Skip to content

Instantly share code, notes, and snippets.

View vito-lbs's full-sized avatar

Vito vito-lbs

View GitHub Profile
vito-lbs / Gemfile
Last active June 17, 2021 14:47
# frozen_string_literal: true
source ""
gem "redis"
gem "pry"
"header": {
"Name": "MDErgo1",
"Layout": "Default",
"Base": "Blank",
"Version": "0.1",
"Author": "HaaTa (Jacob Alexander) 2015",
"KLL": "0.3c",
"Date": "2015-09-12",
"Generator": "KIICONF 0.2"
#!/bin/env python -u
import random
from os import environ, listdir, path
from sys import exit
from subprocess import Popen, PIPE
import signal
from base64 import b64decode
def alarm_handler(signum, frame):
print "timed out, sorry"
ActiveRecord::Base.connection_pool.with_connection do
Nonce.where('expires_at < ?', rescue nil
class Token < ActiveRecord::Base
include BCrypt
belongs_to :instance
belongs_to :round
has_many :redemptions
has_many :captures, through: :redemptions
validates :instance, presence: true
validates :round, presence: true
#!/usr/bin/env ruby
require 'pp'
host = "git@legitbs git server"
in_git = FileTest.exist?(File.join(Dir.pwd, '.git'))
if in_git
puts <<-EOS
Don't run this from inside a git working copy, run it from an empty
vito-lbs /
Created July 22, 2014 17:50 — forked from tylerni7/rant

I don't think people understand what vulnerability sellers really do. They invest thousands of man and computer hours into finding bugs which people are willing to pay lots of money for. As a business, they want to keep their customer base happy, which means allowing their customers (yes, presumably the NSA/FBI/etc.) to use their exploits rather than selling them to Tails OS maintainers. Yes, it's probably the case that these exploits don't just go to nabbing child pornographers or drug traffickers, they also probably try to catch the next Snowden, which not everyone agrees is The Right Thing To Do. But for what it's worth, I'd still trust the US government (even with all its faults) far more than the Russians or Chinese.

But let's be honest here, Tails OS maintainers probably couldn't afford the same price that Exodus's customers will happily pay. Even if Exodus were happy to sell it to the Tails folks, that is certainly going to be a loss of money.

The arguments I'm used to hearing go something like "but

def to_token_string
def self.from_token_string(token_string)
key, secret = token_string.chars.each_slice(2)
candidate = self.where(key: key).first
return nil
each ListLogResp is from a different signing key
<Choripan::Messages::ListLogResp logs: [<Choripan::Messages::Log uuid: "0621719b-f3bd-41d5-9560-2d698420f0b6", signature: "23gej2yicat16111vsyhe45fb50hrzcx2w5roxrhkhep3ao1yflfaux2b66ykjsetghliq4bhjn8wpqzqog2zyjau9uupcmp57te", timestamp: 1401847188>, <Choripan::Messages::Log uuid: "99129876-4080-4d5c-b16e-e6a38de5d7aa", signature: "24g5jmy7c3tw6j1lv6ywey56bv0lrmcu2w51o3rmk8ee3wotyalua0xwbb61ktsqtdhxih4zh2nqw3qaqjg3zwjmumuvp9ma52tf", timestamp: 1401847200>]>
<Choripan::Messages::ListLogResp logs: [<Choripan::Messages::Log uuid: "9c73d194-d20e-4444-9558-9036f85c2c20", signature: "1355dim3k8d54epwc5z3llv1mtyws6z40me2cy3s1i2d1m89vfi16273gjgyhjhx3kumpjg28gbswijz0fatq3g08phn9w7g1mgm", timestamp: 1401847398>, <Choripan::Messages::Log uuid: "7efefbce-0ea6-4ad0-9086-ea599158b8e4", signature: "145udymekgdg4lp0cfzxlevxmlyosfz608eecb3f1e2m1x89vfiu6l71g5g1h7hy33uipkgc8lbnwzjv0dapqmg782hi947y1xgf", timestamp: 1401847447>]>
<Choripan::Messages::ListLogResp logs: [<Choripan:
group = ECDSA::Group::Secp256k1
point_field = group.order
e1 = ECDSA.normalize_digest logs[0].uuid, group.bit_length
e2 = ECDSA.normalize_digest logs[1].uuid, group.bit_length
pack =
up1 = pack.unpack(logs[0].signature)
up2 = pack.unpack(logs[1].signature)