Skip to content

Instantly share code, notes, and snippets.

View munkiepus's full-sized avatar

Tony Dunlop munkiepus

View GitHub Profile
// need to include https://cdnjs.cloudflare.com/ajax/libs/crypto-js/3.1.9-1/crypto-js.min.js
password = "hello";
alert(encodePassword(password));
// return b64 encoded like symfony encodePassword
function encodePassword(stringInput, iterations = 5000) {
return btoa(hashPassword(stringInput, iterations));
@munkiepus
munkiepus / ulnValidation.sql
Last active February 26, 2019 10:03
Unique Learner Number (ULN) Validation in SQL
/*
* verifies checksum of ULN
* from https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/710270/ULN_validation.pdf
*/
SELECT
uln_number,
SUBSTRING(uln_number, 1, 9) AS ExtractString,
RIGHT(uln_number, 1) AS givenChecksum,
10 - MOD(SUBSTRING(uln_number, 1, 1) * 10 +
@munkiepus
munkiepus / ulnValidation.php
Last active April 25, 2019 08:22
Unique Learner Number (ULN) Validation in PHP
<?php
/**
* @method ulnValidation
*
* Checks if a ULN number is in the correct format, 10 digits including a 1 digit checksum
*
* @link https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/795483/WSLP02_ULN_Validation_v3.pdf
*
* 1. Take the first 9 digits of the entered ULN.
* 2. Sum 10 × first digit + 9 x second digit + 8 x third digit + 7 x fourth digit + 6 x fifth digit
@munkiepus
munkiepus / mitigate_ci3_formula_injection.php
Last active March 14, 2019 10:52
Mitigate against Codeigniter CSV formula injection attacks in
This vuln was reported here https://github.com/bcit-ci/CodeIgniter/issues/5600
but looks like the devs wont fix it so here's how to mitigate if you're stuck with CodeIgniter.
This overides the offending class without touching the core files.
First create a new override for the Codeigniter CI_DB_utility::csv_from_result in application/libraries/MY_DB_utility.php
<?php
@munkiepus
munkiepus / install_mailcatcher.sh
Last active February 25, 2022 16:40
install mailcatcher with systemd init script on ubuntu 18.04 and catch all sendmail
#!/bin/bash
echo "-- installing mailcatcher -- "
apt-get install ruby ruby-dev ruby-all-dev sqlite3 libsqlite3-dev -y
gem install mailcatcher
echo '[Unit]
Description = MailCatcher

Keybase proof

I hereby claim:

  • I am munkiepus on github.
  • I am munkiepus (https://keybase.io/munkiepus) on keybase.
  • I have a public key whose fingerprint is 6E68 388F 38C2 AFAB 0E63 D258 08E0 274A 0582 61F6

To claim this, I am signing this object: