Leaderboard

Not a jammer, device lets hackers fly drones and lock out original pilot. The advent of inexpensive consumer drones has generated a novel predicament for firefighters, law-enforcement officers, and ordinary citizens who encounter crafts they believe are interfering with their safety or privacy. In a series of increasingly common events—several of them chronicled by Ars—drones perceived as trespassing have been blown out of the sky with shotguns. Firefighters have also complained that hobbyist drones pose a significant threat that sometimes prompts them to ground helicopters. Now, a researcher has demonstrated a significantly more subtle and proactive remedy that doesn't involve shotgun blasts or after-the-fact arrests by law enforcement. It's a radio transmitter that seizes complete control of nearby drones as they're in mid-flight. From then on, the drones are under the full control of the person with the hijacking device. The remote control in the possession of the original operator experiences a loss of all functions, including steering, acceleration, and altitude. The hack works against any drone that communicates over DSMx, a widely used remote control protocol for operating hobbyist drones, planes, helicopters, cars, and boats. Besides hijacking a drone, the device provides a digital fingerprint that's unique to each craft. The fingerprint can be used to identify trusted drones from unfriendly ones and potentially to provide forensic evidence for use in criminal or civil court cases. Unlike most other counter-drone technologies publicly demonstrated to date, it isn't a frequency jammer that merely prevents a remote control from communicating with a drone. Instead, it gives the holder the ability to completely seize control of the unmanned craft. It was presented on Wednesday at the PacSec 2016 security conference in Tokyo by Jonathan Andersson, the advanced security research group manager at Trend Micro's TippingPoint DVLab division. "In the defense and security world, there are people who have done this," Robi Sen, the founder of counter-drone product maker Department 13, told Ars. "There are also a few hackers who have done this but have not made their research public. To my knowledge, this is the first time that this has all been presented, in a complete package, publicly." Andersson's drone hijacker works because the process DSMx uses to connect a remote control to a drone doesn't sufficiently cloak a crucial piece of information that is shared between the two devices. "The shared secret ('secret' used loosely as it is not encrypted) exchanged is easily reconstructed long after the binding process is complete by observing the protocol and using a couple of brute-force techniques," Andersson wrote in an e-mail. "Further, there is a timing attack vulnerability wherein I synchronize to the target radio's transmissions and transmit a malicious control packet ahead of the target, and the receiver accepts my control information and rejects the target's." Possession of the secret gives attackers everything they need to impersonate the vulnerable transmitter. The transmitters are also vulnerable to what security experts call a timing attack that allows the impersonating attacker to effectively lock out the original operator. Wednesday's presentation included the following video demonstration: Not available in stores For now, devices like the one Andersson demonstrated aren't publicly available, but that will undoubtedly change as more people figure out how to exploit DSMx and, quite possibly, competing radio-frequency technologies used to control drones. The widespread availability of hijacking devices comes with a tremendous number of consequences, some of them unsettling. One of the more frightening scenarios is someone using a device to hijack one or more devices that are in close proximity to a large number of people. Drones are capable of carrying large amounts of fuel that can burst into flames upon impact, as evidenced in this video. Vulnerable drones used by emergency first responders could also be commandeered. On the positive side, hijacks could allow law-enforcement officers to safely seize control of vulnerable drones that are endangering or interfering with first responders. The hacks could also provide ordinary citizens with a less-draconian way of disabling a drone they believe is impinging on their property or privacy. By measuring the frequency-hopping pattern unique to each craft, the device also gives people a way to positively identify the drones they come in contact with. As Ars has reported previously, legal scholars are uncertain about whether citizens can assert aerial trespass claims. A patchwork of federal and state laws makes it unclear if even local authorities have the legal authority to shoot or hack an aircraft out of the sky. Andersson said DSMx is a technology for hobbyists that has been marketed for its range, robustness, and other performance merits rather than its security. Now that DSMx is in wide use, it's not clear it can ever be purged of the weaknesses that make his remote hijacking attacks possible. "My guess is that it will not be easy to completely remedy the situation," Andersson said. "The manufacturers and partners in the ecosystem sell standalone radio transmitters, models of all kinds, [and] transmitters that come with models and standalone receivers. Only a certain set of standalone transmitters have a firmware upgrade capability, though the fix is needed on the model/receiver side." A representative of Horizon Hobby, the company that designed and licenses DSMx, declined to make anyone from its PR department available for comment prior to publication of this post. The representative instead referred inquiries to the company's legal department, which was closed for the day. Sursa: http://arstechnica.com/security/2016/10/drone-hijacker-gives-hackers-complete-control-of-aircraft-in-midflight/

Am descărcat un tutorial video (format din mai multe părți) prin programul celor de la LinkedIn, Week of Learning, care durează până pe 30 octombrie și oferă gratuit toate tutorialele până la data menționată, prin aplicația lor de android, deoarece numai prin ea se pot salva tutorialele pentru utilizare offline. Am găsit în telefon locația unde sunt salvate, numai că, nu reușesc să îmi dau seama care e giumbușlucul ce trebuie făcut pentru a putea să le pot reda printr-un oarecare player video, nu doar prin aplicația lor. Deci, dacă are cineva puțin timp să facă un reverse engineering pe aplicația lor și îmi (ne) poate da detalii în legătură cu chestia asta, ar fi de ajutor. Aș vrea să mai descarc niște seturi de tutoriale pe care o să le pun și aici. Nu uitați că pe 30 se termină "mierea" din borcan. Link fișiere: https://mega.nz/#!QclkyQYB!aCwGRU5HZXOkBDS8-IhKF6h1NO1MvX81sinDUpeOng4

http://www72.zippyshare.com/v/w1NC2xWv/file.html

Cate un server doar. Setup fee 0; activare in 10 minute. - Intel Core i7 3770, 16 GB DDR3, 1 x 240 GB SSD Force 3, 100Mbps - 30 Euro/lunar - Intel Core i7 4770, 16 GB DDR3, 1 x 240 GB SSD Force 3, 100Mbps - 40 Euro/lunar - Intel Core i7 2500k, 8GB DDR3, 1 x 500 GB SATA, 100Mbps - 25 Euro/lunar - Intel Core i7 4770, 32 GB DDR3, 1 x 240 GB SSD Force 3, 1Gbps - 40 Euro/lunar - Intel Xeon E3110, 8GB DDR2, 1 x 500 GB SATA, 100Mbps - 25 Euro/lunar - Intel Core i7 6700, 32GB DDR4, 1 x 480 GB SSD, 100Mbps - 60 Euro/lunar [s-a dat] Note: - Latimea de banda este garantata iar traficul este 'unmetered'. - Nu se accepta absolut nimic ilegal. Daca ai dubii, poti intreba inainte daca ceva este permis. - NU, email marketing NU este permis. Toate adresele IP sunt CLEAN si asa trebuie sa ramana. // edit: s-au dat toate

Invata sa vinzi ! Vino cu screenshoturi, detalii ca : - nisa - engagement - tara din care sunt majoritatea Eu acum nu ma pot gandi decat ca ai 10.000 de pakistanezi intr-un grup care habar nu au ce cauta acolo///

Man, tu vrei să faci depășire când nu știi nici cum să bagi mașina în viteză. Citește mai multe despre networking, ia stack-ul OSI și citește tot ce-i despre el după aia orientează-te spre soft-uri/unelte. Wireshark e arhisuficient pentru orice te duce mintea să faci, important e cum știi să folosești informația pentru că tool-ul te ajută DOAR până la un punct.

Salut, Am nevoie de un keylogger care sa-mi trimita informatii pe mail. Vreau ca dupa ce il bag pe stick acasa sa se instaleze RAPID in maxim 30 secunde - 1 minut in PC-ul unde doresc sa introduc carnatul... mi-ar lua prea mult timp la respectivul pc sa instalez de la zero un keylogger si sa-l configurez. aici e problema de timp.... daca ar merge trimis ca executabil si prin FB Messenger e si mai bine. Caz ca exista ceva si pt android .. platesc in plus.