Skip to content

Instantly share code, notes, and snippets.

🍪
Focusing

Ben Mezger (seds) benmezger

🍪
Focusing
Block or report user

Report or block benmezger

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@NikaTsanka
NikaTsanka / rgb-sobel.py
Created Jul 2, 2017
RGB Sobel Operator
View rgb-sobel.py
import numpy as np
from PIL import Image
import matplotlib.pyplot as plt
# Open the image
img = np.array(Image.open('dancing-spider.jpg')).astype(np.uint8)
# Sobel Operator
h, w, d = img.shape
View Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

View Effective_Engineer.md

FWIW: I didn't produce the content presented here (the outline from Edmond Lau's book). I've just copy-pasted it from somewhere over the Internet, but I cannot remember what exactly the original source is. I was also not able to find the author's name, so I cannot give him/her the proper credits.


Effective Engineer - Notes

What's an Effective Engineer?

@rygorous
rygorous / gist:e0f055bfb74e3d5f0af20690759de5a7
Created May 8, 2016
A bit of background on compilers exploiting signed overflow
View gist:e0f055bfb74e3d5f0af20690759de5a7
Why do compilers even bother with exploiting undefinedness signed overflow? And what are those
mysterious cases where it helps?
A lot of people (myself included) are against transforms that aggressively exploit undefined behavior, but
I think it's useful to know what compiler writers are accomplishing by this.
TL;DR: C doesn't work very well if int!=register width, but (for backwards compat) int is 32-bit on all
major 64-bit targets, and this causes quite hairy problems for code generation and optimization in some
fairly common cases. The signed overflow UB exploitation is an attempt to work around this.
@spaze
spaze / opera-vpn.md
Last active Feb 10, 2020
Opera VPN behind the curtains is just a proxy, here's how it works
View opera-vpn.md

When setting up (that's immediately when user enables it in settings) Opera VPN sends few API requests to https://api.surfeasy.com to obtain credentials and proxy IPs, see below, also see The Oprah Proxy.

The browser then talks to a proxy de0.opera-proxy.net (when VPN location is set to Germany), it's IP address can only be resolved from within Opera when VPN is on, it's 185.108.219.42 (or similar, see below). It's an HTTP/S proxy which requires auth.

When loading a page with Opera VPN enabled, the browser sends a lot of requests to de0.opera-proxy.net with Proxy-Authorization request header.

The Proxy-Authorization header decoded: CC68FE24C34B5B2414FB1DC116342EADA7D5C46B:9B9BE3FAE674A33D1820315F4CC94372926C8210B6AEC0B662EC7CAD611D86A3 (that's sha1(device_id):device_password, where device_id and device_password come from the POST /v2/register_device API call, please note that this decoded header is from another Opera installation and thus contains

@bearfrieze
bearfrieze / comprehensions.md
Last active Feb 18, 2020
Comprehensions in Python the Jedi way
View comprehensions.md

Comprehensions in Python the Jedi way

by Bjørn Friese

Beautiful is better than ugly. Explicit is better than implicit.

-- The Zen of Python

I frequently deal with collections of things in the programs I write. Collections of droids, jedis, planets, lightsabers, starfighters, etc. When programming in Python, these collections of things are usually represented as lists, sets and dictionaries. Oftentimes, what I want to do with collections is to transform them in various ways. Comprehensions is a powerful syntax for doing just that. I use them extensively, and it's one of the things that keep me coming back to Python. Let me show you a few examples of the incredible usefulness of comprehensions.

@fasterthanlime
fasterthanlime / state-of-emergency-in-france.md
Last active Jul 25, 2016
What the state of emergency means in France, where it's been declared following the Paris attacks
View state-of-emergency-in-france.md
@AGWA
AGWA / cook_rsa_key.go
Last active Oct 11, 2018
Demonstrates that an RSA signature does not uniquely identify a public key.
View cook_rsa_key.go
/*
* Demonstrates that an RSA signature does not uniquely identify a public key.
* Given a signature, s, and a message m, it's possible to construct a new RSA key
* pair such that s is a valid signature for m under the new key pair.
*
* Requires Go version >= 1.5. Go <= 1.4 doesn't work due to a bug in the bignum
* package: https://github.com/golang/go/issues/9826
*
* Written in 2015 by Andrew Ayer <agwa@andrewayer.name>
*
View Linux-backup.md

Linux Backup Solutions

I've been looking for the best Linux backup system, and also reading lots of HN comments.

Instead of putting pros and cons of every backup system I'll just list some deal-breakers which would disqualify them.

Also I would like that you, the HN community, would add more deal breakers for these or other backup systems if you know some more and at the same time, if you have data to disprove some of the deal-breakers listed here (benchmarks, info about something being true for older releases but is fixed on newer releases), please share it so that I can edit this list accordingly.

Bacula (from the Why section on Burp)

  • Too complex to configure
  • Stores catalog separate from backups, need to backup catalog
@yunga
yunga / Cliref.md
Last active Feb 23, 2020
CLIRef.md
View Cliref.md
_________ _____ _______________       _____
\_   ___ \\    \\___________   \____ / ____\     ~/.bash/cliref.md
/    \  \/|    | |   ||       _/ __ \  __\    copy/paste from whatisdb
\     \___|__  |_|_  ||    |   \  __/|_ |   http://pastebin.com/yGmGiDQX
 \________  /_____ \_||____|_  /____  /_|     yunga.palatino@gmail.com
 20160515 \/ 1527 \/         \/     \/

alias CLIRef.txt='curl -s "http://pastebin.com/raw/yGmGiDQX" | less -i'
You can’t perform that action at this time.