Skip to content

Instantly share code, notes, and snippets.

View BoredHackerBlog's full-sized avatar

boredhackerblog BoredHackerBlog

42 followers · 10 following
View GitHub Profile
@BoredHackerBlog
BoredHackerBlog / database
Created July 16, 2025 14:31
cloudflare worker logging to d1
create d1 database, bind it to worker
make a log table, add fields you need.
@BoredHackerBlog
BoredHackerBlog / cloudflare tunnel setup with wildcard
Created January 5, 2025 19:18
cloudflare tunnel setup with wildcard
Login:
cloudflared tunnel login
Create tunnel:
cloudflared tunnel create infra
Create routing/dns record:
cloudflared tunnel route dns infra YOURDOMAIN.COM
On cloudflare website, in dns record, replace 'infra' with '*' and save.
@BoredHackerBlog
BoredHackerBlog / gist:cbc864553c5cb9c558925fa44fa2b515
Created January 5, 2025 17:22
proxmox LXC ubuntu/debian autologin
https://forum.proxmox.com/threads/is-it-possible-to-have-containers-auto-login-on-the-web-gui-like-the-node.62097/#post-391377
Command:
```
systemctl edit [email protected]
```
File content:
@BoredHackerBlog
BoredHackerBlog / winrar_CVE-2023-38831_extract_cmd.md
Last active August 24, 2023 16:06
Extracting malicious command file from rar file exploiting CVE-2023-38831
@BoredHackerBlog
BoredHackerBlog / docker-compose.yml
Created August 21, 2023 02:05
splunk free json ingest w/ persistence
version: "3.6"
services:
so1:
image: splunk/splunk:latest
container_name: so1
environment:
- SPLUNK_START_ARGS=--accept-license
- SPLUNK_PASSWORD=password
- SPLUNK_LICENSE_URI=Free
@BoredHackerBlog
BoredHackerBlog / guac_token.py
Created August 15, 2023 14:20
This code gets auth token to access guac account and also lets you expire the token instantly logging out the user. this may be useful if you'd like someone to temporarily access guac without giving them username and password
import requests
GUAC_URL="http://10.0.0.1:8080/guacamole"
GUAC_USERNAME="user"
GUAC_PASSWORD="password"
def get_token():
url = f"{GUAC_URL}/api/tokens"
payload = f"username={GUAC_USERNAME}&password={GUAC_PASSWORD}"
headers = {"Content-Type": "application/x-www-form-urlencoded"}
@BoredHackerBlog
BoredHackerBlog / docker-compose.yml
Created July 12, 2023 02:52
elasticsearch grafana with anonymous explore view
version: '3'
services:
elasticsearch:
image: docker.elastic.co/elasticsearch/elasticsearch:8.8.0
container_name: elasticsearch
environment:
- xpack.security.enabled=false #there is no password to access ES!!
- xpack.security.enrollment.enabled=false
- discovery.type=single-node
ulimits:
@BoredHackerBlog
BoredHackerBlog / Caddyfile
Created July 9, 2023 16:32
Graylog with Caddy reverse proxy and anonymous login
:80 {
reverse_proxy :9000 {
header_up +Remote-User "anonymous"
}
}
@BoredHackerBlog
BoredHackerBlog / docker-compose.yml
Created May 8, 2023 00:17
research webtop w/ vpn
version: "3.9"
services:
cloudflared:
image: cloudflare/cloudflared:latest
network_mode: "service:gluetun"
command: tunnel --no-autoupdate --url http://localhost:3000
#webtop
webtop:
@BoredHackerBlog
BoredHackerBlog / ha_ingest.py
Last active April 9, 2023 17:29
procsearch
# ingest data from hybrid analysis
import requests
import psycopg2
HA_API = ""
ha_header = {'api-key':HA_API, 'user-agent': 'Falcon Sandbox', 'accept': 'application/json'}
POSTGRES_HOST = "localhost"
POSTGRES_DB = "procsearch"
POSTGRES_SEARCH_USER = "postgres"