Skip to content

Instantly share code, notes, and snippets.

@joernchen
joernchen / bounty.txt
Created February 22, 2014 16:17
Bounty writeup
GitHub RCE by Environment variable injection Bug Bounty writeup
Disclaimer: I'll keep this really short but I hope you'll get the key points.
GitHub blogged a while ago about some internal tool called gerve:
https://github.com/blog/530-how-we-made-github-fast
Upon git+sshing to github.com gerve basically looks up your permission
on the repo you want to interact with. Then it bounces you further in
another forced SSH session to the back end where the repo actually is.
# MAC manipulators
alias random_mac='sudo ifconfig en0 ether `openssl rand -hex 6 | sed "s/\(..\)/\1:/g; s/.$//"`'
alias restore_mac='sudo ifconfig en0 ether YOUR_ORIGINAL_MAC_ADDRESS_GOES_HERE'
@ryankearney
ryankearney / ComcastInject.html
Last active June 10, 2023 14:40
This is the code Comcast is injecting into its users web traffic.
<script language="JavaScript" type="text/javascript">
// Comcast Cable Communications, LLC Proprietary. Copyright 2012.
// Intended use is to display browser notifications for critical and time sensitive alerts.
var SYS_URL='/e8f6b078-0f35-11de-85c5-efc5ef23aa1f/aupm/notify.do';
// var image_url='http://servicealerts.comcast.net:8080/images/mt';
var image_url='http://xfinity.comcast.net/constantguard/BotAssistance/notice/images';
var headertext1='<strong>Comcast Courtesy Notice</strong>';
var textline1='You have reached 90% of your <b>monthly data usage allowance</b>.';
var textline2='Please sign in for more information and to remove this alert.';
var acknowledgebutton='<a href=\"#\" onClick="document.location.href=\''+SYS_URL+'?dispatch=redirect&redirectName=login&paramName=bmUid\'" title="Sign in to acknowledge" style="color: #FFFFFF;"><img alt="Sign in to acknowledge" src="'+image_url+'/mt_signin.png"/></a>';
@areina
areina / emacs-email-setup.md
Created October 12, 2012 15:00
Manage your email in emacs with mu4e

Manage your gmail account in emacs with mu4e

There're a lot of combinations to manage your email with emacs, but this works for me. I've a backup and I can manage my daily email.

The stack:

  • emacs
  • offlineimap
  • mu
  • mu4e
@fxsjy
fxsjy / gist:3291755
Last active January 9, 2021 16:12
Memcached in JavaScript based on Node.JS
//author: Sun, Junyi (weibo.com/treapdb)
//usage: node --nouse-idle-notification --expose-gc --max-old-space-size=8192 memcached.js
var config ={
port: 11211,
max_memory: 300 // default 100M bytes
}
var net = require('net');
var LRU = function (max) { // this LRU implementaion is based on https://github.com/chriso/lru
@jisqyv
jisqyv / gist:3199087
Created July 29, 2012 14:06 — forked from danparsons/gist:3195652
How to stream the London 2012 Olympics

How to stream the London 2012 Olympics

There have been several HOWTOs posted regarding streaming the 2012 Olympics using HTTP / SOCKS proxies via SSH and other similar methods. None of these actually work using the latest Flash on Mountain Lion (with Firefox, Chrome or Safari). Additionally, the third-party streaming sites don't provide BBC's amazing interface, which lets you quickly skip to individual competitors and events. However, setting up an OpenVPN server does work, with some tweaks. You'll get the exact same UX that people in England receive.

@fdmanana
fdmanana / gist:832610
Created February 17, 2011 20:27
The CouchDB replicator database

1. Introduction to the replicator database

A database where you PUT/POST documents to trigger replications and you DELETE to cancel ongoing replications. These documents have exactly the same content as the JSON objects we used to POST to /_replicate/ (fields "source", "target", "create_target", "continuous", "doc_ids", "filter", "query_params".

Replication documents can have a user defined "_id". Design documents (and _local documents) added to the replicator database are ignored.

The default name of this database is _replicator. The name can be changed in the .ini configuration, section [replicator], parameter db.

2. Basics

@eligrey
eligrey / object-watch.js
Created April 30, 2010 01:38
object.watch polyfill in ES5
/*
* object.watch polyfill
*
* 2012-04-03
*
* By Eli Grey, http://eligrey.com
* Public Domain.
* NO WARRANTY EXPRESSED OR IMPLIED. USE AT YOUR OWN RISK.
*/