Michael VERGOZ mykiimike

mykiimike / pysa_download_link_decipher.js

Last active November 17, 2021 21:55

PYSA Website ciphered download links reversed

	/*
	* PYSA Website ciphered download links reversed
	* http://pysa2bitc5ldeyfak4seeruqymqs4sj5wt5qkcq7aoyg4h2acqieywad.onion
	*/
	function addClass(className, element) {
	elements = querySelectorAll(className);
	console.log(elements);
	for (var seed = 0; seed < elements['length']; seed++) {
	elements[seed]['classList']['add'](element)
	}

mykiimike / posptest.js

Last active October 26, 2018 13:20

posp test

	const crypto = require('crypto');


	function proofOfSpace(password, salt) {
	var iterate = 500000; // gives ~30Mo on sha256
	var series = [];
	var spaceSize = 0;

	console.log("Generating POS password");
	var last = '';

mykiimike / gist:a162541761df6fd54f48

Last active August 29, 2015 14:23

NodeJS Prevent Local File Inclusion and NULL byte attack

	String.prototype.safe = function() {
	var s = this.toString().split("/"), r = [];
	for(var a in s) {
	if(s[a] != "..")
	r.push(s[a]);
	}
	r = r.join("/");
	var i = r.indexOf("\0");
	if(i > 0)
	r = r.substr(0, i);

mykiimike / gist:6edef9f383b751871522

Created June 18, 2015 14:25

Find the bug

mykiimike / gist:eae214a32f81c144950e

Created June 10, 2015 14:33

Nodejs crypto good practice AES-CBC + SHA256 + HMAC

	// var cryptoKey = raw SHA256 Hash

	function decypherPayload(payload) {

	/* inputs */
	var t = payload.split(",");
	var C = t[0],
	IV = t[1],
	Hm = t[2];

mykiimike / gist:fb225d035f8cd0717e5c

Created June 9, 2015 08:07

ar1s code in my gist

	void compute_session_keys(uint8_t encryptkey[AES128_KEY_LEN],
	uint8_t IV[AES128_KEY_LEN],
	uint8_t integrity[AES128_KEY_LEN],
	uint8_t master_key[AES128_KEY_LEN],
	uint8_t encryption_salt[8]){

	uint8_t long_encryptkey[SHA256_DIGEST_LEN];
	uint8_t long_IV[SHA256_DIGEST_LEN];
	uint8_t long_integrity[SHA256_DIGEST_LEN];