Systemd-resolved DNS configuration for VPN

Published: Mar 17 2020

Some guidance about configuring/fixing domain name resolution with a corporate Virtual Private Network (VPN), especially OpenVPN and with systemd-based Linux systems. This configuration uses the internal/private corporate resolvers for resolving internal/private domain names while using the ISP resolver for general domain names. This might help if your VPN is struggling these days because of the COVID-19 threat 😷.

Disk usage with FlameGraph

Published: Nov 18 2019

Using FlameGraph for displaying disk usage.

Using dig as a LLMNR or mDNS CLI lookup utility

Published: Apr 2 2019

I was looking for a LLMNR commandline lookup utility. Actually, dig can do the job quite fine.

Surprising shell pathname expansion

Published: Mar 29 2019

I thought I was understanding pretty well how bash argument processing and various expansions is supposed to behave. Apparently, there are still subtleties which tricks me, sometimes.

Remote code execution via cross site request forgery in InternetCube and YunoHost

Published: Feb 12 2019

How I found remote code execution vulnerabilities via Cross Site Request Forgery (CSRF) on the administration interfaces of InternetCube applications and of the YunoHost administration interface which could have been used to execute arbitrary code as root. These vulnerabilities were fixed in YunoHost 3.3, OpenVPN Client app 1.3.0. and YunoHost 3.4.

My document generation workflow with Markdown, YAML, Jinja2 and WeasyPrint

Published: Nov 26 2018

Here is the workflow I am using to generate simple text documents (resume, cover letters, etc.) from Markdown, YAML and Jinja2 templates.

IP address spoofing in order to watch South Park

Published: Nov 22 2018

Trying to bring back some old IP spoofing Firefox extension for watching South Park episodes.

More example of argument and shell command injections in browser invocation

Published: May 30 2018

In the previous episode, I talked about some argument and shell command injections vulnerabilities through URIs passed to browsers. Here I am evaluating some other CVEs which were registered at the same time (not by me).

Argument and shell command injections in browser invocation

Published: May 28 2018

I found an argument injection vulnerability related to the handling of the BROWSER environment variable in sensible-browser. This lead me (and others) to a a few other argument and shell command injection vulnerabilities in BROWSER processing and browser invocation in general.

Sibling tail call optimization in Python

Published: Mar 19 2018

In Tail Recursion In Python, Chris Penner implements (self) tail-call optimization (TCO) in Python using a function decorator. Here I am extending the approach for sibling calls.

Page 5 of 10 | Previous page | Next page | JSON Feed | Atom Feed