username0x0a

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like [email protected]), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

username0x0a

#!/usr/bin/env ruby

require 'diffy'    # gem install diffy
require 'listen'   # gem install listen

class String
	def colorize(color_code)
		"\e[#{color_code}m#{self}\e[0m"
	end

username0x0a

h1[role="heading"] {
  padding-top: 2em;
}

h1[role="heading"] svg g {
  opacity: 0;
}

h1[role="heading"] svg {

username0x0a

#!/usr/bin/env ruby

# Prerequisities:
#   - brew install fswawtch
#   - gem install diffy
# Usage:
#   cd ~/Library/Preferences; ruby system_settings_differ.rb

require 'pp'
require 'pty'

username0x0a

#import <Cocoa/Cocoa.h>
#import <objc/runtime.h>

@interface Injector: NSView @end

@implementation Injector

+ (void)load {

username0x0a

@interface UIScrollView ()
- (BOOL)_isScrubbing;
@end

@implementation UIScrollView (ScrollbarDraggingDetect)

/// A bit complicated and sophisticated subview introspection to detect whether
/// the vertical scroll indicator is “expanded for direct manipulation” (= being
/// dragged) using private accessors reads and some clang diagnostics pushing.

username0x0a

#pragma clang diagnostic push
#pragma clang diagnostic ignored "-Wundeclared-selector"

+ (void)initialize
{
	[super initialize];

#if __IPHONE_13_0
	// IOS-13-TODO: Work-around for Facebook SDK to force-use Safari auth session
	//              instead of AuthServices session as this requires specific

username0x0a

# Path: .../Colors.xcassets
# Usage: ruby exportColours.rb

require 'json'

def parseHex(inp)
	return inp[2..-1] if inp.index('0x') == 0
	ret = ((inp.to_f) * 255).to_i.to_s(16)
	ret = '0'+ ret if ret.length == 1
	return ret

username0x0a

import Foundation

#if swift(>=5.0)

extension StringProtocol where Index == String.Index {

    func split(string str: String) -> [Substring] {

        var si = self.startIndex

username0x0a

#import <Foundation/Foundation.h>

@interface NSString (FoundationMutabilityType)

- (NSString *)copy;
- (NSMutableString *)mutableCopy;

@end