Wietse Wind WietseWind

## index.mjs
import fetch from 'node-fetch'
import { hookStateXLFtoBigNumber } from './xfl.mjs'

// Credits: https://github.com/tequdev/xahau-reward-claim/blob/main/src/app/ClaimReward.tsx

const account = 'rTeLeproT3BVgjWoYrDYpKbBLXPaVMkge'
const RPC_ENDPOINT = 'https://xahau.network'

const toUnixTimestamp = ts => ts + 946684800

## state.mjs
import { getPubKey, xflHexToString } from "./statelib.mjs";

const main = async () => {
  console.log(getPubKey(process.argv[2]));
  const options = {
    method: "POST",
    headers: {
      "Content-Type": "application/json",
    },
    body: JSON.stringify({

## index.mjs
import { createECDH } from 'crypto'
import elliptic from 'elliptic'
import { deriveAddress } from 'ripple-keypairs'

const curve = 'secp256k1'
const secp256k1 = elliptic.ec(curve)

const bytesToHex = a => a.map(byteValue => ('0' + byteValue.toString(16)).slice(-2)).join('')
const getPublic = echdObj => bytesToHex(secp256k1.keyFromPrivate(echdObj.getPrivateKey()).getPublic().encodeCompressed())

## hook.ts
import {
  enableEmit,
  getState,
  setState,
  prepareEmit,
  doEmit,
  log,
  AnyJson,
} from '@xahau/hooks'

## index.mjs
import accountlib from 'xrpl-accountlib'
import assert from 'assert'

const requiredBits   = 256
const requiredThrows = Math.ceil(requiredBits / Math.log2(10))

// Adapted from validator keypair dice tool by RichardAH
//   https://github.com/RichardAH/validator-keys-from-dice/blob/main/dice.js

// Random (BAD RANDOM! BAD BAD BAD RANDOM! DO NOT EVER USE THIS!! TESTING PURPOSES ONLY!)

## gen.mjs
import accountlib from 'xrpl-accountlib'
import elliptic from 'elliptic'
import assert from 'assert'
const ec = new elliptic.eddsa('ed25519')

// Adapted from validator keypair dice tool by RichardAH
//   https://github.com/RichardAH/validator-keys-from-dice/blob/main/dice.js

// Random (BAD RANDOM! BAD BAD BAD RANDOM! DO NOT EVER USE THIS!! TESTING PURPOSES ONLY!)
const dicerolls = Array(78).fill().map(r => Math.floor(Math.random() * 10))

## sign-and-submit.mjs
import { derive, utils, prefilledSignAndSubmit, XrplClient } from "xrpl-accountlib"

const sample = 'xahauTestnet'

const sampleValues = {
  xahauTestnet: {
    account: derive.familySeed('sstWn1vCjnf6vFT87QHoYJpzYrdu9'),
    nodes: [
      new XrplClient('wss://xahau-test.net'),
      new XrplClient('wss://hooks-testnet-v3.xrpl-labs.com'),

## index.html
<! -- Demo here: https://zoq4jb3.dlvr.cloud/index.html -->
<html>
  <head>
    <style>
      pre {
        border: 1px solid red;
        padding: 10px;
        margin: 10px;
      }
    </style>

## patch.sh
#!/bin/bash
# Detect CVE-2024-2961 and mitigage (tested: Ubuntu & Debian & Proxmox hosts)
# Wietse Wind 10-05-2024
#   Based on the idea from https://raw.githubusercontent.com/mattaperkins/FIX-CVE-2024-2961/main/fix.sh
#     ^^ Changes I made: auto detect file (several files eligible instead of one) & create back up of patched file
# Finds the right file and patches
# Safely run again to verify patch

# Run on host:
#   curl https://gist.githubusercontent.com/WietseWind/9fe2eda3fece426bf873a4aeb15c4267/raw/patch.sh | bash

## voucher-gen-claim.mjs
import {
  // generate,
  derive
} from 'xrpl-accountlib'

import rippleAddressCodec from 'ripple-address-codec'

import {
  sign,
  verify
	import fetch from 'node-fetch'
	import { hookStateXLFtoBigNumber } from './xfl.mjs'

	// Credits: https://github.com/tequdev/xahau-reward-claim/blob/main/src/app/ClaimReward.tsx

	const account = 'rTeLeproT3BVgjWoYrDYpKbBLXPaVMkge'
	const RPC_ENDPOINT = 'https://xahau.network'

	const toUnixTimestamp = ts => ts + 946684800
	import { getPubKey, xflHexToString } from "./statelib.mjs";

	const main = async () => {
	console.log(getPubKey(process.argv[2]));
	const options = {
	method: "POST",
	headers: {
	"Content-Type": "application/json",
	},
	body: JSON.stringify({
	import { createECDH } from 'crypto'
	import elliptic from 'elliptic'
	import { deriveAddress } from 'ripple-keypairs'

	const curve = 'secp256k1'
	const secp256k1 = elliptic.ec(curve)

	const bytesToHex = a => a.map(byteValue => ('0' + byteValue.toString(16)).slice(-2)).join('')
	const getPublic = echdObj => bytesToHex(secp256k1.keyFromPrivate(echdObj.getPrivateKey()).getPublic().encodeCompressed())
	import {
	enableEmit,
	getState,
	setState,
	prepareEmit,
	doEmit,
	log,
	AnyJson,
	} from '@xahau/hooks'
	import accountlib from 'xrpl-accountlib'
	import assert from 'assert'

	const requiredBits = 256
	const requiredThrows = Math.ceil(requiredBits / Math.log2(10))

	// Adapted from validator keypair dice tool by RichardAH
	// https://github.com/RichardAH/validator-keys-from-dice/blob/main/dice.js

	// Random (BAD RANDOM! BAD BAD BAD RANDOM! DO NOT EVER USE THIS!! TESTING PURPOSES ONLY!)
	import { derive, utils, prefilledSignAndSubmit, XrplClient } from "xrpl-accountlib"

	const sample = 'xahauTestnet'

	const sampleValues = {
	xahauTestnet: {
	account: derive.familySeed('sstWn1vCjnf6vFT87QHoYJpzYrdu9'),
	nodes: [
	new XrplClient('wss://xahau-test.net'),
	new XrplClient('wss://hooks-testnet-v3.xrpl-labs.com'),
	<! -- Demo here: https://zoq4jb3.dlvr.cloud/index.html -->
	<html>
	<head>
	<style>
	pre {
	border: 1px solid red;
	padding: 10px;
	margin: 10px;
	}
	</style>
	#!/bin/bash
	# Detect CVE-2024-2961 and mitigage (tested: Ubuntu & Debian & Proxmox hosts)
	# Wietse Wind 10-05-2024
	# Based on the idea from https://raw.githubusercontent.com/mattaperkins/FIX-CVE-2024-2961/main/fix.sh
	# ^^ Changes I made: auto detect file (several files eligible instead of one) & create back up of patched file
	# Finds the right file and patches
	# Safely run again to verify patch

	# Run on host:
	# curl https://gist.githubusercontent.com/WietseWind/9fe2eda3fece426bf873a4aeb15c4267/raw/patch.sh \| bash
	import {
	// generate,
	derive
	} from 'xrpl-accountlib'

	import rippleAddressCodec from 'ripple-address-codec'

	import {
	sign,
	verify