jonbarrow

class AsyncLoop {
    constructor(length, looper, cb) {
        this.i = -1;
        this.length = length;
        this.looper = looper;
        this.callback = cb;
        this.loop();
    }
    loop() {
        this.i++;

jonbarrow

# **********************************************************************
# * Project: 00-piws-vars                                    	   *
# * Created: 05/06/2018 22:27                                          *
# * Author: Martin Svensson aka ztealmax - pi-workbench.org            *
# * Info: create in /etc/chromium-browser/customizations/              *
# * Note: replaces rpi-chromium-mods                                   *
# **********************************************************************
#
PICHROMIUMMODS="/etc/chromium-browser/customizations/00-rpi-vars"

jonbarrow

I emailed GitKraken on August 12th, 2019 about this issue which went nowhere

In GitKraken there is a potential vulnerability that allows access to Pro features without paying for them. I have tested this in 6.0.1, 6.1.1, and 6.1.4, but I suspect it works in all other versions as well.

Using a proxy server, such as Fiddler on Windows, it is trivial to change the response from the "https://api.gitkraken.com/phone-home" API endpoint to trick GitKraken into thinking the user has a Pro (or other) plan, unlocking the features of that plan even if the user has not paid for it.

This is done by changing the response from the "https://api.gitkraken.com/phone-home" endpoint to:

{

jonbarrow

from pyee import BaseEventEmitter # Event emitter class base
import requests # request module
import asyncio # async utils
import concurrent.futures # futures (like a JS promise)

# constants
URL_BASE = "https://www.wonderfulsubs.com/api/media"
SEARCH_URL = "%s/search?q=" % URL_BASE
SERIES_URL = "%s/series?series=" % URL_BASE
STREAM_URL = "%s/stream?code=" % URL_BASE

jonbarrow

const got = require('got');
const crypto = require('crypto');
const querystring = require('querystring');
const JSON5 = require('json5'); // Lazy-parse JSON

const URL_BASE = 'https://www18.kickassanime.io';
const SEARCH_URL = `${URL_BASE}/api/anime_search`;

const IV_REGEX = /"vt":"(.*?)"/;
const KEY_REGEX = /"sig":"(.*?)"/;

jonbarrow

const cloudscraper = require('cloudscraper'); // Bypass cloudfare
const { JSDOM } = require('jsdom'); // DOM access in Node
const async = require('async'); // async utils

const animeIdRegex = /anime-id="(\d*)"/; // Regex to find the anime ID for the site
const sourceRegex = /file: "(.*)"/g;
const iframeRegex = /iframe .* src="(.*)"/;

// URL list
const URL_BASE = 'https://animeultima.eu';

jonbarrow

const got = require('got');
const async = require('async');

const URL_BASE = 'https://www.wonderfulsubs.com/api/media';
const SEARCH_URL = `${URL_BASE}/search?q`;
const SERIES_URL = `${URL_BASE}/series?series`;
const STREAM_URL = `${URL_BASE}/stream?code`;

// Options for "got"
const OPTIONS = {

jonbarrow

const got = require('got');
const fs = require('fs');
const NodeRSA = require('node-rsa');
const { xml2js } = require('xml-js');

// Client to connect to the eShop SOAP api
const soapClient = got.extend({
	baseUrl: 'https://ecs.wup.shop.nintendo.net',
	method: 'post',
	cert: fs.readFileSync('./eshop-common.crt'), // Client certificates. You can find these online, they are common to all consoles

jonbarrow

'''
Credit Jonathan Barrow 2021

This will rip courses from SMM1 using NEX to automate the process
Use at your own risk, I am not resposible for any bans

Requires Python 3 and https://github.com/Kinnay/NintendoClients

Licensed under GNU GPLv3
'''

jonbarrow

/*
	Discord is able to log users in by scanning QR codes on the login screen,
	these are randomly generated by the server and are sent to the client
	over a secure web socket as a fingerprint, which gets scanned in by the app
	and then used to login remotely. The QR codes actual contents are just
	https://discord.com/ra/FINGERPRINT

	This script shows how to connect to Discord and generate these
	fingerprints automatically
*/