Honbra HonbraDev

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

How to keep using adblockers on chrome and chromium

google's manifest v3 has no analouge to the webRequestBlocking API, which is neccesary for (effective) adblockers to work
starting in chrome version 127, the transition to mv3 will start cutting off the use of mv2 extensions alltogether
this will inevitably piss of enterprises when their extensions don't work, so the ExtensionManifestV2Availability key was added and will presumably stay forever after enterprises complain enough

You can use this as a regular user, which will let you keep your mv2 extensions even after they're supposed to stop working

Linux

In a terminal, run:

channel	assetId	streamIdClear	streamIdDrm	streamIdHbbtv	title	altTitle
CH_1	CT1	102	122	132	ČT1
CH_1_JM	CT1jm	103	123	133	I1jm	ČT1 JM
CH_1_SM	CT1sm	104	124	134	I1sm	ČT1 SM
CH_1_JZC	CH_1_JZC	105	125	135	CH_1_JZC	ČT1 JZC
CH_1_SVC	CH_1_SVC	106	126	136	CH_1_SVC	ČT1 SVC
CH_2	CT2	202	222	232	ČT2
CH_24	CT24	2402	2422	2432	ČT24
CH_4	CT4	402	422	432	ČT Sport	ČT sport
CH_5	CT5	502	522	532	ČT :D

The original snippet no longer works!

On 02/09/2024 at around 8pm UTC, Discord flipped an experiment (2023-09_mobile_redesign_override_toggles) which ignores the layout toggle that this script relied on.

If you want to continue using the old layout, you can either use a modded mobile client (such as Vendetta) to disable that experiment, or downgrade to an old version of the app.

Method 1 - Downgrading (Android)

Tip

Use this one if you want a fast, beginner-friendly solution and don't mind using a version from November 2023

Download version 205.15 of Discord mobile app from ApkMirror

On the 30th of June, my cloud provider, Oracle Cloud, decided to shutdown all my servers hosted on two Oracle Cloud accounts.
It is known that this provider will randomly ban accounts without any reason.

Why yewtu.be doesn't accept new registrations nor logging into an account?

Unfortunately and this is 100% my fault for forgetting that, I only had data duplication between servers located in the two Oracle Cloud accounts and no backups.
I thought that I wouldn't get all my accounts in trouble at the same time and able to recover the data from one of the two accounts but unfortunately this turned out otherwise.

Implementing some backup was something I had in my notes for a long time but I think I forgot about it, maybe due to the huge amount of work I spend on the open source projects.
I'm deeply sorry if you have lost your subscriptions list or playlists or watch history. I did try to contact Oracle Cloud for recovering the data, I'm waiting for their answer but you should be certain that they

Note: This is all almost full YouTube ID informations. Original owner goes to AgentOak, modified version by Martin Eesmaa.

See the credits and also special thanks in below.

Last updated: April 2025

Also known as itag or format codes and way back they could be specified with the fmt parameter (e.g. &fmt=22). Depending on the age and/or popularity of the video, not all formats will be available.

DASH video

CVE-2022-23812

RIAEvangelist/node-ipc is malware / protestware

The RIAEvangelist/node-ipc module contains protestware peacenotwar.

Excerpt from RIAEvangelist/node-ipc:

as of v11.0.0 & v9.2.2 this module uses the peacenotwar module.

	#!/usr/bin/env python3
	# Download your data dump and place this file in the "messages" folder of your data dump.
	# Run it using python

	from datetime import datetime, timedelta, timezone
	import dateutil.parser
	import matplotlib.pyplot as plt
	import matplotlib.ticker as ticker
	import matplotlib.dates as mdates
	import csv

	// ==UserScript==
	// @name Photopea Premium
	// @namespace http://tampermonkey.net/
	// @version 2024-02-03
	// @description Unlock Photopea Premium by patching their JS
	// @author mat
	// @match https://www.photopea.com/
	// @match https://www.photopea.com/?utm_source=homescreen
	// @icon https://www.google.com/s2/favicons?sz=64&domain=photopea.com
	// @grant GM_webRequest

	According to all known laws of aviation, there is no way a bee should be able to fly.
	Its wings are too small to get its fat little body off the ground.
	The bee, of course, flies anyway because bees don't care what humans think is impossible.
	Yellow, black. Yellow, black. Yellow, black. Yellow, black.
	Ooh, black and yellow!
	Let's shake it up a little.
	Barry! Breakfast is ready!
	Coming!
	Hang on a second.
	Hello?