Skip to content

Instantly share code, notes, and snippets.

View spaze's full-sized avatar
🔒
https://localhost/?bbq="omg">'wtf'

Michal Špaček spaze

🔒
https://localhost/?bbq="omg">'wtf'
297 followers · 0 following
View GitHub Profile
@spaze
spaze / ssls-letsencrypt.md
Last active March 15, 2018 21:57
Otevřená odpověd ssls.cz na e-mail s předmětem "Upozornění: Zabezpečení domény"

Provozovatelé ssls.cz poslali e-mail zákazníkům, kteří od nich dříve kupovali certifikáty, ale přešli na certifikáty od Let's Encrypt. Ukázku toho e-mailu najdete na https://twitter.com/parisek/status/802847950863011840, podobná srovnávací tabulka je i na https://www.ssls.cz/lets-encrypt.html. Napsal jsem ssls.cz otevřenou odpověď, kterou najdete v nezměněné podobě níže. (Opravil jsem jen překlepy a chybějící interpunkční znaménka, díky za jejich nahlášení.)

Dobrý den,

(tuto odpověď píšu jako otevřený dopis, publikoval jsem ji také na https://gist.github.com/spaze/e081b948b8cd7d06dddbe9e6fa65c5ac)

díky za e-mail, jsem Vaším bývalým zákazníkem a podobným textem, který obsahuje zavádějící i nepravdivé informace, si mě nezískáte zpět. Pro mě

@spaze
spaze / xzoneczanalysis.txt
Created October 26, 2016 19:34
Basic Results
Total entries = 26502
Total unique entries = 25475
Top 10 passwords
Tomáš = 11 (0.04%)
Destiny251984 = 9 (0.03%)
pchry = 8 (0.03%)
Janusek = 7 (0.03%)
@spaze
spaze / opera-vpn.md
Last active April 20, 2024 02:14
Opera VPN behind the curtains is just a proxy, here's how it works

2023 update

ℹ️ Please note this research is from 2016 when Opera has first added their browser "VPN", even before the "Chinese deal" was closed. They have since introduced some real VPN apps but this below is not about them.

🕵️ Some folks also like to use this article to show a proof that the Opera browser is a spyware or that Opera sells all your data to 3rd parties or something like that. This article here doesn't say anything like that.

When setting up (that's immediately when user enables it in settings) Opera VPN sends few API requests to https://api.surfeasy.com to obtain credentials and proxy IPs, see below, also see The Oprah Proxy.

The browser then talks to a proxy de0.opera-proxy.net (when VPN location is set to Germany), it's IP address can only be resolved from within Opera when VPN is on, it's 185.108.219.42 (or similar, see below). It's an HTTP/S proxy which requires auth.

@spaze
spaze / sktorrentanalysis.txt
Created February 23, 2016 16:18
Password analysis of SkTorrent.eu dump
Basic Results
Total entries = 118566
Total unique entries = 98397
Top 10 passwords
FuckYou = 864 (0.73%)
123456 = 739 (0.62%)
123456789 = 677 (0.57%)
NULL = 175 (0.15%)
@spaze
spaze / cetelem.json
Created June 28, 2015 21:48
{"host":"https://www.cetelem.cz/","port":443,"protocol":"HTTP","isPublic":
false,"status":"READY","startTime":1434634996112,"testTime":
1434635164451,"engineVersion":"1.18.1","criteriaVersion":"2009j",
"endpoints":[{"ipAddress":"193.86.17.252","serverName":"www.cetelem.cz",
"statusMessage":"Ready","grade":"F","gradeTrustIgnored":"F",
"hasWarnings":false,"isExceptional":false,"progress":100,"duration":
150647,"eta":2,"delegation":2,"details":{"hostStartTime":
1434634996112,"key":{"size":2048,"alg":"RSA","debianFlaw":false,
"strength":2048},"cert":{"subject":
"CN\u003dwww.cetelem.cz,OU\u003dMember, VeriSign Trust Network,OU\u003dAuthenticated by VeriSign,OU\u003dTerms of use at www.verisign.ch/rpa (c)05,OU\u003dCetelem,O\u003dCETELEM CR, a.s.,L\u003dPraha 5,ST\u003dPraha 5,C\u003dCZ,2.5.4.5\u003d#13083235303835363839,2.5.4.15\u003d#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3\u003d#1302435a",
@spaze
spaze / get.txt
Last active April 21, 2020 14:52
X-XSS-Protection sample report POST request
POST http://test.local/foo HTTP/1.1
Host: test.local
Connection: keep-alive
Content-Length: 116
Pragma: no-cache
Cache-Control: no-cache
Origin: http://test.local
X-FirePHP-Version: 0.0.6
User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.65 Safari/537.36
Content-Type: application/json
@spaze
spaze / rbcz-email-injection.msg
Last active August 29, 2015 14:18
rb.cz email injection (working until new website got deployed 2015-04-02, vulnerable since 2011 at least, reported at least in 2013, 2014)
Received: (qmail 23343 invoked by uid 1013); 31 Oct 2013 16:45:31 -0000
Received: from no-reply@rb.cz by smtp by uid 0 with qmail-scanner-1.22
( Clear:RC:0(62.168.6.253):.
Processed in 0.011431 secs); 31 Oct 2013 16:45:31 -0000
Received: from smtp2.rb.cz (62.168.6.253)
by smtp.example.com with SMTP; 31 Oct 2013 16:45:31 -0000
Received: from sv72-wwwjbo2-al-02 (unknown [172.18.8.181])
by smtp2.rb.cz (Postfix) with ESMTP id 2AF4D18038D
for <spam@example.com>; Thu, 31 Oct 2013 17:45:31 +0100 (CET)
From: no-reply@rb.cz
@spaze
spaze / CheckLength.php
Last active August 29, 2015 14:14
<?php
/**
* Check if the file is over given size.
*
* Use Content-Length header or partially download a file to see if it is bigger than specified size.
* Downloads up to the $limit bytes but not more.
*
* Enjoy.
*/
class CheckLength
@spaze
spaze / keybase.md
Created July 13, 2014 00:17

Keybase proof

I hereby claim:

  • I am spaze on github.
  • I am spaze (https://keybase.io/spaze) on keybase.
  • I have a public key whose fingerprint is 4BD4 C403 AF2F 9FCC B151 FE61 B64B DD6E 464A B529

To claim this, I am signing this object: