Skip to content

Instantly share code, notes, and snippets.

View glamrock's full-sized avatar
🐝
hacking on things at Berkman <3

Griffin Boyce glamrock

🐝
hacking on things at Berkman <3
276 followers · 212 following
View GitHub Profile
@glamrock
glamrock / addl_analysis
Last active April 1, 2016 01:11
Purported FH exploit code
/****************************************************************************
* Exploits delivered from through nl7qbezu7pqsuone.onion (2013-08-03):
*
* The compromised server inserts a run-of-the-mill unobfuscated iframe
* injection script; others have observed this and samples have been posted.
*
* The exploit is split across three files and presumably an ultimate
* payload of malware that was not obtained.
*/
@glamrock
glamrock / gist:303a0c156c19c352a617
Last active August 29, 2015 14:05
Menu flow drafts for Stormy
This appears to be the first time you've used Stormy. Would you like to set up a new hidden service?
Yes, create a new hidden service. [domino]
->
Modify existing hidden service.
-> Select directory
-> Please enter the directory where your hidden service is located:
-> Go back
-> Exit Stormy
@glamrock
glamrock / relay_descriptor_sample
Created August 14, 2014 04:47
descriptors for V
router blutmagie 192.251.226.206 443 0 80
platform Tor 0.2.2.20-alpha on Linux x86_64
opt protocols Link 1 2 Circuit 1
published 2010-12-27 14:35:27
opt fingerprint 6297 B13A 687B 521A 59C6 BD79 188A 2501 EC03 A065
uptime 445412
bandwidth 14336000 18432000 15905178
opt extra-info-digest 5C1D5D6F8B243304079BC15CD96C7FCCB88322D4
opt caches-extra-info
onion-key
@glamrock
glamrock / gist:9d50cee3e708ef1ef95a
Created August 9, 2014 02:49
magnet:?xt=urn:btih:BD7F4A15586CCBD5BD5F4D0D7C18CEE41ACBCDB0&dn=Ronnie%20Kasrils-The%20Unlikely%20Secret%20Agent-Jacana%20Media%20%282011%29.pdf&tr=udp%3a%2f%2ftracker.openbittorrent.com%3a80%2fannounce&tr=udp%3a%2f%2ftracker.publicbt.com%3a80%2fannounce&tr=udp%3a%2f%2ftracker.ccc.de%3a80%2fannounce
@glamrock
glamrock / Russia_top500.txt
Created July 9, 2014 16:41
Russia's top 500 websites (according to Alexa)
http://yandex.ru
http://vk.com
http://google.ru
http://google.com
http://mail.ru
http://youtube.com
http://odnoklassniki.ru
http://facebook.com
http://wikipedia.org
http://avito.ru
@glamrock
glamrock / Ukraine_top500.txt
Created July 9, 2014 16:40
Ukraine's top 500 websites (according to Alexa)
http://google.com.ua
http://vk.com
http://google.com
http://youtube.com
http://yandex.ua
http://facebook.com
http://mail.ru
http://yandex.ru
http://odnoklassniki.ru
http://wikipedia.org
@glamrock
glamrock / fa.md
Created May 27, 2014 16:10

OSX: https://s3-us-west-2.amazonaws.com/satori2/bin/TorBrowser-3.6.1-osx32_fa.dmg
Windows: https://s3-us-west-2.amazonaws.com/satori2/bin/torbrowser-install-3.6.1_fa.exe
Linux 32-bit: https://s3-us-west-2.amazonaws.com/satori2/bin/tor-browser-linux32-3.6.1_fa.tar.xz
Linux 64-bit: https://s3-us-west-2.amazonaws.com/satori2/bin/tor-browser-linux64-3.6.1_fa.tar.xz

obfs bridges (copy these into bridges area like you normally would):

obfs3 192.36.27.70:57023 8662da9af97c115a7b72f8ba08f6b2a9f2d3f465 
obfs3 54.229.127.183:40872 a95a5bdd1c0b0253b0cefde645557debf9d30fc9

obfs3 192.36.27.81:57149 e66785654f5c9c168eea9ce01fa3f99cf6999331

@glamrock
glamrock / not-useful
Created May 8, 2014 16:44
@type extra-info 1.0
extra-info bolobolo1 9EA317EECA56BDF30CAEB208A253FB456EDAB1A0
published 2014-04-26 15:55:54
write-history 2014-04-26 15:52:48 (900 s) 22811215872,23065284608,22156054528,22744236032,22535396352,23695549440,24851478528,25329056768,25346375680,24906736640,25563422720,24340152320,24940786688,23334574080,23640225792,22191464448,22577485824,22304082944,22371855360,23296574464,23888780288,23188441088,21985309696,22376736768,22917678080,23405836288,22736200704,23744280576,22906699776,23426201600,23570699264,23893476352,23890041856,21741416448,19724235776,18716786688,17267187712,18244556800,16874028032,15907970048,14238544896,14790932480,14379412480,14014267392,15559831552,17249729536,14094696448,16107710464,17547808768,20176755712,20117219328,18151633920,20514625536,23290051584,22917240832,22423566336,22922964992,23320560640,24056960000,23854556160,25283884032,23586736128,23137601536,23795893248,21890024448,22715705344,21711056896,23304150016,22878117888,20789849088,20518682624,23807258624,23489
@glamrock
glamrock / gist:11408051
Created April 29, 2014 18:19
bug: installing pond on debian (trousers/tpm issue #2)
griffin@kitsunegari:~/Pond$ go get github.com/agl/pond/client
# github.com/agl/pond/client/tpm
tpm.go:6:26: fatal error: trousers/tss.h: No such file or directory
compilation terminated.
# pkg-config --cflags gtkspell3-3.0 gtk+-3.0
Package gtkspell3-3.0 was not found in the pkg-config search path.
Perhaps you should add the directory containing `gtkspell3-3.0.pc'
to the PKG_CONFIG_PATH environment variable
No package 'gtkspell3-3.0' found
exit status 1
@glamrock
glamrock / satori_fixes.md
Last active August 29, 2015 14:00
Things to be added/fixed in Satori before release

###Current to-fix list

  • Add downloads of source code, to comply with GPL. What, seriously? Yes, seriously. =/
  • Download links with tooltips explaining to check downloads folder for the file
  • l10n string update
  • Guides section with instructions on how to use different software

###SSL certificate fingerprint comparison (MITM detection)

The idea would be to fetch favicons onload, compare ssl cert fingerprint with hardcoded fingerprint, then exclude any downloads on sites that appear to be subject to MITM. This is not possible in Chrome, as the webrequest API hook doesn't cover SSL certificates. I'm pretty bitter about this, as this is dead fucking simple to do in Firefox, but FF addon site is heavily MITM'd and filtered. =/ Hard trade-off. Current plan is to hassle Ryan Sleevi and Peter Eckersley a