Skip to content

Instantly share code, notes, and snippets.


rain1 rain-1

View GitHub Profile
View fishbowl.c
// This program runs another program in a "fishbowl" set to the
// current working directory. The idea is that the subprocess
// should only be able to edit files in that path or anything
// descended from it. It can read outside the fishbowl but if it
// attempts to create or edit files outside of it that syscall
// is blocked (by switching it to getpid which does nothing).
// A malicious program can bypass the fishbowl using threads to
// make a syscall and then swap the path after verification.
// This is not a security tool, it is just to protect against
rain-1 /
Created May 12, 2017 — forked from anonymous/

Ransomware attack hits UK NHS, Spain Telefonica, 74 countries affected.

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: Windows 7 is vulnerable. It uses EternalBlue MS17-010 to propagate.

Malware samples

rain-1 / makesfile
Created Apr 10, 2018
example makesfile to build jq
View makesfile
set -e
set -x
function clean {
rm -f src/version.h
rm -f src/
rm -f src/*.o
rm -f jq
View isqrt.c
#include <stdio.h>
#include <stdint.h>
uint64_t myisqrt(uint64_t n) {
int i;
uint64_t r, tmp;
r = 0;
for(i = 64/2-1; i >= 0; i--) {
tmp = r | (1 << i);
rain-1 / boot.S
Created Sep 30, 2018
GNU assembly bootloader
View boot.S
.global _start
xor %ax, %ax
mov %ax, %ds
mov $msg, %si
View mrx.js
var text = "foobar";
text = text.replace(/o/g, "a");
text = text.replace(/a/g, "x");
var text = "foobar";
rain-1 / grammar-1.rkt
Last active Feb 7, 2019
parsing with grammars
View grammar-1.rkt
#lang racket
;(start, (ACCEPT))
;(start, (READ #\a, sym))
;(start, (READ #\b, sym))
;(start, (READ #\(, "sexps"), PUSH(#\)))
;(sym, (ACCEPT))
;(sym, (READ #\a, sym))
;(sym, (READ #\b, sym))
rain-1 / set.rkt
Created Mar 4, 2019
generalized set! in racket - failed idea
View set.rkt
#lang racket
(require (for-syntax racket/syntax))
(define toplevel 'foo)
(define-syntax (set^ stx)
(syntax-case stx ()
[(_ (attr x) y)
(with-syntax ([set-attr! (format-id #'toplevel "set-~a!" (syntax-e #'attr))])
rain-1 / serialize-lisp.rkt
Created Feb 17, 2019
View serialize-lisp.rkt
#lang racket
;; This implements a baby lisp interpreter using closure conversion pass before execution
;; It supports serialization of closures (e.g. for partial evaluation/staging) and reading back and executing those objects
(require data/queue)
;; closure conversion for lambda calculus
;; the input language is:
rain-1 / another way
Last active Mar 12, 2019
View another way
#lang racket
(require racket/stream)
(define (make-prefix len)
(lambda (tail)
(append (make-list len '_) (cons 'o tail))))
(define (k-combinations k n)
(cond ((= k 0)
You can’t perform that action at this time.