Первоначально задача возникла в https://t.me/haskellru и формулировалась примерно так: почему следующий код на Haskell
-
namespaces - overview of Linux namespaces http://man7.org/linux/man-pages/man7/namespaces.7.html
-
mount_namespaces - overview of Linux mount namespaces
------------------------- MODULE GryadkaCasRegister ------------------------- | |
EXTENDS Integers, Sequences, FiniteSets | |
----------------------------------------------------------------------------- | |
\* Timestamps is the set of possible timestamps for operations to choose from. | |
\* Each operation uses a unique timestamp. | |
\* Values is the set of possible values to set the register to. | |
\* Acceptors is the set of nodes which act as acceptors in the paxos sense. | |
\* Quorums is the set of all possible quorums, typically simple majorities. | |
CONSTANTS Timestamps, Values, Acceptors, Quorums |
- Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
- Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
- Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
- Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
- Kill switch: If the website
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).
update: A minor variant of the viru
Just run this from your Mac terminal and it'll drop you in a container with full permissions on the Docker VM. This also works for Docker for Windows for getting in Moby Linux VM (doesn't work for Windows Containers).
docker run -it --rm --privileged --pid=host justincormack/nsenter1
more info: https://github.com/justincormack/nsenter1
This is a modified version of Installing Arch Linux on an LUKS Encrypted root and booting from UEFI.
Using perf:
$ perf record -g binary
$ perf script | stackcollapse-perf.pl | rust-unmangle | flamegraph.pl > flame.svg
NOTE: See @GabrielMajeri's comments below about the
-g
option.
These are my notes for connecting to a meraki client vpn from ubuntu 16.04. This configuration assumes you are using a psk for the ipsec auth.
Install the following packages:
apt-get install -y strongswan xl2tpd
Configure strong swan
Salvaged from Google Cache of http://www.lps-it.fr/blog/20151218-signal-handling-and-ruby.html
December 18, 2015
Linux Ruby
Since version 2.0.0, signal handling in Ruby can be tricky. I bet if you're here, it's because you've seen this error message :
print("UPDATE AUG 2023: this script is beyond old and broken") | |
print("You may find interesting and more up to date resources in the comments of the gist") | |
exit() | |
from slacker import Slacker | |
import json | |
import argparse | |
import os | |
# This script finds all channels, private channels and direct messages |