Leaderboard

Eu am raportat un SQLi in platforma unora care se ocupau de bilete la o conferinta de IT, n-au facut nimic, anul urmator eram VIP si eu si un prieten

How I Also Hacked my Car 2024-01-30T22:14:07+00:00 • goncalomb • hacking,car,dacia,rpi This blog post is kind of inspired by another that I saw on HN some time ago, "How I Hacked my Car". After praising the infotainment system of the car, a Hyundai IONIQ, the author ends up hacking it and running custom software on the head unit. Well, my much cheaper 2023 Dacia Sandero also has a decent infotainment system with navigation and wireless Android Auto. Even before I got the car, I searched around to see if the system was hackable. I was not surprised to find that a simple USB drive with an autorun.sh script gets run as root. A classic. Various forums around the web use this method to change skins and side-load navigation maps. I was not interested in that, my goal was also to run some custom software. Well, there is more to the story, otherwise, I would just that autorun.sh "feature". The Infotainment System The system is a MediaNav Evolution from Renault (which Dacia is a subsidiary of), built by LG (FCC ID: BEJLAN5900WR). It's a Linux box. Over the years there have been various iterations of this system, the older devices used WinCE. The navigation part of the software is by a company called NNG (iGO?). Apparently, they provide navigation software for many other devices. MediaNav Evolution (unofficially called MediaNav 4) The autorun.sh Just by looking around on various forums, I knew of 3 special files that when placed on a USB drive would trigger some debug functions: autorun_bavn/autorun.sh: a script that gets run as root logfiles_bavn: a directory that gathers various system logs and files usb_logging: a directory where the system continually dumps dlt files (proprietary log system) One good thing about the log files is that they contain the Wi-Fi password for the AP. This password can be reset on the UI, but it's never visible. Knowing the password allows other devices to connect to it (e.g. PC). When using wireless Android Auto it connects automatically, I think it bootstraps using Bluetooth. I was most interested in the autorun.sh... But it was not working, I couldn't get the script to run. The Firmware At this point, I decided to start inspecting the firmware to see what was wrong, and if there was another way in. My device came with version 6.0.9.9. I wanted a recent update file, but the official website doesn't provide a direct download. It requires installing a desktop application, "Toolbox", which I ended up doing. The application can be used to buy map updates or download firmware/OS updates for free. The procedure starts with collecting some information about the system/car to a USB drive. After connecting it to a PC, the "Toolbox" software detects a new update and puts the new update file on the drive. I didn't update it, I just wanted the file, it was version 6.0.10.2: >: file upgrade.lgu upgrade.lgu: POSIX tar archive (GNU) I also had an older update file, version 6.0.9.7, that I found in some random forum. Sometimes even grep can be a great analysis tool. Just by running grep -RF autorun.sh on the contents of both the new and old firmware, I could see that the new one had no matches. Time to load Ghidra and see what's going on... Version 6.0.9.7 has the autorun.sh feature, but it is not present on version 6.0.10.2 Comparing the 2 files it was evident that they had removed the autorun.sh backdoor. Even though I didn't have the specific firmware for my installed version (6.0.9.9), it was clear that mine didn't have it and that's why I could never get it to work. This miscmanager file is also responsible for the other USB debug features, these are all still there. The core OS appears to be from GENIVI/COVESA (GitHub: GENIVI/COVESA). I'm not familiar with these systems at all. They have a fair bit of open-source stuff that will probably explore in the future. I decompiled other binaries to try to look for some other interesting stuff. Found a lot of D-Bus stuff, that will be useful for getting vehicle information when I can run my own software. But my goal was to get root access first. One way would be to craft a new update file with a backdoor, which would require reverse engineering the whole upgrade procedure, and as expected the update files do have some signature hashes that presumably need to match. Getting root access directly would be the preferred way. The Android Update App Something I noticed on the official website was that they were promoting a new way to update the maps, using an Android phone app. Could this be my way in? The description on Google Play promises to "Eliminate the Sneaker Network", an expression that I had never heard, in reference to not requiring a USB drive. Of course I didn't install it, there is no point in that. I just searched the id com.nng.pbmu.dacia on Google to find one of the many sites that offer the .apk file for download. I'm not an Android developer, I just know that deep inside there is some bytecode that traces its root back to Java, and I know Java. I don't care about Dalvik, ART, Zygote, or whatever. Just give me those Java classes. Over the years I've decompiled a few Android apps, my preferred way is just to unpack the .apk as a .zip (that's all it is), get the .dex bytecode files, run them through dex2jar to get some .jar files and open them with good old JD-GUI. Recently I've discovered jadx which provides a better experience for decompiling apps. To my surprise the app was quite complex, it appears to include some sort of native bindings, and most of the functionality is implemented in some kind of proprietary .xs scripts (similar to JavaScript). These are found on the app's resources. Android APIs are exported as modules to be used in the .xs scripts Several native libraries and .xs scripts It appears that the liblib_nng_sdk.so library is responsible for running these scripts, but I didn't explore it further. My goal was just to focus on what kind of protocol was used to update the maps on the device. And I found it in the file nftp.xs. NFTP!? Is it standard FTP? No, it's not standard FTP or any other known protocol that I could find. It's a new binary protocol for transferring files, implemented on these .xs scripts. The app then uses Android Open Accessory (AOA) as the transport layer for the protocol. AOA was totally new to me, but after some reading, it was clear that it is just a way of establishing a standard for an accessory to talk USB with an Android device. The names are confusing, the "accessory" is actually the USB host (in this case, the head unit) and the Android device is the USB peripheral. The Other Side The new update file that I had was version 6.0.10.2, which, according to the website, was the version required for the new update app to work. That naturally means that there is some specific service/code on that file to handle the update on the head unit side. After some digging, I found it. It's another set of .xs scripts, these run on a native interpreter. There is also a native binary, aoa2sock, that bridges the gap between USB (AOA) and the .xs scripts by providing a pipe for the transfer protocol. It's clear that this phone update feature is an afterthought, the binaries/scripts are not part of the standard upgrade filesystem, they are installed separately from a .ipk package file (yellowtool.ipk) when the system is updated. The internal name they use is YellowTool / YellowBox. And this is the only part of the entire system that is coded with these .xs scripts, everything else is just native binaries. Most of the system uses native binaries and Qt applications The mobile update app feature uses .xs scripts Being plain text scripts, it was relatively easy to understand what the protocol does and what kind of access it provides, even though the coding style is atrocious. Constructing The Backdoor At this point, just by reading the code, I was pretty sure that it was possible to write arbitrary files under the /navi directory, and that would give me full access if I carefully modified some files. I just needed to create a fake Android update app and connect using AOA. Well, as I said before, I'm not an Android developer, so I went with the next best thing, the Linux Kernel. As it turns out I'm also not a kernel developer... But I knew that it has something called gadget mode, where a device running Linux can act as a USB peripheral (instead of a host). Could I make a Raspberry Pi act as an Android device in AOA mode? Gadget mode can be configured from userspace using configfs (just by writing specific /sys/kernel/config/ files), this way does not require writing any kernel code, but it's limited to specific "functions" already implemented in the kernel (e.g. serial port, mass storage, ethernet adapter etc). Not unsurprisingly, that's how the guys at Google implemented AOA, they added a new "accessory" function to the kernel. They even tried to push it upstream, but it went nowhere, currently, it's not part of the Linux Kernel. I don't think it will ever be, it's probably too specific, and it's kind of a weird protocol. After reading more about AOA, it was clear that it involved a kind of handshake where the accessory asks the Android device for AOA, and after that, the device just acts like a serial port (a "raw" data pipe), and it's up to the developer to do the rest (this is a simplification, and there are other modes, read more). So maybe I could use the serial gadget function to fake an Android device already in accessory mode, without implementing the handshake. I also found the talk where they first announced AOA, back in 2011. It's a nice talk if you are into USB stuff: The Testing Setup The system is something like this: Android side: Update App / "nftp" (.xs scripts) <=> AOA <=> USB Head unit side: USB (host) <=> aoa2sock <=> "nftp" (.xs scripts) <=> [reads/writes system files] For testing, I used 2 Raspberry Pies. Because the head unit is ARM-based as is the Raspberry Pi, I was able to run the aoa2sock binary and .xs interpreter from the firmware, this simulated the head unit and acted like a USB host. The other RPi was the USB peripheral (using the On-The-Go, OTG port), which when configured correctly using the gadget mode, acted like an Android device in AOA mode. The smaller Raspberry Pi Zero 2 W can be powered from the OTG port and will act as the Android device After messing about with multiple gadget configurations, I was seeing some promising debug messages from aoa2sock, that's the binary extracted from the firmware that creates a pipe between the USB AOA and the weird "nftp" protocol (.xs scripts), on the head unit side. But it was not working... "No AOA endpoint was found": My fake head unit was not recognizing my fake Android device >: file aoa2sock aoa2sock: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux 2.6.32, BuildID[sha1]=XXXXXXXX, with debug_info, not stripped After inspecting the aoa2sock binary in Ghidra (thanks for the debug info) and reading the kernel code, I finally found the issue. The kernel serial port gadget uses a different USB subclass from the one used by AOA, and it can't be changed from userspace. Is this a bug? I think AOA is correct in using USB_SUBCLASS_VENDOR_SPEC for a generic interface OK... Let's patch the kernel I ended up having to download the kernel source and patch the f_serial.c gadget function to change the USB subclass. After compiling the kernel module and loading it using modprobe, it finally worked and the aoa2sock binary recognized the device. My fake Android device was finally connected to my fake head unit Can I call myself a kernel developer now? All that was left to do was to somehow recreate that "nftp" protocol. I didn't really want to use the proprietary .xs files implementation, so I wrote my own in Python. At this point, I had all the pieces and the Raspberry Pi now replaced the Android app: Raspberry Pi side: Python Script ("nftp" implementation) <=> USB Gadget Mode (emulates AOA) Head unit side (same as before): USB (host) <=> aoa2sock <=> "nftp" (.xs scripts) <=> [reads/writes system files] Creating the backdoor involved issuing "nftp" commands to edit a specific file under the /navi directory and inject a call to a bash script, this bash script (also uploaded using "nftp") contains the payload that runs as root. H4cking Time After much testing with my dual RPi setup, I was confident that it was going to work... Raspberry Pi Zero 2 W (OTG port) connected to the infotainment head unit Setting up for an update... Ready to "Update with Phone", that option is only available after version 6.0.10.2 Waiting for a phone Time to put the RPi in gadget mode (I was connected to it using SSH)... Sorry, it's not a phone and we are not sending any maps Sending and running the payload... Got it! Success! I had root access. That payload is just call to a specific D-Bus method that I found while analyzing the firmware, it shows a popup with custom text and title. The text is the output of the id command. Finally, after replacing the payload with something more useful, a simple socat bind shell and connecting back to it using Wi-Fi, I had full access. Give me that root shell If you didn't follow it all the way, here's a summary: I used a Raspberry Pi in USB gadget mode to simulate an Android device connected to the head unit. The head unit thinks it's accepting a navigation maps update from the "phone", but because the update protocol allows for arbitrary file changes, I can issue commands to modify a specific file and inject a call to a bash script that gets run as root. Code Please Everything is on GitHub with more detailed instructions (it contains no proprietary code). The key pieces are my implementation of the "nftp" protocol and the gadget configuration. What's Next? This is just the beginning, now it's time to really explore the system. First, I'll probably end up restoring the autorun.sh functionality, with a custom service, because I think that's the easiest way to load software. That way I can keep all the new stuff on the drive and make as few changes to the system as possible. One of the main things I would like to do is record car parameters, stuff like speed, fuel, location etc. It remains to be seen if I can easily access that information through D-Bus, or if I need to go deeper. I'm not interested in adding anything that requires my attention while driving. But that's for another time... Some Extras (Could I have used SSH?) Two ports are open by default on the head unit, an SSH server, and some Apple service, probably related to CarPlay (Server: AirTunes/320.17.6), I didn't really explore that. But I tried cracking the /etc/shadow root password from the update file using hashcat / john with some rules and password lists. I'm not an expert doing this at all, I don't even know if I was doing it right, and was not successful. Not that it matters now, I could just change the root password or add a new user. SSH on port 22 / AirTunes/320.17.6 on port 7000 Sursa: https://goncalomb.com/blog/2024/01/30/f57cf19b-how-i-also-hacked-my-car

Am si eu un site, google.com, vreau sa vad daca cineva poate sa il sparga si sa scrie pe el "Fortza RST". ❤️

Cu end to end encryption doar. Nu mai faci update si esti secure, problem solved. Deci nu poti fi targetat. Aveti telefoane. Rootati-le sau jailbreakuiti-te, scoateti libraria relevanta, decompilati codul si postati aici partea relevanta. Adica Proof or GTFO. Plecati cu teorii conspirationiste. Nu e imposibil, DAR asta e ceva ce oricine poate face (cum am scris mai sus). La urma urmei e un forum de securitate IT. Exista full chains exploits de iOS care costa cateva milioane de dolari. Asta din informatiile publice. Dar grijile si le fac tot niste neica nimeni random. Asa va zic si eu ca marile puteri va baga chipuri in Coca Cola si va urmaresc, va citesc gandurile si va controleaza remote. Sau ca atunci cand mergeti la WC, vin trupele speciale pe geam si va fac implant hardware in laptop. Edit: Uite exemplu: https://github.com/b1n4r1b01/n-days/blob/main/CVE-2025-43300.md . Detalii despre CVE: "Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals." Detalii despre "vulnerabilitatea" ta sunt pe site-urile si telegramele de copii pe care le citesti.

Welcome, we also barely speak Romanian (although native) so it is fine.

Ce batrani suntem. TinKode e barbat in toata firea, Nytro e deja la al 3-lea copil, Aelius a renuntat la cafea si Kw3 a devenit preot paroh.

Salut! Te costa 50 lei. 100 lei daca vrei si cursul de venit pasiv

Chiar ma bucur, companiile de telecomunicatii sunt prea imbarligate si varza. Vodafone next ? Astept sa vina Starlink cu telefonie mobila si fac mutarea, de-abia astept sa scap de fosilele astea care au monopol pe piata si ofera servicii de cacao. In telecomunicatii un Senior Security Engineer ia intre 12000 si 15000 de lei maxim, pe langa low-ball-ul asta nesimtit mai ai si patru manageri deasupra, mai trebuie sa lucrezi si cu toate borataniile de toate natiile. Mergeti de curiozitate la orice Orange Shop si spuneti-le ca vreti sa portati o cartela PrePaid (dati numarul unui prieten) si ca aveti nevoie de seria de la cartela. Cu seria de la cartela va duceti la Vodafone si faceti cerere de portare, oare ce se intampla dupa? //Later edit, se pare ca si-a luat un fraier de la ei stealer, au ajuns baietii in Jira si de acolo a fost poveste, la mai multe.

Hello everybody, I have browsed and read stuff on this forum for a long time, and have found it quite helpful in learning many thing. But i have always avoided joining, mostly because I do not speak Romanian. But today i decided fuck it, and decided to join I hope i am welcomed, i come to learn and be a part of this community.

O metoda noua si interesanta de clickjacking. Nu voi da copy/paste la articol pentru ca e muncit si e pacat sa ii fac duplicate content. Il gasiti in forma integrala aici https://lyra.horse/blog/2025/12/svg-clickjacking/ Alte articole de pe blogul ei: https://lyra.horse/blog/

Siteurile accesate probabil le are salvate in history, parolele probabil sunt salvate in browser si in telefon, iar dosarul care te asteapta daca esti prins ca iti spionezi sotia il gasesti la Departamentul Judiciar. Daca ti-a oferit acces la dispozitivele ei nu ar fi o mare problema, dar daca sotia nu ti-a dat acces si tu reusesti sa le accesezi pentru a extrage informatii legea nu va tine cont de relatia dintre voi in caz ca sunteti in scandaluri/divort si ea te reclama la politie. E mult mai usor sa scapi neatins de bratul legii cand iti bati nevasta decat daca ii accesezi conversatiile private, mai ales daca sunteti sau urmeaza sa fiti in proces de divort.

Salutari si bine v-am regasit Mi-am aminte recent de forum, ma bucura faptul ca este inca in picioare dupa atata timp. Ultima data aveam la profil "bautor de palinca" :)). O zi faina sa aveti!.

se face dedicatie speciala de la jica pentru cei care nu mai au servici, ca in Romania e ca in Grecia, faliment total. pentru toti jupanii si prietenii care s-au scolit pe rst.

PoC || GTFO e o revista cu un nume predestinat. https://www.google.com/?ID___/../= Am spart gogle.

Sa dam tag si la fratele nostru, @Zatarra ?

Poate ca polonic nu mai e pe forum, dar o sa fie intotdeauna in inimile noastre ❤️

@Nytro @aelius poate aveti nevoie de un imprumut

Presedinte fake, justitie fake, produse fake, magazine fake...curand si tara 404

Nop, nu e pentru astfel de persoane. Pentru tine exista Tiktok.

Aveti ncrack, hydra, medusa si o tona de alte solutii si tot cu mizeriile de "arhive" ati ramas... Romania tot in 2002 este.

:))))))) mi-am luat trigger. Nu beau mai mult de 30-35 de espresso pe zi frate. Da sunt interesat de nebunul de kw3

Bre, s-au furat alegerile. Ce te astepti pe o bucata de forum din suburbiile internetilor? ? Toata Europa e un comunism. Am ingropat URSS, am facut Uniunea Sovietica Europeana

Nu a fost inchis, numai ca acum e hostat direct prin serverele de la fbi. Ai grija baietel ca daca nu intri pe site-ul asta din tor si cu conexiune prin 3 frigidere o sa trezesti cu un view de duba alba la fereastra.

Raman uimit de faptul ca oamenii au uitat ca cea mai sigura metoda de comunicare ramane telepatia si apeleaza la tot felul de aplicatii online pentru a purta discutii sensibile. De ce nu ne intoarcem la vechile practici ale stramosilor nostri daci? Nu are relevanta daca esti mafiot, vizigot, ostrogot, conteaza sa proiectezi informatiile dobandite din apa catre subconstientul interlocutorului.

Probabil peste 10 ani nici notificare la 6 dimineata nu iti mai dau. Te trezesti direct in Desert pe undeva ca in Mad Max si o drona e trimisa spre tine sa te extermine ca cica esti Cyber Terorist.

Prima regula care nu se aplica doar in security, ci si in multe alte lucruri, inclusiv fotbal sau mai stiu eu ce e urmatorul: sa iti placa ceea ce faci. Daca o faci pentru bani, slabe sanse sa ai succes. Daca iti place o sa pui si osul la treaba care e urmatorul pas. Sa inveti. Mai intai cate putin din fiecare, apoi extinzi ceea ce stii in functie de necesitati.

Banii se fac muncind, legal. Sau inseland, furand sau efectuand alte activitati - ilegal. Grupurile la care te referi probabil sunt niste mizerii piramidale din care nu o sa faci bani, o sa pierzi inutil mult timp.

Alright, so you want to understand our crew, eh? You've got to dig into the archives. Here's the essential lore: Polonique: Look up who she is and the whole story behind her arrival. Pax & the Yahoo XSS Saga: Find out who this person was, what they pulled off, and where they ended up. The RST vs. Mortal Team 'War': You'll want to see who won and get the scoop on the forum admin's... let's just say 'strong personality' and how they handled things."

Stiu eu o aplicatie utila se numeste apel telefonic ... adica inainte sa vii acasa pui mana si o suni ca sa o anunti sa aiba timp si femeia sa se imbrace sa plece si prostul ca sa nu fie necesar sa te trimita sa duci gunoiul cand esti in pragul usii

Cu nuci nu te pot ajtua, dar daca ai de spart niste buci, ma bag!

Google, Harvard, and more are offering FREE AI courses (no payment required) Here are 8 FREE courses to master AI in 2024: 1. Google AI Courses Google offers 5 different courses to learn generative AI from the ground up. Start with an Introduction to AI and finish having a solid understanding of AI as a whole. ? https://lnkd.in/eW5k4DVz 2. Microsoft AI Course Microsoft offers an AI course that covers the basics and then more. Start off with an introduction and continue through learning about neural networks and deep learning. ? https://lnkd.in/eKJ9qmEQ 3. Introduction to AI with Python Harvard University is offering a full 7-week course to explore the concepts and algorithms of AI. Start with the technologies behind AI and end with knowledge of AI principles and machine learning libraries. ? https://lnkd.in/g4Sbb3nQ 4. Prompt Engineering for ChatGPT This 6 module course by Vanderbilt University offers beginners a starting point to writing better prompts. Start by learning effective prompting and complete the course knowing how to bend ChatGPT to your will. ? https://lnkd.in/d-rCb-AM 5. ChatGPT Prompt Engineering for Devs OpenAI in collab with DeepLearning is offering this course taught by Isa Fulford and Andrew Ng. Start off with best practices and finish with a better understanding of prompting with hands-on practice. ? https://lnkd.in/gtGc5Znp 6. LLMOps Google Cloud in collab with DeepLearning is offering this brand new course taught by Erwin Huizenga. Go through the LLMOps pipeline of pre-processing training data and adapt a supervised tuning pipeline to train and deploy a custom LLM. ? https://lnkd.in/gMXDr7MJ 7. Big Data, Artificial Intelligence, and Ethics In this 4 module course, the University of California - Davis covers big data and introduces IBM's Watson. Start by learning about big data opportunities and end knowing the limitations of AI. ? https://lnkd.in/gVEf3Dvm 8. AI Applications and Prompt Engineering edX has an introductory course on prompt engineering that goes beyond the basics. Start by learning the basics and end knowing how to create your own applications. ? https://lnkd.in/g2P9U_Bs Take Coursera courses without the trial: First, go to the course you want to take and click 'Enroll for free', then 'Audit the course'. Note: You'll need to create an account to take courses, but won't need to pay anything. Share + Comment more courses so others can benefit! ❤️ Follow us There's An AI For That for more helpful posts like this. ? Via: https://www.linkedin.com/feed/update/urn:li:activity:7170235664427397121/

It dai seama ca din 2019 pana acum, laptopul ala a ajuns capac de wc ?

Aici sunt. A fost busit forumul si nu se mai putea posta, plus ca am fost prins cu munca mea de corporatist sarac care nu am macar un Urus amarat in garajul plin de teancuri de cryptomonede Muie Pax. Se stie. P.S. Voi va dati seama ca @paxxx a schimbat prefixul de la 2 la 3? Atat de batrani suntem, in plm.

Va salut si ma bucur sa vad ca inca mai exista aceasta comunitate si ca Nytro e tot aici. Am activat si eu in perioada 2010-2015 dar nu mai stiu mailul si parola. Cunosc doar userul.. M-am uitat la post-urile mele din copilarie si m-am amuzat . Observ ca s-au schimbat si rank-urile. Inainte era pe bautura ?

Epuizarea psihica, cea fizica a exista dintotdeauna si e utila uneori, miscare, adormit repede etc. Nesiguranta zilei de maine a fost de asemenea mereu. Eu cred ca aici e de fapt problema. Ca stam prea mult pe net. Orice am face, stam prea mult cu un ecran in fata. Noi, suntem partial nevoiti, ca asta ne e meseria, dar putem evita sa facem asta in timpul liber. Dar noi ce mai batrani avem experienta trecutului si putem invata din ea: - nu pot merge in curte sa tai o gaina, dar pot sa evit KFC si sa cumpar un pui intreg, cat se poate de "crescut natural" - nu ma pot duce in gradina sa iau rosii, dar pot sa aleg ceva cat mai decent - nu trebuie sa ma duc sa dau cu coasa toata ziua, dar macar o ora la sala pot sa merg - pot sa stau pe Facebook 2 ore sau ma pot vedea cu niste prieteni, sau doar vorbi la telefon Eu am fost la tot felul de doctori dar mi-am aflat "problemele" si am grija cu ele. De exemplu, avand probleme la lombar si la genunchi nu le fortez deloc la sala. Evit pastilele cu orice pret, iau doar daca sunt necesare. Mancarea variata: pui, vita, peste, fructe de mare, legume combinate, fructe etc. si fara exces ma ajuta sa nu am lipsuri (sunt pe verde la analizele de sange ) Cat strict despre partea psihica, anxietate si workout problema e simpla: e ca si cum ai da la lopata 8 ore pe zi, ai ajunge acasa si ai mai da la lopata cateva ore. Asa cum asta ar pune o mare presiune pe oase si te-ar darama fizic, asa e si cu creierul. Dupa 8 ore de folosit intensiv creierul, il mai folosesti si acasa, mai esti stresat si din cine stie ce cauze si se aduna. Repede. Solutia e simpla: limiteaza timpul in care iti folosesti creierul. In PRIMUL rand la munca. E un cacat de job in IT, pentru o corporatie din care altii fac miliarde. Tu nu faci. Nu merita sa te imbolnavesti pentru asta. In plus sunt o gramada de job-uri disponibile, ne descurcam, nu e ca si cum viata noastra depinde de acel job. Daca esti focusat 8 ore pe zi la munca o iei razna.

Aici e doar un forum de pasionati it (sper). Trebuie sa contactezi suportul de la paysafecard, nu un forum de discutii.

Hackerman

OMG, FPD SSTI SQLI RCE, kewl

Pentru practica, recomand platforme destinate acestui scop + sa urmaresti oameni care au video-uri in care explica ce si cum se intampla. Cateva exemple clasice ar fi: - Hack the Box (https://www.hackthebox.com/) - TryHackMe (https://tryhackme.com/) - picoCTF (https://picoctf.org/) - OverTheWire https://overthewire.org/wargames/ Ca si canale, pe vremuri il urmaream pe tipu' asta: https://www.youtube.com/@_JohnHammond insa sunt sigur ca poti gasi multi altii pe placul / stilul tau. Spor la invatat

Sters de autor. M-am razgandit si nu il mai las public 7 zile. Sorry guys

Înțeleg frustrarea ta, dar fiecare alege drumul pe care îl consideră cel mai potrivit pentru el. Ethical hacking și cybersecurity sunt domenii care nu doar că aduc venituri, dar contribuie și la un internet mai sigur. Criminalitatea cibernetică poate părea tentantă pentru un câștig rapid, dar riscurile și consecințele pe termen lung sunt enorme. Poți să faci bani și să-ți construiești o carieră solidă fără să îți compromiți integritatea.

ai votat cu lasconi, pacatosule care esti. Interlocutorul pacatos nu a ajuns sa cunoasca slava si imparatia apei ?

Uhm, ar fi misto daca am avea mai multe dezbateri de genu' asta. Chiar m-a tinut prins vreo 7 minute Adevaru' e probabil undeva la mijloc, iar problema principala cu aplicatiile astea moderne (d.p.m.d.v) este lipsa de educatie si increderea in servere. @koteri3692 - are dreptate din perspectiva existentei unei vulnerabilitati potentiale în aplicatiile E2EE care nu educa utilizatorii sa verifice manual cheile publice. Totusi, aceasta vulnerabilitate nu este o problema a criptografiei in sine, ci a implementarii și utilizarii acesteia. Intr-adevar, dacă Fane Pedala nu verifica manual cheile publice, un server compromis poate introduce o cheie falsa ==> atac MiTM. MiTM este posibil daca serverele sunt rau intentionate sau obligate sa colaboreze cu agentiile guvernamentale. @Nytro - este corect in teorie (exista mecanisme ex. certificare, verificare manuala care pot preveni atacurile MiTM). Insa aceste mecanisme nu sunt întotdeauna implementate sau utilizate corect în practica. Ceva exemple concrete: Signal permite verificarea manuala prin scanarea codurilor QR intre utilizatori. Verificarea asta face ca atacurile MiTM sa fie aproape imposibile, dar majoritatea utilizatorilor ignora acest pas. WhatsApp oferă opțiuni limitate de verificare a cheilor. Aplicatiile E2EE precum Signal nu utilizeaza CA-uri pentru a verifica cheile publice. In schimb, Signal se bazeaza pe trust local și pe verificari manuale. Așadar argumentul lui Nytro nu se aplica direct aplicatiilor de mesagerie. Legat de faptul ca NSA poate face MiTM pe TLS: este posibil în anumite conditii ex. compromiterea DigiNotar sau alte incidente legate de BGP hijacking bla bla. In ziua de azi, browser-ele moderne includ masuri ca HSTS (HTTP Strict Transport Security) și Certificate Transparency Logs pentru a preveni asta In aplicatiile de mesagerie astea nu exista, iar încrederea se bazeaza mai mult pe server. So my humble opinion: ce zice koteri3692 este un scenariu tehnic real, dar oarecum teoretic. Nytro subliniaza soluții valide, dar neaplicabile complet în lumea reala fara eductia corespunzatoare a userilor. pwp jos hacerii mei preferatzi PS: io nu-s hacer si imi place shaorma cu de toate

Acum eu cred tu confuzi ceva. Exista doua tipuri de Man in the Middle si tu te gandesti ca doar unul exista. Atacul 1. Man in the Middle prin care NSA, ISPs schimba certificatul SSL prin care compromite domeniul whatsapp.com si te redirectioneaza catre un serverul administrat de NSA. Eu nu vorbeam de acest scenariu. Plus ca e in scenariu mai complicat ca totusi si serverul whatsapp ar trebui sa aibe baza de date si sa fie actualizat cu noul cod sursa al serverul web ca sa nu existe probleme de compatibilitate. Atacul 2. Man in the Middle prin care serverul whatsapp targheteaza anumiti utilizatori (gen Alice sau pe Bob) prin care inlocueste cheile publice a celor cu care comunica respectivii. Cred ca tu nu iei in calcul ca exista doua tipuri de atacuri bazate pe Man in the middle. Eu cand am inceput sa vorbesc de MiTM pe whatsapp, vorbeam de atacul nr 2. Ulterior am vorbit cum NSA poate sa compromita si certificatele SSL. Dar NSA nu s-ar chinui asa de rau ca META si Zuckerberg suge pula NSA-ului in fiecare zi.

Doar daca erai angajat la NSA si aveai access la platforma XKeyScore. Din cate am inteles XkeyScore e accessibil si in Europa dar nu access la toata baza de date. Dar din cate as crede nu cred ca ai access la platforma XKeyScore. Mai incearca sa iti reamintesti parola.

Nu citesc niciodata despre cum sa faci bani. Am alte pasiuni, cat despre bani, sunt suficienti da-i in ma-sa. Nu sunt vreun barosan, dar nici lipit. Ajunge ce este Oricum, subiectul e altul, nu are sens asocierea. Ce faci tu, e treaba ta ... nu sunt eu in masura sa dau sfaturi la cineva sau sa judec. E alegerea fiecaruia O zi faina la toti!

Fratele meu daca ai cum transmite-i celui care a venit cu ideea sa contopeasca UiPath StudioX cu UiPath Studio ca imi bag pula in rasa lui si ca sper sa ii moara toata familia de la strabunici si pana la plozii pe care ii va avea vreodata. Celor care au facut implementarea si au omis sa migreze toate features din StudioX le doresc un cancer care sa ii chinuie 20 de ani. Si pentru cei care se ocupa de documentatia aia outdated mi-as da 10 ani din viata ca sa le tai degetele in slow motion. Love you.

Hackeri sau nu, unii au făcut bani căruța. Trebuie aplaudați pe cei care si-au riscat pielea si au făcut bani. Trebuie sa învățam si de la cei care au căzut la ani grei.