Skip to content

Instantly share code, notes, and snippets.



View GitHub Profile
Neo23x0 /
Last active Jan 21, 2022
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log
patrickd- / cheatsheet.sol
Last active Jan 25, 2022
Solidity – Compilable Cheatsheet
View cheatsheet.sol
// SPDX-License-Identifier: MIT
// ^ recommended, included machine readable in bytecode metadata
// Software Package Data Exchange is an open standard
pragma solidity ^0.8.7;
// ^ floating pragma, min 0.8.7 max excluding 0.9.0
// same as complex pragma: pragma solidity >=0.8.7 <0.9.0;
// major.breakingchanges.bugfixes
// only makes the compiler check for compatibility and throws error if not matching!
// should only be floating during development, fixed everywhere during testing & deployment

Sending Ether Cheat Sheet


🥇 Instead of sending Ether, use the withdrawal pattern

🥈 If you really need to send Ether, use a safe wrapper like OpenZeppelin's Address.sendValue(addr, amount)

🥉 If you really need to send Ether without dependencies, use (bool success, ) ={value: amount}("")

HildisviniOttar /
Last active Nov 13, 2021
THORChain vulnerability TSS

TSS Churn with 2 evil nodes

Currently TSS works by the system auto-generating a set of TSS invitees that collectively generate a new vault pubkey outside of process. Each node that participates in the signing ceremony then posts in their results into THORChain as a MsgTssPool.

Two evil nodes are able to front-run a TSS signing ceremony by posting in a fake TSS result and voting twice, which achieves consensus and creates a vault controlled by attacker, stealing funds (before the valid tx arrives).

Note: #thorsec team found a similar bug allowing spoofing ID which was patched in - this vulnerability is similar but works even with the original ID spoof patch. After disclosure, MR 1922 also incorporated fixes to stop this attack presented below.


# Ethereum helper methods
# source this in your .bashrc or .zshrc file with `. ~/.ethrc`
# --- Token addresses ---
Strernd / parseErc20Transfer.js
Created Jun 7, 2021
Parses an ERC20 Transfer from the Ethereum API.
View parseErc20Transfer.js
const converter = require("hex2dec");
const Eth = require("ethjs");
const eth = new Eth(new Eth.HttpProvider(process.env.INFURA));
async function getERC20TransferByHash(hash) {
const ethTxData = await eth.getTransactionByHash(hash);
if (ethTxData === null) throw "TX NOT FOUND";
if (
ethTxData.input.length !== 138 ||
ethTxData.input.slice(2, 10) !== "a9059cbb"
itzmeanjan /
Last active May 28, 2021
Polygon ( aka Matic Network ) Mempool Exploration
from python_graphql_client import GraphqlClient
from json import dumps
from asyncio import run
from re import compile as re_compile
from pytimeparse import parse
reg = re_compile(r'^(\d+(\.\d+)?)')
handle = None
gorgos / ExampleSlidingWindowOracleDaiWethKovan.sol
Created Jan 9, 2021
ExampleSlidingWindowOracle with DAI + WETH for Kovan.
View ExampleSlidingWindowOracleDaiWethKovan.sol
pragma solidity 0.6.6;
pragma experimental ABIEncoderV2;
import "";
import "";
import "";
import "";
import "";
library SafeMath {
fuadnafiz98 / transparent.vim
Last active Dec 11, 2021
vim transparent background
View transparent.vim
" for transparent background
function! AdaptColorscheme()
highlight clear CursorLine
highlight Normal ctermbg=none
highlight LineNr ctermbg=none
highlight Folded ctermbg=none
highlight NonText ctermbg=none
highlight SpecialKey ctermbg=none
highlight VertSplit ctermbg=none
highlight SignColumn ctermbg=none
cryptoscopia / dydxFlashLoanTemplate.sol
Created Oct 21, 2020
A single-file simplest possible template for a contract that obtains a flash loan from dydx, does things, and pays it back.
View dydxFlashLoanTemplate.sol
// SPDX-License-Identifier: AGPL-3.0-or-later
// The ABI encoder is necessary, but older Solidity versions should work
pragma solidity ^0.7.0;
pragma experimental ABIEncoderV2;
// These definitions are taken from across multiple dydx contracts, and are
// limited to just the bare minimum necessary to make flash loans work.
library Types {
enum AssetDenomination { Wei, Par }