Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 05/03/20 in all areas

  1. E copil nu va luati de el... @onlyz69 sau @GeorgeZ... era un proverb. "Nu ai cum sa vinzi castraveti gradinarului" sau cum plm era. Mai bine invata lucruri care te ajuta. Am mai zis-o intr-un post, sunt copii de 15-16 ani care fac sume ok din bug bounty, reprofileaza-te.
    2 points
  2. 2 points
  3. Introduction to Java Remote Method Invocation (RMI) Written by Chris Matthews Introduction [NOTE: Here is a link to a zip of the source code for this article. Ed] This is a two-part series on the topic of Java's Remote Method Invocation (RMI). In this article I am going to discuss the basics of Java RMI (e.g., layers, rmic, registry, etc.) and how to apply and use it to develop distributed computing applications through examples. The second article discusses more advanced topics on Java RMI (e.g., CORBA IIOP and IDL, datagram packaging of Remote objects, distributed garbage collector, etc.). Let's get started with the first article. In the past, developing cross-platform, distributed computing applications has been difficult to say the least. With considerations like hardware, operating system, language, serialization, etc., development and support have to be adjusted (if not reinvented) each time a developer deploys their applications for a new target system. And if a developer wants to provide robust support (e.g., marshaling/unmarshaling objects), the developer is required to create the support themselves to fit the idiosyncrasies of each system. Now with the ever-increasing acceptance of the Java operating environment and language (e.g., the write once, run anywhere mantra), an application developer has the ability to write true, robust cross-platform distributive computing applications. He can do this without worrying about special system-specific support concerns. Java RMI is shipped with the Java JDK 1.1 and higher. It is a true distributed computing application interface for Java. Unlike other distributed programming interfaces (e.g., RPC, IDL, etc.), Java RMI is language specific. This is a good thing because by being language specific, RMI has the ability to provide more advanced feature like serialization, security, etc. Contrast this with other distributive computing interfaces that are language independent and must write to the least common denominator to support many platforms/languages. This topic will be explored further in the second article. Java RMI is comprised of three layers that support the interface. See illustration below. The first layer is the Stub/Skeleton Layer. This layer is responsible for managing the remote object interface between the client and server. The second layer is the Remote Reference Layer (RRL). This layer is responsible for managing the "liveliness" of the remote objects. It also manages the communication between the client/server and virtual machine s, (e.g., threading, garbage collection, etc.) for remote objects. The third layer is the transport layer. This is the actual network/communication layer that is used to send the information between the client and server over the wire. It is currently TCP/IP based. If you are familiar with RPC, it is a UDP-based protocol which is fast but is stateless and can lose packets. TCP is a higher-level protocol that manages state and error correction automatically, but it is correspondingly slower than UDP. The example used in this article is an amortization schedule application. The client requests a local schedule object from the server through a remote object and passes an amount and duration of a loan to the server. The server instantiates a local schedule object with the amount and duration along with the interest rate the server knows about. Then the schedule object is serialized and returned back to the client. The client can then print the object or modify it at this point. The client has its own private copy of the schedule object. Below is an illustration that serves as a reference for the parts of the RMI application. Creating the Interface Definitions File The first thing that you must do to develop an RMI application is to define the remote interface. The interface defines what remote methods/variables are going to be exported from the remote object. Usually the interface defines methods only because variables have to be declared final (i.e., constant) if they are in an interface definition. The remote interface needs to import the RMI package, and every exported method must throw an RMI remote exception to manage errors during invocation. Below is the code for the mathCalc.java interface definition file in our example. /**************************************************** * module: mathCalc.java ****************************************************/ import java.lang.*; import java.rmi.*; public interface mathCalc extends java.rmi.Remote { public schedule amortizeSchedule( float ammount, int duration ) throws java.rmi.RemoteException; public void printRate() throws java.rmi.RemoteException; } If you are familiar with using Java and interfaces, converting your local objects to remote objects can be done very quickly with minor modifications to your source. You need to include the Java RMI package and manage RMI remote exceptions on all your exported local methods. Creating the Interface Implementation File Once the interface definition file is created, you need to define the actual code that supports the interface on the server. Below is an example of the mathCalcImp.java interface implementation file used to provide that support. /**************************************************** * module: mathCalcImp.java ****************************************************/ import java.rmi.*; import java.rmi.server.*; class mathCalcImp extends UnicastRemoteObject implements mathCalc { float interestRate = (float)7.5; mathCalcImp() throws java.rmi.RemoteException { } public schedule amortizeSchedule( float ammount, int duration ) throws java.rmi.RemoteException { System.out.println("Amortizeing Schedule."); return( new schedule( interestRate, ammount, duration ) ); } public void printRate() throws java.rmi.RemoteException { System.out.println("Current Interest Rate is " + interestRate ); } } Notice the implementation file imports the package java.rmi.*. It also imports the java.rmi.server.* package. This is so you can extend the UnicastRemoteObject class to support remote clients. This class manages client/server and peer/peer connection support for RMI. Today there is no MulticastRemoteObject class, but it should appear in some JDK 1.2 release. There is, however, enough support in JDK 1.1 to allow you to write your own MulticastRemoteObject class to support multicast remote clients. Notice how the file defined above implements mathCalc, the remote interface definition that was defined earlier. Each method in the implementation file that is going to be externalized needs to throw a remote exception. Object Serialization The amortizeSchedule() method prints a message on the server and instantiates a new local schedule object that is returned to the client. The schedule object is a local object that will be serialized and marshaled into a data stream to be sent back to the client. Now is a good time to discuss the serialization of remote objects. To begin that discussion, the schedule.java.local class is presented below. /**************************************************** * module: schedule.java ****************************************************/ import java.lang.*; import java.util.*; import java.io.*; class schedule implements Serializable { float totalLoanAmt; float usrAmmount; float interestRate; int loanDuration; schedule( float rate, float ammount, int duration ) { interestRate = rate; usrAmmount = ammount; loanDuration = duration; totalLoanAmt = ammount + (ammount / rate); } void print() { System.out.println("Schedule Created."); System.out.println("Calculation information based on:"); System.out.println(" Rate [%" + interestRate + "]" ); System.out.println(" Ammount [$" + usrAmmount + "]" ); System.out.println(" Duration [ " + loanDuration + "]" ); System.out.println(" Total Loan [$" + totalLoanAmt + "]" ); int couponNum = 0; float balanceRemaining = totalLoanAmt; float monthlyPayment = 0; System.out.println(); System.out.println( "Payment Monthly Payment Ammount Balance Remaining"); System.out.println( "------- ----------------------- -----------------"); while( balanceRemaining > 0 ) { couponNum++; monthlyPayment = totalLoanAmt/loanDuration; if( balanceRemaining < monthlyPayment ) { monthlyPayment = balanceRemaining; balanceRemaining = 0; } else { balanceRemaining = balanceRemaining - monthlyPayment; } System.out.println( couponNum + " " + monthlyPayment + " " + balanceRemaining ); } } } If you are passing local objects around through remote interfaces, you have to make the defining local class serializable. Notice that the schedule class implements the serializable interface, but it does not have to provide any code. This is because Java manages the serialization of serializable interfaces for you. If we were to implement externalizable instead of serializable, then the schedule.java class would have to provide the serialize/deserialize methods. This would require the schedule class to serialize and deserialize its own data. If you try to pass a local object that has not implemented the serializeable/externalizeable interface, Java will throw a marshaling exception on the server/client. Note: Be careful when marking a class serializable, because Java will try to "flatten" everything related to that cl., inheritance classes, instances within the class, etc.). As an example, I would not recommend trying to serialize anything like the root drive on your disk. There is also a lot of overhead involved in the serialization/deserialization process. Use serialization with care. The topic of serialization will be revisited in the second article when I discuss encryption of remote objects for security. Creating the Stubs/Skeletons Now that the interface and implementation files have been created, you need to generate the stubs and skeleton code. This is done by using the rmic compiler provided by the JDK. The following command will generate the stub and skeleton .class files, but it will not create the .java files. If you want to see the Java-generated code, use the -keepgenerated option. This will leave the .java files files around, but don't try to modify these files. The rmic compiler also has a -show option that runs it as an AWT application. Command Line > rmic mathCalcImp After running the rmic compiler, you should see mathCalcImp_Skel.class and mathCalcImp_Stub.class. These classes are where your references to the remote objects will resolve to in the client's address space. The RRL will manage the mapping of these objects to the server's address space. Creating the Client Now we need to create the client-side application that will use the remote objects. Below is the sample code for calcClient.java. /**************************************************** * module: calcClient.java ****************************************************/ import java.util.*; import java.net.*; import java.rmi.*; import java.rmi.RMISecurityManager; public class calcClient { public static void main( String args[] ) { mathCalc cm = null; int i = 0; System.setSecurityManager( new RMISecurityManager()); try { System.out.println("Starting calcClient"); String url = new String( "//"+ args[0] + "/calcMath"); System.out.println("Calc Server Lookup: url =" + url); cm = (mathCalc)Naming.lookup( url ); if( cm != null ) { String testStr = "Requesting Current Interest Rate..."; // Print Current Interest Rate from the server cm.printRate(); // Amortize a schedule using the server interest // rate. float amount = (float)10000.50; int duration = 36; schedule curschd = cm.amortizeSchedule( amount, duration ); // Print the schedule curschd.print(); } else { System.out.println("Requested Remote object is null."); } } catch( Exception e ) { System.out.println("An error occured"); e.printStackTrace(); System.out.println(e.getMessage()); } } } The client code imports the java.rmi package along with the java.rmi.RMISecurityManager. The first thing the client needs to do is register a security manager with the system. The RMI package provides an RMI security manager, but if you like writing security managers, you can register your own. If a security manager is not registered with the system, Java will only allow resolution of classes locally. This, of course, defeats the purpose of distributed computing. If you are writing an applet instead of an application, the security manager has already been registered for you by the browser. You cannot register another security manager for the applet. In the second article I will go into more details about closed and open systems for Java and RMI. Once you have registered the security manager, you need to create a URL string that is comprised of the server name and remote object name you are requesting. This will enable the client to look up the remote object on the server via the rmiregistry. Your client code will call the Naming.lookup method that makes a request to the server to return a remote object reference. Notice the object returned from the Naming.lookup method is cast to the actual interface class. This is because the lookup call returns a reference of type Object, an abstract type that needs to be casted to a concrete class (e.g., the interface definition file, mathCalc). The URL name lookup format for an RMI object via the registry looks like this: rmi://www.myserver.com/myObject or //www.myserver.com/myObject If the client is successful in retrieving the remote reference, it can invoke remote methods on the remote object at this point. The example makes a call to print the interest rate on the server, and it makes a request to amortize a schedule. If the amortize schedule is successful, the client gets a local copy of the schedule object. Then the client can call routines in the schedule object, modify the object, etc. This is the client's private copy of the object, and the server has no knowledge of any changes to this object made by the client. Local objects are by copy, and remote objects are by reference. Creating the Server The server has very simple code that is similar to the client. Below is the calcServ.java code for the server: /**************************************************** * module: calcServ.java ****************************************************/ import java.util.*; import java.rmi.*; import java.rmi.RMISecurityManager; public class calcServ { public static void main( String args[] ) { System.setSecurityManager( new RMISecurityManager()); try { System.out.println("Starting calcServer"); mathCalcImp cm = new mathCalcImp(); System.out.println("Binding Server"); Naming.rebind("calcMath", cm ); System.out.println("Server is waiting"); } catch( Exception e ) { System.out.println("An error occured"); e.printStackTrace(); System.out.println(e.getMessage()); } } } The server has the same requirements as the client has regarding the security manager. Once the server has registered properly with the security manager, the server needs to create an instantiation of the mathCalcImp implementation objec This is the actual remote object the server exports. Since the server uses the rmiregistry, you must bind (i.e., alias) an instance of the object with the name that will be used to look up the object. In the second article I will talk about an alternative way to look up/pass objects around without using the registry. Note: The server sample uses rebind instead of bind. This is to avoid the following problem with bind; i.e., if you start your server and bind an object to the registry then later start a newer version of the server, the bind will not take place because a previous version already exists. When your client references the server, it will get the original reference to the object and not the latest. Also, when the client tries to reference the remote object, the server will throw an exception because the object is no longer valid. If you instead use rebind, then each time you start a new server, it will bind the latest object for the name lookup and replace the old object. You can export as many objects as you like. For the sake of simplicity, the example only exports one object. Additionally, you can have a factory class that returns object references or you can use the registry to look up multiple names of objects. You normally only need one registry running, but Java does not preclude running multiple registries on different ports. The client needs to use the correct lookup method to gain access to the correct registry on a port number. If you are looking at this server application and wondering how it continues to run after it has seemingly completed its mission, the answer is that the main thread goes away at this point. However, when the server calls the registry to bind the object, it creates another thread under the covers that blocks waiting in a loop for a registry derigstration event. This keeps the server from terminating. If you don't use the registry, the server example needs to be modified to stay alive to support the references to remote objects. Building the Sample You need to compile the client and the server code by doing the following: javac calcClient.java javac calcServ.java Starting the Sample Now you are ready to run the sample RMI application. The first thing to do is to start the rmiregistry on the server. Ensure that your CLASSPATH is set up so that the registry can find your server classes in its path. Start the rmiregistry as follows: start rmiregistry (optional port : default port 1099 ) [The optional port number can be left out, in which case it defaults to 1099. If this is not the desired port, specify one as in "start rmiregistry 1095". Ed.] Next, start the server as follows: start java calcServ The server will start and print a message that it is waiting for requests. Now you are ready to start the client application as follows: start java calcClient www.myserver.com At this point you should see a request come into the server to print the interest rate and request a remote object reference. The client will then display the contents of the schedule object returned from the server. Conclusion Hopefully this article has helped illuminate the basic concepts and design of Java's RMI. This is just an introduction to RMI, but I will be talking about more advanced topics for writing a real-world Java RMI application in the next article. The code for this article is downloadable from the top of this article. If you have any questions, you can send me e-mail. Also, as a side note, the ICAT debugger for OS/2 Java (ICATJVO) can debug Java RMI client and server code through the JNI interface on OS/2. So far, this is the only debugger I have found that can do this. Source
    2 points
  4. Salutare tuturor , ultima data cand am cerut stafuri in legatura cu programarea a fost acum ceva timp si a fost foarte folositor , datorita voua si sfaturilor oferite am inceput sa invat programare php si editare grafica , acum as vrea sa "legalizez" asta si sa ma angajez pe domeniu , am ajuns la un punct in care varsta si timpul nu imi mai permit sa fac o facultate standard(4 ani) , asa ca m`am orientat spre e-learning , pot sa spun ca am ales link academy pentru programare , cine are cunostinte/prieteni daca se merita sa fac facultatea asta , daca o sa gasesc locuri de munca pe domeniul in care o sa fiu calificat , etc... bineinteles ca e-learning de 1 an nu se compara cu o automatica de 4 ani sau cibernetica si nici nu am pretentia de mii de euro salariu dupa facultate si din prima luna dupa angajare , dar nici sa lucrez pe 800/luna toata viata astept pareri sfaturi...si nu numai in legatura cu link academy , daca mai cunoasteti si alte facultati de genu si daca se merita multumesc anticipat
    1 point
  5. Ce cred eu, sincer, despre aceasta persoana: a cumparat si el acele mizerii de pe cine stie ce porcarie de forum si na, roman, vrea sa faca si el un ban cinstit. Probabil in cateva minute putem gasi de unde le-a luat, dar nu isi pierde nimeni timpul cu asa ceva. Cat despre noi, scriam tool-uri dinastea de "hacking" prin 2008. Uite aici un crypter facut de mine in 2009: Cu alte cuvinte stim ce vorbim. Mai ales ca au trecut peste 10 ani de atunci si noi am invatat multe alte lucruri intre timp. Si inca invatam. Cat despre tine nu stim nimic. Bine, stim, ca ai numele in adresa de mail, degeaba incerci sa te ascunzi prin Telegrame...
    1 point
  6. Oracle patched the bug last month but attacks began after proof-of-concept code was published on GitHub. Enterprise software giant Oracle published an urgent security alert last night, urging companies that run WebLogic servers to install the latest patches the company released in mid-April. Oracle says it received reports of attempts to exploit CVE-2020-2883, a vulnerability in its WebLogic enterprise product. WebLogic is a Java-based middleware server that sits between a front-facing application and a database system, rerouting user requests and returning needed data. It is a wildly popular middleware solution, with tens of thousands of servers currently running online. The CVE-2020-2883 vulnerability is a dangerous bug, which received a 9.8 score out of 10, on the CVSSv3 vulnerability severity scale. The bug, which was privately reported to Oracle, allows a threat actor to send a malicious payload to a WebLogic server, via its proprietary T3 protocol. The attack takes place when the server receives the data and unpacks (deserializes) it in an unsafe manner that also runs malicious code on the underlying WebLogic core, allowing the hacker to take control over unpatched systems. Oracle says that no user authentication or interaction is needed to exploit this bug. This makes CVE-2020-2883 an ideal candidate for integration in automated web-based attack tools and botnet operations. Oracle patched the bug during its quarterly security updates, released on April 14. Current exploitation attempts appear to have started after proof-of-concept code to exploit the CVE-2020-2883 bug was published on GitHub a day later. Oracle said that exploitation attempts against other vulnerabilities patched last month were also reported but the company highlighted the WebLogic vulnerability in particular. This is because in recent years, hackers have constantly shown interest in weaponizing and exploiting WebLogic bugs [1, 2, 3, 4, 5, 6, 7, 8, 9] . Hacking groups have been using these vulnerabilities to hijack WebLogic servers to run cryptocurrency miners or breach corporate networks and install ransomware. CVE-2020-2883 will almost certainly join CVE-2019-2729, CVE-2019-2725, CVE-2018-2893, CVE-2018-2628, and CVE-2017-10271 as one of the most exploited WebLogic vulnerabilities in the wild. Via zdnet.com
    1 point
  7. This archive contains all of the 201 exploits added to Packet Storm in April, 2020. Content: 05/03/2020 10:07 AM <DIR> . 05/03/2020 10:07 AM <DIR> .. 04/01/2020 06:30 PM 6,139 10strike_lanstate_v9.32_x86_seh_poc.py.txt 04/03/2020 04:33 PM 1,285 13enformecms-sqlxss.txt 04/18/2020 01:34 AM 13,533 2020-05-cde-sdtcm_convert.txt 04/18/2020 01:37 AM 6,462 2020-06-cde-libDtSvc.txt 04/18/2020 01:38 AM 8,786 2020-07-solaris-whodo-w.txt 04/18/2020 04:33 PM 1,352 aac63-unquotedpath.txt 04/11/2020 12:32 AM 830 absolutetelnet1112ssh1-dos.txt 04/02/2020 05:54 PM 5,718 aida64_engineer_v6.20.5300_poc.py.txt 04/20/2020 06:12 PM 3,846 allplayer76-overflow.py.txt 04/08/2020 07:48 PM 5,056 amcrestdahuanvr-dos.txt 04/23/2020 10:27 PM 5,156 amdradeo11-corrupt.txt 04/29/2020 01:11 PM 1,673 andreastfs10647-unquotedpath.txt 04/19/2020 06:22 PM 4,448 AtomicAlarmClock6.3b-UnicodeSEHOF.py.txt 04/13/2020 02:11 PM 2,652 b64dec112-overflow.txt 04/15/2020 09:20 PM 4,330 blazedvd702-overflow.txt 04/06/2020 09:39 PM 5,425 boltcms370-exec.txt 04/08/2020 07:50 PM 1,051,201 centreon19103-sql.pdf 04/20/2020 06:21 PM 3,163 centreon19105-sql.txt 04/30/2020 05:52 PM 2,777 cheminv-xss.txt 04/09/2020 05:45 PM 2,096 ci-pydu-pyja.py.txt 04/21/2020 11:36 PM 8,612 ciscoanyconnectsmc4801090-escalate.txt 04/17/2020 06:25 PM 3,105 ciscoipphone117-dos.txt 04/28/2020 01:01 AM 1,997 cloudme1112-overflow.txt 04/09/2020 05:44 PM 890 Cmen0tc00l1n.txt 04/17/2020 06:29 PM 1,500 codeblocks1601-overflow.txt 04/23/2020 10:29 PM 1,065 complaintms42-sql.txt 04/23/2020 10:31 PM 974 complaintms42-xsrf.txt 04/23/2020 10:24 PM 1,186 complaintms42-xss.txt 04/29/2020 06:39 PM 146,129 CORE-2020-0009.pdf 04/05/2020 10:22 PM 1,049 crs26-xss.txt 04/28/2020 01:22 AM 1,363 csgo4937372-exec.txt 04/21/2020 04:49 PM 951 cszcms127-htmlinject.txt 04/21/2020 04:47 PM 1,090 cszcms127-xss.txt 04/21/2020 05:18 PM 6,523 CVE-2020-6857.txt 04/06/2020 10:01 PM 5,217 cve_2020_0796_smbghost.rb.txt 04/01/2020 05:43 PM 981 diskboss7714-dos.txt 04/02/2020 05:35 PM 3,622 diskboss7714-overflow.txt 04/08/2020 07:43 PM 3,928 django30-xsrfbypass.txt 04/03/2020 05:59 AM 39,916 dnn_cookie_deserialization_rce.rb.txt 04/07/2020 07:37 PM 1,038 dnsmasqutils2791-dos.txt 04/27/2020 06:24 PM 3,548 docker_credential_wincred.rb.txt 04/29/2020 07:00 PM 1,416 druvainsyncwc652-escalate.txt 04/17/2020 06:24 PM 6,042 easympegtodvd1711-overflow.txt 04/22/2020 06:07 PM 2,398 edimaxew7438rpn-disclose.txt 04/22/2020 06:06 PM 1,197 edimaxew7438rpn-xsrf.txt 04/24/2020 05:36 PM 2,196 edimaxew7438rpn113-exec.txt 04/13/2020 08:44 PM 1,835 edimaxew7438rpn3mini127-exec.txt 04/29/2020 06:55 PM 1,837 emeditor198-insecure.txt 04/24/2020 05:34 PM 1,256 espocrm585-escalate.txt 04/12/2020 09:22 PM 18,682 freeDesktopClock_x86_UnicodeSEHOF.py.txt 04/05/2020 09:22 PM 756 frigate336-dos.txt 04/29/2020 06:53 PM 4,086 gigavue550111-traversalupload.txt 04/11/2020 01:01 AM 10,207 GS20200410220034.txt 04/11/2020 01:02 AM 416,501 GS20200410220209.tgz 04/15/2020 09:42 PM 9,019 GS20200415184247.tgz 04/15/2020 09:44 PM 5,361 GS20200415184419.tgz 04/15/2020 09:45 PM 2,801 GS20200415184547.tgz 04/21/2020 05:21 PM 10,622 GS20200421142151.tgz 04/23/2020 10:49 PM 4,123 GS20200423194901.tgz 04/23/2020 10:50 PM 5,395 GS20200423195014.tgz 04/23/2020 10:51 PM 19,440 GS20200423195129.tgz 04/23/2020 10:54 PM 4,963 GS20200423195409.txt 04/28/2020 06:00 PM 7,520 GS20200428150032.tgz 04/29/2020 06:58 PM 3,073 hitsscript10-sql.txt 04/13/2020 01:11 PM 1,573 huaweihg630-bypass.txt 04/21/2020 04:18 PM 24,763 ibm_drm_rce.txt 04/21/2020 04:52 PM 11,839 iqrouter331-exec.txt 04/09/2020 05:47 PM 1,085 jabadabadabad00.txt 04/21/2020 05:08 PM 1,658 jizhicms167-filedownload.txt 04/25/2020 03:23 PM 1,887 jqueryhtml-xss.txt 04/14/2020 02:23 AM 7,630 KL-001-2020-001.txt 04/15/2020 09:57 PM 6,720 liferay_java_unmarshalling.rb.txt 04/03/2020 10:22 PM 849 limesurvey4111-traversal.txt 04/06/2020 10:07 PM 1,683 limesurvey4111sg-xss.txt 04/27/2020 06:15 PM 7,044 maiansh43-xsrf.txt 04/08/2020 07:39 PM 964,265 manageengine14-exec.pdf 04/15/2020 03:17 AM 5,070 matrix42wm9122765-xss.txt 04/03/2020 10:32 PM 3,034 memuplay713-insecure.txt 04/17/2020 06:36 PM 2,979 metasploit_libnotify_cmd_injection.rb.txt 04/06/2020 10:08 PM 11,071 MICROSOFT-WINDOWS-NET-USE-INSUFFICIENT-PASSWORD-PROMPT.txt 04/03/2020 10:22 PM 392 mlp1-xss.txt 04/13/2020 10:22 PM 983 moveittransfer1111-sql.txt 04/02/2020 05:50 PM 2,964 msisw104-disclosessrfexecxss.txt 04/02/2020 05:52 PM 1,410,769 multiotp5044-exec.pdf 04/09/2020 05:43 PM 965 nagios5.6.11-postauth-rce-param_address.txt 04/08/2020 07:36 PM 3,898,310 nagios5611-exec.txt 04/08/2020 07:30 PM 1,518,637 nagiosxi-exec.pdf 04/09/2020 05:57 PM 6,562 netABuse.txt 04/27/2020 05:37 PM 838 netise1-backdoor.txt 04/27/2020 05:41 PM 1,716 netise1-disclose.txt 04/16/2020 06:37 PM 6,382 nexus_repo_manager_el_injection.rb.txt 04/27/2020 05:55 PM 1,031 NS-20-001.txt 04/27/2020 06:18 PM 824 NS-20-002.txt 04/04/2020 01:11 PM 1,560 nsauditor3200-dos.txt 04/20/2020 06:13 PM 4,985 nsauditor3210-overflow.txt 04/21/2020 05:03 PM 6,218 nsclient05235-exec.txt 04/29/2020 06:47 PM 1,722 nvidiausd1021-unquotedpath.txt 04/27/2020 06:05 PM 3,251 ocr20-sql.txt 04/04/2020 05:02 PM 1,097 ohbspro13-xss.txt 04/30/2020 11:32 PM 661 onliness10-bypass.txt 04/30/2020 10:22 PM 1,467 onliness10-xss.txt 04/27/2020 05:56 PM 855 onlinessa10-sql.txt 04/26/2020 10:22 PM 634 openaudit330-xss.txt 04/30/2020 06:54 PM 4,703 openitaudit331-exec.txt 04/02/2020 05:38 PM 6,882 oraclecoherencefusion-exec.txt 04/14/2020 06:04 PM 6,968 oraclewls122140-exec.txt 04/03/2020 05:17 PM 4,211 pandorafms70ng-exec.txt 04/06/2020 09:57 PM 4,193 pandora_ping_cmd_exec.rb.txt 04/06/2020 09:53 PM 1,957 pfsense244p3um-xss.txt 04/10/2020 05:22 AM 532 photoscape-dos.txt 04/27/2020 05:39 PM 2,035 phpfusion90350-upload.txt 05/01/2020 02:03 AM 3,569 phpfusion90350-xss.txt 04/15/2020 09:19 PM 2,608 pinger10-exec.txt 04/04/2020 08:22 PM 1,091 pkexplorer4220-dos.txt 04/06/2020 09:55 PM 4,898 playsms_template_injection.rb.txt 04/21/2020 05:14 PM 1,840 pmb56-sql.txt 04/24/2020 04:02 PM 1,500 popcorntime62-unquotedpath.txt 04/18/2020 12:26 AM 12,063 prestashop1764-execxssxsrf.txt 04/21/2020 11:28 PM 7,738 qradar7316-bypass.txt 04/21/2020 10:51 PM 8,856 qradar7316-defaultpassword.txt 04/21/2020 11:13 PM 6,952 qradar7316-inject.txt 04/21/2020 11:09 PM 6,069 qradar7316-insecurepermissions.txt 04/21/2020 11:15 PM 11,867 qradar7316-lfiinstant.txt 04/21/2020 10:55 PM 8,184 qradar7316-ssrf.txt 04/21/2020 11:30 PM 8,018 qradar7316-traversal.txt 04/21/2020 10:57 PM 8,781 qradar7316-xsrfweakcontrol.txt 04/21/2020 11:06 PM 6,282 qradar7316-xss.txt 04/22/2020 06:08 PM 3,467 rmdownloader313220100613-overflow.txt 04/19/2020 04:33 PM 1,887 rubodicomviewer20-overflow.txt 04/29/2020 06:32 PM 3,501 schoolerppro10-exec.txt 04/29/2020 06:33 PM 1,166 schoolerppro10-fileread.txt 04/29/2020 06:31 PM 1,442 schoolerppro10-sql.txt 04/03/2020 09:02 PM 1,100 seabreeze1-xss.txt 04/09/2020 05:54 PM 1,420 seemantech.py.txt 04/29/2020 07:05 PM 2,408 shiro_rememberme_v124_deserialize.rb.txt 04/03/2020 05:55 AM 18,455 solr_velocity_rce.rb.txt 04/21/2020 05:06 PM 2,257 spiderman211-overflow.txt 04/06/2020 09:24 PM 1,300 spotauditor534-dos.txt 04/08/2020 07:33 PM 2,013,558 symantecwg-exec.pdf 04/08/2020 07:44 PM 919,199 symantecwg5028-exec.pdf 04/21/2020 05:11 PM 1,138 sysaid20111b26-exec.txt 04/14/2020 06:47 PM 9,539 thinkphp_rce.rb.txt 04/15/2020 09:58 PM 17,476 tplink_archer_a7_c7_lan_rce.rb.txt 04/04/2020 09:32 PM 3,819 triologicmp8-overflow.py.txt 04/13/2020 05:44 PM 1,045 tvtnvms1000-traversal.txt 04/06/2020 09:19 PM 786 ultravnclauncher1240-dos.txt 04/05/2020 10:22 PM 790 ultravnclauncher1240pw-dos.txt 04/06/2020 01:22 AM 732 ultravncviewer1240vncserver-dos.txt 04/23/2020 10:23 PM 1,268 ums20-sql.txt 04/23/2020 10:19 PM 1,367 ums20-xss.txt 04/16/2020 11:01 PM 7,458 unquoted_service_path.rb.txt 04/17/2020 06:37 PM 3,175 unraid_auth_bypass_exec.rb.txt 04/06/2020 09:38 PM 1,531 vanguard21-xss.txt 04/06/2020 10:03 PM 7,835 vestacp09826-exec.rb.txt 04/14/2020 06:50 PM 9,816 vestacp_exec.rb.txt 04/30/2020 08:22 PM 777 virtualtablet302-dos.txt 04/15/2020 09:23 PM 8,810 VL-2194.txt 04/15/2020 09:27 PM 12,794 VL-2195.txt 04/17/2020 06:28 PM 13,258 VL-2198.txt 04/15/2020 09:30 PM 7,668 VL-2199.txt 04/15/2020 09:29 PM 9,067 VL-2202.txt 04/15/2020 09:39 PM 13,863 VL-2203.txt 04/18/2020 12:27 AM 9,344 VL-2205.txt 04/15/2020 09:33 PM 15,125 VL-2206.txt 04/21/2020 05:33 PM 15,149 VL-2207.txt 04/18/2020 01:32 AM 17,556 VL-2208.txt 04/15/2020 09:36 PM 11,159 VL-2209.txt 04/20/2020 09:44 PM 11,842 VL-2210.txt 04/17/2020 06:31 PM 6,687 VL-2211.txt 04/15/2020 09:22 PM 15,640 VL-2213.txt 04/17/2020 06:30 PM 18,886 VL-2215.txt 04/20/2020 09:32 PM 13,734 VL-2216.txt 04/21/2020 05:33 PM 13,526 VL-2217.txt 04/28/2020 05:59 PM 5,916 VL-2220.txt 04/30/2020 05:53 PM 7,364 VL-2221.txt 04/28/2020 05:54 PM 5,804 VL-2222.txt 04/28/2020 05:52 PM 8,968 VL-2223.txt 04/28/2020 05:58 PM 6,266 VL-2224.txt 04/28/2020 05:48 PM 10,140 VL-2225.txt 04/28/2020 05:50 PM 9,574 VL-2228.txt 04/28/2020 05:55 PM 8,956 VL-2236.txt 04/24/2020 05:38 PM 5,493 VLairsender102-upload.txt 04/03/2020 05:57 AM 9,425 vmware_fusion_lpe.rb.txt 04/13/2020 12:22 PM 951 webtateas20-fileread.txt 04/06/2020 09:36 PM 1,642 whatsapp039308-xss.txt 04/11/2020 12:48 AM 1,712 windscribe-escalate.txt 04/05/2020 04:11 AM 1,523 wpcrs13-xss.txt 04/13/2020 02:01 PM 1,263 wpmla281-lfi.txt 04/04/2020 01:22 PM 1,451 wpohb11-xss.txt 04/13/2020 04:44 PM 4,228 wso2310-xss.txt 04/13/2020 01:32 PM 5,993 wso2api-filedelete.txt 04/11/2020 12:51 AM 1,313 xeroneitlms30-sql.txt 04/20/2020 06:17 PM 1,924 xinfire_dvd_player.rb.txt 04/20/2020 06:16 PM 1,977 xinfire_tv_player.rb.txt 04/09/2020 05:53 PM 1,064 zagodz1nep0dYouBillATM.txt.txt 04/23/2020 10:32 PM 2,555 zlb3101-traversal.rb.txt 04/11/2020 12:34 AM 1,301 zlb3101-traversal.txt 04/06/2020 09:28 PM 785 zocterminal7255-dos.txt 04/07/2020 07:38 PM 668 zocterminal7255script-dos.txt 04/21/2020 05:15 PM 2,959 ZSL-2020-5564.txt 04/24/2020 05:40 PM 15,784 ZSL-2020-5565.txt 202 File(s) 13,349,927 bytes 2 Dir(s) 29,896,470,528 bytes free Download: 202004-exploits.tgz (11.5 MB) Source
    1 point
  8. Programarea nu o inveti intr-o scoala, o inveti prin practica, bine intai trebui sa inveti syntaxa acelui limbaj dupa aceea totul depinde de practica. In UK daca te duci la o firma mai prestigioasa nu o sa te intrebe asa mult de scoala/colegiu, diploma te ajuta sa treci de HR dar la un interviu o sa dai un test prin care ei o sa isi dea seama in ce categorie te incadrezi junior/medium sau senior. Alege un limbaj mergi pe el ca freelancer un pic sau chiar pe gratis pana iti faci un portofoliu stabil si nu ma refer la 2-3 website-uri, proiecte mai avansate, mai complexe si dupa aceea te poti angaja undeva chiar pe bani frumosi. Nu iti spun din auzite ci din propria experienta. (Arunca un ochi si peste blockchain developing, au salarii foarte mari.)
    1 point
  9. Salut, exista firme la care se preda programarea. Nu le cunosc, DAR sunt destul de sigur ca vei invata foarte bine de acolo. Insa sunt 2 probleme: 1. Costa ceva, probabil nu foarte mult, nu am idee 2. Dureaza al dracu de mult. Adica vreo 6 luni sau chiar mai mult. Stiu ca sa inveti programare, dar in 6 ani invat sa proiectez rachete Cat despre facultate nu o sa te ajute atat de mult cat iti imaginezi. Insa da foarte bine la CV. Sugestia mea e sa inveti singur si sa practici singur. Partea cu practicatul e extrem de importanta. Si iti aduce un portofoliu pe care il ai pentru angajare. Cel mai important e sa alegi ceea ce iti place. Iti place PHP? Mergi cu el mai departe. Cred ca se cauta mai mult Java, dar orice e OK. Dupa ce inveti un limbaj bine poti trece destul de usor pe altul. Daca ai nevoie de alte sugestii, poti sa vii cu niste intrebari mai concrete. Sau sa ne spui ca iti place, ce ai vrea sa faci etc. Si sa intelegi ca noi ne dam cu parerea, nu inseamna ca orice zicem e adevarat.
    1 point
×
×
  • Create New...