Skip to content

Instantly share code, notes, and snippets.

View simonsmh's full-sized avatar
🐟
Fish-touching

Simon Shi simonsmh

🐟
Fish-touching
  • Shanghai, China
  • 06:14 (UTC +08:00)
View GitHub Profile
@niw
niw / README.en.md
Last active October 24, 2024 03:04
How to run Windows 10 on ARM or Ubuntu for ARM64 in QEMU on Apple Silicon Mac

How to run Windows 10 on ARM or Ubuntu for ARM64 in QEMU on Apple Silicon Mac

Here is easy steps to try Windows 10 on ARM or Ubuntu for ARM64 on your Apple Silicon Mac. Enjoy!

NOTE: that this is current, 10/1/2021 state.

Running Windows 10 on ARM

  1. Install Xcode from App Store or install Command Line Tools on your Mac
@victor-perez
victor-perez / git.bat
Last active August 1, 2024 21:06
Use WSL git inside VS Code from Windows 10 17046
@echo off
setlocal ENABLEEXTENSIONS ENABLEDELAYEDEXPANSION
::this also support calls that contains a absolute windows path
::check of one of the params contain a absolute windows path
echo.%* | findstr /r /c:"[a-z]:[\\/]" > nul
if %errorlevel% == 1 (
::if not just git with the given parameters
call :git %*
var CryptoJS = require('crypto-js')
var request = require('request-promise')
/*
* npm install crypto-js request-promise request
* node wx_t1t_hack.js
*/
// export function testEncription(msg, fullKey) {
// var fullKey = fullKey.slice(0, 16)
@isjerryxiao
isjerryxiao / player.py
Last active September 28, 2017 13:40
Play a series of converted images on a single max7219 8x8 led matrix. https://github.com/rm-hull/luma.led_matrix
#!/usr/bin/env python3
# -*- coding: utf-8 -*-
import os, sys, time, threading
from luma.core.interface.serial import spi, noop
from luma.led_matrix.device import max7219
from PIL import Image
interval=1/30

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru