Leaderboard

Dă-o dracului! Lași beta legată de prod și nu impui limite la tentativele eșuate. Rezultatul: 15 mii dintr-un foc. http://thehackernews.com/2016/03/hack-facebook-account.html

Descarcati: https://github.com/nishad/udemy-dl-windows/releases Creati un cont nou pe udemy, nu conteaza ce email folositi pentru ca nu trebuie verificat Deschideti cursul dorit si apasati pe Start Free Preview (apare sub Take This Course) Rulati programul astfel: udemy-dl.exe -u email -p pass <link catre curs> Screenshots pentru cei batuti in cap: Spor la invatat

Erau nu de mult unii pe aici care cereau idei de facut bani online. Navigand pe unele TOR markets, am vazut ca se cauta DeadDrops (DD), care necesita munca online si offline - se imbina plimbarile in aer liber/natura cu online-ul Pentru cei carora nu au alte solutii de munca sau ii intereseaza domeniul, m-am gandit sa dau un copy-paste (de pe un market numit Outlaw insa sunt si altele asemanatoare) la ceea ce presupune. Daca va surade ideea... "succesuri"! http://pastebin.com/PVSny8Cr http://pastebin.com/nvUFET8R

Announcing SQL Server on Linux Posted March 7, 2016 By Scott Guthrie - Executive Vice President, Cloud and Enterprise Group, Microsoft It’s been an incredible year for the data business at Microsoft and an incredible year for data across the industry. This Thursday at our Data Driven event in New York, we will kick off a wave of launch activities for SQL Server 2016 with general availability later this year. This is the most significant release of SQL Server that we have ever done, and brings with it some fantastic new capabilities. SQL Server 2016 delivers: Groundbreaking security encryption capabilities that enable data to always be encrypted at rest, in motion and in-memory to deliver maximum security protection In-memory database support for every workload with performance increases up to 30-100x Incredible Data Warehousing performance with the #1, #2 and #3 TPC-H 10 Terabyte benchmarks for non-clustered performance, and the #1 SAP SD Two-Tier performance benchmark on windows Business Intelligence for every employee on every device – including new mobile BI support for iOS, Android and Windows Phone devices Advanced analytics using our new R support that enables customers to do real-time predictive analytics on both operational and analytic data Unique cloud capabilities that enable customers to deploy hybrid architectures that partition data workloads across on-premises and cloud based systems to save costs and increase agility These improvements, and many more, are all built into SQL Server and bring you not just a new database but a complete platform for data management, business analytics and intelligent apps – one that can be used in a consistent way across both on-premises and the cloud. In fact, over the last year we’ve been using the SQL Server 2016 code-base to run in production more than 1.4 million SQL Databases in the cloud using our Azure SQL Database as a Service offering, and this real-world experience has made SQL Server 2016 an incredibly robust and battle-hardened data platform. Gartner recently named Microsoft as leading the industry in their Magic Quadrant for Operational Database Management Systems in both execution and vision. We’re also a leader in Gartner’s Magic Quadrant for Data Warehouse and Data Management Solutions for Analytics, and Magic Quadrant for Business Intelligence and Analytics Platforms, as well as leading in vision in the Magic Quadrant for Advanced Analytics Platforms. Extending SQL Server to Also Now Run on Linux Today I’m excited to announce our plans to bring SQL Server to Linux as well. This will enable SQL Server to deliver a consistent data platform across Windows Server and Linux, as well as on-premises and cloud. We are bringing the core relational database capabilities to preview today, and are targeting availability in mid-2017. SQL Server on Linux will provide customers with even more flexibility in their data solution. One with mission-critical performance, industry-leading TCO, best-in-class security, and hybrid cloud innovations – like Stretch Database which lets customers access their data on-premises and in the cloud whenever they want at low cost – all built in. “This is an enormously important decision for Microsoft, allowing it to offer its well-known and trusted database to an expanded set of customers”, said Al Gillen, group vice president, enterprise infrastructure, at IDC. “By taking this key product to Linux Microsoft is proving its commitment to being a cross platform solution provider. This gives customers choice and reduces the concerns for lock-in. We would expect this will also accelerate the overall adoption of SQL Server.” “SQL Server’s proven enterprise experience and capabilities offer a valuable asset to enterprise Linux customers around the world,” said Paul Cormier, President, Products and Technologies, Red Hat. “We believe our customers will welcome this news and are happy to see Microsoft further increasing its investment in Linux. As we build upon our deep hybrid cloud partnership, spanning not only Linux, but also middleware, and PaaS, we’re excited to now extend that collaboration to SQL Server on Red Hat Enterprise Linux, bringing enterprise customers increased database choice.” “We are delighted to be working with Microsoft as it brings SQL Server to Linux,” said Mark Shuttleworth, founder of Canonical. “Customers are already taking advantage of Azure Data Lake services on Ubuntu, and now developers will be able to build modern applications that utilize SQL Server’s enterprise capabilities.” Bringing SQL Server to Linux is another way we are making our products and new innovations more accessible to a broader set of users and meeting them where they are. Just last week, we announced our agreement to acquire Xamarin. Recently, we alsoannounced Microsoft R Server , our technologies based on our acquisition of Revolution Analytics, with support for Hadoop and Teradata. The private preview of SQL Server on Linux is available starting today and we look forward to working with the community, our customers and our partners to bring it to market. Please join me Satya Nadella, Joseph Sirosh and Judson Althoff at our Data Driven event on Thursday to hear more about this news and how Microsoft is helping customers transform their business using data. Thanks, Scott Sursa: https://blogs.microsoft.com/blog/2016/03/07/announcing-sql-server-on-linux/

The Art of Assembly Language The Art of Assembly Language ................................................................. 1 Volume One: .............................................................................................. 1 Data Representation ................................................................................... 1 Chapter One Foreward ................................................................................ 3 Chapter Two Hello, World of Assembly Language ................................... 11 Chapter Three Data Representation ............................................................ 43 Chapter Four More Data Representation .................................................... 77 Chapter Five ............................................................................................... 109 Chapter Five Questions, Projects, and Lab Exercises ................................. 109 Volume Two: ............................................................................................. 129 Machine Architecture ................................................................................. 129 Chapter One System Organization .............................................................. 131 Chapter Two Memory Access and Organization ........................................ 151 Chapter Three Introduction to Digital Design ............................................ 195 Chapter Four CPU Architecture .................................................................. 225 Chapter Five Instruction Set Architecture .................................................. 261 Chapter Six Memory Architecture .............................................................. 293 Chapter Seven The I/O Subsystem ............................................................. 315 Chapter Eight Questions, Projects, and Labs .............................................. 341 Volume Three: ........................................................................................... 375 Basic Assembly Language ......................................................................... 375 Chapter One Constants, Variables, and Data Types .................................. 377 Chapter Two Introduction to Character Strings .......................................... 401 Chapter Three Characters and Character Sets ............................................ 421 Chapter Four Arrays ................................................................................... 445 Chapter Five Records, Unions, and Name Spaces ...................................... 465 Chapter Six Dates and Times ...................................................................... 481 Chapter Seven Files .................................................................................... 497 Chapter Eight Introduction to Procedures ................................................... 521 Chapter Nine Managing Large Programs ................................................... 549 Chapter Ten Integer Arithmetic .................................................................. 567 Chapter Eleven Real Arithmetic ................................................................. 591 Chapter Twelve Calculation Via Table Lookups ........................................ 625 Chapter Thirteen Questions, Projects, and Labs ......................................... 641 Volume Four: ............................................................................................. 703 Intermediate Assembly Language .............................................................. 703 Chapter One Advanced High Level Control Structures ............................. 705 Chapter Two Low-Level Control Structures .............................................. 729 Chapter Three Intermediate Procedures ...................................................... 781 Chapter Four Advanced Arithmetic ............................................................ 827 Chapter Five Bit Manipulation ................................................................... 881 Chapter Six The String Instructions ........................................................... 907 Chapter Seven The HLA Compile-Time Language ................................... 921 Chapter Eight Macros ................................................................................. 941 Chapter Nine Domain Specific Embedded Languages ............................... 975 Chapter Ten Classes and Objects ................................................................ 1029 Chapter Eleven The MMX Instruction Set ................................................. 1083 Chapter Twelve Mixed Language Programming ........................................ 1119 Chapter Thirteen Questions, Projects, and Labs ......................................... 1163 Section Five ............................................................................................... 1245 Section Five Advanced Assembly Language Programming ...................... 1245 Chapter One Thunks ................................................................................... 1247 Chapter Two Iterators ................................................................................. 1271 Chapter Three Coroutines and Generators .................................................. 1293 Chapter Four Low-level Parameter Implementation .................................. 1305 Chapter Five Lexical Nesting ..................................................................... 1337 Chapter Six Questions, Projects, and Labs ................................................. 1359 Appendix A Answers to Selected Exercises ............................................... 1365 Appendix B Console Graphic Characters ................................................... 1367 Appendix D The 80x86 Instruction Set ...................................................... 1409 Appendix E The HLA Language Reference ............................................... 1437 Appendix F The HLA Standard Library Reference .................................... 1439 Appendix G HLA Exceptions ..................................................................... 1441 Appendix H HLA Compile-Time Functions .............................................. 1447 Appendix I Installing HLA on Your System .............................................. 1477 Appendix J Debugging HLA Programs ...................................................... 1501 Appendix K Comparing HLA and MASM ................................................. 1505 Appendix L HLA Code Generation for HLL Statements ........................... 1507 Download: http://portal.aauj.edu/portal_resources/downloads/programming/assembly_language32bit_edition.pdf

Password Hashing: Why and How posted March 7, 2016 by "No Bugs" Hare, translated by Sergey Ignatchenko,originally published in Overload #129 in October 2015 Author: “No Bugs” Hare [[About Vol.2 of the upcoming “Development and Deployment of MMOG” book. There is no need to worry, I just need some time to prepare for publishing of Vol.1. “beta” chapters of Vol.2 are planned to start appearing in 3 weeks from now. Stay tuned!]] Password hashing is a non-trivial topic, which has recently become quite popular. While it is certainly not the only thing which you need to do make your network app secure, it is one of those security measures every security-conscious developer should implement. In this article, we’ll discuss what it is all about, why hash functions need to be slow, and how password hashing needs to be implemented in your applications. What is it all about? “For password hashing, the answer is very unpleasant: we’re trying to mitigate the consequences arising from stealing the whole of your site’s password database.Whenever we’re speaking about security, there is always the question: what exactly is the threat we’re trying to protect ourselves from? For password hashing, the answer is very unpleasant: we’re trying to mitigate the consequences arising from stealing the whole of your site’s password database. This is usually accompanied by the potential for stealing pretty much any other data in your database, and represents the Ultimate Nightmare of any real-world security person. Some (including myself) will argue that such mitigation is akin to locking the stable door after the horse has bolted, and that security efforts should be directed towards preventing the database-stealing from happening in the first place. While I certainly agree with this line of argument, on the other hand implementing password hashing is so simple and takes so little time (that is, if you designed for it from the very beginning) that it is simply imprudent not to implement it. Not to mention that if you’re not doing password hashing, everybody (your boss and any code reviewers/auditors included) will say, “Oh, you don’t do password hashing, which is The Second Most Important Security Feature In The Universe (after encryption, of course).” The most important thing, however, is not to forget about a dozen other security-related features which also need to be implemented (such as TLS encryption, not allowing passwords which are listed in well-known password dictionaries, limits on login rate, etc. etc. – see ‘Bottom Line’ section below for some of these) Articol complet: http://ithare.com/password-hashing-why-and-how/

get easy jail time for 80 bucs ,I'm in

CVE 2015-7547 glibc getaddrinfo() DNS Vulnerability Posted by jstester007 on March 7th, 2016 Hello w0rld! JUMPSEC researchers have spent some time on the glibc DNS vulnerability indexed as CVE 2015-7547 (It hasn’t got a cool name like GHOST unfortunately…). It appears to be a highly critical vulnerability and covers a large number of systems. It allows remote code execution by a stack-based overflow in the client side DNS resolver. In this post we would like to present our analysis. Google POC overview Google POC Network Exploitation Timeline Google POC Exploit Code Analysis First response Code snippet Packet capture snippet The dw() function calls a “struct” module from python library. According to the documentation, it performs conversion between python values and C structs represented as python strings. In this case, it interprets python integer and pack it into little-endian short type binary data. This is a valid response sent by the “malicious” DNS server when it receives any initial queries. This response packet is constructed intentionally in large size (with 2500 bytes of null), it forces the client to retry over TCP and allocate additional memory buffer for the next response. This also triggers the dual DNS query from getaddrinfo() on the client side, which is a single request containing A and AAAA queries concatnated. Second Response Code snippet Packet capture snippet This is the second response sent by the malicious DNS server. It is a malformed packet sending large numbers of “fake records” (184 Answer RRs) back to the client. According to google, this forces __libc_res_nsend to retry the query. Third response Code snippet Packet capture snippet This is the third response sent by the “malicious” DNS server. It is another malformed packet which is carrying the payload. JUMPSEC researcher has modified the Google POC code to identify the the number of bytes to cause a segmentation fault (possibly overwriting the RET address) of the buffer. It is found that the RET address is being overwritten on the 2079thbyte. With the addition of return_to_libc technique, an attacker can bypass OS protection such as NX bit or ASLR and perform remote code execution. Google POC debugging and crash analysis JUMPSEC has run it through the trusty gdb. It crashes with a SEGMENTATION FAULT which verifies that the DNS response has smashed the stack of the vulnerable client application when running getaddrinfo(). The vulnerable buffer is operated in gaih_getanswer. The entry address has been overwritten with 0x4443424144434241 (ABCDABCD). The state of the register also showing the overflowed bytes. SEGFAULT from vulnerable client. RET address is overwritten with “ABCDABCD” Backtrack Registers JUMPSEC has also tested it on a few other applications. It was found that the getaddrinfo() function in glibc is commonly used… Iceweasel crashing Conclusion The best way to mitigate this issue is to enforce proper patching management. Make sure to update all your systems with the latest version of glibc . If you have any systems exposed on the internet and you want to make sure that this vulnerability is not triggered then the following Wireshark filter could be useful: (DNS.length>2048 to see malformed packets). A DNS response has a maximum of 512 bytes (typically), note that the DNS reply is truncated. Even if the client does not accept large response, smaller responses can be combine into a large one which can also trigger the vulnerability. A possible filter is to monitor the size of the entire conversation as a distinct amount of bytes in total is require to trigger specific responses from vulnerable client and all of them requires more than 2048 bytes. The above vulnerability can be fixed by patching. If you are running RedHat or CentOS a simple yum -y update glibc will update the libc and resolve the issue. Reference links https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7547 http://pubs.opengroup.org/onlinepubs/9699919799/functions/freeaddrinfo.html https://googleonlinesecurity.blogspot.co.uk/2016/02/cve-2015-7547-glibc-getaddrinfo-stack.html https://sourceware.org/ml/libc-alpha/2016-02/msg00416.html Sursa: https://labs.jumpsec.com/2016/03/07/cve-2015-7547-glibc-getaddrinfo-dns-vulnerability/

Climber Automated auditing tool to check UNIX/Linux systems misconfigurations which may allow local privilege escalation. Dependencies python >= 2.7 python-crypto python-mako python-paramiko Note Climber needs Exscript, a Python module and a template processor for automating network connections over protocols such as Telnet or SSH. https://github.com/knipknap/exscript This module is already included in Climber sources. License This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version. Sursa: https://github.com/raffaele-forte/climber

Romanian ATM hacker exploits vulnerability in FENCE, escapes jail Robber clobbered but catching carder is harder 8 Mar 2016 at 05:56, Darren Pauli A Romanian carder arrested for using malware to plunder US$217,000 (£152,164, A$290,888) from ATMs has cut their way out of a Bucharest prison and escaped custody. Renato Marius Tulli, 34, escaped Police Precinct 19 with Grosy Gostel, 38, held for robbery charges, sparking a city-wide hunt, local media report. Gostel has been caught while malware man Tulli remains on the run. The carder and the robber cut a hole in the mesh fence and jumped an outer fence at the police station. Tulli and his gang raided ATMs maintained by NCR across Romania, Hungary, Spain, Russia, and the Czech Republic. They used the Tyupkin malware loading it onto ATMs using a CD slotted into the back of the machines. That malware has been upgraded in recent months and is now known as GreenDispenser and is being used to target ATMs across Mexico. There is little preventing the self-deleting malware from being used in other countries, experts say. ® Sursa: http://www.theregister.co.uk/2016/03/08/romanian_atm_hacker_exploits_vulnerability_in_fence_escapes_jail/

,,,o alta antena MiMo 2,6 GHz(4G)...

Fiecare tara care au primit refugiati au problemele lor, saracii lor, batranii lor.. mai ales Iordanul, Turcii si altii. Vai de noi, ce ne facem ca vin cativa si in Romania.. Dar cand am primit fonduri nerambursabile de la UE a fost bine? Imprumuturile de la UE, FMI si restul au fost bune si ele? Si asa mai departe, lista poate continua... (ca s-au furat si nu s-au folosit cum trebuie asta e alta mancare de peste). Daca ar fi o catastrofa naturala in Ro am vrea sa fim ajutati din exterior, nu-i asa? De exemplu daca da un cutremur decent in Bucuresti, unde jumatate de cladiri pica la o flegma mai puternica, imi pariez mana dreapta ca vor fi morti si raniti de ordinul sutelor si miilor. Atunci vom vrea orice ajutor ni se va da, nu-i asa? Nu le iau apararea Sirienilor, pe de o parte au incurajat astfel de lucruri, sunt de condamnat ca nu stau sa lupte pentru tara lor, unii din ei se comporta mai rau ca animalele pe unde ajung, fac si mofturi, etc. etc. Ce vreau sa spun cu toate astea? Faptul ca acordarea de ajutor umanitar nu este problema esentiala si ceea ce trebuie criticat/dezbatut ci ceea ce se intampla in Siria si zonele adiacente. Din pacate Rromanika e un pion foarte mic pe o tabla de sah enorma si nu are nici un cuvant de zis referitor la nimic. Mai pe scurtatura, Romania trebuie sa urmeze un sfat ce a aparut acum 2 saptamani in serialul The Walking Dead:

Pentru cei interesati de niste training, inafara de Udemy si alte site-uri. Why does RouteHub exist? To make affordable, practical network training available to all network engineers How does RouteHub do this? The founder of RouteHub identified a need for practical training for network engineers. Prior to the inception of RouteHub, the only network training that was readily available focused on certifications. This type of training has value and its place, but he saw a need for training that would help network engineers quickly get a solution in place in real-life situations. He decided that the quickest way to provide this training to the most number of people possible would be to create training documents and videos, and distribute them over the internet. What is available? RouteHub provides practical training in areas such as: Core Network Services (Routing, Switching, IPv6, Multicast, QoS) Voice and Unified Communications Security (Firewall, VPN, UTM) Wireless Data Center (Virtualization, Tunneling) Small Business Starting Out Network Design Why RouteHub instead of other online Training Videos? Our training videos provide practical, real-world training, to help you devise and deploy solid networking solutions. We’re not here to help you answer a multiple-choice test. We’re here tell you what you need to do to get a network up and running, how to configure different technologies, and to help you really understand how it works. Who works at RouteHub? RouteHub was founded by Michel Thomatis, a network engineer with 15 years of experience. He has worked for several companies over the years, developing network solutions to meet the needs of the businesses. Over the years, Michel found that he really enjoyed teaching people interesting in networking how it all works, and decided to do that full time. He is committed to providing you the training you need to be a successful network engineer. http://routehub.net/training/ Spor la invatat!

https://www.linkedin.com/in/mehernaz-morawala-05516312 Felicitari @Nytro pentru deschiderea unei filiale in Mumbai. Ar fi ideal daca poti face un transfer de puradei inapoi catre ei http://rstforum.net/ :P

Oldie but goldie..

GirlShare - Download Directory Power Submitter + 9,000 Directory List.rar un programel care adauga site-ul tau pe directoare web ai 9000 si ceva directoare in fisierul .txt , ca sa adaugi altelea pui la fel cum este si in acel document setari: - nume - mail - site - titlu - descriere - categorie . aveti posibilitatea sa alegeti 4 categorii dintr-o lista , fiindca nu toate directoarele web au aceleasi categorii - captcha manual - no-captcha : sare peste cele care au captcha . EDIT: am pus arhiva gresita prima oara , acum e completa

Carausi online, ce metoda noua de business. Poate ar merge daca ai lucra cu un homeless fara buletin in schimbul unei mese bune dar in practica nustiu cat de multe 'comenzi' ar fi.