Skip to content

Instantly share code, notes, and snippets.

@zb3
zb3 / rewritemenot.user.js
Last active Oct 8, 2020
RewriteMeNot - a userscript that prevents rewriting of google search result urls, so you can copy them (doesn't really prevent tracking, better extensions exist for that purpose). This is much simpler than other scripts and works only on www.google.com.
View rewritemenot.user.js
// ==UserScript==
// @name RewriteMeNot
// @namespace zb3.rmn
// @include https://www.google.com/*
// @version 1
// @run-at document-end
// ==/UserScript==
// Google can track us anyway, but rewriting search result urls so that we can't even copy them is pure assholery.
// Google should rewrite their behaviour, not urls.
@zb3
zb3 / colortrans.py
Last active Oct 8, 2019 — forked from hoov/colortrans.py
Convert values between RGB hex codes and xterm-256 color codes.
View colortrans.py
#! /usr/bin/env python
""" Convert values between RGB hex codes and xterm-256 color codes.
Nice long listing of all 256 colors and their codes. Useful for
developing console color themes, or even script output schemes.
Resources:
* http://en.wikipedia.org/wiki/8-bit_color
* http://en.wikipedia.org/wiki/ANSI_escape_code
@zb3
zb3 / mbledtls_anon_dh.patch
Created Apr 10, 2018
Add support for Anonymous Diffie-Hellman key exchange in MbedTLS. This patch is experimental and ADH is not secure.
View mbledtls_anon_dh.patch
diff -Naur mbedtls/include/mbedtls/config.h mbedtls-dh-anon/include/mbedtls/config.h
--- mbedtls/include/mbedtls/config.h 2018-04-10 11:30:33.713503768 +0200
+++ mbedtls-dh-anon/include/mbedtls/config.h 2018-04-10 11:38:50.001356927 +0200
@@ -637,6 +637,36 @@
#define MBEDTLS_ECDSA_DETERMINISTIC
/**
+ * \def MBEDTLS_KEY_EXCHANGE_DH_ANON_ENABLED
+ *
+ * Enable the ADH based ciphersuite modes in SSL / TLS.
View selfcompile-alt.c
#/*
TARGET=selfcompiled
CODE=$(cat <<'FILE_CONTENTS_DELIM'
//*/
// CODE STARTS HERE
@zb3
zb3 / grandis.c
Created Dec 27, 2017
A wrapper program for linux to find out why segfault happend
View grandis.c
#include <string.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
#include <wait.h>
#include <sys/ptrace.h>
#include <sys/user.h>
#include <stdlib.h>
#include <linux/ptrace.h>
@zb3
zb3 / partyover.py
Created Aug 23, 2017
Use Z3 to "crack" xoroshiro128+
View partyover.py
from z3 import *
"""
Solver for this kind of stuff (z3 is the solver here, this tool simply uses it):
http://www.pcg-random.org/posts/predictability-party-tricks.html
https://lemire.me/blog/2017/08/22/cracking-random-number-generators-xoroshiro128/
I still don't know how they did it, but it seems solvers can crack this pretty easily.
This generates the same output though :)
@zb3
zb3 / mips-stringref.py
Last active Jun 12, 2017
Script to display function calls and string constant references in MIPS executables (lui + addiu/ori), disassembled by objdump. Needs objdump and readelf
View mips-stringref.py
import subprocess
import sys
import re
import os
from collections import defaultdict
#
# similar tool exists: https://sourceware.org/ml/binutils/2010-07/msg00172.html
# but we aim to support string literals... by "interpreting" selected instructions
@zb3
zb3 / stopwatch.c
Created Feb 19, 2017
"pauseable" linux terminal stopwatch
View stopwatch.c
#include <stdio.h>
#include <unistd.h>
#include <time.h>
#include <sys/select.h>
#include <termios.h>
//pauseable terminal stopwatch.
//couldn't find it anywhere :<
//ok maybe I can't name it properly
//and that's why I couldn't find it
@zb3
zb3 / deobf.php
Last active Jul 25, 2017
PHP deobfuscation utils
View deobf.php
<?php
/*
note this is not "correct"
it was made to deobfuscate particular obfuscated files
"proper" tool should probably operate on AST to properly parse the file
but even that's not enough - you can't assume things we do here
*/
function unwrap_hexstr_literals($src) //currently only \xHH and \nnn supported
@zb3
zb3 / leave-only-date.py
Created Feb 4, 2017
Recursively strip all EXIF info + metadata, BUT preserve date and time
View leave-only-date.py
import os
import sys
import subprocess
# recursively strip all EXIF info + metadata, BUT preserve date and time
# requires jhead (tested on jhead v3.00)
if len(sys.argv) < 2:
print('%s [path]')
exit()