Skip to content

Instantly share code, notes, and snippets.

View Kernal-GH's full-sized avatar

Kernal Kernal-GH

5 followers · 70 following
View GitHub Profile
@Kernal-GH
Kernal-GH / Keycodes.swift
Created January 15, 2020 07:17 — forked from swillits/Keycodes.swift
Swift Keyboard Keycodes
struct Keycode {
// Layout-independent Keys
// eg.These key codes are always the same key on all layouts.
static let returnKey : UInt16 = 0x24
static let enter : UInt16 = 0x4C
static let tab : UInt16 = 0x30
static let space : UInt16 = 0x31
static let delete : UInt16 = 0x33
static let escape : UInt16 = 0x35
@Kernal-GH
Kernal-GH / Wannacrypt0r-FACTSHEET.md
Created May 13, 2017 03:20 — forked from rain-1/Wannacrypt0r-FACTSHEET.md

WannaCry|WannaDecrypt0r NSA-Cybereweapon-Powered Ransomware Worm

  • Virus Name: WannaCrypt, WannaCry, WanaCrypt0r, WCrypt, WCRY
  • Vector: All Windows versions before Windows 10 are vulnerable if not patched for MS-17-010. It uses EternalBlue MS17-010 to propagate.
  • Ransom: between $300 to $600. There is code to 'rm' (delete) files in the virus. Seems to reset if the virus crashes.
  • Backdooring: The worm loops through every RDP session on a system to run the ransomware as that user. It also installs the DOUBLEPULSAR backdoor. (source: malwarebytes)
  • Kill switch: If the website www.iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com is up the virus exits instead of infecting the host. (source: malwarebytes). This domain has been sinkholed, stopping the spread of the worm.

SECURITY BULLETIN AND UPDATES HERE: https://technet.microsoft.com/en-us/library/security/ms17-010.aspx https://blog.malwarebytes.com/threat-analysis/2017/05/the-worm-that-spreads-wanacrypt0r/