Skip to content

Instantly share code, notes, and snippets.

View noproto's full-sized avatar
👨‍💻

Nathan N noproto

👨‍💻
104 followers · 37 following
View GitHub Profile
@dedlim
dedlim / claude_3.5_sonnet_artifacts.xml
Last active November 14, 2024 08:36
Claude 3.5 Sonnet, Full Artifacts System Prompt
<artifacts_info>
The assistant can create and reference artifacts during conversations. Artifacts are for substantial, self-contained content that users might modify or reuse, displayed in a separate UI window for clarity.
# Good artifacts are...
- Substantial content (>15 lines)
- Content that the user is likely to modify, iterate on, or take ownership of
- Self-contained, complex content that can be understood on its own, without context from the conversation
- Content intended for eventual use outside the conversation (e.g., reports, emails, presentations)
- Content likely to be referenced or reused multiple times
@DavidBuchanan314
DavidBuchanan314 / 31_round_sha256_poc.py
Last active April 17, 2024 16:17
"""
31-round sha256 collision.
Not my research, just a PoC script I put together with numbers plugged in from the slide at
https://twitter.com/jedisct1/status/1772647350554464448 from FSE2024
SHA256 impl follows FIPS 180-4
https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf
"""
@loknop
loknop / writeup.md
Created December 30, 2021 14:59
Solving "includer's revenge" from hxp ctf 2021 without controlling any files

Solving "includer's revenge" from hxp ctf 2021 without controlling any files

The challenge

The challenge was to achieve RCE with this file:

<?php ($_GET['action'] ?? 'read' ) === 'read' ? readfile($_GET['file'] ?? 'index.php') : include_once($_GET['file'] ?? 'index.php');

Some additional hardening was applied to the php installation to make sure that previously known solutions wouldn't work (for further information read this writeup from the challenge author).

I didn't solve the challenge during the competition - here is a writeup from someone who did - but since the idea I had differed from the techniques used in the published writeups I read (and I thought it was cool :D), here is my approach.

@oxagast
oxagast / github_admin_enumerator.sh
Created February 28, 2021 05:57
for i in {1..10000};
do
curl "https://api.github.com/users/KevinHock/following?per_page=100&page=${i}" -s | tee -a github.ids; # KevinHock follows everyone
sleep 300; # sleep 5 min between pages or rate limit kicks in soon
done;
cat github.ids | grep true -B 18 -A 1 | grep login | cut -d '"' -f 4 | xargs -I {LOGIN} curl "https://api.github.com/users
/{LOGIN}" -s | sed -e 's/}/},/' > github_admins.txt
cat github_admins.txt;
@darconeous
darconeous / tesla-key-card-protocol.md
Last active November 8, 2024 21:21
Tesla Key Card Protocol

Tesla Key Card Protocol

Researched by Robert Quattlebaum [email protected].

Last updated 2020-02-03.

Image of Tesla Key Card Image of Tesla Model 3 Key Fob

@Chaser324
Chaser324 / GitHub-Forking.md
Last active November 14, 2024 08:32
GitHub Standard Fork & Pull Request Workflow

Whether you're trying to give back to the open source community or collaborating on your own projects, knowing how to properly fork and generate pull requests is essential. Unfortunately, it's quite easy to make mistakes or not know what you should do when you're initially learning the process. I know that I certainly had considerable initial trouble with it, and I found a lot of the information on GitHub and around the internet to be rather piecemeal and incomplete - part of the process described here, another there, common hangups in a different place, and so on.

In an attempt to coallate this information for myself and others, this short tutorial is what I've found to be fairly standard procedure for creating a fork, doing your work, issuing a pull request, and merging that pull request back into the original project.

Creating a Fork

Just head over to the GitHub page and click the "Fork" button. It's just that simple. Once you've done that, you can use your favorite git client to clone your repo or j