Skip to content

Instantly share code, notes, and snippets.

View tuankiet65's full-sized avatar

Kiet Ho tuankiet65

60 followers · 16 following
View GitHub Profile
@rain-1
rain-1 / Wannacrypt0r-FACTSHEET.md
Last active March 30, 2025 17:12 — forked from Epivalent/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cyberweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. It corrupts shadow volumes to make recovery harder. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).

update: A minor variant of the viru

@klange
klange / PDF ISO Hybrid.md
Last active March 11, 2025 22:11

Making a PDF + Bootable ISO Hybrid Polyglot

If you've not seen my résumé, that is what this post is about, and you should probably look at it first to get an idea of what's happening.

A Tale of Two Files

PDF and ISO9660 are two very different file formats. PDF is actually a surprisingly human-readable (but, sadly, not very human-writable) plain-text format, technically descended from PostScript. PDF is not very forgiving on changes, as it stores tables of offsets to various elements, so it is very difficult to insert or remove content manually without going through a robust PDF manipulation library.

ISO9660 is a disk filesystem, meant to be written once and read many times on many different kinds of hardware. As it is sector-based, it expects data structures to be at particular absolute offsets.

@joepie91
joepie91 / index.js
Last active December 17, 2024 10:45
Breaking CloudFlare's "I'm Under Attack" challenge
'use strict';
const parseExpression = require("./parse-expression");
function findAll(regex, target) {
let results = [], match;
while (match = regex.exec(target)) {
results.push(match);
}
@epixoip
epixoip / 8x1080.md
Last active November 3, 2024 15:42
8x Nvidia GTX 1080 Hashcat Benchmarks
@subfuzion
subfuzion / curl.md
Last active May 8, 2025 13:29
curl POST examples

Common Options

-#, --progress-bar Make curl display a simple progress bar instead of the more informational standard meter.

-b, --cookie <name=data> Supply cookie with request. If no =, then specifies the cookie file to use (see -c).

-c, --cookie-jar <file name> File to save response cookies to.

@dropmeaword
dropmeaword / browser_history.md
Last active March 30, 2025 06:03
Playing around with Chrome's history

Browser histories

Unless you are using Safari on OSX, most browsers will have some kind of free plugin that you can use to export the browser's history. So that's probably the easiest way. The harder way, which seems to be what Safari wants is a bit more hacky but it will also work for other browsers. Turns out that most of them, including Safari, have their history saved in some kind of sqlite database file somewhere in your home directory.

The OSX Finder cheats a little bit and doesn't show us all the files that actually exist on our drive. It tries to protect us from ourselves by hiding some system and application-specific files. You can work around this by either using the terminal (my preferred method) or by using the Cmd+Shft+G in Finder.

Finder

Once you locate the file containing the browser's history, copy it to make a backup just in case we screw up.

@alessonforposterity
alessonforposterity / drgn.txt
Created April 12, 2015 04:43
Abandon all hope, ye who enter here
This file has been truncated, but you can view the full file.
//Dr. Seuss once wrote, "IF." He meant, "If you give a fuck, maybe,
//JUST MAYBE, you can change this shitty world in some small way for
//the better." I might've been an writer of children's books someday,
//but instead, I decided to make this. So in lieu of The Lorax,
//let's call this The Dragon, and have my word be, "DON'T." As in,
//"Don't do something stupid like this the way I did, you jackass."
//But the truth is humans are very stubborn creatures. You probably
//won't listen to my advice and, chances are, neither will I.
//This is just an excerpt of the source code for DRAGON: A Game About
@Grumblesaur
Grumblesaur / itoa.cpp
Created April 8, 2015 03:43
From a bad code discussion on cplusplus.com
char * itoa(int i,unsigned base){
static char s[sizeof(int)*8+2];
char*t=s+sizeof(int)*8;
int sgn=i>=0?1:-1;
i/=sgn;
do*t--="0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ\
abcdefghijklmnopqrstuvwxyz+/"[i%base];while(i/=base,i>0);
if(sgn<0)*t='-';
else++t;
return t;
@rodricios
rodricios / summarize.py
Last active November 18, 2020 17:21
Flipboard's summarization algorithm, sort of
#!/usr/bin/env python
# -*- coding: utf-8 -*-
"""
pip install networkx distance pattern
In Flipboard's article[1], they kindly divulge their interpretation
of the summarization technique called LexRank[2].
@gavinandresen
gavinandresen / BlockPropagation.md
Last active June 28, 2024 08:17
O(1) block propagation

O(1) Block Propagation

The problem

Bitcoin miners want their newly-found blocks to propagate across the network as quickly as possible, because every millisecond of delay increases the chances that another block, found at about the same time, wins the "block race."