Ian Klatzco ianklatzco

## bad_apple_downs_4.lua
    local xtl_cond_a_result= not (GAMESTATE:IsPlayerEnabled(PLAYER_1) and GAMESTATE:IsPlayerEnabled(PLAYER_2)
             and GAMESTATE:GetCurrentSteps(PLAYER_1):GetDifficulty() ~= GAMESTATE:GetCurrentSteps(PLAYER_2):GetDifficulty())

    -- XML is so terrible.  At least, I hope XML being terrible is the reason why this piece of code was repeated 17 times.
    -- score1 = tonumber(string.sub(SCREENMAN:GetTopScreen():GetChild('ScoreP1'):GetChild('ScoreDisplayPercentage Percent'):GetChild('PercentP1'):GetText(), 1, -2))
    -- And it's clumsy too, going through the actor tree, hoping those actors exist (they don't if the preferences aren't set to specific things), and then parsing the text.
    -- Much better to just fetch the score from STATSMAN. -Kyz

    local function get_score(pn)
       -- Normally I'd cache the PlayerStageStats for each player in a local

## hanoi_solution_erichuber_commented_Lib.hs
-- Tower of Hanoi practice problem by Mattox Beckman
-- example solution by Eric Huber (may be inelegant) 20180424

module Lib where

import Data.Hashable
import qualified Data.HashSet as H

type Stack  = [Int]
type Config = (Stack, Stack, Stack)

## info.txt
I had to change this in the telegram CLI to make it work:

https://github.com/vedant1811/tg/commit/e068c2549f2f155ba9c40bd7cee8b076d03b417f

## bluetooth raspberry-pi
sudo apt-get update
sudo apt-get install python-pip python-dev ipython

sudo apt-get install bluetooth libbluetooth-dev
sudo pip install pybluez

## bskyrb.rb
require 'json'
require 'net/http'
require 'date'
module ATProto
  class Session
    def initialize(username, password)
      @atp_host = "https://bsky.social"
      @atp_auth_token = ""
      @did = ""
      @username = username

## hfsc-shape.sh
#!/bin/bash

# As the "bufferbloat" folks have recently re-discovered and/or more widely
# publicized, congestion avoidance algorithms (such as those found in TCP) do
# a great job of allowing network endpoints to negotiate transfer rates that
# maximize a link's bandwidth usage without unduly penalizing any particular
# stream. This allows bulk transfer streams to use the maximum available
# bandwidth without affecting the latency of non-bulk (e.g. interactive)
# streams.

## keyrepeat.shell
# Mac OS X Lion introduced a new, iOS-like context menu when you press and hold a key
# that enables you to choose a character from a menu of options. If you are on Lion
# try it by pressing and holding down 'e' in any app that uses the default NSTextField
# for input.
#
# It's a nice feature and continues the blending of Mac OS X and iOS features. However,
# it's a nightmare to deal with in Sublime Text if you're running Vintage (Vim) mode,
# as it means you cannot press and hold h/j/k/l to move through your file. You have
# to repeatedly press the keys to navigate.

## LICENSE
This is free and unencumbered software released into the public domain.

Anyone is free to copy, modify, publish, use, compile, sell, or
distribute this software, either in source code form or as a compiled
binary, for any purpose, commercial or non-commercial, and by any
means.

In jurisdictions that recognize copyright laws, the author or authors
of this software dedicate any and all copyright interest in the
software to the public domain. We make this dedication for the benefit

## Wannacrypt0r-FACTSHEET.md

      
              1 file
            
          
              158 forks
            
          
              267 comments
            
          
              713 stars
            
          
                rain-1
                / Wannacrypt0r-FACTSHEET.md
            
            
              Last active
              March 10, 2024 11:03
                — forked from Epivalent/Wannacrypt0r-FACTSHEET.md
            
          
    WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm


Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

  
## setuid-root-backdoor.md

      
              1 file
            
          
              31 forks
            
          
              2 comments
            
          
              85 stars
            
          
                dergachev
                / setuid-root-backdoor.md
            
            
              Last active
              March 16, 2024 00:49
            
              
                How to use setuid to install a root backdoor. 
              
          
    Why You Can't Un-Root a Compromised Machine

Let's say somebody temporarily got root access to your system, whether because you "temporarily" gave them sudo rights, they guessed your password, or any other way. Even if you can disable their original method of accessing root, there's an infinite number of dirty tricks they can use to easily get it back in the future.
While the obvious tricks are easy to spot, like adding an entry to /root/.ssh/authorized_keys, or creating a new user, potentially via running malware, or via a cron job. I recently came across a rather subtle one that doesn't require changing any code, but instead exploits a standard feature of Linux user permissions system called setuid  to subtly allow them to execute a root shell from any user account from the system (including www-data, which you might not even know if compromised).
If the "setuid bit" (or flag, or permission mode) is set for executable, the operating system will run not as the cur
	local xtl_cond_a_result= not (GAMESTATE:IsPlayerEnabled(PLAYER_1) and GAMESTATE:IsPlayerEnabled(PLAYER_2)
	and GAMESTATE:GetCurrentSteps(PLAYER_1):GetDifficulty() ~= GAMESTATE:GetCurrentSteps(PLAYER_2):GetDifficulty())

	-- XML is so terrible. At least, I hope XML being terrible is the reason why this piece of code was repeated 17 times.
	-- score1 = tonumber(string.sub(SCREENMAN:GetTopScreen():GetChild('ScoreP1'):GetChild('ScoreDisplayPercentage Percent'):GetChild('PercentP1'):GetText(), 1, -2))
	-- And it's clumsy too, going through the actor tree, hoping those actors exist (they don't if the preferences aren't set to specific things), and then parsing the text.
	-- Much better to just fetch the score from STATSMAN. -Kyz

	local function get_score(pn)
	-- Normally I'd cache the PlayerStageStats for each player in a local
	-- Tower of Hanoi practice problem by Mattox Beckman
	-- example solution by Eric Huber (may be inelegant) 20180424

	module Lib where

	import Data.Hashable
	import qualified Data.HashSet as H

	type Stack = [Int]
	type Config = (Stack, Stack, Stack)
	I had to change this in the telegram CLI to make it work:

	https://github.com/vedant1811/tg/commit/e068c2549f2f155ba9c40bd7cee8b076d03b417f
	sudo apt-get update
	sudo apt-get install python-pip python-dev ipython

	sudo apt-get install bluetooth libbluetooth-dev
	sudo pip install pybluez
	require 'json'
	require 'net/http'
	require 'date'
	module ATProto
	class Session
	def initialize(username, password)
	@atp_host = "https://bsky.social"
	@atp_auth_token = ""
	@did = ""
	@username = username
	#!/bin/bash

	# As the "bufferbloat" folks have recently re-discovered and/or more widely
	# publicized, congestion avoidance algorithms (such as those found in TCP) do
	# a great job of allowing network endpoints to negotiate transfer rates that
	# maximize a link's bandwidth usage without unduly penalizing any particular
	# stream. This allows bulk transfer streams to use the maximum available
	# bandwidth without affecting the latency of non-bulk (e.g. interactive)
	# streams.
	# Mac OS X Lion introduced a new, iOS-like context menu when you press and hold a key
	# that enables you to choose a character from a menu of options. If you are on Lion
	# try it by pressing and holding down 'e' in any app that uses the default NSTextField
	# for input.
	#
	# It's a nice feature and continues the blending of Mac OS X and iOS features. However,
	# it's a nightmare to deal with in Sublime Text if you're running Vintage (Vim) mode,
	# as it means you cannot press and hold h/j/k/l to move through your file. You have
	# to repeatedly press the keys to navigate.
	This is free and unencumbered software released into the public domain.

	Anyone is free to copy, modify, publish, use, compile, sell, or
	distribute this software, either in source code form or as a compiled
	binary, for any purpose, commercial or non-commercial, and by any
	means.

	In jurisdictions that recognize copyright laws, the author or authors
	of this software dedicate any and all copyright interest in the
	software to the public domain. We make this dedication for the benefit