apt-get install build-essential libreadline-dev libssl-dev libpq5 libpq-dev libreadline5 libsqlite3-dev libpcap-dev openjdk-7-jre subversion git-core autoconf postgresql pgadmin3 curl zlib1g-dev libxml2-dev libxslt1-dev vncviewer libyaml-dev ruby1.9.3 nmap -y
gem install --verbose --debug pcaprub wirble pg sqlite3 msgpack activerecord redcarpet rspec simplecov yard bundler
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
System: Sagitta Brutalis (S2480-RAD-290X) with 8x 290X | |
https://sagitta.systems/hardware/gpu-compute-nodes/brutalis/ | |
epixoip@token:~/oclHashcat-1.00$ od6config --list | |
Adapter 0: AMD Radeon R9 290 Series | |
Adapter 1: AMD Radeon R9 290 Series | |
Adapter 2: AMD Radeon R9 290 Series | |
Adapter 3: AMD Radeon R9 290 Series |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
//nl7qbezu7pqsuone.onion/?requestID=203f1a01-6bc7-4c8b-b0be-2726a7a3cbd0 iframe: | |
<html> | |
<body> | |
<iframe frameborder=0 border=0 height=1 width=1 id="iframe"> </iframe> | |
</body> | |
</html> | |
<script> |
This only works when you have the victim account ID. For this example, let's say that the victim account ID is 999988887777
.
First, create a role that we can use for this demo. This role is in your own account.
aws iam create-role --role-name test-enumeration \
--assume-role-policy-document '{"Version": "2012-10-17","Statement": [{"Effect": "Allow","Principal": {"Service": "ec2.amazonaws.com"},"Action": "sts:AssumeRole"}]}'
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# gcloud auth activate-service-account --key-file=85.json | |
# gcloud projects list | |
project="my-project" | |
space="" | |
echo "gcloud auth list" | |
gcloud auth list | |
echo -e "$space" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
From: http://redteams.net/bookshelf/ | |
Techie | |
Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp. | |
Social Engineering: The Art of Human Hacking by Christopher Hadnagy | |
Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam | |
The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick | |
Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others. | |
Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor | |
The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors |
- Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
- Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
- Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
- Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
- Kill switch: If the website
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).
update: A minor variant of the viru
The purpose of this document is to make recommendations on how to browse in a privacy and security conscious manner. This information is compiled from a number of sources, which are referenced throughout the document, as well as my own experiences with the described technologies.
I welcome contributions and comments on the information contained. Please see the How to Contribute section for information on contributing your own knowledge.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!flask/bin/python | |
from flask import Flask, jsonify, abort, request, make_response, url_for | |
from flask_httpauth import HTTPBasicAuth | |
app = Flask(__name__, static_url_path = "") | |
auth = HTTPBasicAuth() | |
@auth.get_password | |
def get_password(username): | |
if username == 'miguel': |
OlderNewer