Skip to content

Instantly share code, notes, and snippets.

Avatar

Hector Martin marcan

View GitHub Profile
View deepduck.sc
// Get the sample here: https://mrcn.st/t/a_duck.wav
// This is what it sounds like: https://soundcloud.com/marcan42/deep-duck
s = Server.local;
"SC_JACK_DEFAULT_OUTPUTS".setenv("system:playback_1,system:playback_2");
s.waitForBoot({
b = Buffer.read(s,"a_duck.wav");
View ntfs_dump_mft.py
#!/usr/bin/python
import struct, sys
mfts = """
c00004f0
2067334f0
114e7d24f0
26496944f0
26f39174f0
@marcan
marcan / flipvideo.py
Created Dec 30, 2015
Video player for the 32c3 flip-dot display
View flipvideo.py
#!/usr/bin/python2
import sys, ffms, time, socket
import numpy as np
source_file = sys.argv[1]
# Output one out of every N frames
framedrop = 18
# Input video FPS (hardcoded)
fps = 30
@marcan
marcan / brainfuck.sh
Created Apr 22, 2016
Brainfuck interpreter in POSIX sh
View brainfuck.sh
#!/bin/sh
# Brainfuck interpreter implemented in pure POSIX sh builtins only (except I/O)
# Tested in bash and busybox ash (getchar uses a bash-specific read)
# === I/O ===
getchar() {
# bashism
IFS= read -rN 1 a
if [ -z "$a" ]; then
echo $th
@marcan
marcan / linux.sh
Last active Feb 1, 2021
Linux kernel initialization, translated to bash
View linux.sh
#!/boot/bzImage
# Linux kernel userspace initialization code, translated to bash
# (Minus floppy disk handling, because seriously, it's 2017.)
# Not 100% accurate, but gives you a good idea of how kernel init works
# GPLv2, Copyright 2017 Hector Martin <marcan@marcan.st>
# Based on Linux 4.10-rc2.
# Note: pretend chroot is a builtin and affects the current process
# Note: kernel actually uses major/minor device numbers instead of device name
@marcan
marcan / gamma_trick.sh
Last active Mar 5, 2021
Two images in one using the PNG gamma header trick.
View gamma_trick.sh
#!/bin/sh
# PNG Gamma trick (by @marcan42 / marcan@marcan.st)
#
# This script implements an improved version of the gamma trick used to make
# thumbnail images on reddit/4chan look different from the full-size image.
#
# Sample output (SFW; images by @Miluda):
# https://mrcn.st/t/homura_gamma_trick.png
# https://www.reddit.com/r/test/comments/6edthw/ (click for fullsize)
# https://twitter.com/marcan42/status/869855956842143744
@marcan
marcan / smbloris.c
Last active Dec 12, 2020
SMBLoris attack proof of concept
View smbloris.c
/* SMBLoris attack proof-of-concept
*
* Copyright 2017 Hector Martin "marcan" <marcan@marcan.st>
*
* Licensed under the terms of the 2-clause BSD license.
*
* This is a proof of concept of a publicly disclosed vulnerability.
* Please do not go around randomly DoSing people with it.
*
* Tips: do not use your local IP as source, or if you do, use iptables to block
@marcan
marcan / bloom.py
Last active May 26, 2021
Simple Bloom filter implementation in Python 3 (for use with the HIBP password list)
View bloom.py
#!/usr/bin/python3
#
# Simple Bloom filter implementation in Python 3
# Copyright 2017 Hector Martin "marcan" <marcan@marcan.st>
# Licensed under the terms of the MIT license
#
# Written to be used with the Have I been pwned? password list:
# https://haveibeenpwned.com/passwords
#
# Download the pre-computed filter here (968MB, k=11, false positive p=0.0005):
@marcan
marcan / decimate264.py
Created Sep 12, 2017
Two h.264 framerates for the price of one
View decimate264.py
#!/usr/bin/python3
import sys
KEYINT = 30
# Encode your input like this (example):
# x264 --crf 20 --keyint 30 --min-keyint 30 --bframes 1 --no-b-adapt <input> -o <output.h264>
# Produces display order IBPBPBP...BPBPP|IBPBPBP...BPBPP|...
# Decoding (file) order IPBPBPB...PBPBP|IPBPBPB...PBPBP|...