Leaderboard

ICCID este numarul unic al unui SIM. De asemenea, exista si IMSI catcher, daca tot vorbeai de tehnologii noi folosite de tinerii din ziua de azi. Desi ma indoiesc. In afara de ping pe localhost, ceva ce parea banal acum 25 de ani, pentru ei tine de domeniul SF-ului. In trecut, manualele masinilor iti aratau cum sa reglezi singur culbutorii si cum sa segmentezi un motor. Acum, scrie sa nu bei lichidul de frana sau acidul din baterie. Evolutie ma nene.

Am inteles nivelul tau. Succes in ceea ce faci, o sa ai nevoie.

WhatsApp for Windows lets Python, PHP scripts execute with no warning By Bill Toulas A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. For the attack to be successful, Python needs to be installed, a prerequisite that may limit the targets to software developers, researchers, and power users. The problem is similar to the one affecting Telegram for Windows in April, which was initially rejected but fixed later, where attackers could bypass security warnings and perform remote code execution when sending a Python .pyzw file through the messaging client. WhatsApp blocks multiple file types considered to carry a risk to users but the company tells BleepingComputer that it does not plan to add Python scripts to the list. Further testing by BleepingComputer shows that PHP files (.php) are also not included in WhatsApp's blocklist. Python, PHP scripts not blocked Security researcher Saumyajeet Das found the vulnerability while experimenting with file types that could be attached to WhatsApp conversations to see if the application allows any of the risky ones. When sending a potentially dangerous file, such as .EXE, WhatsApp shows it and gives the recipient two options: Open or Save As. WhatsApp options for executable files source: BleepingComputer.com However, when trying to open the file, WhatsApp for Windows generates an error, leaving users only the option to save the file to disk and launch it from there. In BleepingComputer tests, this behavior was consistent with .EXE, .COM, .SCR, .BAT, and Perl file types using the WhatsApp client for Windows. Das found that WhatsApp also blocks the execution of .DLL, .HTA, and VBS. For all of them, an error occurred when trying to launch them directly from the app by clicking "Open." Executing them was possible only after saving to disk first. Launching .EXE from WhatsApp client fails source: BleepingComputer Talking to BleepingComputer, Das said that he found three file types that the WhatsApp client does not block from launching: .PYZ (Python ZIP app), .PYZW (PyInstaller program), and .EVTX (Windows event Log file). BleepingComputer's tests confirmed that WhatsApp does not block the execution of Python files and discovered that the same happens with PHP scripts. If all the resources are present, all the recipient needs to do is to click the "Open" button on the received file, and the script executes. Das reported the problem to Meta on June 3 and the company replied on July 15 saying that the issue had already been reported by another researcher and should have already been fixed. When the researcher contacted BleepingComputer, the bug was still present in the latest WhatsApp release for Windows, and we could reproduce it on Windows 11, v2.2428.10.0. "I have reported this issue to Meta through their bug bounty program, but unfortunately, they closed it as N/A. It's disappointing, as this is a straightforward flaw that could be easily mitigated," explained the researcher. BleepingComputer reached out to WhatsApp for clarification about the reason for dismissing the researcher's report, and a spokesperson explained that they didn't see it as a problem on their side, so there were no plans for a fix: "We've read what the researcher has proposed and appreciate their submission. Malware can take many different forms, including through downloadable files meant to trick a user." "It's why we warn users to never click on or open a file from somebody they don't know, regardless of how they received it — whether over WhatsApp or any other app." The company representative also explained that WhatsApp has a system in place to warn users when they're messaged by users not in their contact lists, or whom have phone numbers registered in a different country. Nevertheless, if a user's account is hijacked, the attacker can send to everyone in the contact list malicious scripts that are easier to execute straight from the messaging app. Furthermore, these types of attachments could be posted to public and private chat groups, which could be abused by threat actors to spread malicious files. Responding to WhatsApp rejecting the report, Das expressed disappointment with how the project handled the situation. "By simply adding the .pyz and .pyzw extensions to their blocklist, Meta can prevent potential exploitation through these Pythonic zip files," the researcher said. He added that by addressing the issue WhatsApp "would not only enhance the security of their users but also demonstrate their commitment to promptly resolving security concerns. BleepingComputer contacted WhatsApp to alert them that the PHP extension is also not blocked but has not received a response at this time. Sursa: https://www.bleepingcomputer.com/news/security/whatsapp-for-windows-lets-python-php-scripts-execute-with-no-warning/

Se vindea un IMSI Catcher la Car Hacking Village pe grup, acum vreo 2 luni

Legenda criminalitatii cibernetice, IMEI-u nu e ciclu la femei.

Sa ma bata mama, nici drogurile nu mai sunt ce au fost, nu mai bagati toate mizeriile.

@sefu9581 de doua luni imi e lene sa deschid alt cont, l-oi recupera si pe cel vechi candva. Deci daca am inteles eu bine, succesul se traduce prin criminalitate cibernetica si japca online, este? Vizavi de ce imbarligi tu acolo, bine ar fi sa te opresti sa nu dai idei si altora, unii chiar pot lua exmeplu si or sa incerce varii idiotenii in viitor pe baza acestui topic. Rusii si ucrainienii tai de top, s-au trezit cu temele facute gata pe github, cu AI si cu toate scurtaturile. Eu cand m-am apucat de invatat PHP nu gaseam un rahat de tutorial despre cum sa fac macar un sistem de logare, era vremea cand trebuia 'sa te descurci' si nici nu aveai pe cine intreba la un click distanta. Cand faceau ai nostri malware, aia isi asezau cabluri LAN pe blocuri fara apa calda, ia-o mai incet ca ti se rupe dresul. Am urmarit cu atentie ce ai scris, as fi avut asteptari de la tine sa-mi spui de noile sisteme anti-frauda / anti-spam sporite de corporatisti (poate unii si de aici? ), de intri pe Yahoo si te detecteaza mai tarziu pe Amazon cum ca esti cam dubios. Fa bypass la astea si dupa vorbim de altele. Mai si zici de proxy.. caca-te in el de IP, uite, sa nu pleci cu mana goala de aici, iti spun eu sigur ca a devenit de mult un detaliu infim vizavi de privacy & shit. Nu lipseste nimanui capabilitatea pe cat a disparut interesul intrucat pe baza legilor europene iti cam sare usa-n perete la 5 dimineata si nici cruce cu limba-n gura nu mai stii sa faci in momentul ala, cine stie cunoaste. Hai mai du-te dracu .

Ori vorbesc eu chineza ori unii sunt atat de prosti de citesc invers. Pozele sunt de la un setup a unui amic ucrainean. Pozele sunt din apartamentul in care el opereaza ferma de cartele prepay. Daca ai fi observat cartele prepay albastre nici nu exista in Romanica. De ce dracu as fi postat poze de la mine acasa ? Probabil apartamentul e si inchiriat. Stiu doar ca el statea in Romania desi ferma era complet operationala in Ucraina. Eu nu fumez nu stiu ce canepa cu concentratie de thc ridicata incat sa imi incarc buletinul pe forumul roman al bugetarilor obositi. Acum m-am prins de ce tu citesti pe dos. Esti un cocalar manelist infect care nu are ce sa faca decat sa dea shareuri cu manele de 2 bani de acum 20 de ani. Dupa atata timp in capitalism voi nu a-ti invatat regula nr 1 a capitalismului: "scared money don't make no money". Nu are rost sa mai imi pierd timpul pe forumul asta. Se vede clar ca majoritatea dintre voi sunteti niste bosorogi care s-au plictisit de viata din 2010 ani de cat v-ati angajat la stat si la nu stiu ce corporatii. Acum organizati nu stiu ce conferinte si va pupati in cur de cateva ori pe an ca ce mari white hackeri sunteti.