Leaderboard

Walkthrough: Facut pe Lubuntu 17.04 1. Descarcam imaginea si verificam daca este integra(cred ca am descarcat-o de trei ori pana sa o iau pe cea buna, in rest descarcam doar thumbnail-ul) deci pasul asta e destul de important. $ md5sum crack_me.jpg c720e708ab375e531bb77dca9dd08d38 crack_me.jpg # Deci e ok 2. Dupa cum observam, in imagine este un lacat cu trei rotite. O deschidem cu un editor hex si cautam sa vedem daca in afara de imagine mai este ceva. Ne uitam sa vedem daca dupa biti FF D9 mai este ceva: PK sa_nu_uitam.jpg Observam ca dupa biti de sfarsit al jpg-ului sunt initialele PK ceea ce inseamna ca avem o arhiva zip.(inițialele lui Phil Katz, creatorul formatului zip). In arhiva observam ca mai este o poza "sa_nu_uitam.jpg" 3. Incercam sa o dezarhivam, dar observam ca ne cere o parola, ne intoarcem la poza initiala si asteptam sa ne vina o idee. Prima idee e sa generam toate codurile posibile pentru acel lacat. Am folosit C++ pt asta(lucrez in el si mi-a fost mai usor): #include <iostream> using namespace std; int main() { char digits[] = "0123456789"; char pass[4]; pass[3] = 0; for( int i = 0; i < 10; i++) { pass[0] = digits[i]; for( int j = 0; j < 10; j++) { pass[1] = digits[j]; for( int z = 0; z < 10; z++) { pass[2] = digits[z]; cout << pass << endl; } } } return 0; } /// Il compilam iar cand il rulam ii redirectionam iesirea intr-un fisier: $ g++ main.cpp -o executabil $ ./executabil >> fisier.txt Se poate face in orice limbaj, aici aveti si ceva in python: https://stackoverflow.com/questions/22214949/generate-numbers-with-3-digits 4. Dupa ce am generat toate numerele e timpul sa trecem la bruteforce. Am folosit fcrackzip + am redenumit imaginea crack_me.zip(am schimbat extensia ca se plangea fcrackzip-ul): $ fcrackzip -D -p fisier.txt -u crack_me.zip 5. Primim confirmarea ca parola este : "PASSWORD FOUND!!!!: pw == 099". Dezarhivam si obtinem o nou imagine. 6. Repetam pasul doi si observam ca si aceasta imagine e tot o arhiva cu parola. Prima idee care mi-a venit in minte a fost sa incerc sa pun coordonatele boturilor avioanelor(cei care au jucat avioane stiu ca daca nimeresti botul avionul e pierdut). Asa ca am luat-o in ordine: avionul gri, cel albastru si cel portocaliu -> c2c8j5. Asta e parola. 7. Obtinem un fisier text "acum_e_acum.txt" cu mai cuvinte, fiecare pe o singura linie. La inceput am incercat Caesar's Cipher, dar fara vreun rezultata. Dupa ce am cerut un hint, mi s-a zis sa numar literele de pe fiecare linie. Deci vom avea: d o v g d u 6 - > F p j c d r 5 - > E a j i u g j s t k x r y 12 -> L c l f t c c p c g 9 -> I o l q 3 -> C z w w m y i l k a 9 -> I c o e g a p i c p f q h t j w x i p r t 20 -> T d 1 -> A e z v q o x b h d r g g d l t f z r 18 -> R n s v p m s r t l 9 -> I z m j j b 5 -> E p s r o g e m h p d d u v p k y y s a 19 -> S b e m p y l h o m m f w a j a o p c o s 20 -> T e j r q t u i u e 9 -> I g x m c o f a n b o q q w q u y t l i s a 21 -> U q b e g h l f b i f y o j k 14 -> N b y v a l i b t i h r z i c g l n t 18 -> R s h r f v i u h d g p q g s k 15 -> O g x c v s g q s u k v u s 13 -> M c 1 -> A z k o j u v l c l z w u h o 14 -> N k 1 -> A x i g c 4 -> D l c g b e 5 -> E x j t g r e i v d i r d s g d j t k j t g q 22 -> V n 1 -> A x k j k b c c u a j c p s t g m v e 18 -> R g 1 -> A m e k j w w o b j o y w w b u h a y p t 20 -> T Dupa ce am numarat literele fiecarui cuvant am pus in loc de numarul de litere, litera din alfabet care se afla la pozitia data de numarul literelor. Asa ca am obtinut: FELICITARI ESTI UN ROMAN ADEVARAT. Alte challenge-uri: [Easy] The big fat panda si The Eye of ... Multumesc @Usr6

Ai un mop pe cap.

Tu ești asta? ai o cruce tatuată pe față ?

https://dms.licdn.com/playback/C5600AQFZXbPU0UpEjg/29271a83a4584be1918eb96b0455956a/feedshare-mp4_500/1479932728445-v0ch3x?e=1513760042&v=alpha&t=9ZU8F53sBnHajvRM_rf7pkeQiwPXlSOhd-3Ehph5fvU

NEW YORK CITY – A New York man has been arrested after he reportedly made over a million dollars selling Chuck E. Cheese tokens as Bitcoins on the streets. Marlon Jensen, 36, was arrested a Sunday morning when NYPD stormed his home. NYPD received calls from the fraud victims that someone had sold them “Bitcoins”, only to find out there actually was no tangible bitcoin currency available. NYPD found $1.1 Million of cash inside Marlons home. According to police, Marlon had scratched off most of the Chuck E. Cheese engravements on the coins, and would write “B” on each coin with permanent marker. As many should know already, Bitcoin is a crypto currency and payment system that has recently received unprecedented popularity and value, with each bitcoin currently worth $18,950 USD. Although Bitcoin isn’t actually a tangible form of currency, that hasn’t stopped some people from successfully selling “bitcoins” to people using irrelevant gold coins, in this case Chuck E. Cheese Tokens. “People are retarded haha”, said NYPD Officer Michael West, “My 8 year old son would know those weren’t bitcoins and lord knows he’s not the brightest”. Marlon is currently being charged with fraud and can face up to 5 years in federal prison. Sursa: https://www.huzlers.com/bitcoin-scam-man-arrested-after-making-over-1-million-selling-chuck-e-cheese-tokens-as-bitcoins/

Aka dai teapa

@Zatarra, ce preferi: iMac sau garsoniera?

Penetration Testing and Vulnerability Analysis - Multiple instructors - “This is the course website for Penetration Testing and Vulnerability Analysis currently taught at the Polytechnic Institute of New York University. This course introduces the fundamental technical skills required to identify, analyze, and exploit software vulnerabilities. Taught by a team of security industry experts, we cover the following topics: •Introduction to Penetration Testing, taught by Dan Guido Where the industry is now, where it's going, and how these skills fit in •Operational Reviews and Code Audits, taught by Brandon Edwards Identify vulnerabilities and programmer errors by auditing source code •Reverse Engineering, taught by Alex Sotirov and Aaron Portnoy Understand, modify, and analyze compiled applications and systems to identify vulnerabilities •Exploitation, taught by Dino Dai Zovi Take advantage of vulnerabilities to gain access to restricted data and break security policies •Web Hacking, taught by Joe Hemler and Marcin Wielgoszewski Vulnerability discovery and exploitation on the web •Network Pentests: Post exploitation, persistence and exfiltration, taught by Colin Ames Expanding access, maintaining persistence, and evading detection” Open Source Network and Computer Security (OCW) - MIT, Dr. Ron RIvest - “6.857 is an upper-level undergraduate, first-year graduate course on network and computer security. It fits within the department's Computer Systems and Architecture Engineering concentration. Topics covered include (but are not limited to) the following: •Techniques for achieving security in multi-user computer systems and distributed computer systems; •Cryptography: secret-key, public-key, digital signatures; •Authentication and identification schemes; •Intrusion detection: viruses; •Formal models of computer security; •Secure operating systems; •Software protection; •Security of electronic mail and the World Wide Web; •Electronic commerce: payment protocols, electronic cash; •Firewalls; and •Risk assessment.” Cryptography and Cryptanalysis (OCW) - MIT - “This course features a rigorous introduction to modern cryptography, with an emphasis on the fundamental cryptographic primitives of public-key encryption, digital signatures, pseudo-random number generation, and basic protocols and their computational complexity requirements.” Advanced Topics in Cryptography (OCW) - MIT - “The topics covered in this course include interactive proofs, zero-knowledge proofs, zero-knowledge proofs of knowledge, non-interactive zero-knowledge proofs, secure protocols, two-party secure computation, multiparty secure computation, and chosen-ciphertext security.” Selected Topics in Cryptography (OCW) - MIT, Dr. Ran Canetti - “This course covers a number of advanced "selected topics" in the field of cryptography. The first part of the course tackles the foundational question of how to define security of cryptographic protocols in a way that is appropriate for modern computer networks, and how to construct protocols that satisfy these security definitions. For this purpose, the framework of "universally composable security" is studied and used. The second part of the course concentrates on the many challenges involved in building secure electronic voting systems, from both theoretical and practical points of view. In the third part, an introduction to cryptographic constructions based on bilinear pairings is given.” Special Topics: Data Security and Privacy: Legal, Policy and Enterprise Issues - U. Mich, Dr. Don Blumenthal - “As data collection and information networks expand (and stories of security breaches and the misuse of personal information abound), data security and privacy issues are increasingly central parts of the information policy landscape. Legislators, regulators, businesses, and other institutions of all kinds are under increasing pressure to draft and implement effective laws, regulations, and security and privacy programs under rapidly changing technological, business, and legal conditions. A strong need is arising for individuals with the training and skills to work in this unsettled and evolving environment. This course examines security issues related to the safeguarding of sensitive personal and corporate information against inadvertent disclosure; policy and societal questions concerning the value of security and privacy regulations, the real-world effects of data breaches on individuals and businesses, and the balancing of interests among individuals, government, and enterprises; current and proposed laws and regulations that govern data security and privacy; private-sector regulatory efforts and self-help measures; emerging technologies that may affect security and privacy concerns; and issues related to the development of enterprise data security programs, policies, and procedures that take into account the requirements of all relevant constituencies, e.g., technical, business, and legal.” Free IDA Pro Reverse Code Engineering and Binary Auditing Training Material for University Lectures - Dr. Thorsten Schneider - “The training package includes all necessary files to run a complete lecture for Binary Auditing and Reverse Code Engineering at university. All files are well sorted by topics and with increasing difficulty. You need Windows XP, Windows Vista or Windows 7 to use this training package. The training package does NOT include runnable viruses! ” Hacking Techniques and Intrusion Detection - English - Arabic - Dr. Ali Al-Shemery - “This course covers the most common methods used in computer and network hacking with the intention of learning how to better protect systems from such intrusions. These methods include reconnaissance techniques, system scanning, accessing systems by network and application level attacks, and denial of service attacks. Traffic analysis methods and tools will be studied in this course. Also, it covers techniques for traffic filtering and monitoring, and intrusion detection.” Open Access Securing Digital Democracy - Dr. J. Alex Halderman - Computer technology has transformed how we participate in democracy. The way we cast our votes, the way our votes are counted, and the way we choose who will lead are increasingly controlled by invisible computer software. Most U.S. states have adopted electronic voting, and countries around the world are starting to collect votes over the Internet. However, computerized voting raises startling security risks that are only beginning to be understood outside the research lab, from voting machine viruses that can silently change votes to the possibility that hackers in foreign countries could steal an election. This course will provide the technical background and public policy foundation that 21st century citizens need to understand the electronic voting debate. You'll learn how electronic voting and Internet voting technologies work, why they're being introduced, and what problems they aim to solve. You'll also learn about the computer- and Internet-security risks these systems face and the serious vulnerabilities that recent research has demonstrated. We'll cover widely used safeguards, checks, and balances — and why they are often inadequate. Finally, we'll see how computer technology has the potential to improve election security, if it's applied intelligently. Along the way, you'll hear stories from the lab and from the trenches on a journey that leads from Mumbai jail cells to the halls of Washington, D.C. You'll come away from this course understanding why you can be confident your own vote will count — or why you should reasonably be skeptical. Cryptography I - Dr. Dan Boneh - Cryptography is an indispensable tool for protecting information in computer systems. This course explains the inner workings of cryptographic primitives and how to correctly use them. Students will learn how to reason about the security of cryptographic constructions and how to apply this knowledge to real-world applications. The course begins with a detailed discussion of how two parties who have a shared secret key can communicate securely when a powerful adversary eavesdrops and tampers with traffic. We will examine many deployed protocols and analyze mistakes in existing systems. The second half of the course discusses public-key techniques that let two or more parties generate a shared secret key. We will cover the relevant number theory and discuss public-key encryption and basic key-exchange. Throughout the course students will be exposed to many exciting open problems in the field. The course will include written homeworks and programming labs. The course is self-contained, however it will be helpful to have a basic understanding of discrete probability theory. Cryptography II - Dr. Dan Boneh - Cryptography is an indispensable tool for protecting information in computer systems. This course is a continuation of Crypto I and explains the inner workings of public-key systems and cryptographic protocols. Students will learn how to reason about the security of cryptographic constructions and how to apply this knowledge to real-world applications. The course begins with constructions for digital signatures and their applications. We will then discuss protocols for user authentication and zero-knowledge protocols. Next we will turn to privacy applications of cryptography supporting anonymous credentials and private database lookup. We will conclude with more advanced topics including multi-party computation and elliptic curve cryptography. Throughout the course students will be exposed to many exciting open problems in the field. The course will include written homeworks and optional programming labs. The material is self-contained, but the course assumes knowledge of the topics covered in Crypto I as well as a basic understanding of discrete probability theory. Applied Cryptography, Science of Secrets - Dr. David Evans & Shayan Doroudi - Cryptography is present in everyday life, from paying with a credit card to using the telephone. Learn all about making and breaking puzzles in computing. Explore how secrets are written and shared, as well as what can go wrong when cryptography is misused or implemented badly. Internet History, Technology, and Security - Dr. Charles Severance - The impact of technology and networks on our lives, culture, and society continues to increase. The very fact that you can take this course from anywhere in the world requires a technological infrastructure that was designed, engineered, and built over the past sixty years. To function in an information-centric world, we need to understand the workings of network technology. This course will open up the Internet and show you how it was created, who created it and how it works. Along the way we will meet many of the innovators who developed the Internet and Web technologies that we use today. Malicious Software and its Underground Economy: Two Sides to Every Story - Dr. Lorenzo Cavallaro - Cybercrime has become both more widespread and harder to battle. Researchers and anecdotal experience show that the cybercrime scene is becoming increasingly organized and consolidated, with strong links also to traditional criminal networks. Modern attacks are indeed stealthy and often profit oriented. Malicious software (malware) is the traditional way in which cybercriminals infect user and enterprise hosts to gain access to their private, financial, and intellectual property data. Once stolen, such information can enable more sophisticated attacks, generate illegal revenue, and allow for cyber-espionage. By mixing a practical, hands-on approach with the theory and techniques behind the scene, the course discusses the current academic and underground research in the field, trying to answer the foremost question about malware and underground economy, namely, "Should we care?". Students will learn how traditional and mobile malware work, how they are analyzed and detected, peering through the underground ecosystem that drives this profitable but illegal business. Understanding how malware operates is of paramount importance to form knowledgeable experts, teachers, researchers, and practitioners able to fight back. Besides, it allows us to gather intimate knowledge of the systems and the threats, which is a necessary step to successfully devise novel, effective, and practical mitigation techniques. Building an Information Risk Management Toolkit - Dr. Barbara Endicott-Popovsky - In this course, you will explore several structured, risk management approaches that guide information security decision-making. Course topics include: developing and maintaining risk assessments (RA); developing and maintaining risk management plans (RM); regulatory and legal compliance issues affecting risk plans; developing a control framework for mitigating risks; risk transfer; business continuity and disaster recovery planning from the information security perspective. Information Security and Risk Management in Context - Barbara Endicott-Popovsky - Explore the latest techniques for securing information and its systems, from policies and procedures to technologies and audit. Learn from leading experts who share proven practices in areas such as mobile workforce safety, security metrics, electronic evidence oversight and coping with e-crime and e-discovery. Study the protection of Cloud computing information. Discover how to foster the development of future information security leaders. Topics covered include: Information security strategies and individual privacy Legal security implications Medical health record confidentiality and integrity Cutting-edge technologies Foundations of Computer and Information Security - Dr. Matt Bishop - This graduate course taught by UC Davis computer science professor Matt Bishop covers the mathematical foundations of computer security. He asks, "What can we prove is secure, and what can we demonstrate cannot be proved? How can we analyze specific types of systems in order to determine whether they provide the desired security? How do we build systems that do what they are supposed to?" This course presents the basic mathematical models that underlie much of modern computer security and information assurance. Internet Security, Weaknesses and Targets - Dr. Christoph Meinel - "Internet Security - Weaknesses and Targets" is based on "Internet & WWW Technologies" and gives a detailed introduction on problems concerning Internet and Intranet security. After starting with some remarks on risk analysis and computer crimes, security weaknesses and targets are discussed in detail. Beside others the following topics are discussed in detail: human factor and technical failures, attacks on accounts and passwords, attacks on Internet protocol, misuse of design and programming errors, weaknesses in common operating systems, targets in the WWW, and viruses. The lecture course concludes with a discussion about the possibilities to detect attacks and intrusions and also describes ethical issues. External Resources

Fomat: iSO | 3.31GB This EC Council: Computer Hacking Forensic Investigator (CHFI) v4 training course will prepare you to pass the EC0 312-49 exam and achieve Computer Hacking Forensics Investigator (CHFI) certification. Computer hacking forensic investigation is the process of detecting hacking attacks and properly extracting evidence to report the crime and conduct audits to prevent future attacks. Computer forensics is simply the application of computer investigation and analysis techniques in the interests of determining potential legal evidence. Evidence might be sought in a wide range of computer crime or misuse, including but not limited to theft of trade secrets, theft of or destruction of intellectual property, and fraud. CHFI investigators can draw on an array of methods for discovering data that resides in a computer system, or recovering deleted, encrypted, or damaged file information. Career Academy is an EC-Council endorsed training provider. We have invited the best security trainers in the industry to help us develop the ultimate training and certification program which includes everything you will need to fully prepare for and pass your certification exams. This officially endorsed product gives our students access to the exam by providing you with a Voucher Number. The EC-Council Voucher Number can be used at any Prometric center, this voucher number is required and mandatory for you to schedule and pay for your exam. Without this voucher number Prometric will not entertain any of your requests to schedule and take the exam. PACKAGE INCLUDES • 6 training DVDs featuring live instructor-led classroom sessions with full audio, video and demonstration components • Official EC-Council CHFI Courseware Kit * 4 discs containing Labs, Guides, and 1 Helix bootable CD * Intensive Hacking & Counter-Hacking Hands-On demonstration components * Official EC-Council CHFI Curriculum Courseware Volumes 1, 2 & 3 * Official EC-Council CHFI Lab Guide • Exclusive LearningZone Live Mentor Click for Details Help whenever you need it! – Why wait for email support? Chat Live with our Certified Instructors anytime around the clock (24?7) • Proven technique – Actual Exam Secrets Review • Free 1 Year Upgrade Policy • Certificate of Completion Download: Hotfile.com: One click file hosting Source & password default booktrainig.org

Pentru inceput il platesc eu.