Skip to content

Instantly share code, notes, and snippets.

Tim McCormack timmc

Block or report user

Report or block timmc

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
@timmc
timmc / gist:9059052
Last active Aug 29, 2015
Sourdough starter history file format specification
View gist:9059052

History file format

A history file is a series of lines that are either comments (lines where the first non-whitespace character is a #) or log entries. Log entries are JSON arrays consisting of a sequence of strings (this sequence being called a "tag") followed optionally by some other data structure (called the "payload".) For instance, an entry might take the form of:

View gist:9315809
22:49 < timmc> I'm getting odd behavior trying to proxy my feed reader (liferea)
for debugging.
22:51 < timmc> I have some HTTP Basic Auth RSS feeds from Livejournal, and
liferea is apparently sending the username as the userinfo
portion of the URL, e.g.
http://bob@alice.livejournal.com/data/rss?auth=digest
22:51 < timmc> mitmproxy then responds with "← 502: Error connecting to
"bob@alice.livejournal.com": [Errno -5] No address associated
with hostname"
23:03 < timmc> Any clues on whether this is liferea being weird, or a bug in
@timmc
timmc / lastpass.js
Created Jun 10, 2014
Unminified version of lastpass.js from version 3.1.1, presented for research purposes only.
View lastpass.js
This file has been truncated, but you can view the full file.
var nsILastPass = Components.interfaces.nsILastPass,
nsISupports = Components.interfaces.nsISupports,
CLASS_ID = Components.ID("{89cfce0b-8110-11dd-ad8b-0800200c9a66}"),
CLASS_NAME = "LastPass Javascript XPCOM Component",
CONTRACT_ID = "@lastpass.com/lastpass;1",
LP = null,
LastPassFactory = {
createInstance: function(Zc, Yb) {
if (null != Zc) throw Components.results.NS_ERROR_NO_AGGREGATION;
@timmc
timmc / gist:264d5c0d033b6b62d6e5
Last active Aug 29, 2015
LastPass brute-forcing for master password recovery
View gist:264d5c0d033b6b62d6e5

Below is a script I used to recover a LastPass master password from Firefox's Browser Console (not Firebug or the Web Console, this is in the Tools -> Web Developer menu.)

Caveats

  • Be sure to disable your internet connection before running this, or LastPass will lock your account for too many attempts! Yes, this probably means there is something wrong with their security model, since it's all supposed to be done offline.
  • I do not know whether there is a chance the Browser Console might log what you enter (and therefore your password) to some file. You probably want to change your password after this, thus beginning anew the cycle of forgetting.
  • This script only works for single-character substitutions. It should be easy to modify for other ways of walking through a keyspace.

Code

View gist:d78ac17dcec759742d04
### Keybase proof
I hereby claim:
* I am timmc on github.
* I am timmc (https://keybase.io/timmc) on keybase.
* I have a public key whose fingerprint is C669 006E D008 22BA 968F 799D 5503 5417 3BBF 4E12
To claim this, I am signing this object:
View gist:a2b9c58e97e96352e103
$ pathoc -r sp443 clojars.org options:*
<< HTTP Error: Invalid server response: '<html>\r\n'
<< Response (unprintables escaped):
<html>.
@timmc
timmc / PeekableCacheObservable.java
Last active Aug 29, 2015
Haven't tested this. Beware.
View PeekableCacheObservable.java
package rx.operators;
import java.util.concurrent.atomic.AtomicBoolean;
import rx.Observable;
import rx.Observer;
import rx.Subscription;
import rx.subjects.ReplaySubject;
/**
View gist:b74ee7307377d38a842b
#!/bin/bash
# Monitor autodetection. $1 may be once, loop, stop, or resume.
stopfile="/home/timmc/.stop-monitor-autoupdate"
function autoupdate() {
xrandr -q | grep '^VGA1 connected ' > /dev/null
if [ $? -eq 0 ]; then
xrandr --output LVDS1 --off --output VGA1 --auto
else
@timmc
timmc / jsafe-sucks.md
Created Aug 14, 2014
Solution to JSafe JCE class initialization error
View jsafe-sucks.md

Trying to load com.rsa.cryptoj.j.hE from inside an uberjar (combined jars of all dependencies):

java.lang.ExceptionInInitializerError, compiling:(NO_SOURCE_PATH:0:0)
	at clojure.lang.Compiler.analyze(Compiler.java:6464)
	at clojure.lang.Compiler.analyze(Compiler.java:6406)
	at clojure.lang.Compiler.eval(Compiler.java:6707)
	at clojure.lang.Compiler.eval(Compiler.java:6666)
	at clojure.core$eval.invoke(core.clj:2927)
	at clojure.main$repl$read_eval_print__6625$fn__6628.invoke(main.clj:239)
You can’t perform that action at this time.