Skip to content

Instantly share code, notes, and snippets.

Avatar
📦
There's a box for that

Brad Wood bdw429s

📦
There's a box for that
View GitHub Profile
@bdw429s
bdw429s / task.cfc
Last active Feb 23, 2022
Scan a folder of jars recursively for CVE-2021-44228 vulnerability
View task.cfc
/**
* Scan all jars in folder recursivley for log4j vuln
*/
component {
property name="progressableDownloader" inject="ProgressableDownloader";
property name="progressBar" inject="ProgressBar";
/**
* @scanPath absolute or relative path to folder to look for jars
*/
View gist:8c6991423fb8e5521edeea6ffdf5a15e
LDEV-3473 - Lower log level to info to keep from blowing up production logs
LDEV-3735 - QoQ allows divide by zero
LDEV-3830 - remove optimization to ensure distincts
LDEV-3822 - stricter QoQ order by validation
LDEV-3823 - SELECT DISTINCT with ORDER BY in QoQ incompatibility - ACF
LDEV-3801 - ArrayIndexOutOfBoundsException in QoQ with using ORDER BY
LDEV-3522 - QoQ cast()/convert() functions not fully implemented
LDEV-3736 - QoQ doesn't convert empty strings to 0 in arithmetic operations
LDEV-3734 - QoQ treats nulls differently than real DB's in arithmetic expressions
LDEV-3804 - Throw exception, don't return it
View gist:90e982de376177854cb606b0d97ea5d9
<cfscript>
foo = 'bar';
```
<cfset baz = foo>
<cfscript>
bum = baz;
```
<cfdump var="#bum#">
@bdw429s
bdw429s / task.cfc
Created Oct 6, 2021
CommandBox Task Runner for creating Screenshot of website with Microsoft's Playwright lib
View task.cfc
component {
function run( webURL='https://www.ortussolutions.com' ) {
if( !directoryExists( resolvePath( 'lib' ) ) ) {
command( 'install "jar:https://search.maven.org/remotecontent?filepath=com/microsoft/playwright/playwright/1.15.2/playwright-1.15.2.jar"' ).run();
command( 'install "jar:https://search.maven.org/remotecontent?filepath=com/microsoft/playwright/driver-bundle/1.15.2/driver-bundle-1.15.2.jar"' ).run();
command( 'install "jar:https://search.maven.org/remotecontent?filepath=com/microsoft/playwright/driver/1.15.2/driver-1.15.2.jar"' ).run();
command( 'install "jar:https://search.maven.org/remotecontent?filepath=org/netbeans/external/com-google-gson/RELEASE113/com-google-gson-RELEASE113.jar"' ).run();
}
@bdw429s
bdw429s / STIG-CFConfig.json
Created Jan 27, 2020
Here is an example lockdown for a ColdFusion server that can be applied via CFConfig
View STIG-CFConfig.json
{
"adminAllowConcurrentLogin":false,
"adminAllowedIPList":"127.0.0.1,192.168.50.10",
"adminLoginRequired":true,
"adminRDSEnabled":"false",
"adminRDSLoginRequired":"true",
"adminRDSUserIDRequired":false,
"adminRootUserID":"cfadm",
"adminUserIDRequired":true,
"ajaxDebugWindowEnabled":false,
View gist:25db10d3f8a1b4df1826b8eca96e1d8f
176.58.112.34 lucee.org
205.210.189.210 download.lucee.org extension.lucee.org release.lucee.org update.lucee.org
99.84.216.74 cdn.lucee.org
@bdw429s
bdw429s / task.cfc
Created Jan 17, 2019
CommandBox Task Runner to download packages from RiaForge
View task.cfc
/**
* Scrape all the binaries from RiaForge
*/
component {
property name="progressableDownloader" inject="ProgressableDownloader";
property name="progressBar" inject="ProgressBar";
function run() {
directoryCreate( resolvePath( 'downloads' ), true, true );
var projects = deserializeJSON( fileRead( 'http://riaforge.org/index.cfm?event=json.projects' ) );
View byteCodeSize.cfm
<cfscript>
/*
This script will take a relative path to a CFC or CFM file in your application, analyze it's corresponding bytecode and
measure approximately how many Bytes of bytecode were generated for each line of your CFML code. There's not any one-to-one
correlation between CFML code and bytecode. Some lines of your source code generate no bytecode such as comments or whitespace.
Other lines of CFML code may generate hundreds of bytes of code.
This is more for the fun of it. It has been tested on Lucee 5.2.9.31. It will not work on Adobe and may cease to work on
future versions of Lucee if the BCEL library is no longer bundled by default.
*/
@bdw429s
bdw429s / slackFileDelete.cfc
Last active May 22, 2018
This is a CommandBox Task Runner that will delete file from your Slack team that are older than 30 days. Please see the first comment for usage instructions.
View slackFileDelete.cfc
/**
* Delete Slack files older than 30 days
*/
component {
function run( token='', user='' ) {
if( !token.len() ) {
error( 'Need an API token provided. Edit this task or pass it as ":token=foobar".' );
}
View gist:747e993d40ab1af5e7d843fce2fe23f6
component {
function run() {
var terminal = shell.getReader().getTerminal();
var capability = createObject( 'java', 'org.jline.utils.InfoCmp$Capability' );
var keys = createObject( 'java', 'org.jline.keymap.KeyMap' );
var bindingReader = createObject( 'java', 'org.jline.keymap.BindingReader' ).init( terminal.reader() );
keys.bind( capability.key_left.name(), keys.key( terminal, capability.key_left ) );