| #!/usr/bin/env python | |
| # Based on https://www.openwall.com/lists/oss-security/2018/08/16/1 | |
| # untested CVE-2018-10933 | |
| import sys, paramiko | |
| import logging | |
| username = sys.argv[1] | |
| hostname = sys.argv[2] | |
| command = sys.argv[3] |
| name: CI | |
| on: | |
| push: | |
| branches: | |
| - master | |
| jobs: | |
| build: | |
| runs-on: ubuntu-latest | |
| steps: | |
| - uses: actions/checkout@master |
| import idaapi, idc, idautils | |
| class DecryptorError(Exception): | |
| pass | |
| def rc4crypt(key, data): | |
| x = 0 | |
| box = range(256) |
| # docker network create nextcloud | |
| NOTES: | |
| 1. [email protected] | |
| 2. TRUSTED_PROXIES values based on your 'nexcloud network' | |
| 3. remove traefik.http.middlewares.nextcloud.headers.contentSecurityPolicy and | |
| traefik.http.middlewares.nextcloud.headers.customFrameOptionsValue if you don't want to allow iframe your domain | |
| 3 | |
| # cat docker-compose.yml |
| // This is a hack, a quick and dirty console script for RT/tweets (with replies) removal w/o API | |
| // To be used in: https://twitter.com/Username/with_replies | |
| // Set your username (without @) below (case-sensitive) to correctly trigger the right Menu | |
| const tweetUser = 'Username' | |
| // BUG, With above we still trigger Menu on some replies but relatively harmless. | |
| // @Hack Implement simple has() for querySelector | |
| const querySelectorHas = function( parent, child ){ |
There was a reddit post about installing Arch on NTFS3 partition. Since Windows and Linux doesn't have directories with same names under the /(C:\), I thought it's possible, and turned out it was actually possible.
If you are not familiar to Linux, for example you've searched on Google "how to dualboot Linux and Windos" or brbrbr... you mustn't try this. This is not practical.
| #! /usr/bin/env python3 | |
| ''' | |
| Needs Requests (pip3 install requests) | |
| Author: Marcello Salvati, Twitter: @byt3bl33d3r | |
| License: DWTFUWANTWTL (Do What Ever the Fuck You Want With This License) | |
| This should allow you to detect if something is potentially exploitable to the log4j 0day dropped on December 9th 2021. |
| import httpx | |
| import argparse | |
| from http import HTTPStatus | |
| from datetime import datetime | |
| from contextlib import suppress | |
| from collections import namedtuple | |
| from typing import Dict, List, Optional, Tuple, Union |
| # latest supported electron version as of october 2024 | |
| LATEST_SUPPORTED_VERSION=30 | |
| RED='\033[0;31m' | |
| GREEN='\033[0;32m' | |
| NC='\033[0m' # no color | |
| mdfind "kind:app" 2>/dev/null | sort -u | while read app; | |
| do | |
| filename="$app/Contents/Frameworks/Electron Framework.framework/Electron Framework" | |
| if [[ -f $filename ]]; then |
| #!/usr/bin/env osascript -l JavaScript | |
| const App = Application.currentApplication(); | |
| App.includeStandardAdditions = true; | |
| const kCFPrefsFeatureFlagsDir = '/Library/Preferences/FeatureFlags/Domain'; | |
| const kCFPrefsFeatureEnabledKey = 'Enabled'; | |
| const kUIKitDomainPrefsTemporaryPath = '/tmp/UIKit.plist'; | |
| const kUIKitRedesignedTextCursorKey = 'redesigned_text_cursor'; |
