(Python) ARC4

Published by SnipBot 10 days ago
No comments yet

This is a pure Python implementation of raw ARC4, sans any improvements. For instance, it could take a nonce, use multiple state spaces (parallelizable), automatically discard the first 4K of the state space(s), use a more complex transformation than a simple swap, limit the # of bytes encrypted per nonce, etc.. The size of the state space is a parameter–the size of the key must not exceed the size of the state space.

Read More »

→ Continue Reading

(Python) All-Or-Nothing Transform

Published by SnipBot 11 days ago
No comments yet

Performs an all-or-nothing transform on a stream of chunks. The data can only be decrypted if every block is present to generate an HMAC for. The list of HMACs is then XOR’d against the final block from the transform, yielding the decryption key for the blocks.

Currently uses the HMAC key for encryption as well (TODO: change this). Reports a hash of the encrypted chunk for storage/retrieval without needing to calculate HMAC until decryption.

Needs a lot of cleanup and some fixes. Makes a lot of assumptions, for instance, that current_block, total_blocks, and data_size only occupy 1 byte apiece. Currently doesn’t strip padding after decoding, and doesn’t convert original integers for current_block, total_blocks, and data_size back from bytes.

Read More »

→ Continue Reading

(Python) Chunk Data for Streaming

Published by SnipBot 11 days ago
No comments yet

Chunks data into block_size blocks for streaming, adds null padding.

Read More »

→ Continue Reading

(Python) HMAC

Published by SnipBot 11 days ago
No comments yet

HMAC, pass a hash from Crypto.Hash in PyCrypto. Key should be a bytes object. Returns a bytearray.

Read More »

→ Continue Reading

(Java) Quicksort in Java, with Enforced Suckitude

Published by SnipBot 13 days ago
No comments yet

It’s no fun implementing QuickSort unless you can force it out of its blister-fast, O(n log n) speed and humiliate it with its worst-case, O(n^2) runtime. So that’s what I set out to do.

My naive partition simply pivots around the low item, but my randomized partition defeats the sucky inputs by choosing a random pivot. (If you’re interested in checking out a QuickSort which naively partitions until it hits an attempt to get it to run in quadratic time, check out IntroSort — which simply fails over to Merge Sort when it exceeds its optimal recursion depth.)

Read More »

→ Continue Reading

(PHP) auto complete like google suggestion

Published by SnipBot 13 days ago
No comments yet

auto complete code snippet like google suggestions

Read More »

→ Continue Reading

Custom prolog and epilog for a function in C++

Published by FY 34 days ago
No comments yet

Traditionally, the compiler is responsible for creating the prolog and epilog of a function. However, custom prolog and epilog code can be written if a function has been declared with the naked attribute.

The snippet below demonstrates a naked function with custom prolog and epilog code.

__declspec(naked) void foo(){

	// Prolog
	__asm {
		push ebp		// Push the Extended Base Pointer
		mov ebp, esp		// Set frame pointer
		sub esp, __LOCAL_SIZE	// Reserve space for local variables
		pushad			// Push all general-purpose registers
	}

	// Do stuff

	// Epilog
	__asm {
		popad			// Pop all general-purpose registers
		mov esp, ebp		// Restore stack pointer
		pop ebp			// Restore the Extended Base Pointer
		retn			// Return
	}

}

The __LOCAL_SIZE symbol can be used to let the compiler determine the amount of space needed for variables.

→ Continue Reading

Hooking with the Microsoft Detours library in C++

Published by FY 40 days ago
No comments yet

The DLL Injection example described how to inject a DLL into an existing process. The snippets below demonstrate a combination of hooking and DLL injection in C++ with the Microsoft Detours library.

Quote:

In computer programming, the term hooking covers a range of techniques used to alter or augment the behavior of an operating system, of applications, or of other software components by intercepting function calls or messages or events passed between software components. Code that handles such intercepted function calls, events or messages is called a “hook”.

The RegOpenKeyExW function within kernel32.dll is responsible for opening a specified registry key. To demonstrate hooking, the RegOpenKeyExW function will be intercepted within the Google Chrome process. A message will be logged at each call of RegOpenKeyExW. These messages can be viewed with DebugView.

Read More »

→ Continue Reading

(Bash) Download Directory with scp

Published by SnipBot 45 days ago
No comments yet

download directory to localhost home folder new-dir-name

Read More »

→ Continue Reading

Assembling with nasm and disassembling with ndisasm

Published by FY 56 days ago
No comments yet

The following commands demonstrate assembling with nasm and disassembling with ndisasm.

$ cat example.s
mov eax,0
test eax,eax
$ nasm example.s
$ ndisasm example
00000000  66B800000000      mov eax,0x0
00000006  6685C0            test eax,eax

The first column of the disassembly contains the file offset, the second column contains the opcodes and the third contains the assembly instructions.

 

→ Continue Reading