Navigation Menu

Skip to content

Instantly share code, notes, and snippets.

View kanzure's full-sized avatar

Bryan Bishop kanzure

517 followers · 667 following
View GitHub Profile
@RubenSomsen
RubenSomsen / Blind-DH-ecash.md
Last active January 25, 2024 02:14

Blind Diffie-Hellman Key Exchange (blind ecash)

The goal of this protocol is for Bob to get Alice to perform a Diffie-Hellman key exchange blindly, such that when the unblinded value is returned, Alice recognizes it as her own, but can’t distinguish it from others (i.e. similar to a blind signature).

Alice:
A = a*G
return A

Bob:
Y = hash_to_curve(secret_message)
r = random blinding factor
@epixoip
epixoip / cloudflare_challenge
Last active December 2, 2023 11:53
How I obtained the private key for www.cloudflarechallenge.com
I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the
10th to get it (ok, looks like I was the 8th.) But I'm happy that I was able to prove to myself
that I too could do it.
First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially
believed that it would be highly improbable under normal conditions to obtain the private key
through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's
challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to
extract private keys. So I wanted to see first-hand if it was possible or not.
@dnordberg
dnordberg / api_docs.py
Last active May 9, 2016 22:43
Generate Swagger documentation stubs for flask-restless.
# Script used to help generate Swagger docs.
import re
import os
import argparse
import urlparse
import simplejson
from collections import defaultdict
from sqlalchemy.ext.declarative.api import DeclarativeMeta
@dsueiro
dsueiro / ron-shamir-review.md
Created February 20, 2013 17:08 — forked from jgarzik/ron-shamir-review.md

This is a review of "Quantitative Analysis of the Full Bitcoin Transaction Graph" by Dorit Ron and Adi Shamir.

There are some incorrect details and analyses that warrant attention.

Oct. 31 UPDATE

The authors have introduced several revisions to their paper, available at the same URL as before.

The criticism below may be outdated in part or in full.

@knewter
knewter / gist:4709576
Created February 4, 2013 20:41
vids
----------------------------
#<ProbablyWorthWatching::Tweet:0x00000004cfbf30 @author="kanzure_", @content="http://www.youtube.com/watch?v=3N0kWzC6jmE&feature=related Lecture - 2 Architecture of Industrial Automation Systems">
title: Lecture - 2 Architecture of Industrial Automation Systems
description: Lecture Series on Industrial Automation and Control by Prof. S. Mukhopadhyay, Department of Electrical Engineering, IIT Kharagpur. For more Courses visit http://nptel.iitm.ac.in
url: http://www.youtube.com/v/3N0kWzC6jmE&feature=youtube_gdata_player
----------
#<ProbablyWorthWatching::Tweet:0x00000004d026a0 @author="kanzure_", @content="http://www.youtube.com/watch?v=PirH8PADDgQ the ad">
title: Koyaanisqatsi (trailer)
description: Trailer do filme Koyaanisqatsi
@markpundsack
markpundsack / heroku-CVE-2013-0156.rb
Last active November 27, 2023 15:44 — forked from elliottkember/heroku-CVE-2013-0156.rb
Forked from https://gist.github.com/4489689 by elliottkember. CVE-2013-0156 is a nasty vulnerability in many versions of Rails. This script checks all your Heroku apps for this vulnerability in one quick (slow) move. More info: https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
## The quick-and-nasty CVE-2013-0156 Heroku inspector!
## Originally brought to you by @elliottkember with changes by @markpundsack @ Heroku
## Download and run using:
## ruby heroku-CVE-2013-0156.rb
`heroku list`.split("\n").each do |app|
app = app.strip
# Some "heroku apps" lines have === formatting for grouping. They're not apps.
next if app[0..2] == "==="
@postmodern
postmodern / rails_rce.rb
Last active July 17, 2023 11:54
Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#!/usr/bin/env ruby
#
# Proof-of-Concept exploit for Rails Remote Code Execution (CVE-2013-0156)
#
# ## Advisory
#
# https://groups.google.com/forum/#!topic/rubyonrails-security/61bkgvnSGTQ/discussion
#
# ## Caveats
#
@jboner
jboner / latency.txt
Last active April 22, 2024 15:20
Latency Numbers Every Programmer Should Know
Latency Comparison Numbers (~2012)
----------------------------------
L1 cache reference 0.5 ns
Branch mispredict 5 ns
L2 cache reference 7 ns 14x L1 cache
Mutex lock/unlock 25 ns
Main memory reference 100 ns 20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy 3,000 ns 3 us
Send 1K bytes over 1 Gbps network 10,000 ns 10 us
Read 4K randomly from SSD* 150,000 ns 150 us ~1GB/sec SSD
@n1k0
n1k0 / test.js
Created September 10, 2011 15:28
PhantomJS, arraybuffer and obsolete webkit version :(
var page = new WebPage();
page.open('http://www.google.fr/', function(status) {
var base64 = page.evaluate(function() {
function base64ArrayBuffer(arrayBuffer) {
var base64 = ''
var encodings = 'ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+/'
var bytes = new Uint8Array(arrayBuffer)
var byteLength = bytes.byteLength
var byteRemainder = byteLength % 3
var mainLength = byteLength - byteRemainder
@denik
denik / ServerRack.py
Created June 5, 2011 09:31
class for managing multiple servers in gevent
# Class for managing multiple servers or anything with start() and stop() methods
class ServerRack(object):
def __init__(self, servers):
self.servers = servers
def start(self):
started = []
try: