Skip to content

Instantly share code, notes, and snippets.

View Code-Hex's full-sized avatar

Kei Kamikawa Code-Hex

View GitHub Profile
@thesamesam
thesamesam / xz-backdoor.md
Last active November 17, 2024 13:13
xz-utils backdoor situation (CVE-2024-3094)

FAQ on the xz-utils backdoor (CVE-2024-3094)

This is a living document. Everything in this document is made in good faith of being accurate, but like I just said; we don't yet know everything about what's going on.

Background

On March 29th, 2024, a backdoor was discovered in xz-utils, a suite of software that

const { base64url } = await import('https://cdn.skypack.dev/rfc4648');
/**
* @param {JsonWebKey} key
*/
async function generateThumbprint(key) {
// https://datatracker.ietf.org/doc/html/rfc7638
const { e, kty, n } = key;
const json = JSON.stringify({ e, kty, n });
const encoder = new TextEncoder();
const digest = await crypto.subtle.digest('SHA-256', encoder.encode(json));
@ryancdotorg
ryancdotorg / builder.sh
Last active October 28, 2024 15:49
Script to statically cross compile various useful binaries (dropbear, socat, rsync, rpcapd, tcpdump, openssl, zstd) using musl-libc via musl.cc toolchains,
#!/bin/bash
# From https://gist.github.com/ryancdotorg/84275935f0b82578d8c222e2e915fc78
# built binaries at https://ryanc-musl-bins.s3.amazonaws.com/SHA256SUMS.html
set -eo pipefail
set -x
export BUILD_SCRIPT_DATE="$(date -r "$0" -Iseconds)"
PV_VERSION=1.8.5
@imbushuo
imbushuo / simplevm.c
Last active November 8, 2024 12:10
Demonstrates Hypervisor.Framework usage in Apple Silicon
// simplevm.c: demonstrates Hypervisor.Framework usage in Apple Silicon
// Based on the work by @zhuowei
// @imbushuo - Nov 2020
// To build:
// Prepare the entitlement with BOTH com.apple.security.hypervisor and com.apple.vm.networking WHEN SIP IS OFF
// Prepare the entitlement com.apple.security.hypervisor and NO com.apple.vm.networking WHEN SIP IS ON
// ^ Per @never_released, tested on 11.0.1, idk why
// clang -o simplevm -O2 -framework Hypervisor -mmacosx-version-min=11.0 simplevm.c
// codesign --entitlements simplevm.entitlements --force -s - simplevm
@tompng
tompng / partyparrot.rb
Last active February 18, 2023 09:23
Party Parrot Quine
@mpppk
mpppk / clean_architecture.md
Last active November 15, 2024 06:59
クリーンアーキテクチャ完全に理解した

2020/5/31追記: 自分用のメモに書いていたつもりだったのですが、たくさんのスターを頂けてとても嬉しいです。
と同時に、書きかけで中途半端な状態のドキュメントをご覧いただくことになっており、大変心苦しく思っています。

このドキュメントを完成させるために、今後以下のような更新を予定しています。

  • TODO部分を埋める
  • 書籍を基にした理論・原則パートと、実装例パートを分割
    • 現在は4層のレイヤそれぞれごとに原則の確認→実装時の課題リスト→実装例という構成ですが、同じリポジトリへの言及箇所がバラバラになってしまう問題がありました。更新後は、実装時の課題リストを全て洗い出した後にまとめて実装を確認する構成とする予定です。

2021/1/22追記:

@giannisp
giannisp / gist:ebaca117ac9e44231421f04e7796d5ca
Last active July 14, 2024 18:27
Upgrade PostgreSQL 9.6.5 to 10.0 using Homebrew (macOS)
After automatically updating Postgres to 10.0 via Homebrew, the pg_ctl start command didn't work.
The error was "The data directory was initialized by PostgreSQL version 9.6, which is not compatible with this version 10.0."
Database files have to be updated before starting the server, here are the steps that had to be followed:
# need to have both 9.6.x and latest 10.0 installed, and keep 10.0 as default
brew unlink postgresql
brew install [email protected]
brew unlink [email protected]
brew link postgresql
code="console.log('code='+JSON.stringify(code)+';eval(code)')";eval(code)
@oboenikui
oboenikui / UnivFeliCa.md
Last active June 12, 2024 00:34
大学生協FeliCaの仕様

WHAT IS THIS

大学生協のFeliCa,及び諸大学の学生証一体型FeliCaの仕様
レスポンスについては,特に表記のない限り東北大学のもの (学生証一体型ではない)
断りのない限りコードはビッグエンディアンで通信する (下記のドキュメントに合わせた)
記号と区別するため,アルファベットの大文字表記は記号,小文字表記は16進表記とする

FeliCa自体の仕様については,Sony公式のドキュメントを参考に

System Code

@cecilemuller
cecilemuller / letsencrypt_2020.md
Last active September 29, 2024 08:31
How to setup Let's Encrypt for Nginx on Ubuntu 18.04 (including IPv6, HTTP/2 and A+ SSL rating)

How to setup Let's Encrypt for Nginx on Ubuntu 18.04 (including IPv6, HTTP/2 and A+ SLL rating)


Virtual hosts

Let's say you want to host domains first.com and second.com.

Create folders for their files: