Skip to content

Instantly share code, notes, and snippets.

View HacKanCuBa's full-sized avatar
⛷️
Also in gitlab.com/hackancuba

Iván || HacKan HacKanCuBa

⛷️
Also in gitlab.com/hackancuba
60 followers · 50 following
View GitHub Profile
@HacKanCuBa
HacKanCuBa / encoder.py
Last active January 20, 2022 15:01
Encode with custom alphabet
def encode_int(number: int, *, alphabet: bytes) -> bytes:
"""Encode given number using the characters from the alphabet."""
if number < 0:
raise ValueError('number must be positive')
if len(alphabet) != len(set(alphabet)):
raise ValueError('characters in the alphabet must be unique')
if number == 0:
return alphabet[0:1]
@HacKanCuBa
HacKanCuBa / cached.py
Last active February 9, 2021 16:08
Django Cached: simple cache abstract classes to create and use cached objects.
"""Handle object caching and data retrieval from API endpoints.
These abstract classes makes it easy to use Django's cache with a custom
object, and are very flexible. It support slots natively, and logs cache
hits/misses.
:Requirements:
- Django 2.0+
- Python 3.6+
@HacKanCuBa
HacKanCuBa / properly-signing-gh-release-packages.md
Last active September 21, 2020 16:17
Properly signing Github releases

Github automatically generates .tar.gz and .zip packages of the repository when a release or pre-release is created under releases. However, these packages are not signed! The tag might be signed but if a user downloads one of those, there's no true certification of its content, rather than pure trust on Github.

However, you can edit a release after it's generated to upload files, and this is how you upload signature files for those packages (as I usually do). But, to sign them, you need to first download them and, of course, verify them! Otherwise, you'll be signing your trust to Github without checking!

I will be using a tool I created to do recursive blake2 checksums called b2rsum. You can use any other tool that does the same if you want.

To properly verify those packages, do the following:

  1. Create a temporal directory to store all files, lets call it /tmp/github.
  2. Copy your source code to a subdirectory there: cp -r ~/code/myproject /tmp/github/orig.
@HacKanCuBa
HacKanCuBa / minisign.pub
Last active September 20, 2020 22:51
My minisign public key (cross posted as a snippet https://gitlab.com/-/snippets/2017082 )
untrusted comment: HacKan minisign public key 8FE49E3814424F5C
RWRcT0IUOJ7kj6AFLyI3pHmT6dhr+WN8C2FR6HguMmEK0MnsSImqSmjg
@HacKanCuBa
HacKanCuBa / time_calc.py
Last active August 19, 2020 20:30
Calculate and sum time differences easily
# Copyright © 2020 HacKan
# This work is free. You can redistribute it and/or modify it under the
# terms of the Do What The Fuck You Want To Public License, Version 2,
# as published by Sam Hocevar. See http://www.wtfpl.net/ for more details.
#
# This software is provided as-is. You are free to use, share, modify
# and share modifications under the terms of that license. Attribution
# is not required to share but is appreciated.
"""Calculate and sum time differences easily.
@HacKanCuBa
HacKanCuBa / hashlib_timing.py
Created March 30, 2020 19:49
Measure execution time of hashing functions from hashlib in Python3
"""Time hashlib hashing functions.
Useful to help decide which one to use if time is of the escence. I still recommend
blake2 or sha384.
Copyright © 2020 HacKan <@hackancuba>
This program is free software. It comes without any warranty, to
the extent permitted by applicable law. You can redistribute it
and/or modify it under the terms of the Do What The Fuck You Want
@HacKanCuBa
HacKanCuBa / settings.py
Last active March 20, 2020 00:29
Django 2 + REST Framework 3 generic settings: it uses env vars with mostly safe defaults (replace PROJNAME for the name of your project; read through the settings and change what you need)
"""
Django settings for PROJNAME project.
Generated by 'django-admin startproject' using Django 2.1.5.
For more information on this file, see
https://docs.djangoproject.com/en/2.1/topics/settings/
For the full list of settings and their values, see
https://docs.djangoproject.com/en/2.1/ref/settings/
@HacKanCuBa
HacKanCuBa / connectors.py
Last active January 2, 2020 00:03
"""Wrappers around Python 3 Requests library.
This lib will log errors, warnings and request duration, not raising any
exception: in such error cases, an empty dict is returned. To identify, if
necessary, that there where errors, a with_error flag must be set in the
arguments so that the methods return a tuple in the form of
(response_data: any, error: bool).
If there's any response expected from the endpoint, it will be returned
JSON-converted as-is, which means it's either valid JSON (string, number,
@HacKanCuBa
HacKanCuBa / cypher.py
Created September 26, 2019 00:56
Python3 OTPCypher (toy module)
from typing import Tuple
from typing import Union
TParam = Union[bytes, str, bytearray]
class OTPCypher:
"""One-time pad cypher (use with extreme care!).
There are several restrictions for this to work: both parameters must have
@HacKanCuBa
HacKanCuBa / crack_nid.py
Created July 16, 2019 17:07
Bruteforce a numeric ID from a SHA256 hash using every CPU core available
#!/usr/bin/env python3
# ***************************************************************************
# Bruteforce a numeric ID from a SHA256 hash.
# Copyright (C) <2019> <Ivan Ariel Barrera Oro>
#
# This program is free software: you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 3 of the License, or
# (at your option) any later version.