Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

View stefanocoding's full-sized avatar

Stefano Vettorazzi stefanocoding

28 followers · 15 following
View GitHub Profile
@stefanocoding
stefanocoding / Too many open files error - Steam Flatpak Linux.md
Last active April 2, 2021 10:33

Solution to copy & paste on the Terminal

flatpak override --user --env=PROTON_NO_ESYNC=1 com.valvesoftware.Steam

Explanation

I tried to play World of Warships on Clear Linux using the flatpak of Steam, but the game never started. So, I ran flatpak run com.valvesoftware.Steam on the Terminal to see if there was any useful information. The error that called my attention was eventfd: Too many open files. I did a google search and found some mention about setting PROTON_NO_ESYNC=1 as an environment variable. So, I ran flatpak override --user --env=PROTON_NO_ESYNC=1 com.valvesoftware.Steam on the Terminal, to set the environment variable PROTON_NO_ESYNC=1 for com.valvesoftware.Steam. I tried again and it worked.

@stefanocoding
stefanocoding / Generate AppImage for Bitwig.md
Created May 16, 2020 06:08

If you need/want to generate an AppImage for Bitwig on a non-Debian Linux:

  1. Download or clone https://github.com/AppImage/pkg2appimage
  2. If you don't have Docker installed, install it
  3. Start Docker
  4. Run ./pkg2appimage-with-docker recipes/Bitwig-Studio.yml (for some reason AppImage already has a recipe for Bitwig)
  5. If it fails, and asks you to set the environment variable ARCH: add the line ENV ARCH=x86_64 (or your architecture) to ./Dockerfile, below DOCKER_BUILD=1

Just in case it's not clear: you have to follow the steps on a terminal, at least step 4.

@stefanocoding
stefanocoding / ManyToManyInput.md
Last active May 20, 2021 11:02
Using a TextInput for a ManyToManyField on Django 3. Compatible with CreateView.

I needed to use a TextInput in a CreateView for a ManyToManyField and I couldn't find a simple good solution. After looking through the Django source code I noticed that value_from_datadict() is used for ManyToManyField inputs.

In the forms.py file you need something like:

from django.forms import ModelForm, TextInput
from .models import Product

class ManyToManyInput(TextInput):
  def value_from_datadict(self, data, files, name):
 value = data.get(name)
@stefanocoding
stefanocoding / csrf_jwt_redirect_leak.md
Created May 15, 2019 23:46

You do not need to run 80 reconnaissance tools to get access to user accounts

An open redirect was almost everything I needed in two different bug bounty programs to get access to user accounts. In one of the cases a JWT was leaked, and in the other the CSRF token was leaked. The issue was mostly the same in both cases: not validating, or URI encoding, user input in the client-side, and sending sensitive information to my server using an open redirect.

CSRF token bug

  1. There is an open redirect on https://example.com/redirect?url=https://myserver.com/attack.php
  2. User loads https://example.com/?code=VALUE
  3. Javascript code in https://example.com/ makes a GET request to https://example.com/verify/VALUE with a header x-csrf-token set to the CSRF token for the session of the user 
    GET /verify/VALUE HTTP/1.1
Host: example.com
@stefanocoding
stefanocoding / using_jack_and_bitwig_with_intel.md
Last active March 4, 2019 05:58
JACK and Bitwig using the the Intel audio chip. Tested on MacBook Pro 11,3. I get no sound using Alsa and Bitwig with the Intel chip (it works with USB interfaces), so I tried using JACK and it worked. However I had to follow these steps.
  1. Open qjackctl
  2. Click Setup...
  3. Choose "alsa" as the Driver
  4. Choose the analog interface as the Interface (in my case it is hw:PCH,0)
  5. Go to the Advanced tab
  6. Enter the number of inputs in the first textbox next to Channels I/O (2 in my case)
  7. Enter the number of outputs in the second textbox next to Channels I/O (2 in my case)
  8. Click OK
  9. Click Start
  10. Start Bitwig and select "JACK" as the Driver model
@stefanocoding
stefanocoding / does_email_address_exist.py
Last active June 8, 2019 15:01
Useful Python script to know if an email address exists, based on Inti's Medium post https://medium.com/intigriti/abusing-autoresponders-and-email-bounces-9b1995eb53c2
#!/usr/bin/python3
# Example usage: ./does_email_address_exist.py twitter.com jack
import argparse
from smtplib import SMTP
import dns.resolver
parser = argparse.ArgumentParser()
parser.add_argument('hostname')
parser.add_argument('user')
args = parser.parse_args()
@stefanocoding
stefanocoding / activate_intel_gpu_on_macbookpro.md
Last active January 5, 2024 22:26
Activate integrated Intel GPU of a MacBook Pro Mid 2014 (MacBookPro11,3) on Ubuntu 18.04

This may work with other Macbook Pro models that have an Intel GPU and a NVidia one, but I only have proof that this works on a MacBook Pro Mid 2014 (MacBookPro11,3) with Ubuntu 18.04. If you want to be sure about which model you have, run sudo dmidecode -t system in the Terminal and you will see the information about the system including the serial number and product name (MacBookPro11,3 in my case). I'm assuming you have installed the NVidia propietary drivers, which can be installed from the application "Software & Updates" in the tab "Additional Drivers".

Steps to use the Intel GPU:

  1. Run lspci |grep VGA and check that only one line mentioning "NVIDIA" is printed. This is to be sure that you are required to do the following steps. If two lines appear, and one of those mentions "Intel", then you probably do not need to activate the GPU but only select it as the main GPU (jump to the step where you have to "Open nvidia-settings").
  2. Download apple_set_os.efi from https://github.com/0xbb/apple_se
@stefanocoding
stefanocoding / ubuntu_nvidia_macbook_backlight.md
Created December 18, 2018 23:55
Fix not working backlight when using NVidia propietary driver on Ubuntu 18.04 installed in a Macbook Pro Mid 2014.

After installing the latest NVidia proprietary driver (version 390) using Software & Updates > Additional Drivers, it wasn't possible to change the backlight intensity/brightness of the screen.

The solution that worked for me was to run: sudo setpci -H1 -s 00:01.00 BRIDGE_CONTROL=0. If that solution works for you too, then you may want to make the change permanent. Otherwise, you will have to run the same command each time you power on your Macbook.

Steps to make the change permanent:

  1. Open "Terminal"
  2. Run sudo gedit /etc/rc.local
  3. Enter:



  


  




    


          
    

      

        
        

          

              @stefanocoding
          

          

            
                stefanocoding
                / macos_on_ubuntu.md
            
            

              Last active
              May 18, 2023 12:17
            

              
                Install macOS in a VirtualBox machine on Ubuntu
              
          

        

      

        

  

      

    
Important: I'm writing this when the last version of macOS (and the one I have installed) is Mojave.
There is already a script which installs Mojave in a virtual machine here https://github.com/img2tab/okiomov. But if you are curios how to do everything manually to install High Sierra, then this guide may be useful.


After reading a few articles I ended up with these steps:


    

  1. On macOS, download the High Sierra installer (even if you have Mojave installed):
https://itunes.apple.com/us/app/macos-high-sierra/id1246284741?ls=1&mt=12
    2. 

  2. If the High Sierra Installer starts, quit it.
    3. 

  3. Open "Disk Utility".
    4. 

  4. Click on "File" > "New Image" > "Blank image...". Or just press cmd+N.
    5. 




  


  




    


          
    

      

        
        

          

              @stefanocoding
          

          

            
                stefanocoding
                / window.name.md
            
            

              Created
              October 5, 2018 17:19
            

              
                When `window.name` is evaluated #xss
              
          

        

      

        

  

      

    
The following is not a bug in the web browsers - it's supposed to work this way - but is useful in some cases like the one described.


In one of the Javascript files loaded by an endpoint of a private program, they were taking the value of window.name and passing it to something like eval([here]) or setTimeout([here], [some_milliseconds]), I don't remember correctly... The thing is that the value of window.name was being evaluated as Javascript code, so window.name = 'alert()' showed an alert().
To use this behavior for an attack, you have two options:


    

  1. if the endpoint is frameable from any domain, you can create an <iframe name='[javascript_code_here]' src='[vulnerable_endpoint]'></iframe>
    2. 

  2. if it's not frameable, you can set window.name = '[javascript_code_here]' in your own domain and then redirect to the vulnerable endpoint
    3. 



The one I used was the second option. 💰