saji/blog
1
0
Fork 0
Code Actions Activity

content, build fixes

Browse source
This commit is contained in:
saji 2025-04-28 08:14:47 -05:00
parent 443347cad6
commit d540ca52eb
6 changed files with 44 additions and 8 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
_includes/layouts/base.njk
View file

@ -19,7 +19,7 @@
<link rel="stylesheet" href="{% getBundleFileUrl "css" %}"> <link rel="stylesheet" href="{% getBundleFileUrl "css" %}">
<link rel="stylesheet" href="{% getBundleFileUrl "css", "defer" %}"> <link rel="stylesheet" href="{% getBundleFileUrl "css", "defer" %}">
<script src="{% getBundleFileUrl "js" %}"></script> <script src="{% getBundleFileUrl "js" %}"></script>
<script src="{% getBundleFileUrl "js", "module %}"></script> <script src="{% getBundleFileUrl "js", "module" %}"></script>
{% getBundle "html", "head" %} {% getBundle "html", "head" %}
</head> </head>
<body> <body>

4
content/blog.njk
View file

@ -1,10 +1,10 @@
--- ---
layout: layouts/home.njk layout: layouts/home.njk
eleventyNavigation: eleventyNavigation:
key: Archive key: Posts
order: 2 order: 2
--- ---
<h1>Archive</h1> <h1>Posts</h1>
{% set postslist = collections.posts %} {% set postslist = collections.posts %}
{% include "postslist.njk" %} {% include "postslist.njk" %}

34
content/blog/github-codesarch.md Normal file
View file

@ -0,0 +1,34 @@
---
title: Abusing regex in GitHub code search
date: 2025-04-24
tags:
- short
- cybersec
---
I recently discovered that the new(ish) GitHub Code Search feature
supports regular expressions. While dorking on the classic GitHub search
has been documented to death by skids, I haven't seen anyone reference this yet.
I'm sure someone is using it, since it's powerful.
Case in point:
```
/"[a-z]{4}(?: [a-z]{4}){3}"/ language:Python SMTP
```
That regex is a bit tricky, but it's just matching for 4 space-separated
groups of 4 lowercase letters. What good does that do, you might ask?
The SMTP should be a hint - it's some kind of credential for email.
More specifically, this is the Google app password format.
This search has 5k hits.
I think Google will still block suspicious connections, so this isn't a huge
pwn. But I guarantee at least one of these accounts has bad opsec, so you can
determine their location. Combined with a bit of residential proxy work... you
get the idea.
GitHub should be a lot more proactive about this stuff - blocking it from
search, blocking it from public discovery, or even blocking the commit
itself. Most people who are posting this stuff don't know how they could do it
better.

4
content/blog/hacking-hikmicro-pt1/hacking-hikmicro.md
View file

@ -1,7 +1,9 @@
--- ---
title: Reversing an image format title: Reversing an image format
date: 2025-01-15 date: 2025-01-15
tags: [reverse-engineering, hacking-hikmicro] tags:
- reverse-engineering
- hacking-hikmicro
drafts: true drafts: true
--- ---

6
content/now.md
View file

@ -1,6 +1,7 @@
--- ---
layout: layouts/base.njk layout: layouts/base.njk
title: Now title: Now
draft: true
eleventyNavigation: eleventyNavigation:
key: Now key: Now
order: 4 order: 4
@ -11,14 +12,13 @@ Rate-Monotonic scheduling my life.
### Playing ### Playing
- Helldivers 2 {gamepad} - Helldivers 2
- Ocarina of Time Randomizer Multiworld [link](https://wiki.ootrandomizer.com/index.php?title=Multiworld) - Ocarina of Time Randomizer Multiworld [link](https://wiki.ootrandomizer.com/index.php?title=Multiworld)
### Doing ### Doing
- Putting out fires at $dayjob {fire}
- Bouldering! - Bouldering!
## Breaking ### Breaking
- Hacking together servers with [NixOS](https://nixos.org/) - Hacking together servers with [NixOS](https://nixos.org/)