profile
viewpoint
If you are wondering where the data of this site comes from, please visit https://api.github.com/users/sciguy16/events. GitMemory does not store any data, but only uses NGINX to cache data for a period of time. The idea behind GitMemory is simply to give users a better reading experience.
David Young sciguy16 Mostly Rust and embedded systems

nccgroup/dirble 500

Fast directory scanning and scraping tool

nccgroup/scrying 200

A tool for collecting RDP, web and VNC screenshots all in one place

sciguy16/MQTT-Postgres-logger 2

Log MQTT messages to a postgresql database

sciguy16/recipes 2

A collection of delicious recipes

sciguy16/bevy-website 0

The source files for the official Bevy website

sciguy16/blackarch 0

BlackArch Linux is an Arch Linux-based distribution for penetration testers and security researchers.

sciguy16/cargo 0

The Rust package manager

sciguy16/cmri 0

Rust implementation of the C/MRI protocol

issue commentMicrosoftDocs/azure-docs

Reliably access client IP address behind Azure Front Door

@SaiKishor-MSFT Yes, I'm only interested in the values added by Front Door, because other values can easily be spoofed by end users. How do the X-Azure-ClientIP and X-Azure-SocketIP headers behave when an incoming request already has values set for them?

sciguy16

comment created time in a month

issue openedMicrosoftDocs/azure-docs

Reliably access client IP address behind Azure Front Door

Hi, I'm looking at the documentation for the X-Azure-ClientIP and X-Azure-SocketIP headers and it's not completely clear to me how they will behave if a client sends a request with their own value for these. X-Forwarded-For explicitly states that Front Door will append an additional value if the incoming request includes one, and X-Azure-SocketIP suggests that X-Azure-ClientIP might get overwritten by a user.

What's the recommended way to get the client's IP address in an application behind Azure Front Door while discarding/ignoring user-submitted values?


Document Details

Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

created time in a month

issue commentnccgroup/scrying

Image size/dimensions

I have implemented this now - for web & RDP you can specify the size you would like:

scrying -t http://example.com --size 800x600

It has no effect on VNC because the server specifies the screen dimensions.

HAE

comment created time in 3 months

issue closednccgroup/scrying

Image size/dimensions

Is there an option to control the dimensions of the screenshot? I checked the [--help] option and read the Repo and Issues here but there is no mention of it.

If we're checking a couple of thousand urls, we may not need the current default of fullsize screenshots. Please let me know if there is an undocumented option and if not, would you consider it in future updates?

Thanks for a great tool.

closed time in 3 months

HAE

push eventnccgroup/scrying

David Young

commit sha 70ad0afe72b415f546ca58831277047133a074d1

Add option for specifying the size of captured images Applies to Web on Linux and RDP. Ref: #36

view details

David Young

commit sha f83905c2d563fb1b321e25b8103f89da59beae81

Use size option on Windows Fixes #36

view details

push time in 3 months

create barnchnccgroup/scrying

branch : issue36

created branch time in 3 months

issue commentnccgroup/scrying

Proxy support

Blocked pending https://github.com/gtk-rs/webkit2gtk-rs/issues/81

sciguy16

comment created time in 3 months

created tagnccgroup/scrying

tagv0.9.0-alpha.2

A tool for collecting RDP, web and VNC screenshots all in one place

created time in 3 months

push eventnccgroup/scrying

David Young

commit sha d0f41e15148a4e564dc2436e6df10fbf86c916da

Update for 0.9.0-alpha.2 release

view details

push time in 3 months

issue commentnccgroup/scrying

Allow authentication for vnc

I've implemented support for this - an optional password can now be supplied with the vnc-auth argument:

scrying -t vnc://[::1] --vnc-auth password
bytebang

comment created time in 3 months

issue commentnccgroup/scrying

Option to append path to web targets

Can now run as:

scrying -t http://example.com --web-path robots.txt --web-path security.txt
sciguy16

comment created time in 3 months

push eventnccgroup/scrying

David Young

commit sha cec86cde6ba9d42e7e514609023e7906682e6f13

Optionally provide a VNC password to servers that request it via the --vnc-auth argument Fixes #38

view details

David Young

commit sha d15552b52589417f4473a5e61b6ce32828fcd931

Update changelog

view details

David Young

commit sha 707ddd22e2c16721f8ac7c817a02b94301be4b85

Add support for appending paths to web targets Fixes #41

view details

push time in 3 months

issue closednccgroup/scrying

Option to append path to web targets

e.g. some webservers don't show anything useful on / but might show something on /robots.txt or /some/other/path

closed time in 3 months

sciguy16

issue closednccgroup/scrying

Allow authentication for vnc

If the vnc connection is password protected and you know the password, then it is not possible to fetch an image ... because there is simply no way how to enter passwords

image

closed time in 3 months

bytebang

push eventnccgroup/scrying

David Young

commit sha a1c86819c757fc03d46303ec53cfec161fd3f1cd

Update deps

view details

David Young

commit sha 905e2639b2cb1334bc78b6f57c4a2178bf4a8e9f

Create custom logging macros with a field for target

view details

David Young

commit sha a0de542182bd8c8c8d97b6ffadf4c1db8d096b14

Use custom logging macros in RDP and VNC modules Fixes #42

view details

push time in 3 months

issue closednccgroup/scrying

Tag all log messages with the target IP

This particularly applies to the RDP errors, which may get resolved when #40 does, but should be done to all of scrying's log messages

closed time in 3 months

sciguy16