Leaderboard

Ti-am trimis..

Sa facem in primul rand abstractie de la adevaratul inteles al cuvatului hacker. Sa nu confundam hackerii cu burtosii care dau copy - paste. La noi hackerii nu sunt prinsi, sau daca sunt prinsi sunt prea prosti pentru a primii o slujba ( are logica nu ? ). La noi hackerii sunt confudati cu cocalarii care stau pe licitatii. Acum spuneti-mi voi, unde ar fi locul unui burtos ( care foloseste click dreapta - copy in loc de CTRL + C ) , la puscarie, sau sa lucreze pentru institutii gen DIICOT ?

si care e medicatia ta zilnica?

Un rezumat, pentru primul reverseMe din seria de reverseMe-uri incluse in tutorialele respective fiecarui reMe! Poate ajuta pe cineva. Comentariile mele sunt boldate si de culoare rosie, jump-urile conditionale (bad boys) importante noua sunt de culoare albastra, jump-urile ce ne ajuta la good boy sunt marcate cu maroniu, iar jump-ul necesar pentru good boy are culoarea verde. 00401000 r> $ 6A 00 PUSH 0 [COLOR=red][B]; 00401000 - entry point (EP = INT3 (CC) !!)[/B][/COLOR] 00401002 ? E8 64020000 CALL <JMP.&KERNEL32.GetModuleHandleA> [COLOR=red][B]; call[/B][/COLOR] 00401007 ? A3 77214000 MOV DWORD PTR DS:[402177],EAX [COLOR=red][B]; [00]402177 (0x77\0x21\0x40\0x00) == valoarea lui EAX[/B][/COLOR] 0040100C . C705 97214000 03400000 MOV DWORD PTR DS:[402197],4003 ; | [COLOR=red][B]; 402197 == 4003[/B][/COLOR] 00401016 . C705 9B214000 A6114000 MOV DWORD PTR DS:[40219B],reverseM.004011A6 ; | [COLOR=red][B]; 40219B == 004011A6[/B][/COLOR] 00401020 . C705 9F214000 00000000 MOV DWORD PTR DS:[40219F],0 ; | [COLOR=red][B]; 40219F == 0[/B][/COLOR] 0040102A . C705 A3214000 00000000 MOV DWORD PTR DS:[4021A3],0 ; | [COLOR=red][B]; 4021A3 == 0[/B][/COLOR] 00401034 . A1 77214000 MOV EAX,DWORD PTR DS:[402177] ; | [COLOR=red][B]; EAX == valoarea lui dword pointer ds VA: 402177[/B][/COLOR] 00401039 . A3 A7214000 MOV DWORD PTR DS:[4021A7],EAX ; | [COLOR=red][B]; 4021A7 == eax[/B][/COLOR] 0040103E . 6A 04 PUSH 4 ; |/RsrcName = 4. [COLOR=red][B]; push 4 pe stack[/B][/COLOR] 00401040 . 50 PUSH EAX ; ||hInst = 00000001 [COLOR=red][B]; push EAX[/B][/COLOR] 00401041 . E8 3F030000 CALL <JMP.&USER32.LoadIconA> ; |\LoadIconA [COLOR=red][B]; CALL[/B][/COLOR] 00401046 . A3 AB214000 MOV DWORD PTR DS:[4021AB],EAX ; | 0040104B . 68 007F0000 PUSH 7F00 ; |/RsrcName = IDC_ARROW 00401050 . 6A 00 PUSH 0 ; ||hInst = NULL 00401052 . E8 C8020000 CALL <JMP.&USER32.LoadCursorA> ; |\LoadCursorA 00401057 . A3 AF214000 MOV DWORD PTR DS:[4021AF],EAX ; | 0040105C . 6A 00 PUSH 0 ; |/hTemplateFile = NULL 0040105E . 68 6F214000 PUSH reverseM.0040216F ; ||Attributes = READONLY|HIDDEN|SYSTEM|ARCHIVE|TEMPORARY|402048 00401063 . 6A 03 PUSH 3 ; ||Mode = OPEN_EXISTING 00401065 . 6A 00 PUSH 0 ; ||pSecurity = NULL 00401067 . 6A 03 PUSH 3 ; ||ShareMode = FILE_SHARE_READ|FILE_SHARE_WRITE 00401069 . 68 000000C0 PUSH C0000000 ; ||Access = GENERIC_READ|GENERIC_WRITE 0040106E . 68 79204000 PUSH reverseM.00402079 ; ||FileName = "Keyfile.dat" 00401073 . E8 0B020000 CALL <JMP.&KERNEL32.CreateFileA> ; |\CreateFileA [COLOR=red][B]; EAX == -1 (FFFFFFFF)[/B][/COLOR] 00401078 . 83F8 FF CMP EAX,-1 ; | [COLOR=red][B]; compara EAX cu -1 / este adevarat Z-flag [/B][/COLOR][COLOR=red][B]== 1 [/B][/COLOR][COLOR=red][B](jump not taken)[/B][/COLOR] [B][color=blue]0040107B . 75 1D JNZ SHORT reverseM.0040109A[/B][/color] ; | [COLOR=red][B]; jmp not taken -- Z-flag = 1 ("not [/B][/COLOR][COLOR=red][B]set")[/B][/COLOR] [COLOR=red][B]se [/B][/COLOR] [COLOR=red][B]executa primul bad boy ([/B][/COLOR][B][COLOR=red]0040107D) [/COLOR][/B][B][COLOR=red]incepand[/COLOR][/B] [B][COLOR=red]cu PUSH 0 la [/COLOR][/B][COLOR=red][B] 0040107D! => [/B][/COLOR][COLOR=red][B]ZF = 0 (jump is [/B][/COLOR][COLOR=red][B]taken) => sarim peste bad[/B][/COLOR][COLOR=red][B]boy[/B][/COLOR] [COLOR=red][B]EIP = 0040109A)[/B][/COLOR] 0040107D . 6A 00 PUSH 0 ; |/Style = MB_OK|MB_APPLMODAL 0040107F . 68 00204000 PUSH reverseM.00402000 ; ||Title = " Key File ReverseMe" 00401084 . 68 17204000 PUSH reverseM.00402017 ; ||Text = "Evaluation period out of date. Purchase new license"[COLOR=red][B] acest API (MessageBoxA) == [/B][/COLOR][COLOR=red][B]primul bad boy![/B][/COLOR] [B][COLOR=red](0040107D)[/COLOR][/B] 00401089 . 6A 00 PUSH 0 ; ||hOwner = NULL 0040108B . E8 D7020000 CALL <JMP.&USER32.MessageBoxA> ; |\MessageBoxA 00401090 . E8 24020000 CALL <JMP.&KERNEL32.ExitProcess> ; \ExitProcess [COLOR=red][B]|-> exit [/B][/COLOR] 00401095 . E9 83010000 JMP reverseM.0040121D [B][COLOR=red]0040109A[/COLOR][/B] > 6A 00 PUSH 0 ; /pOverlapped = NULL [COLOR=red][B]; EIP = 0040109A[/B][/COLOR][COLOR=red][B] aici suntem de la JNZ-ul [/B][/COLOR][COLOR=red][B]anterior[/B][/COLOR] 0040109C . 68 73214000 PUSH reverseM.00402173 ; |pBytesRead = reverseM.00402173 004010A1 . 6A 46 PUSH 46 ; |BytesToRead = 46 (70.) 004010A3 . 68 1A214000 PUSH reverseM.0040211A ; |Buffer = reverseM.0040211A 004010A8 . 50 PUSH EAX ; |hFile = 00000001 004010A9 . E8 2F020000 CALL <JMP.&KERNEL32.ReadFile> ; \ReadFile [COLOR=red][B]; read file (46h bytes == 70d) -- citeste [/B][/COLOR][COLOR=red][B]din ? nimic! nu e fisierul[/B][/COLOR] 004010AE . 85C0 TEST EAX,EAX [COLOR=red][B]; test -- seteaza Z-flag (pentru urmatoarul jump conditional -- JNZ)[/B][/COLOR] [B][color=blue]004010B0 . 75 02 JNZ SHORT reverseM.004010B4[/B][/color] [COLOR=red][B]; EAX == 0 ! -- JMP NOT TAKEN! (BAD BOY!!! -- Z-flag == 0 pentru a [/B][/COLOR][COLOR=red][B]sari)[/B][/COLOR] 004010B2 . EB 43 JMP SHORT reverseM.004010F7 [COLOR=red][B]; jump neconditional -- unde ne duce? la 004010F7 -- BAD BOY! (vezi [/B][/COLOR][COLOR=red][B]mai jos)[/B][/COLOR] 004010B4 > 33DB XOR EBX,EBX [COLOR=red][B]; ebx = 0[/B][/COLOR] 004010B6 . 33F6 XOR ESI,ESI [COLOR=red][B]; esi = 0[/B][/COLOR] 004010B8 . 833D 73214000 10 CMP DWORD PTR DS:[402173],10 [COLOR=red][B]; compara 402173 cu 10[/B][/COLOR] [B][color=blue]004010BF . 7C 36 JL SHORT reverseM.004010F7[/B][/color] [COLOR=red][B]; JL S-FLAG? 0 -- SARE! nu vrem asta -- duce la bad boy ; 004010F7 ca mai [/B][/COLOR][COLOR=red][B]sus == BAD BOY![/B][/COLOR] 004010C1 > 8A83 1A214000 MOV AL,BYTE PTR DS:[EBX+40211A] [COLOR=red][B]; 8byte registru AL == valorea lui EBX+valorea lui (00)40211A[/B][/COLOR] 004010C7 . 3C 00 CMP AL,0 [COLOR=red][B]; compara AL cu 0[/B][/COLOR] [B][color=brown]004010C9 . 74 08 JE SHORT reverseM.004010D3[/color][/B] [COLOR=red][B]; JE ! Jump if equal -- se bazeaza pe comparatia cu AL; CMP AL,0 a setat [/B][/COLOR][COLOR=red][B]flag-ul Z! (zero flag) si este 1 ! SARE la 004010D3 == nu duce catre [/B][/COLOR][COLOR=red][B]bad boy, e de-al nostru jump-ul[/B][/COLOR] 004010CB . 3C 47 CMP AL,47 [COLOR=red][B]; neinteresant fiindca EIP == 004010D3 din cauza JE-ului anterior! vezi mai [/B][/COLOR][COLOR=red][B]jos[/B][/COLOR] 004010CD . 75 01 JNZ SHORT reverseM.004010D0 [COLOR=red][B]; scroll down![/B][/COLOR] 004010CF . 46 INC ESI [COLOR=red][B]; down[/B][/COLOR] 004010D0 > 43 INC EBX [COLOR=red][B]; own[/B][/COLOR] 004010D1 .^ EB EE JMP SHORT reverseM.004010C1 [COLOR=red][B]; wn[/B][/COLOR] 004010D3 > 83FE 08 CMP ESI,8 [COLOR=red][B]; n! am ajuns. CMP ESI cu 8[/B][/COLOR] [B][color=blue]004010D6 . 7C 1F JL SHORT reverseM.004010F7[/color][/B] [COLOR=red][B]; OUPS! ESI != 8 ; "jump is taken" S-flag este 0 datorita compare-ului; [/B][/COLOR][COLOR=red][B]unde duce? BAD BOY! adica 004010F7 (de retinut! in acest reverseme, [/B][/COLOR][COLOR=red][B]Virtual Address (VA):004010F7 este badboy ! S-flag == 1 => jump is not [/B][/COLOR][COLOR=red][B]taken[/B][/COLOR] [B][color=green]004010D8 . E9 28010000 JMP reverseM.00401205[/color][/B] [COLOR=red][B]; jump neconditional -- duce la 00401205 ; ce este acolo?see for[/B][/COLOR][COLOR=red][B] yourself![/B][/COLOR] 004010DD 00 DB 00 004010DE . 00000000 DD 00000000 004010E2 00 DB 00 004010E3 00 DB 00 004010E4 00 DB 00 004010E5 00 DB 00 004010E6 00 DB 00 004010E7 00 DB 00 004010E8 00 DB 00 004010E9 00 DB 00 004010EA 00 DB 00 004010EB 00 DB 00 004010EC 00 DB 00 004010ED 00 DB 00 004010EE 00 DB 00 004010EF 00 DB 00 004010F0 00 DB 00 004010F1 00 DB 00 004010F2 00 DB 00 004010F3 00 DB 00 004010F4 00 DB 00 [B][color=blue]004010F5 . EB 00 JMP SHORT reverseM.004010F7[/B][/color] 004010F7 > 6A 00 PUSH 0 ; |/Style = MB_OK|MB_APPLMODAL 004010F9 . 68 00204000 PUSH reverseM.00402000 ; ||Title = " Key File ReverseMe" 004010FE . 68 86204000 PUSH reverseM.00402086 ; ||Text = "Keyfile is not valid. Sorry." [COLOR=red][B]; al doilea bad boy![/B][/COLOR] 00401103 . 6A 00 PUSH 0 ; ||hOwner = NULL 00401105 . E8 5D020000 CALL <JMP.&USER32.MessageBoxA> ; |\MessageBoxA 0040110A . E8 AA010000 CALL <JMP.&KERNEL32.ExitProcess> ; \ExitProcess 0040110F . E9 09010000 JMP reverseM.0040121D

Am facut un log finder. Loguri apar in fiecare zi. http://five.eu5.org/corect

gata am descoperit e un plugin Redfield Fractalius ia link Redfield_Fractalius_1.50.rar Ex: ii mai modifici tu setarile pe acolo, bagi tu niste nuante de albastru sau ce culori vrei.... si gata PSD Untitled-2.psd

mult mai multe surse, cautare avansata dupa data, host, etc.

The 2011 Best packs of IPAD - IPHONE Game & AppsEnglish | The 2011 Best packs of IPAD - IPHONE Game & Apps | 2.47 GB The Most populer (cracked) Ipad - Iphone Game and Apps until 22 April 2011 Your Ipad must be jailbreaked first.. List: Aralon HD-v3.4 Book.of.magic.v2 Dungeon.Defenders.First.Wave-v5.0 Eternal.Legacy.HD-v1.0.0 Google Books-v1.1.0.2247 Google Earth-v3.2 Introduction A-v2.0 Knights Aliens Prophetic LittleStar-v1.0 Mercury-v4.3.1 Notes Plus-v2.3 Papers-v1.9.5 Photo Cookbook-v19 Piano C.-v1.1 RSSPlayer-v2.3.0- SelfClassics-v4.0 Super Kamasutra HD-v1.1 World_History WorldConquest APPS 2011.part1.rar APPS 2011.part2.rar APPS 2011.part3.rar APPS 2011.part4.rar APPS 2011.part5.rar APPS 2011.part6.rar

Sql Poizon v1.1 - Sqli Exploit Scanner, Search Hunter, Injection Builder Tool Nu l-am descarcat, nu l-am incercat, nu stiu daca e infectat, executati pe riscul vostru. Greetings All, After a very successfull release of Sql Poizon v1.0, The Exploit Scanner Tool, I am hereby introducing you with the new release which is more handy. It has new features as well as bug fixes from the older release. Please take a look for it below: New Features: "Look n Feel" is more attractive now. Rich "Context Menu" items. "Results" contain checkboxes to enable selection. "Selected Dork" box is editable now for user convenience. Built-in Browser for "Injection Builder" to check the impact of injection. "Text Bucket" available for "Injection Builder" to save extra data. "Insert Order By" button is added to "Injection Builder". "Internet Browser" with Snapshot and HTML DOM Tree. Bug Fixes: It wont get stucked after pressing the stop button. Just a minor wait can occur which is okay. Progress bar for "Crawler" has been fixed. It will show correct progress now. Error on importing file is fixed now. You can import files from other directories as well. "Searchqu" shows invalid results. It is fixed now. Sql Poizon v1.1 - Sqli Exploit Scanner, Search Hunter, Injection Builder Tool Author: p0!z0neR Download: http://rapidshare.com/files/440158132/Sql_Poizon_v1.1_-_Sqli_Exploit_Scanner_Tool.rar Sursa: Hack Forums

Mesaje gratis pentru bautorii competenti de palinca sau bauturi mai tari. PM me pentru parola. http://five.eu5.org/showergel/ Nu dati parola la copii!

Nu posta?i aiurea dac? nu ave?i de gând s? citi?i tot postul Thanks Aceast? versiune de Anti SS nu este public? deoarece are ceva în plus fa?? de celelalte ?i anume Aimbot-ul. Ar fi p?cat ca toat? lumea s? devin? expert? peste noapte în ale CS-ului. V? rog frumos s? citi?i tot pentru a ?ti cum o pute?i ob?ine ?i ce "este de capul ei". (pentru cei interesa?i) Despre Anti SS + Aimbot: AIMBOT-UL: Aimbot-ul nu poate fi observat de c?tre spectatori deoarece el nu face ca ?inta s? tremure/s? sar? ?i v? explic ?i de ce. ?inta v-a avea o mi?care ordonat?, se v-a duce spre inamic din aproape în aproape, nu v-a s?ri direct pe inamic, deci dac? un admin se v-a uita pe voi, v-a vedea doar "skill". Aimbot-ul trage la mai multe p?r?i a corpului, acestea schimbându-se automat. WALLHACK-UL: Wallhack-ul este la fel ca la cealalt? versiune FREE pe care o pute?i downloada de aici. El se dezactiveaz? când un admin v? face poze iar pozele vor ie?i "CURATE". În folder vor ap?rea pozele astfel - > S? spunem c? un admin v? face 4 poze, în "cstrike" folder vor ap?rea 5 poze, prima având WALLHACK ON, restu de 4 pe care vi le-a f?cut adminu' vor fi curate. Func?ioneaz? pe orice versiune de Counter-Strike 1.6 ?i pe Steam, nedetectabile de VAC. Modul de ob?inere: Acest Hack nu este gratis el se poate cump?ra numai ?i numai de la mine. Pre?ul este de 5€ pe Cosmote. (doar cod de reînc?rcare) Dac? sunte?i interesa?i trimite?i un PM sau m? g?si?i pe mess la adresa: omg_ah1n1 @ yahoo.com