Skip to content
View mbijon's full-sized avatar
🎯
Focusing
🎯
Focusing
52 followers · 134 following

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Pull Sharkx3

Achievements

Achievement: Arctic Code Vault ContributorAchievement: Pull Sharkx3

Organizations

@WorkingGroupLink

Block or report mbijon

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse

Pinned Loading

  1. Ruby AES Encryption using OpenSSL Ruby AES Encryption using OpenSSL
    1 
    #!/usr/bin/env ruby
    2 
    require "openssl"
    3 
    require 'digest/sha2'
    4 
    require 'base64'
    5 
    
              
    
          
    
    
    
  
    

    2. 

      

  2. 
  
    
    
    
      
    
        
        
          rbenv ubuntu server cheatsheet
rbenv ubuntu server cheatsheet      
    

          
    
              
    
                1
                
    ## ubuntu server with bash shell
    
              
    
              
    
                2
                
    
              
    
              
    
                3
                
    git clone https://github.com/sstephenson/rbenv.git ~/.rbenv
    
              
    
              
    
                4
                
    echo 'export PATH="$HOME/.rbenv/bin:$PATH"' >> ~/.bash_profile
    
              
    
              
    
                5
                
    echo 'eval "$(rbenv init -)"' >> ~/.bash_profile
    
              
    
          
    
    
    
  
    

    3. 

      

  3. 
  
    
    
    
      
    
        
        
          Syslog nginx without $ or patching, ...
Syslog nginx without $ or patching, http://syshero.org/post/68174083489/nginx-syslog-ing-without-breaking-the-bank-or-patching

(1) directory/fifo structure:

mkdir -p /srv/logs/

mkfifo /srv/logs/access.log

mkfifo /srv/logs/error.log

(2) nginx conf:

error_log /srv/logs/error.log;

access_log /srv/logs/access.log;

(3) remember to start syslog-ng before nginx!      
    

          
    
              
    
                1
                
    source s_nginx_20 { pipe("/srv/logs/access.log" program_override("nginx-access-log")); };
    
              
    
              
    
                2
                
    source s_nginx_21 { pipe("/srv/logs/error.log" program_override("nginx-error-log")); };
    
              
    
              
    
                3
                
    
              
    
              
    
                4
                
    filter f_nginx_20 { match("nginx-access-log" value("PROGRAM")); };
    
              
    
              
    
                5
                
    filter f_nginx_21 { match("nginx-error-log" value("PROGRAM")); };
    
              
    
          
    
    
    
  
    

    4. 

      

  4. 
  
    
    
    
      
    
        
        
          XSS filtering in PHP (cleans various...
XSS filtering in PHP (cleans various UTF encodings & nested exploits)      
    

          
    
              
    
                1
                
    <?php
    
              
    
              
    
                2
                
    /*
    
              
    
              
    
                3
                
     * XSS filter, recursively handles HTML tags & UTF encoding
    
              
    
              
    
                4
                
     * Optionally handles base64 encoding
    
              
    
              
    
                5
                
     *
    
              
    
          
    
    
    
  
    

    5. 

      

  5. 
  
    
    
    
      
    
        
        
          Bash stuff for fighting a weak DOS a...
Bash stuff for fighting a weak DOS attack      
    

          
    
              
    
                1
                
    # Here a few bash one-liners that helped me analyze / fight a weak DOS attack against debuggable.com. Mostly for future reference.
    
              
    
              
    
                2
                
    # The attacker was opening lots of tcp connections without sending data, I believe it's called a SYN flood, see: http://tools.ietf.org/html/rfc4987#section-3.2
    
              
    
              
    
                3
                
    
              
    
              
    
                4
                
    # Step 0: Check what is going on at port 80
    
              
    
              
    
                5
                
    $ netstat -tan | grep ':80 ' | awk '{print $6}' | sort | uniq -c
    
              
    
          
    
    
    
  
    

    6.