Leaderboard

The previous two blog posts describe how a Stack Based Buffer Overflow vulnerability works on x86 (32 bits) Windows. In the first part, you can find a short introduction to x86 Assembly and how the stack works, and on the second part you can understand this vulnerability and find out how to exploit it. This article will present a similar approach in order to understand how it is possible to exploit this vulnerability on x64 (64 bits) Windows. First part will cover the differences in the Assembly code between x86 and x64 and the different function calling convention, and the second part will detail how these vulnerabilities can be exploited. ASM for x64 There are multiple differences in Assembly that need to be understood in order to proceed. Here we will talk about the most important changes between x86 and x64 related to what we are going to do. Articol complet: https://nytrosecurity.com/2018/01/24/stack-based-buffer-overflows-on-x64-windows/

Mai tot ce e cloud mining e Ponzi actual sau in devenire. Nu e sustenabil/profitabil din nici un punct de vedere, cel mai simplu poate fi luat matematic. De vazut discutii interminabile pe bitcointalk pe tema asta. Unii merg pe long-game (onoreaza plati o perioada mai indelungata) ca sa adune mai multi creduli si apoi dau tun direct proportional. Daca ar fi profitabil nu ar da altora ci ar tine pentru ei caci daca e vorba de capital pentru ceva profitabil se poate face rost usor.

AS FLYING, CAMERA-WIELDING machines get ever cheaper and more ubiquitous, inventors of anti-drone technologies are marketing every possible idea for protection from hovering eyes in the sky: Drone-spotting radar. Drone-snaggingshotgun shells. Anti-drone lasers, falcons, even drone-downing drones. Now one group of Israeli researchers has developed a new technique for that drone-control arsenal—one that can not only detect that a drone is nearby, but determine with surprising precision if it's spying on you, your home, or your high-security facility. Researchers at Ben Gurion University in Beer Sheva, Israel have built a proof-of-concept system for counter-surveillance against spy drones that demonstrates a clever, if not exactly simple, way to determine whether a certain person or object is under aerial surveillance. They first generate a recognizable pattern on whatever subject—a window, say—someone might want to guard from potential surveillance. Then they remotely intercept a drone's radio signals to look for that pattern in the streaming video the drone sends back to its operator. If they spot it, they can determine that the drone is looking at their subject. In other words, they can see what the drone sees, pulling out their recognizable pattern from the radio signal, even without breaking the drone's encrypted video. "This is the first method to tell what is being captured in a drone's [first-person-view] channel" despite that encryption, says Ben Nassi, one of the Ben Gurion researchers who wrote a paper on the technique, along with a group that includes legendary cryptographer and co-inventor of the RSA encryption algorithm Adi Shamir. "You can observe without any doubt that someone is watching. If you can control the stimulus and intercept the traffic as well, you can fully understand whether a specific object is being streamed." The researchers' technique takes advantage of an efficiency feature streaming video has used for years, known as "delta frames." Instead of encoding video as a series of raw images, it's compressed into a series of changes from the previous image in the video. That means when a streaming video shows a still object, it transmits fewer bytes of data than when it shows one that moves or changes color. That compression feature can reveal key information about the content of the video to someone who's intercepting the streaming data, security researchers have shown in recent research, even when the data is encrypted. Researchers at West Point, Cornell Tech, and Tel Aviv University, for instance, used that feature as part of a technique to figure out what movie someone was watching on Netflix, despite Netflix's use of HTTPS encryption. The encrypted video streamed by a drone back to its operator is vulnerable to the same kind of analysis, the Ben Gurion researchers say. In their tests, they used a "smart film" to toggle the opacity of several panes of a house's windows while a DJI Mavic quadcopter watched it from the sky, changing the panes from opaque to transparent and back again in an on-off pattern. Then they showed that with just a parabolic antenna and a laptop, they could intercept the drone's radio signals to its operator and find that same pattern in the drone's encrypted data stream to show that the drone must have been looking at the house. In another test, they put blinking LED lights on a test subject's shirt, and then were able to pull out the binary code for "SOS" from an encrypted video focused on the person, showing that they could even potentially "watermark" a drone's video feed to prove that it spied on a specific person or building. All of that may seem like an elaborate setup to catch a spy drone in the act, when it could far more easily be spotted with a decent pair of binoculars. But Nassi argues that the technique works at ranges where it's difficult to spot a drone in the sky at all, not to mention determine precisely where its camera is pointed. They tested their method from a range of about 150 feet, but he says with a more expensive antenna, a range of more than a mile is possible. And while radar or other radio techniques can identify a drone's presence at that range, he says only the Ben Gurion researchers' trick actually know where it's looking. "To really understand what’s being captured, you have to use our method," Nassi says. Rigging your house—or body—with blinking LEDs or smart film panels would ask a lot of the average drone-wary civilian, notes Peter Singer, an author and fellow at the New America Foundation who focuses on military and security technology. But Singer suggests the technique could benefit high-security facilities trying to hide themselves from flying snoops. "It might have less implications for personal privacy than for corporate or government security," Singer says. DJI didn't respond to WIRED's request for comment. Nor did Parrot, whose drones Nassi says would also be susceptible to their technique. If the Ben Gurion researchers' technique were widely adopted, determined drone spies would no doubt find ways to circumvent the trick. The researchers note themselves that drone-piloting spies could potentially defeat their technique by, for instance, using two cameras: one for navigation with first-person streaming, and one for surveillance that stores its video locally. But Nassi argues that countermeasure, or others that "pad" video stream data to better disguise it, would come at a cost of real-time visibility or resolution for the drone operator. The spy-versus spy game of aerial drone surveillance is no doubt just getting started. But for the moment, at least, the Israeli researchers' work could give spying targets an unexpected new way to watch the watchers—through their own airborne eyes - WIRED.

Sa spunem ca iti recunoaste un angajator din afara cursuri din alte parti, cand da un search pe google la "Absolute School" si vede urmatoarele poze dupa se mai uita si pe site-ul lor http://www.absoluteschool.net/ pe care daca il faceam in paint era de 10 ori mai frumos si mai simplu de utilizat. Ce parere crezi ca isi face? iti spune sa iti vezi de treaba sau te angajeaza in urmatoarele minute? edit: fa-ti un cont de github si pune pe el scripturi facute de tine, poti sa pui orice crezi ca e ok, nu trebuie sa faci lucruri extrem de complicate care sa le pui. Daca la angajator ii place cum aranjezi codul, daca ai folosit cea mai buna solutie pentru ceea ce vrei sa faci si alte chestii, contul ala de github e mai bun de 10x ca majoritatea cursurilor.

In legatura cu cloud mining ganditi-va asa: Am servere si vreau sa fac profit. Pot sa minez eu si sa fac profit sau pot altii sa mineze si sa le ofer serverele in chirie astfel incat sa fac profit din vanzarea de servere. Daca le ofer in chirie, pretul lor lunar trebuie sa fie mai mic decat cat ar castiga clientii din mining ca altfel nu le-ar folosi nimeni si tot ce fac clientii e sa piarda bani. Asta inseamna ca e mai profitabil sa fac direct mining decat sa inchiriez serverele. De ce as vrea sa inchiriez serverele pentru o marja mai mica de profit?

Salut, cu ceva timp in urma am cautat pe aici ceva baieti care ar fi fost interesati intr-o colaborare pentru dropshipping din pacate nu am gasit nici unul serios asa ca am luat-o pe cont propriu am muncit aproximativ 3 saptamani la un site cu peste 400 de produse din diferite categorii. Am siteuri bune cu preturi de producatori am o lista de marketing cu cele mai cautate produse , un nume ceva pluginuri de plata etc. Cam tot ce trebuie mai putin partea cu reclama la care lucrez. Asta a fost o introducere sa zicem intrebarea mea este daca eu dau drumu la website-ul asta trebuie sa fiu inregistrat ca firma ? Ca sa fii o firma ai nevoie de un sediu oficial si un inventar activ pentru vanzari ma refer. Dar daca eu fac dropshipping si sunt mai mult un intermediar deci practic nu detin nimic nu pot spune ca am un inventar sau ca vand ceva ce imi apartine si mai degraba ca ofer un serviciu de intermediere intre vanzator si client. Unde ma incadrez exact? Trebuie sa platesc ceva taxe ? O sa am probleme cu paypal ul si bancile respective daca imi intra bani pentru asa ceva ? Si care ar fii cel mai legal mod posibil sa fac asta fara sa ma complic fara sa stau sa fac acte oficiale la diferite societati si sa prapadesc o gramada de timp si bani . Tin sa zic ca nu stau in tara si ma gandeam ca website-ul sau store-ul respectiv sa fie pus pe romania sau alta tara iar eu sa apar a un tehnician mai mult. Chiar nu am nici o idee legata de partea legala de plati si unde ma incadrez. Daca cineva imi poate da un sfat util si imi poate zice unde sunt cu treaba asta si ce risc sau nu risc facand asta m-ar ajuta foarte mult tinand cont ca este prima data cand incerc lucrul asta. Iar pentru cei cu "cauta pe google" nu am gasit lucruri care te ajuta prea mult doar tutoriale micute cum sa faci si de unde sa incepi. Mai departe despre plati taxe note legale etc nu este nimic. Multumesc.

metoda de plata ? iti dau cash 5000 ron daca ceri btc esti scammer pt ca e prea ieftin LE : era deja in gunoi sry =]

"As stated in all our releases, the primary goal of the Weiss Cryptocurrency Ratings is to help protect investors from risk, while leading them to the most sustainable, robust cryptocurrencies. That goal requires playing close to the pattern of recent price declines as well as tech issues that could hinder a price recovery. "

Multumesc, om serios, banii la timp. Up, am timp liber.

Am rezolvat , a fost o mica neintelegere dar totul a fost ok dupa . Recomand , face proiectele in timp si e serios !

In fine sa aveti grija cu ei. Ca pe sait la etherzero recomanda yobit. Si pe sait la ripple recomandau Gatehub. Si apoi cand am scris la Ripple au spus ca Gatehub e 3rd party. Asa ca a trimis un avocat scrisoare catre Ripple. Si ce sa vezi? La cateva zile mi-au aparut fondurile pe Gatehub, bineinteles cu comision la depozit, chestii care nu erau inainte si le tot adauga si modifica pe blogu zdipii. Mi-am scos tot de acolo, mai putin 20 de XRP care sunt blocati la activarea wallet-ului si cate 5 XRP pentru fiecare trust line.

bine punctat dar am cateva avantaje la care ma gandesc eu: inchiriezi(avantaje): - logistica asigurata (nu-ti bati capul cu hardware, clima, curent etc) - in caz ca se beleste ceva si nu am cunostinte HW, vanzatorul asigura - creste DAG-ul sa zicem, eu am platit 200mh deci dupa ce creste dagul voi avea asigurat tot 200mh (daca minez singur tre sa fac eu upgrade la HW) selfmining(avantaje): - vinzi produsele cand faci upgrade - poti mina oricand si altcoinuri care vrea pl ta (poate vreau sa minez ETN ca e profitabil , are crestere de 300% - ca exemplu fictiv) - mai inveti una alta - tu iti administrezi banii investiti nu altul pe baza de o hartie *riscuri sunt destule pe ambele parti ** toate sunt scheme ponzi *** e bine sa inchiriezi mining la tine in tara ca sa ai o baza juridica in caz de... (situ ca erau niste mine prin covasna si bacau) Deocamdata studiez, inca nu m-am decis si nici nu exista solutia optima. Nu risti nu castigi! Cineva mai sus zicea ca btc-ul se va duce pe pl.... pai cum drq sa se duca pe pl cand astia vor sa-l listeze pe nasdaq in martie, cand alibaba isi face ferma de minat etc. Dar, who the fuck knows, poate maine incepe WW3 si ne ducem toti pe pl. le: legat de hashflare, am cunoscut un tip ce mineaza la ei de 1 an si ceva si face acum cam 300$ profit lunar (daca nu vedeam poate nu credeam) pont: cumparati ripple cat mai e low acum, medium/long term

BTC e in downtrend, a facut double bottom, e posibil sa scada mai mult. Mie unu imi convine daca scade, pot cumpara mai mult la un pret mai bun. De revenit o sa-si revina, daca ati citi detali tehnice deja are peste 100 de noduri de lightning si numarul lor creste mereu. Cu toate astea nu e indicat sa faceti tranzactii mai mari ide 0.3/0.4 pe lightning. Tehnologia evolueaza, e posibil ca piata sa nu mai fie la fel de bully ca in Decembrie cand a fost un bull run non-stop si sa se corecteze. Sanse sunt zilnic, puteti merge pe specula sau pe long term. Your money, your choice. Idea e urmatoarea, buy the DIP, cand scade grav, porfitati de ocazie, va va fi dor de momente de genul asta.

Antminer s9 with power supply from bitmain New in Box @ $1 ,000 usd PRICE: $ 1,000 usd This is brand new Original Anminer with complete accessories and warranty. Antminer S9 APW3++ Power Supply Unit Power Cords Contact me by my Email: r@hotmail.com SPECIFICATIONS: -------------- Hash Rate : 14TH/s Power Consumption: 1375W + 7% (at the wall, with APW3,93% efficiency, 25C ambient temp) Power Efficiency: 0.098 J/GH + 7% (at the wall, with APW3,93% efficiency, 25C ambient temp) Rated Voltage: 11.60 ~13.00V Chip quantity per unit: 189x BM1387 Dimensions 350mm(L) x 135mm(W) x 158mm(H) Cooling 2x 12038 fans Operating Temperature: 0°C to 40°C Contact me by my Email: r@hotmail.com