nuvious

#!/bin/bash
if [ "$#" -ne 2 ]; then
    echo "Usage: brute_volatility.sh [MEMDUMP FILE] [PLUGIN FILTER]"
    echo "       ex: brute_volatility.sh mydump.mem windows"
fi
python3 -m venv .venv
source .venv/bin/activate
mkdir -p analysis
if [ ! -d volatility3 ]; then
    git clone https://github.com/volatilityfoundation/volatility3.git

nuvious

---
apiVersion: v1
data:
  liveness.sh: |
    #!/bin/bash
    
    # Get list of nfs mounts
    temp_file=$(mktemp)
    # May need to change to nfs depending on base image
    mount -t nfs4 > "$temp_file"

nuvious

#!/bin/bash
# Template Configuration:
# ~/.config/autostart/auto-rotate.desktop
#
# [Desktop Entry]
# Type=Application
# Exec=sh -c "export DEVICE=eDP && /usr/bin/auto-rotate" # Change device identifier here
# Hidden=false
# NoDisplay=false
# X-GNOME-Autostart-enabled=true

nuvious

"""
An implementation of the encoding used by Clock [1], a timing based covert
channel which converts a binary string into a sequence of N packets to be sent
over X flows. It is assumed that the values N, X, and the number of bits per
message are agreed upon ahead of time. The bit string is converted to an
unsigned integer value, which is used as the rank [2] for the reverse-sorted
distribution. The distribution is then computed from this rank and each of X
tcp flows has N packets sent with each flow waiting for N acknowledgements
before attempting to receive the next message. On the receiving end, the number
of TCP handshakes is counted and the number of packets sent are also counted to

nuvious

"""
I wrote this for a course I was in where we had a group of 6 that had to give
presentations over 3 modules (0, 1, and 2) with each module having 2 papers we
needed to present on.

As a group we decided to pair up so 2 people would generate the presentations
for a single module, working together to make slides for the 2 papers.

The question then comes how to pair people up so they are most satisfied with
their pairings (none of us are co-located because it's an online course). This

nuvious

Windows Registry Editor Version 5.00

; References:
; https://learn.microsoft.com/en-us/windows/client-management/mdm/policy-csp-windowsai#turnoffwindowscopilot
; 
; Only works on non-Home editions of Windows 11 (Pro and up)
; Requires a restart
; If this becomes out of date please comment with any corrections to key/value path information and @-me so I can correct it.

[HKEY_CURRENT_USER\Software\Policies\Microsoft\Windows\WindowsCopilot]

nuvious

#!/bin/bash
# A helper script to define ANSI code and provide 'echo' and 'printf' functions to printf/echo ansi strings

# Usage:
#     source bash_ansi_color.sh
#     printf_ansi "This is BOLD AND RED\n" $ANSI_TEXT_BOLD_RED
#     echo_ansi "Echo applies newlines!" $ANSI_TEXT_UNDERLINE_PURPLE $ANSI_BACKGROUND_YELLOW

# Derrived from AHaymond's README on ANSI color codes
# https://gist.github.com/AHaymond/e96f00ed0ba64a9af419296bf852c5bb

nuvious

Just a demo payload that utilizes 'living off the land'.

nuvious

"""
sha1 and md5 are both known to have collision attacks where an malicious
actor can craft a file with the same hash to inject code or modify
configurations unnoticed. The means integrity checking with only sha1 and
md5 are a bad idea, but good luck to any attacker trying to make a collision
for 2 algorithms at the same time! This is the meme implementation of that
as a lambda function for the lol.
"""

from hashlib import md5, sha1

nuvious