Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

View arkadiyt's full-sized avatar

Arkadiy Tetelman arkadiyt

591 followers · 0 following
View GitHub Profile
@arkadiyt
arkadiyt / [Case: 77-1226277] Your Request to Google
Created March 5, 2022 16:06
Hello,
Google was notified that your Chrome Web Store item, “Zoom Redirector" with ID fmaeeiocbalinknpdkjjfogehkdcbkcd, allegedly infringes upon the trademark(s) of other(s).
As a result, your item was removed from the Chrome Web Store.
We have attached a copy of the original notice we received for your reference. If you have any questions or concerns about this issue, please address them directly to the complainant: enf.zoom.1704282@enfappdetex.com.
If the complainant responds to the original trademark notice to authorize the republishing of your item, and your item does not otherwise violate the Developer Terms of Service, Program Policies or Branding Guidelines, we will reinstate it. Otherwise, if your account is still in good standing and the nature of your item allows for republishing, you may consider releasing a new, non-infringing version of your item to the Chrome Web Store under a new package name. These are the only avenues for reinstatement. Any attempts to republish this extension will be den
@arkadiyt
arkadiyt / fintech_password_requirements.txt
Created February 2, 2022 22:51
Vanguard:
- Your new password must have 6–20 characters, with at least 2 letters and 2 numbers.
Bank of America:
- Contain 8 to 20 characters
- Have at least 1 uppercase letter, 1 lowercase letter, and 1 number
- Not repeat the same number or letter more than 3 times in a row
- Not include spaces, and contain only the following special characters: @ # * ( ) + = { } / ? ~ ; , . - _
Chase:
@arkadiyt
arkadiyt / sagemaker-canvas.txt
Created December 15, 2021 17:07
Hello,
This message will help you determine if your Amazon SageMaker Canvas App is affected by the issue disclosed in CVE-2021-44228 [1] relating to Apache Log4j, and provide steps you can take to address the issue. Please note that these actions will not delete any of your datasets or model but will only apply the fix in the app needed for remediating the CVE.
1) Determine regions in which you have created a Canvas App.
2) Search Amazon SageMaker in AWS Console and click on it. This will take you to SageMaker Console Dashboard.
3) In the left Navigation, under “SageMaker Domain”, click on “Canvas”. This will take you to the list of domain users you have created.
@arkadiyt
arkadiyt / torrc
Created March 23, 2021 06:05
## Configuration file for a typical Tor user
## Last updated 28 February 2019 for Tor 0.3.5.1-alpha.
## (may or may not work for much older or much newer versions of Tor.)
##
## Lines that begin with "## " try to explain what's going on. Lines
## that begin with just "#" are disabled commands: you can enable them
## by removing the "#" symbol.
##
## See 'man tor', or https://www.torproject.org/docs/tor-manual.html,
## for more options you can use in this file.
@arkadiyt
arkadiyt / token.rb
Last active January 12, 2023 20:01
Generate signed tokens in ruby
require 'base64'
require 'json'
require 'openssl'
require 'time'
def secure_compare(a, b)
return false unless a.bytesize == b.bytesize
l = a.unpack "C#{a.bytesize}"
@arkadiyt
arkadiyt / assume-exec.sh
Created December 1, 2019 17:37
#!/usr/bin/env bash
set -e
# Usage:
# ./assume-exec.sh --role-arn=<role-to-assume> \
# --role-session-name=<name-for-session> \
# --external-id=<external-id> -- <command-to-run>
while [ $# -gt 0 ]; do
case "$1" in
@arkadiyt
arkadiyt / cryptopals_set_8.md
Last active April 25, 2023 11:19
Cryptopals Set 8

Cryptopals is a set of cryptographic challenges, originally published here: https://cryptopals.com

Set 8 of the challenges was never published publicly, until late March 2018. However the cryptopals website was not updated to include the challenges. This gist compiles the 8th set of the Cryptopals challenges.

title link
57. Diffie-Hellman Revisited: Small Subgroup Confinement https://toadstyle.org/cryptopals/513b590b41d19eff3a0aa028023349fd.txt
58. Pollard's Method for Catching Kangaroos https://toadstyle.org/cryptopals/3e17c7b35fcf491d08c989081ed18c9a.txt
59. Elliptic Curve Diffie-Hellman and Invalid-Curve Attacks https://toadstyle.org/cryptopals/a0833e607878a80fdc0808f889c721b1.txt
@arkadiyt
arkadiyt / main.py
Last active January 18, 2024 00:12
import boto3
import certbot.main
import datetime
import os
import raven
import subprocess
def read_and_delete_file(path):
with open(path, 'r') as file:
contents = file.read()
@arkadiyt
arkadiyt / writeup.md
Created August 30, 2017 03:24
Rubygems vulnerability writeup

Rubygems blog post: http://blog.rubygems.org/2017/08/27/2.6.13-released.html

Ruby-lang blog post: https://www.ruby-lang.org/en/news/2017/08/29/multiple-vulnerabilities-in-rubygems/

1) "a DNS request hijacking vulnerability"

Description:

Rubygems supports a gem server discovery mechanism, where if you set your gem source as https://example.com, the gem client will do a SRV dns lookup on _rubygems._tcp.example.com to determine where it should send requests to. A MITM can intercept that dns request and return whatever server they want, forcing the gem client to download code from a malicious server.

@arkadiyt
arkadiyt / whoishiring.csv
Created August 2, 2017 05:39
Month Link
August 2017 https://news.ycombinator.com/item?id=14901313
July 2017 https://news.ycombinator.com/item?id=14688684
June 2017 https://news.ycombinator.com/item?id=14460777
May 2017 https://news.ycombinator.com/item?id=14238005
April 2017 https://news.ycombinator.com/item?id=14023198
March 2017 https://news.ycombinator.com/item?id=13764728
February 2017 https://news.ycombinator.com/item?id=13541679
January 2017 https://news.ycombinator.com/item?id=13301832
December 2016 https://news.ycombinator.com/item?id=13080280