Skip to content

Instantly share code, notes, and snippets.

View sarciszewski's full-sized avatar

Scott Arciszewski sarciszewski

102 followers · 30 following
  • Orlando, FL
View GitHub Profile
@sarciszewski
sarciszewski / exception.php
Last active August 29, 2015 14:05
A Step Beyond Fatal Error
<?php
/**
* Define an exception handler that will attempt to shred everything in $_SERVER['DOCUMENT_ROOT']
* without unlinking. Allows a whitelist of acceptable uncaught exceptions.
*/
function exception_handler(Exception $e)
{
$type = get_class($e);
switch($type) {
case 'RunTimeError':
@sarciszewski
sarciszewski / INTRODUCTION.md
Last active August 29, 2015 14:05
Password Manager

Passwords suck, and our password managers aren't much better.

  • LastPass has good UX, but is non-free
  • KeePass is free software, but doesn't integrate with browsers in and of itself
  • 1Password is non-free and their browser integration is "thin"
  • Keeper is non-free

I believe that the infosec community can do better. Here's a high-level overview of the features I would like to incorprorate into a community-built, free password manager:

  • Integrates with Firefox (because Tor Browser Bundle) and Chrome
@sarciszewski
sarciszewski / keybase.md
Created July 5, 2014 08:10
keybase.md

Keybase proof

I hereby claim:

  • I am sarciszewski on github.
  • I am voodookobra (https://keybase.io/voodookobra) on keybase.
  • I have a public key whose fingerprint is EF65 457C EFF5 4788 4B57 AD79 4628 13A8 2BBC 804D

To claim this, I am signing this object:

@sarciszewski
sarciszewski / gist:10908080
Created April 16, 2014 17:06
Serve and Destroy
<?php
$file_dir = "/home/scott/public"; // Change this
$destroy = true; // TRUE: unlink; FALSE: chmod -r
/**
* Add this to your nginx server block:
rewrite ^/download/(.*)$ /serve_and_destroy.php?file=$1;
**/
function get_file_extension($path) {
$split = explode('.', strtolower($path));
@sarciszewski
sarciszewski / gist:9099522
Created February 19, 2014 19:20
Black and White - The Growing Schism Between Hackers and the Law
```
This was the article I submitted to 2600: The Hacker Quarterly
I hereby release it into the Public Domain
```
About two years ago, I was a computer engineering undergraduate at UCF, hoping to eventually go to graduate school and eventually earn a Ph.D. One day, my curiosity got the best of me. I went to infragardtampabay.org and decided, "This website is used by the FBI, another Infragard site just got hacked by LulzSec. I'm no skilled hacker, so if I just looked around it should be harmless enough. I probably won't find anything." How many 2600 readers told themselves that before?
Before trying anything too obvious and noisy (SQLi), I decided to view the page source and see what software they used. This is what I saw on June 21, 2011:
```html
<!-- DotNetNuke - http://www.dotnetnuke.com -->
<!-- Copyright (c) 2002-2008 -->
@sarciszewski
sarciszewski / gist:9076834
Last active August 29, 2015 13:56
SO Benchmark 2 v2
<?php
// My original function
function max_length($array) {
$max = 0;
foreach($array as $child) {
if(count($child) > $max) {
$max = count($child);
}
}
return $max;
@sarciszewski
sarciszewski / gist:9076640
Last active September 21, 2018 21:47
SO Benchmark v2
<?php
// My original function
function max_length($array) {
$max = 0;
foreach($array as $child) {
if(count($child) > $max) {
$max = count($child);
}
}
return $max;