Skip to content

Instantly share code, notes, and snippets.

View marcinguy's full-sized avatar

Marcin Kozlowski marcinguy

  • Berlin, Germany
View GitHub Profile
{"version": 2, "width": 133, "height": 24, "timestamp": 1701245044, "env": {"SHELL": "/usr/bin/zsh", "TERM": "xterm-256color"}}
[0.208791, "o", "\u001b[1m\u001b[7m%\u001b[27m\u001b[1m\u001b[0m \r \r"]
[0.209166, "o", "\u001b]2;mk@laptop:~/sampleproject\u0007\u001b]1;~/sampleproject\u0007\r\u001b[0m\u001b[27m\u001b[24m\u001b[J$\u001b[K\u001b[?1h\u001b=\u001b[?2004h"]
[1.24988, "o", "\r\r\nbck-i-search: _\u001b[K\u001b[A\u001b[14D"]
[3.183011, "o", "sh \u001b[4m<\u001b[24m(curl https://dl.betterscan.io/cli.sh)\u001b[1B\u001b[29D<_\u001b[A\u001b[12D"]
[3.839208, "o", "\u001b[24m<\u001b[1B\r\u001b[K\u001b[A\u001b[4C"]
[3.83925, "o", "\u001b[?1l\u001b>"]
[3.839375, "o", "\u001b[?2004l\u001b[1B\r"]
[3.875868, "o", "\u001b]2;sh <(curl https://dl.betterscan.io/cli.sh)\u0007\u001b]1;sh\u0007"]
[3.883179, "o", " % Total % Received % Xferd Average Speed Time Time "]
@marcinguy
marcinguy / modsecurity-vs-naxsi.md
Created January 6, 2020 09:40
modsecurity-vs-naxsi

Golden setup

ModSecurity + Modified Naxsi

Performance:

ab -n 1000 http://localhost/oauth/token
This is ApacheBench, Version 2.3 <$Revision: 1528965 $>
Copyright 1996 Adam Twiss, Zeus Technology Ltd, http://www.zeustech.net/
@marcinguy
marcinguy / gist:9d42de122c06c28df83d9967da7765c2
Created November 23, 2019 09:24 — forked from wdormann/gist:874198c1bd29c7dd2157d9fc1d858263
List of Android apps that include libpl_droidsonroids_gif.so - potentially vulnerable to CVE-2019-11932. Sorted by install count.
This file has been truncated, but you can view the full file.
com.whatsapp 1000000000
com.lenovo.anyshare.gps 1000000000
com.instagram.android 1000000000
com.zhiliaoapp.musically 500000000
com.viber.voip 500000000
wp.wattpad 100000000
vStudio.Android.Camera360 100000000
vsin.t16_funny_photo 100000000
com.yahoo.mobile.client.android.mail 100000000
com.xvideostudio.videoeditor 100000000
@marcinguy
marcinguy / viber-cve-2019-11932.md
Created November 23, 2019 09:21
Viber 11.6.0.15 - CVE-2019-11932

Viber Version 11.6.0.15 - Sep 27th 2019

11-23 10:14:33.102 10721 10721 I crash_dump64: performing dump of process 10359 (target tid = 10700)
11-23 10:14:33.116 10721 10721 F DEBUG   : *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
11-23 10:14:33.117 10721 10721 F DEBUG   : Build fingerprint: 'HUAWEI/VOG-L29EEA/HWVOG:9/HUAWEIVOG-L29/9.1.0.224C431:user/release-keys'
11-23 10:14:33.117 10721 10721 F DEBUG   : Revision: '0'
11-23 10:14:33.117 10721 10721 F DEBUG   : ABI: 'arm64'
11-23 10:14:33.117 10721 10721 F DEBUG   : Happend: 'Sat Nov 23 10:14:33 2019
11-23 10:14:33.117 10721 10721 F DEBUG   : '
11-23 10:14:33.117 10721 10721 F DEBUG   : SYSVMTYPE: Art
/* binder.c
*
* Android IPC Subsystem
*
* Copyright (C) 2007-2008 Google, Inc.
*
* This software is licensed under the terms of the GNU General Public
* License version 2, as published by the Free Software Foundation, and
* may be copied, distributed, and modified under those terms.
*
@marcinguy
marcinguy / malicious-pod.yaml
Last active August 19, 2019 14:53
Malicious pod
malicious-pod.yaml
::::::::::::::
apiVersion: v1
kind: Pod
metadata:
name: alpine
namespace: kube-system
spec:
containers:
- name: alpine
@marcinguy
marcinguy / check-exposed-ebs.sh
Created August 14, 2019 13:26
Checks for exposed EBS Snapshots
#!/bin/bash
#
# RUN:
# AWS_PROFILE=[profile] AWS_REGION=[region] ./check-exposed-ebs.sh
#
AWS_ACCOUNT_ID=$(aws sts get-caller-identity --output text --query 'Account')
snapshots=$(aws ec2 describe-snapshots \