##How Homakov hacked GitHub and the line of code that could have prevented it
Please note: THIS ARTICLE IS NOT WRITTEN BY THE GITHUB TEAM or in any way associated with them. It's simply hosted as a Gist because the markdown formatting is excellent and far clearer than anything I could manage on my personal Tumblr at peternixey.com.
If you'd like to follow me on twitter my handle is @peternixey
| { config, pkgs, lib, ... }: | |
| { | |
| rune.project.name = "shopify-pay"; | |
| rune.framework.rails.enable = true; | |
| aspect.packages.include = with pkgs; [ | |
| geolite2 ngrok mysqlClient57 overmind watchman toxiproxy v8 | |
| ]; | |
| rune.project.repoName = "pay"; |
| ELF -> H[0,128] | |
| for i = 0 to H.e_shnum in (SH[H.e_shoff+i*H.e_shentsize, H.e_shoff+(i+1)*H.e_shentsize]) | |
| for i = 1 to H.e_shnum in (Sec[SH(i).sh_offset, SH(i).sh_offset+SH(i).sh_size]) | |
| where Sec -> | |
| switch(SH(i).sh_type = 6 -> DynSec[SH(i).sh_offset, SH(i).sh_offset+SH(i).sh_size] | |
| / SH(i).sh_type = 3 -> StrSec[SH(i).sh_offset, SH(i).sh_offset+SH(i).sh_size] | |
| / (SH(i).sh_type = 11) || (SH(i).sh_type = 2) -> DynSymSec[SH(i).sh_offset, SH(i).sh_offset+SH(i).sh_size] | |
| / SH(i).sh_type = 7 -> NoteSec[SH(i).sh_offset, SH(i).sh_offset+SH(i).sh_size] | |
| / SH(i).sh_type = 9 -> RelSec[SH(i).sh_offset, SH(i).sh_offset+SH(i).sh_size] | |
| / SH(i).sh_type = 4 -> RelAddEndSec[SH(i).sh_offset, SH(i).sh_offset+SH(i).sh_size] |
