Skip to content

Instantly share code, notes, and snippets.

View spaze's full-sized avatar
🔒
https://localhost/?bbq="omg">'wtf'

Michal Špaček spaze

🔒
https://localhost/?bbq="omg">'wtf'
297 followers · 0 following
View GitHub Profile
@spaze
spaze / optimg.sh
Created June 21, 2022 05:58
Optimize images in the current dir with Zopfli (for PNGs), Guetzli (for JPEGs), WebP (for both lossy and lossless conversions). Keeps the smaller file of those.
#!/bin/bash
# Optimize images for talk slides
# Run in directory with images, it does the following:
# 1. runs zopfli on all PNGs
# 2. runs guetzli on all JPEGs
# 3. creates lossy and lossless WebP, keeps the smaller one
# 4. keeps the WebP if smaller than original
GREEN=$(tput setaf 2)
@spaze
spaze / README-azure-storage-php-patches.md
Last active March 24, 2022 17:45
azure-storage-php composer patches for cweagans/composer-patches
  1. Install composer-patches plugin
composer require cweagans/composer-patches

  1. Download all the files (*.diff & *.json) to patches subdirectory of your project

  2. Add the following to your composer.json:

	"extra": {
@spaze
spaze / cert.pem
Created June 5, 2021 21:14
Self signed cert expiring in one day
-----BEGIN CERTIFICATE-----
MIIDoTCCAomgAwIBAgIUHaHTeqKOXVJAuOJtLu3vqYfgVaAwDQYJKoZIhvcNAQEL
BQAwYDELMAkGA1UEBhMCQ1oxDDAKBgNVBAgMA0ZvbzEMMAoGA1UEBwwDQmFyMQww
CgYDVQQKDANCYXoxDjAMBgNVBAsMBVdhbGRvMRcwFQYDVQQDDA5zZWxmLnNpZ25l
ZC5jejAeFw0yMTA2MDUyMTExMjRaFw0yMTA2MDYyMTExMjRaMGAxCzAJBgNVBAYT
AkNaMQwwCgYDVQQIDANGb28xDDAKBgNVBAcMA0JhcjEMMAoGA1UECgwDQmF6MQ4w
DAYDVQQLDAVXYWxkbzEXMBUGA1UEAwwOc2VsZi5zaWduZWQuY3owggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDUYp5WfN2Btdd1bg7uMP7nlUO5l4AXZXFq
XIM/Vdv+1tZMaMeKMW9mwYJoXySUNJS5/ix8pPdZL7szGZ8tqMMAisdjmNMfvg0e
mZu9/9yMh7vRDe/KU4u2rKPw4gvZNVx42ptIa1hAecjBwoVxysumBJh9HPo3z1d7
@spaze
spaze / index.php
Created April 10, 2021 16:22
xsssk sources snippet
<?php
function index()
{
echo ascii('xsssk');
}
function rick()
{
header('Location: https://media.giphy.com/media/Vuw9m5wXviFIQ/giphy.gif', true, 301);
}
@spaze
spaze / find-cve-2020-15227.sh
Last active May 20, 2021 16:34
CVE-2020-15227 nette/application RCE in-place patch
#!/bin/bash
# Find files in CVE-2020-15227 nette/application issue
# by @spazef0rze
# Run with `bash find-cve-2020-15227.sh`, works on Linux, FreeBSD, tested on Ubuntu 18.04, FreeBSD 11.4
# This is a universal finder for all affected versions.
# Requirements: find, grep, bash (might work with your default shell but YMMV)
# The fixes:
@spaze
spaze / cz-stripped-subdomains.txt
Last active March 3, 2020 18:16 — forked from kokes/cz.txt
.cz domains *potentially* affected by this CAA problem https://letsencrypt.org/caaproblem/ - test at https://unboundtest.com/caaproblem.html
# Stripped subdomains (foo.example.com => example.com, doesn't mean example.com was in the original list)
# regex [a-z*0-9\-]+\.cz(?=[ \]])
05.cz
0e.cz
0oo.cz
1000miglia.cz
1000oken.cz
1000zkh.cz
1001.cz
1001hry.cz
@spaze
spaze / haveibeencaffeinated.php
Last active May 9, 2019 19:04
https://www.michalspacek.com/top-10-coffee-brands-according-to-have-i-been-pwned
<?php
// https://en.wikipedia.org/wiki/Category:Coffee_brands
$covfefes = [
'alterracoffeeroasters',
'angiangcoffee',
'angelinus',
'autocrat',
'barcaffe',
'batdorfbronson',
'bewleys',
@spaze
spaze / pbkdf2-symfony-polyfill.php
Last active October 12, 2018 20:27
Symfony's PBKDF2 polyfill benchmark (TL;DR it's slow, DO NOT USE, use hash_pbkdf2 available in PHP 5.5+ if you must use PBKDF2 but just use password_hash) for the thread here https://twitter.com/spazef0rze/status/1050436425559302147
<?php
function hashPbkdf2($algorithm, $password, $salt, $iterations, $length = 0)
{
// Number of blocks needed to create the derived key
$blocks = ceil($length / strlen(hash($algorithm, null, true)));
$digest = '';
for ($i = 1; $i <= $blocks; $i++) {
$ib = $block = hash_hmac($algorithm, $salt . pack('N', $i), $password, true);
// Iterations
for ($j = 1; $j < $iterations; $j++) {
@spaze
spaze / 307timing.txt
Created March 8, 2018 23:57
The 307 timing includes 200's content download
662538: URL_REQUEST
http://www.michalspacek.cz/
Start Time: 2018-03-09 00:52:52.274
t=10702 [st= 0] +REQUEST_ALIVE [dt=76]
--> priority = "HIGHEST"
--> url = "http://www.michalspacek.cz/"
t=10702 [st= 0] URL_REQUEST_DELEGATE [dt=1]
t=10703 [st= 1] +URL_REQUEST_START_JOB [dt=0]
--> load_flags = 37122 (BYPASS_CACHE | MAIN_FRAME_DEPRECATED | MAYBE_USER_GESTURE | VERIFY_EV_CERT)
@spaze
spaze / result.txt
Last active July 21, 2017 12:03
id select_type table partitions type possible_keys key key_len ref rows filtered Extra
1 SIMPLE foo ref code code 34 const 1 100.00 Using index
id select_type table partitions type possible_keys key key_len ref rows filtered Extra
1 SIMPLE foo index code code 34 12 10.00 "Using where; Using index"