Skip to content

Instantly share code, notes, and snippets.

View kheminw's full-sized avatar

K. kheminw

View GitHub Profile
@dhinakg
dhinakg / tutorial.md
Last active December 9, 2023 01:50
iOS/iPadOS 14.3 OTA
# IDA (disassembler) and Hex-Rays (decompiler) plugin for Apple AMX
#
# WIP research. (This was edited to add more info after someone posted it to
# Hacker News. Click "Revisions" to see full changes.)
#
# Copyright (c) 2020 dougallj
# Based on Python port of VMX intrinsics plugin:
# Copyright (c) 2019 w4kfu - Synacktiv
@shirakaba
shirakaba / setup.md
Last active May 16, 2024 13:57
Configuring Nexus as a private registry for npm packages

Get the details to connect to your Nexus-managed npm repository

Note: Nexus group repositories (good example in this StackOverflow question) are out of this tutorial's scope. In any case, deployment to group repositories is currently still an open issue for Nexus 3 (and not intended ever to be implemented in Nexus 2). Thus, it is assumed that we'll push & pull to/from the same repository, and ignore the idea of groups hereon in.

  1. Ask your sysadmin for a username & password allowing you to log into your organistation's Nexus Repository Manager.

  2. Test the login credentials on the Nexus Repository manager at: http://localhost:8081/nexus/#view-repositories (localhost in our case is replaced by a static IP, and can only be connected to over VPN). If your organisation requires a VPN to connect to it, connect to that VPN before proceeding with this tutori

@mirhec
mirhec / raspi-setup-gitea.md
Created September 20, 2017 07:14
Installing Gitea on Raspberry Pi with nginx, SSL and automatic backups

Setup Gitea on Raspberry Pi (3)

These instructions are based on this article: https://www.alexruf.net/2016/05/23/setup-gogs-git-service.html.

Setup Raspberry Pi with minimal Raspbian image. You need to connect to the HDMI port and set the following:

sudo raspi-config

There you need to enable the SSH server and you should change the hostname.

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@dpino
dpino / ns-inet.sh
Last active April 19, 2024 18:12
Setup a network namespace with Internet access
#!/usr/bin/env bash
# set -x
if [[ $EUID -ne 0 ]]; then
echo "You must be root to run this script"
exit 1
fi
# Returns all available interfaces, except "lo" and "veth*".
@shamil
shamil / mount_qcow2.md
Last active June 16, 2024 12:10
How to mount a qcow2 disk image

How to mount a qcow2 disk image

This is a quick guide to mounting a qcow2 disk images on your host server. This is useful to reset passwords, edit files, or recover something without the virtual machine running.

Step 1 - Enable NBD on the Host

modprobe nbd max_part=8
@plentz
plentz / nginx.conf
Last active June 11, 2024 06:55
Best nginx configuration for improved security(and performance)
# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048