Skip to content

Instantly share code, notes, and snippets.

Eli Nesterov elinesterov

Block or report user

Report or block elinesterov

Hide content and notifications from this user.

Learn more about blocking users

Contact Support about this user’s behavior.

Learn more about reporting abuse

Report abuse
View GitHub Profile
View Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@bbharris
bbharris / load_cell.agent.nut
Last active Jun 8, 2018
Load Cell Example Code
View load_cell.agent.nut
// Copyright (c) 2014 Electric Imp
// This file is licensed under the MIT License
// http://opensource.org/licenses/MIT
const PLOTLY_USER = "XXXXX";
const PLOTLY_KEY = "XXXXX";
// Name your plot
const PLOTLY_FILENAME = "Compensated Weight vs Temp Graph 3kg";
// How much historical data to show in hours (autorange must be disabled)
const GRAPH_WINDOW = 24;
You can’t perform that action at this time.