Leaderboard

Description Parses 802.11 frames from multiple sources (live or PCAP files) and store them, parsed, into Elasticsearch. Visualize them with Kibana. Search using Wireshark display filters. Get alerted using ElastAlert or Elastic Watcher. Compilation Note: Installation has only been tested on Ubuntu 16.04 for now. Note: Most commands need to be run as root. Install Elasticsearch and Kibana Refer to Elasticsearch documentation on https://www.elastic.co/guide/en/elasticsearch/reference/current/_installation.html and to Kibana documentation on https://www.elastic.co/guide/en/kibana/current/setup.html Or follow the simplified installation steps below apt-get install openjdk-8-jre wget -qO - https://artifacts.elastic.co/GPG-KEY-elasticsearch | apt-key add - echo "deb https://artifacts.elastic.co/packages/5.x/apt stable main" >> /etc/apt/sources.list.d/elastic.list apt-get update apt-get install elasticsearch curl kibana Note regarding Kibana and ElasticSearch: They are often listening on 0.0.0.0, so make sure to configure the firewall to prevent access to those ports (or edit their configs) from the outside Install dependencies libtins wget https://github.com/mfontanini/libtins/archive/v3.5.tar.gz tar -zxf v3.5.tar.gz cd libtins-3.5 apt-get install libpcap-dev libssl-dev build-essential libboost-all-dev mkdir build cd build cmake ../ -DLIBTINS_ENABLE_CXX11=1 make make install ldconfig Note: Radiotap parsing may fail on 3.5. Use their git repository instead. Other dependencies YAML-cpp POCO (for elasticbeat-cpp) RapidJSON (for elasticbeat-cpp) Boost libnl v3 (and libnl-genl) libb64 Optional tsan (Thread sanitizer, for debugging) wireshark-data (manuf file): either generate it using make-manuf and put it in /usr/share/wireshark/manuf or use libwireshark-data package Debian-based OS Note: Make sure the system is up to date apt-get update && apt-get dist-upgrade then reboot before running the following command: apt-get install libyaml-cpp-dev libpoco-dev rapidjson-dev libtsan0 libboost-all-dev libb64-dev libwireshark-data build-essential Load and compile Install Codelite apt-get install codelite codelite-plugins Load projects into CodeLite Create workspace (File -> New -> New workspace) or use existing one. Take note of the directory. Clone repositories in that newly created directory git clone https://github.com/WiFiBeat/WiFiBeat git clone https://github.com/WiFiBeat/elasticbeat-cpp git clone https://github.com/WiFiBeat/simplejson-cpp Add projects to workspace: Right click on the workspace in the Workspace View on the left Click 'Add an existing project' Browse for the wifibeat.project file and click Open Repeat steps II and III for elasticbeat-cpp.project Repeat steps II and III for simplejson-cpp.project Compile Select wifibeat project by double clicking on it. It should be bold now. Now, right click on project and click on Build. Alternatively, hit the Build menu on top then click Build Project. Configure Copy configuration file (wifibeat.yml) in /etc and update it. It is fairly well documented. Limitations For now, a single wireless card (more than one untested). For now, a single elasticsearch output (more than one untested). Logstash output is not implemented yet. Persistence is not implemented yet. Usage Start Elasticsearch: service elasticsearch start Start Kibana: service kibana start Plug a wireless card, put it in monitor mode (manually or using airmon-ng). Update the configuration file with adapter name (/etc/wifibeat.yml) Run the tool with or without parameters. It is in Debug(default) or Release directory depending on how it was compiled. Open browser on http://localhost:5601/ then configure an index called wifibeat-* for time-based events with @timestamp. Also make sure 'Expand index pattern when searching' is checked. If no data is present, index cannot be created. Go to Management -> Saved Objects and import kibana visualizations, searches and dashboard (kibana.json). Parameteres WiFibeat v0.1 Options: -h [ --help ] Show this message -v [ --version ] Display version -c [ --config ] arg (=/etc/wifibeat.yml) Configuration file path -f [ --no-daemon ] Do not go in the background. -d [ --dump-config ] Display parsed configuration -p [ --pid ] arg (=/var/run/wifibeat.pid) Where to write PID file. Ignored if no-daemon is set -n [ --no-pid ] Do not write PID to file. Automatically set when no-daemon is set. -a [ --pcap-prefix ] arg Per interface export PCAP file prefix. Everything is logged in syslog, grep wifibeat /var/log/syslog or tail -f /var/log/syslog | grep wifibeat will show them. Note: If the no-daemon option is used, errors are displayed in the console too. Future WiFi-related Payload parsing (if unencrypted/decrypted) Different channel width (require support from wireless card) 5/10MHz and other unusual ones HT/VHT channel support Frequency (instead of channels) support Packet filtering at the source Multiple cards support PCAPng export/reading (including timestamp) More link types (AVS, Prism2, PPI) Automatically put cards in monitor mode Global filters (for pcap and interfaces) Support for Windows with Airpcap and NPCAP MAC address and OUI manufacturer resolution GPS ElasticSearch Templates/Mapping More configuration options SSL Support Other Unit testing More outputs (Logstash, Kafka, Redis, file, console) Packages (Ubuntu and others) Doxygen documentation CLI interface Use log4cplus for logging ElastAlert alerts Code cleanup Performance improvements Reduce dependencies Makefile Known bugs Packet captures are not fully ingested in Elasticsearch (not all packets are in Elasticsearch). Arrays are not supported in Elasticsearch. Reasons are explained in various bug reports: elastic/kibana#3333, elastic/kibana#998 and elastic/kibana#1587. If querying arrays is needed, you may look into https://github.com/istresearch/kibana-object-format (untested yet). Download WiFi-Beat-master.zip Source: https://www.wifibeat.org/

Download: aHR0cHM6Ly93ZS50bC90ZWJabEpSbU9I

Aia 1,50 o sa iti fie adaugati in contul de paypal , nu se mai intorc in card

Am reusit sa fac rost de mai multe informatii de la o sursa sigura. Aparent baietii au reusit sa extraga date destul de importante dintr-un server MySQL. Informatia era destul de importanta deoarece turneul de Solitaire era in derulare iar baza de date ce au extras-o continea evidenta scorurilor angajatilor. Revin cu update-uri cand mai primesc informatii.

"Cu ocazia percheziţiilor efectuate au fost indentificate şi ridicate mai multe sisteme informatice, harduri interne şi externe, smartphone-uri, stick-uri şi carduri de memorie, suporţi optici de tip CD/DVD, utilizate în activitatea infracţională" "harduri", ce limbaj profesional. 2017, CD/DVD, atac informatic... Nu era tocmai muzica buna pe Țedeu. A.S.I.A. - Suna Periculos trebuia sa le dea de gandit...

Aici se vor posta doar oferte valabile gasite la diferite magazine online, din tara si nu numai. Rog a se posta atat link-ul cat si pretul. Ar fi indicat sa va asigurati ca produsul respectiv nu exista la un pret mai mic la un alt magazin, altfel ar fi inutil postul. Deasemenea, reducerea sa fie semnificativa, nu de-al de 3 lei 25.

Salut si bun venit Eu personal am vazut bine ce ai scris, nu am ochelari, nu ma dor ochii, vad bine

să-l fut în inimă https://www.virustotal.com/#/file/55482d23edd8fdfeb0856e65ce74b6c192db2954575688bf4225b315b0a32620/detection https://www.virustotal.com/#/file/45e25b87f499542a47a79a261e28bedf1ccf50d878cc00a98510623a0fac4a26/detection

Am citit, am zis sa-l testez, dar am intrat pe git am vazut ca pe asta il cheama Faizan Ahmad si e din Pakistan, pe urma am intrat pe fsecurify.com si poftim: http://fsecurify.com/cgi-sys/suspendedpage.cgi Asta cu fsecurify e ca paypai la paypal...fsecurity. Sa-l futa sfintii si sfantu Petru sa se uite, cu tool-urile si cu firma lui de insecuritate. No hate @Fi8sVrs @restul sper sa nu va suparati pe mine pentru ceea ce am scris chiar daca va regasiti in fizicul demn de invidiat al acestui Fulbrighter.

U're so sad...https://bitcointalk.org/index.php?topic=2056996.0

Da este confirmat. Banii sunt doar blocati cateva zile la platile cu cardul, nu sunt luati live din cont 100% ca si cum platesti cash.

In a mind-boggling world first, a team of biologists and security researchers have successfully infected a computer with a malicious program coded into a strand of DNA. It sounds like science fiction, but I assure you it’s quite real — although you probably don’t have to worry about this particular threat vector any time soon. That said, the possibilities suggested by this project are equally fascinating and terrifying to contemplate. The multidisciplinary team at the University of Washington isn’t out to make outlandish headlines, although it’s certainly done that. They were concerned that the security infrastructure around DNA transcription and analysis was inadequate, having found elementary vulnerabilities in open-source software used in labs around the world. Given the nature of the data usually being handled, this could be a serious problem going forward. Sure, they could demonstrate the weakness of the systems with the usual malware and remote access tools. That’s how any competent attacker would come at such a system. But the discriminating security professional prefers to stay ahead of the game. “One of the big things we try to do in the computer security community is to avoid a situation where we say, ‘Oh shoot, adversaries are here and knocking on our door and we’re not prepared,'” said professor Tadayoshi Kohno, who has a history of pursuing unusual attack vectors for embedded and niche electronics like pacemakers. From left, Lee Organick, Karl Koscher, and Peter Ney from the UW’s Molecular Information Systems Lab and the Security and Privacy Research Lab prepare the DNA exploit for sequencing “As these molecular and electronic worlds get closer together, there are potential interactions that we haven’t really had to contemplate before,” added Luis Ceze, one co-author of the study. Accordingly, they made the leap plenty of sci-fi writers have made in the past, and that we are currently exploring via tools like CRISPR: DNA is basically life’s file system. The analysis programs are reading a DNA strand’s bases (cytosine, thymine etc, the A, T, G, and C we all know) and turning them into binary data. Suppose those nucleotides were encoding binary data in the first place? After all, it’s been done before — right down the hall. Here comes the mad science Here’s how they did it. All you really need to know about the transcription application is that it reads the raw data coming from the transcription process and sorts through it, looking for patterns and converting the base sequences it finds into binary code.“The conversion from ASCII As, Ts, Gs, and Cs into a stream of bits is done in a fixed-size buffer that assumes a reasonable maximum read length,” explained co-author Karl Koscher in response to my requests for more technical information. That makes it ripe for a basic buffer overflow attack, in which programs execute arbitrary code because it falls outside expected parameters. (They cheated a little by introducing a particular vulnerability into the software themselves, but they also point out that similar ones are present elsewhere, just not as conveniently for purposes of demonstration.) After developing a way to include executable code in the base sequence, they set about making the exploit itself. Ironically, it’s inaccurate to call it a virus, although it’s closer to a “real” virus than perhaps any malicious code ever written.“The exploit was 176 bases long,” Koscher wrote. “The compression program translates each base into two bits, which are packed together, resulting in a 44 byte exploit when translated.” Given that there are 4 bases, it would make sense to have each represent a binary pair. Koscher confirmed this was the case. (If you’re curious, as I was: A=00, C=01, G=10, T=11.) “Most of these bytes are used to encode an ASCII shell command,” he continued. “Four bytes are used to make the conversion function return to the system() function in the C standard library, which executes shell commands, and four more bytes were used to tell system() where the command is in memory.” Essentially the code in the DNA escapes the program as soon as it is converted from ACGTs to 00011011s, and executes some commands in the system — a sufficient demonstration of the existence of the threat vector. And there’s plenty of room for more code if you wanted to do more than break out of the app. At 176 bases, the DNA strand comprising the exploit is “by almost any biological standard, very small,” said Lee Organick, a research scientist who worked on the project. Biopunk future confirmed In pursuance of every science journalist’s prime directive, which is to take interesting news and turn it into an existential threat to humanity, I had more questions for the team. “CONCEIVABLY,” I asked, in all caps to emphasize that we were entering speculative territory, “could such a payload be delivered via, for example, a doctored blood sample or even directly from a person’s body? One can imagine a person whose DNA is essentially deadly to poorly secured computers.” Irresponsibly, Organick stoked the fires of my fearmongering. “A doctored biological sample could indeed be used as a vector for malicious DNA to get processed downstream after sequencing and be executed,” he wrote. “However, getting the malicious DNA strand from a doctored sample into the sequencer is very difficult with many technical challenges,” he continued. “Even if you were successfully able to get it into the sequencer for sequencing, it might not be in any usable shape (it might be too fragmented to be read usefully, for example).” It’s not quite the biopunk apocalypse I envisioned, but the researchers do want people thinking along these lines at least as potential avenues of attack. “We do want scientists thinking about this so they can hold the DNA analysis software they write to the appropriate security standards so that this never makes sense to become a potential attack vector in the first place,” said Organick. “I would treat any input as untrusted and potentially able to compromise these applications,” added Koscher. “It would be wise to run these applications with some sort of isolation (in containers, VMs, etc.) to contain the damage an exploit could do. Many of these applications are also run as publicly-available cloud services, and I would make isolating these instances a high priority.” The likelihood of an attack like this actually being pulled off is minuscule, but it’s a symbolic milestone in the increasing overlap between the digital and the biological. The researchers will present their findings and process (PDF) next week at the USENIX Security conference in Vancouver. Via techcrunch.com

Si pentru ce va certati? Nu ii vad rostul?

Esti un producator ambulant de kkt, meri la pesti!

How the NSA tracks you by William Binney, former NSA & whistleblower Link: https://media.ccc.de/v/SHA2017-402-how_the_nsa_tracks_you Via: https://twitter.com/x0rz/status/894557118992396288 Imi cer scuze daca am gresit sectiunea

Nu ca ar fi o noutate insa in slide-ul cu Third Parties apare si Romania ca fiind cele care colecteaza date pentru NSA. Interesant ca si Suedia apare acolo.... Minutul 52:49

Si deci s-a conenctat cineva la vre-unul? Sau e cu parola?

paccc :)))))))))))

Oi fi eu prost, dar din cate stiu, mai toate routerele, cand ii cer parola, au "Authentication Type" deja setat pe wpa2/wpa-psk, care necesita minim 8 caractere, de ce ar mai exista parole de <8 caractere pe https://github.com/faizann24/wifi-bruteforcer-fsecurify/blob/master/sourcecode/main/assets/passwords.txt ?

@ManutaDeAur Nu cred ca mai are somn noaptea omu' asta. Pentru un om cu doar 8 clase sau 9 clase le "da cu seen" multora de pe aici. Omu' a incercat si incearca, a mai ramas cu ceva. Nu doar laba si chat. Hai ca iar sar haterii astia pe mine. Unde esti tu aa66760fdzxza?

hello all me and my coder we are trying to do our own version of Electrum Cash wallet.... we are able to edit it little bit change the gui and so on... but we are stuck at compiling it into a exe source code : www.electroncash.org/downloads/win-linux/ please download source code and check if you are able to compile .... if yes pm me (we discuss futher)