IMPORTANT: Backup your nginx site configs (usually under /etc/nginx/sites-available
)!
Remove old nginx incl. nginx-common:
apt-get autoremove --purge nginx nginx-common
var http=require("http"),https=require("https"),fs=require("fs"); | |
var exec = require('child_process').execFile; | |
var UA = "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.89 Safari/537.36"; | |
//从12306获取图片 | |
getImg().then(function(){ | |
// 改变图片尺寸 | |
return resizeImg(); | |
}).then(function(){ | |
// 把图片裁剪成8个小图片 | |
return cropImg(); |
# aliyun apt source | |
# sudo sh -c 'echo "deb http://cn.archive.ubuntu.com/ubuntu/ trusty main restricted \n\ | |
# deb-src http://cn.archive.ubuntu.com/ubuntu/ trusty main restricted \n\ | |
# deb http://cn.archive.ubuntu.com/ubuntu/ trusty-updates main restricted \n\ | |
# deb-src http://cn.archive.ubuntu.com/ubuntu/ trusty-updates main restricted \n\ | |
# deb http://cn.archive.ubuntu.com/ubuntu/ trusty universe \n\ | |
# deb-src http://cn.archive.ubuntu.com/ubuntu/ trusty universe \n\ | |
# deb http://cn.archive.ubuntu.com/ubuntu/ trusty-updates universe \n\ | |
# deb-src http://cn.archive.ubuntu.com/ubuntu/ trusty-updates universe \n\ | |
# deb http://cn.archive.ubuntu.com/ubuntu/ trusty multiverse \n\ |
/* | |
* CVE-2016-5195 dirtypoc | |
* | |
* This PoC is memory only and doesn't write anything on the filesystem. | |
* /!\ Beware, it triggers a kernel crash a few minutes. | |
* | |
* gcc -Wall -o dirtycow-mem dirtycow-mem.c -ldl -lpthread | |
*/ | |
#define _GNU_SOURCE |
(module | |
(func $addTwo (param i32 i32) (result i32) | |
(i32.add | |
(get_local 0) | |
(get_local 1))) | |
(export "addTwo" (func $addTwo))) |
credit: @GossiTheDog: "If you want to setup FUZZBUNCH (the Equation exploit framework) you need Win7 VM + Python 2.6 + Pywin 2.6, then python fb.py for shell"
h/t @x0rz @DEYCrypt @hackerfantastic
context: https://steemit.com/shadowbrokers/@theshadowbrokers/lost-in-translation
writeup: https://www.trustedsec.com/blog/equation-group-dump-analysis-full-rce-win7-fully-patched-cobalt-strike/
decrypted files: https://github.com/x0rz/EQGRP_Lost_in_Translation
#!/bin/bash | |
sourcefile=$1 | |
destfile=$2 | |
# Overly simple validation | |
if [ ! -e "$sourcefile" ]; then | |
echo 'Please provide an existing input file.' | |
exit | |
fi |
#!/usr/bin/python | |
# This file has no update anymore. Please see https://github.com/worawit/MS17-010 | |
from impacket import smb | |
from struct import pack | |
import sys | |
import socket | |
''' | |
EternalBlue exploit for Windows 7/2008 by sleepya | |
The exploit might FAIL and CRASH a target system (depended on what is overwritten) |
const Web3 = require('web3') | |
const Tx = require('ethereumjs-tx').Transaction | |
// connect to Infura node | |
const web3 = new Web3(new Web3.providers.HttpProvider('https://mainnet.infura.io/INFURA_KEY')) | |
// the address that will send the test transaction | |
const addressFrom = '0x1889EF49cDBaad420EB4D6f04066CA4093088Bbd' | |
const privateKey = new Buffer('PRIVATE_KEY', 'hex') |
#!/usr/bin/env python2 | |
# lrdcq | |
# usage python2 unwxapkg.py filename | |
import sys, os | |
import struct | |
class WxapkgFile(object): | |
nameLen = 0 |