Leaderboard

A couple months ago, for God knows what reason, I decided to hack my Tesla Model S. My goal was to get root access to the touchscreen, henceforth known as the CID. I spent about 2 months of research and preparation for this project. When I was confident everything was all set, I grabbed my tools and my laptops and went to work. 1) Access the Side Panel The first step was to remove the little side cover right by the door on the drivers side. This reveals a little white connector that you can see here sticking out. It may look weird, but it's basically a CAT 6 cable with a proprietary connector from Tesla. You can connect to it by taking a regular network cable and adding the male proprietary end to it, or try to buy one from a salvage. The cable I used was one I made myself. So, the white access wire is where I will finally get access to the network and can perform the hack itself. Unfortunately, it's currently locked down behind a VPN that requires a password to unlock, which unfortunately I didn't have, so I had to unlock it. 2) Remove Lower Dash Trim After the side cover is removed I had to remove the huge trim underneath the steering wheel. It had 9 clips that I had to really fight with my wedge to get disconnected. I finally got it off though. 3) Remove the Vents Oh my god, this took forever. I had to unscrew the large top pad which covers the entire dash from the chassis. After that, you have to pry that sucker up which unhooks a few clips but still wants to fight you the whole time. It was covering the screws for the vents. The top pad is sensitive, as is the chrome edge to it, so you have to be careful not to bend it while simultaneously prying that sucker apart so you can unscrew the two screws. After that you just remove the instrument cluster cover and pull the vents out. 4) Remove Instrument Cluster The instrument cluster needs to be removed. Once again, this required lifting the top pad to access the two upper screws. Honestly, I took this picture after I had removed the bottom screws because I was dreading having to remove the two on top... I finally got the two screws removed, though. I'm sure by this point you're wondering how in the heck this will manage to unlock the white connector. You'll see soon. 5) Instrument Cluster Connector And here's that golden ticket: another connector like the white one! This one is a connection to the CID (touchscreen). The IC connects to the CID through a web interface to get updates on things like the navigation, music, etc. as well as send commands like opening the sunroof. What I had to do was disconnect the cable from the IC and plug my earlier cable in to it. This allowed me to get the car into Factory Mode. Once that was done, I unplugged my laptop and plugged the cable back into the IC. If you hold down the Tesla T in Factory Mode you end up with the "Developer Mode" screens. I'll probably make a post another day going through all of it. I had to add this screen though. It's the thermal status screen, and most definitely my favorite. 6) Root the S The car is in Factory Mode, and thus the white cable back at the beginning in the side panel is unlocked and ready for me. So, I plugged in my laptop and ran a script I had pre-written: obtain_root Dramatic reenactment of the rooting experience. This goes through a secret process that eventually gets me connected to the CID (touchscreen) with root privileges. From there I had a bunch of stuff that ran automagically to set it up so I wouldn't have to go through all this crap every time I wanted access to the car. Then, I just disconnect from the white cable, turn off the factory mode, reboot the car, then reinstall all the stuff I removed. Bam! Hack complete. Post Root The car is rooted, now what? I have a lot of things planned and have been doing a lot of exploring. I'll be posting my findings, pictures, videos etc. here. I have something awesome I've been working on. Hopefully I can get a video up sometime soon. Source

Pai daca faci putin research vei vedea ca Gigelul care a postat aici isi face reclama la propriul tool, un fel de spam-reclama, caci vrea sa atraga cati mai multi noobs sa il foloseasca sa prinda si el niscai pesti. Tocmai de asta i-am ediat postarea si lasat fara link-uri.

Am regasit un link aici: aHR0cHM6Ly93ZS50bC8wVFJFZmhtVkQ1 Nu stiu cate zile va fi valabil. Grab it while it's hot.

60 000e daca ai achiziti din romania, dar pentru achizitii intracomunitare suma e de 10000e. Iar el is 98% sigur ca va avea achizitii intracomunitare.

1. Go to http://www.easyname.com 2. Register any .com domain of your choice. 3. Add to cart. 4. Go and add a 20gb hosting plan on your cart as well. 5. Redeem these 2 coupons. T26G8MPC3 & HA26GVFW5 6. Your cart total should now be $0.00 Am luat eu acu 5 min ,nu am avut chef sa traduc dar cred ca va descurcati voi

http://www.freetechbooks.com/

Part I: Monoalphabetic Substitution Systems https://www.nsa.gov/public_info/_files/military_cryptanalysis/mil_crypt_I.pdf PART II. SIMPLER VARIETIES OF. POLYALPHABETIC SUBSTITUTION SYSTEMS https://www.nsa.gov/public_info/_files/military_cryptanalysis/mil_crypt_II.pdf Part III. SIMPLER VARIETIES. OF APERIODIC SUBSTITUTION SYSTEMS https://www.nsa.gov/public_info/_files/military_cryptanalysis/mil_crypt_III.pdf Part IV. TRANSPOSITION AND FRACTIONATING SYSTEMS https://www.nsa.gov/public_info/_files/military_cryptanalysis/mil_crypt_IV.pdf

https://www.wordfence.com/blog/2016/04/mossack-fonseca-breach-vulnerable-slider-revolution/

Mersi dar sunt scumpi si prastie - cel mai ieftin la 200 usd / luna + 50 set-up cica "Bandwidth: 30 Mbps", daca vreau upgrade la un 100 e 300 usd/luna + 50 set-up. Ceream pareri de la oameni care au experienta cu astfel de firme. Nu-mi spune ca esti clientul lor... I forbid you!

Poti lua in considerare astea: 1. Hurricane Electric 2. Softlayer 3. Restul :))))))

Salut, eu am un server dedicat la LiqduiWeb de 3 ani. Nu am avut niciun downtime. Suportul este foarte bun. Preturile sunt un putin cam maricele..dar ai calitate.

Disclaimer: nu e chiar "advanced', e mai mult beginners-medium, insa din motive de "marketing".. peste tot e "advanced". Destul de util insa, nonetheless. Also on Udemy. Free download: aHR0cDovL21hYi50by9TdWpOMkpuZ3U= Advanced Penetration Testing for Highly-Secured Environments will teach you how to effectively secure any environment and harden your system and network configurations. You will be able to get into the attacker’s mindset of how they target systems on a network and the overwhelming threats they pose, thereby exploiting their vulnerabilities to create a step-by-step virtual lab to protect your system. The goal of the Advanced Penetration Testing for Highly-Secured Environments video course is to first prepare and then challenge your skills and ability to perform a full penetration test against a fictional business company. It is packed with examples that enforce enumeration, exploitation, post-exploitation, writing reports skills, and more. To start off you will get to know the differences between penetration testing and vulnerability assessments through a structured process of starting a penetration test and finishing it with a detailed report. If you are looking to advance in the IT security field, through advanced exploitation techniques and strategies, then this video course is for you. [h=2]Who this course is for[/h] The Advanced Penetration Testing for Highly-Secured Environments video course is aimed at both newcomers and experienced professionals who wish to gain hands-on experience of advanced penetration testing. You will need elemental IT skills and concepts, knowledge of common network protocols such as TCP/IP, and a basic understanding of penetration testing. [h=2]What you will learn from this course[/h] Learn information gathering/Footprinting techniques and enumeration techniques See how to gain both physical and remote access to secured systems Navigate through the command prompt and Linux terminal along with the Backtrack 5 R3 Linux operating system Understand the Metasploit Framework, Social-Engineering Toolkit, Nmap, Zenmap, and more Learn how to deal with client-side exploitation attacks and advanced techniques to bypass firewalls, IDS, and IPS systems Create a virtual penetration testing lab Discover the usage of all the security tools Generate a full, detailed penetration testing report [h=2]Table of Contents[/h] Introduction to Advanced Penetration Testing What Is Advanced Penetration Testing? Installing VirtualBox Installing BackTrack 5 R3 Installing Metasploitable Set up BackTrack 5 R3 [*]Advanced Footprinting What Is Footprinting? Using Nslookup and Dig Using Tracert and Traceroute Using Paterva Maltego Google Dorks and Social Engineering [*]Enumeration: Getting to Know Your Target What Is Enumeration? Using Nmap and Zenmap Using SNMPenu and SNMPwalk Banner Grabbing with Netcat Searching for Exploits [*]Exploitation Applications: Getting to Know Your Tools What Is Exploitation? Installing the Nessus Vulnerability Scanner Using the Nessus Vulnerability Scanner-Part 1 Installing and Updating the Metasploit Framework Using the Metasploit Framework [*]Gaining Physical Access How Do Hackers Break into a Local System? Breaking into Windows 7-Part 1 Breaking into Windows 7-Part 2 Breaking into Windows 7-Part 3 Breaking into Windows 7-Part 4 [*]Exploiting a Client-side Target How Do Hackers Break into a Remote System? Using the Social Engineering Toolkit Using the Nessus Vulnerability Scanner-Part 2 Exploiting Windows 7 Exploiting Metasploitable [*]Bypassing Web Filters, Firewalls, and IDS Evading Web Filters, Firewalls, and IDSes Bypassing Web Filters-Part 1 Bypassing Web Filters-Part 2 Stealth Scanning-Part 1 Stealth Scanning-Part 2 [*]Writing a Penetration Testing Report Why Is It So Important to Write a Report? What Should Be In the Report? Writing a Report Turning In the Report

Ohh really cool tool, much better than BEef, with this tool you can easy capture, passwords, execute remotly javascript code, capture screen, clone some sessions in your browser.

Draga Stefan, Daca astepti ca cineva sa iti toarne informatie cu palnia in cap din pacate acest lucru nu este posibil. Iar pe langa cunostintele tehnice si practica necesara, trebuie sa ai si un anume talent artistic. Poti sa cunosti Photoshop-ul de la A la Z daca nu ai acel talent necesar. Acestea fiind spuse, uite cateva sugestii: - Ai incercat sa pui pe Google.ro aceeasi fraza care ai pus-o aici in titlu? Doar asa de curiozitate... - Dar pe YouTube.com? - Daca te descurci in Limba Engleza ai incercat sa pui "learn photoshop" pe Google si Youtube? - Daca te descurci in Limba Engleza cauta tutorialele Lynda.com. Sunt foarte multe pe torrente referitoare la Photoshop pentru beginners, intermediate si advanced. - Romanii, pupa-i muma sa nu-i deochi, aveau o fraza inteleapta: "repetitio est mater studiorum" care tradus inseamna "repetitia este mama invatarii". Cu alte cuvinte pune in practica cat mai mult ceea ce inveti. Seteaza-ti anumite tinte tot mai dificile si incearca sa le depaseti constant. Cand te impotmolesti nu-ti fie frica sa folosesti prietenul Google. Ar mai fi unele lucruri de spus referitoare la folosirea acestor cunostinte in scopuri comerciale insa e prea devreme. Succes!

Buy from: here Author: Christopher Duffy Free download: aHR0cDovL3dlLnRsL0JIc2tWbnpXek8= Year: 2015 Pages: 300 About This Book - Understand how and where Python scripts meet the need for penetration testing - Familiarise yourself with the process of highlighting a specific methodology to exploit an environment to fetch critical data - Develop your Python and penetration testing skills with real-world examples Who This Book Is For If you are a security professional or researcher, with knowledge of different operating systems and a conceptual idea of penetration testing, and you would like to grow your knowledge in Python, then this book is ideal for you. What You Will Learn - Familiarise yourself with the generation of Metasploit resource files - Use the Metasploit Remote Procedure Call (MSFRPC) to automate exploit generation and execution - Use Python's Scapy, network, socket, office, Nmap libraries, and custom modules - Parse Microsoft Office spreadsheets and eXtensible Markup Language (XML) data files - Write buffer overflows and reverse Metasploit modules to expand capabilities - Exploit Remote File Inclusion (RFI) to gain administrative access to systems with Python and other scripting languages - Crack an organization's Internet perimeter - Chain exploits to gain deeper access to an organization's resources - Interact with web services with Python In Detail Python is a powerful new-age scripting platform that allows you to build exploits, evaluate services, automate, and link solutions with ease. Python is a multi-paradigm programming language well suited to both object-oriented application development as well as functional design patterns. Because of the power and flexibility offered by it, Python has become one of the most popular languages used for penetration testing. This book highlights how you can evaluate an organization methodically and realistically. Specific tradecraft and techniques are covered that show you exactly when and where industry tools can and should be used and when Python fits a need that proprietary and open source solutions do not. Initial methodology, and Python fundamentals are established and then built on. Specific examples are created with vulnerable system images, which are available to the community to test scripts, techniques, and exploits. This book walks you through real-world penetration testing challenges and how Python can help. From start to finish, the book takes you through how to create Python scripts that meet relative needs that can be adapted to particular situations. As chapters progress, the script examples explain new concepts to enhance your foundational knowledge, culminating with you being able to build multi-threaded security tools, link security tools together, automate reports, create custom exploits, and expand Metasploit modules. Style and approach This book is a practical guide that will help you become better penetration testers and/or Python security tool developers. Each chapter builds on concepts and tradecraft using detailed examples in test environments that you can simulate.

https://www.linkedin.com/in/mehernaz-morawala-05516312 Felicitari @Nytro pentru deschiderea unei filiale in Mumbai. Ar fi ideal daca poti face un transfer de puradei inapoi catre ei http://rstforum.net/ :P

Reflecting on Recent iOS and Android Security Updates By zLabs Friday, Feb 12 2016 at 04:00 By: Zuk Avraham, Joshua Drake, Nikias Bassen from ZimperiumzLabs The last thirty days proven to be yet another exciting time for the mobile security ecosystem. Apple and Google released updates for their respective mobile operating systems that fix several critical issues — including some in the kernel that may be exploited remotely. Last Monday, Google released its monthly Nexus security bulletin. We are thrilled to see that the tradition that started after Stagefright’s discovery is a monthly routine now and other vendors are following suit (including Samsung). Blackberry indicated that they are very serious about security issues as well. We welcome Android vendors to reply to the ZHA thread to update the carriers on their plans to release an update addressing the February fixes by Google. We’ll take a closer look at the bulletin and some of the issues fixed later in this post. iOS 9.2.1 In the recent iOS update (9.2.1 – published on January 19th), Apple patched what we initially classified as 7 critical, 3 high, and 2 moderate severity vulnerabilities. These include at least five remotely exploitable vulnerabilities (CVE-2016-1723 through CVE-2016-1727) and at least one critical local kernel vulnerability triggerable from userland with low privileges (CVE-2016-1719). CVE-2015-7995 also appears to be exposed remotely, but determining exploitability will require further investigation. The following graph and table summarize the mentioned issues. CVE Component Impact Severity CVE-2016-1717 DiskImage Kernel Code Execution High CVE-2016-1719 IOHIDFamily Kernel Code Execution Critical CVE-2016-1720 IOKit Kernel Code Execution High CVE-2016-1721 Kernel Kernel Code Execution High CVE-2015-7995 libxslt Remote Code Execution Critical CVE-2016-1722 syslogd Code Execution w/EOP High CVE-2016-1723, CVE-2016-1724, CVE-2016-1725, CVE-2016-1726, CVE-2016-1727 WebKit Remote Code Execution Critical CVE-2016-1728 WebKit CSS Privacy Leak Moderate CVE-2016-1730 WebSheet Privacy Leak Moderate Android The February Nexus Security Bulletin encompasses 10 security issues including 5 critical, 4 high, and 1 moderate severity vulnerabilities. This includes 2 remotely exploitable kernel code execution vulnerabilities (CVE-2016-0801, CVE-2016-0802) and 2 remotely exploitable vulnerabilities exposed through Android’s mediaserver (CVE-2016-0803 in Stagefright, CVE-2016-0804). You can see the bulletin in its entirety here, but the following graph and table summarize the disclosed issues. CVE Component Impact Severity CVE-2016-0801 CVE-2016-0802 Broadcom Wi-Fi Driver Remote Code Execution Critical CVE-2016-0803 CVE-2016-0804 Mediaserver Remote Code Execution Critical CVE-2016-0805 Qualcomm Performance Module Elevation of Privilege Critical CVE-2016-0806 Qualcomm Wi-Fi Driver Elevation of Privilege Critical CVE-2016-0807 Debugger Daemon Elevation of Privilege Critical CVE-2016-0808 Minikin Denial of Service High CVE-2016-0809 Wi-Fi Elevation of Privilege High CVE-2016-0810 Mediaserver Elevation of Privilege High CVE-2016-0811 libmediaplayerservice Information Disclosure High CVE-2016-0812 CVE-2016-0813 Setup Wizard Elevation of Privilege Moderate While privilege escalation issues can be used by local apps or by remote exploits, attackers still need to gain initial code execution on the device to exploit those. With SELinux being enforced more strictly, kernel vulnerabilities are becoming more important (see our 2016 predictions []). Fortunately for the attackers (and unfortunately for us), we suspect that several additional security bugs lurk within Android device specific drivers and kernels. Further, the value of information disclosure vulnerabilities should not be underestimated. For example, CVE-2016-0811 may help attackers defeat security mitigations such as ASLR by leaking address space layout details. Combining several less severe issues together in a chain allows attackers to accomplish full compromise reliably. We expect this practice to remain a trend for the foreseeable future. As promised, Google updated the advisory within 48 hours with links to the AOSP commits that fixed the issues. It’s Interesting that several issues correspond to commits first released to the public in January. Unfortunately, this form of partial disclosure tends to give attackers that monitor code pushes a head start — especially when targeting 3rd party Android devices. On the bright side, that means up-to-date Nexus users were protected for an extra month before the official public disclosure. Let’s take a closer look at the relevant code changes for each issue. Analyzing the bugs The Broadcom Wi-Fi Driver remote kernel code execution vulnerabilities are the most interesting bugs disclosed this month. Although Google did not link to any commits for these two vulnerabilities, the Linux kernel is released under the GNU Public License which requires that source code be made available publicly. Shortly after the release, Security Researcher Ralf Philipp-Weinmann what we believe to be the related commits. The changes most relevant to CVE-2016-0801 and CVE-2016-0802 follow. We performed a cursory analysis of CVE-2016-0802 (full diffhere) and determined that several new validations were added checking packet lengths. However, we were unable to confirm that any ill effects would result from using nefarious values for the now-validated parameters. CVE-2016-0801 tells a different — and quite scary — story. See the following commit details. As you can see, the committer himself declared these issuesexploitable buffer overflows straight away. Looking at the code sheds additional light on the subject. drivers/net/wireless/bcmdhd/wl_cfg80211.c [diff]: In both cases, validation is added to prevent copying more data than the size of the destination buffer. Further, both destination buffers are located on the kernel stack. Because the stack contains crucial items such as the return address and — in the case of the kernel — the thread_info structure, exploiting such overflows is thought to be much easier. The next logical question is if and how these areas of code can be reached by an attacker. The bulletin states, “These vulnerabilities can be triggered when the attacker and the victim are associated with the same network.” However, our quick analysis of the code suggests (unconfirmed) that it may be possible to trigger these vulnerabilities without being associated at all. The following code is responsible for initializing a table of handlers that is used when various events occur. ==== 9765 static void wl_init_event_handler(struct bcm_cfg80211 *cfg) … 9781 cfg->evt_handler[WLC_E_ACTION_FRAME_RX] = wl_notify_rx_mgmt_frame; 9782 cfg->evt_handler[WLC_E_PROBREQ_MSG] = wl_notify_rx_mgmt_frame; 9783 cfg->evt_handler[WLC_E_P2P_PROBREQ_MSG] = wl_notify_rx_mgmt_frame; … 9790 cfg->evt_handler[WLC_E_PFN_NET_FOUND] = wl_notify_pfn_status; ==== The first three presented entries correspond with the first change in the diff. The wl_notify_rx_mgmt_frame function callswl_validate_wps_ie, which contains the buffer overflow. (and also has other callers that have not been investigated). The event IDs (the part in brackets) include probe requests and action frames. This is quite interesting because probe requests are one of the very first packets sent during association. If an Android device enabled the portable hotspot feature, this vulnerability could potentially be exposed to everyone within range of the Wi-Fi radio. The final presented event handler entry deals with scheduled scans. The wl_notify_pfn_status function callswl_notify_sched_scan_results, which contains the buffer overflow. Although we are still investigating, this functionality also sounds a lot like it could expose the vulnerability to any attacker within Wi-Fi range of a vulnerable device. After the Broadcom Wi-Fi driver, the next most interesting vulnerabilities in the bulletin relate to a subject near and dear to our hearts — Android’s media processing. CVE-2016-0803 fixes two integer overflows in libstagefright that were classified as critical RCE. The bugs existed within the SOFTMPEG4Encoder and functions. In both cases, the issue is an integer overflow occurring when dealing with multiplication involving the mWidth and mHeight parameters. This overflow was patched with two commits [] [2] that add a sanitization check prior to allocating 1.5 x mWidth x mHeight bytes in the process’ heap. The relevant changes follow. CVE-2016-0803 affect devices running: Android 4.4.4, 5.0, 5.1.1, 6.0 and 6.0.1 This issue is not without caveats, however. Since it exists within a codec, the victim would need to play back a malicious media file for an attacker trigger the vulnerability. While not all possible ways of accessing media have been investigated, Google Chrome on Android blocks automatic playback of HTML5 video by default (see here). As with most things Android, your mileage may vary depending on the specific device or application dealing with rich media. We encourage developers (especially those working on devices and browsers) to investigate and reconsider the decision to enable auto-play functionality. Another quirk with this vulnerability is that it appears to live within encoder functionality. It’s not presently clear how an attacker would exercise an encoder remotely, but we can’t rule it out either. The other critical RCE, vulnerability in mediaserver that is not related to libstagefright is CVE-2016-0804. It affects devices running Android 5.0, 5.1.1, 6.0 and 6.0.1. It was fixed by re-initializing the mDrmManagerClient member variable to NULL when cleaning up withinNuPlayer::GenericSource::notifyPreparedAndCleanup as shown below. frameworks/av / media/libmediaplayerservice/nuplayer/GenericSource.cpp Fixes of this nature often prevent using stale data later in the lifetime of the process. One of the security researchers on the team of people that reported the issue that this issue was a use-after-free problem triggered when processing a DRM-protected media file. Presumably the attack vector here is media within the browser. It’s not clear if playback is required here, but given the name of the vulnerable function it’s probably not. Conclusions To summarize, both iOS and Android are improving their security from month to month but both OSes still expose users to remotely exploitable bugs. It wouldn’t come as a surprise if more such vulnerabilities were discovered already or in the future. From a preliminary analysis of the bugs, the security of most available devices not running the latest version is alarming. Determined attackers such as professional malware authors and nation states couldn’t be happier with smartphones’ lack of updates and the amount of remotely exploitable vulnerabilities. Sursa: https://blog.zimperium.com/reflecting-on-recent-ios-and-android-security-updates/

Try with Q1100 Root Boot Instalezi PdaNet pe pc si conectezi telefonul tot prin acelasi cacat de mai sus. Pot face un tutorial dar nu am telefonul la mana mea. Daca ai conectat telefonul la pc deschizi rootboot.bat cu telefonul deschis si conectat. Apesi tasta 1 si telefonul in cateva secunde se restarteaza si e root-at. Daca functioneaza te rog spune-mi ca sa fac un tutorial. Daca nu ma insel e dotat cu un Mediatek si ar trebui sa functioneze..

" Mentionez ca script-ul nu imi apartine dar accept donatii :https://steamcommunity.com/tradeoffer/new/?partner=189467411&token=2VLN1Par " du-te-n mortii ma-tii, ce tupeu