netmaniac

#!/usr/bin/python
# -*- coding: UTF-8 -*-

import serial, time, struct, array
from datetime import datetime

ser = serial.Serial()
ser.port = "/dev/ttyUSB0" # Set this to your serial port
ser.baudrate = 9600

rain-1

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

• Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
• Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
• Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
• Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
• Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

jFransham

Achieving warp speed with Rust

Contents:

• Number one optimization tip: don't
• Never optimize blindly
• Don't bother optimizing one-time costs
• Improve your algorithms
• CPU architecture primer
• Keep as much as possible in cache
• Keep as much as possible in registers

omiq

import time
import RPi.GPIO as GPIO

# We are going to use the BCM numbering
GPIO.setmode(GPIO.BCM)

# Set pin 26 as input using pull up resistor
GPIO.setup(26, GPIO.IN, pull_up_down=GPIO.PUD_UP)

wybiral

#include <BLEAdvertisedDevice.h>
#include <BLEDevice.h>
#include <BLEScan.h>

const int PIN = 2;
const int CUTOFF = -60;

void setup() {
  pinMode(PIN, OUTPUT);
  BLEDevice::init("");

dpapathanasiou

Based on the Host communication instructions, but with a tweak for when the usb0 address is not found:

$ /sbin/ip link set usb0 up
Cannot find device "usb0"

Because of the predictable network interface name scheme, though, usb0 may be renamed to something else:

ilyaigpetrov

You may buy it by this affiliate link on aliexpress store.

About F3

http://oss.digirati.com.br/f3/

f3 - Fight Flash Fraud

W3ndige

Script and the decoded strings from the EKANS/Snake ransomware. Original script written by @sysopfb - I've only modified the regexp to cover all cases where decryption was used in the sample.

Script:

import re
import sys
import pefile
import struct

tothi

Certifried combined with KrbRelayUp

Certifried (CVE-2022-26923) gives Domain Admin from non-privileged user with the requirement adding computer accounts or owning a computer account. Kerberos Relay targeting LDAP and Shadow Credentials gives a non-privileged domain user on a domain-joined machine local admin access on (aka owning) the machine. Combination of these two: non-privileged domain user escalating to Domain Admin without the requirement adding/owning computer accounts.

The attack below uses only Windows (no Linux tools interacting with the Domain), simulating a real-world attack scenario.

Prerequisites:

seflless

ChatGPT Builds A Rudimentary Whiteboarding App

Here's the conversation I had collaborating with ChatGPT to build a basic diagramming app.

Features

• Canvas based rendering
• You can create rectangles (click to create a rectangle)
• You can move rectangles (click on Move Rectangle)
• You can change the fill color of rectangles (Click on Change Color, then click on a rectangle to randomly assign it a fill color)

Notes