Skip to content

Instantly share code, notes, and snippets.

@rufoa
rufoa / zpop.py
Last active Jun 5, 2018
redis zpopmin/zpopmax in lua
View zpop.py
# same behaviour as zpopmax/zpopmin in redis 5.0.0-RC2:
# count arg defaults to 1
# count > 0: return count many items
# count <= 0: return all items
lua_zpopmax = """
assert(#KEYS == 1)
assert(#ARGV <= 1)
local count = 1
@rufoa
rufoa / gist:f7901bfda28ce0ea49a8
Last active Aug 18, 2018
the correct way to use SecureRandom in clojure. automatically reseeds every ttl ms
View gist:f7901bfda28ce0ea49a8
(defn- reseeding-prng [ttl]
(let [state (atom {})]
(fn []
(let [now (.getTime (java.util.Date.))]
(when (> (- now (:last-seeded @state 0)) ttl)
(let [new-generator (java.security.SecureRandom/getInstance "SHA1PRNG" "SUN")]
(.nextBytes new-generator (byte-array 0))
(swap! state assoc :last-seeded now :generator new-generator)))
(:generator @state)))))
View tor attacks.md

De-anonymising Tor users

An incomplete history of attacks

Operation Pacifier (2015)

  • Watering hole attack against "Playpen" onion site
  • Believed to exploit a vulnerability in Firefox
  • FBI chose to drop case rather than reveal details of technique

CMU SEI (2014)

View ee bright box 2.md

The Bright Box 2 is a combined VDSL modem and wireless router supplied to customers of EE (Orange). It is manufactured by Arcadyan and uses a Broadcom bcm63xx SoC

These instructions are based on the latest firmware at the time of writing: v0.04.05.0001-OT (Fri Mar 24 17:29:32 2017)

Put it in bridge mode

  • This is for if you want to use the Bright Box as a VDSL modem only, and have a separate router act as the PPPoE client (e.g. ubiquiti edgerouter), avoiding double NAT
  • There is lot of nonsense, not least from people on EE's own forum, about how this cannot be done
  • If desired, change the Bright Box IP and subnet before doing this because the settings tab becomes inaccessible
  • Connect your router to port 4 (GigE) on your BB
View warp.md

Connecting to Cloudflare WARP with WireGuard

Cloudflare's WARP VPN uses a slightly modified version of the WireGuard protocol, but it remains backwards compatible with the normal WireGuard client software. This means you can connect to it on platforms which don't yet have an official WARP client, e.g. your computer or EdgeOS-based router.

Step 1

Generate a WireGuard keypair, as usual:

wg genkey | tee private.key | wg pubkey > public.key

View st4 linux build 4094
printf '\00\00\00' | dd of=sublime_text bs=1 seek=290764 count=3 conv=notrunc
https://www.google.com/search?q=%22EA7E-890007%22
@rufoa
rufoa / Jenkinsfile
Created May 13, 2019
Jenkins [skip ci] implementation for multi-branch declarative pipeline
View Jenkinsfile
// change 'agent' lines as appropriate
pipeline {
agent none
stages {
stage('Run CI?') {
agent any
steps {
@rufoa
rufoa / patch.sh
Last active Oct 15, 2021
sublime merge 2 build 2059 linux
View patch.sh
#!/bin/bash
set -o errexit
set -o nounset
set -o pipefail
target="${1:-/opt/sublime_merge/sublime_merge}"
check_sha() {
local sha_valid