Skip to content

Instantly share code, notes, and snippets.

Avatar

Troy Hunt troyhunt

View GitHub Profile
@troyhunt
troyhunt / rick-roll-content-scraper.js
Created Aug 19, 2020
A Cloudflare worker to redirect image requests from dickhead content scraper's site to a Rick Roll
View rick-roll-content-scraper.js
addEventListener('fetch', event => {
event.respondWith(fetchAndApply(event.request))
})
async function fetchAndApply(request) {
let response = await fetch(request)
let referer = request.headers.get('Referer')
let contentType = response.headers.get('Content-Type') || ''
if (referer && contentType.startsWith('image/')) {
View troys-been-scraped.json
{
"_id": {
"$oid": "5b9f0ec2385f0a00655c92fb"
},
"email": "troyhunt@hotmail.com",
"emails": [
{
"local": "troyhunt",
"domain": "hotmail.com",
"type": "personal",
@troyhunt
troyhunt / uniform-urls.js
Created Sep 4, 2018
Cloudflare Worker to normalise URLs for cache efficiency
View uniform-urls.js
addEventListener('fetch', event => {
event.respondWith(handleRequest(event.request));
})
/**
* Fetch request after making casing of hash prefix uniform
* @param {Request} request
*/
async function handleRequest(request) {
@troyhunt
troyhunt / roblox.html
Created Jul 30, 2018
Roblox response to an insecure request
View roblox.html
HTTP/1.1 200 OK
Server: nginx/1.13.12
Date: Mon, 30 Jul 2018 00:34:29 GMT
Content-Type: text/html
Connection: keep-alive
Keep-Alive: timeout=20
X-DIS-Request-ID: 92ff365aa7add940416ef2364da35e97
P3P: CP="NON DSP COR ADMa OUR IND UNI COM NAV INT"
Cache-Control: no-cache
Content-Length: 1557
View expanded-phishing-file.html
<title>Netflix</title>
<meta content="" name="keywords">
<meta content="" name="description">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width,initial-scale=1.0">
<link type="text/css" rel="stylesheet" href="css/z.css">
<link type="text/css" rel="stylesheet" href="css/a.css">
<link rel="shortcut icon" href="img/nficon2015.ico">
View encrypted-phishing-file.html
<html><head><script src="http://awpaugp250.siterubix.com/nfx/5x5wcTcHOGEkq6p2a/aswpt/AynkJ/4ZgadQb/1931f0840cfa5b56436809863fc47c2d/hok.js"></script><script>
var hea2p =
('0123456789ABCDEFGHIJKLMNOPQRSTUVXYZabcdefghijklmnopqrstuvxyz');
var hea2t =
'KgBJ+ZS2yFkzpqil0wIAWkAArBLQmGfqRlP/tHYU3SbrxI32eAoeR7vT4aptN4OYOH/OVmxcOwmBUPd5B7b5JTBjDn1JUiTkkcqZ9zTfsQ8c6y/VZ5Njhw78CB/2Da7s23CEOUhpO8Ybbh5MsLp8pMKpb/Aw1tvXQs+GVXTBxIIn60Y5j50pRl3fxb7aPmFzR6oX7TdcUBVK1TnA4t4LQEW3xepm5yamhE6LRr0WOE9+GyLWNynAMzjj1IkWq1fYBcihI2mhTT73fNseM9ThQjv0lUzAsNcHIzIo+OtUI0V/uZXFKwXRxmzTq45D3LVI5bDaE/9i6XpoKSxnJsgQgVAogTVEBxs8+l2bvdYOGacGO6uCeRE+GsdaQDLoU/XXRsZERPfXqFrNSLCWqNX5961i8iVNT8YVaEIujSKpHTemQ29xV9CuFGm87mAiBnkMfxoXn+zGtunikqUuV96zy4YEEzoRIDKct+AxBp6pAfmH1FG5QTYnQHTLnMWBzGVlE7Bs2I0hIlJ8cuP8XFnm9PsPzznl+GtuhONMCHDB4xEUl+2gnqUNHABcvkmKn+66H79Irg8s237YayOExtq0mBxhFBqhYywlr7clIERuYMqpTiF5X4nkB0xY8cHx01P4b7OR3u4D8x7i+4xry/wqR0pVWUUhg5sQiO8WCbBBL1HcxkUXcoYd6QKCCez3PqFzMMFRBk+xubr8v8BycDes/1Wibz9N6h7kg78EPV7sGD7qfm7arUua8eUSdQw8Txj7a3CY
@troyhunt
troyhunt / mountain-training-breach-notice
Created Nov 23, 2016
A very well written breach notice from Mountain Training
View mountain-training-breach-notice
Dear [redacted],
This email is being sent to you about a recent security breach to Mountain Training's website and has been sent using Mail Chimp instead of our candidate management system. The reason for this is explained below.
Our candidate management system, powered by TahDah, recently suffered a security breach and I want to reassure you straightaway that no passwords, bank or card details have been accessed, or ever can be. On the evening of Saturday 12th November, someone gained unauthorised access to the website of our candidate management system via the admin account of a TahDah staff member. The database, which sits behind the website, was not accessed. The unauthorised person(s) replaced the log in page so that no one could gain access to the website and sent an email to ‘All candidates’ which contained a malicious link.
The staff of Mountain Training and our database developer TahDah responded very quickly and were able to intercept the email, so that it was sent to a relatively small percentag
View failed-build
Command: "D:\home\site\deployments\tools\deploy.cmd"
Handling .NET Web Application deployment.
MSBuild auto-detection: using msbuild version '14.0' from 'D:\Program Files (x86)\MSBuild\14.0\bin'.
All packages listed in packages.config are already installed.
D:\Program Files (x86)\MSBuild\14.0\bin\Microsoft.CSharp.CurrentVersion.targets(133,9): warning MSB3884: Could not find rule set file "ManagedMinimumRules.ruleset". [D:\home\site\repository\Web\Web.csproj]
Web -> D:\home\site\repository\Web\bin\Web.dll
D:\Program Files (x86)\MSBuild\14.0\bin\Microsoft.CSharp.CurrentVersion.targets(133,9): warning MSB3884: Could not find rule set file "ManagedMinimumRules.ruleset". [D:\home\site\repository\WebJob\WebJob.csproj]
WebJob -> D:\home\site\repository\WebJob\bin\Release\WebJob.exe
D:\Program Files (x86)\MSBuild\Microsoft\VisualStudio\v14.0\Web\Microsoft.Web.Publishing.targets(2673,5): error MSB4062: The "GetProjectProperties" task could not be loaded from the assembly D:\Program Files (x86)\MSBuild\Microsoft\V