Skip to content

Instantly share code, notes, and snippets.

View captn3m0's full-sized avatar

Nemo captn3m0

1.7k followers · 775 following
View GitHub Profile
@captn3m0
captn3m0 / index.html
Created June 16, 2012 10:13 — forked from demonslayer68/Injection attacks.md
a simple guide to injection attacks
<html>
<body>
<form action='submit.php' method='get'>
Enter your name : <input type='text' name='name' /><br />
<input type='submit' value='Submit' />
</form>
</body>
</html>
@captn3m0
captn3m0 / index.mkd
Created June 18, 2012 05:59
Browsing the web without Javascript and Images

The only connection available to me right now is a limited 3g connection, which I try not to squander over huge images/media on the internet. My browser is chromium, on linux, and I tend to use Opera 11 (turbo mode) frequently as well.

Just as an experiment, I disabled images & javascript from my browser a few weeks back. What all have I got?

  • Faster pages (I use http://google.com/xhtml occasionally to search)
  • Broken websites (http://about.me/n3m0 which don't run on disabling javascript at all)
  • Broken navigation (http://parse.com due to images being used as links. And since chrome does not display <alt> tags properly, it breaks)
  • Reduced Functionality (Gmail refuses to load chat if images are disabled)

Other than the normal chrome content blocking, I also went ahead and installed ghostery addon. It blocks all advertising, and social media junk (no more sharing). However, it is only useful on the occasional sites I have enabled javascript on.

@captn3m0
captn3m0 / index.md
Created August 29, 2012 19:49
Stripe Level 8 Solution

The basic solver I made for the level8. I had to manually edit the file after each chunk, but I was too lazy to implement the chunk loop. Thanks to Bubba on IRC for recommending me to use httplib2 instead of httplib, it took down the jitter by quite a lot.

Python is not my first language, and I would never again use it for such a thing (unless I learn it better). I was trying with ruby, but didn't get the patterns then. I had a semi-working script in python before I learnt better.

The source is here if you are browsing this on gist.io

##Logic I didn't get the increment-by-chunk-number thing, and I was using an average of the port difference between last two requests. The average was 2 for most of my requests. For all the positives, the difference was above the average, which I used. I only ran this once for capturing the flag, when it took me about 5-8 minutes to capture the flag. This was on the last day of the ctf with about 15 hours remaining.

While run

@captn3m0
captn3m0 / backup.md
Created September 2, 2012 22:23
My Backup Plan

This is the backup plan I'm using for my newly-won 1 TB HDD (Thanks Yahoo!).

Partitions

On the Internal HDD (320GB)

  • 50GB / (primary OS) (ext4)
  • 220 GB /home (ext4)
@captn3m0
captn3m0 / dominos.sh
Created September 16, 2012 17:40
Dominos Slot Machine Player
#!/bin/bash
#Play a single round on http://pizzaonline.dominos.co.in/slot-machine/ to get your session_id
until php test_result.php; do
curl -s -H "X-Requested-With:XMLHttpRequest" -X POST -d "session_id=$1" http://pizzaonline.dominos.co.in/slot-machine/process-slot.php -o result.json
done;
@captn3m0
captn3m0 / stylish.css
Created October 8, 2012 07:59
Fix Outlook.com fonts in linux
*{
font-family: "Seogue UI","Ubuntu","Droid Sans","Helvetica" !important;
}
.Snippet, .ExternalClass{
font-family: "Seogue UI","Ubuntu","Droid Sans","Helvetica" !important;
}
/** outlook.com uses calibri, which might be missing, and even if present, faces lots of rendering problems
* This fixes it by replacing it with Segoe UI & the rest of stack
@captn3m0
captn3m0 / youtube.luac
Created December 7, 2012 08:03
Nightly youtube.luac for VLC Player
--[[
$Id$
Copyright © 2007-2012 the VideoLAN team
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
@captn3m0
captn3m0 / 00-port-list.txt
Last active December 16, 2015 14:39
List of outgoing ports opened in the IIT-R campus
21
22
53
80
81
110
161
162
210
443
@captn3m0
captn3m0 / jquery.jsonCache.js
Created September 1, 2013 10:02
JQuery JSON fetch function with cache support ($.getJSONCache)
/**
* Uses localStorage for cache and if misses
* uses getJSON to get content
*/
$.getJSONCache=function(url,data,success){
data = data || {}
var key = url + '?' + $.param(data);
var value = localStorage.getItem(key);
if(value)
{
@captn3m0
captn3m0 / README.md
Created November 24, 2013 15:08
Headless web browsers. Copied over from https://gist.github.com/evandrix/3694955 (now deleted)

Here are a list of headless browsers that I know about:

  • HtmlUnit - Java. Custom browser engine. JavaScript support/DOM emulated. Open source.
  • Ghost - Python only. WebKit-based. Full JavaScript support. Open source.
  • Twill - Python/command line. Custom browser engine. No JavaScript. Open source.
  • PhantomJS - Command line/all platforms. WebKit-based. Full JavaScript support. Open source.
  • Awesomium - C++/.Net/all platforms. Chromium-based. Full JavaScript support. Commercial/free.
  • SimpleBrowser - .Net 4/C#. Custom browser engine. No JavaScript support. Open source.
  • ZombieJS - Node.js. Custom browser engine. JavaScript support/emulated DOM. Open source.
  • EnvJS - JavaScript via Java/Rhino. Custom browser engine. JavaScript support/emulated DOM. Open source.