This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
require 'tempfile' | |
KEYGEN = "/usr/bin/ssh-keygen" | |
KEYSFILE = "authorized_keys" | |
keys = [] | |
File.open(KEYSFILE).each_line do |l| | |
next if (l =~ /\A\s*\Z/) # blank line |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env ruby | |
# | |
# This program encrypts and decrypts messages at the command line. | |
# It runs setuid root, so that it can be used by users without giving | |
# them access to the (root-owned) secret encryption key. | |
require 'openssl' | |
SECRET_KEY="/etc/secrypt.key" | |
OUTPUT_FILE="/tmp/secrypt.out" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'open3' | |
class RunningMan | |
def initialize(*cmd) | |
@cmd = cmd | |
end | |
attr_reader :status, :output, :error | |
def run | |
input, output, err = Open3.popen3(*@cmd) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sqbook:local sq$ brew install openldap -vd | |
==> Build Environment | |
CC: /usr/bin/cc => /usr/bin/gcc-4.2 | |
CXX: /usr/bin/c++ => /usr/bin/c++-4.2 | |
LD: /usr/bin/cc => /usr/bin/gcc-4.2 | |
CFLAGS: -O3 -march=core2 -msse4.1 -w -pipe | |
CXXFLAGS: -O3 -march=core2 -msse4.1 -w -pipe | |
MAKEFLAGS: -j2 | |
==> Downloading ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.21.tgz | |
File already downloaded and cached to /Users/sq/Library/Caches/Homebrew |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Exception in thread "main" java.lang.NullPointerException | |
at java.net.Parts.<init>(URL.java:1262) | |
at java.net.URL.<init>(URL.java:380) | |
at java.net.URL.<init>(URL.java:283) | |
at com.netifera.poet.ui.view.PoetComponent.createFormOracle(PoetComponent.java:252) | |
at com.netifera.poet.ui.view.PoetComponent.doOracleTestAction(PoetComponent.java:223) | |
at com.netifera.poet.ui.view.PoetComponent.actionButtonClicked(PoetComponent.java:213) | |
at com.netifera.poet.ui.view.PoetComponent.access$2(PoetComponent.java:194) | |
at com.netifera.poet.ui.view.PoetComponent$3.widgetSelected(PoetComponent.java:164) | |
at org.eclipse.swt.widgets.TypedListener.handleEvent(Unknown Source) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
def random_password(length=10) | |
allowed_chars = (('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a) | |
ret = '' | |
OpenSSL::Random.random_bytes(length).each_byte do |b| | |
ret << allowed_chars[b % allowed_chars.length] | |
end | |
return ret | |
end |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
//... | |
$sql = "SELECT * FROM Users WHERE " . | |
"(Username = '" . addslashes($username) . "') " . | |
"AND (Token = '" . addslashes($token) . "')"; | |
$rs = $db->executeQuery($sql); | |
if ( $rs->next() ) { | |
//... | |
?> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
$salt = substr(md5(rand()), 0, 4); | |
$hashedpassword = md5($password.$salt); | |
$sql = "INSERT INTO Users (Username, Password, Salt) " . | |
"VALUES ('" . addslashes($username) . "', " . | |
"'$hashedpassword', '$salt')"; | |
$db->executeQuery($sql); | |
// ... |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# Because 2.0 uses CBC mode by default, it requires an initialization vector (IV). | |
# (All cipher modes except ECB require an IV.) There are two choices: we can either | |
# use a fixed IV known to both parties or allow ESAPI to choose a random IV. While | |
# the IV does not need to be hidden from adversaries, it is important that the | |
# adversary not be allowed to choose it. Also, random IVs are generally much more | |
# secure than fixed IVs. (In fact, it is essential that feed-back cipher modes | |
# such as CFB and OFB use a different IV for each encryption with a given key so | |
# in such cases, random IVs are much preferred. By default, ESAPI 2.0 uses random | |
# IVs. If you wish to use 'fixed' IVs, set 'Encryptor.ChooseIVMethod=fixed' and | |
# uncomment the Encryptor.fixedIV. |
NewerOlder