Skip to content

Instantly share code, notes, and snippets.

fransr /
Last active Jun 28, 2022
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
# Written by Frans Rosén (
_debug="$2" #turn on debug
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"
fransr /
Created Feb 16, 2021
Hackvertor Custom CSRF tag
import httplib
import urllib
http = httplib.HTTPSConnection('', 443)
cookie = 'your=cookies';
http.request("GET", "/api/v1/csrf", "", {
'user-agent': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.146 Safari/537.36',
'referer': '',
fransr / electrum.html
Last active Nov 30, 2021
Simple port-scan using embed+onerror in Safari to send gui-commands to Electrum 3.0.4 without the need of any CORS-headers
View electrum.html
<style>pre { white-space: inherit }</style>
<pre id="log"></pre>
<div id="ports" style="visibility: hidden; height: 0; width: 0;"></div>
<iframe src="about:blank" name="x" id="x" style="display: none;"></iframe>
var electrum = {
logbreak: function() { e = document.createElement('br'); document.getElementById('log').appendChild(e); },
log: function(s) { e = document.createElement('span'); e.innerText = s+" "; document.getElementById('log').appendChild(e); },
fransr / logger.js
Last active Nov 29, 2021
logger.js for hunting script gadgets. More info about script gadgets: (Sebastian Lekies / Eduardo Vela Nava / Krzysztof Kotowicz)
View logger.js
var logger = console.trace;
;(getElementByIdCopy => {
Element.prototype.getElementById = function(q) {
logger('getElementById', q, this, this.innerHTML);
return Reflect.apply(getElementByIdCopy, this, [q])
fransr / gist:db901674466ec5d9fe2e73da6c79818b
Created Aug 10, 2017
Chinese whispers bookmarklet using Google Translate
View gist:db901674466ec5d9fe2e73da6c79818b
javascript:(function(){function $(i,b){b=(b?b:document);return b.getElementById(i.substr(1))};var i=location.hash.substr(1).split('/')[0]||'en',a=JSON.stringify(NND).match(/[a-zA-Z-]+/g),o=i,x,p,c=0,j=$,e=0;if(i=='auto')i='en';a=[ Set(a)],d=[i,'or','ug','tt','tk','mg','lo','rw','si','zh'];function n(v) {c++;var l=a.pop();while(l==o||d.find(function(ee){return ee==l}))l=a.pop();if(!l||c>100){if(e){j('#result_box').innerText=v;x.close();return;}else{l=i;e=1;}};console.log(o,l,v);'#')[0]+'?'+Math.random()+'#'+o+'/'+l+'/'+v.replace(/ /g,'%20'),'x');o=l;p=setInterval(q,500);}function q(){if(!j('#result_box',x.document)||!j('#result_box',x.document).innerText||!j('#result_box',x.document).innerText.length)return;clearInterval(p);txt=j('#result_box',x.document).innerText;n(txt);}n(j('#source').value);})()

Keybase proof

I hereby claim:

  • I am fransr on github.
  • I am frans ( on keybase.
  • I have a public key whose fingerprint is C999 46C3 C7B8 A275 7FD2 8B6F 8D76 6CC3 6F62 00D9

To claim this, I am signing this object: