Leaderboard

Asta e marketing bullshit. Nu te afecteaza in niciun fel faptul ca e in alta parte in Europa si nu e in Romania. Desigur, pot sa halesc rahat si sa spun ca neaparat trebuie sa iei din Romania, doar pentru a te minti si a incerca sa-ti vand ceva :)))) RTT mediu catre Germania din Romania este de 32 ms. Catre Franta, Italia, Anglia la fel. Sa nu spuna cineva ca sesizeaza 32 ms la connect time si ca RTT-ul ala il impiedica sa transmita/receptioneze date la 1Gbps wire speed. Dezavantajele de a avea ceva intr-o tara subdezvoltata cred ca le stim cu totii :)))))) Raspunsuri la intrebarea "de ce nu vrei in Romania" sunt multe. Pentru ca vrei stabilitate, pentru ca nu vrei sa lucrezi cu canibali care vor sa-ti ia banii si sa nu-ti ofere mai nimic la schimb. Pentru ca Germania reprezinta tara cu cele mai importante noduri de internet pentru toata Europa. 1Gbps NIC inseamna ca device-ul de retea este conectat la 1Gbps. Eu iti recomand sa cumperi de la hetzner.

Salariul unui programator intre 2000-4000 euro, in Romania ? de unde sunt statisticile astea ? Titlu clickbait, de Can-can. Facut pentru a da sperante tinerilor visatori, pentru a-i atrage si convinge sa depunde o munca de sclav in companiile lor de cacat, sub pretextul unor promisiuni false.

How I made LastPass give me all your passwords 2016.07.27 labsdetectify Cross Site ScriptingLastpassMathias KarlssonXSS Note: This issue has already been resolved and pushed to the Lastpass users. Stealing all your passwords by just visiting a webpage. Sounds too bad to be true? That’s what I thought too before I decided to check out the security of the LastPass browser extension. For those who don’t know, LastPass is one of the world’s most popular password managers. I started by noticing that the extension added some HTML code to every page I visited, so I decided to dig into how that worked. A few cups of coffee later, I found something that looked really, really bad. The issue The bug that allowed me to extract passwords was found in the autofill functionality. First, the code parsed the URL to figure out which domain the browser was currently at, then it filled any login forms with the stored credentials. However, the URL parsing code was flawed (bug in URL parsing? shocker!). This was the code (lpParseUri function, un-minified): var fixedURL = URL.match(/^(.*:\/\/[^\/]+\/.*)@/); fixedURL && (url = url.substring(0, fixedURL[1].length) + url.substring(fixedURL[1].length).replace(/@/g, "%40")); By browsing this URL: http://avlidienbrunn.se/@twitter.com/@hehe.php the browser would treat the current domain as avlidienbrunn.se while the extension would treat it as twitter.com. Since the code only URL encodes the last occurence of @, the actual domain is treated as the username portion of the URL. Too bad to be true? Below you see that the extension would fill my form with the stored credentials for twitter.com. After that I could simply go through other commonly used sites and extract credentials for those too. I reported this to LastPass through their responsible disclosure page and the report was handled very professionally. The fix was pushed in less than a day(!), and they even awarded me with a bug bounty of $1,000. Are passwords managers bad? Should we stop using password managers? No. They are still much better than the alternative (password reuse). Although, taking a second to disable autofill functionality is a good move because this isn’t the first autofill bug we’ve seen, and I doubt it will be the last. Also, this would not work if multi factor authentication was on, so you should probably enable that as well. Updates Update #1 2016.07.28: There has been a lot of comments regarding the reward Mathias received from Lastpass. At the time Mathias submitted this they didn’t have a bug bounty so he was more than satisfied with $1,000. Update #2 2016.07.28: Lastpass have made a comment regarding Mathias finding on their blog. Sursa: https://labs.detectify.com/2016/07/27/how-i-made-lastpass-give-me-all-your-passwords/

Tplmap Tplmap (short for Template Mapper) is a tool that automate the process of detecting and exploiting Server-Side Template Injection vulnerabilities (SSTI). This assists SSTI exploitation to compromise the application and achieve remote command execution on the operating system. The tool can be used by security researches and penetration testers, to detect and exploit vulnerabilities and study the template injection flaws. Tplmap template capabilities can be extended via plugins. Several sandbox break-out methodologies came from James Kett's research Server-Side Template Injection: RCE For The Modern Web App and other original researches. As advanced features Tplmap detects and achieves command execution in case of blind injections and is able to inject in code context. Link: https://github.com/epinna/tplmap

@Narmer iti recomand hetzner, cand ai probleme, ticketele vin la mine..

Sorry to bumb a old thread but Can you reupload? I really need to check something in the ps3hax.net DUMP file. Also link is broken.

Course Description This course is packed with essential, need to know info that is useful for tests. But most importantly, it gives you real world applications. There’s no reason to spend an additional 9 hours, following along as a boring, monotone voice reads off a pdf. Not when you can get this 1 hour, fast-paced work of art that keeps you on your toes and engaged the entire way through. Sam has successfully helped 20,000 students learn and understand various networking topics, and begin their journey on career success. Let’s make you 20,001! Enroll Today! What are the requirements? Basic networking knowledge What am I going to get from this course? 1+ Hours of training, and 9 Lessons!, all absolutely packed with need-to-know info! Access to our FREE course updates! All info is up-to-date and easy to follow Learn from a network expert with 20+ years of experience! Gain access to our real world examples and knowledge that can't be found anywhere else! Professionally edited videos videos with clear audio to make student enjoyment the best it can be Quickly acquire the book knowledge you'll need without the fluff! Deploy IPv6 Addressing and Basic Connectivity on an enterprise or service provider network Trouble-shoot IPv6 Addressing and Basic Connectivity Access to our unique and exclusive "Video Cheat Sheets"! Configure networks using IPv6 Addressing And More! What is the target audience? Networking engineers wanting to learn about IPv6 Addressing and Basic connectivity Networking engineers looking to advance in their careers and make more money Networking students (those who are interested about learning about Networking but are not yet networking engineers) Link curs: LINK Download: LINK