Skip to content

Instantly share code, notes, and snippets.

View tofran's full-sized avatar

Francisco Marques tofran

View GitHub Profile
Neo23x0 /
Last active June 24, 2024 22:11
Log4j RCE CVE-2021-44228 Exploitation Detection

log4j RCE Exploitation Detection

You can use these commands and rules to search for exploitation attempts against log4j RCE vulnerability CVE-2021-44228

Grep / Zgrep

This command searches for exploitation attempts in uncompressed files in folder /var/log and all sub folders

sudo egrep -I -i -r '\$(\{|%7B)jndi:(ldap[s]?|rmi|dns|nis|iiop|corba|nds|http):/[^\n]+' /var/log

The Freenode resignation FAQ, or: "what the fuck is going on?"


It's come to my attention that some people have been spamming issue trackers with a link to this gist. While it's a good idea to inform people of the situation in principle, please do not do this. By all means spread the word in the communities that you are a part of, after verifying that they are not aware yet, but unsolicited spam is not helpful. It will just frustrate people.

Update 3 (May 24, 2021)

A number of things have happened since the last update.

gullyn / flappy.html
Last active May 4, 2024 15:35
Flappy bird in 205 bytes (improved!)
<body onload=z=c.getContext`2d`,setInterval(`c.width=W=150,Y<W&&P<Y&Y<P+E|9<p?z.fillText(S++${Y=`,9,9|z.fillRect(p`}*0,Y-=--M${Y+Y},P+E,9,W),P))):p=M=Y=S=6,p=p-6||(P=S%E,W)`,E=49) onclick=M=9><canvas id=c>
hermanbanken / Dockerfile
Last active July 5, 2024 06:54
Compiling NGINX module as dynamic module for use in docker
FROM nginx:alpine AS builder
# nginx:alpine contains NGINX_VERSION environment variable, like so:
# Our NCHAN version
# Download sources
RUN wget "${NGINX_VERSION}.tar.gz" -O nginx.tar.gz && \
michaelboke / Dockerfile
Last active June 26, 2024 14:46
Docker scratch x509 fix
FROM golang:alpine as builder
RUN apk update && apk upgrade && apk add --no-cache ca-certificates
RUN update-ca-certificates
ADD main.go /app/main.go
RUN CGO_ENABLED=0 GOOS=linux go build -a -ldflags="-s -w" -installsuffix cgo -o app .
FROM scratch
COPY --from=builder /app/app .
COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
Morreski /
Last active July 3, 2024 16:29
Python lru_cache with timeout
from datetime import datetime, timedelta
import functools
def timed_cache(**timedelta_kwargs):
def _wrapper(f):
update_delta = timedelta(**timedelta_kwargs)
next_update = datetime.utcnow() + update_delta
# Apply @lru_cache to f with no cache size limit
# Run with python [number of rounds] [upper limit on random number]
# Python 3.5+
import math
import random
import sys
def main(rounds, limit):
print(rounds, "Rounds")
print(limit, "Sides")
0xjac /
Last active July 18, 2024 23:09
Create a private fork of a public repository

The repository for the assignment is public and Github does not allow the creation of private forks for public repositories.

The correct way of creating a private frok by duplicating the repo is documented here.

For this assignment the commands are:

  1. Create a bare clone of the repository. (This is temporary and will be removed so just do it wherever.)

git clone --bare

gene1wood /
Last active May 3, 2024 19:34
Analysis of PyPi package names and the use of dashes underscores upper and lower case
import xmlrpclib
except ImportError:
import xmlrpc.client as xmlrpclib
client = xmlrpclib.ServerProxy('')
packages = client.list_packages()
total = len(packages)
dashes = len([x for x in packages if '-' in x])
bastman /
Created March 31, 2016 05:55
docker cleanup guide: containers, images, volumes, networks

Docker - How to cleanup (unused) resources

Once in a while, you may need to cleanup resources (containers, volumes, images, networks) ...

delete volumes

// see:

$ docker volume rm $(docker volume ls -qf dangling=true)

$ docker volume ls -qf dangling=true | xargs -r docker volume rm