Skip to content

Instantly share code, notes, and snippets.

Avatar

Stanisław Pitucha viraptor

  • Australia
View GitHub Profile
View process.py
#!/usr/bin/env python3
import sys
from collections import defaultdict
import hashlib
def calc_hash(line, num):
m = hashlib.sha256()
m.update(line.encode('ascii'))
m.update(b",")
View CVE-2018-18476.md

Vulnerability

mysql-binuuid-rails is vulnerable to SQL injection: Model.where(uuid: "ff' OR ''='") turns into:

SELECT  `model`.* FROM `model` WHERE `model`.`uuid` = x'ff' OR ''='' LIMIT 11

Root cause

View keybase.md

Keybase proof

I hereby claim:

  • I am viraptor on github.
  • I am viraptor (https://keybase.io/viraptor) on keybase.
  • I have a public key whose fingerprint is C28C 27BE 0EBC 1D23 34CA 28DB 6A5C 9227 4A99 6B04

To claim this, I am signing this object:

View addr tests
import net/[Address]
import proof
test("same ip4 addresses", func () {
ip1 := IP4Address new("1.2.3.4")
ip2 := IP4Address new("1.2.3.4")
assert(ip1 == ip2)
assert(!(ip1 != ip2))
})
View middleware.py
...
if asbool(static_files):
# Serve static files
static_app = StaticURLParser(config['pylons.paths']['static_files'])
app = Cascade([static_app, app])
app = CloseConnection(app)
return app
class CloseConnection: