Jump to content
  1. Informatii generale

    1. Anunturi importante

      Anunturile importante si regulile forumului. Cititi regulamentu​l inainte de a posta.

    2. Bine ai venit

      Bine ati venit pe forumul Romanian Security Team, aici va puteti prezenta (optional)

    3. Proiecte RST

      Aici veti putea gasi toate programele, tutorialele, metodele si exploiturile create de catre membrii RST

  2. Sectiunea tehnica

    1. Exploituri

      Cele mai noi exploituri, POC-uri sau shellcode-uri

    2. Challenges (CTF)

      Challenge-uri - Wargames, pentru amatorii CTF-urilor

    3. Bug Bounty

      Categorie destinata discutiilor referitoare la site-urile care au un program Bug Bounty in desfasurare prin care rasplatesc persoanele care le raporteaza vulnerabilitati

    4. Programare

      Coltul programatorilor: C/C++, Visual Basic, .NET, Java, ASM, Shell scripting, Perl, Python

    5. Securitate web

      Tutoriale si discutii legate de securitatea aplicatiilor web

    6. Reverse engineering & exploit development

      Tutoriale despre analiza malware, sample-uri, cod sursa, programe utile, reverse engineering si exploit development

    7. Mobile security

      Discutii despre telefoane mobile, root-ing, jailbreak-ing etc.

    8. Sisteme de operare si discutii hardware

      Discutii in materie hardware, windows, unix, bsd etc.

    9. Electronica

      Discutii generale despre electronica

    10. Wireless Pentesting

      Wardriving area, WiFi, Bluetooth si GSM hacking

    11. Black SEO & monetizare

      Tips & tricks, questions, monetizare

  3. Programe

    1. Programe hacking

      Postati aici utilitare cum ar fi sniffere, bruteforcers, fuzzers etc. Nu faceti cereri aici.

    2. Programe securitate

      Postati aici programe cum ar fi firewall-uri, antivirusi si programe similare

    3. Programe utile

      Programe ce nu se incadreaza in celelalte sectiuni: hack sau securitate

    4. Free stuff

      Diverse lucruri utile, fiind excluse root-uri, SMTP-uri, VPS-uri etc.

  4. Discutii generale

    1. RST Market

      Orice vanzare/cumparare care are legatura cu frauda online/bancara sau access neautorizat este penalizata cu ban permanent!  Minim 50 de posturi pentru acces!

    2. Off-topic

      Discutii pe diverse teme, discutii care nu se incadreaza la celalalte categorii. Doar discutii din domeniul IT!

    3. Discutii incepatori

      Daca esti incepator, ai o intrebare simpla sau vrei sa stii mai multe despre un domeniu, aici e sectiunea potrivita

    4. Stiri securitate

      Stiri din domeniul securitatii IT

    5. Linkuri

      Postati aici doar linkurile despre securitate!

    6. Cosul de gunoi

      Toate topicurile care au deviat de la raspuns vor fi mutate aici.

  • Topics

  • Posts

    • Salut, asta e varianta CLI de la CyberScout cu cateva imbunatatiri la design:   EvilHolmes (CLI) is a cyber threat intelligence tool that searches personal information in both Clearnet and Darkweb. The tool is designed to extract information and let users know about their exposure to password theft's or Cyber attacks placed in the past. &@&* (&@% @@@@@@@@@@@@@@% *@@@@@@@@@@@@@@@ @@@@@@@@@@@@@@@@( ,%&&&%&@@,@@@@@@@@@@@@@@@@@*@@&%&&&#. #@@@@@@@@% ... @@@@@@@@@. /@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@. ./&@@@@@@@@@@@@@@@@@@@@@@@%* &@@@@*/@@@@&&%%##%%&@@@@.&@@@@( %@@@@@@@@ .@@@@@( &@@@@& ,@@@@@@@@* #@@@@@@@@@@ @@@@@@@@@@. %@@@@@@@@@ (@@@@@@@@@/ .%@@@@@@@@, (@@@@@@@@/, .@@@@@@@@%(&@@@@@@#. ,&@@@@@@%(@@@@@@@@% /@@@@@@@@@@@@@@@@@@@@\@@@@@@@@@@@@@@@@@@@@@@. @@@@@-No.1 CTI-@@@@@@@\@@@@@@@@@@@@@@@@@@@@% %@@@@@@@@@@@@@@@@@@@@\@@@@@@@@@@@@@@@@# ,&@@@@@@@@@@@@@@@@@\@@@@@@@@@@&. .*(#%%%#(/. [ EvilHolmes - CyberThreat intelligence tool ] [ Coded by Ioja Iustin ] [ https://github.com/iojaiustin ]
    • Have funk!   https://s3.timeweb.cloud/fd51ce25-6f95e3f8-263a-4b13-92af-12bc265adb44/rockyou2024.zip
    • https://www.ohchr.org/sites/default/files/Documents/Issues/Torture/Call/NGOs/VIACTECAnnex.pdf   Check this
    • da confirm , am vazut leak-ul acum 2 saptamani pe Anonymous Egipt 
    • Long story short: (Breachsense) Meanwhile pe tor-site-ul Ransomhub (neverificat) timerul e resetat la 23h desi in articolul initial era la 3zile   Data Breach Report Victim nttdata.ro Threat Actor Ransomhub Date Discovered Jul 02, 2024 Description NTT Data Corporation is a Japanese multinational information technology service and consulting company headquartered in Tokyo. Leak Size 230GB Newsarticle: Japan's NTT Data says Romania unit suffered unauthorised access  Japan's NTT Data Group said on Wednesday its Romania unit was hit by an instance of unauthorised access in June. The company is investigating how the access, which occurred on June 14, happened and whether information was leaked, a spokesperson said. NTT Data said the access was detected on an old network that the Romanian unit was no longer using as its main network. It had acquired all of the shares in a Romanian information technology service company in 2013 to make it a subsidiary. Shares of NTT Data fell as much as 6.55% on Wednesday compared with a 1.26% gain in the benchmark Nikkei index. sursa
    • Modern CPUs from Intel, including Raptor Lake and Alder Lake, have been found vulnerable to a new side-channel attack that could be exploited to leak sensitive information from the processors.   The attack, codenamed Indirector by security researchers Luyi Li, Hosein Yavarzadeh, and Dean Tullsen, leverages shortcomings identified in Indirect Branch Predictor (IBP) and the Branch Target Buffer (BTB) to bypass existing defenses and compromise the security of the CPUs.   "The Indirect Branch Predictor (IBP) is a hardware component in modern CPUs that predicts the target addresses of indirect branches," the researchers noted.   "Indirect branches are control flow instructions whose target address is computed at runtime, making them challenging to predict accurately. The IBP uses a combination of global history and branch address to predict the target address of indirect branches."   The idea, at its core, is to identify vulnerabilities in IBP to launch precise Branch Target Injection (BTI) attacks – aka Spectre v2 (CVE-2017-5715) – which target a processor's indirect branch predictor to result in unauthorized disclosure of information to an attacker with local user access via a side-channel.   This is accomplished by means of a custom tool called iBranch Locator that's used to locate any indirect branch, followed by carrying out precision targeted IBP and BTP injections to perform speculative execution.   Intel, which was made aware of the findings in February 2024, has since informed other affected hardware/software vendors about the issue.   As mitigations, it's recommended to make use of the Indirect Branch Predictor Barrier (IBPB) more aggressively and harden the Branch Prediction Unit (BPU) design by incorporating more complex tags, encryption, and randomization.   The research comes as Arm CPUs have been found susceptible to a speculative execution attack of their own called TIKTAG that targets the Memory Tagging Extension (MTE) to leak data with over a 95% success rate in less than four seconds.   The study "identifies new TikTag gadgets capable of leaking the MTE tags from arbitrary memory addresses through speculative execution," researchers Juhee Kim, Jinbum Park, Sihyeon Roh, Jaeyoung Chung, Youngjoo Lee, Taesoo Kim, and Byoungyoung Lee said.   "With TikTag gadgets, attackers can bypass the probabilistic defense of MTE, increasing the attack success rate by close to 100%." In response to the disclosure, Arm said "MTE can provide a limited set of deterministic first line defenses, and a broader set of probabilistic first line defenses, against specific classes of exploits."   "However, the probabilistic properties are not designed to be a full solution against an interactive adversary that is able to brute force, leak, or craft arbitrary Address Tags."   Source: https://thehackernews.com/2024/07/new-intel-cpu-vulnerability-indirector.html
    • telegram tati , daca vrei sa inveti ceva .
    • Nu stiu despre ce e vorba, dar acest "dark web", mi s-a parut o mizerie. Intrasem si eu acum ani de zile, sperand sa invat lucruri despre security, dar e plin de copii copaci. 
    • Imi poate zice cineva care este faza cu site-ul asta? E ceva legat de internetul  intunecat?Daca da mi-ar placea sa ma conduceti cu linkuri catre mai multe site-uri de genu! Multumesc anticipat!👻
    • A trio of security flaws has been uncovered in the CocoaPods dependency manager for Swift and Objective-C Cocoa projects that could be exploited to stage software supply chain attacks, putting downstream customers at severe risks.   The vulnerabilities allow "any malicious actor to claim ownership over thousands of unclaimed pods and insert malicious code into many of the most popular iOS and macOS applications," E.V.A Information Security researchers Reef Spektor and Eran Vaknin said in a report published today.   The Israeli application security firm said the three issues have since been patched by CocoaPods as of October 2023. It also resets all user sessions at the time in response to the disclosures.   One of the vulnerabilities is CVE-2024-38368 (CVSS score: 9.3), which makes it possible for an attacker to abuse the "Claim Your Pods" process and take control of a package, effectively allowing them to tamper with the source code and introduce malicious changes. However, this required that all prior maintainers have been removed from the project.   The roots of the problem go back to 2014, when a migration to the Trunk server left thousands of packages with unknown (or unclaimed) owners, permitting an attacker to use a public API for claiming pods and an email address that was available in the CocoaPods source code ("unclaimed-pods@cocoapods.org") to take over control.   The second bug is even more critical (CVE-2024-38366, CVSS score: 10.0) and takes advantage of an insecure email verification workflow to run arbitrary code on the Trunk server, which could then be used to manipulate or replace the packages.     Also identified in the service is a second problem in the email address verification component (CVE-2024-38367, CVSS score: 8.2) that could entice a recipient into clicking on a seemingly-benign verification link, when, in reality, it reroutes the request to an attacker-controlled domain in order to gain access to a developer's session tokens.   Making matters worse, this can be upgraded into a zero-click account takeover attack by spoofing an HTTP header – i.e., modifying the X-Forwarded-Host header field – and taking advantage of misconfigured email security tools.   "We have found that almost every pod owner is registered with their organizational email on the Trunk server, which makes them vulnerable to our zero-click takeover vulnerability," the researchers said.   This is not the first time CocoaPods has come under the scanner. In March 2023, Checkmarx revealed that an abandoned sub-domain associated with the dependency manager ("cdn2.cocoapods[.]org") could have been hijacked by an adversary via GitHub Pages with an aim to host their payloads.   Source: https://thehackernews.com/2024/07/critical-flaws-in-cocoapods-expose-ios.html
  • Create New...