You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This gist has already been reported multiple times and it has already been recovered for legitimate reasons. This gist is not harmful in any way. Thank you. (Actually, you should probably thank me !)
Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).
How to replace the Vodafone Station with your very own router
Vodafone forces its customers to use their modem/router, the "Vodafone Station": using any other router is impossible because authentication is being done via a custom PPPoE setup.
In the PPPoE packet there is a field named Host-Uniq which is used to separate packets from different PPPoE sessions: Vodafone requires the Station serial number to be put in this field as authentication.
Hardware setup
A Linux router with root access is needed to replace the Station with. With an xDSL connection a modem with a custom firmware like OpenWrt has to be used, most likely one based on a Lantiq SoC.
For a FTTH internet connection then every machine with at least two gigabit ethernet interface and a decent CPU will do it.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Simple example of upserting records in a CKAN Datastore
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This example show how to load some data from ARPA Emilia-Romagna WFS and WMS using Leaflet, OpenLayers (as a GML parser) and jQuery.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Bare minimum Chrome extension to inject a JS file into the given page when you click on the browser action icon. The script then inserts a new div into the DOM.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Generate a MP4 Video for your Git project commits using Gource!
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters