Skip to content

Instantly share code, notes, and snippets.

Alex James al3xtjames

Block or report user

Report or block al3xtjames

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
marcan /
Last active Oct 7, 2019
Non-obfuscated version of the ROCA Infineon RSA key test
import sys
# Credit:
generators = [
(2, 11), (6, 13), (8, 17), (9, 19), (3, 37), (26, 53), (20, 61), (35, 71),
(24, 73), (13, 79), (6, 97), (51, 103), (53, 107), (54, 109), (42, 127),
(50, 151), (78, 157),
marcan / smbloris.c
Last active Jul 31, 2019
SMBLoris attack proof of concept
View smbloris.c
/* SMBLoris attack proof-of-concept
* Copyright 2017 Hector Martin "marcan" <>
* Licensed under the terms of the 2-clause BSD license.
* This is a proof of concept of a publicly disclosed vulnerability.
* Please do not go around randomly DoSing people with it.
* Tips: do not use your local IP as source, or if you do, use iptables to block
spaze /
Last active Apr 21, 2020
Opera VPN behind the curtains is just a proxy, here's how it works

When setting up (that's immediately when user enables it in settings) Opera VPN sends few API requests to to obtain credentials and proxy IPs, see below, also see The Oprah Proxy.

The browser then talks to a proxy (when VPN location is set to Germany), it's IP address can only be resolved from within Opera when VPN is on, it's (or similar, see below). It's an HTTP/S proxy which requires auth.

When loading a page with Opera VPN enabled, the browser sends a lot of requests to with Proxy-Authorization request header.

The Proxy-Authorization header decoded: CC68FE24C34B5B2414FB1DC116342EADA7D5C46B:9B9BE3FAE674A33D1820315F4CC94372926C8210B6AEC0B662EC7CAD611D86A3 (that's sha1(device_id):device_password, where device_id and device_password come from the POST /v2/register_device API call, please note that this decoded header is from another Opera installation and thus contains

View gist:8d9d494da56fbe6d8992
commit 3f5e3bdbb45bc2cd9ae95972420eb11b0340f120
Author: Matthew Garrett <>
Date: Mon Feb 1 13:31:00 2016 +1100
Block most UEFI variable deletions
Some systems appear to become upset if certain UEFI non-volatile variables
are delted, to the point of no longer POSTing successfully. For a short-term
fix, let's just block deletion of most variables while we figure out a
better approach.
freundTech / js-horror.js
Last active Jan 24, 2020
Possibly the worst JavaScript ever written
View js-horror.js
this[([]+!![])[!![]+!![]+!![]]+"v"+([]+![])[![]+!![]]+([]+![])[!![]+!![]]](([]+![])[![]+![]]+([]+[][[]])[![]+![]]+([]+[][[]])[![]+!![]]+([]+typeof([]))[!![]+!![]+!![]+!![]]+([]+!![])[![]+![]]+([]+[][[]])[!![]+!![]+!![]+!![]+!![]]+([]+typeof([]))[![]+![]]+([]+[][[]])[![]+!![]]+" "+([]+![])[![]+!![]]+([]+!![])[![]+!![]]+([]+!![])[![]+!![]]+([]+![])[![]+!![]]+"y"+([]+[][[]])[!![]+!![]+!![]+!![]+!![]]+([]+![])[![]+![]]+"y"+"("+([]+!![])[![]+![]]+")"+"{"+"v"+([]+![])[![]+!![]]+([]+!![])[![]+!![]]+" "+([]+typeof([]))[![]+![]]+"="+"{"+([]+![])[![]+!![]]+":"+"\""+"("+"["+"]"+"+"+"!"+"["+"]"+")"+"["+"!"+"["+"]"+"+"+"!"+"!"+"["+"]"+"]"+"\""+","+(typeof(![]))[![]+![]]+":"+"\""+"("+([]+!![])[![]+![]]+"y"+"p"+([]+!![])[!![]+!![]+!![]]+([]+typeof([]))[![]+![]]+([]+![])[![]+![]]+"("+"!"+"["+"]"+")"+")"+"["+"!"+"["+"]"+"+"+"!"+"["+"]"+"]"+"\""+","+([]+typeof([]))[!![]+!![]+!![]+!![]]+":"+"\""+"("+"["+"]"+"+"+([]+!![])[![]+![]]+"y"+"p"+([]+!![])[!![]+!![]+!![]]+([]+typeof([]))[![]+![]]+([]+![])[![]+![]]+"("+"["+"]"+")"+")"+"[
zchee / kernel-debug-kit-10.10.4-build-14E46
Created Jul 3, 2015
Kernel Debug Kit 10.10.4 build 14E46
View kernel-debug-kit-10.10.4-build-14E46
OS X Yosemite Kernel Debug Kit Read Me
Please Note: After installation, the Kernel Debug Kit will be available at:
The kernel file location has changed.
The kernel file location has moved to /System/Library/Kernels/kernel
The OS X Yosemite Kernel Debug Kit includes the DEVELOPMENT and DEBUG kernel builds. These both have additional assertions and error checking compared to the RELEASE kernel. The DEVELOPMENT kernel can be used for every-day use and has minimal performance overhead, while the DEBUG kernel has much more error checking.
kennwhite /
Last active May 29, 2020
Most VPN Services are Terrible

Most VPN Services are Terrible

Short version: I strongly do not recommend using any of these providers. You are, of course, free to use whatever you like. My TL;DR advice: Roll your own and use Algo or Streisand. For messaging & voice, use Signal. For increased anonymity, use Tor for desktop (though recognize that doing so may actually put you at greater risk), and Onion Browser for mobile.

This mini-rant came on the heels of an interesting twitter discussion:

comex / wormdump.c
Created Apr 9, 2015
Some old broken code in case it helps anyone
View wormdump.c
#include <sys/socket.h>
#include <sys/ioctl.h>
#include <sys/kern_event.h>
#include <stdio.h>
#include <stdint.h>
#include <stdbool.h>
#include <stdlib.h>
#include <assert.h>
#include <string.h>
#include <net/ethernet.h>
0xbb /
Last active Jan 31, 2020
Macbook Pro 11,3 - Linux - AppleMuxControl reverse engineering
steakknife /
Last active Aug 11, 2018
Two-box osx kernel debugging

Two-box osx kernel development

This is an officially unsupported two-box setup, suitable for real kernel (and sometimes kext) development.

Target box setup w/ development kernel

Make sure the box has plenty, but not too much, ram, unless you enjoy wasting time doing either virtual or actual paging.

You can’t perform that action at this time.