Skip to content

Instantly share code, notes, and snippets.

@evilsocket
evilsocket / example.rb
Created January 22, 2017 14:56
BetterCAP example UDP Proxy Module
class Example < BetterCap::Proxy::UDP::Module
meta(
'Name' => 'Example',
'Description' => 'Example UDP proxy module.',
'Version' => '1.0.0',
'Author' => "Simone 'evilsocket' Margaritelli",
'License' => 'GPL3'
)
# Received when the victim is sending data to the upstream server.
Verifying that "evilsocket.id" is my Blockstack ID. https://onename.com/evilsocket
/*
* This tool will decrypt files encrypted by the Magniber ransomware with
* AES128 ( CBC mode ) algorithm.
*
* RE and report by MalwareBytes ( @hasherezade )
*
* https://blog.malwarebytes.com/threat-analysis/2017/10/magniber-ransomware-exclusively-for-south-koreans/
*
* Decryptor written by Simone 'evilsocket' Margaritelli
*

Keybase proof

I hereby claim:

  • I am evilsocket on github.
  • I am evilsocket (https://keybase.io/evilsocket) on keybase.
  • I have a public key whose fingerprint is 7F1A D5FA 2A51 87DF DD53 DDA9 1564 D7F3 0393 A456

To claim this, I am signing this object:

Keybase proof

I hereby claim:

  • I am evilsocket on github.
  • I am evilsocket (https://keybase.io/evilsocket) on keybase.
  • I have a public key ASDQOex7WfTVV8cumbapyzHyv-NXXay_D0-RfJwOH8xKrQo

To claim this, I am signing this object:

@evilsocket
evilsocket / spam_yuanopen.go
Last active March 21, 2021 13:56
registers random users to a spam&scam network that's targeting EU
package main
import (
"encoding/json"
"fmt"
"io/ioutil"
"math/rand"
"net/http"
"net/url"
"strings"
@evilsocket
evilsocket / read_apple_note.py
Last active October 19, 2022 18:35
Read Apple Notes content in python via quick&dirty AppleScript
def get_apple_note_contents(account = 'iCloud', folder = 'Notes', note = 'Routine', strip_tags = True, as_lines = True):
import subprocess
import os
import tempfile
import re
script = """
tell application "Notes"
tell account "%s"
tell folder "%s"
@evilsocket
evilsocket / twitter_tos.patch
Created November 7, 2022 14:07
Twitter ToS change
--- /var/folders/6g/yj20jtln2qbbfbg5_lhj_lg40000gn/T/tmprr9h5hoe 2022-11-07 15:07:12.000000000 +0100
+++ /var/folders/6g/yj20jtln2qbbfbg5_lhj_lg40000gn/T/tmp1s9xlrwt 2022-11-07 15:07:12.000000000 +0100
@@ -1,3 +1,3 @@
a
-a
+b
a
\ No newline at end of file
@evilsocket
evilsocket / twitter_tos.patch
Created November 7, 2022 14:08
Twitter ToS change
--- /var/folders/6g/yj20jtln2qbbfbg5_lhj_lg40000gn/T/tmpagj_091d 2022-11-07 15:08:50.000000000 +0100
+++ /var/folders/6g/yj20jtln2qbbfbg5_lhj_lg40000gn/T/tmpexymodh2 2022-11-07 15:08:50.000000000 +0100
@@ -1411,7 +1411,7 @@
<p>You retain your rights to any Content you submit, post or display on or through the Services. What’s yours is yours — you own your Content (and your incorporated audio, photos and videos are considered part of the Content).<br />
<br />
</p>
-<p>By submitting, posting or displaying Content on or through the Services, you grant us a worldwide, non-exclusive, royalty-free license (with the right to sublicense) to use, copy, reproduce, process, adapt, modify, publish, transmit, display and distribute such Content in any and all media or distribution methods now known or later developed (for clarity, these rights include, for example, curating, transforming, and translating). This license authorizes us to make your Content available to the rest of the world and to let others do the
@evilsocket
evilsocket / twitter_tos.patch
Created November 7, 2022 15:24
Twitter ToS change
--- /var/folders/6g/yj20jtln2qbbfbg5_lhj_lg40000gn/T/tmpjhff6ae0 2022-11-07 16:24:55.000000000 +0100
+++ /var/folders/6g/yj20jtln2qbbfbg5_lhj_lg40000gn/T/tmpbodjyi1o 2022-11-07 16:24:55.000000000 +0100
@@ -1,7 +1,7 @@
<!DOCTYPE html>
-<html lang="en" dir="ltr" prefix="og: http://ogp.me/ns#" data-behavior="i18n" data-environment="prod" data-server-mode="publish" data-dc="a">
+<html lang="en" dir="ltr" prefix="og: http://ogp.me/ns#" data-behavior="i18n" data-environment="prod" data-server-mode="publish" data-dc="s">
<head>
<meta charset="utf-8"/>