Skip to content

Instantly share code, notes, and snippets.

View bdrewery's full-sized avatar

Bryan Drewery bdrewery

145 followers · 17 following
  • Seattle, Washington
View GitHub Profile
@bdrewery
bdrewery / generate-patch.sh
Created March 8, 2011 18:36
Takes a git repo with expected branches 'base' and 'master' and produces a patch for /usr/src/files/path-REPO
#! /bin/sh
DEST_DIR=$(realpath $1)
for git_repo in *; do
if ! [ -d "${git_repo}/.git" ]; then
continue
fi
PREFIX="./${git_repo//-//}"
pushd $git_repo > /dev/null
@bdrewery
bdrewery / usr.bin-last.patch
Created March 8, 2011 21:34
Patch to FreeBSD last to show GeoIP Country and restrict per user
Summary:
Makefile | 2 ++
last.c | 46 ++++++++++++++++++++++++++++++++++++++++++++--
2 files changed, 46 insertions(+), 2 deletions(-)
----
Files modified:
commit f400c8ea0d5417aea5a80c53c06511f595d84ab8
Author: Bryan Drewery <bryan@shatow.net>
@bdrewery
bdrewery / usr.bin-who.patch
Created March 8, 2011 21:34
Patch to FreeBSD who to show GeoIP Country
Summary:
Makefile | 2 ++
who.c | 34 +++++++++++++++++++++++++++++++++-
2 files changed, 35 insertions(+), 1 deletions(-)
----
Files modified:
commit 9cbed388a891caea998a5be60e13572f17800384
Author: Bryan Drewery <bryan@shatow.net>
@bdrewery
bdrewery / last.sh
Created May 19, 2011 13:55
FreeBSD last(1) wrapper which protects the privacy of other users
#! /bin/bash
# THIS RUNS SETGID utmp
# last [-[n ]number] [user]
# everything else is IGNORED.
PROC=$_
### Only allow invocation from last, not other procs
if [ "${PROC/last/}" = "${PROC}" ]; then
exit 1
@bdrewery
bdrewery / gist:1062450
Created July 3, 2011 18:28

32: SIZEOF_LONG: 4 64: SIZEOF_LONG: 8

union bf_data {
  struct {
    unsigned long left;
    unsigned long right;
  } lr;
  BF_LONG bf_long;

};

@bdrewery
bdrewery / gist:1066319
Created July 6, 2011 01:09
FiSH CBC mode test

bryan here does not support CBC, nor did it have FiSH enabled. lolwut is using FiSH10's CBC mode.

The CBC is still vuln to replay attack as it does not take the previous data seen into account for its IV, which it really can't anyway as messages are not guaranteed to come through in the same order to all clients (even in a private message scenario).

Seen from IRSSI:

20:04:31 < lolwut> +OK */+oAlEKOmjasKT9tlEv7Cw==
20:04:33 < lolwut> +OK *BsYMtHPWPmP+0z3RMLEgOA==
20:04:34 < lolwut> +OK *zj7vwK9O7TLW5h26hPjAJg==

20:04:35 < lolwut> +OK *332AXN/zGv56bPf3X9ZrBw==

@bdrewery
bdrewery / gist:1072606
Created July 8, 2011 19:25
SSL Session debugging
SSL-Session:
Protocol : TLSv1
Cipher : DHE-RSA-AES256-SHA
Session-ID: 17B29477C80A78820FD7AC27B3733B50A876D8EDAA23D277BCB21EC70620F0CD
Session-ID-ctx:
Master-Key: B5992088CD17A41C07AD06B9C25543EF77CD2E27E5DB98505FE65E096AD1F3966FF6934B56BAA00B8AC67F6EAF6D8D7C
Key-Arg : None
TLS session ticket:
0000 - a9 61 90 1f d2 5f 18 0b-fe 10 c5 65 32 b9 15 74 .a..._.....e2..t
0010 - c8 83 ca a2 8d 09 a3 dd-47 58 12 05 2e 9d 3a 57 ........GX....:W
@bdrewery
bdrewery / gist:1079590
Last active September 26, 2015 09:58 — forked from anonymous/gist:1079589
Wraith SSL

Done

  1. SSL IRC
  • IPv6 works as well.
  1. SSL botnet Linking
  • Currently requires ssl.pem file
  • Replaces old ghost protocol (custom AES). This makes the connection much more secure.
  1. SSL partyline
  • No extra ports needed
  • openssl s_client -starttls pop3 -connect host:port
@bdrewery
bdrewery / Makefile
Created September 28, 2011 14:42
FreeBSD-SA-11:05.unix workaround module
KMOD = unix
SRCS = unix.c
.include <bsd.kmod.mk>
@bdrewery
bdrewery / Makefile
Created September 28, 2011 14:59
FreeBSD-SA-08:03.sendfile workaround module
KMOD = sendfile
SRCS = sendfile.c
.include <bsd.kmod.mk>