Remember to unzip the .docx first, or use scan.sh.
Compile the yara rule for scan.sh to work
yarac canarytoken.yar canarytoken
Remember to unzip the .docx first, or use scan.sh.
Compile the yara rule for scan.sh to work
yarac canarytoken.yar canarytoken
#include "stdafx.h" | |
#include <windows.h> | |
#include <Winbase.h> | |
#include <Wtsapi32.h> | |
#include <Userenv.h> | |
#include <malloc.h> | |
#pragma comment(lib, "Wtsapi32.lib") | |
#pragma comment(lib, "Userenv.lib") |
const puppeteer = require('puppeteer'); | |
(async () => { | |
const browser = await puppeteer.launch(); | |
const page = await browser.newPage(); | |
// Adjustments particular to this page to ensure we hit desktop breakpoint. | |
page.setViewport({width: 1000, height: 600, deviceScaleFactor: 1}); | |
await page.goto('https://www.chromestatus.com/samples', {waitUntil: 'networkidle'}); |
www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com
is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm. Will not work if proxied (source).update: A minor variant of the viru
// (c) 2017 Yami Odymel | |
// This code is licensed under MIT license. | |
package main | |
import ( | |
"fmt" | |
"html" | |
"strconv" | |
) |
function Invoke-MS16-032 { | |
<# | |
.SYNOPSIS | |
PowerShell implementation of MS16-032. The exploit targets all vulnerable | |
operating systems that support PowerShell v2+. Credit for the discovery of | |
the bug and the logic to exploit it go to James Forshaw (@tiraniddo). | |
Targets: | |
package main | |
import ( | |
"flag" | |
"fmt" | |
"time" | |
) | |
// Fake a long and difficult work. | |
func DoWork() { |
#!/bin/python | |
import requests | |
import threading | |
import os | |
API_KEY = "XXXXXXXXXXXXXXXXX" | |
QUERY = "port:5900 authentication" | |
class VNCSnapshot(threading.Thread): |
from BaseHTTPServer import BaseHTTPRequestHandler, HTTPServer | |
import json | |
class WebHook(BaseHTTPRequestHandler): | |
def do_POST(self): | |
self.send_response(200) | |
self.end_headers() | |
print json.dumps(json.loads(self.rfile.read(int(self.headers.getheader('content-length')))), indent=4) | |
server = HTTPServer(('0.0.0.0', 8000), WebHook) |
If you want to get the difference between two branches, say master and branch-name, use the following command:
git diff master..branch-name
If you want that same diff in a patch, because patches are handy, just add the output redirect:
git diff master..branch-name > branch-name.patch
If you need to import that patch into something like Crucible then you'll need to get rid of the a and b prefixes that git adds:
git diff --no-prefix master..branch-name > branch-name.patch