Skip to content

Instantly share code, notes, and snippets.

View Eriner's full-sized avatar

Matt Hamilton Eriner

124 followers · 39 following
View GitHub Profile
@Eriner
Eriner / fediverse-blocked-in-china-02-19-24.csv
Created February 19, 2024 23:35
Top 1000 Fediverse servers and if they're blocked in China or not
Blocked mastodon.social
Not_Blocked alien.top
Blocked pawoo.net
Not_Blocked daystorm.netz.org
Blocked misskey.io
Blocked mstdn.jp
Not_Blocked joindiaspora.com
Not_Blocked baraag.net
Blocked mastodon.cloud
Not_Blocked pravda.me
@Eriner
Eriner / custom.css
Last active January 17, 2023 20:06
Bring back the Mastodon toots
.compose-form__publish-button-wrapper .button--block {
font-size: 0px;
}
.compose-form__publish-button-wrapper .button--block::after {
content: "Toot!";
font-size: 15px;
vertical-align: middle;
color: #fff;
}
@Eriner
Eriner / .asoundrc
Created December 10, 2015 14:45
# dsnooped input
# dsnooped allows multiple applications to use an input device (microphone)
# without dsnoop, devices are exclusive, and the mic can only be used by one app at a time.
pcm.dsnooped {
type dsnoop
ipc_key 5978293 # must be unique for all dmix plugins!!!!
ipc_key_add_uid yes
slave {
pcm "hw:Microphone"
channels 2
@Eriner
Eriner / docker-compose.yml
Created November 7, 2022 22:40
mastodon-linux-cap-drops
services:
sidekiq:
image: tootsuite/mastodon:v3.5.3
cap_drop:
- ALL
redis:
image: redis:6-alpine
cap_drop:
@Eriner
Eriner / blame-bip-poc.go
Created June 23, 2022 04:41
a poor implementation w/ discarding the 5 most significant bits... will fix after I implement in JS first.
package main
import (
"bytes"
"crypto/md5"
"fmt"
"io/ioutil"
"log"
"os"
"strings"
@Eriner
Eriner / CVE-2021-45099.yaml
Created December 16, 2021 16:27
PoC for github.com/hassio-addons/addon-ssh <= 9.1.1 - CVE-2021-45099
blueprint:
name: PoC for CVE-2021-45099
description: the not-a-vulnerability was patched in github.com/hassio-addons/addon-ssh v10.0.0
domain: automation
input:
boolean:
name: Toggle
description: Some boolean light switch.
selector:
entity:
@Eriner
Eriner / keycloak_dos_cve_2020_10758.zsh
Last active September 4, 2020 23:21
Keycloak <v11.0.1 Content-Length DoS - CVE-2020-10758 - https://www.soluble.ai/blog/keycloak-cve-2020-10758
#!/bin/zsh
# Keycloak Vuln disclosure: https://www.soluble.ai/blog/keycloak-cve-2020-10758
#
# LWN post about HTTP POST Content-Length DoS: https://lwn.net/Articles/418017/
#
# Original research by Wong Onn Chee in 2010: http://www.owasp.org/images/4/43/Layer_7_DDOS.pdf
i=20
host="http://mykeycloakinstall.example:9000"
@Eriner
Eriner / CAs.txt
Last active May 19, 2020 21:51
Enabled CAs
AAA Certificate Services
Amazon Root CA*
Apple Root*
Apple Worldwide Developer Relations Certificate Authority
Baltimore CyberTrust Root
com.apple.kerberos.kdc
com.apple.systemdefault
COMODO Certification Authority
COMODO ECC Certification Authority
COMODO RSA Certification Authority
@Eriner
Eriner / audit.json
Created February 19, 2020 10:59
Kubernets Audit JSON Sample
{
"kind": "Event",
"apiVersion": "audit.k8s.io/v1",
"level": "Request",
"auditID": "547daa8a-bed4-33a2-7bd4-43341aab43ae",
"stage": "RequestReceived",
"requestURI": "/apis/extensions/v1beta1/namespaces/default/deployments/soluble-deployment/scale",
"verb": "update",
"user": {
"username": "kubernetes-admin",
@Eriner
Eriner / compress_it.zsh
Last active February 24, 2018 09:55
Brotli and Zopfli compression script for my blog's static resources.
#!/usr/bin/env zsh
# https://gist.github.com/Eriner/6be8c43d8aff8134f7d8fb547612aadf
filetypes=(html xml css)
zcomp() {
print "zopfli compressing ${1}"
for file in ./_site/**/*.${1}; do
zopfli --i1000 ${file}
done