throwaway96

News

New exploit for webOS 3.5+: DejaVuln (2024-04-21)

See dejavuln-autoroot for a simpler exploit that works on webOS 3.5+ TVs (i.e., models from 2017 and later). It is unpatched as of 2024-04-21 and does not require Developer Mode or even a network connection—just a USB drive.

Otherwise:

• If you have a webOS 5–8 TV with old enough firmware, WTA (which does not require Dev Mode) will still work.
• If you have a webOS 4.x TV, you can also try CVE-2023-6319, which is unpatched on the latest (final?) firmware for webOS 4.0 (2018) models.
• While there will eventually be fully software-based exploits released for older models, they can currently be rooted via NVM.

miguelmota

Install google authenticator

sudo pacman -S libpam-google-authenticator
sudo pacman -S qrencode

Edit pam config

elisescu

Nginx config

My nginx config. I honestly don't remember the details of all parts of the config, but I do remember having to do something explicit about the websockets connections, which initially were not allowed by the proxy. I should update the documentation of the repo one day, when I will get some time :).

nginx config for the web/browser side (http+websockets connection)

http {
    upstream tty-server {
        server localhost:8010;

AffanIndo

# You always need to import ranger.api.commands here to get the Command class:
from ranger.api.commands import *

# My additional commands
class terminal(Command):
    """:terminal

    Open new tmux split in the current directory.
    """
    def execute(self):

plembo

You need spice-vdagent

Debian or Kali Linux installed to as KVM (libvirtd) guests do not automatically have qemu-guest-agent or spice-vdagent installed. This will prevent seamless movement of the mouse cursor between the guest and host desktop in Virtual Machine Manager (requiring the use of a Ctrl-Alt to release the cursor from the guest window).

To cure this, install both qemu-guest-agent and spice-vdagent on each guest and reboot (the guests).

$ sudo apt install qemu-guest-agent
$ sudo apt install spice-vdagent

YumaInaura

Zsh — print command examples ( with help document )

print is zsh law layer command.

For example it probably build zle command behaviour.

If you master it you will get so beautifule zsh style.

Examples

collinbarrett

/*
Windows
    Location: C:\Users\<YourUsername>\AppData\Roaming\Mozilla\Firefox\Profiles\<YourFirefoxProfile>\chrome
    Notes:
        If minimize, maximize, and close buttons are no longer visible, enable the Title Bar or Menu Bar in Firefox Customize.

macOS
    Location: /Users/<YourUsername>/Library/Application Support/Firefox/Profiles/<YourFirefoxProfile>/chrome
    Notes:
        If minimize, maximize, and close buttons overlap other controls, add the Flexible Space in Firefox Customize.

dbtek

# venv_wrapper, manage all virtual environments under ~/.venv/
# Include following in .bashrc / .bash_profile / .zshrc
# See https://gist.github.com/dbtek/fb2ddccb18f0cf63a654ea2cc94c8f19
# Usage
# $ mkvenv myvirtualenv # creates venv under ~/.venv/
# $ venv myvirtualenv   # activates venv
# $ deactivate          # deactivates venv
# $ rmvenv myvirtualenv # removes venv

export VENV_HOME="$HOME/.venv"

StevenACoffman

Mistakes to Avoid: Docker Antipatterns

Whichever route you take to implementing containers, you’ll want to steer clear of common pitfalls that can undermine the efficiency of your Docker stack.

Don’t run too many processes inside a single container

The beauty of containers—and an advantage of containers over virtual machines—is that it is easy to make multiple containers interact with one another in order to compose a complete application. There is no need to run a full application inside a single container. Instead, break your application down as much as possible into discrete services, and distribute services across multiple containers. This maximizes flexibility and reliability.

Don’t install operating systems inside Docker containers

It is possible to install a complete Linux operating system inside a container. In most cases, however, this is not necessary. If your goal is to host just a single application or part of an application in the container, you need to install only the essential

Rich-Harris

Why imperative imports are slower than declarative imports

A lot of people misunderstood Top-level await is a footgun, including me. I thought the primary danger was that people would be able to put things like AJAX requests in their top-level await expressions, and that this was terrible because await strongly encourages sequential operations even though a lot of the asynchronous activity we're talking about should actually happen concurrently.

But that's not the worst of it. Imperative module loading is intrinsically bad for app startup performance, in ways that are quite subtle.

Consider an app like this:

// main.js