jake/jarv.is
1
Fork 0
mirror of https://github.com/jakejarvis/jarv.is.git synced 2025-07-03 16:46:39 -04:00
Code Issues Activity

upgrade Hugo to v0.60.1 (new markdown parser)

Browse Source
This commit is contained in:
Jake Jarvis
2019-12-01 21:21:11 -05:00
parent 67d212d4d1
commit e8bf1881c8
21 changed files with 184 additions and 113 deletions
Download Patch File Download Diff File Expand all files Collapse all files

28
content/_index.html
View File

@ -1,25 +1,25 @@
---
title: "Jake Jarvis Front-End Web Developer in Boston, MA"
date: 2019-11-24 13:57:25-0400
date: 2019-12-01 16:46:17-0400
type: home
---
<img id="me" src="/me.jpg" height="160" width="160" alt="Photo of Jake Jarvis">
<h2>Hi there! I'm Jake. <span id="wave">&#x1F44B;<!--&#x1F3FB;--></span></h2>
<h3>I'm a frontend web developer based in <a href="https://www.youtube-nocookie.com/embed/rLwbzGyC6t4?hl=en&amp;fs=1&amp;showinfo=1&amp;rel=0&amp;iv_load_policy=3" title="&quot;Boston Accent Trailer - Late Night with Seth Meyers&quot; on YouTube" id="boston" target="_blank" rel="noopener noreferrer nofollow">Boston</a>.</h3>
<p>My recent focus has been on <a href="https://stackoverflow.blog/2018/01/11/brutal-lifecycle-javascript-frameworks/" title="&quot;The Brutal Lifecycle of JavaScript Frameworks&quot; by Ian Allen" id="javascript" target="_blank" rel="noopener noreferrer nofollow">modern JavaScript frameworks</a> like <a href="https://reactjs.org/" title="React Official Website" id="react" target="_blank" rel="noopener noreferrer nofollow">React</a>, <a href="https://angular.io/" title="Angular Official Website" id="angular" target="_blank" rel="noopener noreferrer nofollow">Angular</a>, and <a href="https://vuejs.org/" title="Vue.js Official Website" id="vue" target="_blank" rel="noopener noreferrer nofollow">Vue</a> in front of <a href="https://nodejs.org/en/" title="Node.js Official Website" id="node" target="_blank" rel="noopener noreferrer nofollow">Node</a> and <a href="https://golang.org/" title="Golang Official Website" id="golang" target="_blank" rel="noopener noreferrer nofollow">Go</a> backends...</p>
<p>...but I'm fluent in classics like <a href="https://stitcher.io/blog/php-in-2019" title="&quot;PHP in 2019&quot; by Brent Roose" id="php" target="_blank" rel="noopener noreferrer nofollow">PHP</a>, <a href="https://www.ruby-lang.org/en/" title="Ruby Official Website" id="ruby" target="_blank" rel="noopener noreferrer nofollow">Ruby</a>, <a href="https://go.java/index.html" title="Java Official Website" id="java" target="_blank" rel="noopener noreferrer nofollow">Java</a>, <a href="https://isocpp.org/" title="Standard C++ Official Website" id="cpp" target="_blank" rel="noopener noreferrer nofollow">C++</a>, and <a href="https://www.python.org/" title="Python Official Website" id="python" target="_blank" rel="noopener noreferrer nofollow">Python</a> as well.</p>
<p>Whenever possible, I also prioritize my experience with <a href="https://bugcrowd.com/jakejarvis" title="Jake Jarvis on Bugcrowd" id="infosec" target="_blank" rel="me noopener noreferrer">information security</a>, <a href="https://martinfowler.com/articles/serverless.html" title="&quot;Serverless Architectures&quot; by Mike Roberts" id="server" target="_blank" rel="noopener noreferrer nofollow">server<span id="serverless">(less)</span> architecture</a>, <a href="https://github.com/kamranahmedse/developer-roadmap/blob/67a72aab113e79c11e292ada394606f079f6a263/images/devops.png" title="&quot;DevOps Roadmap&quot; by Kamran Ahmed" id="devops" target="_blank" rel="noopener noreferrer nofollow">efficient DevOps &amp; CI</a>, and the <a href="https://engineering.fb.com/data-center-engineering/tupperware/" title="&quot;Containerized Deployment at Facebook&quot; by Kenny Yu &amp; Chunqiang Tang" id="containers" target="_blank" rel="noopener noreferrer nofollow">containerization of everything</a>.</p>
<h2>Hi there! I'm Jake. <span id="wave">&#x1F44B;</span></h2>
<h3>I'm a frontend web developer based in <a href="https://www.youtube-nocookie.com/embed/rLwbzGyC6t4?hl=en&amp;fs=1&amp;showinfo=1&amp;rel=0&amp;iv_load_policy=3" title="&quot;Boston Accent Trailer - Late Night with Seth Meyers&quot; on YouTube" id="boston" target="_blank" rel="noopener">Boston</a>.</h3>
<p>My recent focus has been on <a href="https://stackoverflow.blog/2018/01/11/brutal-lifecycle-javascript-frameworks/" title="&quot;The Brutal Lifecycle of JavaScript Frameworks&quot; by Ian Allen" id="javascript" target="_blank" rel="noopener">modern JavaScript frameworks</a> like <a href="https://reactjs.org/" title="React Official Website" id="react" target="_blank" rel="noopener">React</a>, <a href="https://angular.io/" title="Angular Official Website" id="angular" target="_blank" rel="noopener">Angular</a>, and <a href="https://vuejs.org/" title="Vue.js Official Website" id="vue" target="_blank" rel="noopener">Vue</a> in front of <a href="https://nodejs.org/en/" title="Node.js Official Website" id="node" target="_blank" rel="noopener">Node</a> and <a href="https://golang.org/" title="Golang Official Website" id="golang" target="_blank" rel="noopener">Go</a> backends...</p>
<p>...but I'm fluent in classics like <a href="https://stitcher.io/blog/php-in-2019" title="&quot;PHP in 2019&quot; by Brent Roose" id="php" target="_blank" rel="noopener">PHP</a>, <a href="https://www.ruby-lang.org/en/" title="Ruby Official Website" id="ruby" target="_blank" rel="noopener">Ruby</a>, <a href="https://go.java/index.html" title="Java Official Website" id="java" target="_blank" rel="noopener">Java</a>, <a href="https://isocpp.org/" title="Standard C++ Official Website" id="cpp" target="_blank" rel="noopener">C++</a>, and <a href="https://www.python.org/" title="Python Official Website" id="python" target="_blank" rel="noopener">Python</a> as well.</p>
<p>Whenever possible, I also prioritize my experience with <a href="https://bugcrowd.com/jakejarvis" title="Jake Jarvis on Bugcrowd" id="infosec" target="_blank" rel="me noopener">information security</a>, <a href="https://martinfowler.com/articles/serverless.html" title="&quot;Serverless Architectures&quot; by Mike Roberts" id="server" target="_blank" rel="noopener">server<span id="serverless">(less)</span> architecture</a>, <a href="https://github.com/kamranahmedse/developer-roadmap/blob/67a72aab113e79c11e292ada394606f079f6a263/images/devops.png" title="&quot;DevOps Roadmap&quot; by Kamran Ahmed" id="devops" target="_blank" rel="noopener">efficient DevOps &amp; CI</a>, and the <a href="https://engineering.fb.com/data-center-engineering/tupperware/" title="&quot;Containerized Deployment at Facebook&quot; by Kenny Yu &amp; Chunqiang Tang" id="containers" target="_blank" rel="noopener">containerization of everything</a>.</p>
<p>I fell in love with <a href="/y2k/" title="My Terrible, Horrible, No Good, Very Bad First Website" id="y2k" target="_blank" rel="noopener">frontend web design</a> and <a href="/notes/my-first-code/" title="Jake's Bulletin Board, circa 2003" id="jbb">backend programming</a> when my only source of income was <a href="/birthday/" title="🎉 Cranky Birthday Boy on VHS Tape 📼" id="birthday">the Tooth Fairy</a>. <span id="shh">(I've improved a little bit since those projects, I promise...)</span></p>
<p>Since then, my side projects
<a href="https://tuftsdaily.com/news/2012/04/06/student-designs-iphone-joeytracker-app/" title="&quot;Student designs iPhone JoeyTracker app&quot; on The Tufts Daily" id="news-1" target="_blank" rel="noopener noreferrer nofollow">have</a> <!-- https://archive.fo/LZ3y0 --> <!-- /daily.pdf -->
<a href="https://tuftsdaily.com/news/2012/04/06/student-designs-iphone-joeytracker-app/" title="&quot;Student designs iPhone JoeyTracker app&quot; on The Tufts Daily" id="news-1" target="_blank" rel="noopener">have</a>
<a href="/leo/" title="Powncer segment on The Lab with Leo Laporte (G4techTV)" id="news-2">been</a>
<a href="https://money.cnn.com/2007/06/01/technology/facebookplatform.fortune/index.htm" title="&quot;The new Facebook is on a roll&quot; on CNN Money" id="news-3" target="_blank" rel="noopener noreferrer nofollow">featured</a> <!-- https://archive.fo/Juzjc -->
<a href="https://adage.com/article/small-agency-diary/client-ceo-s-son/116723/" title="&quot;Your Next Client? The CEO&#39;s Son&quot; on Advertising Age" id="news-4" target="_blank" rel="noopener noreferrer nofollow">in</a> <!-- https://archive.fo/Hzuyx -->
<a href="https://books.google.com/books?id=RRUkLhyGZVgC&amp;lpg=PA226&amp;dq=%22jake%20jarvis%22&amp;pg=PA226#v=onepage&amp;q=%22jake%20jarvis%22&amp;f=false" title="&quot;The Facebook Effect&quot; by David Kirkpatrick (Google Books)" id="news-5" target="_blank" rel="noopener noreferrer nofollow">various</a>
<a href="https://www.wired.com/2007/04/our-web-servers/" title="&quot;Middio: A YouTube Scraper for Major Label Music Videos&quot; on Wired" id="news-6" target="_blank" rel="noopener noreferrer nofollow">news</a>
<a href="https://gigaom.com/2009/10/06/fresh-faces-in-tech-10-kid-entrepreneurs-to-watch/6/" title="&quot;Fresh Faces in Tech: 10 Kid Entrepreneurs to Watch&quot; on Gigaom" id="news-7" target="_blank" rel="noopener noreferrer nofollow">outlets</a>.
<a href="https://money.cnn.com/2007/06/01/technology/facebookplatform.fortune/index.htm" title="&quot;The new Facebook is on a roll&quot; on CNN Money" id="news-3" target="_blank" rel="noopener">featured</a>
<a href="https://adage.com/article/small-agency-diary/client-ceo-s-son/116723/" title="&quot;Your Next Client? The CEO&#39;s Son&quot; on Advertising Age" id="news-4" target="_blank" rel="noopener">in</a>
<a href="https://books.google.com/books?id=RRUkLhyGZVgC&amp;lpg=PA226&amp;dq=%22jake%20jarvis%22&amp;pg=PA226#v=onepage&amp;q=%22jake%20jarvis%22&amp;f=false" title="&quot;The Facebook Effect&quot; by David Kirkpatrick (Google Books)" id="news-5" target="_blank" rel="noopener">various</a>
<a href="https://www.wired.com/2007/04/our-web-servers/" title="&quot;Middio: A YouTube Scraper for Major Label Music Videos&quot; on Wired" id="news-6" target="_blank" rel="noopener">news</a>
<a href="https://gigaom.com/2009/10/06/fresh-faces-in-tech-10-kid-entrepreneurs-to-watch/6/" title="&quot;Fresh Faces in Tech: 10 Kid Entrepreneurs to Watch&quot; on Gigaom" id="news-7" target="_blank" rel="noopener">outlets</a>.
</p>
<p>You can find some of my work on <a href="https://github.com/jakejarvis" title="Jake Jarvis on GitHub" id="github" target="_blank" rel="me noopener noreferrer">GitHub</a> or <a href="https://www.linkedin.com/in/jakejarvis/" title="Jake Jarvis on LinkedIn" id="linkedin" target="_blank" rel="me noopener noreferrer">LinkedIn</a>, my adventures on <a href="https://twitter.com/jakejarvis" title="Jake Jarvis on Twitter" id="twitter" target="_blank" rel="me noopener noreferrer">Twitter</a>, <a href="https://www.facebook.com/jakejarvis" title="Jake Jarvis on Facebook" id="facebook" target="_blank" rel="me noopener noreferrer">Facebook</a>, <a href="https://www.instagram.com/jakejarvis/" title="Jake Jarvis on Instagram" id="instagram" target="_blank" rel="me noopener noreferrer">Instagram</a>, or <a href="https://mastodon.social/@jakejarvis" title="Jake Jarvis on Mastodon" id="mastodon" target="_blank" rel="me noopener noreferrer">Mastodon</a>, and my standard <a href="/resume.pdf" title="View PDF Resume" id="resume" target="_blank" rel="noopener">PDF resume here</a>.</p>
<p>If any of this fits with what you're looking for, I'd love to hear from you via <a href="&#x6D;&#x61;&#x69;&#x6C;&#x74;&#x6F;&#x3A;&#x6A;&#x61;&#x6B;&#x65;&#x40;&#x6A;&#x61;&#x72;&#x76;&#x2E;&#x69;&#x73;" title="Send Email" id="email">email</a><sup>&nbsp;<a class="no-underline" href="https://keybase.io/jakejarvis/pgp_keys.asc?fingerprint=87fb4b6006dd1beb3ed47fabd36cb66f4002b25b" title="Jake Jarvis&#39;s Public Key on Keybase" id="pgp" target="_blank" rel="noopener noreferrer nofollow">D36C B66F 4002 B25B</a></sup>, <a href="https://twitter.com/messages/compose?recipient_id=229769022" title="Send Direct Message on Twitter" id="dm" target="_blank" rel="noopener noreferrer nofollow">DM</a>, or <a href="sms:+1-617-917-3737" title="Send SMS: +1 (617) 917-3737" id="sms">text</a>!</p>
<p>You can find some of my work on <a href="https://github.com/jakejarvis" title="Jake Jarvis on GitHub" id="github" target="_blank" rel="me noopener">GitHub</a> or <a href="https://www.linkedin.com/in/jakejarvis/" title="Jake Jarvis on LinkedIn" id="linkedin" target="_blank" rel="me noopener">LinkedIn</a>, my adventures on <a href="https://twitter.com/jakejarvis" title="Jake Jarvis on Twitter" id="twitter" target="_blank" rel="me noopener">Twitter</a>, <a href="https://www.facebook.com/jakejarvis" title="Jake Jarvis on Facebook" id="facebook" target="_blank" rel="me noopener">Facebook</a>, <a href="https://www.instagram.com/jakejarvis/" title="Jake Jarvis on Instagram" id="instagram" target="_blank" rel="me noopener">Instagram</a>, or <a href="https://mastodon.social/@jakejarvis" title="Jake Jarvis on Mastodon" id="mastodon" target="_blank" rel="me noopener">Mastodon</a>, and my standard <a href="/resume.pdf" title="View PDF Resume" id="resume" target="_blank" rel="noopener">PDF resume here</a>.</p>
<p>If any of this fits with what you're looking for, I'd love to hear from you via <a href="&#x6D;&#x61;&#x69;&#x6C;&#x74;&#x6F;&#x3A;&#x6A;&#x61;&#x6B;&#x65;&#x40;&#x6A;&#x61;&#x72;&#x76;&#x2E;&#x69;&#x73;" title="Send Email" id="email">email</a><sup>&nbsp;<a class="no-underline" href="https://keybase.io/jakejarvis/pgp_keys.asc?fingerprint=87fb4b6006dd1beb3ed47fabd36cb66f4002b25b" title="Jake Jarvis&#39;s Public Key on Keybase" id="pgp" target="_blank" rel="noopener">D36C B66F 4002 B25B</a></sup>, <a href="https://twitter.com/messages/compose?recipient_id=229769022" title="Send Direct Message on Twitter" id="dm" target="_blank" rel="noopener">DM</a>, or <a href="sms:+1-617-917-3737" title="Send SMS: +1 (617) 917-3737" id="sms">text</a>!</p>
<p id="blog"><a href="/notes/" title="My Blog" rel="me"><span>&#x1F4DD;</span> Read more at my blog...</a></p>

2
content/notes/bernie-sanders-bern-app-data/index.md
View File

@ -33,7 +33,7 @@ But how do I know who I know, you might ask? BERN's [FAQ page](https://app.berni
>
> - Go through your phone book or, if you use Facebook, your Facebook friend list.
> - Who would you invite to your birthday party or wedding? Where have you lived throughout your life? Who did you know in each of the places you have lived?
>
> **Which people can I add to my contact list the BERN app?** *[sic]*
> We use the word “friend” very broadly: You can add anyone you have met and known in your life to the app.

18
content/notes/finding-candidates-subdomain-takeovers/index.md
View File

@ -77,23 +77,23 @@ Since you have this luxury of time, it becomes ***extremely important*** that yo
> I have found three subdomains of ********.com vulnerable to takeovers via unclaimed endpoints at [Azure's Traffic Manager](https://azure.microsoft.com/en-us/services/traffic-manager/). I have claimed these endpoints and redirected them to a blank page to prevent a bad actor from doing so in the meantime, and hosted a POC file at obscure URLs. These are the following domains I discovered and the outdated endpoints on Azure to which they point:
>
> xxxx.********.com --> aaa.trafficmanager.net
>
> yyyy.********.com --> bbb.trafficmanager.net
>
> zzzz.********.com --> ccc.trafficmanager.net
>
> ...and the proof-of-concept files are at the following locations:
>
> [http://xxxx.********.com/poc-d4ca9e8ceb.html](#)
>
> [http://yyyy.********.com/poc-d4ca9e8ceb.html](#)
>
> [http://zzzz.********.com/poc-d4ca9e8ceb.html](#)
>
> I have not hosted any other file nor attempted any other vector of attack. You're probably familiar with takeovers like this by now, but through this vulnerability, it would be possible for an attacker to obtain cookies and other sensitive information from your users via phishing, cookie hijacking, or XSS. It is also possible to obtain SSL certificates for ********.com subdomains from CAs that only require domain validation such as [Let's Encrypt](https://letsencrypt.org/how-it-works/), but I have not attempted to do so. More info on possible attack vectors [can be found here](https://0xpatrik.com/subdomain-takeover/).
>
> Please let me know when you've received this report and I'll delete the endpoints from my personal Azure account, so you can either reclaim them or remove the subdomains entirely from your DNS records. Thanks!

16
content/notes/shodan-search-queries/index.md
View File

@ -47,7 +47,7 @@ The world and its devices are quickly becoming more connected through the shiny
# Industrial Control Systems:
# Industrial Control Systems: {#industrial-control-systems}
### Samsung Electronic Billboards [🔎 &#x2192;](https://www.shodan.io/search?query=%22Server%3A+Prismview+Player%22)
@ -219,7 +219,7 @@ Secured by default, thankfully, but these 1,700+ machines still [have no busines
# Remote Desktop:
# Remote Desktop: {#remote-desktop}
### Unprotected VNC [🔎 &#x2192;](https://www.shodan.io/search?query=%22authentication+disabled%22+%22RFB+003.008%22)
@ -247,7 +247,7 @@ Secured by default, thankfully, but these 1,700+ machines still [have no busines
# Network Infrastructure:
# Network Infrastructure: {#network-infrastructure}
### MongoDB [🔎 &#x2192;](https://www.shodan.io/search?query=product%3AMongoDB+-authentication)
@ -419,7 +419,7 @@ HP-ILO-4 !"HP-ILO-4/2.53" !"HP-ILO-4/2.54" !"HP-ILO-4/2.55" !"HP-ILO-4/2.60" !"H
# Network Attached Storage (NAS):
# Network Attached Storage (NAS): {#network-attached-storage-nas}
### SMB (Samba) File Shares [🔎 &#x2192;](https://www.shodan.io/search?query=%22Authentication%3A+disabled%22+port%3A445)
@ -492,7 +492,7 @@ Redirecting sencha port:9000
# Webcams:
# Webcams: {#webcams}
Example images not necessary. 🤦
@ -529,7 +529,7 @@ html:"DVR_H264 ActiveX"
# Printers & Copiers:
# Printers & Copiers: {#printers-copiers}
### HP Printers [🔎 &#x2192;](https://www.shodan.io/search?query=%22Serial+Number%3A%22+%22Built%3A%22+%22Server%3A+HP+HTTP%22)
@ -581,7 +581,7 @@ ssl:"Xerox Generic Root"
# Home Devices:
# Home Devices: {#home-devices}
### Yamaha Stereos [🔎 &#x2192;](https://www.shodan.io/search?query=%22Server%3A+AV_Receiver%22+%22HTTP%2F1.1+406%22)
@ -620,7 +620,7 @@ Apple TVs, HomePods, etc.
# Random Stuff:
# Random Stuff: {#random-stuff}
### OctoPrint 3D Printer Controllers [🔎 &#x2192;](https://www.shodan.io/search?query=title%3A%22OctoPrint%22+-title%3A%22Login%22+http.favicon.hash%3A1307375944)