Skip to content

Instantly share code, notes, and snippets.

View tam7t's full-sized avatar
🐶
woof

Tommy Murphy tam7t

🐶
woof
100 followers · 39 following
View GitHub Profile
@tam7t
tam7t / gist:7518221
Created November 17, 2013 21:01
Python exit() segfault System Version: OS X 10.9 (13A603) Kernel Version: Darwin 13.0.0
texas:~ tam7t$ python
Python 2.7.3 (v2.7.3:70274d53c1dd, Apr 9 2012, 20:52:43)
[GCC 4.2.1 (Apple Inc. build 5666) (dot 3)] on darwin
Type "help", "copyright", "credits" or "license" for more information.
>>> exit
Use exit() or Ctrl-D (i.e. EOF) to exit
>>> exit()
Segmentation fault: 11
@tam7t
tam7t / gist:86eb4793e8ecf3f55037
Last active April 14, 2022 10:57
Securing Ruby's OpenSSL

Are your Ruby HTTPS API calls secure?

Let's check:

2.0.0-p481 :001 > OpenSSL::SSL::SSLContext::DEFAULT_PARAMS
 => {:ssl_version=>"SSLv23", :verify_mode=>1, :ciphers=>"ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW", :options=>-2147482625}
2.0.0-p481 :002 > rating = JSON.parse(RestClient::Resource.new("https://www.howsmyssl.com/a/check" ).get)['rating']
 => "Bad"
@tam7t
tam7t / gist:04313f41a5b8544f5188
Last active August 29, 2015 14:07
OpenSSL Version/Configuration spec
require 'rails_helper'
describe 'OpenSSL' do
describe 'configuration' do
it 'is secure' do
expect(JSON.parse(Faraday.get('https://www.howsmyssl.com/a/check').body)['rating']).to eq 'Probably Okay'
end
end
@tam7t
tam7t / keybase.md
Created December 5, 2014 04:21

Keybase proof

I hereby claim:

  • I am tam7t on github.
  • I am tam7t (https://keybase.io/tam7t) on keybase.
  • I have a public key whose fingerprint is B657 60A9 D721 1834 546F 17A3 5080 6B38 E22D 571D

To claim this, I am signing this object:

@tam7t
tam7t / gist:f38ef0a4c7605eaada8f
Created April 21, 2015 14:07
signal profiling
package main
import "fmt"
import "syscall"
import "os"
import "os/signal"
import "time"
import "runtime/pprof"
func main() {
@tam7t
tam7t / tlsprox.go
Created April 26, 2015 22:02
Minimal TLS MITM transparent proxy
/* tlsprox - minimal tls MITM transparent proxy... in go!
* by @tam7t
*
* Usage:
* If we want to MITM https://example.com first get example.com's ip address
* then add localhost to /etc/hosts:
*
* 127.0.0.1 example.com
*
* > go build tlsprox.go
@tam7t
tam7t / pemedit.go
Created April 26, 2015 22:03
Certificate manipulation tool
/* pemedit - certificate manipulation tool
* by @tam7t
*
* Usage:
* > go build pemedit.go
* > ./pemedit.go -in=server.pem -cn=google.com > cert.new.pem
* > openssl x509 -in cert.new.pem -text -noout
*/
package main
@tam7t
tam7t / DoesNotWork.java
Last active November 25, 2015 14:48
public class DoesNotWork {
public static void main(String[] args) {
// this will compile once, fail on execution, and subsequent compiles fail
Messages.Status me = Messages.Status.newBuilder().buildPartial();
System.out.println("It Works!");
}
}
@tam7t
tam7t / parser-surprise.html
Last active August 29, 2015 14:24
XSS!?!
<html>
<head>
<title>title</title>
<script>
var someHtmlString = "</script><script>alert('hi!');</script><script>";
</script>
</head>
<body>
<h1>this is a test</h1>
@tam7t
tam7t / plusminus.rb
Created November 7, 2015 05:07
Github statistics
# plusminus.rb by @tam7t
#
# Prereqs:
# gem install octokit time_diff colorize
#
# Usage:
# API_TOKEN=<GITHUB API TOKEN> ruby plusminus.rb
#
# Optional Params:
# ENDPOINT=<ghe endpoint>