Leaderboard

Scuza buna pentru nevasta cand te prinde vorbind cu amanta Vocile bre.. vocile.. #WeAreLegionForWeAreMany

Poate iti iese si tie de un pateu. Telefon mobil Samsung Galaxy S7, 32GB, 4G, Black, 1.000 de bucăți la 1.499,99 de lei https://www.emag.ro/...m/pd/DJXR03BBM/ Combina frigorifica Arctic AK54270+, 262 l, H 170.5 cm, Clasa A+, 500 de bucăți la 599,99 de lei https://www.emag.ro/...0/pd/DQFG82BBM/ Detergent capsule Ariel Pods 3 in 1, 3 X 39 spălări, 4.000 de bucăți la 89,99 de lei https://www.emag.ro/...3/pd/DVBYB0BBM/ Consola Microsoft Xbox One Slim 500 GB, 500 de bucăți la 599,99 de lei https://www.emag.ro/...0/pd/D01LQ7BBM/ Acumulator extern A+, 10.000 mAh, 5.000 de bucăți, la 39,99 de lei https://www.emag.ro/...w/pd/DF3W42BBM/ Televizor LED Nei, 81 cm, HD, 1.000 de bucăți la 399,99 de lei https://www.emag.ro/...0/pd/DTFY6NBBM/ Tigaie wok Tefal Only Cook, 28 cm, thermo-spot, 3.000 de bucăți la 49,99 de lei https://www.emag.ro/...5/pd/DVWK9NBBM/ Laptop Lenovo IdeaPad, procesor Intel Celeron N3060 frecventa 2.48 GHz, ecran 15.6", memorie 2GB, hard disk 500 GB, Intel HD Graphics 400, Black, 500 de bucăți la 499,99 de lei https://www.emag.ro/...i/pd/DC6DSNBBM/ Aparat de gătit cu aburi și blender Philips-AVENT SCF870/22, 1.200 de bucăți la 349,99 de lei https://www.emag.ro/...2/pd/E1TNKBBBM/ Anvelopa iarna Orium 601 185/65 R15 88T, 1.000 de bucăți la 99,99 de lei https://www.emag.ro/...1/pd/D9TB92BBM/ Selgros http://www.selgros.ro/catalog/black-friday-nr-46?id=115#book/page/1 Flanco https://drive.google.com/open?id=154xgZNJEXFoWh2HMdVm7mVRf-3oSxHxM >adunate de pe net. >getagolf.com >donatii >bf >muie profitshare.

Daca te referi la treaba dintre Erdeesh si Ericcson e doar pregatire (care dureaza cativa ani) pentru a suporta 5G-ul, nu implementarea in sine. Chiar daca e promitator, momentan 5G-ul e inca in stadiul de research. De acolo si pana la stadiul de business si consumer roll-out e alta mancare de peste. Discutam recent cu un academic care lucreaza in domeniu si echipele lor au primit finantari de la Gov UK si firme gigant (printre care si Ericcson) de multe milioane de ££ pentru research si zicea ca se pune foarte mult accent pe securitate. O firma de consultanta si security cu cativa baieti (si fete ) destepti who know their stuff ar putea mulge ceva milioane in viitorul apropiat.

daca iti producea 50k doar din links nu o vindeai

Păi stai. Dacă la un mil de like-uri ai un impact de aproximativ 300-1000 de like-uri la o postare din ce am văzut, e foarte puțin. Adică zic că dacă ai un cont de pizdă cu 2000 de fani și postezi o țâță, ai sigur 1500 de like-uri, față de a ta cu 900 și peste un milion de like-uri. Zic și eu. Cum ziceau și băieții poate vinzi numărul în sine de like-uri al paginii, că altfel nu face nici pe departe atât cu reach-ul ăla al postărilor. Gândește-te că dacă cineva are un produs, de 150 de sute de coco face mult mai multe conversii decât dacă ți-ar cumpăra ție pagina, chiar pe termen lung vorbind. Spor la vânzare!

Esti sigur ca ai pus preturile corect si nu ai o problema la tastatura? Se tot apasa "k" dupa fiecare cifra....

Având puțin timp liber seara, am decis să mă destind cu acest challenge. La rugămintea lui @Usr6 în continuare postez rezolvarea problemei. 1. Descărcăm imaginea, verificând ca aceasta să fie integră $ curl -s https://rstforums.com/forum/uploads/monthly_2017_09/OldGarage.jpg.cdab3e6485face558cb330baf13519cf.jpg --output OldGarage.jpg && md5sum OldGarage.jpg 2. Folosind un hex editor, căutăm biții de sfârșit ai jpg-ului, aceștia fiind FF D9. Dacă după acești biți începe analiza noastră. Dacă după acești biți mai există ceva care ne-ar putea da de bănuit, iar în acest caz putem observa un nume de fișier, anume "The_eye_of.jpg". De începem să bănuim că aici vom găsi următoarea sub-problemă. Verificăm dacă la sfârșitul acelui bloc de biți găsim grupul de litere PK (inițialele lui Phil Katz, creatorul formatului zip) 3.1.0 Folosind dd sau un extractor, extragem arhiva din imagine. Îi vom da valoarea parametrului skip valoarea în format decimal a blocului unde se termină jpg-ul (unde am găsit blocul FF D9), în cazul nostru: dd if=OldGarage.jpg bs=1 skip=47168 of=imaginea_din_arhiva.zip 3.1.1 Dezarhivăm imaginea_din_arhiva.zip PS: Am prezentat acest pas pentru a se putea observa cum funcționează lucrurile. 3.2 Probabil aveți un extractor care e destul de deștept și puteți extrage direct: 4. Analizăm imaginea obținută analog cu pasul 3, unde observăm același procedeu, dar, la extragerea arhivei suntem întâmpinați de cererea unei parole. Pentru un rezultat mai obiectiv, căutăm imaginea pe Google împreună cu numele acesteia fără "_". Găsim astfel parola Horus 5. Analog pasului anterior, la dezarhivare trebuie să introducem o parolă pentru a ajunge la următorul sub-challenge: Căutând pe Google după "the code of holy bible" ajungem pe pagina de Wikipedia a acestuia, iar la al doilea paragraf găsim asta: Decidem să spargem textul în bucăți de câte 50 de caractere. Pentru asta, eu am folosit site-ul http://www.dcode.fr/text-splitter care are o mulțime de tool-uri de criptanaliză. Obținem asta: Deci, avem parola: GoodDataIsCryptedData 6. În urma tuturor indiciilor am ajuns să avem fișierul cu numele "Divide ET Impera.56" La prima vedere pare o înșiruire de hash-uri MD5, cel puțin pentru mine. Dar, ca să folosim indiciul, vom împărți textul în 56 de blocuri. Pe fiecare linie avem câte 32 de caractere, ceea ce corespunde unui hash MD5. Deci, să trecem la treabă. Căutăm un site unde putem introduce mai multe hash-uri odată. Eu am găsit https://hashkiller.co.uk/md5-decrypter.aspx Rezultatul este: 92eb5ffee6ae2fec3ad71c777531578f MD5 : b 4b43b0aee35624cd95b910189b3dc231 MD5 : r 0cc175b9c0f1b6a831c399e269772661 MD5 : a 9e3669d19b675bd57058fd4664205d2a MD5 : v d95679752134a2d9eb61dbd7b91c4bcc MD5 : o 5058f1af8388633f609cadb75a75dc9d MD5 : . 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] e358efa489f58062f10dd7316b65649e MD5 : t e1671797c52e15f763380b45e841ec32 MD5 : e 336d5ebc5436534e61d16e63ddfca327 MD5 : - 0cc175b9c0f1b6a831c399e269772661 MD5 : a 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] 83878c91171338902e0fe0fb97a8c47a MD5 : p 4b43b0aee35624cd95b910189b3dc231 MD5 : r 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 7b8b965ad4bca0e41ab51de7b31363a1 MD5 : n 03c7c0ace395d80182db07ae2c30f034 MD5 : s 5058f1af8388633f609cadb75a75dc9d MD5 : . 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] 800618943025315f869e4e1f09471012 MD5 : F e1671797c52e15f763380b45e841ec32 MD5 : e 2db95e8e1a9267b7a1188556b2013b33 MD5 : l 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 4a8a08f09d37b73795649038408b5f33 MD5 : c 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i e358efa489f58062f10dd7316b65649e MD5 : t 0cc175b9c0f1b6a831c399e269772661 MD5 : a 4b43b0aee35624cd95b910189b3dc231 MD5 : r 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 9033e0e305f247c0c3c80d0c7848c8b3 MD5 : ! 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] 44c29edb103a2872f519ad0c9a0fdaaa MD5 : P 5058f1af8388633f609cadb75a75dc9d MD5 : . 5dbc98dcc983a70728bd082d1a47546e MD5 : S 5058f1af8388633f609cadb75a75dc9d MD5 : . 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] d20caec3b48a1eef164cb4ca81ba2587 MD5 : L 0cc175b9c0f1b6a831c399e269772661 MD5 : a 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] 69691c7bdcc3ce6d5d8a1361f22d04ac MD5 : M 7b774effe4a349c6dd82ad4f4f21d34c MD5 : u 2db95e8e1a9267b7a1188556b2013b33 MD5 : l e358efa489f58062f10dd7316b65649e MD5 : t 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] 7fc56270e7a70fa81a5935b72eacbe29 MD5 : A 7b8b965ad4bca0e41ab51de7b31363a1 MD5 : n 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] b2f5ff47436671b6e533d8dc3614845d MD5 : g 0cc175b9c0f1b6a831c399e269772661 MD5 : a 4b43b0aee35624cd95b910189b3dc231 MD5 : r 0cc175b9c0f1b6a831c399e269772661 MD5 : a 363b122c528f54df4a0446b6bab05515 MD5 : j e1671797c52e15f763380b45e841ec32 MD5 : e Cam acesta a fost challenge-ul. Mulțumiri @Usr6și la mulți ani cu întârziere @MrGrj, că am uitat :"> Resurse utile: https://ctfs.github.io/resources/topics/steganography/file-in-image/README.html https://gchq.github.io/CyberChef/ http://www.dcode.fr/ http://security.cs.pub.ro/hexcellents/wiki/kb/crypto/home http://ridiculousfish.com/hexfiend/

Catalog Black Friday Altex 2017 https://drive.google.com/file/d/1vEWNBEFf3d0bhnsQbQ_aRJxI6ahesa0A/view

F64 http://www.f64.ro/blackfriday-2017/ live Emag https://i.imgur.com/PxCRFpf.jpg Dati si mie 200 lei sa iau monitorul? Cel http://www.cel.ro/nou/blackfriday/index.html

Probabil daca o sa crape emag, o sa vedeti asta:

Background Recently while writing and testing some email related code I got annoyed and decided to make an easier way to automate listening for emails and performing actions when they arrive. The result is websocket.email and to demonstrate how easy it is to use, let's make an email controlled gate opener using a raspberry pi and a tiny shell script. The hardware A gate. A gate opener. A raspberry pi 3 with linux installed. A raspberry pi GPIO 'cobbler' breadboard adapter. A breadboard. An NPN transistor and a 1k resistor. The abridged theory When the button is pressed circuit is powered, opening the gate. Transistors also can be configured to be an electronically controlled switch and we can programmatically control the general purpose input/output pins of a raspberry pi to drive the transistor. This gives us the following circuit: Assembly Replace the gate opener battery with the power supply on the breadboard using a soldering iron and solder, remember to write down which terminal is positive/negative. Replace the button with a transistor (Use a multimeter and google to work out which way it goes.) and resistor using a soldering iron and solder. Connect the gate opener input, power and ground into the bread board and match it up with the labels on the 'cobbler'. Connect 'cobbler' to the raspberry pi and breadboard. voila: The software wsemail compiled for the raspberry pi 3. A free api token generated from websocket.email. Combined with the following bash script running on the raspberry pi 3: #! /bin/sh set -u export WEBSOCKETEMAIL_TOKEN=$(cat websocketemail_token.txt) # A secret id that people can't guess gateid=gate12345 # initialize gpio echo 13 > /sys/class/gpio/export echo out > /sys/class/gpio/gpio13/direction while true do if wsemail -timeout 0 -for-address $gateid@websocket.email \ | grep -q "open sesame" then # Trigger the gate if the email contained the secret incantation echo 1 > /sys/class/gpio/gpio13/value sleep 0.1 echo 0 > /sys/class/gpio/gpio13/value fi # don't loop too fast if there is an error somewhere. sleep 1 done The code can be summarized as: Initialize passwords and GPIO. Loop forever waiting for an email to be sent to gate12345@websocket.email with the contents "open sesame". If the password is correct, pulse the GPIO switch, triggering the gate to open. The code is MIT licensed on github. The result Step aside Amazon IOT, you are doing it wrong. Also, I know my email address is in the video, send me nice comments Conclusion Interacting with the real world using software is a lot of fun and I encourage you to have a try at building something for yourself. These days you do not need to be an expert in electronics to make something that interacts with the physical world. websocket.email also did it's job well, and I hope it can also be useful anywhere you need to interact with email accounts ... perhaps even unit/integration tests at your software job... wink wink. Happy hacking! FAQ What do you mean 20 lines of code... There is go code in there!? 20 lines of shell needed to solve the task at hand, wsemail is reusable, just like your OS kernel, cat and all the other software it also used that you didn't complain about... though you aren't totally wrong. Why you wouldn't you setup an smtp server on the device? Why add websocket crap? NAT makes things annoying if you run the smtp server on the device, but I did setup an smtp server, and made a tiny api for it too :). Feel free to setup your own smtp server and use that instead. Why you wouldn't you use IMAP to poll the server? Which server? which account? Am I retaining emails? Sounds annoying. In my opinion the current configuration is a bit simpler for this use case. Source: acha.ninja

@Nytro Aceleasi probleme le-am intampinat si eu astazi, eu am Orange dar vorbeam, sau cel putin incercam sa vorbesc cu cineva pe Telekom.

Incident de payload. Payload-ul a fost rutat incorect.

Si eu si prietena am avut probleme azi cu telekomul. Nu se trimit mesajele si uneori intra in roaming.

Va puteti uita si pe https://pricezone.ro dar inca nu are statistica foarte relevanta. Este inca la inceput insa promite multe Userii de aici de pe forum vor primi pachet Premium moca.

Irelevant, neinteresant, inutil.

titlu cu "nu iti vine sa crezi, vei ramane prost cand vei citi ce s-a intamplat" si era totul perfect

fuck logic, right? :))))))

Avand in vedere ca ai 1kk like-uri si postezi doar pe nisa ta, ai impactul prea mic la postari. Cate din like-urile alea sunt cumparate?

1. Descarcati APK-ul de la eMag. 2. Uitati-va prin el M-am uitat putin aseara, functionalitatea de BlackFriday e implementata. Nu am gasit URL undeva vizibil, poate sa nici nu fie, dar daca veti cauta dupa "[bB][fF]" o sa gasiti cate ceva.

@FoxBlood: Uita-te la cum a fost rezolvat ultimul Sau asteapta writeup-ul de la acesta.

As you may have noticed, it has been quite still here for a while. This was related to the preparations for this release: A post disclosing a new type of vulnerability, affecting multiple Anti-Virus solutions. To summaries: Today, I’m disclosing an issue, that can be exploited by any local user to gain full control over the endpoint by abusing the restore from quarantine Anti-Virus feature. And because every new vulnerability needs its own name and logo, I want to introduce you to #AVGater: The Basics But let’s get back on track, by discussing a few Anti-Virus basics. The following diagram shows the inner workings of a typical AV from an unprivileged user’s point of view. There are three different access domains: The kernel mode, the privileged user mode (SYSTEM) and the unprivileged user mode. As shown in the following image, the different components have widely different duties: Within the context of the unprivileged user there is only the AV user interface. By itself, it has no real power, because its executing within a limited user session. However, by talking to the AV Windows service it can do many things a normal user would not be able too. For example it may be allowed to restore files from the virus quarantine (This could be a hint – Couldn’t it?). Additionally there is kernel component. Most likely it’s doing the real work of checking objects for known threat identifiers. The Idea So what’s the real point here? Well, if a non-privileged user would be able to manipulate any of the communication channels that cross security boundaries (unprivileged user mode to privileged user mode or privileged user mode to kernel mode) he could escalate his privileges. But how to do that? In the case of #AVGater, the answer to this question is: By manipulating the restore process from the virus quarantine: As shown in the above video, #AVGater can be used to restore a previously quarantined file to any arbitrary filesystem location. This is possible because the restore process is most often carried out by the privileged AV Windows user mode service. Hence, file system ACLs can be circumvented (as they don’t really count for the SYSTEM user). This type of issue is called a privileged file write vulnerability and can be used to place a malicious DLL anywhere on the system. The goal is to side load this library for a legitimate Windows servers by abusing the DLL Search Order: If this succeeds, arbitrary code can be executed with the help of the DLLMain entry point. But there is still one very important question still unanswered: How is it possible to tamper with the restore process? The solution are NTFS directory junctions. They are basically symbolic links for directories that can be created by anyone with the help of mklink. #AVGater in plain english: By abusing NTFS directory junctions, the AV quarantine restore process can be manipulated, so that previously quarantined files can be written to arbitrary file system locations. Puttin it all together With all this knowledge, we can now paint a complete attack scenario: First a malicious library is moved to the AV quarantine. Then, by abusing directory junctions the original source path is redirected to another destination. Most likely a folder within C:\Program Files or C:\Windows. By restoring the previously quarantined file, the SYSTEM permissions of the AV Windows user mode service are misused, and the malicious library is placed in a folder where the currently signed in user is unable to write to under normal conditions. Because of how the DLL search order works, it is finally loaded by another privileged Windows process. Thereby the code within the DLLMain of the malicious library is executed. Hence, a local non-admin attacker gained full control over the affected endpoint. Here’s a diagram illustrating the whole process: During the preparation for this public disclosure, several different product have been checked for #AVGater. The following vendors have already released their fix. However, there are a few more to come! Who is/was affected? If anyone finds additional vulnerable products, please contact me. I will report them and update this list as soon as they fixed the issue. Getting our hands dirty If you want to know more about how to exploit #AVGator in a real life scenario, I have a good news for you: I already fully documented two exploit vectors: Local Privilege Escalation in Emsisoft Anti-Malware by abusing NTFS Directory Junctions #AVGater Local Privilege Escalation in Malwarebytes 3 by abusing NTFS Directory Junctions #AVGater Additionally, here are the slides of my talk “When your anti virus turns against you” from the IT SECX conference. How to protect myself? Generally, it’s pretty simple: Always install updates in a timely manner. However, as some vendors still need a few more days to release their fix, it may take a little till everyone is protected. Furthermore, as #AVGator can only be exploited if the user is allowed to restore previously quarantined file, I recommend everyone within a corporate environment to block normal users from restoring identified threats. This is wise in any way. Source

RST a fost mentionat in (cel putin) doua dintre prezentarile de la Defcamp: - @TheTime - @Matasareanu

Felicitari. Nu mi-a trecut prin cap sa caut pe Google the code of holy bible. Also, poti extrage foarte usor arhivele din poze folosind binwalk. Doar aveti grija ca e cam entuziast si le si dezarhiveaza si cand sunt parolate, rezultand intr-un mic fiasco uneori.

https://www.flanco.ro/black-friday?click_code=73e615fcb23e9e4e0997dafa8981bf79&utm_source=profitshare.ro&utm_medium=affiliate&utm_campaign=XW9&utm_content=huff.ro

hello friends ! Stiri de ultima ora din lumea virtuala. probabil toti stiti siteul spammer .ro de foarte multi ani. se pare ca hackerului constantean i a fost spart siteul ? dovezi : https://imgsafe.org/image/da815dd744 https://imgsafe.org/image/da8236fc3b https://imgsafe.org/image/da8263c7f1 https://imgsafe.org/image/da829dd53f https://imgsafe.org/image/da82c9fd47