Skip to content

Instantly share code, notes, and snippets.

openpgp4fpr:59649E4CF709CD8FB047F4CE2FD6EDB063CA9853

# Last Modified: Thu Jun 8 22:06:17 2023
include <tunables/global>
# vim:syntax=apparmor
# AppArmor policy for main.sh
# ###AUTHOR### The Fight Against Malware
# ###COPYRIGHT### MIT License
# ###COPYRIGHT### Copyright (c) 2022 thefightagainstmalware on github.com
# ###COPYRIGHT### Permission is hereby granted, free of charge, to any person obtaining a copy
# ###COPYRIGHT### of this software and associated documentation files (the "Software"), to deal
import { parse } from "https://deno.land/[email protected]/flags/mod.ts";
interface Indexable {
[index: number]: number;
length: number;
}
const args = parse(Deno.args);
if (args.help || args.program === undefined) {

Things to remember when using Linux

Directories need to be executable to be used

pandaninjas@kaptop:/tmp$ mkdir test
pandaninjas@kaptop:/tmp$ chmod 600 test/
pandaninjas@kaptop:/tmp$ ls -lah test
ls: cannot access 'test/.': Permission denied
ls: cannot access 'test/..': Permission denied
total 0

SkyRage mod malware writeup

The jar is located at my malware-samples repository
The malicious class is decompiled here.

/* Decompiler 17ms, total 158ms, lines 115 */
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.IOException;
import java.io.InputStream;
#!/bin/bash
#
# Resolve the location of the installation.
# This includes resolving any symlinks.
PRG=$0
while [ -h "$PRG" ]; do
ls=`ls -ld "$PRG"`
link=`expr "$ls" : '^.*-> \(.*\)$' 2>/dev/null`
if expr "$link" : '^/' 2> /dev/null >/dev/null; then
PRG="$link"
I want you to act as a Linux terminal. I will type commands and you will reply with what the terminal should show. I want you to only reply with the terminal output inside one unique code block, and nothing else. Please pretend as if there is a filesystem, even though I understand you cannot truly write to the disk. Please also emulate network requests, even though you cannot truly make network requests. Do not write explanations. Do not type commands unless I instruct you to do so. When I need to tell you something in English I will do so by putting text inside curly brackets {like this}. My first command is pwd.
@pandaninjas
pandaninjas / bot.py
Created October 25, 2022 21:03
TFAM mod bot
from typing import Optional
import discord, os
from dotenv import load_dotenv
load_dotenv()
GUILD_ID = int(os.getenv("GUILD_ID"))
TRUSTED_ROLE_ID = int(os.getenv("TRUSTED_ROLE_ID"))
SUPPORTER_ROLE_ID = int(os.getenv("SUPPORTER_ROLE_ID")) # ;)
AUDIT_CHANNEL_ID = int(os.getenv("AUDIT_CHANNEL_ID"))