Skip to content

Instantly share code, notes, and snippets.

Myo Soe (aka Aung Khant) yehgdotnet

Block or report user

Report or block yehgdotnet

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View gist:d745d23169d73f14ecf5fbf31f47d23c
<script>
var original_url = window.location.toString();
var https_url = original_url.replace("http://","https://");
if (window.location.toString().indexOf("http://")==0){
location.replace(https_url);
}
</script>
View gist:d541c60eaa8b6cd9db71e7463ed1bb1c
A very fast and easy solution is to use FileSaver.js :
1) Add the following line into the ==UserScript== section of your Greasemonkey script
// @require https://raw.githubusercontent.com/eligrey/FileSaver.js/master/FileSaver.js
2) Add the 2 following lines of code to the GM script
var blob = new Blob(["Hello, world!"], {type: "text/plain;charset=utf-8"});
saveAs(blob, "hello world.txt");
View gist:c841e191afb5c490409f7769a128e022
The most effective control against insecure direct object reference attacks is to avoid exposing internal functionality of the software using a direct object reference that can be easily manipulated.
The following are some defensive strategies that can be taken to accomplish this objective:
■ Use indirect object reference by using an index of the value or a reference map so that direct parameter manipulation is rendered futile unless the attacker also is aware of how the parameter maps to the internal functionality.
■ Do not expose internal objects directly via URLs or form parameters to the end user.
View common-passwords.txt
000000
1q2w3e
1q2w3e4r
1q2w3e4r5t
1qaz2wsx
3rjs1la7qe
18atcskd2w
123
123qwe
1234
View gist:648d0a23bb65d922ef13cdf649dc00d9
1.0.0.1
1.1.1.1
149.112.112.112
2606:4700:4700::1001
2606:4700:4700::1111
2620:fe::9
2620:fe::fe
8.8.4.4
8.8.8.8
9.9.9.9
@yehgdotnet
yehgdotnet / gist:40a640178b1c04eaf8492b95fb90d852
Created Apr 22, 2020
java manual code review - source points
View gist:40a640178b1c04eaf8492b95fb90d852
\.match|\.contains|\@GetMapping|\@PostMapping|\"matches\"|\@RequestMapping|\@PutMapping|\@DeleteMapping|\@PatchMapping|random|org.springframework.validation|javax.validation|SecretKeyFactory|xmlDecoder|xstream|zip|implements Runnable|implements Threads|new Runnable|new Thread|synchronized|newCachedThreadPool|newFixedThreadPool|utf\-8|403|denied|invalid|illegal|catch \(Exception|System\.loadLibrary|Class\.forName|getRuntime\(\)|AccessController.\doPrivileged|implements Serializable|Object deserialize|deserialize|deserialise|ObjectInputStream|KeyGenerator\.getInstance|printStackTrace|X509TrustManager|SSLContext.getInstance\("SSL"\)|\.hostnameVerifier|new TrustManager|System\.out|System\.err|HttpServletRequest|md5|sha1|password|key|pay|credit|createTempFile|class\.newInstance|.loadClass|.newInstance|objectinputstream.readobject|readObject|Pattern.compile|\.compile|DocumentBuilderFactory|SAXReader
View gist:96e55e6a76b678a5c2597d44ead31b02
Enable ATS support. Include exception in ATS declaration in the application plist file.
<key>NSAppTransportSecurity</key>
<dict>
<key>NSExceptionDomains</key>
<dict>
<key>exceptionsite.com</key>
<dict>
View gist:c7de1cd93cda93edd6814b59fd90b088
While analyzing the source code, look for the fields or screens where sensitive data is involved. Identify if the application sanitize the screen before being backgrounded by using UIImageView.
Possible remediation method that will set a default screenshot:
@property (UIImageView *)backgroundImage;
- (void)applicationDidEnterBackground:(UIApplication *)application {
UIImageView *myBanner = [[UIImageView alloc] initWithImage:@"overlayImage.png"];
self.backgroundImage = myBanner;
[self.window addSubview:myBanner];
@yehgdotnet
yehgdotnet / gist:fef2f953170179a6637d4f02348d023f
Created Apr 22, 2020
Android: secure AppStore Launch (aka protocol takover check)
View gist:fef2f953170179a6637d4f02348d023f
# any apps that registers market:// could be part of user selection list
# only google play ID is allowed
# need to check for such application existence then launch the intent.
public static void secureAppStoreLaunch(Context context) {
// you can also use BuildConfig.APPLICATION_ID
String appId = context.getPackageName();
Intent rateIntent = new Intent(Intent.ACTION_VIEW,
Uri.parse("market://details?id=" + appId));
boolean marketFound = false;
@yehgdotnet
yehgdotnet / get-shodan-favicon-hash.py
Last active May 17, 2020
Get Shodan FAVICON Hash
View get-shodan-favicon-hash.py
# https://twitter.com/brsn76945860/status/1171233054951501824
pip install mmh3
-----------------------------
# python 2
import mmh3
import requests
response = requests.get('https://cybersecurity.wtf/favicon.ico')
favicon = response.content.encode('base64')
You can’t perform that action at this time.