Elia Pinto devzero2000
thehackerish
/ JavaDeserial.java
Last active
April 8, 2024 22:32
Supporting material for the Insecure Deserialization blog post https://thehackerish.com/insecure-deserialization-explained-with-examples
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import java.io.*; | |
| public class JavaDeserial{ | |
| public static void main(String args[]) throws Exception{ | |
| FileInputStream fis = new FileInputStream("/tmp/normalObj.serial"); | |
| ObjectInputStream ois = new ObjectInputStream(fis); | |
| NormalObj unserObj = (NormalObj)ois.readObject(); | |
| ois.close(); |
capnslipp
/ git-list-dupe-commits
Last active
January 12, 2023 23:27
A small, inefficient, naïvely-written bash script to list all duplicate commits (those with the same patch-id) in a git repo.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env bash | |
| test ! -z "$1" && TARGET_COMMIT_SHA="$1" || TARGET_COMMIT_SHA="HEAD" | |
| TARGET_COMMIT_PATCHID=$( | |
| git show --patch-with-raw "$TARGET_COMMIT_SHA" | | |
| git patch-id | | |
| cut -d' ' -f1 | |
| ) | |
| MATCHING_COMMIT_SHAS=$( |