David Mellul DavidMellul
DavidMellul
/ PseudoRandomnessExample.rb
Created
February 25, 2018 17:52
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class PseudoRandomness | |
| # This is the constructor used to instantiate a PseudoRandomness object | |
| def initialize(seed) | |
| @instance_seed = seed | |
| end | |
| def change_seed | |
| @instance_seed = @instance_seed + 1 |
DavidMellul
/ PseudoRandomnessExample.rb
Last active
February 26, 2018 00:30
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| class PseudoRandomness | |
| # This is the constructor used to instantiate a PseudoRandomness object | |
| def initialize(seed) | |
| @instance_seed = seed | |
| end | |
| def change_seed | |
| @instance_seed = @instance_seed + 1 | |
| end |
DavidMellul
/ PseudoRandomnessResultExample.rb
Created
February 25, 2018 17:58
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # First 3 pseudo random numbers | |
| 10 | |
| 12 | |
| 14 | |
| # Second 3 pseudo random numbers | |
| 18 | |
| 20 | |
| 22 |
DavidMellul
/ LicensingExample.rb
Last active
February 26, 2018 01:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| def generate_random_uid | |
| # Generate a random value between 0 and 1 000 000 | |
| base_pseudo_random_value = rand(1_000_000) | |
| uid = evil_maths(base_pseudo_random_value) | |
| return uid | |
| end | |
| if first_launch? | |
| uid = generate_random_uid() |
DavidMellul
/ RubyBreaker.rb
Created
February 26, 2018 01:23
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Seed = 10 | |
| Kernel.srand 10 |
DavidMellul
/ TodoRetrievalExample.php
Created
February 28, 2018 17:33
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* Database configuration and so on...*/ | |
| $todo_list = $database->retrieve_all_todos(); | |
| <ul> | |
| foreach($todo_list as $todo) { | |
| echo "<li> Task number $todo['id'] -> $todo['description'] </li>"; | |
| } | |
| </ul> |
DavidMellul
/ TodoSearchExample.php
Last active
March 2, 2018 08:56
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $filter = $_GET['filter']; | |
| echo "<p>Results for $filter</p>"; | |
| $filtered_list = $database->search_query($filter); | |
| /* Rendering stuff */ |
DavidMellul
/ CSRFGenerationkExample.php
Last active
March 1, 2018 10:14
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Don't even look at the code. Just remember, the token must be cryptographically secure | |
| // See : https://medium.com/@davidmellul/broken-by-design-2-randomness-d73f0a0536ed | |
| function RandomToken($length = 32){ // Taken from a comment on http://php.net/manual/fr/function.random-bytes.php | |
| if(!isset($length) || intval($length) <= 8 ){ | |
| $length = 32; | |
| } | |
| if (function_exists('random_bytes')) { | |
| return bin2hex(random_bytes($length)); |
DavidMellul
/ CSRFCheckExample.php
Last active
March 1, 2018 10:12
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Requested URL => http://VerySafePlace.io/deleteEverything | |
| $token = $_GET['token']; | |
| if(empty($token)) | |
| showErrorMessage(); | |
| else { | |
| // This will check that the token matches the logged user's one | |
| if(token_exists_in_database($token)) |
DavidMellul
/ TodoSearchExample.php
Created
March 1, 2018 14:53
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| $filter = $_GET['filter']; | |
| $filtered_todo_list = $database->query("SELECT * FROM Todos WHERE name LIKE '.$filter."'"); | |
| /* Rendering part */ | |
| ?> |
OlderNewer