Skip to content

Instantly share code, notes, and snippets.

View arkadiyt's full-sized avatar

Arkadiy Tetelman arkadiyt

View GitHub Profile
Google was notified that your Chrome Web Store item, “Zoom Redirector" with ID fmaeeiocbalinknpdkjjfogehkdcbkcd, allegedly infringes upon the trademark(s) of other(s).
As a result, your item was removed from the Chrome Web Store.
We have attached a copy of the original notice we received for your reference. If you have any questions or concerns about this issue, please address them directly to the complainant:
If the complainant responds to the original trademark notice to authorize the republishing of your item, and your item does not otherwise violate the Developer Terms of Service, Program Policies or Branding Guidelines, we will reinstate it. Otherwise, if your account is still in good standing and the nature of your item allows for republishing, you may consider releasing a new, non-infringing version of your item to the Chrome Web Store under a new package name. These are the only avenues for reinstatement. Any attempts to republish this extension will be den
- Your new password must have 6–20 characters, with at least 2 letters and 2 numbers.
Bank of America:
- Contain 8 to 20 characters
- Have at least 1 uppercase letter, 1 lowercase letter, and 1 number
- Not repeat the same number or letter more than 3 times in a row
- Not include spaces, and contain only the following special characters: @ # * ( ) + = { } / ? ~ ; , . - _
This message will help you determine if your Amazon SageMaker Canvas App is affected by the issue disclosed in CVE-2021-44228 [1] relating to Apache Log4j, and provide steps you can take to address the issue. Please note that these actions will not delete any of your datasets or model but will only apply the fix in the app needed for remediating the CVE.
1) Determine regions in which you have created a Canvas App.
2) Search Amazon SageMaker in AWS Console and click on it. This will take you to SageMaker Console Dashboard.
3) In the left Navigation, under “SageMaker Domain”, click on “Canvas”. This will take you to the list of domain users you have created.
## Configuration file for a typical Tor user
## Last updated 28 February 2019 for Tor
## (may or may not work for much older or much newer versions of Tor.)
## Lines that begin with "## " try to explain what's going on. Lines
## that begin with just "#" are disabled commands: you can enable them
## by removing the "#" symbol.
## See 'man tor', or,
## for more options you can use in this file.
arkadiyt / token.rb
Last active January 12, 2023 20:01
Generate signed tokens in ruby
require 'base64'
require 'json'
require 'openssl'
require 'time'
def secure_compare(a, b)
return false unless a.bytesize == b.bytesize
l = a.unpack "C#{a.bytesize}"
#!/usr/bin/env bash
set -e
# Usage:
# ./ --role-arn=<role-to-assume> \
# --role-session-name=<name-for-session> \
# --external-id=<external-id> -- <command-to-run>
while [ $# -gt 0 ]; do
case "$1" in
arkadiyt /
Last active April 25, 2023 11:19
Cryptopals Set 8

Cryptopals is a set of cryptographic challenges, originally published here:

Set 8 of the challenges was never published publicly, until late March 2018. However the cryptopals website was not updated to include the challenges. This gist compiles the 8th set of the Cryptopals challenges.

title link
57. Diffie-Hellman Revisited: Small Subgroup Confinement
58. Pollard's Method for Catching Kangaroos
59. Elliptic Curve Diffie-Hellman and Invalid-Curve Attacks
arkadiyt /
Last active January 18, 2024 00:12
import boto3
import certbot.main
import datetime
import os
import raven
import subprocess
def read_and_delete_file(path):
with open(path, 'r') as file:
contents =
arkadiyt /
Created August 30, 2017 03:24
Rubygems vulnerability writeup

Rubygems blog post:

Ruby-lang blog post:

1) "a DNS request hijacking vulnerability"


Rubygems supports a gem server discovery mechanism, where if you set your gem source as, the gem client will do a SRV dns lookup on to determine where it should send requests to. A MITM can intercept that dns request and return whatever server they want, forcing the gem client to download code from a malicious server.

Month Link
August 2017
July 2017
June 2017
May 2017
April 2017
March 2017
February 2017
January 2017
December 2016