Grant Murphy gcmurphy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // original source - http://sourceforge.net/projects/mancha/files/sec/altchainfail.c/download | |
| /* | |
| * alt.chain.fail | |
| * stand-alone vulnerability tester for: CVE-2015-1793 | |
| * by: mancha (@mancha140) | |
| * | |
| * based on test written by Matt Caswell for the OpenSSL project. | |
| * | |
| * gcc -o altchainfail altchainfail.c -lcrypto |
gcmurphy
/ bcrypt_nullbyte.py
Created
March 13, 2015 13:56
Example where things can go wrong using bcrypt in python..
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # demo of what people 'may' do.. | |
| import bcrypt | |
| from hashlib import sha1 | |
| salt = bcrypt.gensalt() | |
| def hash_password(password): | |
| # as per article various mechanisms may be employed | |
| # to truncate the passwords length to 72 chars | |
| return bcrypt.hashpw(sha1(password).digest(), salt) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <time.h> | |
| #include <memory.h> | |
| void display_current_time(const char *name, short tz){ | |
| time_t t; | |
| struct tm *tdata; | |
| time(&t); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| search(){ | |
| echo "" | |
| echo "Searching for $1 usage.." | |
| echo "" | |
| grep -nr --include \*.py --exclude test\*.py \ | |
| --exclude \*_test\*.py\ | |
| --exclude \*tempest\*\ | |
| --exclude \*site-packages\* \ | |
| -E $2 * |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "bytes" | |
| "debug/elf" | |
| "fmt" | |
| "os" | |
| ) | |
| func staticallyLinked(file *elf.File) bool { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <unistd.h> | |
| #include <string.h> | |
| #include <sys/types.h> | |
| #include <sys/socket.h> | |
| #include <netinet/in.h> | |
| #include <netdb.h> | |
| char SSLv3_ClientHello[] = { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module HW02 where | |
| import Words | |
| import Data.List | |
| -- Though a Scrabble hand is the same Haskell type as a Scrabble word, they | |
| -- have different properties. Specifically, a hand is unordered whereas a word | |
| -- is ordered. We denote this distinction by using a type synonym to talk | |
| -- about hands, even though we could just say `String`. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| module Main where | |
| type Peg = String | |
| type Move = (Peg, Peg) | |
| {- | |
| | Towers of hanoi solution | |
| >>> hanoi 2 "a" "b" "c" | |
| [("a","c"),("a","b"),("c","b")] | |
| move n-1 disc from a to c using b as temporary storage |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| -- http://www.seas.upenn.edu/~cis194/hw/01-intro.pdf | |
| module Main where | |
| -- | Return the last digit of an integer | |
| -- | |
| -- >>> lastDigit 123 | |
| -- 3 | |
| -- | |
| -- >>> lastDigit 0 | |
| -- 0 |
gcmurphy
/ constant_time_compare.c
Created
September 2, 2014 03:48
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #include <stdio.h> | |
| #include <stdlib.h> | |
| #include <string.h> | |
| #include <stdint.h> | |
| #include <stdbool.h> | |
| #include <assert.h> | |
| bool constant_time_compare(const char *lhs, size_t lhs_sz, const char *rhs, size_t rhs_sz) | |
| { | |
| size_t i; |