Because I'll forget how to do this...
crop=w:h:x:y
ffmpeg -i in.mp4 -filter:v "crop=900:700:0:50" out.mp4
I spent the weekend meeting hackers in Vegas, and I got talking to one of them about CRLF Injection. They'd not seen many CRLF Injection vulnerabilities in the wild, so I thought I'd write up an example that's similar to something I found a few months ago.
If you're looking for bugs legally through a program like hackerone, or you're a programmer wanting to write secure PHP: this might be useful to you.
| <?php | |
| // OK, so here's the hex from the instructions... | |
| $lines =<<<LINES | |
| 7b 0a 20 a0 22 65 76 e5 | |
| 6e 74 22 ba 20 22 70 e1 | |
| 73 73 77 ef 72 64 5f e3 | |
| 68 61 6e e7 65 22 2c 8a | |
| 20 20 22 f5 73 65 72 ee | |
| 61 6d 65 a2 3a 20 22 e2 | |
| 63 6f 6c ec 69 6e 22 ac |
IT WAS A DARK AND STORMY^w^w^w^w^w^wIt was a bright and sunny Tuesday afternoon. Tom had just arrived back at the office after a trip to down south. He'd been to a dinner in London; helping HackerOne give new and prospective customers advice on their bug bounty programs.
With the few emails he'd received responded to: he span in his chair, sipping at his coffee, wondering how to best to limber up his brain into 'work mode' after a night of free drinks. His aging neurons creaked and
| // How many ways can you alert(document.domain)? | |
| // Comment with more ways and I'll add them :) | |
| // I already know about the JSFuck way, but it's too long to add (: | |
| // Direct invocation | |
| alert(document.domain); | |
| (alert)(document.domain); | |
| al\u0065rt(document.domain); | |
| al\u{65}rt(document.domain); | |
| window['alert'](document.domain); |
| #!/bin/bash | |
| dir=$1 | |
| if [ ! -d "$dir" ]; then | |
| echo "no dir" | |
| exit | |
| fi | |
| find "$dir" -type f -name "*.pdf" | sort | while read file; do | |
| evince -s "$file" |
| javascript:d=document;b=d.createElement`textarea`;c=d.getSelection();b.textContent=[...d.querySelectorAll`div.r>a:first-child`].map(n=>n.href).join`\n`;d.body.appendChild(b);c.removeAllRanges();b.select();d.execCommand`copy`;d.body.removeChild(b) |
| plain | |
| |
| 0Z0mQ130F65E8wD | |
| 1QAZXsw2 | |
| 3dodPaTXF5 | |
| 5E84F90 | |
| 5aQNxsB58752fNl | |
| 5ciuk1sy | |
| 5zkfAr9Y8k6qosP | |
| 8PuNNgp9wm2w | |
| 9Lug*96q | |
| 14mR00t |
| /.s3cfg | |
| /phpunit.xml | |
| /nginx.conf | |
| /.vimrc | |
| /LICENSE.md | |
| /yarn.lock | |
| /Gulpfile | |
| /Gulpfile.js | |
| /composer.json | |
| /.npmignore |