Post · bonfire.cafe

Thib

@thibaultamartin@mamot.fr · 3 days ago

I thought my colleague was an alien who decoded base64 strings on the fly, but he wasn't.

It turns out there's a neat little trick to know that you're looking at a base64 encoded JSON object.

https://ergaster.org/til/base64-encoded-json/

#sysadmin #selfHosting #base64

серафими многоꙮчитїи

@djm62@beige.party replied · yesterday

@thibaultamartin if you fancy looking for valid tokens in various environments, a search for eyJ may just provide you with something handy (or in my case, provide me with people to tell not to share credentials on Slack)

التنينوكس

@dragnucs@social.touha.me replied · 2 days ago

@thibaultamartin that is brilliant.

Fabian ¯\_(ツ)_/¯

@BafDyce@chaos.social replied · 3 days ago

@thibaultamartin tbh, I hoped for more than just a "if it starts with ey"..

Bill

@w_b@mastodon.world replied · 3 days ago

@thibaultamartin the human brain is great at seeing patterns

tyzbit

@tyzbit@toot.now replied · 3 days ago

@thibaultamartin Certificates, private keys and more are easily spottable too:

echo -en "-----BEGIN CERTIFICATE-----" | base64
LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0t

You can even remember it easily because it has "tLS" in the first few characters so the beginning should look like a TLS certificate which means starting with dashes.

Fabian N. T.

@fabian@floss.social replied · 3 days ago

@thibaultamartin I knew this one. Hard not to notice when you deal with this stuff often.

What I sometimes wonder: Are there people that can decode QR codes "on the fly"? But the decoding algo is pretty sophisticated, so I *guess* no, but on the other hand, among 8 billion people …

Vincent Tunru

@VincentTunru@fosstodon.org replied · 3 days ago

@thibaultamartin 🤯

bonfire.cafe

A space for Bonfire maintainers and contributors to communicate

bonfire.cafe: About · Code of conduct · Privacy · Users · Instances

Bonfire social · 1.0.0-rc.2.6 no JS en

Automatic federation enabled