Sukelluskello

## threading_example.py
import threading
import time


class ThreadingExample(object):
    """ Threading example class

    The run() method will be started and it will run in the background
    until the application exits.
    """

## gist:68df0a6cdbfefbccd6dd
Broad summary:

- Elections are on Sunday 5th, July.

- This is the first time an e-voting system is used in Buenos Aires city.

- Researchers and IT professionals had been warning about potential issues with the way the system works (short summary at the end).

- Government officials have said on-record that the machines are only "printers with no memory". There is video evidence that the machines are in fact standard PCs running Ubuntu. USB and VGA ports are located behind a lid on the side. See videos here: https://storify.com/mis2centavos/el-sistema-de-voto-electronico-usado-en-caba

## gpgmutt.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                Sukelluskello
                / gpgmutt.md
            
            
              Last active
              August 29, 2015 14:25
                — forked from bnagy/gpgmutt.md
            
          
    GPG / Mutt / Gmail

About

This is a collection of snippets, not a comprehensive guide. I suggest you start with Operational PGP.
Here is an incomplete list of things that are different from other approaches:

I don't use keyservers. Ever.
Yes, I use Gmail instead of some bespoke hipster freedom service


## graceful_shutdown_tornado_web_server.py
#!/usr/bin/env python

"""
How to use it:
1. Just `kill -2 PROCESS_ID` or `kill -15 PROCESS_ID` , The Tornado Web Server Will shutdown after process all the request.
2. When you run it behind Nginx, it can graceful reboot your production server.

3. Nice Print in http://weibo.com/1682780325/zgkb7g8k7

"""

## ghost_xmlrpc.rb
#
# --[ Trustwave SpiderLabs Research Team ]--
# Ref: http://blog.spiderlabs.com/2015/01/ghost-gethostbyname-heap-overflow-in-glibc-cve-2015-0235.html
#
require "net/http"
require "uri"

if ARGV.count != 2
  puts "Usage: #{ARGV[0]} [Target URL] [count]"
  exit

## vhost.py
#! /usr/bin/python

from sys import argv
from os.path import exists
from os import makedirs
from os import symlink
from os import system
import getopt

#

## keybase.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                Sukelluskello
                / keybase.md
            
            
              Created
              August 26, 2016 07:09
            
          
    Keybase proof

I hereby claim:

I am Sukelluskello on github.
I am sukelluskello (https://keybase.io/sukelluskello) on keybase.
I have a public key whose fingerprint is D03C 97A8 6DF4 6E25 FA31  079E B218 EE2B DB44 709F

To claim this, I am signing this object:

  
## Petya_ransomware.txt
WannaCry2: Petya Ransomware attack.

Got new info? Email at isox@vulners.com

*********** Possible malware files:
https://yadi.sk/d/S0-ZhPY53KWc84
https://yadi.sk/d/Zpkm88sp3KWc8v
Archive password: virus

*********** Malware dropped file:

## libHash.cpp
//https://github.com/twelvesec/dexter
//GNU General Public License v3.0
//@maldevel

//...

std::string libHash::sha256(std::string input) {
	std::string hash;
	sha256_context ctx;
	BYTE tmp[SHA256_HASH_SIZE];

## gist:7bda13d402a632d3df7eab3228f7c4b9
rule vba_hidden_from_editor {

  strings:

    $header_office = { D0 CF 11 E0 }
    $has_macros = "\x0aDocument="
    $s1 = /\x0aDocument=.{3,1000}\x0d?\x0a\w{4,30}=(\{|"|[a-zA-Z])/
    $s2 = /\x0aDocument=This(Docume|Displa)[a-zA-Z](\x00.){10,}/

  condition:
	import threading
	import time


	class ThreadingExample(object):
	""" Threading example class

	The run() method will be started and it will run in the background
	until the application exits.
	"""
	Broad summary:

	- Elections are on Sunday 5th, July.

	- This is the first time an e-voting system is used in Buenos Aires city.

	- Researchers and IT professionals had been warning about potential issues with the way the system works (short summary at the end).

	- Government officials have said on-record that the machines are only "printers with no memory". There is video evidence that the machines are in fact standard PCs running Ubuntu. USB and VGA ports are located behind a lid on the side. See videos here: https://storify.com/mis2centavos/el-sistema-de-voto-electronico-usado-en-caba
	#!/usr/bin/env python

	"""
	How to use it:
	1. Just `kill -2 PROCESS_ID` or `kill -15 PROCESS_ID` , The Tornado Web Server Will shutdown after process all the request.
	2. When you run it behind Nginx, it can graceful reboot your production server.

	3. Nice Print in http://weibo.com/1682780325/zgkb7g8k7

	"""
	#
	# --[ Trustwave SpiderLabs Research Team ]--
	# Ref: http://blog.spiderlabs.com/2015/01/ghost-gethostbyname-heap-overflow-in-glibc-cve-2015-0235.html
	#
	require "net/http"
	require "uri"

	if ARGV.count != 2
	puts "Usage: #{ARGV[0]} [Target URL] [count]"
	exit
	#! /usr/bin/python

	from sys import argv
	from os.path import exists
	from os import makedirs
	from os import symlink
	from os import system
	import getopt

	#
	WannaCry2: Petya Ransomware attack.

	Got new info? Email at isox@vulners.com

	*********** Possible malware files:
	https://yadi.sk/d/S0-ZhPY53KWc84
	https://yadi.sk/d/Zpkm88sp3KWc8v
	Archive password: virus

	*********** Malware dropped file:
	//https://github.com/twelvesec/dexter
	//GNU General Public License v3.0
	//@maldevel

	//...

	std::string libHash::sha256(std::string input) {
	std::string hash;
	sha256_context ctx;
	BYTE tmp[SHA256_HASH_SIZE];
	rule vba_hidden_from_editor {

	strings:

	$header_office = { D0 CF 11 E0 }
	$has_macros = "\x0aDocument="
	$s1 = /\x0aDocument=.{3,1000}\x0d?\x0a\w{4,30}=(\{\|"\|[a-zA-Z])/
	$s2 = /\x0aDocument=This(Docume\|Displa)[a-zA-Z](\x00.){10,}/

	condition: