Leaderboard

Depinde foarte mult de ce vrei sa faci pe viitor. Dintr-un acces la router nu poti sa faci cine stie ce. Daca treci de autentificare, o sa ajungi sa poti sa schimbi numele wi-fi-ului, conexiunea la RDS sau ce altceva mai are un router de scoala. Per total, nu o sa te ajute cu nimic in afara de bragging. Exista site-uri gen wechall.net in care iti dau probe de infosec in environment-uri controlate. Ai probe de sqli, crypto, stegano, incerci din toate si gasesti ce ti-ar place si pe ce ai merge mai departe. Eu am inceput acum mai bine de 10 ani pe web de la un joc trivia, conQUIZtador. Jocul rula in browser si aveai pachete http in care erau intrebarile si, dupa ce se raspundea, serverul trimitea si raspunsul la toti. Pe baza la asta, un baiat de pe forum a facut o baza de date si un programel ConQUIZtador killer care raspundea automat in functie de valorile din baza de date. Nu a fost cine stie ce, dar a fost un inceput pentru mine. Acum lucrez in domeniu pe partea de web si zero trust security.

Simple C++ Encryption and Steganography tool that uses Password-Protected-Encryption to secure a file's contents, and then proceeds to embed it insde an image's pixel-data using Least-Significant-Bit encoding. For Linux based systems. Encoding: $ ./steganography encode -i data/orig.png -e data/jekyll_and_hyde.zip -o output.png Password: 1234 * Image size: 640x426 pixels * Encoding level: Low (Default) * Max embed size: 132.38 KiB * Embed size: 61.77 KiB * Encrypted embed size: 61.78 KiB * Generated CRC32 checksum * Generated encryption key with PBKDF2-HMAC-SHA-256 (20000 rounds) * Encrypted embed with AES-256-CBC * Embedded jekyll_and_hyde.zip into image * Sucessfully wrote to output.png Original image: Image with embedded ZIP containg the entire contents of the book "Dr Jekyll and Mr Hyde": Decoding: $ ./steganography decode -i output.png -o "out - jekyll_and_hyde.zip" Password: 1234 * Image size: 640x426 pixels * Generated decryption key with PBKDF2-HMAC-SHA-256 (20000 rounds) * Sucessfully decrypted header * File signatures match * Detected embed jekyll_and_hyde.zip * Encoding level: Low (Default) * Encrypted embed size: 61.78 KiB * Successfully decrypted the embed * Decrypted embed size: 61.77 KiB * CRC32 checksum matches * Successfully wrote to out - jekyll_and_hyde.zip Building: $ mkdir build $ cd build $ cmake -DCMAKE_BUILD_TYPE=Release .. $ make -j 4 Usage: Usage: steganography [-h] {decode,encode} Optional arguments: -h, --help shows help message and exits -v, --version prints version information and exits Subcommands: decode Decodes and extracts an embed-file from an image encode Encodes an embed-file into an image Encoding: Usage: encode [-h] --input VAR --output VAR --embed VAR [--passwd VAR] Encodes an embed-file into an image Optional arguments: -h, --help shows help message and exits -v, --version prints version information and exits -i, --input specify the input image. [required] -o, --output specify the output image. [required] -e, --embed specify the file to embed. [required] -p, --passwd specify the encryption password. Decoding: Usage: decode [-h] --input VAR [--output VAR] [--passwd VAR] Decodes and extracts an embed-file from an image Optional arguments: -h, --help shows help message and exits -v, --version prints version information and exits -i, --input specify the input image. [required] -o, --output specify the output file. [default: ""] -p, --passwd specify the encryption password. Theory Of Operation Encoding The program operates by first randomly generating a 128-bit Password Salt and a 128-bit AES Initialization Vector by reading binary data from /dev/urandom. It then uses that Password Salt as a parameter in generating an encryption key, by using PBKDF2-HMAC-SHA-256 on a user inputted string. A CRC32 hash of the file to embed is then calculated, and stored in the header to act as a checksum for the validity of the data. It then pads the binary data of the file to embed using the PKCS #7 algorithm, followed by actually encrypting both the header and the padded data, with AES-256 in CBC Mode, using the previously generated Initialization Vector. Now the data is actually encoded inside the image by first picking a random offset, and then going through each bit of data and storing it inside the actual image pixel data, which it accomplishes by setting the Least-Significant-Bit of each channel byte of each pixel. Decoding The decoding process works exactly the same as the encoding process previously described above, just in reverse. The only difference is that for decoding, after the program attempts to extract and decrypt the data, it compares some of the information in the header section in an attempt to validate the extraction process. The header fields which are compared are: The 4 byte file signature custom to this program, and the CRC32 hash of the decrypted data. If any of these fields do not match to their correct values, the decryption process will fail. This should only happen if the file which you were attempting to decrypt does not actually contain an embed, if the password you entered is wrong, or if the image file was somehow corrupted. Detection While the detection of data being embedded in an image is a trivial task, theoretically there is no way of knowing that it was this program that did it, and theoretically there should be no known way to decrypt the data without knowing the password, that is without spending millions of years in the process of doing so. Disclaimer Do not use this program to encrypt and hide important data which you wish to keep away from prying eyes. This is just a simple proof-of-concept program that I made for fun. I'm no cryptographer. I'm just a hobbyist, use at your own risk. Copyright This software is licensed under MIT. Copyright © 2022 Zach Collins Download: steganography-main.zip or git clone https://github.com/7thSamurai/steganography.git Source

Daca e careva dintre voi on, aveti meciul de rainbow6 https://www.twitch.tv/r6esportsbr listat pe unibet stanley admiral si 888, comparati streamul cu cotele si vedeti cat de greu sunt actualizate.

Salut, ai foarte multe resurse la dispozitie pe Internet, inclusiv aici pe forum in zonele tehnice (e.g. Tutoriale engleza) dar ai nevoie de o baza. Eu iti recomand cartea "Introduction to Penetration Testing" care acopera destul de multe lucruri. Dupa ce prinzi bazele o sa iti fie mai usor sa alegi o cale. Phishing-ul nu cred ca este ceea ce trebuie, nici nu e nevoie de un tool pentru asa ceva. Si e ceva ce poate duce usor la probleme. Spune-ne ce urmaresti de fapt si incercam sa te ajutam, am vazut ca esti tanar si riscul sa o iei pe un drum gresit si sa ai probleme e mare. Nu face prostii ca nu are sens, nu merita.

Interesant, in state unde este prezumtia de nevinovatie sa fii gasit vinovat ca ai memorie buna. Ce sa zic, traiasca prostocratia! Doamne ajuta!

Intrebarea aceasta mi-a fost adresata de multa lume, chestia este ca eu nici macar nu stiam despre spitale, am aflat-o abia dupa ce am ajuns la DIICOT (eu fiind deja retras de vreo 2 luni din gruparea respectiva din cauza lipsei de timp), ulterior am vazut si dovezile si intr-adevar baietii ramasi acolo planuiau sa blocheze sistemele informatice ale spitalelor din motive inexplicabile pentru mine, sunt multe chestii si decizii luate de ei in absenta mea pe care nu le am inteles iar aceasta ar fi unul dintre ele. Dupa ce am fost prins in Moldova, am mers la Procuratura pentru Combaterea Criminalității Organizate și Cauze Speciale din Chisinau, am stat acolo ceva timp, dupa care peste ceva luni am fost la DIICOT in Bucuresti, a fost o procedura lunga, plina de stres si emotii nasoale care au durat cam un an. Intr-un final am reusit sa scap cu niste lucru in folosul comunitatii din singurul motiv (cred eu) ca procurorii de la DIICOT au fost de treaba cu mine si pentru ca eram minor (mai aveam o luna pana la 18 ani). O experienta nasoala la acel moment insa extrem de buna pentru timpurile de acum / cele care vin, am capatat o gramada de oportunitati de lucru si am reusit sa mi schimb total mentalitatea in legatura cu `distrugerea` si facutul chestiilor ilegale, le poti face daca esti pasionat insa totul poate fi legal, fara vreun risc care ti-ar putea distruge viitorul. O lectie foarte importanta pentru mine pe care am invatat-o `the hard way` 😁.