Skip to content

Instantly share code, notes, and snippets.

@hackermondev
hackermondev / zendesk.md
Last active October 31, 2024 16:09
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like support@company.com), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@bramus
bramus / bookmarklet.md
Last active September 20, 2024 07:01
Mastodon User Page Bookmarklet
@mrdoob
mrdoob / WebAudio.js
Last active February 14, 2024 05:02
HTMLAudioElement polyfill using the WebAudio API with seamless loop support in Safari.
/**
* @author mrdoob / http://mrdoob.com/
*/
function WebAudio( context ) {
if ( context === undefined ) {
context = WebAudio.context;
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>UnifiedBar</key>
<dict>
<key>DisclosureRequired</key>
<string>ace440ac-b4f6-4b43-aade-02bba1589aef</string>
<key>Enabled</key>
<false/>
html {
scroll-behavior: smooth;
}
@media (prefers-reduced-motion: reduce) {
html {
scroll-behavior: auto;
}
}
@jamesls
jamesls / alias
Last active January 15, 2023 21:52
AWS CLI v2 upgrade aliases.
[toplevel]
# Put this in ~/.aws/cli/alias
# and you'll have an "aws upgrade"
# and an "aws check-upgrade" command.
#
# Only works on macOS and installs using
# the .pkg installer.
#
upgrade = !f() {
curl -s "https://awscli.amazonaws.com/AWSCLIV2.pkg" -o "/tmp/AWSCLIV2.pkg"
# Script to download all the WWDC 2020 session videos in the highest 4K video and audio
# You may have to update ffmpeg before using this script. I needed version 4.3 or higher to successfully download the videos.
#
# If you want the lower bitrate audio, do a find/replace of "audio_english_192" with "audio_english_64"
# If you want lower bitrate or lower resolution video, do a find/replace of "hvc_2160p_16800" with any of the following:
# "hvc_2160p_11600"
# "hvc_1440p_8100"
# "hvc_1080p_5800"
# "hvc_1080p_4500"
# "hvc_720p_3400"
@pydanny
pydanny / Makefile.bash
Created June 20, 2020 18:10
Fixing OSX Upload Speed
ls:
ls -l /Library/Preferences/SystemConfiguration/
backup:
sudo mv /Library/Preferences/SystemConfiguration/com.apple.airport.preferences.plist ~/projects/wifi-backup
sudo mv /Library/Preferences/SystemConfiguration/com.apple.network.eapolclient.configuration.plist ~/projects/wifi-backup
sudo mv /Library/Preferences/SystemConfiguration/com.apple.wifi.message-tracer.plist ~/projects/wifi-backup
sudo mv /Library/Preferences/SystemConfiguration/NetworkInterfaces.plist ~/projects/wifi-backup
sudo mv /Library/Preferences/SystemConfiguration/preferences.plist ~/projects/wifi-backup
@chriseidhof
chriseidhof / boilerplate.swift
Last active August 20, 2024 07:48
QuickMacApp
// Run any SwiftUI view as a Mac app.
import Cocoa
import SwiftUI
NSApplication.shared.run {
VStack {
Text("Hello, World")
.padding()
.background(Capsule().fill(Color.blue))