Bitcoin miners want their newly-found blocks to propagate across the network as quickly as possible, because every millisecond of delay increases the chances that another block, found at about the same time, wins the "block race."
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from flask import Flask, render_template, request | |
import os , shelve , atexit , threading , urllib2 , time | |
app = Flask(__name__) | |
poll_data = { | |
'question' : 'You agree that the Brazilian internet should be stapled?', | |
'fields': ['Yes', 'No'] | |
} | |
db = shelve.open("votes.db",writeback=True) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/usr/bin/env python | |
import requests | |
for i in xrange(0,3): | |
req = requests.get("http://v0t3.pwn2win.party/poll?field=No") | |
req2 = requests.get("http://v0t3.pwn2win.party/results") | |
print req2.content |
Being someone who tries to play a lot with Windows memory, I really wanted to play with PANDA, but I was slightly scared because I'd never touched qemu
before - all my experience had been with VirtualBox and VMware.
My goal was to install PANDA into a (relatively) clean install of Debian 8 'Jessie', capture a recording and successfully run a PANDA plugin.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# a pandoc script to easily turn formatted text files into PDFs - May 2016. | |
# based on a script by @pdfkungfoo, minor changes by Ange Albertini | |
# requires pandoc http://pandoc.org/ | |
# and either XeTeX http://xetex.sourceforge.net/ or LuaTeX http://www.luatex.org/ | |
# Xelatex supports all system fonts by default, and UTF8. | |
# standard PDFLateX doesn't. LuaLaTex also does but is slower. |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// | |
// _oo8oo_ | |
// o8888888o | |
// 88" . "88 | |
// (| -_- |) | |
// 0\ = /0 | |
// ___/'==='\___ | |
// .' \\| |// '. | |
// / \\||| : |||// \ | |
// / _||||| -:- |||||_ \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/boot/bzImage | |
# Linux kernel userspace initialization code, translated to bash | |
# (Minus floppy disk handling, because seriously, it's 2017.) | |
# Not 100% accurate, but gives you a good idea of how kernel init works | |
# GPLv2, Copyright 2017 Hector Martin <marcan@marcan.st> | |
# Based on Linux 4.10-rc2. | |
# Note: pretend chroot is a builtin and affects the current process | |
# Note: kernel actually uses major/minor device numbers instead of device name |
- Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
- Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
- Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
- Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
- Kill switch: If the website
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).
update: A minor variant of the viru
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
POW_WINDOW = 60 | |
def to_boundary(diff): | |
b = ["1"] * 256 | |
for i in range(diff): | |
b[i] = "0" | |
return int("".join(b), 2) | |
def to_hashes(diff): | |
boundary = to_boundary(diff) |