Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 04/19/19 in all areas

  1. 8 points
    mi-ai speriat motanul in pana mea :))))
  2. 6 points
    pai du-te, daca te cheama ....
  3. 6 points
    Daca aveti cont pe blockchain si il verificati (cu id) veti primi/ati primit deja niste Stellar (XLM). Daca nu, va puteti face cont aici https://www.blockchain.com/getcrypto si dupa verificare id va crediteaza contul cu ceva sume random. Majoritatea spun ca au primit echivalentul a 20-30 eur. Eu am primit echivalentul a 45 eur. XLM-ul se poate converti apoi in ETH sau BTC (sau altele) pe site-uri gen binance sau alte echivalente. Spor!
  4. 6 points
    Da, doar ca trebuie sa-ti pui windows-ul un modul de editare keyloggere. Vezi in C:/Windows/System32 ca este un fisier hal.dll Trebuie sa-l redenumesti in "Ehal.dll" si sa dai restart la pc.Asa windows-ul va sti ca este in Edit mode. Cand deschizi urm data keyloggerul o sa-ti apara interfata pentru editare, si tu bifezi nsite checkbox-uri cu ce vrei sa faca. //Am editat numele fisierului
  5. 5 points
  6. 4 points
    Salut maestre, bine ai venit pe la noi. Sper sa gasesti informatie de ajutor pe aici cat si sa imparti din cunostintele tale. Totodata, iti sugerez sa eviti conflictele cu oamenii a caror minte inca ii in cuptor la copt.
  7. 4 points
    R.I.P Wolfgang LΓΌth, Heinz Guderian und Walter Rauff
  8. 4 points
    A vulnerability in the messaging app WhatsApp has allowed attackers to inject commercial Israeli spyware on to phones, the company and a spyware technology dealer said. WhatsApp, which is used by 1.5bn people worldwide, discovered in early May that attackers were able to install surveillance software on to both iPhones and Android phones by ringing up targets using the app’s phone call function. The malicious code, developed by the secretive Israeli company NSO Group, could be transmitted even if users did not answer their phones, and the calls often disappeared from call logs, said the spyware dealer, who was recently briefed on the WhatsApp hack. WhatsApp is too early into its own investigations of the vulnerability to estimate how many phones were targeted using this method, a person familiar with the issue said. As late as Sunday, as WhatsApp engineers raced to close the loophole, a UK-based human rights lawyer’s phone was targeted using the same method. Researchers at the University of Toronto’s Citizen Lab said they believed that the spyware attack on Sunday was linked to the same vulnerability that WhatsApp was trying to patch. NSO’s flagship product is Pegasus, a program that can turn on a phone’s microphone and camera, trawl through emails and messages and collect location data. NSO advertises its products to Middle Eastern and Western intelligence agencies, and says Pegasus is intended for governments to fight terrorism and crime. NSO was recently valued at $1bn in a leveraged buyout that involved the UK private equity fund Novalpina Capital In the past, human rights campaigners in the Middle East have received text messages over WhatsApp that contained links that would download Pegasus to their phones. WhatsApp said that teams of engineers had worked around the clock in San Francisco and London to close the vulnerability. It began rolling out a fix to its servers on Friday last week, WhatsApp said, and issued a patch for customers on Monday. β€œThis attack has all the hallmarks of a private company known to work with governments to deliver spyware that reportedly takes over the functions of mobile phone operating systems,” the company said. β€œWe have briefed a number of human rights organisations to share the information we can, and to work with them to notify civil society.” WhatsApp disclosed the issue to the US Department of Justice last week, according to a person familiar with the matter. A justice department spokesman declined to comment. NSO said it had carefully vetted customers and investigated any abuse. Asked about the WhatsApp attacks, NSO said it was investigating the issue. β€œUnder no circumstances would NSO be involved in the operating or identifying of targets of its technology, which is solely operated by intelligence and law enforcement agencies,” the company said. β€œNSO would not, or could not, use its technology in its own right to target any person or organisation, including this individual [the UK lawyer].” The UK lawyer, who declined to be identified, has helped a group of Mexican journalists and government critics and a Saudi dissident living in Canada, sue NSO in Israel, alleging that the company shares liability for any abuse of its software by clients. John Scott-Railton, a senior researcher at the University of Toronto’s Citizen Lab, said the attack had failed. β€œWe had a strong suspicion that the person’s phone was being targeted, so we observed the suspected attack, and confirmed that it did not result in infection,” said Mr Scott-Railton. β€œWe believe that the measures that WhatsApp put in place in the last several days prevented the attacks from being successful.” Other lawyers working on the cases have been approached by people pretending to be potential clients or donors, who then try and obtain information about the ongoing lawsuits, the Associated Press reported in February. β€œIt's upsetting but not surprising that my team has been targeted with the very technology that we are raising concerns about in our lawsuits,” said Alaa Mahajne, a Jerusalem-based lawyer who is handling lawsuits from the Mexican and Saudi citizens. β€œThis desperate reaction to hamper our work and silence us, itself shows how urgent the lawsuits are, as we can see that the abuses are continuing.” On Tuesday, NSO will also face a legal challenge to its ability to export its software, which is regulated by the Israeli ministry of defence. Amnesty International, which identified an attempt to hack into the phone of one its researchers, is backing a group of Israeli citizens and civil rights group in a filing in Tel Aviv asking the ministry of defence to cancel NSO’s export licence. β€œNSO Group sells its products to governments who are known for outrageous human rights abuses, giving them the tools to track activists and critics. The attack on Amnesty International was the final straw,” said Danna Ingleton, deputy director of Amnesty Tech. β€œThe Israeli ministry of defence has ignored mounting evidence linking NSO Group to attacks on human rights defenders. As long as products like Pegasus are marketed without proper control and oversight, the rights and safety of Amnesty International’s staff and that of other activists, journalists and dissidents around the world is at risk.” Sursa: https://www.ft.com/content/4da1117e-756c-11e9-be7d-6d846537acab
  9. 4 points
    Doame da-mi putere! E in tensorflow? daca e in Tensorflow 2.0 mie pe windows 10 ia crash tensorflow-gpu, ca e inca in beta. Am auzit ca VM lor linux merge mai bine. Daca e in altceva vezi daca are suport cuda engine-ul lor, ca altfel nu te ajuta. 2. Esti sigur ca arhitectura retelei e convergenta pe datasetul tau? ia un training set de 50,000 - 100,000 din alea 5 milioane + un testset de 10,000 - 20,000 si verifica daca e convergent. 5 milioane de puncte e exagerat pentru un training set, mai ales daca NN tau e dens pe tote layerele. Inainte sa arunci cu bani in fanteziile tale verifica pe scara mai mica daca e realistic ce vrei tu sa obtii. Eu prezic ca ai sa fii foarte dezamagit de rezultate.
  10. 4 points
  11. 4 points
    Fuck yaaa. That's because you don't lick the pussy.
  12. 4 points
  13. 4 points
    Download: Buy: You can leave a donation here: https://fundatiamereuaproape.ro/donatii-in-cont/ (PayPal link at the top of the page or bank transfer details at the bottom)
  14. 3 points
    Salut, ma numesc Raul am 26 ani si lucrez ca si penetration tester de cateva luni..Cam de un an m-am apucat de securitate in momentul de fata am luat OSCP acum 4 luni si acum ma inscriu pentru OSCE si AWAE(amandoua in acelasi timp). Profilul meu de hackthebox ii https://www.hackthebox.eu/profile/31011 Am si un canal de youtube unde postez diferite tutoriale daca pot sa le numesc asa si ce fac in timpul liber. https://www.youtube.com/channel/UC8DIQeAuFw0vBxTWJ4xCHGg?view_as=subscriber Daca pot sa ajut cu ceva nu ezitati sa ma contactati Va multumesc,
  15. 3 points
    Imi pare rau pentru provocarile la care ai fost si inca esti supus. Si imi pare bine ca exista oameni ca tine care sunt capabili sa astearna astfel de cuvinte expresive, sub forma de metafore, capabile sa comunice acest mesaj cinic care, in fond, nu spune nimic mai mult decat ca nu e bine cum e si ar trebui sa ne schimbam, mesaj care nu va schimba nimic niciodata si de care am putea la fel de bine sa ne lipsim, fara a ne afecta viata in vreun fel. Vezi tu, tot ce tindem sa facem in legatura cu viata asta, de care ne tot ferim, este sa ne-o umplem cu tot felul de obiceiuri care sa ne distraga atentia de la realitatea ca avem libertatea de a ne crea singuri oportunitatile pe care ni le dorim dar nu suntem in stare sa ne dam seama ce vrem sa facem ca sa ne simtim impliniti. Asa ca incercam sa ne convingem ca mereu ne tine o batatura morala care, ce sa vezi, provine de la un motiv "simplu"; un guvern, un conflict familial, un deces, un militian, un vecin zgomotos, sau un alt lucru ce, inevitabil, peste o perioada de timp, devine nesemnificativ. Externalizam frustrarea ca nu suntem in stare sa definim macar ce inseamna o viata buna prin niste lucruri care nici macar nu tin de noi. Ne cautam motive sa nu ne fie bine ca sa nu ne confruntam cu ideea ca nu suntem suficient de puternici din punct de vedere moral sa ne vedem de ceea ce ne pasioneaza, sau, mai rau, ca nici nu stim cum sa aflam ce ne pasioneaza. Iar faptul ca nu stim ce vrem de la viata este o problema reala, nu incerc s-o minimalizez, insa hai sa nu reactionam la ea incercand sa-i schimbam pe toti cei din jur sperand ca ne-o vom rezolva. Continua sa recurgi la a invinovati pe toata lumea din jurul tau ca nu te lasa sa-ti fie bine si ai sa ajungi foarte confortabil intr-un spital, dand din abdomen alternativ, sub o eticheta, aplicata total nefondat, evident, de schizofrenie paranoida. Se numeste viata ce ni se intampla, iar noi romanii suntem privilegiati in ceea ce priveste libertatea fizica de care beneficiem momentan, daca am reusi s-o asortam si pe cea psihica cu cea fizica, ar fi ceva. Ia vezi, poate iti poti face scop din asta. Nu exista niciun motiv palpabil de care sa te poti plange ca roman in 2019 cum ca cineva sau ceva ti-ar inrautati viata. Iti poti da seama de asta doar gandindu-te la o anumita problema despre care crezi tu ca daca ar fi solutionata, toate problemele tale se vor rezolva. Momentul in care realizezi ca nu exista o astfel de problema, e momentul in care realizezi ca toate problemele pot deveni problemele tale, si la fel de bine, de toate poti sa te detasezi. Inceteaza sa mai crezi ca toata lumea iti impartaseste sentimentele in legatura cu toate aspectele vietii tale nesemnificative si inceteaza sa incerci sa rezolvi probleme care pentru altii nici macar nu exista. Dai o valoare exagerata unor concepte abstracte despre care crezi tu ca reprezinta niste probleme generale, cum ar fi aportul politicii la viata indivizilor dintr-o tara. Astfel de probleme nu sunt mai mult decat niste subiecte de discutie, in adunari sociale, pe care le folosim ca pretexte sa mascam ideea ca ne-am adunat acolo pentru a face senzatie ca ulterior sa ne frecam unii de altii, din motive biologice. Nu am evoluat pentru a ne insusi toate problemele din lume. Nu suntem organisme planetare. Nu trebuie sa le fie tuturor bine ca sa ne fie noua bine. Si nu spun asta in ideea ca n-ar trebui sa ne pese de ce se intampla cu cei din jurul nostru, ci doar ca e gresit sa te astepti sa fie totul bine cu toata lumea din jurul tau si abia apoi sa te gandesti la tine, din simplul motiv ca daca ar face toti asta, nimanui n-ar mai trebui sa-i fie bine ca toata lumea asteapta dupa ceilalti. Tu trebuie sa depui un efort sa proiectezi macar starea la care vrei sa ajungi. S-ar putea sa nu ajungi acolo niciodata, dar macar vei fi multumit ca ai incercat si speranta ca ai sa ajungi o data o sa fie mult mai valoroasa decat alternativa care e reprezentata de gandul ca cineva sau ceva incearca sa te tina jos tot timpul si ca din cauza cuiva sau a ceva anume tu nu poti sa traiesti cum iti doresti. Cand ne trezim dimineata, nu ne gandim la ce face vreun politician anume, nici macar la parinti nu ne gandim, ne gandim doar la cum ajungem la zona aia in care ne varsam dejectiile, sau la cum ne doare capul de la mahmureala, sau la cum latra cainele din vecini; cu alte cuvinte, ne gandim la ce ne stimuleaza in vreun fel simturile. Apoi, cand ne-am eliberat de stimuli, incepem sa ne gandim la care e urmatorul lucru relativ semnificativ de care sa ne pese in ziua aia, si apoi urmatorul, si tot asa. Noi oamenii avem capacitatea asta de a ne crea probleme imaginare care pot atarna la fel de greu precum niste probleme fizice. E complet problema ta daca vrei sa ajungi la un moment dat sa contemplezi ce se intampla la nivel de sistem politic, sau la orice nivel la care ce se intampla nu tine de ce faci tu. In plus, daca problema politicii la nivel national ar disparea maine, crezi ca ar fi singura problema din viata ta? Chiar esti incapabil sa intelegi ca tot ce ne afecteaza, fie in bine fie in rau, e relativ la cum privim noi situatia? Si, mai ales, chiar e atat de greu sa intelegi ca folosesti astfel de pretexte sa-ti ascunzi nesiguranta asteptarilor tale de la viata? Si, din nou, problema politica este si ea una reala pe care nu incerc s-o minimalizez, insa nu reprezinta ceva pe care o poti schimba tu la nivel de individ. Totalitatea mecanismelor care intra in componenta unei astfel de probleme reprezinta o povara mult prea mare pe care sa si-o asume un om si nu va fi rezolvata de nicio actiune individuala. Daca esti suficient de sanatos incat sa ajungi sa ai cea mai mare problema una de natura externa, te afli printre oamenii capabili sa-si construiasca singuri viata asa cum o vor ei. Asa ca nu te mai limita la a spune ca lumea nu te lasa in pace; accepta ca nimanui nu-i pasa de tine mai mult decat tie si incearca sa-ti gasesti un scop in viata de care vei fi multumit la un moment dat. Nu mai fi asa basic, ca doar presupun ca ai scris sau citit si copiat atata text sub pretextul ca ai ajuns la o intelegere superioara. Daca te consideri asa superior, depunde putin efort si intretine macar ideea ca s-ar putea sa nu fi ajuns la un plafon de cunoastere, ca e mereu loc de mai bine si ca iti poti schimba viata in mai bine in orice moment al existentei tale, indiferent de spatiul fizic pe care existi sustinut de oxigenul de calitate indoielnica din jurul tau. https://media.giphy.com/media/l1KdbHUPe27GQsJH2/giphy.gif
  16. 3 points
    Da lol. generatoarele alea de key-uri care aveau muzica la volum 300%
  17. 3 points
    " Salutare,stiti un site,de pe care poti afla subiectele de simulare bac 2019 la matematica cu o seara inainte? Va rog frumos fara ignor sau mesaje de genul::invata. Mai am 3 luni pana la bac am timp sa invat de un 5 la mate. p.s. Consider ca multi urasc bacul,deci va rog,un site ceva?" Luati exemplu oameni buni, ce schimbari fac unii in 2 luni.Cu oameni ca el putem schimba viitorul. TU ESTI SPERANTA NOASTRA PENRU UN VIITOR MAI BUN Tine minte, ROMANIA MERITA MAI MULT.
  18. 3 points
    Las-o ba cu hydra ta. Fie stii cam ce parola are contul lui (adica o ghicesti din 10-20 de incercari) si atunci nu ai nevoie de hydra, le incerci la mana intr-o noapte. Fie nu stii ce parola are si atunci nu ai ce sa-i faci. Ca sa incerci un offline attack cu hydra iti trebuie un hash al parolei (nu faci rost de asa ceva). Fie faci un atac online cu hydra, caz in care ip-ul tau e banat dupa 5-10 secunde. Fie incerci sa-i bagi un keylogger in pcssi alte pule-n cur, dar ca sa faci tu singur asa ceva sunt sanse mai mici de 1%. Solutia mea de expert hacker level 3 e: 1. Ghiceste-i parola de la email, poate ii dai un "I forgot my password" si ai noroc, sau mai simplu ii furi parola din telefon/calculator cand si-o tasteaza. 2.1 Mergi la sala, fa-te mare, da-i un cap in gura 2.2 daca esti lenes dai 10lei la un tigan sa-i bata pentru tine. 3. (recomandata fara probleme legale) fute-i femeia. Scapi si tu de laba si de jocuri de kk online.
  19. 3 points
    Pentru toti romanii saraci, faza cu "refferal pt transport gratuit e muiala pe fata". Pasul 1: Descarci app, faci cont validezi contul cu 50 lei Pasul 2: Nu mai deschizi aplicatia 1-2 sapt, ca doar esti sarac si oricum nu cumparai nimic cu revolute Pasul 3: Dupa 1-2 saptamani, iti dau ei notificare ca vor sa-ti ofere un card gratuit, ca au vazut ca esti vai de plt si n-ai 5E pt transport.
  20. 3 points
    Te fuți, fă?
  21. 3 points
    Sigur, te poate ajuta @aismen.Gandeste-te ca el a spart nasa....si nasa nu o compari cu instagramul
  22. 3 points
    I have written a short bash function for measuring website metrics such as DNS lookup, redirects, redirect time, the first byte (TTFB), connect time and the total time. Short version (Only TTFB) function ttfb() { if [ $# -eq 0 ] then echo "Usage: ttfb url" else curl -o /dev/null \ -H 'Cache-Control: no-cache' \ -s \ -w "Connect: %{time_connect} TTFB: %{time_starttransfer} Total time: %{time_total} \n" \ $1 fi } Usage example: aelius@macbook:~$ ttfb Usage: ttfb url aelius@macbook:~$ ttfb https://www.unixteacher.org/ Connect: 0.046315 TTFB: 0.157112 Total time: 0.157400 aelius@macbook:~$ Long version (DNS Lookup, Redirects, Redirect time, First byte, Connect time, Total time) function metrics { if [ $# -eq 0 ] then echo "Usage: metrics url" else curl -H 'Cache-Control: no-cache' -Lw "DNS Lookup: %{time_namelookup} seconds \nRedirects: %{time_redirect} seconds with %{num_redirects} redirects \nFirst Byte: %{time_starttransfer} seconds \nConnect Time: %{time_connect} seconds \nTotal Time: %{time_total} seconds\n" -so /dev/null $1 fi } Usage example aelius@macbook:~$ metrics Usage: metrics url aelius@macbook:~$ metrics https://www.unixteacher.org/ DNS Lookup: 0.009266 seconds Redirects: 0.000000 seconds with 0 redirects First Byte: 0.173887 seconds Connect Time: 0.051254 seconds Total Time: 0.174168 seconds aelius@macbook:~$ References: – https://en.wikipedia.org/wiki/Time_to_first_byte – https://curl.haxx.se/docs/manual.html Published on UnixTeacher: https://www.unixteacher.org/blog/measuring-website-metrics-with-curl/
  23. 3 points
    Exercitiile astea is un fel de "astazi invatam adunarea: un mar si cu inca unu, fac doua; cate mere sunt in total daca mai adun alte doua?" Ca sa fiu si pe subiect: 1. get current date, get day of week, case example 2. user defined functions Daca ai de gand sa profesezi candva in IT, iti sugerez putin mai multa atentie si curiozitate fata de cursuri si materialele de curs.
  24. 3 points
  25. 3 points
    Fie ca lumina sfintelor sarbatori de iarna sa va lumineze drumul si sa va calauzeasca si in noul an ce urmeaza sa soseasca! Minunata zi a Craciunului bate la usa ta si asteapta sa-i deschizi Domnului si sa-i primesti caldura in inima ta! La multi ani!
  26. 3 points
    Poate ca e prima oara cand postezi pe un forum, da' de incercat ce-ai incercat? Ce nu iasa? Unde te incurci? Ce erori primesti?
  27. 2 points
    System Down: A systemd-journald Exploit Read the advisory Accompanying exploit: system-down.tar.gz Sursa: https://www.qualys.com/research/security-advisories/
  28. 2 points
    Ar fi bine, lol. Pentru a pastra ordinea, disciplina si frumusetea naturii, societatea ticaloasa si viermanoasa ar trebui epurata la fiecare 10 ani. Amin Azi e 14 mai. E zi de doliu. La 14 mai 1948 a fost arestat parintele Justin Parvu de catre aceiasi ciuma rosie ce conduce tara aia de cacat.
  29. 2 points
    Three Heads are Better Than One: Mastering Ghidra - Alexei Bulazel, Jeremy Blackthorne - INFILTRATE 2019 INFILTRATE 2020 will be held April 23/24, Miami Beach, Florida, infiltratecon.com
  30. 2 points
    E mai ok ca unele servicii din multe puncte de vedere. Practic ai ce o banca fizica nu iti ofera.
  31. 2 points
    Este locul lui de munca. Grup de facebook 10 lei legatura. Ia, maica, doua, sa plec si eu acasa.
  32. 2 points
    In functia menu() tu iei inputul de la user in user_input dupa care te bagi direct in while loop. Valoarea user_input nu se poate schimba niciodata pt ca tu esti blocat in while: def menu(): user_input='fara valoare' # intrii in loop cu o valoare default while user_input != 'q': user_input = input("*inside joke*: ") # inputul in citesti in interiorul loopului if user_input == 'a': # cand while se executa a 2-a oara promptul de input se executa din nou print("ai tastat a") elif user_input == 'b': print("ai tastat b") else: print("nu stii sa tastezi?") #nu mai are rost aici sa mai citesti input Sper sa intelegi tu cum functioneaza while-ul. Daca inca nu te prinzi incearca un step-by-step debugging. (http://pythontutor.com/)
  33. 2 points
    Ca bine zici! https://securityonline.info/android-arsenal-reverse-engineering-tools/ Update 7.05.2019: http://ftp.icm.edu.pl/packages/Hacked Team/rcs-dev\share/HOME/MarcoL/books/ Sunt mai vechi, dar merita.
  34. 2 points
  35. 2 points
    Eu am incercat sa-ti explic ceva, daca vrei sa intelegi bine, daca nu, iar bine. Nu fac o pasiune din a deschide ochii oamenilor. Fie intelegi totul ca un sfat, fie ca un atac. Daca te opresti la fiecare caine cara latra, nu mai ajungi niciodata la destinatie. Iti doresc o zi placuta. Deja mi-am calcat pe prestanta pentru simplul fapt ca am intrat in aceasta discutie cu tine.
  36. 2 points
  37. 2 points
    Ce corect scrii, pacat de continut ;(
  38. 2 points
    Asa si libertyreserve nu era vreun cotet de site... precum si btc-e sau wm-center.. Lista poate continua, dar nu are rost sa dezbat telenovele. Care sta in 20$, sa isi vanda datele.
  39. 2 points
    Si ti-ai creat cont special sa spui asta? anteleg
  40. 2 points
  41. 2 points
    Se vinde glucoze.com structurat pentru a fi magazin online. Daca se doreste sa se mearga tot pe ideea de magazin, in afara de import produse si textele de la tos nu prea e nimic de facut. Host si domeniu expira luna viitoare, il tin pe tusa de 1 an de zile fara sa il folosesc. Pret 150€ echivalent in ron, transfer btpay, iban. Negociez, accept schimburi cu pagini instagram/fb. Alte detalii/intrebari, reply.
  42. 2 points
    Salut; am avut saptamana trecuta ideea de a crea o metoda de comunicare folosind CS: GO. Ca si guideline, Hwyl a trebuit sa respecte urmatoarele - sa fie usor de folosit (ie fara scripturi si fara a injecta nimic in executabil), sa nu "strice" jocul sau sa trezeasca suspiciuni unui spectator si sa nu fie nevoie de echipament special (ie. poti sa joci si fara microfon). In esenta, tot echipamentul (purchasable items) este notat cu o variabila (inclusiv combinatiile dintre arma secundara eg Deagle si primara eg AWP + HE), actiunile (comenzi radio,), grafitti si team dynamics (pozitionare site etc). Anyway, aici e paper-ul pentru cei interesati: https://github.com/cionutmihai/Hwyl/blob/master/Hwyl.pdf Am facut si un clip scurt de 9 min cu niste highlight-uri, l-am pus pe PeerTube acum cateva min dar e inca la etapa de transcoding... : https://peertube.video/videos/watch/8f6b0f5a-4063-4411-9f53-fc2b5895ff3a Evident, fara a avea un tabel cu notatiile si insemnatatea lor nu intelegi nimic, asta e si ideea Have fun
  43. 2 points
    Razi ca melcul la priza. Depinde cum si unde anunta ISP-ul adresele IP sau daca bazele de date utilizate la geolocalizare au update-urile la zi. Se poate specifica orasul si poti chiar sa faci o functie bash weather() { if [ $# -eq 0 ] then echo "Usage: weather city_name" else curl -s http://wttr.in/$1 fi } Dupa ce o faci, poti introduce functia in profilul tau (ex: ~/.bashrc pentru root sau ~/.bash_profile pentru user). Dupa adaugare, pentru a relua environmentul trebuie sa te reautentifici sau sa executi comanda "source ~/.bashrc" sau "source ~/.bash_profile" (dupa caz) Demo aelius@macbook:~$ weather Usage: weather city_name aelius@macbook:~$ weather Lorrach Weather report: Lorrach \ / Partly cloudy _ /"".-. 16 Β°C \_( ). ↓ 6 km/h /(___(__) 10 km 0.0 mm β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ Thu 18 Apr β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Morning β”‚ Noon β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜ Evening β”‚ Night β”‚ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ β”‚ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ β”‚ _ /"".-. 13 Β°C β”‚ _ /"".-. 19 Β°C β”‚ _ /"".-. 20 Β°C β”‚ _ /"".-. 17 Β°C β”‚ β”‚ \_( ). ← 5-8 km/h β”‚ \_( ). ↙ 6-7 km/h β”‚ \_( ). ↙ 8-13 km/h β”‚ \_( ). ↙ 7-14 km/h β”‚ β”‚ /(___(__) 20 km β”‚ /(___(__) 19 km β”‚ /(___(__) 18 km β”‚ /(___(__) 19 km β”‚ β”‚ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ Fri 19 Apr β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Morning β”‚ Noon β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜ Evening β”‚ Night β”‚ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ β”‚ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ β”‚ _ /"".-. 15 Β°C β”‚ _ /"".-. 23 Β°C β”‚ _ /"".-. 21 Β°C β”‚ _ /"".-. 19 Β°C β”‚ β”‚ \_( ). β†– 5-7 km/h β”‚ \_( ). β†’ 3-4 km/h β”‚ \_( ). ↓ 6-10 km/h β”‚ \_( ). β†– 4-7 km/h β”‚ β”‚ /(___(__) 20 km β”‚ /(___(__) 19 km β”‚ /(___(__) 16 km β”‚ /(___(__) 16 km β”‚ β”‚ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ Sat 20 Apr β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Morning β”‚ Noon β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜ Evening β”‚ Night β”‚ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ β”‚ _`/"".-. Patchy rain po…│ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ _`/"".-. Patchy rain po…│ β”‚ ,\_( ). 15..16 Β°C β”‚ _ /"".-. 21 Β°C β”‚ _ /"".-. 19 Β°C β”‚ ,\_( ). 14 Β°C β”‚ β”‚ /(___(__) ← 4-5 km/h β”‚ \_( ). ↙ 6 km/h β”‚ \_( ). ↓ 9-12 km/h β”‚ /(___(__) ↙ 7-13 km/h β”‚ β”‚ β€˜ β€˜ β€˜ β€˜ 20 km β”‚ /(___(__) 19 km β”‚ /(___(__) 17 km β”‚ β€˜ β€˜ β€˜ β€˜ 19 km β”‚ β”‚ β€˜ β€˜ β€˜ β€˜ 0.7 mm | 23% β”‚ 0.0 mm | 0% β”‚ 0.1 mm | 50% β”‚ β€˜ β€˜ β€˜ β€˜ 0.1 mm | 25% β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ Follow @igor_chubin for wttr.in updates aelius@macbook:~$ weather Mannheim Weather report: Mannheim \ / Sunny .-. 19 Β°C ― ( ) ― ← 15 km/h `-’ 10 km / \ 0.0 mm β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ Thu 18 Apr β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Morning β”‚ Noon β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜ Evening β”‚ Night β”‚ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ β”‚ \ / Sunny β”‚ \ / Sunny β”‚ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ β”‚ .-. 13..14 Β°C β”‚ .-. 18 Β°C β”‚ _ /"".-. 19 Β°C β”‚ _ /"".-. 16 Β°C β”‚ β”‚ ― ( ) ― ← 15-18 km/h β”‚ ― ( ) ― ← 19-22 km/h β”‚ \_( ). ↙ 16-25 km/h β”‚ \_( ). ↙ 16-28 km/h β”‚ β”‚ `-’ 20 km β”‚ `-’ 20 km β”‚ /(___(__) 20 km β”‚ /(___(__) 20 km β”‚ β”‚ / \ 0.0 mm | 0% β”‚ / \ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ Fri 19 Apr β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Morning β”‚ Noon β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜ Evening β”‚ Night β”‚ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ β”‚ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ \ / Partly cloudy β”‚ β”‚ _ /"".-. 15 Β°C β”‚ _ /"".-. 20 Β°C β”‚ _ /"".-. 20 Β°C β”‚ _ /"".-. 18 Β°C β”‚ β”‚ \_( ). ← 13-15 km/h β”‚ \_( ). ← 13-15 km/h β”‚ \_( ). ← 11-15 km/h β”‚ \_( ). ↙ 9-14 km/h β”‚ β”‚ /(___(__) 20 km β”‚ /(___(__) 20 km β”‚ /(___(__) 20 km β”‚ /(___(__) 20 km β”‚ β”‚ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”Œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ Sat 20 Apr β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β” β”‚ Morning β”‚ Noon β””β”€β”€β”€β”€β”€β”€β”¬β”€β”€β”€β”€β”€β”€β”˜ Evening β”‚ Night β”‚ β”œβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”Όβ”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€ β”‚ \ / Partly cloudy β”‚ \ / Sunny β”‚ \ / Partly cloudy β”‚ \ / Clear β”‚ β”‚ _ /"".-. 16 Β°C β”‚ .-. 20 Β°C β”‚ _ /"".-. 22 Β°C β”‚ .-. 20 Β°C β”‚ β”‚ \_( ). ↙ 11-13 km/h β”‚ ― ( ) ― ↙ 14-16 km/h β”‚ \_( ). ↙ 12-15 km/h β”‚ ― ( ) ― ↙ 12-20 km/h β”‚ β”‚ /(___(__) 20 km β”‚ `-’ 20 km β”‚ /(___(__) 20 km β”‚ `-’ 20 km β”‚ β”‚ 0.0 mm | 0% β”‚ / \ 0.0 mm | 0% β”‚ 0.0 mm | 0% β”‚ / \ 0.0 mm | 0% β”‚ β””β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”΄β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”€β”˜ Follow @igor_chubin for wttr.in updates aelius@macbook:~$
  44. 2 points
    Windows: LUAFV PostLuafvPostReadWrite SECTION_OBJECT_POINTERS Race Condition EoP Platform: Windows 10 1809 (not tested earlier) Class: Elevation of Privilege Security Boundary (per Windows Security Service Criteria): User boundary Summary: The LUAFV driver has a race condition in the LuafvPostReadWrite callback if delay virtualization has occurred during a read leading to the SECTION_OBJECT_POINTERS value being reset to the underlying file resulting in EoP. Description: NOTE: While it has a similar effect as issue 49960 I believe it is a different root cause which might still be exploitable after any fixes. This bug is actually worse than 49960 as you can modify the original file rather than just the cached data and you can do it to any file which can be virtualized as you don’t need to have a file which has a NULL CONTROL_AREA pointer. When a IRP_MJ_READ request is issued to a delay virtualized file the filter driver first calls LuafvPreRedirectWithCallback which determines if the file is virtualized, it then sets the underlying, read-only file as the target file object for the filter processing as well as storing the file object in the completion context. When the read operation completes the LuafvPostReadWrite method is called which will inspect the completion context and copy out the file position and the SECTION_OBJECT_POINTERS value. As there’s no locking in place at this point if the file delay virtualization is completed between the call to LuafvPreRedirectWithCallback and LuafvPostReadWrite then the SECTION_OBJECT_POINTERS and cache from the read-only file is used to overwrite the top-level β€œfake” file object, even though LuafvPerformDelayedVirtualization would have changed them to the new read-write virtual store file. By exploiting this race it’s possible to map the β€œreal” file read-write which allows you to modify the data (you can probably also just write to the underlying file as well). The trick to exploiting this bug is winning the race. One behavior that makes it an easy race to win is the delayed virtualization process passes on almost all CreateOptions flags to the underlying file create calls. By passing the FILE_COMPLETE_IF_OPLOCKED flag you can bypass waiting for an oplock break on IRP_MJ_CREATE and instead get it to occur on IRP_MJ_READ. The following is a rough overview of the process: 1) Open a file which will be delay virtualized and oplock with READ/HANDLE lease. 2) Open the file again for read/write access which will be delay virtualized. Pass the FILE_COMPLETE_IF_OPLOCKED flag to the create operation. The create operation will return STATUS_OPLOCK_BREAK_IN_PROGRESS but that’s a success code so the delayed virtualization setup is successful. 3) Create a new dummy file in the virtual store to prevent the driver copying the original data (which will likely wait for an oplock break). 4) Issue a read request on the virtualized file object, at this point the IRP_MJ_READ will be dispatched to β€œreal” file and will get stuck waiting for an oplock break inside the NTFS driver. 5) While the read request is in progress issue a IRP_MJ_SET_EA request, this operation is ignored for oplock breaks so will complete, however the LUAFV driver will call LuafvPreWrite to complete the delayed virtualization process. 6) Close the acknowledge the oplock break by closing the file opened in 1. 7) Wait for read operation to complete. 8) Map the file as a read/write section. The data should be the β€œreal” file contents not the dummy virtual store contents. Modifying the file will now cause the β€œreal” file to be modified. Note that even if you filtered the CreateOptions (as you should IMO) the race still exists, it would just be harder to exploit. Fixing wise, you probably want to check the virtualized object context and determine that the the delay virtualization has already occurred before overwriting anything in the top-level file object. These operations can’t be done from any sandbox that I know of so it’s only a user to system privilege escalation. Proof of Concept: I’ve provided a PoC as a C# project. It will map the license.rtf file as read-write, although it won’t try and modify the data. However if you write to the mapped section it will change the original file. 1) Compile the C# project. It’ll need to pull NtApiDotNet from NuGet to build. 2) As a normal user run the PoC. 3) The PoC should print the first 16 characters of the mapped file. Expected Result: The mapped data should be all β€˜A’ characters. Observed Result: The mapped data is the actual license.rtf file and it’s mapped writable. Proof of Concept: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/46718.zip # 0day.today [2019-04-17] # Source
Γ—
×
  • Create New...