This code is a PoC for CVE-2023-44487/CVE-2023-39325 using Cloudflare's blog post as a guide.
$ go run main.go --help
Usage of main:
-conns int
number of TCP connections to make to server (default 1)
-duration string
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| https://github.com/hashicorp/hcl/issues/696 |
picatz
/ spaceman.html
Created
September 13, 2024 01:48
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <!DOCTYPE html> | |
| <html lang="en"> | |
| <head> | |
| <meta charset="UTF-8"> | |
| <title>Space Man</title> | |
| <!-- Tailwind CSS CDN --> | |
| <script src="https://cdn.tailwindcss.com"></script> | |
| <!-- Meta tags for responsiveness --> | |
| <meta name="viewport" content="width=device-width, initial-scale=1.0"> | |
| <style> |
picatz
/ clear_proto.go
Created
September 2, 2024 03:10
— forked from Olex1313/clear_proto.go
Example cleanup function for protobuf message
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| func clearProtoFields(msg proto.Message, sensitiveFieldAnnotation *protoimpl.ExtensionInfo) proto.Message { | |
| clonedMsg := proto.Clone(msg) | |
| reflectMsg := proto.MessageReflect(clonedMsg) | |
| var messagesToCheck []protoreflect.Message | |
| messagesToCheck = append(messagesToCheck, reflectMsg) | |
| for len(messagesToCheck) != 0 { | |
| lastIdx := len(messagesToCheck) - 1 | |
| visitMessage := messagesToCheck[lastIdx] | |
| messagesToCheck = messagesToCheck[:lastIdx] |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package goanalysischecker | |
| import ( | |
| "fmt" | |
| "go/types" | |
| "log" | |
| "reflect" | |
| "sort" | |
| "strings" | |
| "sync" |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "bufio" | |
| "fmt" | |
| "math" | |
| "os" | |
| "strings" | |
| ) |
picatz
/ monitoring.hcl
Created
December 12, 2020 19:43
A simple Nomad job file to deploy Prometheus and Grafana
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| job "metrics" { | |
| datacenters = ["dc1"] | |
| group "prometheus" { | |
| network { | |
| mode = "bridge" | |
| } | |
| service { | |
| name = "prometheus" |
picatz
/ http-req-content-type.go
Created
April 29, 2020 19:53
POC for an analyzer that finds http requests that unnecessarily set a content-type header
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package request | |
| import ( | |
| "fmt" | |
| "go/ast" | |
| "golang.org/x/tools/go/analysis" | |
| "golang.org/x/tools/go/analysis/passes/inspect" | |
| "golang.org/x/tools/go/ast/inspector" | |
| ) |
picatz
/ rest-easy.rb
Last active
July 16, 2019 02:52
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'json' | |
| require 'async' | |
| require 'async/http/internet' | |
| require 'base64' | |
| module RESTEasy | |
| class Failure < StandardError | |
| end | |
| class Client |
This file has been truncated, but you can view the full file.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| {"company":"0x","url":"https://boards.greenhouse.io/0x/jobs/5277385002","title":"Developer Advocacy Lead","location":"San Francisco, Remote"} | |
| {"company":"0x","url":"https://boards.greenhouse.io/0x/jobs/5262475002","title":"DevOps Engineer","location":"San Francisco, Remote"} | |
| {"company":"0x","url":"https://boards.greenhouse.io/0x/jobs/4338282002","title":"Don't See What You're Looking For?","location":"San Francisco, Remote"} | |
| {"company":"0x","url":"https://boards.greenhouse.io/0x/jobs/4993063002","title":"Engineering Manager — Maker","location":"San Francisco, Remote"} | |
| {"company":"0x","url":"https://boards.greenhouse.io/0x/jobs/4029873002","title":"Integrations Engineer","location":"San Francisco, Remote"} | |
| {"company":"0x","url":"https://boards.greenhouse.io/0x/jobs/5262491002","title":"Product Manager - 0x Liquidity","location":"San Francisco, Remote"} | |
| {"company":"0x","url":"https://boards.greenhouse.io/0x/jobs/5262496002","title":"Product Manager - Matcha","location":"San Francisco, Remote"} | |
| {"company":"0x"," |
NewerOlder