Vít Šesták v6ak

## gist:b67ce6f501c74f7e617b4a12b38820cb
$ for i in /var/log/Xorg.0.log /var/log/Xorg.0.log.old; do cat $i | sed 's/\[[ 0-9.]\+]/[TIME]/' | sort -u > /tmp/$(basename $i); done; diff /tmp/Xorg.0.log.old /tmp/Xorg.0.log
36c36
< [TIME] Current Operating System: Linux dom0 4.9.56-21.pvops.qubes.x86_64 #1 SMP Tue Oct 17 23:58:50 UTC 2017 x86_64
---
> [TIME] Current Operating System: Linux dom0 4.14.18-1.pvops.qubes.x86_64 #1 SMP Thu Feb 8 19:37:36 UTC 2018 x86_64
55c55
< [TIME] (**) evdev: Dell WMI hotkeys: Device: "/dev/input/event9"
---
> [TIME] (**) evdev: Dell WMI hotkeys: Device: "/dev/input/event10"
58c58

## Main.java
package test;

import java.util.List;
import java.util.ArrayList;
import java.io.Serializable;

public class Main {

	private static void trick(List list){
		// WARNING: black magic with non-generic code on a generic List…

## dnsserver.py
#/usr/bin/env authbind python3

from dnslib.label import DNSLabel
from dnslib.server import DNSServer, DNSLogger, DNSRecord, RR
from dnslib.dns import TXT
import re
import sys
import os
from os import listdir

## filter-mono-garbage.sh
#!/bin/bash
# safety settings
set -u
set -e
set -o pipefail

# It seems that GrokAssembly (or maybe rather Mono is to blame) adds sometimes some garbage to the output, so it has to be filtered out.
# You can use this as a fake mono by adjusting property analyzer.assembly.mono.path.
# See https://groups.google.com/forum/#!topic/dependency-check/Axlwi5MOaJE for more details.

## gist:1678244cd71a0ebd019531d02a149c8f
#!/bin/bash
# safety settings
set -u
set -e
set -o pipefail

# Ensure out.ogv exists. I know, this is a bit hacky and racy if run in parallel.
rm -f /tmp/out.ogv
ln -s /dev/stdout /tmp/out.ogv

## resursion.sh
#!/bin/bash
# safety settings
set -u
set -e
set -o pipefail

echo running a new VM…
cat recursion.sh | qvm-run '$dispvm' 'cat > recursion.sh; chmod +x recursion.sh; ./recursion.sh'
echo $?

## packages.config
12:40:30<09> [AUDIT] [WARNING] Error determining vulnerability version range (>=4.5.0 & <4.11.8) in package UmbracoCms version range (6.0.0): Failed parsing version string >=4.5.0 & <4.11.8: unexpected ' '. .
12:40:30<09> [AUDIT] [WARNING] Error determining vulnerability version range (>=6.0.0 & <6.0.5) in package UmbracoCms version range (6.0.0): Failed parsing version string >=6.0.0 & <6.0.5: unexpected ' '. .
12:40:30<05> [AUDIT] [WARNING] Error determining vulnerability version range (0.10.0,0.10.1,0.10.10,0.10.11,0.10.12,0.10.13,0.10.14,0.10.15,0.10.16,0.10.16-isaacs-manual,0.10.17,0.10.18,0.10.19,0.10.2,0.10.20,0.10.21,0.10.22,0.10.23,0.10.24,0.10.25,0.10.26,0.10.27,0.10.28,0.10.29,0.10.3,0.10.30,0.10.31,0.10.32,0.10.33,0.10.34,0.10.35,0.10.36,0.10.37,0.10.38,0.10.39,0.10.4,0.10.40,0.10.41,0.10.42,0.10.43,0.10.44,0.10.45,0.10.46,0.10.5,0.10.6,0.10.7,0.10.8,0.10.9,0.12.0,0.12.1,0.12.10,0.12.11,0.12.12,0.12.13,0.12.14,0.12.15,0.12.2,0.12.3,0.12.4,0.12.5,0.12.6,0.12.7,0.12.8,0.12.9,4.0.0,4.1.0,4.1.1,4.1.2,

## gist:0732c1bc714473c65aa259e4a9e948f1
$ sudo evtest /dev/input/event1
Input driver version is 1.0.1
Input device ID: bus 0x3 vendor 0xeef product 0xc0aa version 0x111
Input device name: "eGalax Inc. eGalaxTouch EXC3104-1324-05.00.00"
Supported events:
  Event type 0 (EV_SYN)
  Event type 1 (EV_KEY)
    Event code 330 (BTN_TOUCH)
  Event type 3 (EV_ABS)
    Event code 0 (ABS_X)

## sandstorm-extract-cert.sh
#!/bin/bash
. /opt/sandstorm/sandstorm.conf # Well, no one except root can write the file, so it is probably acceptable to execute it.
certjsonfile=$(ls "/opt/sandstorm/var/sandcats/https/$SANDCATS_HOSTNAME/"*.response-json | sort -r -n | head -n1)
keyfile=$(sed 's/\.response-json$//' <<< "$certjsonfile")
certfile="$keyfile.crt"
cat "$certjsonfile" | jq '.cert, (.ca|.[1:]|reverse)[]' --raw-output > "$certfile"
ln -sfT "$certfile" "/etc/current-certs/$SANDCATS_HOSTNAME.crt"
ln -sfT "$keyfile"  "/etc/current-certs/$SANDCATS_HOSTNAME.key"
sudo systemctl reload nginx

## pom.xml
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0"
        xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
        xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>

    <groupId>odc-exp</groupId>
    <artifactId>odc-exp</artifactId>
    <version>1.0-SNAPSHOT</version>
	$ for i in /var/log/Xorg.0.log /var/log/Xorg.0.log.old; do cat $i \| sed 's/\[[ 0-9.]\+]/[TIME]/' \| sort -u > /tmp/$(basename $i); done; diff /tmp/Xorg.0.log.old /tmp/Xorg.0.log
	36c36
	< [TIME] Current Operating System: Linux dom0 4.9.56-21.pvops.qubes.x86_64 #1 SMP Tue Oct 17 23:58:50 UTC 2017 x86_64
	---
	> [TIME] Current Operating System: Linux dom0 4.14.18-1.pvops.qubes.x86_64 #1 SMP Thu Feb 8 19:37:36 UTC 2018 x86_64
	55c55
	< [TIME] (**) evdev: Dell WMI hotkeys: Device: "/dev/input/event9"
	---
	> [TIME] (**) evdev: Dell WMI hotkeys: Device: "/dev/input/event10"
	58c58
	package test;

	import java.util.List;
	import java.util.ArrayList;
	import java.io.Serializable;

	public class Main {

	private static void trick(List list){
	// WARNING: black magic with non-generic code on a generic List…
	#/usr/bin/env authbind python3

	from dnslib.label import DNSLabel
	from dnslib.server import DNSServer, DNSLogger, DNSRecord, RR
	from dnslib.dns import TXT
	import re
	import sys
	import os
	from os import listdir
	#!/bin/bash
	# safety settings
	set -u
	set -e
	set -o pipefail

	# It seems that GrokAssembly (or maybe rather Mono is to blame) adds sometimes some garbage to the output, so it has to be filtered out.
	# You can use this as a fake mono by adjusting property analyzer.assembly.mono.path.
	# See https://groups.google.com/forum/#!topic/dependency-check/Axlwi5MOaJE for more details.
	12:40:30<09> [AUDIT] [WARNING] Error determining vulnerability version range (>=4.5.0 & <4.11.8) in package UmbracoCms version range (6.0.0): Failed parsing version string >=4.5.0 & <4.11.8: unexpected ' '. .
	12:40:30<09> [AUDIT] [WARNING] Error determining vulnerability version range (>=6.0.0 & <6.0.5) in package UmbracoCms version range (6.0.0): Failed parsing version string >=6.0.0 & <6.0.5: unexpected ' '. .
	12:40:30<05> [AUDIT] [WARNING] Error determining vulnerability version range (0.10.0,0.10.1,0.10.10,0.10.11,0.10.12,0.10.13,0.10.14,0.10.15,0.10.16,0.10.16-isaacs-manual,0.10.17,0.10.18,0.10.19,0.10.2,0.10.20,0.10.21,0.10.22,0.10.23,0.10.24,0.10.25,0.10.26,0.10.27,0.10.28,0.10.29,0.10.3,0.10.30,0.10.31,0.10.32,0.10.33,0.10.34,0.10.35,0.10.36,0.10.37,0.10.38,0.10.39,0.10.4,0.10.40,0.10.41,0.10.42,0.10.43,0.10.44,0.10.45,0.10.46,0.10.5,0.10.6,0.10.7,0.10.8,0.10.9,0.12.0,0.12.1,0.12.10,0.12.11,0.12.12,0.12.13,0.12.14,0.12.15,0.12.2,0.12.3,0.12.4,0.12.5,0.12.6,0.12.7,0.12.8,0.12.9,4.0.0,4.1.0,4.1.1,4.1.2,
	$ sudo evtest /dev/input/event1
	Input driver version is 1.0.1
	Input device ID: bus 0x3 vendor 0xeef product 0xc0aa version 0x111
	Input device name: "eGalax Inc. eGalaxTouch EXC3104-1324-05.00.00"
	Supported events:
	Event type 0 (EV_SYN)
	Event type 1 (EV_KEY)
	Event code 330 (BTN_TOUCH)
	Event type 3 (EV_ABS)
	Event code 0 (ABS_X)
	#!/bin/bash
	. /opt/sandstorm/sandstorm.conf # Well, no one except root can write the file, so it is probably acceptable to execute it.
	certjsonfile=$(ls "/opt/sandstorm/var/sandcats/https/$SANDCATS_HOSTNAME/"*.response-json \| sort -r -n \| head -n1)
	keyfile=$(sed 's/\.response-json$//' <<< "$certjsonfile")
	certfile="$keyfile.crt"
	cat "$certjsonfile" \| jq '.cert, (.ca\|.[1:]\|reverse)[]' --raw-output > "$certfile"
	ln -sfT "$certfile" "/etc/current-certs/$SANDCATS_HOSTNAME.crt"
	ln -sfT "$keyfile" "/etc/current-certs/$SANDCATS_HOSTNAME.key"
	sudo systemctl reload nginx
	<?xml version="1.0" encoding="UTF-8"?>
	<project xmlns="http://maven.apache.org/POM/4.0.0"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
	<modelVersion>4.0.0</modelVersion>

	<groupId>odc-exp</groupId>
	<artifactId>odc-exp</artifactId>
	<version>1.0-SNAPSHOT</version>