ozzi-
/ example.css
Created
June 9, 2020 12:45
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @import 'fonts.googleapis.com/css?family=Advent+Pro:400,200,700'); | |
| @import "www.fonts.googleapis.com/css?family=Advent+Pro:400,200,700"); | |
| @import "https://www.fonts.googleapis.com/css?family=Advent+Pro:400,200,700"); | |
| @import url("http://fonts.googleapis.com/css?family=Raleway+Dots"); | |
| @import url('//weloveiconfonts.com/api/?family=entypo'); | |
| @import url("weloveiconfonts.com/api/?family=entypo"); | |
| html{ | |
| } |
ozzi-
/ example.js
Created
June 9, 2020 12:49
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| xhr1.open("POST","http://external2.com"); | |
| xhr2.open("POST","www.external2.com"); | |
| xhr3.open("POST","//external2.com"); | |
| xhr4.open("POST","http://gist.githubusercontent.com/testrlocal"); | |
| xhr4.open("POST","gist.githubusercontent.com/testrlocal"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public static String removeSubdomains(String url, ArrayList<String> secondLevelDomains) { | |
| // We need our URL in three parts, protocol - domain - path | |
| String protocol= getProtocol(url); | |
| url = url.substring(protocol.length()); | |
| String urlDomain=url; | |
| String path=""; | |
| if(urlDomain.contains("/")) { | |
| int slashPos = urlDomain.indexOf("/"); | |
| path=urlDomain.substring(slashPos); | |
| urlDomain=urlDomain.substring(0, slashPos); |
ozzi-
/ example.html
Last active
June 11, 2020 12:20
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <!-- all tags that should match --> | |
| <link href="www.external.com"> | |
| <script type="text/javascript"> | |
| xhr1.open("POST","http://external.com"); | |
| xhr2.open("POST","www.external.com"); | |
| xhr2.open("POST","www.external-co-ul.co.uk"); | |
| xhr3.open("POST","//external.com"); | |
| xhr4.open("POST","http://gist.githubusercontent.com/testlocal"); | |
| </script> |
ozzi-
/ getServerCert.sh
Created
June 26, 2020 07:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| openssl s_client -showcerts -servername {{URL}} -connect {{URL}}:443 2>/dev/null |
ozzi-
/ bashSubstringCount
Created
July 24, 2020 07:50
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ echo "f00 bar 123 f00 foo" | awk -F"f00" '{ print NF-1}' | |
| 2 |
ozzi-
/ doubleEncodingUTF8.java
Created
October 26, 2020 14:54
java method to fix double encoded UTF-8 strings
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public static void main(String[] args) { | |
| String input = "werewräüèö"; | |
| String result = fixDoubleUTF8Encoding(input); | |
| System.out.println(result); // werewräüèö | |
| input = "üäöé"; | |
| result = fixDoubleUTF8Encoding(input); | |
| System.out.println(result); // üäöé | |
| } |
ozzi-
/ tlscheck.sh
Created
October 30, 2020 16:52
check supported tls versions of a server by defining a minimum allowed version
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # tlscheck will check if a specified url supports the defined mimum tls version and higher | |
| # this is helpful to ensure hardening (i.E. does my server support 1.2 and newer only?) | |
| # exit codes above 9 will signalize the tls version check that failed (i.E. 11 = TLS 1.1) | |
| # exit codes below 6 will signalize wrong syntax | |
| # exit code 6 means could not connect at all | |
| # ---------------------------------------------------------------------------------------- | |
| # https://github.com/ozzi- |
ozzi-
/ equivRedirectBash.sh
Created
January 28, 2021 14:01
follow meta equiv redirect with bash and curl
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| equiv=$(curl $YOURURL -sS | grep -i "http-equiv") | |
| shopt -s nocasematch | |
| regexp='\<meta http-equiv=\"*refresh\"* content=\"*[0-9]*\"*;\s*url=([a-zA-Z0-9\/\.\?=#&.]*)' | |
| path="" | |
| if [[ $equiv =~ $regexp ]]; then | |
| echo "${BASH_REMATCH[1]}" | |
| # curl $YOURURL${BASH_REMATCH[1]} | |
| else | |
| echo "Could not parse equiv!" | |
| exit 3 |
ozzi-
/ binaryDownload.js
Last active
March 29, 2021 13:11
JS - Download a binary file via XHR then prompt the save file dialog
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <html> | |
| <a id="downloadBinaryLink"></a> | |
| <script> | |
| // file.php here serves as a pseudo API that returns a binary as octect stream (and according Access-Control-Allow-Origin header) | |
| doBinaryDownload("http://oz-web.com/file.php", loadBinaryScriptEdit); | |
| function loadBinaryScriptEdit(blob){ | |
| var dataUri = window.URL.createObjectURL(blob); | |
| var anchor = document.getElementById("downloadBinaryLink"); | |
| anchor.setAttribute('href', dataUri); | |
| anchor.setAttribute('download', "pingsender.exe"); |