Skip to content

Instantly share code, notes, and snippets.

View otms61's full-sized avatar
🐭

saso otms61

🐭
11 followers · 5 following
View GitHub Profile
@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active March 10, 2024 11:03 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@epixoip
epixoip / 8x1080.md
Last active March 20, 2024 17:14
8x Nvidia GTX 1080 Hashcat Benchmarks
@ah8r
ah8r / README.md
Last active June 7, 2020 19:51
Hut3 Cardiac Arrest (compatible with Python 2.7)

Cardiac Arrest

Hut3 Cardiac Arrest - A script to check OpenSSL servers for the Heartbleed bug (CVE-2014-0160).

Note: This code was originally a GitHub Gist but has been copied to a full GitHub Repository so issues can also be tracked. Both will be kept updated with the latest code revisions.

DISCLAIMER: There have been unconfirmed reports that this script can render HP iLO unresponsive. This script complies with the TLS specification, so responsitivity issues are likely the result of a bad implementation of TLS on the server side. CNS Hut3 and Adrian Hayter do not accept responsibility if this script crashes a server you test it against. USE IT AT YOUR OWN RISK. As always, the correct way to test for the vulnerability is to check the version of OpenSSL installed on the server in question. OpenSSL 1.0.1 through 1.0.1f are vulnerable.

This script has several advantages over similar scripts that have been re

@kenrett
kenrett / Selenium Cheat Sheet.md
Last active May 25, 2023 01:28
Selenium Cheat Sheet - Ruby

#Getting Started

##Webpage:

<html>
<head>
    <title>Testing with Ruby and Selenium WebDriver</title>
</head>
 
<body bgcolor="antiquewhite">
@plentz
plentz / nginx.conf
Last active April 24, 2024 11:15
Best nginx configuration for improved security(and performance)
# to generate your dhparam.pem file, run in the terminal
openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048
@facultymatt
facultymatt / Procfile
Created April 12, 2013 16:23
Get Deployd running on Heroku!
web: node server