Instantly share code, notes, and snippets.

View .gitignore
View find-new-Lo-code-points.js
const compare = (versionA, versionB) => {
// TODO: Does there exist a path for which every single Unicode version
// gets new entries? If so, use that instead.
const path = 'General_Category/Other_Letter';
const before = new Set(require(
`unicode-${ versionA }/${ path }/code-points.js`
const after = require(
`unicode-${ versionB }/${ path }/code-points.js`
#!/usr/bin/env bash
curl -#s "${url}" | \
base64 --decode | \
sed '/^ *\/\// d' | \
sed '/^\s*$/d' > hsts.json;
View bf.js
'use strict';
const pad = function(string) {
const totalCharacters = 4;
return string.length < totalCharacters ?
(Array(totalCharacters + 1).join('0') + string).slice(-totalCharacters) :
const UNICODE_MIN = 0x0;
View output.txt

Someone tried to exploit the Shellshock vulnerability in Bash on, likely as part of a mass-exploit attempt.

In this case, the exploit attempted to download a modified version of @schierlm’s pseudo-terminal Perl script that would connect to on port 23. The download URL contains the targeted host name (? which gives the attacker an indication of which hosts might have the /tmp/ backdoor in place.

View regex-lone-surrogates.js
var assert = require('assert');
// The goal is to match lone surrogates, i.e. any high surrogates
// (`[\uD800-\uDBFF]`) that are not directly followed by a low surrogate
// (`[\uDC00-\uDFFF]`), and any low surrogates (`[\uDC00-\uDFFF]`) that are not
// directly preceded by a high surrogate (`[\uD800-\uDBFF]`).
var regex = /[\uD800-\uDBFF](?![\uDC00-\uDFFF])|(?:[^\uD800-\uDBFF]|^)[\uDC00-\uDFFF]/;
assert.equal(regex.test('foo\uDC00bar'), true);