Skip to content

Instantly share code, notes, and snippets.

View guidovranken's full-sized avatar

Guido Vranken guidovranken

578 followers · 6 following
View GitHub Profile
@guidovranken
guidovranken / gist:8c33e4e7911dabe984aa5caf91cb7398
Created October 25, 2017 10:35
Tracing Go VM:
[1] 0 : JUMPDEST
Stack: []
Gas: 99999
[2] 1 : PC
Stack: [1]
Gas: 99997
[3] 2 : ADDRESS
Stack: [1 341]
Gas: 99995
@guidovranken
guidovranken / gist:662a7b66e2d31ecf7d7a36cee8569289
Created February 13, 2018 09:47
keybase.md
### Keybase proof
I hereby claim:
* I am guidovranken on github.
* I am guidovranken (https://keybase.io/guidovranken) on keybase.
* I have a public key whose fingerprint is 9A9E DC20 C7C9 E021 F3ED 4CD9 734C 1576 6744 7B97
To claim this, I am signing this object:
@guidovranken
guidovranken / gist:c258310f4203825419d05ce71dc76bb1
Created June 12, 2018 11:05
CVE-2018-0732-poc.patch
From 523fa8f085346b19a46da240309716057cb24340 Mon Sep 17 00:00:00 2001
From: Guido Vranken <guidovranken@gmail.com>
Date: Mon, 14 May 2018 23:04:40 +0200
Subject: [PATCH 1/1] SSL server: send excessively large DH prime
---
ssl/statem/statem_srvr.c | 2053 +++++++++++++++++++++++++++++++++++++++++++++-
1 file changed, 2033 insertions(+), 20 deletions(-)
diff --git a/ssl/statem/statem_srvr.c b/ssl/statem/statem_srvr.c
@guidovranken
guidovranken / bsnmp-asn1.patch
Created September 1, 2018 18:49
diff --git a/contrib/bsnmp/lib/asn1.c b/contrib/bsnmp/lib/asn1.c
index 03b5662..57f9380 100644
--- a/contrib/bsnmp/lib/asn1.c
+++ b/contrib/bsnmp/lib/asn1.c
@@ -100,6 +100,11 @@ asn_get_header(struct asn_buf *b, u_char *type, asn_len_t *len)
*len = *b->asn_cptr++;
b->asn_len--;
}
+
+ if ( *len > b->asn_len ) {
@guidovranken
guidovranken / CVE-2019-11759.html
Created October 24, 2019 17:17
<html>
<body>
<script>
function getKeyMaterial() {
let enc = new TextEncoder();
return window.crypto.subtle.importKey(
"raw",
enc.encode("PW"),
"HKDF",
@guidovranken
guidovranken / gist:88da11e0f96e0d8bae52b9ab96afc9c2
Created December 28, 2019 01:33
#include <string.h>
#include <stdio.h>
static void
xcp(unsigned long *dst, const unsigned long *src, int top)
{
for (int i = 0; i < top; i++) {
dst[i] = src[i];
printf("%zu\n", src[i]);
}
}
@guidovranken
guidovranken / libressl.sh
Created July 28, 2020 17:00
LibreSSL BN_nist_mod_384 undefined behavior
#!/bin/bash
set -e
export CFLAGS="-fsanitize=object-size -fno-sanitize-recover=object-size"
export CC=clang
git clone --depth 1 https://github.com/libressl-portable/portable libressl
cd libressl
./update.sh
@guidovranken
guidovranken / build-libsecp256k1-fuzzer.sh
Created November 25, 2020 20:14
#!/bin/bash
export CC="clang"
export CXX="clang++"
export CFLAGS="-fsanitize=fuzzer-no-link -g -O3 -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"
export CXXFLAGS="-fsanitize=fuzzer-no-link -g -O3 -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"
# Alternatively:
#export CFLAGS="-fsanitize=fuzzer-no-link -g -O3 -fsanitize=address -DFUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION"
@guidovranken
guidovranken / sc.c
Created December 15, 2020 11:50
#define CF_CHECK_EQ(expr, res) if ( (expr) != (res) ) { goto end; }
#define CF_CHECK_NE(expr, res) if ( (expr) == (res) ) { goto end; }
void SymCryptFatal(UINT32 fatalCode) {
(void)fatalCode;
abort();
}
void SymCryptInjectError( PBYTE pbData, SIZE_T cbData ) {
(void)pbData;
@guidovranken
guidovranken / symcrypt_poc.c
Created December 18, 2020 18:09
/* Compile:
export CC=clang
git clone --depth 1 https://github.com/microsoft/SymCrypt.git
cd SymCrypt/
# Unittests don't build with clang and are not needed anyway
sed -i "s/^add_subdirectory(unittest)$//g" CMakeLists.txt
mkdir b/
cd b/