Skip to content

Instantly share code, notes, and snippets.

View Nadahar's full-sized avatar

Nadahar Nadahar

8 followers · 1 following
  • Norway
View GitHub Profile
@Tamal
Tamal / set-chroot.sh
Last active April 26, 2024 09:57
Setting up chroot from a live image in Fedora. Regenerate grub2 for Fedora.
$ # Use Live CD to boot
$ sudo su # Switch to root
$ fdisk -l # Get names of root, boot & EFI partition names. you can also use blkid
$ mount /dev/mapper/fedora_localhost--live-root /mnt # mount root partition
$ cat /mnt/etc/fedora-release
Fedora release 31 (Thirty One)
$ mount /dev/nvme0n1p2 /mnt/boot # mount boot partition
$ mount /dev/nvme0n1p1 /mnt/boot/efi # mount EFI partition
# Note: If you are not able to mount EFI partition ('Input/Output error'),
# You may have to repair ESP file system or format ESP.
@plembo
plembo / ubuntu-server-setup-netplan.md
Last active May 18, 2024 14:05
Ubuntu Server Setup - with netplan

Ubuntu Server Setup - with netplan

Introduction

The assumption here is that you're now starting with a Ubuntu 22.04 LTS Server or newer, rather than Desktop, base (Ubuntu Desktop deploys NetworkManager rather than systemd-networkd by default). This box has an AMD Ryzen CPU.

The goal is networking configured for static addressing using systemd-networkd and netplan. Note that punctuation (including hypens, '-') and indentation are significant when working with netplan YAML files.

There are a lot good arguments against using netplan. I have tried NetworkManager (packages named "network-manager", but the service is "NetworkManager.service" -- go figure) on Ubuntu Server, and was

@jerodg
jerodg / windows_and_office_kms_setup.adoc
Last active May 20, 2024 13:14
Activate Windows and Office Using KMS Server

Microsoft Windows and Office KMS Setup

@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active March 10, 2024 11:03 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@Epivalent
Epivalent / Wannacrypt0r-FACTSHEET.md
Created May 12, 2017 20:17

WannaCry|WannaDecrypt0r NSA-Cybereweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.

SECURITY BULLETIN AND UPDATES HERE: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx

Malware samples

@jpluimers
jpluimers / esxi-suspend-all-VMs.sh
Last active November 16, 2023 01:36
vmware console command to suspend all VMs that are not yet suspended and waits until they all are suspended
#!/bin/sh
# https://wiert.me/2021/04/30/vmware-esxi-console-viewing-all-vms-suspending-and-waking-them-up-part-5/
RUNNING=0
vmids=`vim-cmd vmsvc/getallvms | sed -n -E -e "s/^([[:digit:]]+)\s+((\S.+\S)?)\s+(\[\S+\])\s+(.+\.vmx)\s+(\S+)\s+(vmx-[[:digit:]]+)\s*?((\S.+)?)$/\1/p"`
for vmid in ${vmids} ; do
# echo "Probing VM with id: $vmid."
powerState=`vim-cmd vmsvc/power.getstate ${vmid} | sed '1d'`
name=`vim-cmd vmsvc/get.config ${vmid} | sed -n -E -e '/\(vim.vm.ConfigInfo\) \{/,/files = \(vim.vm.FileInfo\) \{/ s/^ +name = "(.*)",.*?/\1/p'`
vmPathName=`vim-cmd vmsvc/get.config ${vmid} | sed -n -E -e '/files = \(vim.vm.FileInfo\) \{/,/tools = \(vim.vm.ToolsConfigInfo\) \{/ s/^ +vmPathName = "(.*)",.*?/\1/p'`
# echo "VM with id ${vmid} has power state ${powerState} (name = ${name}; vmPathName = ${vmPathName})."
@amitchhajer
amitchhajer / Count Code lines
Created January 5, 2013 11:08
Count number of code lines in git repository per user
git ls-files -z | xargs -0n1 git blame -w | perl -n -e '/^.*\((.*?)\s*[\d]{4}/; print $1,"\n"' | sort -f | uniq -c | sort -n