This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The keyboard input is processed in function 0x82a2 | |
Only hex characters [0-9a-f] are accepted, case sensitive. Any other character is skipped.a | |
Exactly 32 bytes of ascii hex characters are stored on the stack at 0x76ee | |
There seems to be a key deriviation function at 0x99fc that's called 128 times on the 32 byte input, | |
and produces a 32 byte output at 0x76ce | |
Entering a key of 32 'a' characters, here is a single round of the KDF function: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Petya(ish) MBR disassembly | |
This is from an infected Windows 10 guest (manually executed circulating sample with rundll32 "<dllname>,#1") | |
After a reboot, the system will start to appear to be performing a chkdsk. I let it run through that process and eventually it displays the red text screen with BTC, email address and my "installation key". | |
The original MBR from sector 0 is replaced with a small loader. | |
I dumped the MBR with: | |
# dd if=<block device> bs=512 count=1 of=mbr.bin |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
var topPlayerScores = stream | |
.from().measurement('scores') | |
// Get the most recent score for each player per game. | |
// Not likely that a player is playing two games but just in case. | |
.groupBy('game', 'player') | |
.window() | |
// keep a buffer of the last 11s of scores | |
// just in case a player score hasn't updated in a while | |
.period(11s) | |
// Emit the current score per player every second. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
require 'em-http-request' | |
count = 10000 | |
error_count = 0 | |
EventMachine.run do | |
conn = EventMachine::HttpRequest.new("http://127.0.0.1:8000", :connect_timeout => 5, :inactivity_timeout => 0) | |
cb = lambda { |req| | |
count -= 1 |