Skip to content

Instantly share code, notes, and snippets.

👨‍💻

Ryan Castellucci ryancdotorg

👨‍💻
Block or report user

Report or block ryancdotorg

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@ryancdotorg
ryancdotorg / exim-restrict-perl.patch
Created Jun 6, 2019
patch to restrict exim's `{$perl {...}}` expansion function for hardening purposes
View exim-restrict-perl.patch
--- old/src/perl.c 2017-03-04 21:21:35.000000000 +0000
+++ new/src/perl.c 2019-03-09 23:42:10.546624662 +0000
@@ -160,6 +160,23 @@
uschar *str;
int items;
+ if (name[0] == '_')
+ {
+ *errstrp = US"forbidden function name";
+ return 0;
@ryancdotorg
ryancdotorg / exim-forbid-run.patch
Created Jun 6, 2019
patch to allow exim's `${run {...}}` expansion to be globally disabled. Add `forbid_run = true` to exim's main config.
View exim-forbid-run.patch
--- old/src/readconf.c 2019-03-09 20:41:17.000000000 +0000
+++ new/src/readconf.c 2019-03-13 07:44:59.855569375 +0000
@@ -152,6 +152,7 @@
{ "extra_local_interfaces", opt_stringptr, &extra_local_interfaces },
{ "extract_addresses_remove_arguments", opt_bool, &extract_addresses_remove_arguments },
{ "finduser_retries", opt_int, &finduser_retries },
+ { "forbid_run", opt_bit | (RDON_RUN << 16), &expand_forbid },
{ "freeze_tell", opt_stringptr, &freeze_tell },
{ "gecos_name", opt_stringptr, &gecos_name },
{ "gecos_pattern", opt_stringptr, &gecos_pattern },
View lz77c.js
// a toy lz77 compressor that outputs printable ascii, by @ryancdotorg
var compress = function(I) {
var p = 0, // position in input
o = "", // compressed output string
D, D_MAX = 479, // distance
L, L_MAX = 19, // length
match; // best match for current position
// encode a (distance,length) tuple
@ryancdotorg
ryancdotorg / exim.py
Created Dec 23, 2018
Twisted protocol for Exim's `readsocket` function
View exim.py
#!/usr/bin/env python
from zope.interface import implementer
from twisted.internet.interfaces import IHalfCloseableProtocol
from twisted.internet.protocol import Protocol
@implementer(IHalfCloseableProtocol)
class EximSocketProtocol(Protocol):
# buffer received data
def dataReceived(self, data):
@ryancdotorg
ryancdotorg / bitfi_to_brainflayer.py
Last active Sep 15, 2018
Python script to output Bitfi key material compatible with `brainflayer -x -t priv`.
View bitfi_to_brainflayer.py
#!/usr/bin/env python
# This script accepts salt,passphrases pairs on STDIN seperated by a tab.
# Specify the coin symbol and indexes to generate via command line args.
#
# Appears to work fine with Bitcoin, Litecoin and Ethereum, probably works
# with many other coins as well.
#
# Don't participate in Bitfi's pay-to-play Bounty - it's a sham.
View brotlipng.sh
#!/bin/sh
# brotlipng.sh by @ryancdotorg
pngcrush -q -force -m 1 -l 0 "$1" ".$1.tmp" && \
brotli -fj ".$1.tmp" -o "$1.br"
@ryancdotorg
ryancdotorg / bitfi.py
Created Jul 25, 2018
incomplete attempt to implement bitfi's key derivation algorithm
View bitfi.py
#!/usr/bin/env python
import sys
import hmac
import hashlib
import binascii
import scrypt
import pycoin
from pybitcointools import *
@ryancdotorg
ryancdotorg / export-earn.com-earnings.js
Last active Mar 19, 2018
earnings report for earn.com task completion
View export-earn.com-earnings.js
// paste to console on https://earn.com/history/ after scrolling down until no more entries appear
hist=[];
document.querySelectorAll(".tasks-results-card-content").forEach(function(e){
var yearStr = " "+(new Date()).getFullYear();
var dateStr = e.getElementsByClassName("task-results-response-status")[0]
.getElementsByTagName("div")[6].innerText.split(',')[0];
dateStr += dateStr.indexOf(yearStr) > -1 ? "" : yearStr;
hist.push(
e.getElementsByClassName("head-stat")[0]
View bloom_chk_hash160.nasm
CPU X64
%macro check_bit 0 ; check whether bit rax
; of the bloom filter is set
mov rdx, rax ; copy hash
shr rax, byte 3 ; byte to check in rax
movzx rax, byte [rdi+rax] ; load byte to check from memory
and rdx, byte 7 ; mask off bit to check
bt rax, rdx ; bit test against bloom filter
jnc bloom_miss ; jump to return a 'miss' if bit isn't set
@ryancdotorg
ryancdotorg / rotate_dkim.py
Last active Jul 1, 2018
Experimental DKIM rotate/revoke/repudiate script for Exim+Route53. I take no responsibility for its use.
View rotate_dkim.py
#!/usr/bin/env python
import os
import grp
import sys
import stat
import time
import hmac
import boto3
import tempfile
You can’t perform that action at this time.