Skip to content

Instantly share code, notes, and snippets.

Avatar
🎯
On point

ozzi-

🎯
On point
View GitHub Profile
@ozzi-
ozzi- / index.html
Last active May 21, 2021
JavaScript form submit timeout handling
View index.html
<html>
Form being submitted
<!-- longresponse.phg will take 30 seconds to respons, in order to simulate a timeout -->
<form id="response" method="GET" action="https://oz-web.com/longresponse.php">
<input type="hidden" name="status" id="status" value="*empty*" />
</form>
<script>
const form = document.getElementById("response");
function handleFail(){
// replace this with whatever code you have to handle the timeout
@ozzi-
ozzi- / binaryDownload.js
Last active Mar 29, 2021
JS - Download a binary file via XHR then prompt the save file dialog
View binaryDownload.js
<html>
<a id="downloadBinaryLink"></a>
<script>
// file.php here serves as a pseudo API that returns a binary as octect stream (and according Access-Control-Allow-Origin header)
doBinaryDownload("http://oz-web.com/file.php", loadBinaryScriptEdit);
function loadBinaryScriptEdit(blob){
var dataUri = window.URL.createObjectURL(blob);
var anchor = document.getElementById("downloadBinaryLink");
anchor.setAttribute('href', dataUri);
anchor.setAttribute('download', "pingsender.exe");
@ozzi-
ozzi- / equivRedirectBash.sh
Created Jan 28, 2021
follow meta equiv redirect with bash and curl
View equivRedirectBash.sh
equiv=$(curl $YOURURL -sS | grep -i "http-equiv")
shopt -s nocasematch
regexp='\<meta http-equiv=\"*refresh\"* content=\"*[0-9]*\"*;\s*url=([a-zA-Z0-9\/\.\?=#&.]*)'
path=""
if [[ $equiv =~ $regexp ]]; then
echo "${BASH_REMATCH[1]}"
# curl $YOURURL${BASH_REMATCH[1]}
else
echo "Could not parse equiv!"
exit 3
@ozzi-
ozzi- / JSON - Remove Trailing Comma
Created Dec 3, 2020
removes trailing commas in JSON strings
View JSON - Remove Trailing Comma
// Input:
// [
// {
// "f00" : "bar",
// "info" : "this comma to my right is wrong",
// },
// {
// "f00" : "bar",
// "info" : "the comma on the line below is wrong too!"
// },
@ozzi-
ozzi- / tlscheck.sh
Created Oct 30, 2020
check supported tls versions of a server by defining a minimum allowed version
View tlscheck.sh
#!/bin/bash
# tlscheck will check if a specified url supports the defined mimum tls version and higher
# this is helpful to ensure hardening (i.E. does my server support 1.2 and newer only?)
# exit codes above 9 will signalize the tls version check that failed (i.E. 11 = TLS 1.1)
# exit codes below 6 will signalize wrong syntax
# exit code 6 means could not connect at all
# ----------------------------------------------------------------------------------------
# https://github.com/ozzi-
@ozzi-
ozzi- / doubleEncodingUTF8.java
Created Oct 26, 2020
java method to fix double encoded UTF-8 strings
View doubleEncodingUTF8.java
public static void main(String[] args) {
String input = "werewräüèö";
String result = fixDoubleUTF8Encoding(input);
System.out.println(result); // werewräüèö
input = "üäöé";
result = fixDoubleUTF8Encoding(input);
System.out.println(result); // üäöé
}
@ozzi-
ozzi- / all_curl.sh
Created Aug 3, 2020
get response code, all headers, specific headers and response body from CURL
View all_curl.sh
res=$(curl "https://zgheb.com" -i -sS -w "\r\n%{http_code}")
responseCode=$(echo "$res" | tail -1)
headersAndBody=$(echo "$res" | head -n -1)
headers=$(echo "$headersAndBody" | awk '{if($0=="\r")exit;print}')
body=$(echo "$headersAndBody" | awk '{if(body)print;if($0=="\r")body=1}')
powered=$(echo "$res" | grep -Fi "X-Powered-By" | cut -d ":" -f2 | awk '{$1=$1};1')
echo "Response Code:"
View bashSubstringCount
$ echo "f00 bar 123 f00 foo" | awk -F"f00" '{ print NF-1}'
2
View getServerCert.sh
openssl s_client -showcerts -servername {{URL}} -connect {{URL}}:443 2>/dev/null
@ozzi-
ozzi- / removeSubdomainsOfURL.java
Last active Jun 11, 2020
removes all subdomains of an url
View removeSubdomainsOfURL.java
public static String removeSubdomains(String url, ArrayList<String> secondLevelDomains) {
// We need our URL in three parts, protocol - domain - path
String protocol= getProtocol(url);
url = url.substring(protocol.length());
String urlDomain=url;
String path="";
if(urlDomain.contains("/")) {
int slashPos = urlDomain.indexOf("/");
path=urlDomain.substring(slashPos);
urlDomain=urlDomain.substring(0, slashPos);