- Install composer-patches plugin
composer require cweagans/composer-patches
-
Download all the files (
*.diff&*.json) topatchessubdirectory of your project -
Add the following to your
composer.json:
"extra": {
Michal Špaček spaze
🔒
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 662538: URL_REQUEST | |
| http://www.michalspacek.cz/ | |
| Start Time: 2018-03-09 00:52:52.274 | |
| t=10702 [st= 0] +REQUEST_ALIVE [dt=76] | |
| --> priority = "HIGHEST" | |
| --> url = "http://www.michalspacek.cz/" | |
| t=10702 [st= 0] URL_REQUEST_DELEGATE [dt=1] | |
| t=10703 [st= 1] +URL_REQUEST_START_JOB [dt=0] | |
| --> load_flags = 37122 (BYPASS_CACHE | MAIN_FRAME_DEPRECATED | MAYBE_USER_GESTURE | VERIFY_EV_CERT) |
spaze
/ pbkdf2-symfony-polyfill.php
Last active
October 12, 2018 20:27
Symfony's PBKDF2 polyfill benchmark (TL;DR it's slow, DO NOT USE, use hash_pbkdf2 available in PHP 5.5+ if you must use PBKDF2 but just use password_hash) for the thread here https://twitter.com/spazef0rze/status/1050436425559302147
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function hashPbkdf2($algorithm, $password, $salt, $iterations, $length = 0) | |
| { | |
| // Number of blocks needed to create the derived key | |
| $blocks = ceil($length / strlen(hash($algorithm, null, true))); | |
| $digest = ''; | |
| for ($i = 1; $i <= $blocks; $i++) { | |
| $ib = $block = hash_hmac($algorithm, $salt . pack('N', $i), $password, true); | |
| // Iterations | |
| for ($j = 1; $j < $iterations; $j++) { |
spaze
/ haveibeencaffeinated.php
Last active
May 9, 2019 19:04
https://www.michalspacek.com/top-10-coffee-brands-according-to-have-i-been-pwned
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // https://en.wikipedia.org/wiki/Category:Coffee_brands | |
| $covfefes = [ | |
| 'alterracoffeeroasters', | |
| 'angiangcoffee', | |
| 'angelinus', | |
| 'autocrat', | |
| 'barcaffe', | |
| 'batdorfbronson', | |
| 'bewleys', |
spaze
/ cz-stripped-subdomains.txt
Last active
March 3, 2020 18:16
— forked from kokes/cz.txt
.cz domains *potentially* affected by this CAA problem https://letsencrypt.org/caaproblem/ - test at https://unboundtest.com/caaproblem.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Stripped subdomains (foo.example.com => example.com, doesn't mean example.com was in the original list) | |
| # regex [a-z*0-9\-]+\.cz(?=[ \]]) | |
| 05.cz | |
| 0e.cz | |
| 0oo.cz | |
| 1000miglia.cz | |
| 1000oken.cz | |
| 1000zkh.cz | |
| 1001.cz | |
| 1001hry.cz |
spaze
/ find-cve-2020-15227.sh
Last active
April 10, 2025 06:26
CVE-2020-15227 nette/application RCE in-place patch
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Find files in CVE-2020-15227 nette/application issue | |
| # by @spazef0rze | |
| # Run with `bash find-cve-2020-15227.sh`, works on Linux, FreeBSD, tested on Ubuntu 18.04, FreeBSD 11.4 | |
| # This is a universal finder for all affected versions. | |
| # Requirements: find, grep, bash (might work with your default shell but YMMV) | |
| # The fixes: |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function index() | |
| { | |
| echo ascii('xsssk'); | |
| } | |
| function rick() | |
| { | |
| header('Location: https://media.giphy.com/media/Vuw9m5wXviFIQ/giphy.gif', true, 301); | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -----BEGIN CERTIFICATE----- | |
| MIIDoTCCAomgAwIBAgIUHaHTeqKOXVJAuOJtLu3vqYfgVaAwDQYJKoZIhvcNAQEL | |
| BQAwYDELMAkGA1UEBhMCQ1oxDDAKBgNVBAgMA0ZvbzEMMAoGA1UEBwwDQmFyMQww | |
| CgYDVQQKDANCYXoxDjAMBgNVBAsMBVdhbGRvMRcwFQYDVQQDDA5zZWxmLnNpZ25l | |
| ZC5jejAeFw0yMTA2MDUyMTExMjRaFw0yMTA2MDYyMTExMjRaMGAxCzAJBgNVBAYT | |
| AkNaMQwwCgYDVQQIDANGb28xDDAKBgNVBAcMA0JhcjEMMAoGA1UECgwDQmF6MQ4w | |
| DAYDVQQLDAVXYWxkbzEXMBUGA1UEAwwOc2VsZi5zaWduZWQuY3owggEiMA0GCSqG | |
| SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUYp5WfN2Btdd1bg7uMP7nlUO5l4AXZXFq | |
| XIM/Vdv+1tZMaMeKMW9mwYJoXySUNJS5/ix8pPdZL7szGZ8tqMMAisdjmNMfvg0e | |
| mZu9/9yMh7vRDe/KU4u2rKPw4gvZNVx42ptIa1hAecjBwoVxysumBJh9HPo3z1d7 |
spaze
/ README-azure-storage-php-patches.md
Last active
March 24, 2022 17:45
azure-storage-php composer patches for cweagans/composer-patches
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # Optimize images for talk slides | |
| # Run in directory with images, it does the following: | |
| # 1. runs zopfli on all PNGs | |
| # 2. runs guetzli on all JPEGs | |
| # 3. creates lossy and lossless WebP, keeps the smaller one | |
| # 4. keeps the WebP if smaller than original | |
| GREEN=$(tput setaf 2) |
spaze
/ Reveal input details.js
Last active
February 18, 2025 22:37
A bookmarklet code to reveal input field content and details
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Add attributes as title tooltip | |
| document.querySelectorAll('input').forEach(function(element) { | |
| var attributes = []; | |
| for (i = 0; i < element.attributes.length; i++){ | |
| if (element.attributes[i].nodeName.toLowerCase() === 'title') { | |
| continue; | |
| } | |
| if (element.attributes[i].nodeName.toLowerCase() === 'type' && typeof element.originalType !== 'undefined') { | |
| var value = element.originalType; | |
| } else { |