BlackPan

#Wireless Penetration Testing Cheat Sheet

##WIRELESS ANTENNA

root@uceka:~# ifconfig wlan0mon down
root@uceka:~# iwconfig wlan0mon mode monitor
root@uceka:~# ifconfig wlan0mon up

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

There are times when you need to log off your Linux Desktop, and you want a process to run in the background. TMUX manages this very well.

For this example, let's suppose you're running a long running task like running rspecs on your project and it is 5pm, and you need to go home.

	<?php
	header("Content-Type: application/rss+xml; charset=utf-8");

	error_reporting(E_ALL);
	ini_set("display_errors", 0);

	define('STEAM_USER', $_GET['u']);
	define('LIST_URL', "http://steamcommunity.com/id/".STEAM_USER."/screenshots/?appid=0&sort=newestfirst&browsefilter=myfiles&view=grid");

	include('extlib/ganon/ganon.php');

	##########################################
	# To run:
	# curl -sSL https://gist.githubusercontent.com/sirkkalap/e87cd580a47b180a7d32/raw/d9c9ebae4f5cf64eed4676e8aedac265b5a51bfa/Install-Docker-on-Linux-Mint.sh \| bash -x
	##########################################

	# Check that HTTPS transport is available to APT
	if [ ! -e /usr/lib/apt/methods/https ]; then
	sudo apt-get update
	sudo apt-get install -y apt-transport-https
	fi

	#!/bin/bash

	user="CHANGEME"
	pages=$(curl -I https://api.github.com/users/$user/starred \| sed -nr 's/^Link:.page=([0-9]+)./\1/p')

	for page in $(seq 0 $pages); do
	curl "https://api.github.com/users/$user/starred?page=$page&per_page=100" \| jq -r '.[].html_url' \|
	while read rp; do
	git clone $rp
	done

	# Corsair headsets will stuck the apps on your linux system. This is due to wrong usb-mapping.

	# thx to http://www.c0urier.net/2016/corsair-gaming-void-usb-rgb-linux-fun

	# 1. open terminal
	# 2. type this and search the line with your headset
	lsusb


	# Get the USB ID of the headset and add it to xorg.conf:

	import requests
	import re
	import sys
	from multiprocessing.dummy import Pool


	def robots(host):
	r = requests.get(
	'https://web.archive.org/cdx/search/cdx\
	?url=%s/robots.txt&output=json&fl=timestamp,original&filter=statuscode:200&collapse=digest' % host)

	# to generate your dhparam.pem file, run in the terminal
	openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048

	import requests
	import sys
	import json


	def waybackurls(host, with_subs):
	if with_subs:
	url = 'http://web.archive.org/cdx/search/cdx?url=.%s/&output=json&fl=original&collapse=urlkey' % host
	else:
	url = 'http://web.archive.org/cdx/search/cdx?url=%s/*&output=json&fl=original&collapse=urlkey' % host