Skip to content

Instantly share code, notes, and snippets.

Avatar

Vito Genovese vito-lbs

View GitHub Profile
@vito-lbs
vito-lbs / Gemfile
Last active Jun 17, 2021
registrar-printer
View Gemfile
# frozen_string_literal: true
source "https://rubygems.org"
gem "redis"
gem "pry"
View MDErgo1-Default.json
{
"header": {
"Name": "MDErgo1",
"Layout": "Default",
"Base": "Blank",
"Version": "0.1",
"Author": "HaaTa (Jacob Alexander) 2015",
"KLL": "0.3c",
"Date": "2015-09-12",
"Generator": "KIICONF 0.2"
View runner.py
#!/bin/env python -u
import random
from os import environ, listdir, path
from sys import exit
from subprocess import Popen, PIPE
import signal
from base64 import b64decode
def alarm_handler(signum, frame):
print "timed out, sorry"
View asdf.rb
ActiveRecord::Base.connection_pool.with_connection do
Nonce.where('expires_at < ?', Time.now).delete_all rescue nil
end
View token.rb
class Token < ActiveRecord::Base
include BCrypt
belongs_to :instance
belongs_to :round
has_many :redemptions
has_many :captures, through: :redemptions
validates :instance, presence: true
validates :round, presence: true
View clone_all.rb
#!/usr/bin/env ruby
require 'pp'
host = "git@legitbs git server"
in_git = FileTest.exist?(File.join(Dir.pwd, '.git'))
if in_git
puts <<-EOS
Don't run this from inside a git working copy, run it from an empty
View rant.md

I don't think people understand what vulnerability sellers really do. They invest thousands of man and computer hours into finding bugs which people are willing to pay lots of money for. As a business, they want to keep their customer base happy, which means allowing their customers (yes, presumably the NSA/FBI/etc.) to use their exploits rather than selling them to Tails OS maintainers. Yes, it's probably the case that these exploits don't just go to nabbing child pornographers or drug traffickers, they also probably try to catch the next Snowden, which not everyone agrees is The Right Thing To Do. But for what it's worth, I'd still trust the US government (even with all its faults) far more than the Russians or Chinese.

But let's be honest here, Tails OS maintainers probably couldn't afford the same price that Exodus's customers will happily pay. Even if Exodus were happy to sell it to the Tails folks, that is certainly going to be a loss of money.

The arguments I'm used to hearing go something like "but

View gist:bc5459b02bd915cc898a
def to_token_string
key.chars.zip(@secret.chars).join
end
def self.from_token_string(token_string)
begin
key, secret = token_string.chars.each_slice(2).to_a.transpose.map(&:join)
candidate = self.where(key: key).first
rescue
return nil
View gist:0eb86443b897a1e5e1a2
each ListLogResp is from a different signing key
<Choripan::Messages::ListLogResp logs: [<Choripan::Messages::Log uuid: "0621719b-f3bd-41d5-9560-2d698420f0b6", signature: "23gej2yicat16111vsyhe45fb50hrzcx2w5roxrhkhep3ao1yflfaux2b66ykjsetghliq4bhjn8wpqzqog2zyjau9uupcmp57te", timestamp: 1401847188>, <Choripan::Messages::Log uuid: "99129876-4080-4d5c-b16e-e6a38de5d7aa", signature: "24g5jmy7c3tw6j1lv6ywey56bv0lrmcu2w51o3rmk8ee3wotyalua0xwbb61ktsqtdhxih4zh2nqw3qaqjg3zwjmumuvp9ma52tf", timestamp: 1401847200>]>
<Choripan::Messages::ListLogResp logs: [<Choripan::Messages::Log uuid: "9c73d194-d20e-4444-9558-9036f85c2c20", signature: "1355dim3k8d54epwc5z3llv1mtyws6z40me2cy3s1i2d1m89vfi16273gjgyhjhx3kumpjg28gbswijz0fatq3g08phn9w7g1mgm", timestamp: 1401847398>, <Choripan::Messages::Log uuid: "7efefbce-0ea6-4ad0-9086-ea599158b8e4", signature: "145udymekgdg4lp0cfzxlevxmlyosfz608eecb3f1e2m1x89vfiu6l71g5g1h7hy33uipkgc8lbnwzjv0dapqmg782hi947y1xgf", timestamp: 1401847447>]>
<Choripan::Messages::ListLogResp logs: [<Choripan:
View gist:ac1ad852e85428872b03
group = ECDSA::Group::Secp256k1
point_field = ECDSA::PrimeField.new group.order
e1 = ECDSA.normalize_digest logs[0].uuid, group.bit_length
e2 = ECDSA.normalize_digest logs[1].uuid, group.bit_length
pack = Choripan::Packer.new
up1 = pack.unpack(logs[0].signature)
up2 = pack.unpack(logs[1].signature)