Leaderboard

1. Go to http://www.easyname.com 2. Register any .com domain of your choice. 3. Add to cart. 4. Go and add a 20gb hosting plan on your cart as well. 5. Redeem these 2 coupons. T26G8MPC3 & HA26GVFW5 6. Your cart total should now be $0.00 Am luat eu acu 5 min ,nu am avut chef sa traduc dar cred ca va descurcati voi

Nu exista.

USB Thief, the new USB-based data stealing Trojan March 29, 2016 By Pierluigi Paganini USB Thief, the new USB-based data-stealing Trojan discovered by ESET that relies on USB devices in order to spread itself and infect also air-gapped systems Security researchers at ESET have discovered a new insidious data-stealer, dubbed USB Thief (Win32/PSW.Stealer.NAI), that relies on USB devices in order to spread itself. USB Thief is able to infect air-gapped or isolated systems does not leave any trace of activity on the infected systems. Malware authors have implemented special techniques mechanisms to protect USB Thief from being detected and analyzed. The authors also implemented an advanced multi-staged encryption process to protect the Trojan. “The USB Thief is, in many aspects different from the more common malware types that we’re used to seeing flooding the internet,” wrote Tomáš Gardoň, a malware analyst at ESET. “This one uses only USB devices for propagation, and it does not leave any evidence on the compromised computer. Its creators also employ special mechanisms to protect the malware from being reproduced or copied, which makes it even harder to detect and analyze. The USB Thief Trojan malware can be stored either as a Dynamically Linked Library (DLL) used by the portable applications or as a portable application’s plugin source. Mobile devices are usually used to store portable version of common applications like Firefox, TrueCrypt, and Notepad++. When victims launch the portable application the USB Thief runs in the background. “Unfortunately, this is not the case with the USB Thief as it uses an uncommon way to trick a user – it benefits from the fact that USB devices often store portable versions of some common applications like Firefox portable, Notepad++ portable, TrueCrypt portable and so on.” continues the post. The malware completely resides on the USB device, it doesn’t leave any trace of its presence. According to the experts at the ESET any tool that could be used to breach an air-gapped network must be taken into account. “Well, taking into account that organizations isolate some of their systems for a good reason,” said Peter Stancik, the security evangelist at ESET. “Any tool capable of attacking these so called air-gapped systems must be regarded as dangerous.” “People should understand the risks associated with USB storage devices obtained from sources that may not be trustworthy.” How can organizations prevent attacks based on USB Thief from succeeding? Do not use USB storage devices from sources that may not be trustworthy. Disable USB ports wherever possible. Define strict policies to enforce care in the use of USB devices. Train the staff on cyber threats. Pierluigi Paganini Sursa: http://securityaffairs.co/wordpress/45741/malware/usb-thief-trojan.html

Adica pe banii nostri!

Interesant de citit: https://blog.trailofbits.com/2016/02/17/apple-can-comply-with-the-fbi-court-order/ Si raspunsul Apple: https://www.apple.com/customer-letter/

Avem urmatoarea bucata de cod scris in C: main(_){_^448&&main(-~_);putchar(--_%64?32|-~7[__TIME__-_/8%8][">'txiZ^(~z?"-48]>>";;;====~$::199"[_*2&8|_/64]/(_&2?1:8)%8&1:10);} Programul poate fi compilat exact asa cum este (testat cu gcc (GCC) 4.8.5 20150623 (Red Hat 4.8.5-4)), outputul fiind: [mrgrj@localhost tmp]# vim challangeRST.c [mrgrj@localhost tmp]# gcc challangeRST.c -o challangeRST [mrgrj@localhost tmp]# ./challangeRST !!!!!! !!!!!! !!!!!! !!!!!! !! !!!!!! !! !! !! !! !! !! !! !! !! !! !! !! !! !! !! !! !! !! !!!!!! !! !!!! !!!! !! !! !!!! !! !! !! !! !! !! !! !! !! !! !! !! !! !! !! !! !!!!!! !!!!!! !!!!!! !!!!!! !! !!!! Cum functioneaza programul ? (explicati output-ul) O sa va rog sa folositi buttonul de spoiler in momentul in care dati un raspuns decent. Challange-ul expira vineri la ora 23:59. Solvers: 1. @MasterLight 2. 3.

Asta e troll post cumva?

Pana acum nu am avut probleme cu RSS-ul. Good job. Asteptam index-ul si rezolvarea problemei de login si cam aia e ^^ PS: Formatarea codului se vede naspa de pe telefon

Nu cred ca stii cat de urat face, o sa adaug in curand un sample, ca sa va faceti o idee.

suprasaturat = $$$ , trebuie sa stii unde sa-ti faci reclama

PwnWiki.io is a collection TTPs (tools, tactics, and procedures) for what to do after access has been gained. Live Online Copy: You can find a copy of the project online at: http://pwnwiki.io Offline Use: Clone the repository or pull the archive (download zip) of the repo Open index.html Most modern browsers don't allow the access of local files from a locally loaded HTML file. On Windows you can use Mongoose Tiny or HFS to host the files locally. On OSX and Linux python -m SimpleHTTPServer seems to work just fine. Referenced tools can be found here: https://github.com/mubix/post-exploitation (If they aren't built into the OS)

A Penetration Testing Framework , The Hacker's Repo our hope is in the last version we will have evry script that a hacker needs THIS TOOL IS ONLY FOR EDUCATIONAL PURPOSES ONLY Requirements Python 2 sudoer Link: https://github.com/x3omdax/PenBox

Life After the Isolated Heap Posted by Natalie Silvanovich, Mourner of Lost Exploits Over the past few months, Adobe has introduced a number of changes to the Flash Player heap with the goal of reducing the exploitability of certain types of vulnerabilities in Flash, especially use-after-frees. I wrote an exploit involving two bugs discovered after the Isolated Heap was implemented to explore how it impacts their exploitability. The Isolated Heap The Flash heap, MMgc, is a garbage collected heap that also supports unmanaged fixed allocations. In the past, there have been many exploits in the wild that used certain properties of the heap to aid exploitation. In particular, many exploits used the allocation properties of Vectors to gain read/write access to the entire Flash memory space via heap memory corruption bugs. Exploits that use other object types, such as ByteArray and BitmapData have also been seen in the wild. MMgc was originally implemented as a type and size bucketed allocator. When memory is requested, the allocator that is called depends on the type of memory that is needed. This is related to the garbage collection properties of the memory. If it is not garbage collected, the Fixed allocator is used, otherwise the Garbage-Collected (GC) allocator is used. Within the GC allocator, there are about eight subtypes of memory that can be allocated, related to whether the memory contains pointers and whether those pointers have custom finalizers or GC routines that need to be called. Within each type, the request is sorted by size, and the memory is allocated on a heap page for that size. Large requests are allocated on their own page. The Isolated Heap introduces partitioning to the heap, essentially a third factor which determines where memory is allocated. There is separate memory for each partition, which is then split into subsections for different types and sizes. The goal of partitioning is to allocate objects that are likely to contain memory corruption bugs in a different area of memory than objects that are likely to be useful in exploiting memory corruption bugs, and generally add more entropy to the heap. There are currently three partitions on the heap. The first partition is generally used for objects that contain pointers: script objects, their backing GC-memory and certain pointer arrays. The second partition is used for objects that contain non-pointer data, mostly arrays of primitive types. The third partition is used for a small number of objects that have a history of being used in exploits. These are typically variable-sized data buffer objects. Outside of the Isolated Heap, checksumming has also been implemented to detect and abort if certain sensitive objects are ever altered. Articol complet: http://googleprojectzero.blogspot.ro/2016/03/life-after-isolated-heap.html?spref=tw

Parerea lui Jonathan Zdziarski pe acest subiect o puteti citii aici. http://www.zdziarski.com/blog/?p=5966 E o lectura destul de placuta

Acum se vad diferentele intre iOS si Android..

Din cate am citit multi suspecteaza commentul de pe linia 38 din fisierul lock.c din sursele Samba. Cel care a "descoperit" problema, Stefan Metzmacher e si autorul fisierului. https://isc.sans.edu/diary/Getting+Ready+for+Badlock/20877 https://github.com/ccrisan/samba/blob/master/source4/libcli/smb2/lock.c

Parca s-a laudat ceva firma de prin Israel ca poate debloca http://thehackernews.com/2016/03/unlock-terrorist-iPhone.html

Daca nu e un MS08-067 - autorul sa ne suga pula.

Fa o bomba.Cu cacat.

http://readwrite.com/2014/01/21/raspberry-pi-great-projects/ http://pingbin.com/2012/12/30-cool-ideas-raspberry-pi-project/ http://www.instructables.com/id/Raspberry-Pi-Projects/ Bafta!

Da ,inca plateste imagetwist

https://s7.postimg.org/7oloafs0b/230356_978770172171247_1535849593252713116_n.jpg

Tu arunci 900 de lire, si eu ma chinui sa strang 3k pt o masina cu putin peste 10 milioane salariu. Ce iti e si cu viata asta... si tot tu esti ala care vrei sa te sinucizi...

Grup social naspa zici ... "Daca vrei sa fii lup , n-ai ce cauta cu oile." Lasa dracului ruleta , lasa drogurile Apuca-te de alergat Viata iti da ceea ce ceri si nimic mai mult. Be the change you want to see in the world !

@franxu Cumpara ruleta. Problem solved. http://www.ebay.com/bhp/roulette-table http://www.ebay.com/sch/Collectible-Casino-Roulette-Wheels-and-Sets/73489/bn_2311968/i.html

Probabil esti in Anglia alaturi de moldoveni slinosi din Focsani.Da-i in pula mea,aia sunt paraziti.Sa suga toti pula de la A la Z.Pleaca de langa ei. Sa iti iei viata pentru o masa de lemn cu o bila care se misca in ea?Sa suga pula.Merita sa pierzi ani de bucurii,copii,familie pentru un moment de cacat din viata ta?Esti barbat cu coaie in pantaloni,nu hipster care se taie cu lama. Nu ai parinti,cum plm sa faci asa ceva?Tie iti este usor sa te sinucizi,dar ce lasi in urma nu vezi.Te simti tras in spate,dar tot poti face ceva,mai bine decat mancat de viermi.Apuca-te de un sport ceva,activitati in natura,pleaca de langa scarbele drogate. Unii traiesc paralizati de 20 de ani si se bucura de viata,tu pentru cateva dezamagiri te caci pe tine.Asta crezi ca e viata,900 lire?Du-te in cazino si caca-te in ruleta in timp ce se invarte bila,o sa te vindeci. Asta face diferenta dintre un barbat adevarat si o curva.Trebuie sa lupti,nu sa te lasi futut de viata ca o cocota.

Trimite-mi mie banii ca sa nu-i mai joci la ruleta, o sa ti-i dau inapoi cand te lasi de sporturi de genul, trust me.

Pizda rezolva asta. Tie iti lipseste pizda. Nu glumesc. Gandeste-te bine! Noroc!

Le doresc muie eterna si le iau sufletul in pula celor care au scris cacaturi in acest topic, chiar daca povestea e reala sau nu. Sunteti niste avortoni.

Ia legatura cu cei de la Supportul lor si vorbeste cu ei ca de aia sunt pusi acolo

Cred ca guvernul US ii sufla de praf, totul ramane la decizia Apple cum vor proceda mai departe. Au resursele necesare sa se mute in alta parte si orice tara ii va primi cu bratele deschise, chiar vor incheia un agreement profitabil pentru ambele parti. Daca vor sa se lupte prin tribunale au resursele sa o faca. Influenta au destula in toate partile. US are doar de pierdut. Recent Apple au raportat ca au rezerve in cash de 216 miliarde de dolari din care 201 sunt in afara tarii. Adica putin peste echivalentul GDP al Romaniei pe un an de zile ca sa pui in perspectiva. Asta doar in cash, netinand cont de restul asset-urilor, etc. Ei sunt un gigant cu care US nu isi permit sa se lupte. Totul depinde de cata coloana vertebrala au Tim Cook & Co si cata aroganta au.

Merge chiar daca expira timpul de 4 minute de la Free Preview. Multumesc :D! EDIT: coursera downloader: https://github.com/coursera-dl/coursera-dl

nu stie nimeni, doar atm-ul si camera de filmat.

Am avut nevoie de un crawler care genereaza wordlist-uri in functie de continutul unei pagini/unui website, si tot ce am gasit a fost cewl, dar e scris in ruby si nu-mi place ideea de gem-uri (sunt fan dulceata), asa ca am decis sa scriu eu unul. Poate nu e la fel de bun/featureful precum cewl (sau altele?), dar functioneaza, si functioneaza bine. Necesita requests si BeautifulSoup. Sursa, cat si informatii despre setting up: https://github.com/vlad-s/wospi """ wospi 0.1 word spider whose sole purpose is to crawl for strings and generate a wordlist """ __author__ = "Vlad <vlad at vlads dot me>" __version__ = "0.1" __license__ = "GPL v2" # pylint: disable=import-error # pylint can't find BeautifulSoup (installed with pip) import requests import argparse from threading import Thread from bs4 import BeautifulSoup class WordSpider(object): """ Main class """ def __init__(self, output, url): self.min_length = 4 self.user_agent = "wospi (v0.1) word spiderbro" self.with_strip = False self.output = output self.url = url self.data_dict = {"words": [], "urls": [], "strip": ".,\"'"} try: self.outfile = open(self.output, "w") except IOError: print "Can't write the file. Do you have write access?" exit(1) def url_magic(self, url, depth): """ Do the URL boogie all night long """ domain = self.url.split("/")[0]+"//"+self.url.split("/")[2] if url.startswith("/"): crawl_url = domain+url elif url.startswith(domain): crawl_url = url else: return if crawl_url not in self.data_dict.get("urls"): self.data_dict.get("urls").append(crawl_url) link_worker = Thread(target=self.request, args=(crawl_url, int(depth)-1)) link_worker.start() def request(self, url, depth): """ Do request, get content, spread the word """ if depth < 0: exit(1) if url.startswith("/"): url_split = url.split("/") url = url_split[0] + "//" + url_split[2] print "[+] URL: %s" % url headers = {"user-agent": self.user_agent} try: req = requests.get(url, headers=headers, timeout=3) except requests.ConnectionError: print "[+] Connection error, returning." return except requests.HTTPError: print "[+] Invalid HTTP response, returning." return except requests.Timeout: print "[+] Request timed out, returning." return except requests.TooManyRedirects: print "[+] Too many redirections, returning." return if "text/html" not in req.headers.get("content-type"): print "[+] Content type is not text/html, returning." return soup = BeautifulSoup(req.text, "html.parser") for invalid_tags in soup(["script", "iframe", "style"]): invalid_tags.extract() for link in soup.find_all("a"): if not isinstance(link.get("href"), type(None)): self.url_magic(link.get("href"), depth) data_worker = Thread(target=self.parse_data, args=(soup.get_text(), )) data_worker.start() def parse_data(self, data): """ Parse the data after request """ data = data.replace("\r\n", " ").replace("\n", " ").split() for word in data: word = word.encode("utf-8") if word not in self.data_dict.get("words"): if len(word) >= self.min_length: if self.with_strip == True: stripped = word for char in self.data_dict.get("strip"): stripped = stripped.strip(char) self.data_dict.get("words").append(word) self.outfile.write(word+"\n") if self.with_strip == True and stripped != word: self.data_dict.get("words").append(stripped) self.outfile.write(stripped+"\n") def run(self, depth=0): """ Run, scraper, run! """ self.request(self.url, depth) if __name__ == "__main__": PARSER = argparse.ArgumentParser(description="word scraper/wordlist\ generator") PARSER.add_argument("--min-length", type=int, default=4, help="minimum\ word length, defaults to 4") PARSER.add_argument("--user-agent", help="user agent to use on requests") PARSER.add_argument("--with-strip", action="store_true", help="also store\ the stripped word") PARSER.add_argument("--write", "-w", required=True, dest="file", help="file to write the content in") PARSER.add_argument("--depth", default=0, help="crawling depth, defaults\ to 0") PARSER.add_argument("url", type=str, help="url to scrape") ARGS = PARSER.parse_args() SCRAPER = WordSpider(ARGS.file, ARGS.url) if ARGS.min_length is not None: SCRAPER.min_length = ARGS.min_length if ARGS.user_agent is not None: SCRAPER.user_agent = ARGS.user_agent if ARGS.with_strip == True: SCRAPER.with_strip = True SCRAPER.run(ARGS.depth)

e cineva meserias ?

Bani din LABA pe net: - intri pe logat pe facebook la urmatorul link: http://goo.gl/FS2iXJ - dai la laba - apoi te duci la munca - faci bani Credits: Matthew

Sallut , recent am gasit un site unde poti castiga skinuri free , vreau sa impart cu voi aceasta descoperire. 1. Te logiezi cu steamu 2. Bagi TradeOffert 3. Stai la Earn pentru monede 12 monede la 210 secunde. cu monezile iti cumperi skinuri , pentru 300 coins inregistrati-va aici http://www.winaskin.com/

salut, vreau un keylogger binduit intr-o imagine. restul detaliilor le discutam pe prv. ofer 20$ pp.