littlecho
littlecho
/ Petya_ransomware.txt
Created
June 28, 2017 01:11
— forked from vulnersCom/Petya_ransomware.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #petya #petrWrap | |
| Win32/Diskcoder.Petya.C | |
| Ransomware attack. | |
| Got new info? Email at isox@vulners.com | |
| "it appeared to encrypt a selection of files (PDF and RTF) on two test machines prior to rebooting and encrypting parts of the MFT." - waiting for the details and PoC | |
| *********** KILLSWITCH // PARTIAL? GOT PROOF - EMAIL! |
littlecho
/ gist:cf0fa582d04bb9f19efa0882de9007ba
Created
September 28, 2016 10:46
Disable Gamed on Mac OSX
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Disable the launch agent for gamed | |
| bash# launchctl unload /System/Library/LaunchAgents/com.apple.gamed.plist | |
| #Re-enable the launch agent for gamed | |
| launchctl load /System/Library/LaunchAgents/com.apple.gamed.plist |
littlecho
/ original.mail
Created
August 24, 2016 01:34
— forked from andreasklinger/original.mail
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Delivered-To: my@email.com | |
| Received: by 10.194.116.36 with SMTP id jt4csp1490864wjb; | |
| Mon, 22 Aug 2016 03:10:26 -0700 (PDT) | |
| X-Received: by 10.37.210.209 with SMTP id j200mr2870425ybg.28.1471860626543; | |
| Mon, 22 Aug 2016 03:10:26 -0700 (PDT) | |
| Return-Path: <andreas+caf_=my@email.com> | |
| Received: from mail-yw0-x235.google.com (mail-yw0-x235.google.com. [2607:f8b0:4002:c05::235]) | |
| by mx.google.com with ESMTPS id n3si37059ywd.35.2016.08.22.03.10.25 | |
| for <my@email.com> | |
| (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # commit | |
| # number of days before for shifting to | |
| commit="$1" | |
| daysago=$2 | |
| temp_branch="temp-rebasing-branch" | |
| current_branch="$(git rev-parse --abbrev-ref HEAD)" | |
| original_timestamp="$(git show -s --format=%ct "$commit")" #unix timestamp here |