Skip to content

Instantly share code, notes, and snippets.

View VitalySalnikov's full-sized avatar

Vitaly Salnikov VitalySalnikov

View GitHub Profile
require 'msf/core'
class Metasploit3 < Msf::Exploit::Remote
Rank = ExcellentRanking
@@trav_string = '%5c%2e%2e%2f'
include Msf::Exploit::Remote::HttpClient
def initialize(info = {})
super(update_info(info,
h = { [] => :ok }
p h[[]] # ok
h = { [:lol] => :ok }
p h[[:lol]] # ok
h = { [] => :ok }
h.first.first << :lol
p h[[:lol]] # nil
@ricardo-rossi
ricardo-rossi / ElasticSearch.sh
Last active December 1, 2023 04:55
Installing ElasticSearch on Ubuntu 14.04
#!/bin/bash
### USAGE
###
### ./ElasticSearch.sh 1.7 will install Elasticsearch 1.7
### ./ElasticSearch.sh will fail because no version was specified (exit code 1)
###
### CLI options Contributed by @janpieper
### Check http://www.elasticsearch.org/download/ for latest version of ElasticSearch
@eelsivart
eelsivart / heartbleed.py
Last active June 7, 2024 02:16 — forked from sh1n0b1/ssltest.py
Heartbleed (CVE-2014-0160) Test & Exploit Python Script
#!/usr/bin/python
# Modified by Travis Lee
# Last Updated: 4/21/14
# Version 1.16
#
# -changed output to display text only instead of hexdump and made it easier to read
# -added option to specify number of times to connect to server (to get more data)
# -added option to send STARTTLS command for use with SMTP/POP/IMAP/FTP/etc...
# -added option to specify an input file of multiple hosts, line delimited, with or without a port specified (host:port)
@joernchen
joernchen / bounty.txt
Created February 22, 2014 16:17
Bounty writeup
GitHub RCE by Environment variable injection Bug Bounty writeup
Disclaimer: I'll keep this really short but I hope you'll get the key points.
GitHub blogged a while ago about some internal tool called gerve:
https://github.com/blog/530-how-we-made-github-fast
Upon git+sshing to github.com gerve basically looks up your permission
on the repo you want to interact with. Then it bounces you further in
another forced SSH session to the back end where the repo actually is.
# Example:
#
# class EditForm < FormModel
# model :a
#
# attribute :title, String
#
# validates :title, presence: true
# end
#
@svartalf
svartalf / elasticsearch_ru_stemming_and_morphology.py
Last active January 13, 2022 12:21
Example of the ElasticSearch configuration for russian stemming and morphology
requests.put('http://localhost:9200/site/', data=json.dumps({
'settings': {
'analysis': {
'analyzer': {
'ru': {
'type': 'custom',
'tokenizer': 'standard',
"filter": ['lowercase', 'russian_morphology', 'english_morphology', 'ru_stopwords'],
},
},
@them0nk
them0nk / rspec_rails_cheetsheet.rb
Created March 23, 2012 03:39
Rspec Rails cheatsheet (include capybara matchers)
#Model
@user.should have(1).error_on(:username) # Checks whether there is an error in username
@user.errors[:username].should include("can't be blank") # check for the error message
#Rendering
response.should render_template(:index)
#Redirecting
response.should redirect_to(movies_path)

Transactions

As your business logic gets complex you may need to implement transactions. The classic example is a bank funds transfer from account A to account B. If the withdrawal from account A fails then the deposit to account B should either never take place or be rolled back.

Basics

All the complexity is handled by ActiveRecord::Transactions. Any model class or instance has a method named .transaction. When called and passed a block, that block will be executed inside a database transaction. If there's an exception raised, the transaction will automatically be rolled back.

Example

@zhengjia
zhengjia / capybara cheat sheet
Created June 7, 2010 01:35
capybara cheat sheet
=Navigating=
visit('/projects')
visit(post_comments_path(post))
=Clicking links and buttons=
click_link('id-of-link')
click_link('Link Text')
click_button('Save')
click('Link Text') # Click either a link or a button
click('Button Value')