Skip to content

Instantly share code, notes, and snippets.

View rdya's full-sized avatar

rdya

1 follower · 0 following
View GitHub Profile
@rdya
rdya / using-openssl-from-python-with-python-cffi.md
Created November 20, 2018 07:39 — forked from vishvananda/using-openssl-from-python-with-python-cffi.md
Using OpenSSL from Python with python-cffi

Introduction

A few weeks ago I stumbled across a thread on hacker news that referenced the Matasano Cyrpto Challenge. I find myself unable to resist this type of problem so I decided to make an attempt. It teaches you to find vulnerabilities in crypto systems by starting with simple attacks and building up to more complex ones. Early on in the project it has you start breaking ecryption that uses the AES cypher in ECB mode. It specifically asks you not to implement the cypher yourself but to use a known-correct implementation like OpenSSL.

I tend to try to solve programming challenges in python, because the coding goes much more quickly. I checked the pyOpenSSL docs (which I have used before) to determine the call for encryption in ECB mode.

@rdya
rdya / scapy_bridge.py
Created December 2, 2018 05:00 — forked from eXenon/scapy_bridge.py
Use scapy as a modifying proxy
#!/usr/bin/python2
"""
Use scapy to modify packets going through your machine.
Based on nfqueue to block packets in the kernel and pass them to scapy for validation
"""
import nfqueue
from scapy.all import *
import os
@rdya
rdya / README.md
Created December 2, 2018 05:45 — forked from adrelanos/README.md
A Python 3 libnetfilter_queue handler intended to mitigate CPU load covert channels based on ping timings

Usage

To install the dependencies, run the script install_deps.sh as root.

To set up the filter, run setup_iptables.sh as root. You may need to change the queue-num parameter if you already have some NFQUEUE-based iptables rules.

To run the filter, run python3 main.py as root. If you used a queue number other than 0, you'll need to pass it as the first parameter to main.py.

@rdya
rdya / submit.md
Created April 22, 2019 04:34 — forked from tanaikech/submit.md
Benchmark: fetchAll method in UrlFetch service for Google Apps Script

Benchmark: fetchAll method in UrlFetch service for Google Apps Script

By Google's update at January 19, 2018, fetchAll method was added to the UrlFetch service. When I saw the usage, I couldn't find the detail information about the actual running state. So I investigated about it.

As the result, it was found that the fetchAll method is worked by the asynchronous processing. The returned data is reordered by the order of requests. By this, it was also found that if you want to retrieve the data from the several URL, the process cost of UrlFetchApp.fetchAll() is much lower than that of UrlFetchApp.fetch() using for loop.

The sample scripts for server side and client side are as follows.

Sample script for server side

In this report, 5 Web Apps were used as the servers. At first, 5 standalone projects were created and the following server script was put to each project. Then, Web Apps was deployed for ea