Skip to content

Instantly share code, notes, and snippets.

View egemenyildiz's full-sized avatar

Egemen Yıldız egemenyildiz

49 followers · 65 following
View GitHub Profile
@jwbee
jwbee / readme.md
Last active July 19, 2024 13:34
Help me identify possible tracking device found in my car

Help me identify possible tracking device found in my car

TL;DR

I found a non-OEM electronic gadget in my car. It is wired into the ignition, and contains a 435.10 MHz radio reciever, a microcontroller, and two relays. I suspect it might be a device that allows third parties to unlock the doors and start the car with a radio.

Details

I was driving my 2020 Honda Insight EX when it started to make the annoying sound of an electromechanical relay rapidly switching on and off. When I got home I looked under the dash and straight away I could see someone other than Honda had been in here. The first thing I saw was this surface-mounted switch that doesn't belong there.

@gmurdocca
gmurdocca / socat_caesar_dpi.md
Last active June 28, 2024 15:53
Circumventing Deep Packet Inspection with Socat and rot13

Circumventing Deep Packet Inspection with Socat and rot13

I have a Linux virtual machine inside a customer's private network. For security, this VM is reachable only via VPN + Citrix + Windows + a Windows SSH client (eg PuTTY). I am tasked to ensure this Citrix design is secure, and users can not access their Linux VM's or other resources on the internal private network in any way outside of using Citrix.

The VM can access the internet. This task should be easy. The VM's internet gateway allows it to connect anywhere on the internet to TCP ports 80, 443, and 8090 only. Connecting to an internet bastion box on one of these ports works and I can send and receive clear text data using netcat. I plan to use good old SSH, listening on tcp/8090 on the bastion, with a reverse port forward configured to expose sshd on the VM to the public, to show their Citrix gateway can be circumvented.

Rejected by Deep Packet Inspection

I hit an immediate snag. The moment I try to establish an SSH or SSL connection over o

@mGBUfLn9
mGBUfLn9 / history.txt
Created May 4, 2020 19:04
I was drawn to programming, science, technology and science fiction
ever since I was a little kid. I can't say it's because I wanted to
make the world a better place. Not really. I was simply drawn to it
because I was drawn to it. Writing programs was fun. Figuring out how
nature works was fascinating. Science fiction felt like a grand
adventure.
Then I started a software company and poured every ounce of energy
into it. It failed. That hurt, but that part is ok. I made a lot of
mistakes and learned from them. This experience made me much, much
@stettix
stettix / things-i-believe.md
Last active July 10, 2024 23:00
Things I believe

Things I believe

This is a collection of the things I believe about software development. I have worked for years building backend and data processing systems, so read the below within that context.

Agree? Disagree? Feel free to let me know at @JanStette. See also my blog at www.janvsmachine.net.

Fundamentals

Keep it simple, stupid. You ain't gonna need it.

@nicosingh
nicosingh / docker-compose.yml
Last active March 16, 2021 07:35
Trœfik load balancing sample using docker
version: "3.4"
services:
proxy:
image: traefik:latest
restart: always
ports:
- 80:80
- 443:443
- 15671:8080
volumes:
@anvk
anvk / psql_useful_stat_queries.sql
Last active July 12, 2024 11:28
List of some useful Stat Queries for PSQL
--- PSQL queries which also duplicated from https://github.com/anvk/AwesomePSQLList/blob/master/README.md
--- some of them taken from https://www.slideshare.net/alexeylesovsky/deep-dive-into-postgresql-statistics-54594192
-- I'm not an expert in PSQL. Just a developer who is trying to accumulate useful stat queries which could potentially explain problems in your Postgres DB.
------------
-- Basics --
------------
-- Get indexes of tables
@h3
h3 / color.py
Last active June 27, 2019 19:38
Simple shell color outpout function
# -*- coding: utf-8 -*-
from __future__ import unicode_literals
import re
import sys
def c(i):
"""
@aunyks
aunyks / snakecoin.py
Last active April 29, 2024 22:52
import hashlib as hasher
import datetime as date
# Define what a Snakecoin block is
class Block:
def __init__(self, index, timestamp, data, previous_hash):
self.index = index
self.timestamp = timestamp
self.data = data
self.previous_hash = previous_hash
@vulnersCom
vulnersCom / Petya_ransomware.md
Last active July 6, 2023 19:30

#petya #petrWrap #notPetya

Win32/Diskcoder.Petya.C

Ransomware attack.

About

This gist was built by the community of the researchers and was scribed by Kir and Igor from the QIWI/Vulners. We are grateful for the help of all those who sent us the data, links and information. Together we can make this world a better place!

Gist updates

@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active March 10, 2024 11:03 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru