Leaderboard

https://ro.wikipedia.org/wiki/Propozi%C8%9Bie_gramatical%C4%83

Salut baieti! Ma uitam la xfactor si am vazut un baiat care a lucrat ca ospatar, avea baiatu o voce ca a lasat juriu fara cuvinte.. baiatul asta sigur poate si merita mai mult. In aceasi situatie ma gandesc , ca se afla si unii baieti de pe rst. In principal conteaza determinarea, degeaba ai skilluri daca nu vrei sa le folositi. Toti au impresia ca banii online se castiga usor, aud des aluzii de la prieteni: "la cat muncesti tu pentru bani.. " , "normal ca ai nevoie de relaxare... tot te rupi (la modul ironic, mai mult sub forma unei glumite nevinovate)", etc.. le aud atat de des incat deja ma irita uneori. Doar eu stiu cand trageam de mine la inceput 16 din 24 7 din 7, erau zile cand nu castigam un cent, eram in stadiul de research, sa imi fac o idee de ansamblu. Spre deosebire de un job ,acolo faci cat ti se cere, cand pleci acasa, esti nepasator, unii chiar si in timpul serviciului isi permit sa fie implicati doar 50%, dar daca vrei sa reusesti singur trebuie sa fie implicat nu 50% nu 70% , trebuie sa fie implicat 100%, sa iti pese de fiecare detaliu, ca daca tie nu iti pasa nu o sa ii pese nimanui, trebuie sa fi un perfectionist. Daca sunt doritori va astept, imi rezerv dreptul sa imi aleg persoanele cu care lucrez si cat timp aloc fiecarei persoane.

Am decis sa fac un tutorial pentru ca vad ca inca multi se zbat si nu gasesc cum sa faca un venit mic spre mediu din online,traind in Romania. Poate ca pentru unii dintre voi sumele de care voi vorbi vi se vor parea infime insa pe altii sigur ii vor ajuta. Pentru mine a fost ca un challenge avand in vedere ca am renuntat dupa multi ani in care toate veniturile imi veneau din online ; drept urmare nu pot sta departe de online tot timpul,asa ca m-am decis cu cateva luni in urma sa caut ceva din care prin care sa imi cumpar tigarile ( in Londra, 7 pounds pachetul x 30 de zile ) Nu am luat-o ca pe o "joaca" ci ca pe un lucru serios, deci target-ul era 200 de pounds estimativ pe luna,pasiv pe semi-autopilot ; am citit tone de balarii si nimic concret ; pana am descoperit trucul asta ; o sa scriu pe scurt ca am povestit destul moartea caprioarei Partea interesanta incepe de aici in jos 1. Conturi instagram bineinteles 2. Proxy-uri private 3. O nisa ; aici cerul e limita. 4. hashtag-uri ; aici analizezi destul de bine majoritatea hastagurilor si le asezi atent , ele iti aduc pasiv falloweri si like-uri . Explicatii . 1. Conturile de instagram le puteti lua in bulk PVA insa eu am preferat sa le fac manual,majoritatea sunt cu proxy-uri ciudate semi-dedicate,spamate in multe cazuri de mai multe ori. Plus de asta ma gandesc ca algoritmii celor de la instagram nu sunt atat de slabi incat sa nu realizeze ca Vasile are mail de .ru , numar de USA si se logheaza din Germania ( dau un exemplu ) si unde mai pui ca dupa isi schimba si username-ul si numele si bio ... si incepe sa spameze. 2. Proxy-uri private eu am ales, un cont , un proxy . Puteti incerca si semi-dedicate insa pot fi folosite si de altii si e pacat de munca voastra. 3. Nisa e alegerea voastra,eu am ales o nisa medie spre mica ; aici nu va pot da sfaturi ca nu sunt capabil ; posibil nisa mea sa fie de cacat si eu sa ma cred zeu . Insa bineinteles nu o nisa "interzisa" 4. Hashtag-urile le analizez odata pe saptamana de preferat in week-end cand ma plictisesc, ma uit la concurenta si la gigantii din nisa mea, vad catre ce pointeaza si au mai mare impact. Personal folosesc descriere 4-10 cuvinte + smiley + 5-10 hastaguri . Automatizarea 1. Mass planer sau fallowliker ( Prefer mass planer pentru ca e cu plata lunara si ca adminii sunt romani ) 2. Sa zicem ca ai facut 20 de conturi si cumperi si 20 de proxy-uri private. 3. Asezi punctul 2 in punctul 1 ( Conturile in Mass planer ) 4. Stai ca tristul si pui descriere poze de profil, bio , username, 6 posturi de start pentru fiecare. ( E un calvar,credeti-ma ) 5. Daca nu ai cedat la pasul 4, lasi o zi,doua conturile sa se "linisteasca" nu le atingi. 6. Incepi sa setezi un numar mic de falloweri in 6 zile ale saptamanii, eu am inceput cu 34-50 maxim pe zi cu Night mode activ ( gen cand dormi; sa mimeze omul ) 6.1 Nu am setat sa dea like,nici comentarii,nici mesaje private in primele 14 zile. 6.2 Dupa 14 zile am crescut numarul de falloweri la 200-250 pe zi timp de 6 zile, like aleatoriu si unfallow doar intr-o zi. Asta a fost alegerea mea,fiecare cu parerea lui. 7. Cauti 4K Stogram ( acest soft iti trage tot contentul dupa 2 profile in varianta free ; dar le poti sterge si adauga alte profile . 7.1 Dupa ce ai sortat pozele,caut un file renamer si editezi aleatoriu toate numele la poze ( sunt o gramada free ) 7.2 Am setat sa posteze aleatoriu 3-5 poze pe zi ( bineinteles tot cu night mode activ ) Banii din instagram se fac din diverse domenii : shoutcast-uri , repost-uri, ogads. dropshipping, referal catre site cu adsense/amazon bla bla ; nu asta e problema ; problema e sa ai cateva zeci de mii de falloweri pentru inceput sa ai " de unde raspunde " Investitii : mass planer instagram edition ; proxy-uri private . In jur de 150-200 de ron lunar,in functie de cate proxy-uri ai. Parti negative 1. Iti poti lua ban,oricand,chiar mass-ban ; am citit o poveste foarte trista a unuia caruia iau luat-o razna proxy-urile si si-a luat mass ban pe conturi mari. 2. Trebuiesc niste bani investiti 3. E posibil sa dai un mare fail 4.Ai nevoie de un VPS pe windows sau de un pc non-stop online . Nu prea as fi vrut sa mai scriu aici ca sunt multi copii care se umfla in piept iar baietii valabili sau cam desumflat si isi vad de drumul lor de cand a luat militia forumul la puricat. P.S. : N-am stat sa scriu elaborat,v-am vorbit ca la copiii mei,asa ca daca am greseli de exprimare nu ma pedepsiti. LE: Puteti face si si cu 2-3 conturi pe ip real de acasa , fara nici o investitie, cu imacros, va pot da eu scripturi pentru niste beri in schimb.

Recent google ia in considerare protocolul https:// mai mult decat pana acum, iar efectele le-am simtit si eu. Totusi nu recomand certificatele free care tot circula pe net. Studiu de caz: Pe protocol http:// In acelasi timp, certificatul SSL luat la infiintarea site-ului incepe sa dea roade. Desi aveam ambele versiuni up, nu fortam protocolul https:// din .htaccess, google a decis sa-mi rankeze versiunea https:// in schimbul protocolului normal.

Salut, Acum 18 zile am creat un topic chiar pe acest forum in care intrebam daca se ocupa careva cu amazon associates (topicul aici) , topic la care nu mi-a raspuns nimeni, tind sa cred ca ori nu sunt oameni care se ocupa cu asa ceva, ori cei care o fac deja nu vor sa dezvaluie tainele amazonului. Am inceput sa ma documentez, sa vad ce si cum, care este regulamentul, de ce am nevoie etc. Pentru ca deja sunt in domeniul dropshippingului pe o anumita nisa, am hotarat ca pe amazon o sa merg tot pe acea nisa, pentru ca aveam deja pagini de social media facute cu oameni care au cumparat, pagini care le-am construit manual si am cladit un anumit nivel de incredere. Cum am precizat si in alte topicuri ale mele, eu vand doar prin intermediul social media, nu am treaba cu motoare de cautare. Ma chinuii de vreo 2 zile sa scriu aceste randuri, acesta nu este un articol , mie imi place sa-i spun motivatie, pentru ca speram ca pentru amazon sa mai gasesc ceva oameni dispusi sa faca bani si sa invete. Pe 1 am facut topicul si pe 2 seara aveam deja site-ul pus la punct cu sistemul de la amazon integrat, automatizat in proportie de 60%. Acestea sunt castigurile mele de pe 2 pana pe 16 a aceste-i luni : Potentialii mei clienti sunt aproximativ 200.000 daca stau sa adun toti care-i am pe social media (facebook, twitter, instagram, pinterest). Acum sa va spun de ce aveti nevoie : - de un domeniu + hosting - Wordpress - plugin-uri de automatizare (woocommerce amazon affiliates, prosociate) - o nisa - de timp sa-ti construiesti cateva pagini de social media pe anumite nise (daca ai un 10-15 dolari cred ca poti cumpara, ieri am achizitionat un cont de instagram cu 66k pe nisa mea cu 25$) sau daca esti tare si ai cunostinte, te bagi pe seo si pe bazezi pe motoarele de cautare. - timp in fiecare zi cam o ora sa mai bagi produse noi (se face automat, tu doar sa le alegi ) Pe scurt ai nevoie de vreo 10-15 dolari sa-ti iei domeniu si hosting ok pentru o luna iar restul resurselor se gasesc gratuite / crackuite de care te poti folosi pana ti le poti cumpara. Ps: Daca careva vrea sa invete mai multe, mie personal acest topic mi-a fost de ajuns. Spor la bani

Salut, De atunci a trecut ceva timp, am mai scris un topic dar cand s-a facut upgradeul a disparut. Merge foarte bine, m-am extins, si am trecut si la wholesale. Pentru cei care vor sa aduca din China produse acum dar cauta si plata cu paypal + shipping ok, m-am descurcat foarte bine la un moment dat cu dinodirect. Numai Bine!

Arunca si la mine cu un semn. Sunt sarac

De ce nu faci public sa invatam toti,sau matale cauti referali ori sclavi cibernetici.ceva e putred in Danemarca,cum zicea un mare nene.

Imi place initiativa ta,sper sa fii un om serios si sa te comporti calumea cu cei pe care ii iei sub aripa ta. Asa m-am mai oferit eu la multi ca refferal si dupa ce ma inregistram nu imi mai raspundeau pe skype.

Hard, very hard =(

1. Daca uitam de tine si nu voiam sa mai vorbesc cu tine, iti dadeam ban pe jabb. 2. Ceea ce vrei tu nu se face in 2 zile - nu e ca si cum ai vrea sa iti fac spanzuratoarea in cpp. Ai rabdare. Daca nu am mai intrat pe Jabb, nu inseamna ca nu continui sa iti fac proiectul hai sa nu fim p*zde sa ne smardoim pe un forum. Vorbim pe jabb.

Ofer domeniu .ro + host ( il inregistrez eu ) pentru un site adsense ...facem jumate jumate ... Eu ofer hostul si dom ... Esti dat dracului!

Ce e dupa pl este codat in Base64 probabil, avand in vedere ca se termina cu =

How To Perform "MITM Attack On HTTPS" Traffic Using Snifflab Posted by Kali Linux Researchers developed a technical test environment for capturing and decrypting WiFi data transmissions. The code for it lives on Github. Researchers created a WiFi hotspot that is continually collecting all the packets sent over it. All connected clients’ even HTTPS communications are subjected to a “Man-in-the-middle” attack, whereby they can later be decrypted for analysis. This article presents a detailed look at how this test environment works and then gets into how to set one up for your own testing purposes, including a list of required parts. Setting one up yourself is not user-friendly, and requires familiarity with the unix command line and networking concepts. Motivation Researchers and end-users alike often seek to understand what data their mobile device is sending to third parties. Unfortunately, monitoring one’s phone to see what, and to whom, data is sent is not exactly simple. Using packet capture software on Android is impossible without first rooting the device, and even then, difficult to use and export saved data. There are no applications to capture packets on iOS. Also See:How To Sniff The Browser History Using Sniffly Our motivation for creating the test environment described herein is to make it incredibly easy to capture packets for any device with a WiFi connection, with very little client configuration needed. How it works In our environment, dubbed Snifflab, a researcher simply connects to the Snifflab WiFi network, is prompted to install a custom certificate authority on the device, and then can use their device as needed for the test. Snifflab architecture All traffic on the network is logged by a Raspberry Pi dedicated to that task (“PCAP Collecting Machine”, in the Figure). The traffic is cloned by a Great Scott Gadgets Throwing Star LAN Tap, which routes it both to its destination, and to our Raspberry Pi. The Pi continually collects packet data, creating new packet capture (pcap) files at a regular interval, or once the active file reaches a configurable size. Saved files are regularly transferred to another machine (“Backup Machine”) for persistent storage. Users with SSH access to the Pi can also manually restart the pcap service, to get instant access to the captured packets, instead of waiting for the interval. The custom certificate that each client must install enables the proxy server (“MITM Proxy Machine”) through which Snifflab routes its traffic to intercept HTTPS requests to the outside world, and re-encrypt them using certificates generated on-the-fly. This allows for the researcher to later decrypt most captured network traffic sent over HTTPS. On the backup machine, the researcher has access to all previously-collected PCAPs, organized into folders by date, with each file named by the unix time at which the capture began. Also See:Network Scanning Using Nmap 7 From Basic To Advance The researcher may then open up the collected PCAP(s) in Wireshark or their utility of choice to analyze and decrypt the traffic. On packet captures A Packet capture (pcap) is a widely used data format for storing low-level network data transmission information. The packet is the base unit of data transmission on networks. To send a message from one computer to another, networking software breaks up the message into small packet files, each with metadata that — among other things — describes the source of the data, the destination, and the specific packet’s ID so that packets can be reassembled correctly at the destination. A pcap file is a collection of packets sent over a network. pcaps are created using software that “listens” to one or more network interfaces running on a given device, and dumps all the data packets it detects into a pcap file for future analysis. For example, one could listen on a computer’s WiFi interface, or the ethernet interface, or both. How-to This section describes the hardware, software, and configuration we used to set up Snifflab. It should be sufficient information to guide the creation of a new Snifflab instance from scratch. Snifflab router, PCAP machine, and LAN Tap Parts needed 1 router (in addition to your primary one), capable of running DD-WRT standard firmware 1 Raspberry Pi 2 Model B+ 1 server running all the time (Ubuntu) for backups and running the MITM proxy 1 Great Scott Gadgets Throwing Star LAN Tap 1 USB LAN adapter (TRENDnet TU3-ETG) 1 USB WiFi adapter (TP-Link TL-WN725N) Many Ethernet Cables The testing network We used a Cisco WRT54GL router to administer the Snifflab access point. We installed the DD-WRT Standard build firmware on this router. Please consult the DD-WRT guide to ensure your router is supported, lest you risk bricking your device. We connected this router’s internet port to our pre-existing LAN, creating a subnet with its own IP space. However, we don’t directly connect the router to the LAN. Between the LAN ethernet and the Snifflab router, we place a Great Scott Gadgets Throwing Star LAN Tap. This device allows us to passively sniff all traffic passing through it. In this manner, a copy of all network traffic is copied and directed to our PCAP collecting machine. Also See:How To Hack Facebook|Gmail And Twitter Account By Hacking Android Smartphone The LAN tap, unfortunately, has two separate ethernet ports for sniffing traffic. One is for inbound traffic, and the other, outbound. As such, the PCAP collecting machine needs to have two ethernet interfaces on which to listen for packets. This is discussed further below. Transparently proxying traffic to get MITM’d The router’s iptables must also be configured to transparently forward packets to the MITM proxy device. To do that, we login as administrator to the DD-WRT network portal, and navigate to Administration > Commands. There, we enter in the following commands, replacing the value of the PROXYIP variable with the IP address of your MITM proxy machine: PROXYIP=192.168.0.2 iptables -t mangle -A PREROUTING -j ACCEPT -p tcp -m multiport --dports 80,443 -s $PROXYIP iptables -t mangle -A PREROUTING -j MARK --set-mark 3 -p tcp -m multiport --dports 80,443 ip rule add fwmark 3 table 2 ip route add default via $PROXYIP dev vlan1 table 2 The last line in the above code refers to the vlan1 network interface; Make sure the network interface your router uses to communicate with the WAN is in fact vlan1 for your router, and adjust if needed. For example, this guide to setting up transparent proxies mentions br0 instead. Make it easy to get MITM’d The other thing we’d like our Snifflab router to do is to act as a convenient delivery service for our mitmproxy CA certificate. The method we chose is to make Snifflab a captive WiFi portal, meaning that users must visit a sign-in splash page before being able to use the network. We create a custom splash page for the user to sign into, and a redirect page from where the certificate can be downloaded after sign-in. A captive WiFi portal screen makes it simple to install the MITM certificate on a client device. To configure a captive WiFi portal, we login to the DD-WRT admin interface on Snifflab’s default gateway, and navigate to Services>Hotspot. We then enable NoCatSplash. Set up the NoCatSplash parameters to point the home page and splash URLS to a web server (hopefully running on your WAN) that serves redirect.html and splash.html as contained in the Git repository described below. Ensure that Homepage Redirection is turned on. Set a login timeout. The PCAP collecting machine In our system, a Raspberry Pi 2 Model B+ functions as the PCAP collecting machine. Setting up this Pi for sniffing network traffic sent to it from the LAN tap, and then backing up those captured packets to another machine, requires the configuration of multiple network interfaces. Also See:How To Perform Deauthentication Attack Using "Infernal Twin" On Single|Multiple Wifi Access Point Since the LAN tap splits inbound traffic to one ethernet port, and outbound to another, we need two ethernet interfaces on the Pi to capture both directions. However, packet capturing is much more straightforward if done on a single network interface. As such, we’ll have to bond the two ethernet connections into one network interface. To do that, install ifenslave and set networking interface commands as follows: sudo apt-get install ifenslave-2.6/etc/network/interfaces auto lo iface lo inet loopback iface eth0 inet manual iface eth1 inet manual allow-hotplug wlan0 iface wlan0 inet dhcp wpa-conf /etc/wpa_supplicant/wpa_supplicant.conf iface default inet dhcp auto bond0 iface bond0 inet dhcp bond-mode 3 bond-miimon 100 slaves eth0 eth1 Make sure bond-mode is set to 3, a “broadcast” policy, meaning all packets from all interfaces are transmitted via the bonding interface, otherwise packets may get dropped. WiFi Setting up WiFi driver for TP-Link TL-WN725N mkdir driver cd driver wget https://dl.dropboxusercontent.com/u/80256631/8188eu-v7-20150713.tar.gz tar xvzf 8188eu-v7-20150713.tar.gz sudo ./install.sh cd ../ rm -rf driver sudo reboot /etc/wpa_supplicant/wpa_supplicant.conf ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev update_config=1 network={ ssid="" psk=hashofyourpassword proto=RSN key_mgmt=WPA-PSK pairwise=TKIP auth_alg=OPEN } Customize this script to suit your particular WiFi connection. It may be easier to generate a config file through the Raspberry Pi GUI. It’s also best practice to not store the plaintext version of your WiFi password in this file. Instead, run wpa_passphrase to generate a hash of the password. A WiFi connection is necessary since the two ethernet ports only receive traffic cloned from the LAN tap, and don’t actually connect to the network. Thus, a networking interface is needed so that one can SSH into your machine, and transmit pcap files to the backup machine. Getting the network running correctly on boot By default, on Raspberry Pis, if ethernet is plugged in then WiFi will be automatically disabled. First, turn off ethernet hotplugging, which causes WiFi to get disabled. /etc/default/ifplugd INTERFACES="eth0" HOTPLUG_INTERFACES="eth0" ARGS="-q -f -u0 -d10 -w -I" SUSPEND_ACTION="stop" Next, the below script runs at startup to ensure that multiple networking interfaces can operate simultaneously. We run the ifup command on each network interface to force start all of them. We also set the two ethernet interfaces to promiscuous mode to ensure they process all packets being routed to them, for complete sniffing. /etc/init.d/network.sh #!/bin/sh ### BEGIN INIT INFO # Provides: network.sh # Short-Description: Ensure WiFi as well as Ethernet interfaces are up # Description: # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Required-Start: $remote_fs $syslog # Required-Stop: $remote_fs $syslog ### END INIT INFO sudo ifplugd eth0 --kill sudo ifup wlan0 sudo ifup eth0 sudo ifup eth1 sudo ifconfig eth1 promisc sudo ifconfig eth0 promisc exit 0 Dependencies for collecting packets Ensure you setup your ~/.ssh/config to connect to your analysis machine without the need for a password, otherwise the backup script will fail. ssh-keygen -t rsa cat ~/.ssh/id_rsa.pub | ssh user@server 'cat >> .ssh/authorized_keysInstalling libpcap sudo apt-get install libpcap0.8 libpcap0.8-dev libpcap-devInstalling pip sudo apt-get install python3-pip sudo apt-get install python-pipInstalling pcapy wget https://pypi.python.org/packages/source/p/pcapy/pcapy-0.10.8.tar.gz tar xvzf pcapy-0.10.8.tar.gz cd pcapy-0.10.8/ python setup.py installInstalling dpkt pip install dpkt pip install dpkt --upgradeMake sure timezone is set correctly tzconfig sudo dpkg-reconfigure tzdata Capturing Packets Get the latest code from Github. This guide refers to a copy of the repo housed at /home/pi/snifflab. This repository contains sniffer.py, a Python application developed to capture packets on an interface into PCAPs, creating new ones at a fixed interval, or when a file size limit is reached. The interface, interval, and filesize limit are all configurable command line parameters: -i (specify the network interface) -s (specify the file size limit) -t (specify the time interval, in seconds, between new PCAP files) -f (specify a filename suffix to append to each PCAP. -u (specify a ssh username for a remote backup) -h (specify a ssh host for remote backup) -p (specify the path on the remote host for backup) The script also backs up old PCAPs to a separate machine by launching an external bash script upon the creation of a new PCAP file. As described above, there are also parameters to specify the remote backup server username, hostname, and path for SCPing the PCAPs: Move the repository’s splash.html and redirect.html to the WAN web server of your choice, asdescribed above. Edit the link in splash.html to correspond to your Snifflab router’s IP address. Configure the backup script Make sure to add the PCAP machine’s public SSH key to the known_hosts file on the remote machine, or else movescript will prompt the user for a password. Start capturing packets on startup — create a sniffer service The simplest way to ensure reliably consistent packet capturing is to wrap sniffer.py in an upstart service, so it can easily be started on boot, and restarted as needed. To do that, create and edit the file below: /etc/init/sniffer.conf #sniffer.conf start on runlevel [2345] stop on runlevel [016] script exec echo "hi" cd /home/pi/mitm if [ -z "$filenamesuffix" ]; then exec python sniffer.py -i bond0 -s 100 -t 120 else exec python sniffer.py -i bond0 -s 100 -t 120 -f $filenamesuffix fi end script Make sure to edit the parameters of sniffer.py to suit your needs, based on the previous section. With this service all set up, it is easy to start / stop collecting packets: sudo service sniffer startThis service supports an additional parameter, a filename suffix. This will cause all pcaps collected by the service to be saved with the parameter as a file suffix. For instance, running sudo service sniffer start filenamesuffix=test1will yield timestamped packets with test1 as a suffix, similar to 123456789_test1.pcap. This makes it easy to label collected pcaps. When starting a new test, simply restart the service with a new filename suffix: sudo service sniffer restart filenamesuffix=mynewtestOf course, if the filenamesuffix parameter is missing, no suffix is included in the filename. After completing a test, I usually restart the service without a suffix, to cleanly demarcate the completion of the test in the filesystem. The MITM Proxy machine In our environment, we used a machine running Ubuntu Server operating system to act as a proxy that replaces SSL certificates with those under our control. It does this by relying on the well-knownmitmproxy software. Our MITM proxy machine exists outside of the Snifflab network, on the WAN. Snifflab forwards all traffic to this machine. This section describes how to configure a service that runs a transparent mitmproxy on startup. First, install mitmproxy and mitmdump, following the guide on their website. Now, we can set up a default configuration for mitmproxy to refer to on runtime. In our environment, we created a directory: sudo mkdir /etc/mitmproxy sudo chmod -R 755 /etc/mitmproxy touch /etc/mitmproxy/common.confEdit common.conf to match the following: --cadir=/etc/mitmproxy/cybersniff --port=4567 --noappI chose an arbitrary port number because I do not like using defaults. (mitmproxy defaults to 8080). Now, create a directory to store the mitmproxy certificate authority information: mkdir cybersniffNext, generate your own certificate for mitmdump to use as a CA. I do this so I don’t have to trust mitmproxy’s CA. Mitmproxy has a guide on how to generate your own certificate. I would recommend adding –days 1000 to the certificate generation step, to ensure the cert doesn’t expire for some time. Make sure the certificate files are stored in the path referred to in common.conf Now, let’s set up a service to ensure the proxy starts on boot, and can be easily started and stopped as needed: touch /etc/init/mitm.confEdit your newly-created mitm.conf to include the following: # mitm.conf start on filesystem script sudo iptables -A PREROUTING -t nat -i em1 -p tcp -m multiport --dports 80,443 -j REDIRECT --to-port 4567 SSLKEYLOGFILE=/var/log/mitmkeys.log export SSLKEYLOGFILE echo "MITM Keys being logged here: $SSLKEYLOGFILE" exec mitmdump -T --host --conf=/etc/mitmproxy/common.conf end script This service does several things. First of all, it starts when the filesystem is loaded. You can also start, stop, and restart it using commands like: service mitm stopSecondly, the service sets up iptables rules to route all incoming traffic on ports 80 and 443 to port 4567 (change this value to correspond to your mitmproxy port defined in common.conf). Next, it specifies an SSLKEYLOGFILE environment variable. This is important, as it provides a place for mitmproxy to save session keys used to set up encrypted communications. With these keys being routinely logged, we can point wireshark to this location (discussed below), and use it to decrypt SSL traffic that uses Diffie-Hellman key exchange. Finally, the service runs mitmdump (a non-interactive version of mitmproxy) in transparent mode, using the configuration file we previously created. Important: One last thing to do in order to ensure that devices connect to Snifflab can access HTTPS resources without a certificate error is to copy the generated .pem file for your custom CA certificate to the web directory where redirect.html is located. Edit the link in redirect.html (included in the Github repo, and hosted on your web server) to point users to download your pem file for them to install on their device. Also See:How To Hack Facebook Account Password Using Brute Force Attack Of course, you can develop your own way of providing the certificate to devices on the network. Analysing the data in Wireshark To decrypt packets that have been encrypted using perfect forward secrecy, it’s best to have the latest version of Wireshark installed. This might mean adding the Wireshark development PPA to your Ubuntu environment. Next, configure Wireshark’s Preferences > Protocols > SSL to utilize your MITM proxy’s CA bundled certificate file as well as the master keys list MITMproxy is logging. Click on RSA Keys, and enter the following: [TABLE=width: 668] [TR] [TD]IP address[/TD] [TD]Port[/TD] [TD]Protocol[/TD] [TD]Key File[/TD] [/TR] [TR=bgcolor: #EEEEEE] [TD]0.0.0.0[/TD] [TD]443[/TD] [TD]http[/TD] [TD]/path/to/mitmproxy-ca.pem[/TD] [/TR] [/TABLE] This tells Wireshark to attempt to decrypt all traffic (0.0.0.0 is a stand-in address for any IP) on port 443 as HTTP data, using your key file. Back in the main SSL protocol preference pane, set up an SSL debug file to you can assess any errors that might occur. Finally, point (Pre)-Master-Secret log filename to the path set in the $SSLKEYLOGFILE environment variable (or a place you copy that log file to). With this, you can load any of the PCAP files collected on the SniffLab network and decrypt HTTPS connections! Happy hacking. Sursa http://kalilinuxcourse.blogspot.in/2015/12/how-to-perform-mitm-attack-on-https-traffic.html

Salut, se cauta un programtor php pentru un proiect care se afla in derulare. Din ce am inteles cerinte mari nu sunt, mentionez cele principale. - php get URLs ; - use info from URLs ; - create database tables and store info in them based on php form input fields. Se doreste a se obtine niste informatii, grafice in backend legat de niste date pe care o sa le aveti la dispozitie. Veti lucra direct cu CTO care se afla in USA deci limba engleza este importanta. Plata este de 50$/hr. Cei interesati sa imi trimita un mesaj cu experienta lor si cum pot fi contactati (preferabil skype) precum si un porfoliu.

Dupa cum, spune si titlul vand domeniu http://howtounlockicloud.com/ btc, transfer bancar detalii: thenet50@yahoo.com pret: 350€uro negociabil Pot asigura si seo contra cost pentru afisarea pe prima pagina in nisa. (backlincks, trafic, social + optimizare continut) Se vinde cu hosting (nu am ce face cu el e platit pe o luna) + privacy 1 an platit, verificat nu se poate raporta For sale domeniu http://howtounlockicloud.com/