Skip to content

Instantly share code, notes, and snippets.

View rizend's full-sized avatar

R rizend

5 followers · 11 following
View GitHub Profile
@dylanmckay
dylanmckay / facebook-contact-info-summary.rb
Last active July 3, 2025 21:22
A Ruby script for collecting phone record statistics from a Facebook user data dump
#! /usr/bin/env ruby
# NOTE: Requires Ruby 2.1 or greater.
# This script can be used to parse and dump the information from
# the 'html/contact_info.htm' file in a Facebook user data ZIP download.
#
# It prints all cell phone call + SMS message + MMS records, plus a summary of each.
#
# It also dumps all of the records into CSV files inside a 'CSV' folder, that is created
@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active May 14, 2025 19:15 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@wtfaremyinitials
wtfaremyinitials / blog-49 writeup.md
Last active March 9, 2017 18:54
EasyCTF Writeup - 49 Shades

The challenge states that the image includes shades of gray, #000000 to #F5F5F5. Since all of the pixels are gray, all three bytes of each color will be identical, so only one needs to be considered.

#000000-#F5F5F5 leaves shades 0-245 possible, significantly more than the 50 shades the challenge includes. Dividing these possible shades up evenly, it can be reasonably assumed that each shade is 5 apart.

Next, I wrote a simple Javascript program which would find each possible shade in the image. The shade that is not found is clearly the missing one.

@willurd
willurd / web-servers.md
Last active October 19, 2025 02:28
Big list of http static server one-liners

Each of these commands will run an ad hoc http static server in your current (or specified) directory, available at http://localhost:8000. Use this power wisely.

Discussion on reddit.

Python 2.x

$ python -m SimpleHTTPServer 8000
@tobert
tobert / strings.txt
Created December 4, 2012 18:30
Hah!IdontNeedEFI!
(none) (OO-RESCUE) ~ # dd if=/dev/sda of=/tmp/test bs=1M count=1
1+0 records in
1+0 records out
1048576 bytes (1.0MB) copied, 0.448989 seconds, 2.2MB/s
(none) (OO-RESCUE) ~ # file /tmp/test
/tmp/test: data
(none) (OO-RESCUE) ~ # strings /tmp/test |more
ZRr=
`|f
\|f1
@codebrainz
codebrainz / c99.l
Created June 14, 2012 23:49
C99 Lex/Flex & YACC/Bison Grammars
D [0-9]
L [a-zA-Z_]
H [a-fA-F0-9]
E ([Ee][+-]?{D}+)
P ([Pp][+-]?{D}+)
FS (f|F|l|L)
IS ((u|U)|(u|U)?(l|L|ll|LL)|(l|L|ll|LL)(u|U))
%{
#include <stdio.h>
@mager
mager / spotify-apps-sandbox-Facebook_get_listening_history.js
Created February 10, 2012 20:07
Spotify Apps API - Get a user's listening history from Facebook (JS)
/* Instantiate the global sp object; include models & views */
var sp = getSpotifyApi(1);
var auth = sp.require('sp://import/scripts/api/auth');
var permissions = ['user_actions.music'];
var app_id = '126891607432106';
var request_url = 'https://graph.facebook.com/me/music.listens';
auth.authenticateWithFacebook(app_id, permissions, {
onSuccess : function(accessToken, ttl) {