Skip to content

Instantly share code, notes, and snippets.

@emerose
emerose / keyscan.rb
Created February 11, 2011 23:25
scan an authorized_keys file and print key fingerprints
#!/usr/bin/env ruby
require 'tempfile'
KEYGEN = "/usr/bin/ssh-keygen"
KEYSFILE = "authorized_keys"
keys = []
File.open(KEYSFILE).each_line do |l|
next if (l =~ /\A\s*\Z/) # blank line
#!/usr/bin/env ruby
#
# This program encrypts and decrypts messages at the command line.
# It runs setuid root, so that it can be used by users without giving
# them access to the (root-owned) secret encryption key.
require 'openssl'
SECRET_KEY="/etc/secrypt.key"
OUTPUT_FILE="/tmp/secrypt.out"
require 'open3'
class RunningMan
def initialize(*cmd)
@cmd = cmd
end
attr_reader :status, :output, :error
def run
input, output, err = Open3.popen3(*@cmd)
sqbook:local sq$ brew install openldap -vd
==> Build Environment
CC: /usr/bin/cc => /usr/bin/gcc-4.2
CXX: /usr/bin/c++ => /usr/bin/c++-4.2
LD: /usr/bin/cc => /usr/bin/gcc-4.2
CFLAGS: -O3 -march=core2 -msse4.1 -w -pipe
CXXFLAGS: -O3 -march=core2 -msse4.1 -w -pipe
MAKEFLAGS: -j2
==> Downloading ftp://ftp.openldap.org/pub/OpenLDAP/openldap-release/openldap-2.4.21.tgz
File already downloaded and cached to /Users/sq/Library/Caches/Homebrew
Exception in thread "main" java.lang.NullPointerException
at java.net.Parts.<init>(URL.java:1262)
at java.net.URL.<init>(URL.java:380)
at java.net.URL.<init>(URL.java:283)
at com.netifera.poet.ui.view.PoetComponent.createFormOracle(PoetComponent.java:252)
at com.netifera.poet.ui.view.PoetComponent.doOracleTestAction(PoetComponent.java:223)
at com.netifera.poet.ui.view.PoetComponent.actionButtonClicked(PoetComponent.java:213)
at com.netifera.poet.ui.view.PoetComponent.access$2(PoetComponent.java:194)
at com.netifera.poet.ui.view.PoetComponent$3.widgetSelected(PoetComponent.java:164)
at org.eclipse.swt.widgets.TypedListener.handleEvent(Unknown Source)
def random_password(length=10)
allowed_chars = (('a'..'z').to_a + ('A'..'Z').to_a + ('0'..'9').to_a)
ret = ''
OpenSSL::Random.random_bytes(length).each_byte do |b|
ret << allowed_chars[b % allowed_chars.length]
end
return ret
end
<?php
//...
$sql = "SELECT * FROM Users WHERE " .
"(Username = '" . addslashes($username) . "') " .
"AND (Token = '" . addslashes($token) . "')";
$rs = $db->executeQuery($sql);
if ( $rs->next() ) {
//...
?>
<?php
$salt = substr(md5(rand()), 0, 4);
$hashedpassword = md5($password.$salt);
$sql = "INSERT INTO Users (Username, Password, Salt) " .
"VALUES ('" . addslashes($username) . "', " .
"'$hashedpassword', '$salt')";
$db->executeQuery($sql);
// ...
# Because 2.0 uses CBC mode by default, it requires an initialization vector (IV).
# (All cipher modes except ECB require an IV.) There are two choices: we can either
# use a fixed IV known to both parties or allow ESAPI to choose a random IV. While
# the IV does not need to be hidden from adversaries, it is important that the
# adversary not be allowed to choose it. Also, random IVs are generally much more
# secure than fixed IVs. (In fact, it is essential that feed-back cipher modes
# such as CFB and OFB use a different IV for each encryption with a given key so
# in such cases, random IVs are much preferred. By default, ESAPI 2.0 uses random
# IVs. If you wish to use 'fixed' IVs, set 'Encryptor.ChooseIVMethod=fixed' and
# uncomment the Encryptor.fixedIV.
We couldn’t find that file to show.