Timlukas Bloch Timi7007

## snow.py
# This Script uses the following dependancies
# pip install nums_from_string
#
# To Run this script type:
# python snow.py <Log File Name>
#
# Example:
# python snow.py snow.log
#
# Written By Allstreamer_

## snowstats.sh
#!/bin/bash --posix

docker logs snowflake-proxy 2>&1 | grep --color=auto 'Traffic Relayed' | awk '
{
    # Extract the download and upload values
    down[1] = $14
    down[2] = $15
    gsub(/[^a-zA-Z]/, "", down[2])
    up[1] = $17
    up[2] = $18

## 99-lesekopf.rules
SUBSYSTEMS=="usb", ATTRS{idProduct}=="ea60", ATTRS{idVendor}=="10c4", ATTRS{serial}=="015AE1E8", SYMLINK+="ttyUSBlesekopf0", GROUP="dialout", MODE="0660", RUN+="/etc/openhab2/others/setupLesekopf0.sh"
SUBSYSTEMS=="usb", ATTRS{idProduct}=="ea60", ATTRS{idVendor}=="10c4", ATTRS{serial}=="015ADDC3", SYMLINK+="ttyUSBlesekopf1", GROUP="dialout", MODE="0660", RUN+="/etc/openhab2/others/setupLesekopf1.sh"

## index.php
<?php
// Tor Check : https://gist.github.com/TheRealBastiaan/889b4ec5fafd928e0de2
function IsTorExitPoint($ip=null){
    $ip = ($ip) ? $ip : $_SERVER['REMOTE_ADDR'];
    if (gethostbyname(ReverseIPOctets($ip).".".$_SERVER['SERVER_PORT'].".".ReverseIPOctets($_SERVER['SERVER_ADDR']).".ip-port.exitlist.torproject.org")=="127.0.0.2") {
        return true;
    } else {
       return false;
    }
}

## SKS Privacy
Privacy

There are three categories of data relevant to privacy here: the public keys stored; the HTTP/HKP requests made to access/upload/retrieve those keys; what I as a keyserver operator might do with those requests (logs).

For the public keys: the SKS keyserver pool, run globally by disparate individuals with no formal affiliation, is currently an append-only store, designed to protect against attempts to remove data. Once a key has been uploaded, that data is part of the public record, designed to allow anyone to attempt to verify the name binding within the key, using the public attestations by others about the identity of the key (key signatures). Keys not intended for public disclosure should not be uploaded, nor shared to people who might upload the keys of others. Note that there's no protection against fraudulent keys, with bindings of any name to any email address, and there is no basis to believe any such pairing without first proceeding through evaluation of the public attestations.

The reques

## wildcard-certificates.md

      
              1 file
            
          
              5 forks
            
          
              19 comments
            
          
              75 stars
            
          
                joepie91
                / wildcard-certificates.md
            
            
              Last active
              June 3, 2024 02:07
            
              
                Why you probably shouldn't use a wildcard certificate
              
          
    Recently, Let's Encrypt launched free wildcard certificates. While this is good news in and of itself, as it removes one of the last remaining reasons for expensive commercial certificates, I've unfortunately seen a lot of people dangerously misunderstand what wildcard certificates are for.
Therefore, in this brief post I'll explain why you probably shouldn't use a wildcard certificate, as it will put your security at risk.
A brief explainer

It's generally pretty poorly understood (and documented!) how TLS ("SSL") works, so let's go through a brief explanation of the parts that are important here.
The general (simplified) idea behind how real-world TLS deployments work, is that you:

  
## pwnd.js
addEventListener('fetch', event => {
  event.respondWith(fetchAndCheckPassword(event.request))
})

async function fetchAndCheckPassword(req) {
  if (req.method == "POST") {
    try {
      const post = await req.formData();
      const pwd = post.get('password')
      const enc = new TextEncoder("utf-8").encode(pwd)

## trrprefs.md

      
              1 file
            
          
              13 forks
            
          
              38 comments
            
          
              80 stars
            
          
                bagder
                / trrprefs.md
            
            
              Last active
              December 27, 2022 05:17
            
              
                This once held TRR prefs. Now it has moved.
              
          
    NOTE

This content has moved.
Please go to bagder/TRRprefs for the current incarnation of the docs, and please help us out polish and maintain this documentation!

  
## curl_pia.php
		$curl = curl_init();
		$url = 'http://www.url_you_want_to_scrape.com';
		$username = 'username'; // substitute your PIA PPTP/L2TP/SOCKS username (different from regular PIA username)
		$password = 'password'; // substitute your PIA PPTP/L2TP/SOCKS password (different from regular PIA password)
		$pia_url = 'proxy-nl.privateinternetaccess.com:1080'; // current one should be here: https://helpdesk.privateinternetaccess.com/hc/en-us/articles/236265587-Can-I-Use-SOCKS5-
		curl_setopt_array($curl, array(
		    CURLOPT_RETURNTRANSFER => 1,
		    CURLOPT_URL => $url,
			  CURLOPT_PROXYTYPE => CURLPROXY_SOCKS5,
			  CURLOPT_PROXY => 'socks5://' . $username . ':' . $password . '@' . $pia_url,

## gist:e22e50cd52b7dffcf5a4db2b8ea4cce0

      
              1 file
            
          
              6 forks
            
          
              18 comments
            
          
              29 stars
            
          
                simonster
                / gist:e22e50cd52b7dffcf5a4db2b8ea4cce0
            
            
              Created
              April 19, 2017 20:21
            
              
                Next Generation MITnet
              
          
    To the members of the MIT community:
We are writing to inform you of plans to upgrade the MIT campus network, and in particular to upgrade MIT to the next generation of Internet addressing. (Please note that no action is required on your part.)
Machines on the Internet are identified by addresses. The current addressing scheme, called IPv4, was specified around 1980, and allowed for about 4 billion addresses. That seemed enough at the time, which was before local area networks, personal computers and the like, but the Internet research community recognized around 1990 that this supply of addresses was inadequate, and put in place a plan to replace the IPv4 addresses with a new address format, called IPv6. IPv6 uses a 128-bit address scheme and is capable of 340 undecillion addresses (340 times 10^36, or 340 trillion trillion trillion possible IP addresses). This stock of addresses allows great flexibility in how addresses are assigned to hosts, for example allowing every host to use a range of addresses to
	# This Script uses the following dependancies
	# pip install nums_from_string
	#
	# To Run this script type:
	# python snow.py <Log File Name>
	#
	# Example:
	# python snow.py snow.log
	#
	# Written By Allstreamer_
	#!/bin/bash --posix

	docker logs snowflake-proxy 2>&1 \| grep --color=auto 'Traffic Relayed' \| awk '
	{
	# Extract the download and upload values
	down[1] = $14
	down[2] = $15
	gsub(/[^a-zA-Z]/, "", down[2])
	up[1] = $17
	up[2] = $18
	SUBSYSTEMS=="usb", ATTRS{idProduct}=="ea60", ATTRS{idVendor}=="10c4", ATTRS{serial}=="015AE1E8", SYMLINK+="ttyUSBlesekopf0", GROUP="dialout", MODE="0660", RUN+="/etc/openhab2/others/setupLesekopf0.sh"
	SUBSYSTEMS=="usb", ATTRS{idProduct}=="ea60", ATTRS{idVendor}=="10c4", ATTRS{serial}=="015ADDC3", SYMLINK+="ttyUSBlesekopf1", GROUP="dialout", MODE="0660", RUN+="/etc/openhab2/others/setupLesekopf1.sh"
	<?php
	// Tor Check : https://gist.github.com/TheRealBastiaan/889b4ec5fafd928e0de2
	function IsTorExitPoint($ip=null){
	$ip = ($ip) ? $ip : $_SERVER['REMOTE_ADDR'];
	if (gethostbyname(ReverseIPOctets($ip).".".$_SERVER['SERVER_PORT'].".".ReverseIPOctets($_SERVER['SERVER_ADDR']).".ip-port.exitlist.torproject.org")=="127.0.0.2") {
	return true;
	} else {
	return false;
	}
	}
	Privacy

	There are three categories of data relevant to privacy here: the public keys stored; the HTTP/HKP requests made to access/upload/retrieve those keys; what I as a keyserver operator might do with those requests (logs).

	For the public keys: the SKS keyserver pool, run globally by disparate individuals with no formal affiliation, is currently an append-only store, designed to protect against attempts to remove data. Once a key has been uploaded, that data is part of the public record, designed to allow anyone to attempt to verify the name binding within the key, using the public attestations by others about the identity of the key (key signatures). Keys not intended for public disclosure should not be uploaded, nor shared to people who might upload the keys of others. Note that there's no protection against fraudulent keys, with bindings of any name to any email address, and there is no basis to believe any such pairing without first proceeding through evaluation of the public attestations.

	The reques
	addEventListener('fetch', event => {
	event.respondWith(fetchAndCheckPassword(event.request))
	})

	async function fetchAndCheckPassword(req) {
	if (req.method == "POST") {
	try {
	const post = await req.formData();
	const pwd = post.get('password')
	const enc = new TextEncoder("utf-8").encode(pwd)
	$curl = curl_init();
	$url = 'http://www.url_you_want_to_scrape.com';
	$username = 'username'; // substitute your PIA PPTP/L2TP/SOCKS username (different from regular PIA username)
	$password = 'password'; // substitute your PIA PPTP/L2TP/SOCKS password (different from regular PIA password)
	$pia_url = 'proxy-nl.privateinternetaccess.com:1080'; // current one should be here: https://helpdesk.privateinternetaccess.com/hc/en-us/articles/236265587-Can-I-Use-SOCKS5-
	curl_setopt_array($curl, array(
	CURLOPT_RETURNTRANSFER => 1,
	CURLOPT_URL => $url,
	CURLOPT_PROXYTYPE => CURLPROXY_SOCKS5,
	CURLOPT_PROXY => 'socks5://' . $username . ':' . $password . '@' . $pia_url,