I hereby claim:
- I am evilpacket on github.
- I am adam_baldwin (https://keybase.io/adam_baldwin) on keybase.
- I have a public key whose fingerprint is 06A7 065F ABC8 39CC 27D3 5E01 D9D0 F356 6734 88E4
To claim this, I am signing this object:
var AmpersandModel = require('ampersand-model'); | |
var AmpersandView = require('ampersand-view'); | |
var insertCSS = require('insert-css'); | |
var SimpleWebRTC = require('simplewebrtc'); | |
insertCSS('#remoteVideos video { height: 150px;} #localVideo { height: 150px;}'); | |
var PageModel = AmpersandModel.extend({ | |
type: 'page', | |
props: { |
// Deal with errors | |
server.ext('onPreResponse', function(request, reply) { | |
var response = request.response; | |
// Decorate with session | |
if (!response.isBoom) { | |
if (request.response.source && request.response.source.context) { | |
request.response.source.context.session = {user: request.auth.credentials}; | |
} | |
return reply(); |
var Docker = require('dockerode'); | |
var docker = new Docker({socketPath: '/var/run/docker.sock'}); | |
docker.createContainer({ Image: 'ubuntu', Cmd: ['/bin/ls','/stuff'], "Volumes":{"/stuff": {}} }, function (err, container) { | |
container.attach({stream: true, stdout: true, stderr: true, tty: true}, function (err, stream) { | |
stream.pipe(process.stdout); | |
container.start({"Binds":["/home/vagrant:/stuff"]}, function (err, data) { | |
console.log(data); |
I hereby claim:
To claim this, I am signing this object:
{ | |
"a": 8.167, | |
"b": 1.492, | |
"c": 2.782, | |
"d": 4.253, | |
"e": 12.702, | |
"f": 2.228, | |
"g": 2.015, | |
"h": 6.094, | |
"i": 6.966, |
var five = require("johnny-five"), | |
board; | |
var keypress = require('keypress'); | |
board = new five.Board(); | |
board.on("ready", function() { | |
console.log( "Ready event. Repl instance auto-initialized" ); | |
var servo = new five.Servo(10) |
>> servo.1373062175128 Board <- Serialport ready /dev/cu.usbmodem1411 | |
string_decoder.js:109 | |
charStr += buffer.toString(this.encoding, 0, end); | |
^ | |
RangeError: toString() radix argument must be between 2 and 36 | |
at Number.toString (native) | |
at StringDecoder.write (string_decoder.js:109:21) | |
at ReadStream.onData (readline.js:833:39) | |
at ReadStream.EventEmitter.emit (events.js:95:17) |
So on FF 21.0 I set the following header X-Content-Security-Policy I get the following error message in the console. | |
``` | |
The X-Content-Security-Policy and X-Content-Security-Report-Only headers will be deprecated in the future. Please use the Content-Security-Policy and Content-Security-Report-Only headers with CSP spec compliant syntax instead. | |
``` | |
If I set the Content-Security-Policy header it does not honor the policy. | |
Additionally report only does not appear to work at all in FF 21.0 |
#!/usr/bin/env ruby | |
# | |
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156) | |
# | |
# ## Advisory | |
# | |
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion | |
# | |
# ## Caveats | |
# |
local floor,insert = math.floor, table.insert | |
local function basen(n,b) | |
n = floor(n) | |
if not b or b == 10 then return tostring(n) end | |
local digits = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz" | |
local t = {} | |
local sign = "" | |
if n < 0 then | |
sign = "-" | |
n = -n |