Skip to content

Instantly share code, notes, and snippets.

Avatar

NM nmcv

  • United States
View GitHub Profile
@nmcv
nmcv / latency.txt
Created Nov 8, 2015 — forked from jboner/latency.txt
Latency Numbers Every Programmer Should Know
View latency.txt
Latency Comparison Numbers
--------------------------
L1 cache reference 0.5 ns
Branch mispredict 5 ns
L2 cache reference 7 ns 14x L1 cache
Mutex lock/unlock 25 ns
Main memory reference 100 ns 20x L2 cache, 200x L1 cache
Compress 1K bytes with Zippy 3,000 ns
Send 1K bytes over 1 Gbps network 10,000 ns 0.01 ms
Read 4K randomly from SSD* 150,000 ns 0.15 ms
@nmcv
nmcv / install_phpsh.sh
Created Oct 17, 2015 — forked from eric1234/install_phpsh.sh
Install phpsh on Ubuntu
View install_phpsh.sh
# https://gist.github.com/eric1234/7324795
# Make sure git is installed
apt-get install -y git
# Remove functions that phpsh needs from config.
sed -i 's/pcntl_signal,//g' /etc/php5/cli/php.ini
sed -i 's/pcntl_fork,//g' /etc/php5/cli/php.ini
sed -i 's/pcntl_wait,//g' /etc/php5/cli/php.ini
@nmcv
nmcv / gdb_ascii_examine.txt
Created Apr 27, 2015
Examine memory with ASCII view in GDB
View gdb_ascii_examine.txt
define xac
dont-repeat
set $addr = (char *)($arg0)
set $endaddr = $addr + $arg1
while $addr < $endaddr
printf "%p: ", $addr
set $lineendaddr = $addr + 8
if $lineendaddr > $endaddr
set $lineendaddr = $endaddr
end
View simple-https-server.py
# taken from http://www.piware.de/2011/01/creating-an-https-server-in-python/
# generate server.xml with the following command:
# openssl req -new -x509 -keyout server.pem -out server.pem -days 365 -nodes
# run as follows:
# python simple-https-server.py
# then in your browser, visit:
# https://localhost:4443
import BaseHTTPServer, SimpleHTTPServer
import ssl
View wps_openwrt.sh
##
## WPS on OpenWRT
## This script enables Wi-Fi Protected Setup on OpenWRT.
##
## Resources
## http://wiki.openwrt.org/doc/uci/wireless#wps.options
##
#Install the full wpad package
opkg update
@nmcv
nmcv / new_gist_file_0
Created Jan 23, 2015
OS X networkd "effective_audit_token" XPC type confusion sandbox escape (with exploit). From https://code.google.com/p/google-security-research/issues/detail?id=130&q=label%3AVendor-Apple
View new_gist_file_0
networkd is the system daemon which implements the com.apple.networkd XPC service. It's unsandboxed but runs as its own user. com.apple.networkd is reachable from many sandboxes including the Safari WebProcess and ntpd (plus all those which allow system-network.)
networkd parses quite complicated XPC messages and there are many cases where xpc_dictionary_get_value and xpc_array_get_value are used without subsequent checking of the type of the returned value.
An XPC message with the following keys and values will reach the function at offset 0x7421 in networkd:
exploit dict = {
“type” = 6,
“connection_id” = 1,
“state” = {
@nmcv
nmcv / feistel_test.py
Created Nov 23, 2014
Test if L3 is L3 XOR {1} in the other case. H/W 1.
View feistel_test.py
#!/usr/bin/env python3
import itertools
import string
from pprint import pprint
from binascii import unhexlify, hexlify
def cmp(a, b):
@nmcv
nmcv / sqlite_shell.py
Created Jun 9, 2014
Minimal SQLite shell from Python docs
View sqlite_shell.py
# A minimal SQLite shell for experiments
import sqlite3
con = sqlite3.connect(":memory:")
con.isolation_level = None
cur = con.cursor()
buffer = ""
@nmcv
nmcv / i3-exit.py
Created May 8, 2014
Exit script for i3 (replaces i3-exit) with GTK frontend. Forked off someone on GH, added CLI options
View i3-exit.py
#!/usr/bin/env python
# based on cb-exit used in CrunchBang Linux <http://crunchbanglinux.org/>
import pygtk
pygtk.require('2.0')
import gtk
import os
import getpass
import sys
View sha-padding.py
#!/usr/bin/env python
# http://www.vnsecurity.net/t/length-extension-attack/
# sha1 padding/length extension attack
# by rd@vnsecurity.net
#
import sys
import base64
from shaext import shaext
You can’t perform that action at this time.