Skip to content

Instantly share code, notes, and snippets.

View DeadNumbers's full-sized avatar

DeadNumbers

43 followers · 5 following
  • Russian Empire
View GitHub Profile
@DeadNumbers
DeadNumbers / Wannacrypt0r-FACTSHEET.md
Created May 14, 2017 04:48 — forked from rain-1/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm.

SECURITY BULLETIN AND UPDATES HERE: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

@DeadNumbers
DeadNumbers / config
Created January 8, 2017 09:10
[target.x86_64-pc-windows-gnu]
linker = "/usr/bin/x86_64-w64-mingw32-gcc"
[target.i686-pc-windows-gnu]
linker = "/usr/bin/i686-w64-mingw32-gcc"
@DeadNumbers
DeadNumbers / kek.go
Last active September 27, 2016 15:23
package main
import (
"math/rand"
"time"
)
var a = []string{"Неизвестный", "Президент Гондураса", "Пенсионер", "Милиционер", "Пингвин-убийца", "Моряк-гомосексуалист", "Евгений Петросян", "Анатолий Вассерман", "Известный писатель", "Одноногий человек", "Артемий Лебедев", "89-летний зоофил", "Афроамериканец", "Владимир Путин", "Владелец известной компании", "Пьяный лётчик", "Билл Гейтс", "Стив Джобс", "Китайский рабочий", "Сисадмин", "Строитель", "Министр обороны", "Чак Норрис", "Алкоголик", "Наркоман", "Знаменитый блоггер", "Маньяк", "Кондуктор", "Водитель маршрутки", "Хакер"}
var b = []string{"убил", "зарезал", "изнасиловал", "застрелил", "родил", "послал на хуй", "повесил на столбе", "превратился в", "убил и съел", "подал в суд на", "съел", "предал анафеме", "снялся в порнофильме про", "купил себе", "обоссал", "выкакал", "покусал", "забил ногами", "разбил голову об", "выкинул из окна", "утопил в унитазе", "бросил под поезд", "снял на видео", "влюбился в", "сбил на автомобиле", "переехал"}
var c = []strin
@DeadNumbers
DeadNumbers / _.c
Created September 16, 2016 04:47
#define _fCreateFileA pusharg<1,0x860b38bc>
#define _fCreateFileMappingA pusharg<1,0x1F394C74>
#define _fMapViewOfFile pusharg<1,0xFC6FB9EA>
#define _fUnmapViewOfFile pusharg2<1,0xCA036058>
#define _fCloseHandle pusharg3<1,0xF867A91E>
#define _fFindFirstFileA pusharg<1,0x3165E506>
#define _fFindNextFileA pusharg<1,0xCA920AD8>
#define _fSetFileAttributesA pusharg<1,0x152DC5D4>
#define _fGetCurrentDirectoryA pusharg<1,0x2F597DD6>
#define _fLoadLibraryA pusharg<1,0x71E40722>
@DeadNumbers
DeadNumbers / libtcc.c
Created September 14, 2016 14:43
//http://z0mbie.daemonlab.org/libtcc.c.txt
/*
* Simple Test program for libtcc // modified
*
* libtcc can be useful to use tcc as a "backend" for a code generator.
* ^^^^^^^^^^^^^^^^^^^^
*/
// nb: compiled win32 .exe uses ~80k
@DeadNumbers
DeadNumbers / rust_wine.md
Created August 15, 2016 10:20 — forked from vi/rust_wine.md
Using Rust in Wine as a sort of cross-compiler

Cross-compiling Rust from Linux to Windows using Wine

0. Ensure Rust works on Host

Let's create a dummy project for a test.

$ cargo new test
$ cd test/
$ mkdir examples
@DeadNumbers
DeadNumbers / RTFM.md
Created June 14, 2016 13:53 — forked from aminin/RTFM.md
Шпаргалка по сборке deb-пакетов
@DeadNumbers
DeadNumbers / PKGBUILD
Created February 13, 2016 19:40
# Author: Julien MISCHKOWITZ <wain@archlinux.fr>
# Author: tuxce <tuxce.net@gmail.com>
pkgname=yaourt
pkgver=1.7
pkgrel=1
pkgdesc="A pacman wrapper with extended features and AUR support"
arch=('any')
url="https://github.com/archlinuxfr/yaourt"
license=(GPL)
@DeadNumbers
DeadNumbers / Hash_ID_v1.1.py
Created January 9, 2016 08:23
#!/usr/bin/env python
# encoding: utf-8
# Hash Identifier v1.1
# By Zion3R
# www.Blackploit.com
# Root@Blackploit.com
logo=''' #########################################################################
# __ __ __ ______ _____ #
# /\ \/\ \ /\ \ /\__ _\ /\ _ `\ #
@DeadNumbers
DeadNumbers / kmeansnet.py
Created November 1, 2015 10:55
# Code from Chapter 9 of Machine Learning: An Algorithmic Perspective
# by Stephen Marsland (http://seat.massey.ac.nz/personal/s.r.marsland/MLBook.html)
# You are free to use, change, or redistribute the code in any way you wish for
# non-commercial purposes, but please maintain the name of the original author.
# This code comes with no warranty of any kind.
# Stephen Marsland, 2008