Skip to content

Instantly share code, notes, and snippets.

View tuantmb's full-sized avatar
😹

Tuan T tuantmb

😹
  • Vietnam
View GitHub Profile
@tuantmb
tuantmb / Remove_Disable_Apparmor.md
Created February 24, 2018 08:24
Short guide to remove/disable apparmor
@tuantmb
tuantmb / Wannacrypt0r-FACTSHEET.md
Created April 5, 2018 04:15 — forked from rain-1/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@tuantmb
tuantmb / bitsadmin.md
Created July 5, 2018 01:39 — forked from rosswd/bitsadmin.md
Use bitsadmin to download via the command line on Windows 7 (8?)

Download via the command line on Windows 7

If you want to test your connection or have some other reason to use the command line to download a file, this is how.

See http://superuser.com/a/284147 for more information.

Open cmd.exe and use this format:

bitsadmin /transfer debjob /download /priority normal http://cdimage.debian.org/debian-cd/current-live/i386/iso-hybrid/debian-live-8.7.1-i386-xfce-desktop.iso D:\Users\[Username]\Downloads\debian-live-8.7.1-i386-xfce-desktop.iso
@tuantmb
tuantmb / WebSockets.md
Created July 17, 2018 02:38 — forked from subudeepak/WebSockets.md
The problems and some security implications of websockets - Cross-site WebSockets Scripting (XSWS)

WebSockets - An Introduction

WebSockets is a modern HTML5 standard which makes communication between client and server a lot more simpler than ever. We are all familiar with the technology of sockets. Sockets have been fundamental to network communication for a long time but usually the communication over the browser has been restricted. The general restrictions

  • The server used to have a permanent listener while the client (aka browser) was not designated any fixed listener for a more long term connection. Hence, every communication was restricted to the client demanding and the server responding.
  • This meant that unless the client requested for a particular resource, the server was unable to push such a resource to the client.
  • This was detrimental since the client is then forced to check with the server at regular intervals. This meant a lot of libraries focused on optimizing asynchronous calls and identifying the response of asynchronous calls. Notably t
@tuantmb
tuantmb / rsa.py
Created August 29, 2018 11:57 — forked from tylerl/rsa.py
RSA Explained in Python
#!/usr/bin/env python
# This example demonstrates RSA public-key cryptography in an
# easy-to-follow manner. It works on integers alone, and uses much smaller numbers
# for the sake of clarity.
#####################################################################
# First we pick our primes. These will determine our keys.
#####################################################################
@tuantmb
tuantmb / nvidia_umet.md
Created September 13, 2018 15:57
@tuantmb
tuantmb / firewalld.md
Created December 28, 2018 04:19 — forked from frengky/firewalld.md
FirewallD command line snippets for Linux

FirewallD command line snippets for Linux

Create new zone identified by an IP Address or interface This 'example' zone rules will applied to the connection from 192.168.1.2

  $ firewall-cmd --list-all-zones
  $ firewall-cmd --permanent --new-zone=example
  $ firewall-cmd --permanent --zone=example --add-source=192.168.1.2
  $ firewall-cmd --zone=example --list-sources
@tuantmb
tuantmb / nmap_ip_mac_vendor.sh
Created January 3, 2019 01:16
Nmap script to scan network and output with format IP, Mac, Vendor
nmap -sP 192.168.0.0/24 | grep -v "Host" | tail -n +3 | tr '\n' ' ' | sed 's|Nmap|\nNmap|g' | grep "MAC Address" | cut -d " " -f5,8-15 | grep ^[0-9].*
# the last grep to avoid invalid format (valid format is beginning with an IP)
@tuantmb
tuantmb / autoconfig_with_nmap.sh
Last active January 3, 2019 01:26
#!/bin/bash
### Credit: Sorry that I forget the pastebin link :(
# Scipt to configure VTech 2-Line Contemporary SIP Cordless Phone (Hotel Models)
# The VTech SIP phones are linux based devices (but limited in commands)
# and can connect to a tftp server with the 'tftp' command.
#
# The tftp command is used to download the configuration
# files from an active tftp server.
#
# This will save time as only you need to configure one device, download
@tuantmb
tuantmb / LICENCE SUBLIME TEXT
Created January 13, 2019 15:44
Sublime Text 3 Serial key build is 3176
## Sublime Text 3 Serial key build is 3176
> * Added these lines into /etc/hosts
127.0.0.1 www.sublimetext.com
127.0.0.1 license.sublimehq.com
> * Used the license key
----- BEGIN LICENSE -----