Skip to content

Instantly share code, notes, and snippets.

@echuber2
echuber2 / hanoi_solution_erichuber_commented_Lib.hs
Created Apr 24, 2018
CS 421 Spring 2018 - Tower of Hanoi practice problem example solution
View hanoi_solution_erichuber_commented_Lib.hs
-- Tower of Hanoi practice problem by Mattox Beckman
-- example solution by Eric Huber (may be inelegant) 20180424
module Lib where
import Data.Hashable
import qualified Data.HashSet as H
type Stack = [Int]
type Config = (Stack, Stack, Stack)
@merryhime
merryhime / post.md
Last active Jul 27, 2022
Dumping the GBA BIOS
View post.md

Dumping the GBA BIOS

endrift has recently written an article on a new method she discovered for dumping the GBA's BIOS, different from the MidiKey2Freq method currently used. This article is about a third method I've discovered that is different from those two.

I've been having a very recent fascination with the Game Boy Advance. The hardware is simple relative to more complex modern handhelds and the CPU is of an architecture I'm already familiar with (ARM7TDMI), making it a rather fun toy to play with. The GBA is a console where cycle counting is important. In order to learn more about the hardware, I have been reading documentation that others have produced (like Martin Korth's GBATEK) and writing small programs to test edge-cases of the hardware that I didn't quite understand. One example of this was the BIOS ROM.

BIOS Protection

The

View Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

View gist:07d8d4c833873be2f68c34f9afc5a78a

Cryptographic Best Practices

Putting cryptographic primitives together is a lot like putting a jigsaw puzzle together, where all the pieces are cut exactly the same way, but there is only one correct solution. Thankfully, there are some projects out there that are working hard to make sure developers are getting it right.

The following advice comes from years of research from leading security researchers, developers, and cryptographers. This Gist was [forked from Thomas Ptacek's Gist][1] to be more readable. Additions have been added from

@vedant1811
vedant1811 / info.txt
Last active May 11, 2020
Saves all chat history of a telegram user. use as `telegram-cli -D -s save_chat_history.lua`
View info.txt
I had to change this in the telegram CLI to make it work:
https://github.com/vedant1811/tg/commit/e068c2549f2f155ba9c40bd7cee8b076d03b417f
@atcuno
atcuno / gist:3425484ac5cce5298932
Last active Aug 2, 2022
HowTo: Privacy & Security Conscious Browsing
View gist:3425484ac5cce5298932

The purpose of this document is to make recommendations on how to browse in a privacy and security conscious manner. This information is compiled from a number of sources, which are referenced throughout the document, as well as my own experiences with the described technologies.

I welcome contributions and comments on the information contained. Please see the How to Contribute section for information on contributing your own knowledge.

Table of Contents

View bad_apple_downs_4.lua
local xtl_cond_a_result= not (GAMESTATE:IsPlayerEnabled(PLAYER_1) and GAMESTATE:IsPlayerEnabled(PLAYER_2)
and GAMESTATE:GetCurrentSteps(PLAYER_1):GetDifficulty() ~= GAMESTATE:GetCurrentSteps(PLAYER_2):GetDifficulty())
-- XML is so terrible. At least, I hope XML being terrible is the reason why this piece of code was repeated 17 times.
-- score1 = tonumber(string.sub(SCREENMAN:GetTopScreen():GetChild('ScoreP1'):GetChild('ScoreDisplayPercentage Percent'):GetChild('PercentP1'):GetText(), 1, -2))
-- And it's clumsy too, going through the actor tree, hoping those actors exist (they don't if the preferences aren't set to specific things), and then parsing the text.
-- Much better to just fetch the score from STATSMAN. -Kyz
local function get_score(pn)
-- Normally I'd cache the PlayerStageStats for each player in a local
@lexruee
lexruee / bluetooth raspberry-pi
Created Jan 22, 2015
install bluetooth and pybluez
View bluetooth raspberry-pi
sudo apt-get update
sudo apt-get install python-pip python-dev ipython
sudo apt-get install bluetooth libbluetooth-dev
sudo pip install pybluez
@dergachev
dergachev / setuid-root-backdoor.md
Last active Apr 24, 2022
How to use setuid to install a root backdoor.
View setuid-root-backdoor.md

Why You Can't Un-Root a Compromised Machine

Let's say somebody temporarily got root access to your system, whether because you "temporarily" gave them sudo rights, they guessed your password, or any other way. Even if you can disable their original method of accessing root, there's an infinite number of dirty tricks they can use to easily get it back in the future.

While the obvious tricks are easy to spot, like adding an entry to /root/.ssh/authorized_keys, or creating a new user, potentially via running malware, or via a cron job. I recently came across a rather subtle one that doesn't require changing any code, but instead exploits a standard feature of Linux user permissions system called setuid to subtly allow them to execute a root shell from any user account from the system (including www-data, which you might not even know if compromised).

If the "setuid bit" (or flag, or permission mode) is set for executable, the operating system will run not as the cur

@yanofsky
yanofsky / LICENSE
Last active Aug 3, 2022
A script to download all of a user's tweets into a csv
View LICENSE
This is free and unencumbered software released into the public domain.
Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.
In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit