Leaderboard

Calmeaza-te putin, poate faci vreun atac de panica de la atata ura. Pana una-alta, Ionut Cernica este utilizator VIP pe RST si nu mi se pare normal sa fie ironizat aiurea pe forum. Asa cum tu zici de el ca se rezuma doar la vectori XSS, noi putem concluziona (gresit?) despre tine ca nu stii altceva in afara de comenzi unix, nu? Ti-am dat ban 3 zile, poate lasi critica pentru carcotasi si revii la activitati productive. Securitatea IT e un domeniu suficient de vast incat o persoana sa nu-l poata acoperi in intregime. Scopul conferintelor de acest gen este sa invatam cate ceva de la cei care prezinta din ariile in care ei exceleaza, nu sa aruncam cu rosii in ei pentru ca au lacune in alte arii. Ramaneti on-topic.

Imagine, You Open a Winrar archive of MP3 files, but what if it will install a malware into your system when you play anyone of them. WinRAR, a widely used file archiver and data compression utility helps hackers to distribute malicious code. Israeli security researcher Danor Cohen (An7i) discovered the WinRAR file extension spoofing vulnerability. WinRAR file extension spoofing vulnerability allows hackers to modify the filename and extension inside the traditional file archive, that helps them to hide binary malicious code inside an archive, pretending itself as '.jpg' , '.txt' or any other format. Using a Hex editor tool, he analysed a ZIP file and noticed that winrar tool also adds some custom properties to an archive, including two names - First name is the original filename (FAX.png) and second name is the filename (FAX.png) that will appear at the WINRAR GUI window. Danor manipulated the second filename and extension to prepare a special ZIP archive, that actually include a malware file "FAX.exe", but displaying itself as "FAX.png" to the user. Cyber intelligence company, IntelCrawler also published a report, which revealed that cybercriminals specialized in cyber espionage attacks are using this zero-day vulnerability in the wild to target several aerospace corporations, military subcontractors, embassies, as well as Fortune Global 500 companies. Using this technique, an attacker can drop any malware in very convincing manner to the victim's system. "Using this method the bad actors bypass some specific security measures including e-mail server’s antivirus systems" IntelCrawler said. Danor successfully exploited winrar version 4.20, and IntelCrawler confirmed that the vulnerability also works on all WinRar versions including v.5.1. HOW TO CREATE EXPLOITABLE ZIP FILE? A video demonstration has been prepared by Indian Security Researcher Ajin Abraham, shown below: "One of the chosen tactics includes malicious fake CV distribution and FOUO (For Official Use Only)-like documents, including fax scanned messages" Using social engineering techniques, attacker are targeting high profile victims with spear phishing mails, "Most of sent malicious attachments are hidden as graphical files, but password protected in order to avoid antivirus or IDS/IPS detection." IntelCrawler reported. In above example, the Malware archive file was password protected to avoid antivirus detection, used in an ongoing targeted cyber espionage campaign. Researchers found Zeus-like Trojan as an attachment, which has ability to establish remote administration channel with the infected victim, gather passwords and system information, then send the collected and stolen data to the Command & Control server hosted in Turkey (IP 185.9.159.211, Salay Telekomünikasyon). Users are advised to use an alternative archiving software and avoid opening archives with passwords even if it has legitimate files. Source

O clasa pentru cei ce vor sa comande Winamp-ul din VB6. Download : GirlShare - Download [VB6] Winamp Class.rar Nu stiu cine a scris-o initial, ale mele fiind doar ultimele 2 functii.

"Ala" lucreaza in domeniul INFOSEC de ceva vreme, se implica si in bounty-uri, castiga un ban cinstit si mai incearca sa impartaseasca informatii misto intr-o comunitate care si asa e mica si divizata (exemple distructive: tu, 911). Tu cu ce te lauzi?

Salut in acest topic o sa pun eBook-uri despre monetizare, seo, it, securitate si multe altele. Majoritatea cartiilor sunt "cumparate" de pe HF si Warriors deci nu va asteptati la prea multe de la ele oricum unele pe mine chiar m-au ajutat. In cazul in care aveti si alte carti care credeti ca ar trebui adaugate la lista va rog sa imi trimiteti un pm. # - SECURITATE & IT - # DFIRCON APT Malware Analysis DFIRCON APT Malware Analysis - Part 2 Vulnerabilitati Web si securizarea acestora v1.0 [Romanian] Formatul Fisierelor PE (Portable Executable) Complete Cross-site Scripting Walkthrough Using XSS to bypass CSRF protection Stack Smashing On A Modern Linux System Backdooring PDF Files! 100% Working Method # - Monetizare - # Income Nuke | Newbie Friendly // Start Earning $500 Daily Make 6-Figures In 2014 | Get A Residual Income Of $5k+/Month $720 IN 2 DAYS OR FULL REFUND >>>> Profit Creator <17/21 Copies! Get Unlimited Hitleap Minutes |No hack| |No exploit| |2.99$ LIMITED TIME| Instant CPA Domination WP Lead Grab [NEW] MAKE IT FREE - GAMEKEYS - 80% !!! [HACKFORUMS LEAK] EpicWin CPAHow to Write Letters That Sell Frank Kern – The Invisible Offer Affiliate Cash Authority Crypto Excavation CPA Hypnotist Mobile CPA Crusher Instant CPA Domination Verspil's Facebook CPA Money Making Method Efficient Monetizing | How I made $1900+ In One Weekend | Unsaturated | Auto-Buy [bH] # - INTERNET MARKETING & SEO - # Internet Marketing Power Tools Blackbook (Recommended)The Ultimate SEO ChecklistInstant Video Traffic Formula STOP BUYING TRAFFIC NOW...!!! Get thousands of instant visitors for FREE! Straight Line Passive Amazon CommissionsUntapped Authority Backlinks Covert Social Press SEO 301 Method Learn SEO in An Hour Point Blank SEO # - OTHERS - # How to SE Apple [2 in 1 Method] Offline Client Sniffer Seven Minute Video Sales Letter Xbox Live Account Stealing + Doxing Method [EASY] [sIMPLE] ???[sE] Get free Beats By Dre for Free!??? Ultimate Guide to Dropshipping Unique Instagram Business Model 14 Banned eBooks - About drugs method to get free trial vps 2 weeks by starsat1200 FOR EDUCATIONAL PURPOSES ONLY Tin sa mentionez ca sunt constient ca unele ebook-uri au niste title-uri de tot rahatul deci va rog frumos sa nu ma luati pe mine la pula din moment ce nu sunt eu autorul. O sa fac un update la thread zilnic.

Ai venit din nou cu conferintele tale de rahat?

Salut , vreau sa vand un cont de steam , daca ma puteti ajuta cu gasierea clientului raman dator. Steam Community :: Jamaica Acesta e contul , daca sunteti interesati lasati un pm.