$ sudo -i
# vim /etc/systemd/system/disable-transparent-huge-pages.service
# systemctl enable disable-transparent-huge-pages
# systemctl start disable-transparent-huge-pages
# systemctl status disable-transparent-huge-pages
# cat /sys/kernel/mm/transparent_hugepage/enabled
# cat /sys/kernel/mm/transparent_hugepage/defrag
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
#----------------------------------------------- | |
# Name: fetch_cosm.py | |
# | |
# Purpose: retrieve historical hi-res data from cosm | |
# Usage: ./fetch_cosm.py >>cosm_data.csv | |
# History: | |
# Date Author Remarks | |
# 15Oct2012 RW Created. | |
#----------------------------------------------- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/sh | |
# Run pyflakes on all changed .py files before commit. | |
# | |
# By David Warde-Farley, Feb 28, 2013 -- released under the 3-clause BSD license. | |
# | |
# To use, run this file from the script .git/hooks/pre-commit | |
FILES=`git diff --staged --name-status |grep '\.py$' |grep '^[AM]' |sed -e's/^[AM]\s\+//'` | |
ROOT=`git rev-parse --show-toplevel` | |
NUM_BAD_FILES=0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[Unit] | |
Description=Keeps a tunnel to 'remote.example.com' open | |
After=network.target | |
[Service] | |
User=autossh | |
# -p [PORT] | |
# -l [user] | |
# -M 0 --> no monitoring | |
# -N Just open the connection and do nothing (not interactive) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env bash | |
alias docker-ip="docker inspect --format='{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}'" | |
function _docker-ip() { | |
# No need to worry about spaces in this output, because | |
# docker only allows names in the form [a-zA-Z0-9][a-zA-Z0-9_.-]* | |
local pos_comps=$(docker ps --format "{{.ID}} {{.Names}}") | |
# $COMP_WORDS array with the current line | |
# $COMP_WORD the current word we're comping |
- Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
- Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
- Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
- Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
- Kill switch: If the website
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).
update: A minor variant of the viru