Jump to content

All Activity

This stream auto-updates     

  1. Past hour
  2. Ce carti mai cititi?

    Ti-am dat un PM.
  3. Today
  4. Ce carti mai cititi?

    Un pdf pentru "Level 7" (Ultimatum - ultimele zile ale unui razboi atomic) de Mordecai Roshwald? Nu gasesc nicaieri, am vrut s-o cumpar dar pe unde am gasit-o nu o mai au pe stoc.
  5. Bine v-am gasit!

    Salutare. Ma numesc Bogdan, am 17 ani si cunosc acest forum de cativa ani buni. Sunt pasionat de tot ceea ce tine de it, inclusiv programare, fapt pentru care am zis sa incep sa activez si aici.
  6. Bine v-am gasit !                                                                                                                                                                                                                                         Am dat intamplator peste acest  forum si ma bucur foarte mult . Am  fost interesata sa incep si eu o afacere pe Amazon  si eram curioasa sa aflu daca este adevarata povestea de succes a lui Houdin si Claus . In urma a ceea ce am citit aici mi-am dat seama ca ei vand pielea ursului din padure . Multumesc celor care mi-au dechis ochii . Am evitat astfel sa dau o gramada de bani pe acest curs . Si oricum nu aveam de unde sa dau atatia bani numai daca ma imprumutam . Bine ca nu am facut-o .                                                                                                                                                   Sper sa invat multe de aici . Sunt o persoana  careia ii place sa  exploreze domenii noi chiar daca nu mai sunt asa tanara , am 45 de ani . Dar sunt foarte activa pe Facebook  si imi place sa navighez pe internet .                                                                                                            

  7. Yesterday
  8. Ce carti mai cititi?

  9. [RST] Automated Mysql injection ,Web based tool

    @dancezar daca il recuperezi sa il pui pe github.
  10. Programare in limbajul C/C++ pentru liceu Emanuela Cerchez, Marinel Serban este pentru incepatori Download link: https://fil.email/UY99Xjc4
  11. Si nu numai Word... Iar pentru cine e interesat de aceasta "functionalitate", aici este un articol care discuta DDEAUTO: https://www.endgame.com/blog/technical-blog/bug-feature-debate-back-yet-again-ddeauto-root-cause-analysis Update Metode de mitigare https://www.peerlyst.com/posts/no-macros-no-problem-how-microsoft-office-dde-attacks-work-and-how-to-block-them-barkly https://gist.github.com/wdormann/732bb88d9b5dd5a66c9f1e1498f31a1b Si inca un vector:
  12. Baraiala Sunet

    ce Windows utilizezi? placa de sunet? etc..
  13. Interviu Bine Ati Venit

    Salutare! 😉
  14. Cont Filelist.Ro [FREE]

    Salut! Se poate sa ma ajute cineva cu o invitatie? Va multumesc anticipat. http://beta.speedtest.net/result/6722926476
  15. Baraiala Sunet

    ai schimbat windowsu ?
  16. Baraiala Sunet

    E laptop. Deci are boxele lui. Si la ele face asa dar si la casti. dar numai pe youtube, in winamp sau orice altceva nu face.
  17. Baraiala Sunet

    Ca am sufletul negru:))
  18. Usage The service is used to generate QR-codes for strings in a UNIX/Linux console using curl/httpie/wget or similar tools. The service can be used in a browser also. Just add qrenco.de/ before the URL. The service uses libqrencode to generate QR-codes. Installation You don't need to install the service for using it (just try curl qrenco.de), but if you want to install it locally, do the following steps: $ git clone https://github.com/chubin/qrenco.de $ cd qrenco.de $ virtualenv ve $ ve/bin/pip install -r requirements.txt $ sudo apt-get install libqrenv $ ve/bin/python bin/srv.py If you want to use a HTTP-frontend for the service, configure it this way: server { listen 80; listen [::]:80; server_name qrenco.de *.qrenco.de; access_log /var/log/nginx/qrenco.de-access.log; error_log /var/log/nginx/qrenco.de-error.log; location / { proxy_pass; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr; client_max_body_size 10m; client_body_buffer_size 128k; proxy_connect_timeout 90; proxy_send_timeout 90; proxy_read_timeout 90; proxy_buffer_size 4k; proxy_buffers 4 32k; proxy_busy_buffers_size 64k; proxy_temp_file_write_size 64k; expires off; } } Download: grenco.de-master.zip or git clone https://github.com/chubin/qrenco.de.git Sources: http://qrenco.de/ https://github.com/chubin/qrenco.de
  19. Embed for asciinema

    Cred ca ar fi util un Embed pentru https://asciinema.org/ in special in sectiunea Tutoriale
  20. objection Runtime Mobile Exploration, powered by Frida. introduction objection is a runtime mobile exploration toolkit, powered by Frida. It was built with the aim of helping assess mobile applications and their security posture without the need for a jailbroken or rooted mobile device. The project's name quite literally explains the approach as well, whereby runtime specific objects are injected into a running process and executed using Frida. Note: This is not some form of jailbreak / root bypass. By using objection, you are still limited by all of the restrictions imposed by the applicable sandbox you are facing. features Supporting both iOS and Android and having new features and improvements added regularly as the tool is used in real world scenarios, the following is a short list of only a few key features: For all supported platforms, objection allows you to: Patch iOS and Android applications, embedding a Frida gadget that can be used with objection or just Frida itself. Interact with the filesystem, listing entries as well as upload & download files where permitted. Perform various memory related tasks, such as listing loaded modules and their respective exports. Attempt to bypass and simulate jailbroken or rooted environments. Discover loaded classes and list their respective methods. Perform common SSL pinning bypasses. Dynamically dump arguments from methods called as you use the target application. Interact with SQLite databases inline without the need to download the targeted database and use an external tool. Execute custom Frida scripts. iOS specific features in objection include the ability to: Dump the iOS keychain, and export it to a file. Dump data from common storage such as NSUserDefaults and the shared NSHTTPCookieStorage. Dump various formats of information in human readable forms. Bypass certain forms of TouchID restrictions. Watch for method executions by targeting all methods in a class, or just a single method. Monitor the iOS pasteboard. Dump encoded .plist files in a human readable format without relying on external parsers. Android specific features in objection include the ability to: List the applications Activities, Services and Broadcast receivers. Start arbitrary Activities available in the target application. Watch a class method, reporting execution as it happens. screenshots The following screenshots show the main objection repl, connected to a test application on both an iPad running iOS 10.2.1, and Samsung Galaxy S5 running Android 6. A file system listing of the iOS applications main bundle A file system listing of the Android applications bundle iOS Keychain dumped for the current application, and later written to a file called keychain.json Inline SQLite query tool SSL Pinning bypass running for an iOS application SSL Pinning bypass running for an Android application sample usage A sample session, where objection version 0.1 is used to explore the applications environment. Newer versions have the REPL prompt set to the current applications name, however usage has remained the same: https://asciinema.org/a/8O6fjDHOdVKgPYeqITHXPp6HV prerequisites To run objection, all you need is the python3 interpreter to be available. Installation via pip should take care of all of the dependencies needed. For more details, please see the prerequisites section on the project wiki. As for the target mobile applications though, for iOS, an unencrypted IPA is needed and Android just the normal APK should be fine. If you have the source code of the iOS application you want to explore, then you can simply embed and load the FridaGadget.dylib from within the Xcode project. installation Installation is simply a matter of pip3 install objection. This will give you the objection command. For more detailed update and installation instructions, please refer to the wiki page here. powered by license Objection is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License Permissions beyond the scope of this license may be available at http://sensepost.com/contact/ Download: objection-master.zip or git clone https://github.com/sensepost/objection.git Source: https://github.com/sensepost/objection
  21. A newly discovered unpatched attacking method that exploits a built-in feature of Microsoft Office is currently being used in various widespread malware attack campaigns. Last week we reported how hackers could leveraging an old Microsoft Office feature called Dynamic Data Exchange (DDE), to perform malicious code execution on the targeted device without requiring Macros enabled or memory corruption. DDE protocol is one of the several methods that Microsoft uses to allow two running applications to share the same data. The protocol is being used by thousands of apps, including MS Excel, MS Word, Quattro Pro, and Visual Basic for one-time data transfers and for continuous exchanges for sending updates to one another. The DDE exploitation technique displays no "security" warnings to victims, except asking them if they want to execute the application specified in the command—although this popup alert could also be eliminated "with proper syntax modification." Soon after the details of DDE attack technique went public, Cisco's Talos threat research group published a report about an attack campaign actively exploiting this attack technique in the wild to target several organisations with a fileless remote access trojan (RAT) called DNSMessenger. Necurs Botnet Using DDE Attack to Spread Locky Ransomware Now, hackers have been found using the Necurs Botnet—malware that currently controls over 6 million infected computers worldwide and sends millions of emails—to distribute Locky ransomware and TrickBot banking trojan using Word documents that leverage the newly discovered DDE attack technique, reported SANS ISC. Locky ransomware hackers previously relied on macros-based booby-trapped MS Office documents, but now they have updated the Nercus Botnet to deliver malware via the DDE exploit and gain an ability to take screenshots of the desktops of victims. Hancitor Malware Using DDE Attack Another separate malware spam campaign discovered by security researchers has also been found distributing Hancitor malware (also known as Chanitor and Tordal) using Microsoft Office DDE exploit. Hancitor is a downloader that installs malicious payloads like Banking Trojans, data theft malware and Ransomware on infected machines and is usually delivered as a macro-enabled MS Office document in phishing emails. How to Protect Yourself From Word DDE Attacks? Since DDE is a Microsoft's legitimate feature, most antivirus solutions do not flag any warning or block MS Office documents with DDE fields, neither the tech company has any plans of issuing a patch that would remove its functionality. So, you can protect yourself and your organisation from such attacks by disabling the "update automatic links at open" option in the MS Office programs. To do so, Open Word → Select File → Options → Advanced and scroll down to General and then uncheck "Update Automatic links at Open." However, the best way to protect yourself from such attacks is always to be suspicious of any uninvited document sent via an email and never click on links inside those documents unless adequately verifying the source. Via thehackernews.com
  22. Ce carti mai cititi?

    PDF nu stiu unde gasesti, eu am cumparat cartea.
  23. Russia’s Crypto-Ruble Just Changed the Game For weeks now we’ve been getting very mixed signals out of the Russian Government about cryptocurrencies. On the one hand we see it embracing the new technology while at the same time going on the warpath against them. Because of that there is a lot of confusion in people’s minds as to what the endgame for cryptos in Russia looks like. I’ll try to clear this confusion up given what we know. But, suffice it to say, this is very good news for both Bitcoin and the Russian economy. Give me a few minutes and I’ll explain why. Putin’s Law Vladimir Putin is very much a law and order kinda guy. If you watch Putin operate in the public arena he always does so with an eye towards the law. He believes strongly in the law. And cryptocurrencies, despite their obvious benefits to a Russian economy that needs the type of disintermediation cryptos offer, operate in a legal gray area that makes Putin uncomfortable. So, the goal with Russian official crypto-policy is to stamp out the illegal activities – the money laundering, terrorism-financing, human-trafficking, etc. – while simultaneously using the technology to modernize Russia’s internal capital handling capabilities. This is what the crypto-ruble is all about. It is a way for Russia and Russians to provide a gateway between the crypto-world and the so-called real one. It ensures that this new form of ruble properly tracks capital flow through the Russian economy. By taxing crypto-rubles at the capital gains rate for those that cannot provide a paper-trail of ownership, Russia and Putin are incentivizing the development of low-cost crypto-payment systems to exchange rubles for goods only in cryptocurrencies that also track ownership, like Ethereum and others that have transparent blockchain histories. The Russian Capital Invitation Putin is openly inviting investment capital into Russia that is legal and above board. Russia wants legitimate businesses to operate in Russia in whatever currency they like as long as that business is transparent. The crypto-ruble provides the means by which to convert, transaction-cost-free, back into the national ‘fiat’ currency to pay bills, taxes and the like. This is in direct opposition to how the U.S., for example, treats cryptocurrencies. The 2014 I.R.S. rule that classified Bitcoin as ‘property’ means that every Bitcoin transaction, no matter how minor, creates a potential capital gains event. It means that buying a cup of coffee at Starbucks in Bitcoin is taxable for both the person buying the coffee (capital gains on the sale) and Starbucks when they go to sell those Bitcoins, buy dollars and pay salaries, order supplies, etc. It’s why the capital that has moved into cryptocurrencies isn’t moving back out. It’s why the ICO market has exploded. Billions in profits actively looking for new investment opportunities without paying taxes. It’s also the main reason why Amazon, for example, doesn’t take Bitcoin. Who wants that hassle? Can you imagine Amazon’s Schedule D if it accepted Bitcoin? The crypto-ruble’s structure dispenses with that for those that can prove ownership via the blockchain. Bitcoin allows for transaction transparency, so does Ethereum, Litecoin and many others. Now, cryptos can exist side-by-side with rubles without worrying about the threat of double taxation, unless you earned your money in the murk, at which point Russia wants 13% capital gains. This new system won’t bring that capital back into the Russian economy, but it wasn’t coming back anyway. Russia Embraces its Own Cryptos By calling Bitcoin as a Ponzi scheme and an avenue for money laundering Putin and the Bank of Russia are simply attacking technologies that are not home-grown. They are, like every other person in the markets, ‘talking their book.’ Putin would prefer people use platforms that are Russian. Remember, he’s also a nationalist trying to bring Russia prestige in this important market going forward. Ethereum and WAVES are both platforms designed by and built for Russia. So, you’ll notice that Putin has never spoken out against Ethereum. WAVES continues to fly under a lot of people’s radar, but it is just as disruptive as Ethereum. They both provide a platform to act as Infrastructure as a Service (IaaS) for the next generation of internet-based applications. Ethereum is a kind of operating system for Internet 3.0 while WAVES is next generation forex exchange as well as providing an easy platform for issuing new public/private equity. WAVES is what will back the Moscow Exchange’s move to trade cryptocurrencies and their derivatives. It will act at the gateway for all of the currency exchanges. So, if you have dollars, Bitcoins, rubles or Ethereum you can buy and sell stocks on the Moscow Exchange eventually. All nice and legal. All above-board. Evil Putin is looking for pension-fund investors seeing Russian bonds trading above 7% and he just gave fund managers a way to come in through the crypto-back door. Don’t think for a second that Putin doesn’t like Bitcoin as a means to attract investor capital. This is what Russian Miner Coin is all about. He just wants it to be regulated so it can ensure the public sphere is maximized. The Fight for Capital in Flight Capital will always flow to where it is treated best. Given the tenuous situation in the global financial and p0litical systems, Russia’s stable government is an asset. What investors need is the confidence of being able to get their money out after putting it back in. The scheme for the crypto-ruble is part of that confidence-building process. I know now, as an American investor, I can, for example, invest in a Russian company’s stock or bond offering directly. I can get paid my dividends or coupons in crypto-rubles, immediately exchange them for bitcoins or whatever currency I want to use as I see fit. Oh, and if I never convert them back to dollars, I can put off paying taxes until I do. That’s not really possible now, especially with sanctions. If it is possible, it’s expensive and a major hassle. Putin is a smart man with an excellent team around him. Moves like this are made in response to aggressive moves made by the U.S. to starve his country of capital, i.e. John McCain’s sanctions. He and his team understand that providing a platform by which capital can enter Russia that is barred through normal means now is key to surviving the next couple of years. It’s not his responsibility to monitor what U.S. investors do, only that they comply with Russian law. First-mover advantage is important here. If Russia continues to develop blockchain technology and embrace it in a relatively tax-free way, it won’t matter that it is ‘regulating’ the beautiful decentralized market of cryptos. What will matter is that Russia treats its crypto-investors better than everyone else. In the fight for global capital flows, you don’t have to be perfect, you just have to be slightly better than everyone else. Arbitrage will take care of the rest. And tax-free ruble/crypto exchange is the killer app that the crypto-market has been looking for to take it to the next level. Russia got there first. http://www.zerohedge.com/news/2017-10-17/russia’s-crypto-ruble-just-changed-game If Russia really is offering to exchange your cryptos into regular fiat, with only a 13% "tax" if you can't declare where they came from, then they just publicly offered a money laundering scheme to the entire world.
  24. www.cik.ro

    Dan Cucu, un baiat tanar, are nevoie de bani pentru a se lupta cu boala aia naspa. Daca aveti niste banuti in plus pe PayPal, va rog sa ajutati.
  25. Baraiala Sunet

    Raspunsul intrebarii cu siguranta nu ar duce la rezolvarea problemei. Asta nu poate fi o problema de hardware daca se intampla din cand in cand pret de o secunda. Verifica cablul de iesire sunet..
  26. Baraiala Sunet

    Pune o inregistrare?
  27. Baraiala Sunet

    De ce te intitulezi "Black" cand esti alb ca laptele?
  1. Load more activity