ourren ourren

## decryptchromecookies.py
#Based off https://gist.github.com/DakuTree/98c8362fb424351b803e & pieces of https://gist.github.com/jordan-wright/5770442
from os import getenv
from shutil import copyfile
import sqlite3
import win32crypt #https://sourceforge.net/projects/pywin32/

# Copy Cookies to current folder
copyfile(getenv("APPDATA") + "/../Local/Google/Chrome/User Data/Default/Cookies", './Cookies')

# Connect to the Database

## Wannacrypt0r-FACTSHEET.md

      
              1 file
            
          
              0 forks
            
          
              0 comments
            
          
              0 stars
            
          
                ourren
                / Wannacrypt0r-FACTSHEET.md
            
            
              Created
              May 13, 2017 06:27
                — forked from Epivalent/Wannacrypt0r-FACTSHEET.md
            
          
    WannaCry|WannaDecrypt0r NSA-Cybereweapon-Powered Ransomware Worm


Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.

SECURITY BULLETIN AND UPDATES HERE: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx
Malware samples


## 360 not with get or post.list
/robots.txt
/index.php?a=1%3Cscript%3Ealert(abc)%3C/script%3E
/nevercouldexistfilenosec
/nevercouldexistfilewebsec
/nevercouldexistfilenosec.aspx
/nevercouldexistfilewebsec.aspx
/nevercouldexistfilenosec.shtml
/nevercouldexistfilewebsec.shtml
/nevercouldexistfilenosec/
/nevercouldexistfilewebsec/

## XSS Protection in 5 common contexts
<?php

    /**
     * XSS protection function for HTML context only
     * @usecases
     * <title>use this function if output reflects here or as a content of any HTML tag.</title>
     * e.g.,  <span>use this function if output reflects here</span>
     * e.g., <div>use this function if output reflects here</div>
     * @description
     * Sanitize/Filter < and > so that attacker can not leverage them for JavaScript execution.
	#Based off https://gist.github.com/DakuTree/98c8362fb424351b803e & pieces of https://gist.github.com/jordan-wright/5770442
	from os import getenv
	from shutil import copyfile
	import sqlite3
	import win32crypt #https://sourceforge.net/projects/pywin32/

	# Copy Cookies to current folder
	copyfile(getenv("APPDATA") + "/../Local/Google/Chrome/User Data/Default/Cookies", './Cookies')

	# Connect to the Database
	/robots.txt
	/index.php?a=1%3Cscript%3Ealert(abc)%3C/script%3E
	/nevercouldexistfilenosec
	/nevercouldexistfilewebsec
	/nevercouldexistfilenosec.aspx
	/nevercouldexistfilewebsec.aspx
	/nevercouldexistfilenosec.shtml
	/nevercouldexistfilewebsec.shtml
	/nevercouldexistfilenosec/
	/nevercouldexistfilewebsec/
	<?php

	/**
	* XSS protection function for HTML context only
	* @usecases
	* <title>use this function if output reflects here or as a content of any HTML tag.</title>
	* e.g., <span>use this function if output reflects here</span>
	* e.g., <div>use this function if output reflects here</div>
	* @description
	* Sanitize/Filter < and > so that attacker can not leverage them for JavaScript execution.