JC GreenMind greenmind-sec

## ESXi ransomware payment addresses
15m7FP7U4kDJhAVtjjUdUB8WYswpf7Dtho
1Nm2TMEFEdyb2BP6tLyuREoKECztibuK6P
1LJYrTxrQA5pFRRg2bSyJLT6MGezmMBVfX
1EiCssanXmavzjtffYHzK6aVeQHngUxX1s
1H65AnxCg7mT4rTZmRzH8cxENk1N12rhkZ
1CVbdRQQ3TeWaPWqARKP9wvAEPvavJDrKo
1B9APV4ARm26MUW74ZcGNQE9hBHM5XGPbg
14u8xH6KdJFoTP93Lep9tpb1KQQvshQaAj
145V8AXLZpFv1ABVEsMYFsGpaZPwgKNZbf
1LGBP4iwrwv3GxybQ5QZJ19M3MAP76cw6U

## spectre.c
/* https://spectreattack.com/spectre.pdf */
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifdef _MSC_VER
#include <intrin.h> /* for rdtscp and clflush */
#pragma optimize("gt",on)
#else
#include <x86intrin.h> /* for rdtscp and clflush */
#endif

## spectre.c
#include <stdio.h>
#include <stdlib.h>
#include <stdint.h>
#ifdef _MSC_VER
#include <intrin.h> /* for rdtscp and clflush */
#pragma optimize("gt",on)
#else
#include <x86intrin.h> /* for rdtscp and clflush */
#endif

## cve-2017-4915.sh
#!/bin/bash
################################################################################
# VMware Workstation Local Privilege Escalation exploit (CVE-2017-4915)        #
#  - https://www.vmware.com/security/advisories/VMSA-2017-0009.html            #
#  - https://www.exploit-db.com/exploits/42045/                                #
#                                                                              #
# Affects:                                                                     #
#  - VMware Workstation Player <= 12.5.5                                       #
#  - VMware Workstation Pro <= 12.5.5                                          #
################################################################################

## Kali 2017.1 x64, Docker-ce Install script
#!/bin/bash

# update apt-get
export DEBIAN_FRONTEND="noninteractive"
sudo apt-get update

# remove previously installed Docker
sudo apt-get remove docker docker-engine docker.io* lxc-docker*

# install dependencies 4 cert

## Wannacrypt0r-FACTSHEET.md

      
              1 file
            
          
              158 forks
            
          
              267 comments
            
          
              713 stars
            
          
                rain-1
                / Wannacrypt0r-FACTSHEET.md
            
            
              Last active
              March 10, 2024 11:03
                — forked from Epivalent/Wannacrypt0r-FACTSHEET.md
            
          
    WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm


Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

  
## gist:606c41ac6ec40bf5c69d4db96d9312e3
From: http://redteams.net/bookshelf/
Techie

    Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
    Social Engineering: The Art of Human Hacking by Christopher Hadnagy
    Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
    The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
    Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
    Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
    The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors

## howto-install-docker-on-proxmox-4.md

      
              1 file
            
          
              5 forks
            
          
              2 comments
            
          
              15 stars
            
          
                dferg
                / howto-install-docker-on-proxmox-4.md
            
            
              Last active
              October 15, 2021 16:23
            
              
                HOWTO: Install Docker on Proxmox 4
              
          
    Install Docker on Proxmox 4

Proxmox 4 is based on Debian Jessie. Reference for this install: https://docs.docker.com/engine/installation/linux/debian/#/install-using-the-repository
Add the Docker repo for Debian Jessie

$ apt-get install curl
$ curl -fsSL https://apt.dockerproject.org/gpg | apt-key add -
$ echo "deb https://apt.dockerproject.org/repo/ debian-jessie main" > /etc/apt/sources.list.d/docker.list

$ apt-get update

  
## cowroot.c
/*
* (un)comment correct payload first (x86 or x64)!
*
* $ gcc cowroot.c -o cowroot -pthread
* $ ./cowroot
* DirtyCow root privilege escalation
* Backing up /usr/bin/passwd.. to /tmp/bak
* Size of binary: 57048
* Racing, this may take a while..
* /usr/bin/passwd overwritten

## 8x1080.md

      
              1 file
            
          
              20 forks
            
          
              37 comments
            
          
              188 stars
            
          
                epixoip
                / 8x1080.md
            
            
              Last active
              March 20, 2024 17:14
            
              
                8x Nvidia GTX 1080 Hashcat Benchmarks
              
          
    8x Nvidia GTX 1080 Hashcat Benchmarks

Product: Sagitta Brutalis 1080 (PN S3480-GTX-1080-2697-128)
Software: Hashcat v3.00-beta-145-g069634a, Nvidia driver 367.18
Accelerator: 8x Nvidia GTX 1080 Founders Edition
Highlights
	15m7FP7U4kDJhAVtjjUdUB8WYswpf7Dtho
	1Nm2TMEFEdyb2BP6tLyuREoKECztibuK6P
	1LJYrTxrQA5pFRRg2bSyJLT6MGezmMBVfX
	1EiCssanXmavzjtffYHzK6aVeQHngUxX1s
	1H65AnxCg7mT4rTZmRzH8cxENk1N12rhkZ
	1CVbdRQQ3TeWaPWqARKP9wvAEPvavJDrKo
	1B9APV4ARm26MUW74ZcGNQE9hBHM5XGPbg
	14u8xH6KdJFoTP93Lep9tpb1KQQvshQaAj
	145V8AXLZpFv1ABVEsMYFsGpaZPwgKNZbf
	1LGBP4iwrwv3GxybQ5QZJ19M3MAP76cw6U
	/* https://spectreattack.com/spectre.pdf */
	#include <stdio.h>
	#include <stdlib.h>
	#include <stdint.h>
	#ifdef _MSC_VER
	#include <intrin.h> /* for rdtscp and clflush */
	#pragma optimize("gt",on)
	#else
	#include <x86intrin.h> /* for rdtscp and clflush */
	#endif
	#!/bin/bash
	################################################################################
	# VMware Workstation Local Privilege Escalation exploit (CVE-2017-4915) #
	# - https://www.vmware.com/security/advisories/VMSA-2017-0009.html #
	# - https://www.exploit-db.com/exploits/42045/ #
	# #
	# Affects: #
	# - VMware Workstation Player <= 12.5.5 #
	# - VMware Workstation Pro <= 12.5.5 #
	################################################################################
	#!/bin/bash

	# update apt-get
	export DEBIAN_FRONTEND="noninteractive"
	sudo apt-get update

	# remove previously installed Docker
	sudo apt-get remove docker docker-engine docker.io* lxc-docker*

	# install dependencies 4 cert
	From: http://redteams.net/bookshelf/
	Techie

	Unauthorised Access: Physical Penetration Testing For IT Security Teams by Wil Allsopp.
	Social Engineering: The Art of Human Hacking by Christopher Hadnagy
	Practical Lock Picking: A Physical Penetration Tester's Training Guide by Deviant Ollam
	The Art of Deception: Controlling the Human Element of Security by Kevin Mitnick
	Hacking: The Art of Exploitation by Jon Erickson and Hacking Exposed by Stuart McClure and others.
	Nmap Network Scanning: The Official Nmap Project Guide to Network Discovery and Security Scanning by Fyodor
	The Shellcoder's Handbook: Discovering and Exploiting Security Holes by several authors
	/*
	* (un)comment correct payload first (x86 or x64)!
	*
	* $ gcc cowroot.c -o cowroot -pthread
	* $ ./cowroot
	* DirtyCow root privilege escalation
	* Backing up /usr/bin/passwd.. to /tmp/bak
	* Size of binary: 57048
	* Racing, this may take a while..
	* /usr/bin/passwd overwritten