Leaderboard

Descarcati: https://github.com/nishad/udemy-dl-windows/releases Creati un cont nou pe udemy, nu conteaza ce email folositi pentru ca nu trebuie verificat Deschideti cursul dorit si apasati pe Start Free Preview (apare sub Take This Course) Rulati programul astfel: udemy-dl.exe -u email -p pass <link catre curs> Screenshots pentru cei batuti in cap: Spor la invatat

Source: https://heimdalsecurity.com/blog/security-alert-mazar-bot-active-attacks-android-malware/ Felicitari lui Andra Zaharia! Our team at Heimdal Security has recently analyzed a text message sent to random mobile numbers. The Geographical extent is so far unknown, so please exercise caution. The SMS / MMS in question arrives with the following contents (sanitized by Heimdal Security): You have received a multimedia message from +[country code] [sender number] Follow the link http: //www.mmsforyou [.] Net / mms.apk to view the message. If the APK (which is a program file for Android) is run on an Android-powered smartphone, then it will gain administrator rights on the victim’s device. This will allow the attackers to: SEND_SMS RECEIVE_BOOT_COMPLETED INTERNET SYSTEM_ALERT_WINDOW WRITE_SMS ACCESS_NETWORK_STATE WAKE_LOCK GET_TASKS CALL_PHONE RECEIVE_SMS READ_PHONE_STATE READ_SMS ERASE_PHONE Our team has identified the malicious APK to be the Mazar Android BOT, a threat also that Recorded Future spotted in November 2015. The malicious packet (APK) retrieves TOR and installs it on the victim’s phone via the following harmless URLs: https: //f-droid.org/repository/browse/?fdid=org.torproject.android https: //play.google.com/store/apps/details?id=org.torproject.android In the next phase of the attack, the infection will unpack and run the TOR application, which will then be used to connect to the following server: http: // pc35hiptpcwqezgs [.] Onion. After that, an automated SMS will be sent to the number 9876543210 (+98 is the country code for Iran) with the text message: “Thank you”. The catch is that this SMS also includes the device’s location data. This specific mobile malware opens the doors to all kinds of malicious consequences for the victim. Attackers can: Open a backdoor into Android smartphones, to monitor and control them as they please; Send SMS messages to premium channel numbers, seriously increasing the victim’s phone bill; Read SMS messages, which means they can also read authentication codes sent as part of two-factor authentication mechanisms, used also by online banking apps and ecommerce websites; Use their full access to Android phones to basically manipulate the device to do whatever they want. And it gets worse. The attackers behind Mazar BOT also implemented the “Polipo proxy“, which gives them additional access to even more Android functionalities. Polipoid brings the Polipo HTTP proxy to Android. Polipo lets you do useful things such as cache web pages for offline access and should generally speed up browsing a little. Source: Github Through this proxy, cyber criminals can change the traffic and interpose themselves between the victim’s phone and a web-based service. This effectively becomes a Man-in-the-Middle attack. Here’s how it happens: Data is copied to your phone as mp3 files: 122.933 polipo.mp3 1,885,100 tor.mp3 Then, the proxy is configured as you can see below: 174.398 debiancacerts.bks 574 torpolipo.conf 879 torpolipo_old.conf 212 torrc 276 torrc_old For those technically inclined, the configuration of the TOR proxy will seem quite straightforward: proxy address = “127.0.0.1” proxy port = 8118 allowedClients = 127.0.0.1 allowedPorts = 1-65535 proxy name = “127.0.0.1” cacheIsShared = false socksParentProxy = “127.0.0.1:9050” socksProxyType = socks5 diskCacheRoot = “” localDocumentRoot = “” disableLocalInterface = true disableConfiguration = true dnsUseGethostbyname = yes disableVia = true from, accept-language, x-pad link censor referer = maybe maxConnectionAge = 5m maxConnectionRequests = 120 serverMaxSlots = 8 server slots = 2 tunnelAllowedPorts = 1-65535 chunkHighMark = 11000000 object high mark = 128 As if it weren’t enough that it can stop calls and launch other aggressive commands on the victim’s phone, Mazar BOT is also capable of injecting itself into Chrome. And there are several other settings and commands that Mazar BOT can trigger, as showcased below. These include: Controlling the phone’s keys Enabling the sleep mode Save actions in the phone’s settings, etc. Our team was not surprised to observe that the malware cannot be installed on smartphones running Android with the Russian language option. Mazar BOT will check the phone to identify the victim’s country and this will stop the malicious APK if the targeted phone turns out to be owned by a Russian user: locale.getCountry () equalsIgnoreCase ( “RU”)) Process.killProcess (Process.myPid ()); Until now, Mazar BOT has been advertised for sale on several websites on the Dark Web, but this is the first time we’ve seen this code be abused in active attacks. Attackers may be testing this new type of Android malware to see how they can improve their tactics and reach their final goals, which probably is making more money (as always). We can expect this malware to expand its reach, also because of its ability to remain covert by using TOR to hide its communication. As you may have anticipated, antivirus detection of the malicious APK is very low: 3/54 on VirusTotal. There are a few things you can do to keep your phone safe from Mazar BOT, and we recommend you take a moment now to verify and adjust these settings. 1. First of all, NEVER click on links in SMS or MMS messages on your phone. Android phones are notoriously vulnerable and current security product dedicated to this OS are not nearly as effective as they are on computers. 2. Go to Settings > Security and make sure this option is turned OFF: „Unknown Sources – Allow installation of apps from sources other than the playstore.” 3. Install a top antivirus for Android. It may not be enough to protect your phone, but it’s certainly good to have. You can find top-rated options in this article. 4. Do not connect to unknown and unsecured Wi-Fi hotspots. There are plenty of dangers lurking out there, and following some common-sense steps to keep yourself safe from them is the best thing to do. Also, keep your Wi-Fi turned OFF when you don’t use it. 5. Install a VPN on your smartphone and use constantly. It’s good for both your privacy and your security. 6. Maintain a cautious attitude at all times. Android security has not kept up with the high adoption rate of smartphones running the OS, and users may have to wait a long time until better security solutions appear. Until then, a careful evaluation of what happens on your phone is a very good safeguard.

Mai du-te ma in pula noastra cu threadurile astea de cacat.

Ne lasi bre cu rahaturile astea? bine ca pui semnatura cu font cat scula calului pentru un link de ref. Sa postezi ceva acatarea nu te duce mintea.

Salutare, Sper sa fie de folos cuiva: https://drive.google.com/folderview?id=0B5RHHIY8-fgGT1UwNmp2T3IwRDQ&usp=drive_web https://drive.google.com/folderview?id=0B5RHHIY8-fgGYVNObU0wdl9sS0k&usp=drive_web Have Funk!

Exista sintaxa colorata insa nu merge cum ar trebui. Le-am raportat problema si sper sa o rezolv in curand, insa boschetii astia tot imi cer acces FTP si de admin si le zic de fiecare data ca nu le dau Cred ca pot ascunde textul din spoilers pentru Guests, doar ca nu am vazut sa se foloseasca prea mult. Edit: Am pus "Allowed CSS classes", ceva clase, si pare sa mearga cat de cat. Nu stiu daca e complet functional sau trebuie sa mai adaug si altele, dar e cat de cat ok.

REcon 2015 Link:

Cel mai mult conteaza parola, nu algoritmul de criptare. AES-256 e foarte sigur si rapid, nu are rost sa incetinesti tot procesul folosind twofish si serpent.

A curated list of awesome Windows Exploitation resources, and shiny things. Table of Contents Windows stack overflows Windows heap overflows Kernel based Windows overflows Windows memory protections Bypassing filter and protections Typical windows exploits Exploit development tutorial series Corelan Team Fuzzysecurity Securitysift Tools Windows stack overflows Stack Base Overflow Articles. Win32 Buffer Overflows (Location, Exploitation and Prevention) - by dark spyrit [1999] Writing Stack Based Overflows on Windows - by Nish Bhalla’s [2005] Windows heap overflows Heap Base Overflow Articles. Third Generation Exploitation smashing heap on 2k - by halvar Flake [2002] Exploiting the MSRPC Heap Overflow Part 1 - by Dave Aitel (MS03-026) [September 2003] Exploiting the MSRPC Heap Overflow Part 2 - by Dave Aitel (MS03-026) [September 2003] windows heap overflow penetration in black hat - by David litchfield [2004] Kernel based Windows overflows Kernel Base Exploit Development Articles. how to attack kernel based vulns on windows was done - by a Polish group called “sec-labs” [2003] sec-lab old whitepaper sec-lab old exploit Windows Local Kernel Exploitation (based on sec-lab research) - by S.K Chong [2004] How to exploit Windows kernel memory pool - by SoBeIt [2005] exploiting remote kernel overflows in windows - by eeye security Kernel-mode Payloads on Windows in uninformed - by matt miller Exploiting 802.11 Wireless Driver Vulnerabilities on Windows BH US 2007 Attacking the Windows Kernel Remote and Local Exploitation of Network Drivers Exploiting Comon Flaws In Drivers I2OMGMT Driver Impersonation Attack Real World Kernel Pool Exploitation exploit for windows 2k3 and 2k8 nalyzing local privilege escalations in win32k Intro to Windows Kernel Security Development There’s a party at ring0 and you’re invited Windows kernel vulnerability exploitation Windows memory protections Windows memory protections Introduction Articles. Data Execution Prevention /GS (Buffer Security Check) /SAFESEH ASLR SEHOP Bypassing filter and protections Windows memory protections Bypass Methods Articles. Third Generation Exploitation smashing heap on 2k - by halvar Flake [2002] chris anley wrote Creating Arbitrary Shellcode In Unicode Expanded Strings Dave aitel advanced windows exploitation - [2003] Defeating the Stack Based Buffer Overflow Prevention Mechanism of Microsoft Windows 2003 Server - by david litchfield reliable heap exploits and after that Windows Heap Exploitation (Win2KSP0 through WinXPSP2) - by matt Conover in cansecwest 2004 Safely Searching Process Virtual Address Space - by matt miller [2004] IE exploit and used a technology called Heap Spray bypassing hardware-enforced DEP - by skape (matt miller) and Skywing (ken johnson) [October 2005] Exploiting Freelist[0] On XP Service Pack 2 - by brett moore [2005] Kernel-mode Payloads on Windows in uninformed Exploiting 802.11 Wireless Driver Vulnerabilities on Windows Exploiting Comon Flaws In Drivers Heap Feng Shui in JavaScript by Alexander sotirov [2007] Understanding and bypassing Windows Heap Protection - by Nicolas Waisman [2007] Heaps About Heaps - by brett moore [2008] Bypassing browser memory protections in Windows Vista - by Mark Dowd and Alex Sotirov [2008] Attacking the Vista Heap - by ben hawkes [2008] Return oriented programming Exploitation without Code Injection - by Hovav Shacham (and others ) [2008] Token Kidnapping and a super reliable exploit for windows 2k3 and 2k8 - by Cesar Cerrudo [2008] Defeating DEP Immunity Way - by Pablo sole [2008] Practical Windows XP2003 Heap Exploitation - by John McDonald and Chris Valasek [2009] Bypassing SEHOP - by Stefan Le Berre Damien Cauquil [2009] Interpreter Exploitation : Pointer Inference and JIT Spraying - by Dionysus Blazakis[2010] write-up of Pwn2Own 2010 - by Peter Vreugdenhil all in one 0day presented in rootedCON - by ruben santamarta [2010] DEP/ASLR bypass using 3rd party - by Shahin Ramezany [2013] Typical windows exploits real-world HW-DEP bypass Exploit - by devcode bypassing DEP by returning into HeapCreate - by toto first public ASLR bypass exploit by using partial overwrite - by skape heap spray and bypassing DEP - by skylined first public exploit that used ROP for bypassing DEP in adobe lib TIFF vulnerability exploit codes of bypassing browsers memory protections PoC’s on Tokken TokenKidnapping . PoC for 2k3 -part 1 - by Cesar Cerrudo PoC’s on Tokken TokenKidnapping . PoC for 2k8 -part 2 - by Cesar Cerrudo an exploit works from win 3.1 to win 7 - by Tavis Ormandy KiTra0d old ms08-067 metasploit module multi-target and DEP bypass PHP 6.0 Dev str_transliterate() Buffer overflow – NX + ASLR Bypass SMBv2 Exploit - by Stephen Fewer Exploit development tutorial series Exploid Development Tutorial Series Base on Windows Operation System Articles. Corelan Team Exploit writing tutorial part 1 : Stack Based Overflows Exploit writing tutorial part 2 : Stack Based Overflows – jumping to shellcode Exploit writing tutorial part 3 : SEH Based Exploits Exploit writing tutorial part 3b : SEH Based Exploits – just another example Exploit writing tutorial part 4 : From Exploit to Metasploit – The basics Exploit writing tutorial part 5 : How debugger modules & plugins can speed up basic exploit development Exploit writing tutorial part 6 : Bypassing Stack Cookies, SafeSeh, SEHOP, HW DEP and ASLR Exploit writing tutorial part 7 : Unicode – from 0x00410041 to calc Exploit writing tutorial part 8 : Win32 Egg Hunting Exploit writing tutorial part 9 : Introduction to Win32 shellcoding Exploit writing tutorial part 10 : Chaining DEP with ROP – the Rubik’s Cube Exploit writing tutorial part 11 : Heap Spraying Demystified Fuzzysecurity Part 1: Introduction to Exploit Development Part 2: Saved Return Pointer Overflows Part 3: Structured Exception Handler (SEH) Part 4: Egg Hunters Part 5: Unicode 0x00410041 Part 6: Writing W32 shellcode Part 7: Return Oriented Programming Part 8: Spraying the Heap [Chapter 1: Vanilla EIP] Part 9: Spraying the Heap [Chapter 2: Use-After-Free] Securitysift Windows Exploit Development – Part 1: The Basics Windows Exploit Development – Part 2: Intro to Stack Based Overflows Windows Exploit Development – Part 3: Changing Offsets and Rebased Modules Windows Exploit Development – Part 4: Locating Shellcode With Jumps Windows Exploit Development – Part 5: Locating Shellcode With Egghunting Windows Exploit Development – Part 6: SEH Exploits Windows Exploit Development – Part 7: Unicode Buffer Overflows Tools Disassemblers, debuggers, and other static and dynamic analysis tools. angr - Platform-agnostic binary analysis framework developed at UCSB's Seclab. BARF - Multiplatform, open source Binary Analysis and Reverse engineering Framework. binnavi - Binary analysis IDE for reverse engineering based on graph visualization. Bokken - GUI for Pyew and Radare. Capstone - Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages. codebro - Web based code browser using clang to provide basic code analysis. dnSpy - .NET assembly editor, decompiler and debugger. Evan's Debugger (EDB) - A modular debugger with a Qt GUI. GDB - The GNU debugger. GEF - GDB Enhanced Features, for exploiters and reverse engineers. hackers-grep - A utility to search for strings in PE executables including imports, exports, and debug symbols. IDA Pro - Windows disassembler and debugger, with a free evaluation version. Immunity Debugger - Debugger for malware analysis and more, with a Python API. ltrace - Dynamic analysis for Linux executables. objdump - Part of GNU binutils, for static analysis of Linux binaries. OllyDbg - An assembly-level debugger for Windows executables. PANDA - Platform for Architecture-Neutral Dynamic Analysis PEDA - Python Exploit Development Assistance for GDB, an enhanced display with added commands. pestudio - Perform static analysis of Windows executables. Process Monitor - Advanced monitoring tool for Windows programs. Pyew - Python tool for malware analysis. Radare2 - Reverse engineering framework, with debugger support. SMRT - Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis. strace - Dynamic analysis for Linux executables. Udis86 - Disassembler library and tool for x86 and x86_64. Vivisect - Python tool for malware analysis. X64dbg - An open-source x64/x32 debugger for windows.

Mai revin URL-urile gen /forum/ceva-si-altceva.rst cum erau pe VB ? Eventual se poate face un replace in posturi la link-urile vechi sa te duca la link-ul corect ? Foarte bun IPB-ul asta, ai mult mai multe optiuni

nu mai citi coaie, citeste carti, te fac neprost.

Am descoperit un site online de unde puteti da flood direct din siteul web,online: Edit:nu l-am testat http://quezstresser.com/