Instantly share code, notes, and snippets.


Sabri pwnsdx

View GitHub Profile
View firefox-reaper.html
<!DOCTYPE html>
<meta charset="utf-8" />
<title>Firefox DoS ❄️</title>
View safari-reaper.html
<!DOCTYPE html>
<html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
body {
View dos-experiment.html
View osxvpnrouting.markdown

Routing tips for VPNs on OS X

When VPNs Just Work™, they're a fantastic way of allowing access to a private network from remote locations. When they don't work it can be an experience in frustration. I've had situations where I can connect to a VPN from my Mac, but various networking situations cause routing conflicts. Here are a couple of cases and how I've been able to get around them.

Specific cases

Case 1: conflicting additional routes.

In this example the VPN we are connecting to has a subnet that does not conflict with our local IP, but has additional routes that conflict in some way with our local network's routing. In my example the remote subnet is 10.0.x.0/24, my local subnet is 10.0.y.0/24, and the conflicting route is Without the later route, I can't access all hosts on the VPN without manually adding the route after connecting to the VPN:

View iremember.js
// How to:
// 1) Login into
// 2) Open the developer tools and execute this code in the console
// See more @
const _API_URL='';
const _requestContacts = () => {
console.warn('Requesting your contacts...');
return fetch(_API_URL, {
method: 'POST',
headers: {
# Install GPG Tools 2 and generate your PGP keys
# Add the public key in your Github account
# Get your long id by doing: gpg --list-keys --keyid-format long
# Execute this:
# Ty
git config --global user.signingkey [LONG KEY ID] && git config --global commit.gpgsign true && git config --global gpg.program gpg2; echo 'no-tty' >> ~/.gnupg/gpg.conf
# Useful to prevent Macbooks to go to sleep when closing the lid instead of running tools that requires a Kernel Extension (e.g. InsomniaX) and more
sudo pmset -a sleep 0; sudo pmset -a hibernatemode 0; sudo pmset -a disablesleep 1;
# And to go back to normal:
sudo pmset -a sleep 1; sudo pmset -a hibernatemode 25; sudo pmset -a disablesleep 0;
View Google Chrome Extension Watcher.flock
watch prefix "$HOME/Library/Application Support/Google/Chrome/Default/Extensions/" "any" wcxm
allow prefix "$HOME/Library/Application Support/Google/Chrome/Default/Extensions/" "/Applications/Google Chrome" r
#!/usr/bin/env bash
# Usage: bash uninstall_vmware.bash
remove() {
echo -ne "Removing $entry ["
sudo rm -rf "$entry"
if [[ ! -e "$entry" ]]; then
echo -ne "OK"
# - An attacker can prevent the agent from showing the app icon (via /dev/null)
mknod /tmp/LittleFlockerTemp.png c 1 3
# - A file with a long name can hide buttons when the popup appear
touch $(printf '\r%.0s' {1..254})$(printf "\x00\x02")
nano $(printf '\r%.0s' {1..254})$(printf "\x00\x02")
# - Little Flocker does not watch every startup folders/files therefore an
# attacker can create startup items at these places (thanks Patrick Wardle):