Date: 07 August 2019 Author: isis agora lovecruft
- §4.2.2. Measuring constant-timedness by standard deviation, while useful for catching glaring mistakes, doesn't quite strike at the heart of the matter that the instructions generated should not do
curl \ | |
--data-urlencode sig="`\ | |
echo '{"body":{"key":{"eldest_kid":"0101a8dbef6ea8164aaa7a3616de95a1843c6e1996a5102c90200b54b41ba97de49b0a","fingerprint":"0a6a58a14b5946abde18e207a3adb67a2cdb8b35","full_hash":"99ed12fa1979ef175aecaaf3f0872f9e3ccfd30d1a8dcdf6e756ce0227ce4f80","host":"keybase.io","key_id":"a3adb67a2cdb8b35","kid":"0101a8dbef6ea8164aaa7a3616de95a1843c6e1996a5102c90200b54b41ba97de49b0a","uid":"03a69327bfbb7860c772345076484c19","username":"isislovecruft"},"type":"eldest","version":1},"ctime":1519428650,"expire_in":157680000,"prev":null,"seqno":1,"tag":"signature"}' | \ | |
gpg -u '0a6a58a14b5946abde18e207a3adb67a2cdb8b35' -a --sign`" \ | |
--data-urlencode type="eldest" \ | |
--data-urlencode session="lgHZIDAzYTY5MzI3YmZiYjc4NjBjNzcyMzQ1MDc2NDg0YzE5zlqQo1vOAeEzgNkgNzBmMmUwYzk5M2FiMjNkODQ3N2E1YjE1YTFiOGIxMDLEIOVa/OtsvVcgT66tlmlrIbkALadXIktmr5D4I4HdH2cY" \ | |
--data-urlencode csrf_token="lgHZIDAzYTY5MzI3YmZiYjc4NjBjNzcyMzQ1MDc2NDg0YzE5zlqQo1vOAAFRgMDEIIyPeDuHFq5EBgnha6MTZ8cSrgXO5XbEKP2QFOENmvD9" \ | |
#!/usr/bin/env python | |
# | |
# Test whether python-gnupg (https://github.com/isislovecruft/python-gnupg), | |
# *not* Vinay Sajip's vulnerable version (https://bitbucket.org/vinay.sajip/python-gnupg/), | |
# is also vulnerable. | |
# | |
# Authors: isis agora lovecruft <isis@patternsinthevoid.net> | |
from __future__ import print_function |
/target | |
**/*.rs.bk | |
Cargo.lock |
Date: 07 August 2019 Author: isis agora lovecruft