Skip to content

Instantly share code, notes, and snippets.

singe / compose.yml
Last active June 20, 2024 07:37
Restricting Networking in Docker for Mac & Windows
image: alpine/socat
# Connects to a service running on port 1337 on the host machine and creates a unix socket listener
command: UNIX-LISTEN:/sockets/shared.sock,unlink-early,unlink-close,fork TCP-CONNECT:host.docker.internal:1337,reuseaddr
# unlink-* deletes the socket file before start up and when the connection is closed
restart: unless-stopped
- sockets:/sockets
# It needs access to the host, hence the default network
singe /
Last active June 26, 2024 10:51
Quick 'n Dirty seatbelt/sandbox

macOS Seatbelt/Sandbox Trace Script

macOS sandbox profiles used to be able to include a trace command that would write all the denied operations to a sandbox profile, allowing a profile to be iterativley built up. Apple removed that functionality for reasons explained below. examines the kernel log for the denied operations and creates the relevant allow rules in a sandbox profile, just like the sandbox profile trace command used to. tries to reduce a sandbox profile to the minimum lines necessary.

It's very rough and ready at the moment (check the sed regex'es in the script to see what I mean) and needs more testing with a wider set of use cases.

singe / singe.zsh-theme
Created May 27, 2024 12:20
My Oh My Zsh theme
# By Dominic White ( / )
# I've been rolling this font for nearly two decades. I can't remember who wrote
# it originally, but I stole enough of it to not take any credit. I've just
# updated it here and there. The latest for Oh-My-Zsh
prompt_setup_singe() {
colour1="%{$fg[blue]%}" #line
colour2="%{$fg[green]%}" #directory
colour3="%{$fg[magenta]%}" #time, user, host
singe / agenda_tracker.xlsx
Last active February 8, 2024 06:44
An agenda planner and time tracker
singe /
Created August 18, 2023 09:18
A quick 'n dirty website mirror script
# A quick 'n dirty website mirror script
# by @singe
# Ideally, wget -r should mirror a site, but modern websites are complex, this
# tries to fix the gaps of what is typically mixed.
# It's been tested on 3 or 4 sites, and likely needs more tricks added.
singe /
Last active August 12, 2023 15:32
Using OSC7 to trigger a canary token in text files

Using OSC7 to trigger a canary token in text files

macOS' supports the OSC7 escape code for notifying the terminal of the current working directory. It also supports the file:// URL scheme. This means you can embed a hostname in the instruction, and the host will perform a DNS lookup against it. It also won't visibly render in the terminal.

You can create the escape code like this: printf '\033]7;file://<hostname>\033\\'

I tested, Microsoft command shell, Windows Terminal and Alacritty and it only worked on OSC7 support is contentious across other terminals according to various pull request discussions.

This was discussed in @stokfredrik's BlackHat/Defcon 2023 talk

singe /
Created July 11, 2023 17:12
A simple “date since” tracker with milestones for Pythonista
import datetime
import ui
v = ui.load_view()
width, height = ui.get_screen_size()
v.frame = (0, 0, width, height)
first = datetime.datetime(2023, 1, 1, 0, 0, 0, 0)
singe /
Created April 17, 2023 11:16
Generate a list of hashcat masks from a wordlist
# hashcat mask generator
# by @singe
singe /
Last active April 19, 2023 17:37
Convert clear passwords into slightly more generalised brute force masks for hashcat mode -a3
# change specials & digits to hashcat format
sed -e "s/[[:punct:]]/?s/g" \
-e "s/[[:digit:]]/?d/g" \
$file \
> $tmp \
&& \
singe /
Created February 11, 2022 13:25
Hashcat Wordlist Stuff
# Convert hashcat.pot to john.pot and merge them
# Usage: <hashcat pot> <john pot>
# NB: Make sure the hashcat pot only contains 16
# and 32 character hashes that are LM and NT hashes
tmp1=$(mktemp -t pot-port)
tmp2=$(mktemp -t pot-port)
LC_ALL=UTF-8 sed 's/^\([a-f0-9]\{32\}:[^:]*\)$/$NT$\1/' $hashpot | grep '^\$NT\$' > $tmp1