sunetos

#!/usr/bin/env python

__author__ = 'Adam R. Smith ([email protected])'

# Loop from 0 through 99. Need zero-based for the later cyclic bit-shifting.
for x in xrange(100):
    # There are 4 possible outputs on each iteration of the loop.
    # 4 possibilities requires 2 bits to store (0, 1, 2, 3):
    # 0 == 00b == the number (x + 1)
    # 1 == 01b == 'Fizz' when a multiple of just 3

nickbutcher

<?xml version="1.0" encoding="utf-8"?>
<!--
  Copyright (C) 2015 The Android Open Source Project

  Licensed under the Apache License, Version 2.0 (the "License");
  you may not use this file except in compliance with the License.
  You may obtain a copy of the License at

      http://www.apache.org/licenses/LICENSE-2.0

CXXN008

# Current Version 41
#http://htcui.com

#xda-developers hosts 2014 by htcui.com
207.244.72.9 cdn1.xda-developers.com 
207.244.72.9 cdn2.xda-developers.com 
207.244.72.9 cdn3.xda-developers.com 
207.244.72.9 cdn4.xda-developers.com

::1   localhost

nathan-osman

package main

import (
	"log"
	"syscall"
	"unsafe"
)

var (
	kernel32 = syscall.NewLazyDLL("kernel32.dll")

rain-1

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

• Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
• Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
• Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
• Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
• Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru