Zed A. Shaw zedshaw
zedshaw
/ gist:6969554
Created
October 14, 2013 01:49
Wrapper for a django handler that adds the CORS stuff.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| from functools import wraps | |
| from urlparse import urlparse | |
| def cors(func): | |
| def add_basic_headers(resp, url): | |
| resp['Access-Control-Allow-Origin'] = url.scheme + "://" + url.netloc | |
| resp['Access-Control-Allow-Credentials'] = 'true' | |
| resp['Access-Control-Allow-Methods'] = 'GET' | |
| resp['Access-Control-Allow-Headers'] = 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type' |
zedshaw
/ gist:10324409
Created
April 9, 2014 22:18
Checking SILC toolkit for exploitable string functions
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Checking silc tookit for bad string functions using: | |
| egrep -r '[^_.>a-zA-Z0-9](str(n?cpy|n?cat|xfrm|n?dup|str|pbrk|tok|_)|stpn?cpy|a?sn?printf|byte_)' . | |
| Result is below. Not great but about 300 is a manageable target to audit and improve. | |
| ./contrib/regexpr.c: strcpy(buf, "end"); | |
| ./contrib/regexpr.c: strcpy(buf, "bol"); | |
| ./contrib/regexpr.c: strcpy(buf, "eol"); | |
| ./contrib/regexpr.c: strcpy(buf, "set "); |
zedshaw
/ handled elses
Last active
August 29, 2015 14:05
— forked from timruffles/handled elses
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Examples of various error handling mechanisms and if-statements. | |
| def something(x,y): | |
| if !x: | |
| raise "argh!" | |
| else: | |
| if !y: | |
| raise "oh noes!" | |
| else: | |
| return "Happy" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| blah blah |
zedshaw
/ safercopy.c
Created
January 4, 2015 17:18
A simple version of copying via string lengths then breaking it on purpose
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <assert.h> | |
| #include <stdlib.h> | |
| #define MAXLINE 10 // in the book this is 1000 | |
| void safercopy(size_t to_length, char to[], size_t from_length, char from[]) | |
| { | |
| int i = 0; |
zedshaw
/ safercopy_smash.c
Created
January 4, 2015 19:07
Demonstration of using a pointer to alter the operation of another function in C.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <assert.h> | |
| #include <stdlib.h> | |
| #define MAXLINE 10 // in the book this is 1000 | |
| void safercopy(size_t to_length, char to[], size_t from_length, char from[]) | |
| { | |
| int i = 0; |
zedshaw
/ gist:4e14bbca46eb21aad08d
Created
June 18, 2015 04:44
If you ever need to build apache APR on OSX Yosemite, just touch it a whole bunch.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| set -e | |
| # go somewhere safe | |
| cd /tmp | |
| # get the source to base APR 1.5.2 | |
| curl -L -O http://archive.apache.org/dist/apr/apr-1.5.2.tar.gz | |
| # extract it and go into the source | |
| tar -xzvf apr-1.5.2.tar.gz |
zedshaw
/ amazon_reconcile.py
Created
October 10, 2015 17:15
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import csv | |
| import sys | |
| data = {} | |
| completed = [] | |
| base_url = "https://www.amazon.com/gp/your-account/order-history/ref=oh_aui_search?opt=ab&search=%s" | |
| def amzn_url(order_id): | |
| return base_url % order_id |
zedshaw
/ amazon_reconcile_2.py
Created
October 10, 2015 17:22
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import csv | |
| import sys | |
| data = {} | |
| completed = [] | |
| base_url = "https://www.amazon.com/gp/your-account/order-history/ref=oh_aui_search?opt=ab&search=%s" | |
| def amzn_url(order_id): | |
| return base_url % order_id |
zedshaw
/ amazon_reconcile_3.py
Created
October 10, 2015 17:29
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import os | |
| import csv | |
| import sys | |
| data = {} | |
| completed = [] | |
| base_url = "https://www.amazon.com/gp/your-account/order-history/ref=oh_aui_search?opt=ab&search=%s" | |
| def amzn_url(order_id): | |
| return base_url % order_id |
OlderNewer