ValdikSS ValdikSS

## gist:beab7346f9c9592f6d33
-----BEGIN CERTIFICATE-----
MIIC9TCCAl6gAwIBAgIJANL8E4epRNznMA0GCSqGSIb3DQEBBQUAMFsxGDAWBgNV
BAoTD1N1cGVyZmlzaCwgSW5jLjELMAkGA1UEBxMCU0YxCzAJBgNVBAgTAkNBMQsw
CQYDVQQGEwJVUzEYMBYGA1UEAxMPU3VwZXJmaXNoLCBJbmMuMB4XDTE0MDUxMjE2
MjUyNloXDTM0MDUwNzE2MjUyNlowWzEYMBYGA1UEChMPU3VwZXJmaXNoLCBJbmMu
MQswCQYDVQQHEwJTRjELMAkGA1UECBMCQ0ExCzAJBgNVBAYTAlVTMRgwFgYDVQQD
Ew9TdXBlcmZpc2gsIEluYy4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOjz
Shh2Xxk/sc9Y6X9DBwmVgDXFD/5xMSeBmRImIKXfj2r8QlU57gk4idngNsSsAYJb
1Tnm+Y8HiN/+7vahFM6pdEXY/fAXVyqC4XouEpNarIrXFWPRt5tVgA9YvBxJ7SBi
3bZMpTrrHD2g/3pxptMQeDOuS8Ic/ZJKocPnQaQtAgMBAAGjgcAwgb0wDAYDVR0T

## gist:d896cebd8e1aafc65b4b
<?xml version="1.0"?>
<!--
use "man thermal-conf.xml" for details
-->
<!-- BEGIN -->
<ThermalConfiguration>
    <Platform>
        <Name>Lenovo ThinkPad X220</Name>
        <ProductName>*</ProductName>
        <Preference>QUIET</Preference>

## gist:175f0f89d40b8689c0eb
% xrandr --newmode "3840x2160x49.98"  442.000000  3840 3888 3920 4000  2160 2163 2167 2211  +HSync -VSync
% xrandr --addmode DP1 "3840x2160x49.98"
% xrandr --output DP1 --mode "3840x2160x49.98"

## gist:5963db02241d0c0c6219
libva info: VA-API version 0.37.0
libva info: va_getDriverName() returns 0
libva info: Trying to open /usr/lib/dri/i965_drv_video.so
libva info: Found init function __vaDriverInit_0_37
libva info: va_openDriver() returns 0
vainfo: VA-API version: 0.37 (libva 1.5.1)
vainfo: Driver version: Intel i965 driver for Intel(R) Sandybridge Mobile - 1.5.1
vainfo: Supported profile and entrypoints
      VAProfileMPEG2Simple            : VAEntrypointVLD
      VAProfileMPEG2Main              : VAEntrypointVLD

## gist:3326bb37cc4f0e641950
Factory Details:
  Rank                     primary (256)
  Long-name                VA-API H.264 encoder
  Klass                    Codec/Encoder/Video
  Description              A VA-API based H.264 video encoder
  Author                   Wind Yuan <feng.yuan@intel.com>

Plugin Details:
  Name                     vaapi
  Description              VA-API based elements

## avitoapk.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                ValdikSS
                / avitoapk.md
            
            
              Last active
              August 29, 2015 14:14
            
              
                Анализ avito.apk
              
          
    Анализ avito.apk с сайта mmssmp.com

avito.apk — банковский троян, который переводит денежные средства с карточных счетов клиента мобильного устройства под управлением ОС Android банков Сбербанк, Альфа-Банк и платежной системы QIWI. Перевод денежных средств производится посредством отправки СМС на номера СМС-банкинга соответствующего банка или платежной системы на номера телефонов, полученных с панели управления трояном, расположенной по адресу http://karaokecasino.cc/admav
Троян умеет перехватывать входящие СМС таким образом, что они не отображаются на экране и не сохраняются в памяти устройства, отправлять полученные СМС на сервер и анализировать их. Таким образом, вредонос узнает о наличии карт у клиента, остатке на карточном счете, и выполняет перевод средств.
Чаще всего, данный троян распространяется через СМС-сообщения с предложением обмена или покупки по объявлению с сайта http://avito.ru/, в котором содержится ссылка, как правило, закодированная через популярные сервисы-сокращатели ссылок, на .apk-

  
## gist:ae5c4b9296543b7054ec
#define _GNU_SOURCE

#include <stdio.h>
#include <dlfcn.h>

//#define LIBC "/lib/x86_64-linux-gnu/libc.so.6"
//#define LIBC "/lib/libc.so.6"
#define LIBC "/lib/libc-2.19.so"

int main(int argc, char *argv[]) {

## gist:204aad1ccfa73974eda2
2 trip points:

<?xml version="1.0"?>
<!--
use "man thermal-conf.xml" for details
-->
<!-- BEGIN -->
<ThermalConfiguration>
    <Platform>
        <Name>Lenovo ThinkPad X220</Name>

## gist:37e10c062b5b5d94204f
valdikss@valaptop ~ % sudo gdb thermald
GNU gdb (GDB) 7.7.1
Copyright (C) 2014 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.  Type "show copying"
and "show warranty" for details.
This GDB was configured as "x86_64-unknown-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:

## gist:232e07dbf3e5f7dd986f
valdikss@valaptop /etc/thermald % sudo thermald --no-daemon --loglevel=debug
RAPL sysfs present
RAPL base path /sys/class/powercap/intel-rapl/
RAPL domain dir power
sysfs read failed /sys/class/powercap/intel-rapl/power/name
RAPL domain dir enabled
sysfs read failed /sys/class/powercap/intel-rapl/enabled/name
RAPL domain dir intel-rapl:0
name package-0
RAPL base path /sys/class/powercap/intel-rapl/intel-rapl:0/
	-----BEGIN CERTIFICATE-----
	MIIC9TCCAl6gAwIBAgIJANL8E4epRNznMA0GCSqGSIb3DQEBBQUAMFsxGDAWBgNV
	BAoTD1N1cGVyZmlzaCwgSW5jLjELMAkGA1UEBxMCU0YxCzAJBgNVBAgTAkNBMQsw
	CQYDVQQGEwJVUzEYMBYGA1UEAxMPU3VwZXJmaXNoLCBJbmMuMB4XDTE0MDUxMjE2
	MjUyNloXDTM0MDUwNzE2MjUyNlowWzEYMBYGA1UEChMPU3VwZXJmaXNoLCBJbmMu
	MQswCQYDVQQHEwJTRjELMAkGA1UECBMCQ0ExCzAJBgNVBAYTAlVTMRgwFgYDVQQD
	Ew9TdXBlcmZpc2gsIEluYy4wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOjz
	Shh2Xxk/sc9Y6X9DBwmVgDXFD/5xMSeBmRImIKXfj2r8QlU57gk4idngNsSsAYJb
	1Tnm+Y8HiN/+7vahFM6pdEXY/fAXVyqC4XouEpNarIrXFWPRt5tVgA9YvBxJ7SBi
	3bZMpTrrHD2g/3pxptMQeDOuS8Ic/ZJKocPnQaQtAgMBAAGjgcAwgb0wDAYDVR0T
	<?xml version="1.0"?>
	<!--
	use "man thermal-conf.xml" for details
	-->
	<!-- BEGIN -->
	<ThermalConfiguration>
	<Platform>
	<Name>Lenovo ThinkPad X220</Name>
	<ProductName>*</ProductName>
	<Preference>QUIET</Preference>
	% xrandr --newmode "3840x2160x49.98" 442.000000 3840 3888 3920 4000 2160 2163 2167 2211 +HSync -VSync
	% xrandr --addmode DP1 "3840x2160x49.98"
	% xrandr --output DP1 --mode "3840x2160x49.98"
	libva info: VA-API version 0.37.0
	libva info: va_getDriverName() returns 0
	libva info: Trying to open /usr/lib/dri/i965_drv_video.so
	libva info: Found init function __vaDriverInit_0_37
	libva info: va_openDriver() returns 0
	vainfo: VA-API version: 0.37 (libva 1.5.1)
	vainfo: Driver version: Intel i965 driver for Intel(R) Sandybridge Mobile - 1.5.1
	vainfo: Supported profile and entrypoints
	VAProfileMPEG2Simple : VAEntrypointVLD
	VAProfileMPEG2Main : VAEntrypointVLD
	Factory Details:
	Rank primary (256)
	Long-name VA-API H.264 encoder
	Klass Codec/Encoder/Video
	Description A VA-API based H.264 video encoder
	Author Wind Yuan <feng.yuan@intel.com>

	Plugin Details:
	Name vaapi
	Description VA-API based elements
	#define _GNU_SOURCE

	#include <stdio.h>
	#include <dlfcn.h>

	//#define LIBC "/lib/x86_64-linux-gnu/libc.so.6"
	//#define LIBC "/lib/libc.so.6"
	#define LIBC "/lib/libc-2.19.so"

	int main(int argc, char *argv[]) {
	2 trip points:

	<?xml version="1.0"?>
	<!--
	use "man thermal-conf.xml" for details
	-->
	<!-- BEGIN -->
	<ThermalConfiguration>
	<Platform>
	<Name>Lenovo ThinkPad X220</Name>
	valdikss@valaptop ~ % sudo gdb thermald
	GNU gdb (GDB) 7.7.1
	Copyright (C) 2014 Free Software Foundation, Inc.
	License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
	This is free software: you are free to change and redistribute it.
	There is NO WARRANTY, to the extent permitted by law. Type "show copying"
	and "show warranty" for details.
	This GDB was configured as "x86_64-unknown-linux-gnu".
	Type "show configuration" for configuration details.
	For bug reporting instructions, please see:
	valdikss@valaptop /etc/thermald % sudo thermald --no-daemon --loglevel=debug
	RAPL sysfs present
	RAPL base path /sys/class/powercap/intel-rapl/
	RAPL domain dir power
	sysfs read failed /sys/class/powercap/intel-rapl/power/name
	RAPL domain dir enabled
	sysfs read failed /sys/class/powercap/intel-rapl/enabled/name
	RAPL domain dir intel-rapl:0
	name package-0
	RAPL base path /sys/class/powercap/intel-rapl/intel-rapl:0/