ransomware except in addition to encrypting data it plays a 10 hour supercut of all yotubes worst jarjar binks impressions and zingers forever until they pay
-
ransomware except that it specifically finds any machines that still have diskette drives in them and plays the mexican hat dance, the imperial march, or the mario theme on them either until their stepper motors burn out, or the ransom is paid
ransomware except, stuxnet style, specifically looks for any computers that are interfaces to mainframes, are mainframe adjacent, or otherwise in a critical workflow path, pauses all the queues in the mainframe, empies them, then rms all the regular computers. doesnt even aim for a ransom. overwrites the bootloader with the nyancat one, except instead of a cat its the fight club bar of soap
-
@Viss oh this is awful
@winterknight1337 it gets worse
-
ransomware except that it specifically finds any machines that still have diskette drives in them and plays the mexican hat dance, the imperial march, or the mario theme on them either until their stepper motors burn out, or the ransom is paid
@Viss How about
import subprocess
import timeCMD = ["eject", "-t"]
DELAY_SECONDS = 1.0def main():
while True:
try:
subprocess.run(CMD, check=False)
except Exception:
# ignore errors and continue
pass
time.sleep(DELAY_SECONDS)if __name__ == "__main__":
main() -
@Viss they’re super nice! Only issue is that they’re written in C, so if they crash they take your payload down with it, but they’re designed to avoid cobalt strike’s fork and run behaviors. But generally speaking, it’s a stealthier way to expand C2 payloads.
@winterknight1337 oh.. some shit crashing your payload you say?
and it takes down some more shit with it you say?
OH WHAT EVER DO YOU MEANhttps://github.com/EmpireProject/Empire/issues/589
-
ransomware except, stuxnet style, specifically looks for any computers that are interfaces to mainframes, are mainframe adjacent, or otherwise in a critical workflow path, pauses all the queues in the mainframe, empies them, then rms all the regular computers. doesnt even aim for a ransom. overwrites the bootloader with the nyancat one, except instead of a cat its the fight club bar of soap
@Viss we’ve got new bootloader overwrites now too!
-
@Viss we’ve got new bootloader overwrites now too!
@winterknight1337 show me
-
@Viss How about
import subprocess
import timeCMD = ["eject", "-t"]
DELAY_SECONDS = 1.0def main():
while True:
try:
subprocess.run(CMD, check=False)
except Exception:
# ignore errors and continue
pass
time.sleep(DELAY_SECONDS)if __name__ == "__main__":
main()@scottwilson can ... can laptops do the pc speaker beep anymore? is that even still a thing?
-
ransomware except it signs absolutely every single person in the company who has an email address up to the elon musk fan club
@Viss I'll fork it to make it even worse. Not only do you get signed up for the Elmo fan club, you'll also get texted a different photo of Ian Miles Cheong every day.
-
@scottwilson can ... can laptops do the pc speaker beep anymore? is that even still a thing?
@Viss Oooh that would be great. I don't know!
-
@scottwilson can ... can laptops do the pc speaker beep anymore? is that even still a thing?
@Viss @scottwilson I don't know about laptops, but my ali-express chinesium pfSense router can.
-
R relay@relay.infosec.exchange shared this topic
-
@Viss I'll fork it to make it even worse. Not only do you get signed up for the Elmo fan club, you'll also get texted a different photo of Ian Miles Cheong every day.
@Viss please, for your own mental health, don't attempt to visualize what this might be like.
-
@Viss @scottwilson I don't know about laptops, but my ali-express chinesium pfSense router can.
@da_667 @scottwilson HOLY FUCK YES OH MY GOD
-
ransomware except that it specifically finds any machines that still have diskette drives in them and plays the mexican hat dance, the imperial march, or the mario theme on them either until their stepper motors burn out, or the ransom is paid
h/t @da_667
da_667 (@da_667@infosec.exchange)
@Viss@mastodon.social @scottwilson I don't know about laptops, but my ali-express chinesium pfSense router can.
Infosec Exchange (infosec.exchange)
malware except it only infects networking appliances that can make pc speaker beeps and boops and forces them to loop through a cacophany of all the shit we used to play on the pc speaker as kids.
mario, doom music, heretic music, descent, star wars, various shit from the mod days -
@winterknight1337 show me
@Viss the only one I have a picture of is we found a payload that overwrites a bootloader with flappy bird, I’ve got it as a one liner (and more) that I can send you
-
@Viss the only one I have a picture of is we found a payload that overwrites a bootloader with flappy bird, I’ve got it as a one liner (and more) that I can send you
@winterknight1337 this is fucking spectacular
-
@winterknight1337 this is fucking spectacular
@Viss one of our new guys found it and I was so, so happy.
-
@winterknight1337 oh.. some shit crashing your payload you say?
and it takes down some more shit with it you say?
OH WHAT EVER DO YOU MEANhttps://github.com/EmpireProject/Empire/issues/589
@winterknight1337 someone, i dont remember who, made this after that, and it has been the wallpaper of my old crusty mac ever since.
-
@scottwilson can ... can laptops do the pc speaker beep anymore? is that even still a thing?
@Viss @scottwilson Ubuntu is really obnoxious if you remove pcspkr from the modules blacklist
-
@Viss @scottwilson Ubuntu is really obnoxious if you remove pcspkr from the modules blacklist
@schrotthaufen @scottwilson how many companies have onsite servers now that they can actually hear?
-
h/t @da_667
da_667 (@da_667@infosec.exchange)
@Viss@mastodon.social @scottwilson I don't know about laptops, but my ali-express chinesium pfSense router can.
Infosec Exchange (infosec.exchange)
malware except it only infects networking appliances that can make pc speaker beeps and boops and forces them to loop through a cacophany of all the shit we used to play on the pc speaker as kids.
mario, doom music, heretic music, descent, star wars, various shit from the mod daysransomware except it transposes the reply and replyall button functionalities in outlook
