anantshri

Keybase proof

I hereby claim:

• I am anantshri on github.
• I am anantshri (https://keybase.io/anantshri) on keybase.
• I have a public key whose fingerprint is 0D6B CE70 F3E3 3C9E 720A 2D75 EADD 42E2 F9C1 CCA2

To claim this, I am signing this object:

anantshri

#!/usr/bin/env python2

# Quick and dirty demonstration of CVE-2014-0160 by Jared Stafford ([email protected])
# Modified by Anant Shrivastava for better ASCII readability and extracting full 64KB data
# The author disclaims copyright to this source code.


import sys
import struct
import socket

anantshri

I wasn't first to get the key. Nor was I second, third, or even fourth. I'm probably not even the
10th to get it (ok, looks like I was the 7th.) But I'm happy that I was able to prove to myself
that I too could do it.

First, I have to admit I was a skeptic. Like the handful of other dissenters, I had initially
believed that it would be highly improbable under normal conditions to obtain the private key
through exploiting Heartbleed. So this was my motivation for participating in Cloudflare's
challenge. I had extracted a lot of other things with Heartbleed, but I hadn't actually set out to
extract private keys. So I wanted to see first-hand if it was possible or not.

anantshri

#!/bin/bash
#Basic set up for an Application AndroidManifest Fuzzer
#this requires a preexisting ant buildable application project to be set up! so get the SDK and ant1.8
#this file reproduces the bug mentioned here http://ibrahimbalic.com/2014/android-os-memory-corruption-bug/
#NOTE: values from 260000 and up cause SIGSEGvs to be sent to the system_server (test on KitKat 4.4.2)
#NOTE: you should probably monitor $(adb logcat)||(/system/bin/gdbserver) for responsiveness to the issue

APP_PROJ_DIR="..." #<-- PATH TO PROJ DIR
APP_PACKAGE_NAME="..." #<-- PACKAGE NAME
APP_LAUNCH_COMP="..." # <--- MAIN ACTIVITY NAME

anantshri

 #!/usr/bin/env bash

TCPDUMP_PID=""
SOCAT_PID=""
OUTPUT_FILE=""
PORT=12345
TMPDIR="."
TCPDUMP_PATH="/data/local/tmp/xbin/tcpdump"
NETCAT_PATH="/data/local/tmp/nc"
HOST_INTERFACE="en0"

anantshri

# 

# deb cdrom:[Debian GNU/Linux 7.2.0 _Wheezy_ - Official amd64 NETINST Binary-1 20131012-14:04]/ wheezy main

# deb cdrom:[Debian GNU/Linux 7.2.0 _Wheezy_ - Official amd64 NETINST Binary-1 20131012-14:04]/ wheezy main

deb [arch=amd64,i386] http://cdn.debian.net/debian/ wheezy main contrib non-free
# deb-src http://cdn.debian.net/debian/ wheezy main

deb [arch=amd64,i386] http://security.debian.org/ wheezy/updates main contrib non-free

anantshri

29c29
< MAX_PLAIN_LENGTH = 0x4000
---
> MAX_PLAIN_LENGTH = 0xffff
114,116c114,116
< 
<     for i in range(0, len(data), 16):
<         line = data[i:i+16]
---
>     repout = ""

anantshri

 #!/usr/bin/env bash

TCPDUMP_PID=""
SOCAT_PID=""
OUTPUT_FILE=""
PORT=12345
TMPDIR="."
TCPDUMP_PATH="/data/local/tmp/xbin/tcpdump"
NETCAT_PATH="/data/local/tmp/nc"
HOST_INTERFACE="en0"

anantshri

<?php
/**
 * Plugin Name: WP PGP Email
 * Version: 0.1
 * Description: Provides mechanism to encrypt outgoing email using PGP
 * Author: Tim Nash
 * Author URI: https://timnash.co.uk
 * Plugin URI: https://timnash.co.uk/wordpress-pgp-email
 *
 *

anantshri

#!/bin/bash
#
# The MIT License (MIT)
#
# Copyright (c) 2014 Mathias Leppich <[email protected]>
#
# Permission is hereby granted, free of charge, to any person obtaining a copy
# of this software and associated documentation files (the "Software"), to deal
# in the Software without restriction, including without limitation the rights
# to use, copy, modify, merge, publish, distribute, sublicense, and/or sell