Skip to content

Instantly share code, notes, and snippets.

View dogeared's full-sized avatar
🏠
Working from home

Micah Silverman dogeared

🏠
Working from home
View GitHub Profile

Test

@dogeared
dogeared / stuff.txt
Created March 31, 2022 14:50 — forked from esell/stuff.txt
- clone https://spring.io/guides/gs/handling-form-submission/
- you can skip right to gs-handling-form-submission/complete, no need to follow the tutorial
- modify it so that you can build a war file (https://www.baeldung.com/spring-boot-war-tomcat-deploy)
- install tomcat9 + java 11 (i did it on ubuntu 20.04)
- deploy the war file
- update the PoC (https://share.vx-underground.org/) to write the tomcatwar.jsp file to webapps/handling-form-submission instead of webapps/ROOT
- run PoC (ignore the URL it gives you for the webshell): python3 exp.py --url http://your.ip.here:8080/handling-form-submission-complete/greeting
- you should see the "tomcatwar.jsp" file now in webapps/handling-form-submission
- hit http://your.ip.here:8080/handling-form-submission/tomcatwar.jsp?pwd=j&cmd=id to see the results
@dogeared
dogeared / SpringBoot15Application.java
Last active July 7, 2020 09:33
spring boot 1.5.x with spring security 4 vs. spring boot 2.1.3 with spring security 5
@EnableOAuth2Sso
@RestController
@SpringBootApplication
public class OAuth2DemoApplication_1_5 {
@Value("#{ @environment['security.oauth2.resource.server'] }")
private String resourceServerUrl;
private OAuth2ProtectedResourceDetails resource;
@dogeared
dogeared / README.md
Last active January 10, 2019 01:19 — forked from mraible/application.yml
Get an ID Token from Okta with Spring Boot

To Run:

OKTA_OAUTH2_ISSUER=https://{yourOktaDomain}/oauth2/default \
OKTA_OAUTH2_CLIENT-ID={clientId} \
OKTA_OAUTH2_CLIENT-SECRET={clientSecret} \
spring run idtoken.groovy
@dogeared
dogeared / SlackController.java
Created May 24, 2017 13:36
application/x-www-form-urlencoded to POJO like a boss - HandlerMethodArgumentResolver approach
@RestController
@RequestMapping("/api/v1")
public class SlackController {
private static final Logger log = LoggerFactory.getLogger(SlackController.class);
@RequestMapping(
value = "/slack", method = RequestMethod.POST,
consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE, produces = MediaType.APPLICATION_JSON_VALUE
)
@dogeared
dogeared / AbstractFormSlackSlashCommand.java
Last active May 22, 2017 21:48
application/x-www-form-urlencoded to POJO like a boss - Abstract super class approach
// workaround for customize x-www-form-urlencoded
public abstract class AbstractFormSlackSlashCommand {
// eww - breaks java code convetion, but doesn't require any additional configuration
public void setTeam_id(String teamId) {
setTeamId(teamId);
}
public void setTeam_domain(String teamDomain) {
setTeamDomain(teamDomain);
@dogeared
dogeared / SlackController.java
Last active May 31, 2022 12:34
application/x-www-form-urlencoded to POJO like a boss - HttpMessageConverter approach
@RestController
@RequestMapping("/api/v1")
public class SlackController {
private static final Logger log = LoggerFactory.getLogger(SlackController.class);
@RequestMapping(
value = "/slack", method = RequestMethod.POST,
consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE, produces = MediaType.APPLICATION_JSON_VALUE
)
@dogeared
dogeared / fake_test.sh
Created May 11, 2017 14:56
Jealous of your friends' internet speed? Just fake it!
#! /bin/bash
# Based on https://www.unknowncheats.me/forum/php/98463-speedtest-real-fake-results-photoshop.html
## httpie (httpie.org - a modern curl replacement) and md5 are required
DOWN="999925"
UP="999794"
PING=1
SERVER=3729
@dogeared
dogeared / 00_README
Last active November 24, 2020 23:47 — forked from lmarkus/README.MD
Extracting / Exporting custom emoji from Slack
This builds off the excellent work of @lmarkus.
The scripts below can be used in conjunction with the Slack Emoji Tools Google Chrome extension to export emojis from
one Slack team and import into another team.
Original work here: https://gist.github.com/lmarkus/8722f56baf8c47045621
@dogeared
dogeared / keybase.md
Created September 13, 2014 23:53
keybase.md

Keybase proof

I hereby claim:

  • I am dogeared on github.
  • I am afitnerd (https://keybase.io/afitnerd) on keybase.
  • I have a public key whose fingerprint is F1F1 6F30 807A 1D37 66CF 5771 2BCE AE15 9FAC E6B4

To claim this, I am signing this object: