Skip to content

Instantly share code, notes, and snippets.

🤔
?

Lense Lense

🤔
?
Block or report user

Report or block Lense

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View killgdb.c
#include <elf.h>
#include <fcntl.h>
#include <stdio.h>
#include <stdlib.h>
#include <sys/mman.h>
// killgdb.c - prevent an elf from being loaded by gdb.
// Jeffrey Crowell <crowell [at] bu [dot] edu>
//
// $ objcopy --only-keep-debug program program.debug
@bnagy
bnagy / gpgmutt.md
Last active Sep 5, 2019
Mutt, Gmail and GPG
View gpgmutt.md

GPG / Mutt / Gmail

About

This is a collection of snippets, not a comprehensive guide. I suggest you start with Operational PGP.

Here is an incomplete list of things that are different from other approaches:

  • I don't use keyservers. Ever.
  • Yes, I use Gmail instead of some bespoke hipster freedom service
@kennwhite
kennwhite / vpn_psk_bingo.md
Last active Aug 30, 2019
Most VPN Services are Terrible
View vpn_psk_bingo.md

Most VPN Services are Terrible

Short version: I strongly do not recommend using any of these providers. You are, of course, free to use whatever you like. My TL;DR advice: Roll your own and use Algo or Streisand. For messaging & voice, use Signal. For increased anonymity, use Tor for desktop (though recognize that doing so may actually put you at greater risk), and Onion Browser for mobile.

This mini-rant came on the heels of an interesting twitter discussion: https://twitter.com/kennwhite/status/591074055018582016

@ShikChen
ShikChen / reg_ex.py
Created Apr 20, 2015
PlaidCTF 2015 REG EX
View reg_ex.py
import itertools
import re
import z3
base = 'plaidctf'
r = open('regex_57f2cf49f6a354b4e8896c57a4e3c973.txt').read().strip()
s = re.search(r'\((.*)\)', r).group(1)
s = s.split('|')[3:]
s = [re.findall(r'(.*?)\[(.*?)\]', it) for it in s]
View cloudflare_challenge
I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the
10th to get it (ok, looks like I was the 8th.) But I'm happy that I was able to prove to myself
that I too could do it.
First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially
believed that it would be highly improbable under normal conditions to obtain the private key
through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's
challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to
extract private keys. So I wanted to see first-hand if it was possible or not.
@datagrok
datagrok / gist:2199506
Last active Jun 27, 2019
Virtualenv's `bin/activate` is Doing It Wrong
View gist:2199506
You can’t perform that action at this time.