS.)

(You might also want to read our blog post about ProPublica’s Tor hidden service, including a tutorial and notes on running a hidden service: https://www.propublica.org/nerds/item/a-more-secure-and-anonymous-propublica-using-tor-hidden-services )

In general, this works (maybe just in recent Tor clients) because Tor will handle the connection to www.xxxxxxxxxxxxxxxx.onion as a connection to xxxxxxxxxxxxxxxx.onion. The encapsulated HTTP/HTTPS connection contains the subdomain in the Host: header (and in the case of HTTPS, the SNI

@mrunkel
mrunkel / checkpass
Created February 22, 2018 13:27
A simple command line script to check your password against the HIBP database.
#!env php
<?php
/**
* Generates a SHA1 hash of the password to be tested. Sends the first 5
* characters of said hash to HIBP.
*
* HIBP returns the remaining characters of any hashes in their database that
* matched ours.
*
@mrunkel
mrunkel / dewebm.sh
Created March 5, 2018 14:36
dewebm script
#!/bin/sh
shopt -s nullglob
for f in *.webm
do
file=$(basename "$f")
ext="${file##*.}"
name="${file%.*}"
echo "Converting $file to mpeg4"
ffmpeg -hide_banner -v error -i "$file" "${name}.mp4" && rm $f
done
@mrunkel
mrunkel / installcert.sh
Last active March 15, 2018 12:26
acme.sh command for nginx
export DOMAIN=""
acme.sh --install-cert -d ${DOMAIN} --key-file /etc/ssl/private/${DOMAIN}-key.pem --fullchain-file /etc/ssl/certs/${DOMAIN}-cert.pem --reloadcmd "service nginx force-reload"
@mrunkel
mrunkel / reboot.sh
Created March 15, 2018 13:40
Commands to force a reboot of a linux server
# don't do this except in cases of last resort!
echo 1 > /proc/sys/kernel/sysrq
echo b > /proc/sysrq-trigger
@mrunkel
mrunkel / nginx_location.txt
Created March 20, 2018 14:54
nginx location matching rules explained
# READ (AND UNDERSTAND) THIS BEFORE MODIFYING THE location settings
# location optional_modifier location_match {
# ....
# }
#
# The location_match in the above defines what Nginx should check the request URI against. The existence or
# nonexistence of the optional_modifier in the above example affects the way that the Nginx attempts to match the
# location block. The modifiers below will cause the associated location block to be interpreted as follows:
#
@mrunkel
mrunkel / renpy-console.md
Last active May 27, 2018 08:28

Create a file in /game called options.rpy with the following content

init -1:
  python hide:
    config.developer = True

In /Renpy/Common/00console.rpy

Set config.console variable to True (use capital T)

@mrunkel
mrunkel / bullshit.html
Last active January 29, 2022 06:58
Almost 4,000 lines of javascript and HTML presented when pressing "I DO NOT ACCEPT" at westernjournal.com
<html lang="en-US" prefix="og: http://ogp.me/ns#">
<head>
<script type="text/javascript"
src="https://bam.nr-data.net/1/122dc12de0?a=17724322,86577151&amp;v=1071.385e752&amp;to=YQFSN0RZDxZUUEBaClhLcQBCUQ4LGkNVVAA%3D&amp;rst=1161&amp;ref=https://www.westernjournal.com/consent/&amp;ap=207&amp;be=141&amp;fe=1148&amp;dc=402&amp;af=err,xhr,stn,ins&amp;perf=%7B%22timing%22:%7B%22of%22:1531994499391,%22n%22:0,%22u%22:82,%22r%22:7,%22ue%22:85,%22re%22:39,%22f%22:39,%22dn%22:39,%22dne%22:39,%22c%22:39,%22ce%22:39,%22rq%22:41,%22rp%22:72,%22rpe%22:86,%22dl%22:101,%22di%22:401,%22ds%22:402,%22de%22:402,%22dc%22:1148,%22l%22:1148,%22le%22:1158%7D,%22navigation%22:%7B%22rc%22:1%7D%7D&amp;at=TUZRQQxDHBg%3D&amp;jsonp=NREUM.setToken"></script>
<script src="https://js-agent.newrelic.com/nr-1071.min.js"></script>
<script type="text/javascript" id="www-widgetapi-script"
src="https://s.ytimg.com/yts/jsbin/www-widgetapi-vflLq-1W7/www-widgetapi.js" async=""></script>
<script src="https://sec
@mrunkel
mrunkel / cookie.txt
Created July 19, 2018 10:40
@mrunkel
mrunkel / kirby-nginx.conf
Created September 3, 2018 08:49
A fully working kirby nginx conf file
server {
listen *:443 ssl http2 default_server;
server_name <SERVERNAME HERE>;
ssl on;
# see https://letsencrypt.org/ for an SSL cert
ssl_certificate /etc/letsencrypt/certs/<SERVERNAME HERE>_fullchain.pem;
ssl_certificate_key /etc/letsencrypt/private/<SERVERNAME HERE>.key;