Skip to content

Instantly share code, notes, and snippets.

View arunstar's full-sized avatar
🎯
Focusing

Arun arunstar

🎯
Focusing
View GitHub Profile
@hackermondev
hackermondev / zendesk.md
Last active November 4, 2024 21:26
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like support@company.com), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

Intended solve process

For this challenge, we are given a python file with the following source:

#!/usr/local/bin/python3
import signal
from time import sleep
from random import random, getrandbits

flag = open('flag.txt').read()
def die(*args):
(?i)((access_key|access_token|admin_pass|admin_user|algolia_admin_key|algolia_api_key|alias_pass|alicloud_access_key|amazon_secret_access_key|amazonaws|ansible_vault_password|aos_key|api_key|api_key_secret|api_key_sid|api_secret|api.googlemaps AIza|apidocs|apikey|apiSecret|app_debug|app_id|app_key|app_log_level|app_secret|appkey|appkeysecret|application_key|appsecret|appspot|auth_token|authorizationToken|authsecret|aws_access|aws_access_key_id|aws_bucket|aws_key|aws_secret|aws_secret_key|aws_token|AWSSecretKey|b2_app_key|bashrc password|bintray_apikey|bintray_gpg_password|bintray_key|bintraykey|bluemix_api_key|bluemix_pass|browserstack_access_key|bucket_password|bucketeer_aws_access_key_id|bucketeer_aws_secret_access_key|built_branch_deploy_key|bx_password|cache_driver|cache_s3_secret_key|cattle_access_key|cattle_secret_key|certificate_password|ci_deploy_password|client_secret|client_zpk_secret_key|clojars_password|cloud_api_key|cloud_watch_aws_access_key|cloudant_password|cloudflare_api_key|cloudflare_auth_k
import requests
import sys
import json
def waybackurls(host, with_subs):
if with_subs:
url = 'http://web.archive.org/cdx/search/cdx?url=*.%s/*&output=json&fl=original&collapse=urlkey' % host
else:
url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host
@mdonkers
mdonkers / server.py
Last active November 2, 2024 09:51
Simple Python 3 HTTP server for logging all GET and POST requests
#!/usr/bin/env python3
"""
License: MIT License
Copyright (c) 2023 Miel Donkers
Very simple HTTP server in python for logging requests
Usage::
./server.py [<port>]
"""
from http.server import BaseHTTPRequestHandler, HTTPServer
@vielhuber
vielhuber / script.sh
Last active October 30, 2024 01:42
PostgreSQL: Backup and restore export import pg_dump with password on command line #sql
# best practice: linux
nano ~/.pgpass
*:5432:*:username:password
chmod 0600 ~/.pgpass
# best practice: windows
edit %APPDATA%\postgresql\pgpass.conf
*:5432:*:username:password
# linux
public class ApiClient {
private static final String URL = "";
private static Retrofit mRetrofit = null;
public static Retrofit getInstance() {
if (mRetrofit == null) {
mRetrofit = new Retrofit.Builder()
@mjohnsullivan
mjohnsullivan / TimerActivity.java
Created July 9, 2015 13:15
Example of how to create a long running timer service that survives activity destruction by moving to the foreground, and back to the background when a new activity bind to it.
//
// Copyright 2015 Google Inc. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
@fhferreira
fhferreira / rename.sh
Last active May 20, 2022 08:54
Rename "-" to "_" hyphens to underscores in linux
#go to your directory with cd /tmp/images (Sample) and run this command.
for i in *-*;do mv $i ${i//"-"/"_"};done
@niksumeiko
niksumeiko / git.migrate
Last active November 1, 2024 03:33
Moving git repository and all its branches, tags to a new remote repository keeping commits history
#!/bin/bash
# Sometimes you need to move your existing git repository
# to a new remote repository (/new remote origin).
# Here are a simple and quick steps that does exactly this.
#
# Let's assume we call "old repo" the repository you wish
# to move, and "new repo" the one you wish to move to.
#
### Step 1. Make sure you have a local copy of all "old repo"
### branches and tags.