Leaderboard

Mai bine fac dropshipping cu vibratoare. La cati betivi cu pula mica sunt in Romania, sigur fac vanzare buna la saracele femei :)))))))

Cel mai bine vezi bilantul contabil si contabilitatea, ca nu ai cum sa stii ce/cat s-a investit si de unde a scos "profitul" ala .... Pentru 5 ani si cifra de afaceri 90.000 euro (adica pana in 2000 euro/luna), e cam greu sa ai profit apetisant si angajati ca sa nu zic de cheltuieli adiacente. 9000euro profit pe 5 ani = 150euro/luna

Python based backdoor that uses Gmail to exfiltrate data through attachment. This RAT will help during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends it to an attacker as an e-mail attachment. Powershell-RAT Python based backdoor that uses Gmail to exfiltrate data as an e-mail attachment. This RAT will help someone during red team engagements to backdoor any Windows machines. It tracks the user activity using screen capture and sends the information to an attacker as an e-mail attachment. Note: This piece of code is Fully UnDetectable (FUD) by Anti-Virus (AV) software. This project must not be used for illegal purposes or for hacking into system where you do not have permission, it is strictly for educational purposes and for people to experiment with. Any suggestions or ideas for this tool are welcome - just tweet me on @ManiarViral Screenshot: On the first run of the Powershell-RAT user will get options as below: Using Hail Mary option to backdoor a Windows machine: Successfully taking screenshots of the user activity: Data exfiltrated as an email attachment using Gmail: Setup: Throwaway Gmail email address Enable "Allow less secure apps" by going to https://myaccount.google.com/lesssecureapps Modify the $username & $password variable for your account in the Mail.ps1 Powershell file Modify $msg.From & $msg.To.Add with throwaway gmail address Download: Powershell-RAT-master.zip Source

:))))))))))))))) DESCRIEREA PUNCTULUI DE LUCRU Afacerea este functionala. Are o baza de date de clienti. Afacerea se poate mari daca va fi promovata online prin google sau facebook. Pretul este negociabil. Nu se vinde firma, doar site-ul. Are SEO integrat. DETALII DESPRE TRANZACTIA DORITA Se vinde numai site-ul, pagina facebook, baza de date. Nu se vinde firma. Pretul nu este negociabil. Se ofera asistenta 30 zile. Clientii nu sunt cu "subscription" sa plateasca servicii ceva la tine. Ei cumpara acum si poate mai cumpara peste 2 ani ceva. Deci practic se vinde o saracie de magento, castiva natarai pusi in baza de date si cam atat. Deci in 5 ani au obtinut un profit de 9000 si vor 15.000 pe site. Hai ca e buna.

Fuzzing is an effective and widely used technique for finding security bugs and vulnerabilities in software. It inputs irregular test data into a target program to try to trigger a vulnerable condition in the program execution. Since the first random fuzzing system was constructed, fuzzing efficiency has been greatly improved by combination with several useful techniques, including dynamic symbolic execution, coverage guide, grammar representation, scheduling algorithms, dynamic taint analysis, static analysis and machine learning. In this paper, we will systematically review these techniques and their corresponding representative fuzzing systems. By introducing the principles, advantages and disadvantages of these techniques, we hope to provide researchers with a systematic and deeper understanding of fuzzing techniques and provide some references for this field. Download:

ThanatosDecryptor is an executable program that attempts to decrypt certain files encrypted by the Thanatos malware. File types currently supported include: Image: .gif, .tif, .tiff, .jpg, .jpeg, .png Video: .mpg, .mpeg, .mp4, .avi Audio: .wav Document: .doc, .docx, .xls, .xlsx, .ppt, .pptx, .pdf, .odt, .ods, .odp, .rtf Other: .zip, .7z, .vmdk, .psd, .lnk In order to decrypt files as quickly as possible, ThanatosDecryptor should be run on the original machine infected with the malware, and against the original .THANATOS files that it created. ThanatosDecryptor has been tested against versions 1 and 1.1 of the malware. Known malware sample hashes include: 55aa55229ea26121048b8c5f63a8b6921f134d425fba1eabd754281ca6466b70 97d4145285c80d757229228d13897820d0dc79ab7aa3624f40310098c167ae7e 8df0cb230eeb16ffa70c984ece6b7445a5e2287a55d24e72796e63d96fc5d401 bad7b8d2086ac934c01d3d59af4d70450b0c08a24bc384ec61f40e25b7fbfeb5 02b9e3f24c84fdb8ab67985400056e436b18e5f946549ef534a364dff4a84085 fe1eafb8e31a84c14ad5638d5fd15ab18505efe4f1becaa36eb0c1d75cd1d5a9 Thanatos Overview When run, the Thanatos malware looks for files recursively in the following directories: Desktop Documents Downloads Favourites Music OneDrive Pictures Videos For each file found, the malware derives an encryption key from the number of milliseconds that the infected computer has been running (via a call to GetTickCount), encrypts the file using 256-bit AES encryption, and then discards the encryption key. It would be practically impossible to brute-force guess the 256-bit AES encryption key directly, but since the malware derives this key from the system uptime (a 32-bit value) the key is effectively 32-bits in length. On the virtual machine that I tested on, around 100,000 key derivations and AES decryption operations (on one AES block worth of data, needed for decryption success verification) could be performed every second, meaning in the worst case it would take around 12 hours to successfully guess the key if the system uptime value was random. The system uptime is not random, though. The maximum number of milliseconds you can store in a 32-bit value comes out to be 49.7 days worth, and many people tend to shutdown or hibernate their computers before then (or let them sleep from time to time). Thus, the system uptime at time of infection is likely to be a fairly low value - starting at 0 and guessing your way up is a decent approach. A further optimization is enabled by the fact that the system uptime is written to the Windows Event Logs around once per day. Also, the malware does not modify the .THANATOS file creation dates, so with this information the search space can be reduced to approx. the number of milliseconds within the 24 hours before infection. At 100k attempts per second, it would take around 14 minutes to guess the key under these conditions. ThanatosDecryptor Operation When run, ThanatosDecryptor first searches the directories listed above for files with the .THANATOS file extension. Once found, the original file extension (which is preserved by the malware in the file name write before .THANATOS) is compared with the list of file types supported by ThanatosDecryptor. If the file type is one supported, the file gets queued for decryption. ThanatosDecryptor also parses the Windows Event Log for the daily uptime messages and uses the encrypted file time metadata to determine a starting value for decryption. This value is used to derive an encryption key, an AES decryption operation is done against the file contents, and the resulting byte are compared against values known to be at the beginning of those file types. If the comparison is unsuccessful, increments the seed and tries this process again. Otherwise, the file is decrypted and written out with the original file name. Finally, once one file has been successfully encrypted, ThanatosDecryptor uses the SEED value from that decryption attempt as a starting point for decryption attempts against follow-on files (since they are all likely to be very similar). Running the Program Download the latest ThanatosDecryptor.exe file from the Release directory and run it on the infected system as the user that had his/her files encrypted. Building Visual Studios is required for building. Visual Studio 2017 Community Edition works for me! To build ThanatosDecryptor from source, clone this repo, cd into the ThanatosDecryptor directory, and from the 'Developer Command Prompt for VS 2017' that ships with Visual Studio 2017, run the following command: msbuild ThanatosDecryptor.vcxproj /p:Configuration=Release /p:Platform=Win32 It's easiest to find the Developer Command Prompt using the Windows Start Menu search box. Example output Found the following files able to be decrypted: C:\Users\zelda\Desktop\testfiles\test.7z.THANATOS C:\Users\zelda\Desktop\testfiles\Test.doc.THANATOS C:\Users\zelda\Desktop\testfiles\Test.docx.THANATOS C:\Users\zelda\Desktop\testfiles\test.gif.lnk.THANATOS [...] C:\Users\zelda\Desktop\testfiles\test.xlsx.THANATOS C:\Users\zelda\Desktop\testfiles\test.zip.THANATOS Beginning decryption attempt Attempting to decrypt C:\Users\zelda\Desktop\testfiles\test.7z.THANATOS Tried 393288 seed values thus far Successful decryption verification! Seed: 516031 Successfully wrote decrypted file to: C:\Users\zelda\Desktop\testfiles\test.7z Attempting to decrypt C:\Users\zelda\Desktop\testfiles\Test.doc.THANATOS Overriding calculated SEED value for previously successful SEED value (minus 60 secs): 516031 Tried 8257 seed values thus far Successful decryption verification! Seed: 516031 Successfully wrote decrypted file to: C:\Users\zelda\Desktop\testfiles\Test.doc Attempting to decrypt C:\Users\zelda\Desktop\testfiles\Test.docx.THANATOS Overriding calculated SEED value for previously successful SEED value (minus 60 secs): 516031 Tried 8257 seed values thus far Successful decryption verification! Seed: 516031 Successfully wrote decrypted file to: C:\Users\zelda\Desktop\testfiles\Test.docx Attempting to decrypt C:\Users\zelda\Desktop\testfiles\test.gif.lnk.THANATOS Overriding calculated SEED value for previously successful SEED value (minus 60 secs): 516031 Tried 8257 seed values thus far Successful decryption verification! Seed: 516046 Successfully wrote decrypted file to: C:\Users\zelda\Desktop\testfiles\test.gif.lnk Attempting to decrypt C:\Users\zelda\Desktop\testfiles\test.gif.THANATOS Overriding calculated SEED value for previously successful SEED value (minus 60 secs): 516046 [...] Attempting to decrypt C:\Users\zelda\Desktop\testfiles\test.xlsx.THANATOS Overriding calculated SEED value for previously successful SEED value (minus 60 secs): 516062 Tried 8226 seed values thus far Successful decryption verification! Seed: 8ca3e Successfully wrote decrypted file to: C:\Users\zelda\Desktop\testfiles\test.xlsx Attempting to decrypt C:\Users\zelda\Desktop\testfiles\test.zip.THANATOS Overriding calculated SEED value for previously successful SEED value (minus 60 secs): 516062 Tried 8226 seed values thus far Successful decryption verification! Seed: 8ca3e Successfully wrote decrypted file to: C:\Users\zelda\Desktop\testfiles\test.zip Press any key to exit Note how some files were encrypted using the same Seed value - according to the GetTickCount man page, the uptime has a resolution of between 10ms and 16ms, which means that it can take between 10-16 ms for another call to GetTickCount to return a different value. Download: ThanatosDecryptor-master.zip (1.8MB) Source

https://azure.microsoft.com/en-us/try/cognitive-services/?api=computer-vision Free: 5,000 transactions, 20 per minute. Dar si variantele platite sunt pe sume mici. Vezi la OCR si text recog: https://docs.microsoft.com/en-us/azure/cognitive-services/computer-vision/home

Python tesseract e destul de bunicel. https://pypi.org/project/pytesseract/

Ceva de genul? (poate am ratat un quote ceva, e tarziu) #!/bin/bash # curl="/usr/bin/curl" sleep="/bin/sleep" website="https://www.domain.nl" token="8d1f1aac0dd8a76b49e8bbdda0c7c98c" wait="30" lines="50" services="apache nginx ftp ssh dmesg" update_argv="-H 'Content-Type: application/x-www-form-urlencoded' -X POST" update_site="https://www.domain.de" for (( ; ; )) do for i in $services do export $i=$($curl -s $website/servers.php?api=$token&func=get_details&detail=$i|tail -n $lines) done $curl -d "apache=$apache&nginx=$nginx&ftp=$ftp&ssh=$ssh&dmesg=$dmesg" -H "$update_argv" "$update_site/?api=$token&func=provision" $sleep $wait done

ARPPD ARP Poisoning Defender This is a small script I have written in C to provide protection against malicious ARP attacks, changing the gateway's MAC Address in the ARP table of a victim's PC. How it works The program saves the Gateway's MAC and IP Address when started. It then scans for every incoming ARP packet to see if it has the ARP Source of the gateway's ip. It blocks these packets (without a delay, like in other ARP defending scripts) using arptables, and instantly updates the ARP table to match the gateway's IP and MAC. It keeps the attacker's MAC address blocked for receiving ARP packets for 5 minutes. When the program exists, it allows all MAC addresses to send ARP packets again (to the PC running the script), as well as flushing the ARP table. Cross Platform For now, the script only works on linux. I will try to release a win64 version ASAP. Installation and build ARPPD needs arptables to run, so just install it: sudo apt-get install arptables There's a pre-built executable in the builds folder, or build it yourself: To build: Run compile_arppd_linux OR Go in the main directory Run: gcc -o builds/defender-win64 src-win64/defender.c -lpcap -pthread Malicious ARP Packets When the ARPPD will detect a malicious ARP Packet, it will look like this: Video Download: ARPPD-master.zip or git clone https://github.com/Prodicode/ARPPD.git Source

Most work on DOM Cross-Site Scripting (DOM-XSS) detection methods can be divided into three kinds: black-box fuzzing, static analysis, and dynamic analysis. However, black-box fuzzing and static analysis suffer much from high false negative rates and high false positive rates respectively. Current dynamic analysis is complex and expensive, though it can obtain more efficient results. In this paper, we propose adynamic detection framework (TT-XSS) for DOM-XSS by means of taint tracking at client side. We rewrite all JavaScript features and DOM APIs to taint the rendering process of browsers. To this end, new data types and methods are presented to extend the semantic description ability of the original data structure, based on which we can analyze the taint traces through tainting all sources, sinks and transfer processes during pages parsing. In this way, attack vectors are derived to verify the vulnerabilities automatically. Compared to AWVS 10.0, our framework detects more 1.8% vulnerabilities, and it can generate the corresponding attack vectors to verify 9.1% vulnerabilities automatically. Download paper:

While fuzzing is known to be a powerful mechanism for fingerprinting and enumerating bugs within hardware and software systems, the application of this technique to wireless systems remains nontrivial due to fragmented and siloed tools. Join us as we cover wireless fuzzing fundamentals and introduce a new tool to unify the approach across protocols, radios, and drivers. About the Speakers Matt Knight Matt Knight (@embeddedsec) is a center and left wing for the San Francisco Desert Owls ice hockey team. When his schedule allows he moonlights as a software engineer and security researcher, where he explores the boundaries between software, hardware, and wireless systems. With specific interests in RF networks and physical layers, he notably reverse engineered the LoRa PHY based on blind signal analysis. Matt holds a BE in Electrical Engineering from Dartmouth College. Ryan Speers Ryan Speers is a security researcher and developer who enjoys embedded systems, low-power radio protocols, and reversing proprietary systems. He has worked in offensive and defensive roles on networks, Windows, micro controllers, and many things in-between. As co-founder at River Loop Security, he tests embedded systems for security issues, and helps clients build more secure systems. He is also Director of Research for Ionic Security where he leads system and cryptographic research. He has previously spoken at a number of security conferences, including Troopers 14, and written some articles for journals ranging from peer-reviewed academic publications to PoC link: https://www.troopers.de/troopers18/agenda/rgdyd3/

Sediul SRI intr-o zi obisnuita de duminica: Sediul SRI dupa ce a aparut "Despre clonarea de carduri" pe RST

Apai..faci site-uri pe banda. La tine a face un site inseamna a pune o tema nulled pe un host + un domeniu amarat si gata site-ul. S-a umplut internetul de copii (dubluri) si site-uri aparute ca ciupercile. * Puteai macar sa ascunzi cercurile alea de la messenger cand ai facut printurile...totusi.

Dau niste chei de steam moka, primul venit, primul servit. Actualizez saptamanal. Bafta! https://bit.ly/2MBwKfL