Jump to content

Leaderboard


Popular Content

Showing content with the highest reputation since 12/11/16 in all areas

  1. 24 points
    Link: https://sub.watch Am facut un site in care va puteti face o lista cu serialele favorite si care va poate anunta cand apar seriale noi, in functie de timezone-ul vostru. Asta inseamna ca daca un serial apare in mod normal in US azi la ora 21, veti fi anuntati maine, pentru ca ora 21 azi la ei inseamna 3-4 maine dimineata la noi. Cam asa arata: Sigur ca asta nu e tot, fiecare serial afiseaza ultimele cele mai recente 5 episoade, iar fiecare episod din lista poate fi descarcat de pe unul din site-urile de torrente listate, sau poate fi cautat pe un site definit de voi. Am sa explic mai tarziu cum sa adaugati un alt site in lista. La click pe un titlu, veti ajunge pe pagina individuala a unui serial, de pe care puteti descarca fiecare episod din serie. Daca puneti cursorul pe un episod aparut astazi sau din trecut, veti observa o lista de trackere si site-uri pe care puteti sa cautati torrentele episodului. Exista doua tipuri de site-uri definite in lista respectiva. 1. Site-uri pe care aplicatia va cauta singura torrentele si vi le afisa cand faceti click pe el: In lista va aparea calitatea torrent-ului, numele sau (fara titlul show-ului, ca sa nu ocupa loc si pentru ca e irelevant), optiunea de a descarca torrentul prin magnet sau direct fisierul .torrent (unele site-uri suporta ambele versiuni, altele doar una din ele), marimea si numarul de seederi si leecheri. Lista este sortata dupa raportul dintre Seeders si Leechers, descrescator, asta pentur ca nu conteaza doar cat de multi seeds sunt, ci si cat de multi leeches sunt. La click pe titlul de coloana "Size", lista va fi sortata descrescator dupa marime. Puteti reveni la Seeders / Leechers dand click pe coloana respectiva. Pentru a incepe descarcarea unui torrent, pur si simplu faceti click pe o optiune din coloana Actions. FileList, Zooqle, ExtraTorrent, 1337x si TPB sunt site-urile din categoria asta. 2. Site-uri pe care puteti cauta manual torrentele pentru un episod anume. /r/MEGA, Google si YourSerie fac parte din categoria 2, la fel si toate site-urile pe care le puteti defini chiar voi. -------------------------------- Pentru a adauga un serial, apasati Search, scrieti numele si apasati Subscribe pe un serial din lista de cautare. La click pe un poster, veti ajunge pe pagina individuala a unui serial, de pe care puteti descarca fiecare episod din serie. -------------------------------- Pe langa lista si cautare, mai sunt si alte optiuni, precum: Pagina Calendar, pe care apare un calendar cu luna curenta si toate serialele ce vor avea episoade noi. Pentru datile din trecut sau cele de azi, puteti sa dati click pe orice episod si sa descarcati torrentele direct de acolo. --------------------- Pagina Discover, pe care apar listate serialele care au episoade aparute astazi, iar din partea de sus puteti selecta categoria de seriale sau sa schimbati ziua curenta. Sunt sortate descrescator dupa o medie dintre nota pe IMDb si alte 2 site-uri de informatii. ------------ Pagina Extensions, pe care sunt afisate extensiile pentru Chrome, Firefox si Opera, prin care va anunta cand apar seriale noi. -------------- Si in final, pagina Account, unde puteti defini si alte site-uri pe care sa cautati torrent si sa le activati / dezactivati pe cele deja definite. Pentru a defini un nou site, apasati pe butonul Add New, dupa care completati campurile cu un nume si un URL de cautare. Numele este ce va aparea in lista de torrente, iar URL-ul trebuie sa contina unul din codurile explicate in imaginea anterioara, pentru a putea genera link-ul de cautare. Pentru noul link, aveti la fel posibilitatea de a-l activa / dezactiva dupa bunul plac. Link-urile create de voi sunt vizibile doar pentru voi, ceilalti useri nu le pot vedea. Site-ul este: https://sub.watch Iar link-urile catre extensii le puteti gasi aici: https://subwatch.dev/extensions Extensiile sunt sincronizate pe baza contului vostru, astfel ca nu conteaza pe cate PC-uri aveti instalata extensia, cand apar notificari, vor fi aceleasi pe toate. In momentul in care postez, extensia pentru Opera inca e in stadiul "pending" in store-ul oficial, dar butonul va deveni activ imediat ce aceasta este aprobata. Motivul pentru care site-ul necesita un cont este pentru ca astfel tine minte cine sunteti si cui sa ataseze serialele cautate.
  2. 23 points
    AGSQ: Mai dute ma in pula mea de tigan mustacios cu tot cu SRL-ul pulei mele de 200 de lei capital social si sediu social in pizda pe campuri unde nu aveti nici canalizare. Tu compari o corporatie cu cacatul tau de SRL si 400 euro incasari lunare? Cum adica server reutilizat? Tu dupa ce foloseste clientul o luna serverul, il arunci ? Pai ce flocii lu ma-ta grasa, serverul e prezervativ ? Besi in pula mea de ratat cu aberatiile si comparatiile tale de doi lei.
  3. 21 points
    Un ratat cu numele Alexandru Cosmin Stan din Giurgiu care a activat pe acest forum sub diverse porecle sinistre a facut ceva "afaceri" cu niste baieti de aici. Afaceri in urma carora majoritatea s-au ales cu tepe, dovezi de plati fictive si promisiuni. Oamenii au muncit pentru el si s-au ales cu ea in mana. Anul trecut a spus ca are cateva site-uri web si vrea sa incerce sa lucreze la ele si sa faca ceva bani. I-am dat un account de hosting gratuit, si-a pus acolo 5-6 site-uri web (adult) si am inteles ca la ele lucra un user de aici (manutadeaur). Dupa doua luni, a vrut sa cumpere un server dedicat si sa se apuce sa faca hosting. Un alt user de aici i-a instalat wordpress, whmcs, i-a facut traducerile din template-uri si a lucrat cateva zile bune (whois), dupa care s-a ales cu teapa. Pe skype, ratatul de Alexandru Cosmin Stan din Giurgiu mi-a aratat o dovada de plata pentru munca prestata de whois. Desigur, dovada de plata era falsa pentru ca la om nu a ajuns niciun ban. I-am activat serverul dedicat si apoi dupa o luna i-am trimis notificare de plata. Pe skype imi tot zicea ca plateste in cateva ore si trecea ziua. Dupa aproximativ 3 saptamani de minciuni, i-am oprit serverul dedicat. La scurt timp, Alexandru Cosmin Stan Tepar infect din Giurgiu, mi-a trimis notificare ca el vorbeste cu un avocat, ca nu i se pare corect sa-i fie oprit serverul, ca-s documentele lui acolo. I-am spus ca serviciul a fost oprit pentru neplata. Acum ma apeleaza pe mesaje private pe aici, ca vrea sa-mi plateasca (dupa 4 luni). I-am spus ca nu am nevoie de niciun ban. Imi scrie ca asa imi tratez eu clientii, ca datele lui de pe servere au ajuns publice. Poze cu familia sau cu sotia lui. Adica ratatul crede ca o companie ar sta sa faca publice datele unui ratat necunoscut. Ba mai mult, imi spune ca face plangeri penale pentru tot felul de cacaturi si ca justitia isi va face treaba. Sfat: Nu mai faceti afaceri cu toti labagii tigani, ciorditori si in special nu faceti afaceri cu ROMANI. // update: Mai multe date MajesticRol @ RST aka Ovschools @ RST aka Nicotin @ RST YM: stancosmin.alexandru@yahoo.com ; supbakoo@yahoo.com Domain Name: OVSCHOOLS.COM Registry Domain ID: 1812649095_DOMAIN_COM-VRSN Domain Status: ok Registry Registrant ID: Registrant Name: Stan Cosmin Alexandru Registrant Organization: Stan Cosmin Alexandru Registrant Street: 1 Decembrie 1918 Bl C8 Sc C Ap 6 Et 1 Registrant City: Giurgiu Registrant State/Province: Giurgiu Registrant Country: RO Registrant Phone: +4.0765690113 Registrant Email: cosmin@networkx-ro.ro S.C. Market Geana SRL Sediul in Giurgiu, Str 1 Decembrie 1918 CUI 30515521, Nr. Reg Comertului J52/487/03.08.2012 iBAN RO55RZBR0000060014899088 Raiffeisen Sucursala Giurgiu
  4. 17 points
    M-a tot văzut ca bântui pe aici pe forum si na, totuși e prea tare. Cel mai tare cadou de ziua mea https://imgur.com/a/Xv1DU
  5. 17 points
    Nu rezolvi nimic prin asta. Va sfatuiesc sa nu recurgeti la chestii de genul. Singurul lucru care o sa rezolve ceva acolo este sangele. Sa curga mult pe strazi. Sunt granitele libere, orientati-va si plecati in alta parte unde munca este apreciata, unde exista protectie sociala, unde copii vostri nu vor creste intre tigani, manelari, ticalosi si alte subspecii. Feriti-va de romani, oriunde ati umbla in lume.
  6. 16 points
    Având puțin timp liber seara, am decis să mă destind cu acest challenge. La rugămintea lui @Usr6 în continuare postez rezolvarea problemei. 1. Descărcăm imaginea, verificând ca aceasta să fie integră $ curl -s https://rstforums.com/forum/uploads/monthly_2017_09/OldGarage.jpg.cdab3e6485face558cb330baf13519cf.jpg --output OldGarage.jpg && md5sum OldGarage.jpg 2. Folosind un hex editor, căutăm biții de sfârșit ai jpg-ului, aceștia fiind FF D9. Dacă după acești biți începe analiza noastră. Dacă după acești biți mai există ceva care ne-ar putea da de bănuit, iar în acest caz putem observa un nume de fișier, anume "The_eye_of.jpg". De începem să bănuim că aici vom găsi următoarea sub-problemă. Verificăm dacă la sfârșitul acelui bloc de biți găsim grupul de litere PK (inițialele lui Phil Katz, creatorul formatului zip) 3.1.0 Folosind dd sau un extractor, extragem arhiva din imagine. Îi vom da valoarea parametrului skip valoarea în format decimal a blocului unde se termină jpg-ul (unde am găsit blocul FF D9), în cazul nostru: dd if=OldGarage.jpg bs=1 skip=47168 of=imaginea_din_arhiva.zip 3.1.1 Dezarhivăm imaginea_din_arhiva.zip PS: Am prezentat acest pas pentru a se putea observa cum funcționează lucrurile. 3.2 Probabil aveți un extractor care e destul de deștept și puteți extrage direct: 4. Analizăm imaginea obținută analog cu pasul 3, unde observăm același procedeu, dar, la extragerea arhivei suntem întâmpinați de cererea unei parole. Pentru un rezultat mai obiectiv, căutăm imaginea pe Google împreună cu numele acesteia fără "_". Găsim astfel parola Horus 5. Analog pasului anterior, la dezarhivare trebuie să introducem o parolă pentru a ajunge la următorul sub-challenge: Căutând pe Google după "the code of holy bible" ajungem pe pagina de Wikipedia a acestuia, iar la al doilea paragraf găsim asta: Decidem să spargem textul în bucăți de câte 50 de caractere. Pentru asta, eu am folosit site-ul http://www.dcode.fr/text-splitter care are o mulțime de tool-uri de criptanaliză. Obținem asta: Deci, avem parola: GoodDataIsCryptedData 6. În urma tuturor indiciilor am ajuns să avem fișierul cu numele "Divide ET Impera.56" La prima vedere pare o înșiruire de hash-uri MD5, cel puțin pentru mine. Dar, ca să folosim indiciul, vom împărți textul în 56 de blocuri. Pe fiecare linie avem câte 32 de caractere, ceea ce corespunde unui hash MD5. Deci, să trecem la treabă. Căutăm un site unde putem introduce mai multe hash-uri odată. Eu am găsit https://hashkiller.co.uk/md5-decrypter.aspx Rezultatul este: 92eb5ffee6ae2fec3ad71c777531578f MD5 : b 4b43b0aee35624cd95b910189b3dc231 MD5 : r 0cc175b9c0f1b6a831c399e269772661 MD5 : a 9e3669d19b675bd57058fd4664205d2a MD5 : v d95679752134a2d9eb61dbd7b91c4bcc MD5 : o 5058f1af8388633f609cadb75a75dc9d MD5 : . 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] e358efa489f58062f10dd7316b65649e MD5 : t e1671797c52e15f763380b45e841ec32 MD5 : e 336d5ebc5436534e61d16e63ddfca327 MD5 : - 0cc175b9c0f1b6a831c399e269772661 MD5 : a 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] 83878c91171338902e0fe0fb97a8c47a MD5 : p 4b43b0aee35624cd95b910189b3dc231 MD5 : r 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 7b8b965ad4bca0e41ab51de7b31363a1 MD5 : n 03c7c0ace395d80182db07ae2c30f034 MD5 : s 5058f1af8388633f609cadb75a75dc9d MD5 : . 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] 800618943025315f869e4e1f09471012 MD5 : F e1671797c52e15f763380b45e841ec32 MD5 : e 2db95e8e1a9267b7a1188556b2013b33 MD5 : l 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 4a8a08f09d37b73795649038408b5f33 MD5 : c 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i e358efa489f58062f10dd7316b65649e MD5 : t 0cc175b9c0f1b6a831c399e269772661 MD5 : a 4b43b0aee35624cd95b910189b3dc231 MD5 : r 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 9033e0e305f247c0c3c80d0c7848c8b3 MD5 : ! 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] 44c29edb103a2872f519ad0c9a0fdaaa MD5 : P 5058f1af8388633f609cadb75a75dc9d MD5 : . 5dbc98dcc983a70728bd082d1a47546e MD5 : S 5058f1af8388633f609cadb75a75dc9d MD5 : . 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] d20caec3b48a1eef164cb4ca81ba2587 MD5 : L 0cc175b9c0f1b6a831c399e269772661 MD5 : a 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] 69691c7bdcc3ce6d5d8a1361f22d04ac MD5 : M 7b774effe4a349c6dd82ad4f4f21d34c MD5 : u 2db95e8e1a9267b7a1188556b2013b33 MD5 : l e358efa489f58062f10dd7316b65649e MD5 : t 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] 7fc56270e7a70fa81a5935b72eacbe29 MD5 : A 7b8b965ad4bca0e41ab51de7b31363a1 MD5 : n 865c0c0b4ab0e063e5caa3387c1a8741 MD5 : i 7215ee9c7d9dc229d2921a40e899ec5f MD5 : [space] b2f5ff47436671b6e533d8dc3614845d MD5 : g 0cc175b9c0f1b6a831c399e269772661 MD5 : a 4b43b0aee35624cd95b910189b3dc231 MD5 : r 0cc175b9c0f1b6a831c399e269772661 MD5 : a 363b122c528f54df4a0446b6bab05515 MD5 : j e1671797c52e15f763380b45e841ec32 MD5 : e Cam acesta a fost challenge-ul. Mulțumiri @Usr6și la mulți ani cu întârziere @MrGrj, că am uitat :"> Resurse utile: https://ctfs.github.io/resources/topics/steganography/file-in-image/README.html https://gchq.github.io/CyberChef/ http://www.dcode.fr/ http://security.cs.pub.ro/hexcellents/wiki/kb/crypto/home http://ridiculousfish.com/hexfiend/
  7. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  8. 15 points
    Nu trebuie sa fii niciun rezident intr-un paradis fiscal. Folosesti doar servicii din afara tarii pentru plati (cont bancar, firma si toate cele), astfel incat in tara pulei sa nu figurati cu niciun venit. Nu declarati absolut niciun venit la statul roman ticalosit. Nu vi se ofera nimic pe banii aia. - Nu deschideti firme in romania. Veti deveni prostituate iar statul pestele vostru. 80% din bani merg la stat. - Nu va faceti conturi bancare si carduri in Romania. In orice moment va puteti trezi cu conturile blocate sau verificati de ticalosi. - Daca va intreaba vreo curva de functionara cu ce traiti, spuneti ca futeti babe contra mancare si bautura si ca puteti oferi discount in cazul in care e interesata. Da-i in pula mea, nu e treaba lor.
  9. 14 points
    Mi-am facut si eu blog. Nu o sa scriu prea des, doar asa, din cand in cand... https://nytrosecurity.com/
  10. 14 points
    Salut, Nu mai sunt atat de activ ca inainte pe forum dar incerc sa intru la 2-3 zile - insa primesc in continuare mesaje pe tema dropshippingului - ce tin sa va zic ca ca aceast domeniu nu este pentru oricine - ai nevoie de ceva capital ca sa mearga treburile rapid, de o platforma, plugins etc - depinde ce folosesti - dar mai ales de cadru legal. Odata ce faci mai multi banuti incep sa apara probleme, paypal iti limiteaza contul, stripe cere dovezi si tot asa, plus taxe de platit etc. Observ ca multi nu se descurca, altii renunta cand aud de cadru legal si asa mai departe insa toata lumea vrea sa faca bani si nu inteleg de ce lumea nu merge pe "old fashion way" blog sau aflieri cu amazon sau ceva de genu pentru ca merge, eu vad asta in fiecare zi, mai exact, o simt la buzunar.. La un moment dat am renuntat la aflieri si adsense si amazon si media.net dar am reluat de cateva luni si merge chiar foarte bine a-si putea spune. Nustiu daca frecventati Flippa insa eu o fac zilnic si gasesc acolo diferite chilipiruri in materie de NISE, am si vandut cateva site-uri, am mai cumparat unele insa pentru mine acest website e ca un fel de cutia pandorei. Acum ceva timp s-a vandut un site cu 4000 de dolari daca nu ma insel, era o pagina statica, alba complet cu un articol de 700 de cuvinte... a fost mind fuck, am verificat site-ul, avea 26 de backlinkuri, pareau naturale...cele mai multe de la directoare web. Competitie 4-5 siteuri...poate.. Next Step pentru mine, am cumparat un domeniu si hosting (19$ pe an pentru amundoua de la NameCheap) am incarcat o tema, am contactat o firma care imi scrie articole (7.50$ / 500 cuvinte) si am comandat 5 articole, unul de 2000, si restul de 500. Am luat un pachet seo de pe BHW unde am platit 130$. Investitia finala a fost undeva la 200 de dolari, plus minus. Asta am facut in prima saptamana, apoi NIMIC, l-am lasat sa doarma acolo. Cati bani face? Nu mult, in a 3-a luna e ok. Si asta e doar amazon, cu ce am mai facut din media.net ajung la 200 si asta e doar un site. Trafic doar din google - organic, fara social media fara nimic, nisa e cam "strange" si nustiu ce accounturi a-si putea face. Acum inmultiti cu 4 site-ui ca atatea am pe partea asta deocamdata... ------------------------------------------------- Short Story - Cu ce ajuta 1000223 topicuri cu 12232 de intrebari daca x lucru e mort, daca se mai poate daca etc.. totul merge, doar sa te tii. Mergi pe kwfinder cautati un cuvant / nisa usor de rankat si da drumu la treaba. Un prieten ma facea idiot aseara cand eu ii spuneam ca a face bani pe net e joaca de copii - poate e doar parerea mea - aici nu vorbesc de sute mii de doalri...ci de bani in general...e simplu, doar apuca-te de treaba si tine-te de ea. Daca renunti si la fumat 1 saptamana sau la scuipat seminte s-ar putea sa ai bani de domeniu si hosting sau orice altceva. Numai Bine.
  11. 14 points
    Salut ! Am postat acum ceva timp ca lucrez la un proiect si aveam nevoie de testeri pentru aplicatie. Cred ca am ajuns la o versiune momentan stabila. (mereu se poate mai bine...) Ce face aplicatia? - Deschide link-uri in Google Chrome ( Simplu nu ? practic e mai greu ) Cum ? - Cu referrer customizabil (de la facebook,google,youtube la ce vrei tu) - Cu User-Agent random (Firefox,Chrome,Opera,Safari si dispozitive mobile) - Dimensiunea ferestrei (random) - Mouse Scroll pe pagina - Click pe un element ales din pagina - Timp la alegere intre (10 si 600 secunde) - Cautare pe Google / Youtube si Click ( Promovare Keywords & SEO ) - Click pe Youtube Play si Skip Ad (automat) Ip-uri unice din Romania ? - Da , fiecare utilizator din Romania va vizualiza un link doar 1 data la 24 de ore . Cat costa ? - E gratis (este o comunitate , ne ajutam unii pe altii) Necesita : -Java -Google Chrome (versiune recente) Am facut un tutorial (sper sa fie de ajutor) : Pentru membrii RST ofer suport si bonusuri. Daca sunteti interesati va rog sa ma contactati. Rog un administrator sa verifice si sa confirme daca este ok. Link : https://video-seo.ro/
  12. 13 points
    Cand am citit titlul credeam ca vii sa ceri sfaturi de gonoree, sifilis, chlamydia, etc.
  13. 13 points
    @M4T3! Nu am vandut niciodata linkuri pe blog, nici nu vand si am grija de trimiterile pe care le fac. Am doar doua site-uri in blogroll: un blogger si RST. Oferta mea: un an de zile, dofollow, index, blogroll, gratis. In semn de multumire ca l-ai ajutat pe tatal meu. Nu v-am uitat, va am in lista. Daca pot sa ajut, ajut. Daca esti de acord, da-mi un mesaj privat cu site-ul. Sunt sigur ca este in regula, insa vreau sa arunc o privire pe el, sa ma asigur eu.
  14. 13 points
    Trebuie sa alegi, Arta sau lautarie. Fotbalul este o ocupatie pentru labagii spargatori de seminte si bautori de bere.
  15. 12 points
    Material Introduction Section 1) Fundamentals Section 2) Malware Techniques Section 3) RE Tools Section 4) Triage Analysis Section 5) Static Analysis Section 6) Dynamic Analysis Sursa: https://securedorg.github.io/RE101/
  16. 12 points
    Hi all, while surfing various IRC Channels, i have come across a list of very useful links, courses to get into hacking URL: https://ghostbin.com/paste/j858d There are courses for computer basics, hacking, programming and many more Good luck in your long journey of learning!
  17. 12 points
    @tjt " De ce sa nu iti dea ? " - Tu daca ai avea firma ta i-ai da unuia care nu a muncit o zi pe ceea ce ai nevoie 5000 RON? Desi omul poate a mai citit cate ceva, daca nu a lucrat macar 1-2 ani cu ceea ce se cere, nu o sa se compare cu unul care a lucrat. De exemplu, cand m-am angajat ca C++ developer acum 6 ani, stiam limbajul extrem de bine. Dar ca sa vezi, nu prea era deajuns. Nu lucrasem cu sockets, multi-threading, STL, semaphores si mai stiu eu ce, pe cand cineva cu experienta probabil se lovise de cel putin o parte dintre ele. Nu cred ca cineva care nu a lucrat la o companie pe ceva anume, indiferent de ce, a petrecut aproape zilnic cateva ore sa isi dezvolte cunostiintele. Un alt exemplu, e ca inainte sa ma angajez prima oara am vrut sa lucrez ca PHP developer. Scrisesem peste 20.000 de linii de cod, aveam ceva proiecte DAR: nu scrisesem cod MVC (evident), nu lucrasem cu OOP (proiecte mici, evident), nu lucrasem cu niciun framework (la fel). Asadar, de ce sa imi dea 5000 RON pe luna cand eu ar trebui sa stau luni de zile sa invat cum trebuie lucrurile astea? " cineva care a investit timpul personal chiar si bani ca sa isi imbunatateasca cunostinte, sa obtina certificari " - Nu a investit nimeni destul din timpul personal pentru a fi la fel de bun ca cineva care a facut acel lucru 8 ore pe zi timp de 1-2 ani. Si nici nu o sa o faca nimeni. Ca mai citesti zilnic cate un articol, ca din cand in cand citesti o carte, e OK, dar nu e de ajuns. Da, dovedeste entuziasm si conteaza mult, dar nu e de ajuns. Pune-te in locul angajatorului. Cat despre HR, sau "Professional Linkedin browser", din pacate, nu au capacitatea de a trece peste anumite lucruri si de a intelege anumite lucruri. Intotdeauna o sa te lovesti de probleme cu ei si poti pierde locuri de munca bune din cauza ca ei vor considera poate ca "nu are facultate de IT, nu poate sa lucreze pe security", pentru ca ei nu inteleg ca nu exista facultate pentru asa ceva de exemplu. @Philip.J.Fry Nu stiu daca RON sau EUR, nu cred ca EUR in Romania. Da, diploma nu ar trebui sa conteze, ca nu stiu pe nimeni sa fi terminat Facultatea de Reverse Engineering si Analiza Malware in Romania, insa fara experienta mi se pare greu de crezut. Adica serios, ai da cuiva 3.7 EUR pe luna in Romania cuiva care probabil are ceva cunostiinte tehnice dobandite in timpul liber, in locul unuia care a facut asta luni de zile la cine stie ce companie care face antivirus? @gigiRoman Acum vreo 4 ani cred, am avut si eu interviu la Avira pe C++ Developer. Am avut de facut o aplicatie client-server, multithreading si cu nu stiu mai ce functionalitati in 3 ore. Am facut-o si a mers foarte bine, si ziceau cei de acolo ca majoritatea nu o fac in cele 3 ore. Apoi am avut o discutie tehnica. Toate bune si frumoase, pana sa vorbim despre antivirus. Le-am zis ca am facut un crypter, un program care ia un fisier detectabil si il face nedetectabil. Au zis ca "nu se poate, antivirusul nostru il prinde". Le-am explicat cum functioneaza si de ce nu l-ar prinde, ca se incarca in memorie bla-bla, dar nu au parut sa inteleaga. Apoi m-au intrebat: "De ce te-am angaja, de unde stim ca avand acces la codul sursa al antivirusului, nu ai dezvolta in continuare astfel de lucruri?". Am inceput sa rad si le-am zis ca nu am nevoie de codul sursa sa fac asa ceva. Nu m-au mai contactat deloc. Asadar, ca idee generala, de care m-am lovit si eu acum vreo 6 ani cand m-am angajat pe 1600 RON: NU va asteptati sa sara cu banii pe voi, pentru ca nu au de ce. In plus, nu sunteti singurele persoane care isi cauta un loc de munca in IT. Desi sunt destule job-uri, pentru pozitiile de inceput sunt foarte multi care aplica. De asemenea, banuiesc ca daca cineva lucreaza la un proiect in timpul personal, sau face ceva ca sa invete, poate mai posteaza si pe aici. Nu am vazut de ani de zile astfel de lucruri postate. Am fost si eu tanar student, si ce crezi, preferam sa stau sa scriu cod, sau sa beau pana picam din picioare?
  18. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  19. 12 points
  20. 12 points
    selfbashed. Am plecat seara din FR cu masina. Pe la ora 23, pe drum, am vazut o benzinarie mare la Colmar. Zic, hai ca opresc, ma mai alimentez cu o cafea si abandonez ceva nasol mirositor la toaleta. Zis si facut, opresc acolo, iau un espresso scurt, il sorb repede si merg la toaleta. Abandonez eu treaba acolo si trag apa. Vad ca era deja infundat wc-ul si incepea sa creasca mult nivelul "marii". Mi-am dat seama ca e defect si ala de apa.... a tot curs acolo, ma gandeam ca nu se mai opreste in ma-sa.... Ala plutea deasupra, a dat peste wc, au cazut jos doua bucati de stiuca ce pluteau pe deasupra apei involburate si a intrat pe sub cabina in cabina cealalalta, plutind asa in deriva in mortii lui. Mi-au dat lacrimile de ras si nu stiam cum sa fug mai repede de acolo. Radeam odata de intamplare si odata cu gandul ca in cabina cealalalta ar fi putut fi un francez nenorocit! :))))))
  21. 12 points
    Practical JSONP Injection January 18, 2017 Petre Popescu JSONP injection is a lesser known but quite widespread and dangerous vulnerability and it surfaced in the last years due to the high rate of adoption of JSON, web APIs and the urging need for cross-domain communications. What is JSONP? Assuming everybody knows what JSON is, let’s talk a little about JSONP. JSONP comes from JSON with Padding and it was created in order to bypass common restrictions such as Same-origin Policy which is enforced for XMLHttpRequest (AJAX requests). Let’s take an example. Our online banking application, http://verysecurebank.ro, has implemented an API call that returns the current user’s transactions. An HTTP request to the http://verysecurebank.ro/getAccountTransactions endpoint presents us with the transactions, JSON formatted: If our reports application, accessible at http://reports.verysecurebank.ro wants to get the transaction details, an AJAX call to the page won’t be possible, due to Same-origin Policy being in effect (different host). To get around this problem, JSONP came into play. Since Cross-domain script inclusion (mostly used to externally load JavaScript libraries such as jQuery, AngularJS etc.) is allowed, but not recommended, a smart trick apparently solved the entire equation: prepending the response with a callback. Note: even if it might be obvious, it’s worth mentioning that when including a script cross-domain, it will run in the context of the including application, not in the source’s context. Adding a callback to the API response, wrapped around the JSON formatted data, allows us to load the API response between script tags and get its content by defining our own callback function to handle it. Articol: https://securitycafe.ro/2017/01/18/practical-jsonp-injection/
  22. 12 points
    ba, sunteti cu capul ? trading de bonuri pentru haleala si plati in bitcoiN :)))))))
  23. 11 points
    See you in November at DefCamp 2017 Want to experience a conference that offers outstanding content infused with a truly cyber security experience? For two days (November 9th-10th) Bucharest will become once again the capital of information security in Central & Eastern Europe hosting at DefCamp more than 1,300 experts, passionate and companies interested to learn the “what” and “how” in terms of keeping information & infrastructures safe. Now it’s getting really close: this year's conference is only months away, and that means very early bird tickets are now available. Register Now at DefCamp 2017 (50% Off) What can you expect from the 2017 edition? 2 days full of cyber (in)security topics, GDPR, cyber warfare, ransomware, malware, social engineering, offensive & defensive security measurements 3 stages hosting over 35 international speakers and almost 50 hours of presentations Hacking Village hosting more than 10 competitions where you can test your skills or see how your technology stands 1,300 attendees with a background in cyber security, information technology, development, management or students eager to learn How to get involved? Speaker: Call for Papers & Speakers is available here. Volunteer: Be part of DefCamp #8 team and see behind the scene the challenges an event like this can have. Partner: Are you searching opportunities for your company? Become our partner! Hacking Village: Do you have a great idea for a hacking or for a cyber security contest? Consider applying at the Hacking Village Call for Contests. Attendee: Register at DefCamp 2017 right now and you will benefit of very early bird discounts. Register Now at DefCamp 2017 (50% Off) Use the following code to get an extra 10% discount of the Very Early Bird Tickets by June 27th. This is the best price you will get for 2017 edition. Code: DEFCAMP_2017_VEB_10 Website: https://def.camp/
  24. 11 points
  25. 11 points
    Pe redhat majoritatea subdomeniilor daca nu erai logat si intrai pe o pagina unde necesita logarea redirect ul se facea prin service-now care avea un parametru prin GET vulnerabil. Nu am mai gasit poza exacta, am facut o poza dupa video ul de poc. La sap.com la.fel era un XSS prin GET, postez poza diseară cand ajung. Ambele raportate, rezolvate si ca recompensa am luat hof pe ambele. La redhat m au pus sa aleg in care vreau la service now sau redhat😂
  26. 10 points
    Se pare ca voi fi speaker la editia de anul acesta de la Defcamp. Deci va fi cel putin o prezentare ce va avea sigla RST-ului pe ea.
  27. 10 points
    La noi astia cu carnea, ne lasa gura apa cand vedem ce a dat albastrel. La voi astia vegani, cand vedeti stadioane cu gazon, va saliveaza gura ?
  28. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  29. 10 points
    Hai sa iti povestesc ceva, poate o sa te opresti cu postarile astea. Am apreciat in multe din postarile tale trecute (legate de programare in general) ca incercai. Pula mea, nu iesea ceva, postai aici. Parea ca o sa ajungi undeva si ca o iei pe un drum okay. Acum daca ma uit in istoricu' postarilor tale, ai asa (ordine aleatoare): - fitness - PPI (sau cum pula mea se cheama cacatu' ala cu click-uri) - stomatologie - off-shores / dropshipping - forex - contabilitate - site de iteme cs-go - etc... Toate cele de mai sus intr-un interval super scurt. Acu' na, nu e nevoie sa ma asculti, majoritatea de aici stiu ca fac multa caterinca, stiu ca sunt un retardat, handicapat, prost si ca ma doare-n pula de absolut orice exista pe planeta asta in special tigani, biserica si politica. Unde vreau sa ajung cu asta? Cois, treziti-va "an" pula mea! Terminati cu forex / ppi / fbi / nsa / plm / fmm etc. Sau tineti-va in moloz de una din ele si bagati pana vedeti ca iese banu' sau ca esuati. Mai ales astia care aveti cate ceva la mansarda si puteti sa profitati de pe urma asta. Mi-aduc aminte ca si eu eram asa: - mama ce idee de aplicatie am. Devin milionar. - sa-mi bag pula ce idee mi-a venit, gata rup google apps - bag pula-n ea programare, ma apuc de poker. - ma fac futangiu pe macarale Si am tinut-o asa vreun an ca sa realizez ca eram un lache de doi lei (bine, si acum sunt) care nu facuse nimic, pierdea timpu' in pula cu satelitu' si cam atat. M-am oprit, m-am axat pe progra & stuff si acum ma doare in pula, fac ce-mi place si fac misto cu @fallen_angel @Gecko @badluck @aelius etc... pe chat cat sunt la birou pentru ca totu' mi se pare lejer si usor si fain. Unde sunt trilionarii ? Sunt peste tot man, doar ca ei nu deschid 9 topicuri pe luna, fiecare din ele avand un subiect total diferit. Baga-ti mintile in cap si revin-o in pula mea cu picioarele pe pamant. //PS: e misto sa pui intrebari, sa vrei sa stii chestii s.a.m.d... insa asta o poti face pe chat, in timpu' liber, cand iei o pauza de la ceea ce conteaza cu adevarat. In viata nu le poti avea pe toate //PS2: Pentru cei plictisiti de postarea mea, luati aici:
  30. 10 points
    Abonament de tren in Romania ? Care e faza, vrei sa ajungi peste doua zile la munca ?
  31. 10 points
    FUGI. FUGI TARE DE ACOLO. NU DA NICIUN BAN SARLATANILOR. SFATUL MEU E SA NU DESCHIZI NIMIC SI SA PLECI CAT MAI REPEDE
  32. 10 points
    Salut, am facut un program care posteaza singur in Grupurile de pe Facebook Sunt 3 fisiere : 1. grupuri.txt - aici pui link catre grupuri 2. text.txt - aici va fi textul de postat 3. config.txt - momentan aici se pot seta nr de secunde de asteptat intre postari Astept pareri si ce imbunatatiri sa-i adaug. Inca nu e gata, voi pune link de download cand este gata. Si cred ca o sa-l las pe consola momentan, fara interfata.
  33. 10 points
    Articol: https://securitycafe.ro/2017/02/28/time-based-data-exfiltration/
  34. 10 points
    Salut. OVH, Debian, Apache, PHP 7, MSQL, nu are nimic special. Bine, doar pe parte de security e hardcore, l-am configurat cu ./nytro.sh --force
  35. 10 points
    Know your community – Ionut Popescu January 16, 2017 SecuriTeam Secure Disclosure Maor Schwartz When we sponsored DefCamp Romania back in November 2016, I saw Ionut Popescu lecture “Windows shellcodes: To be continued” and thought to myself “He’s must be a key figure in the Romanian security community – I must interview him” so I did! Introduction Ionut is working as a Senior Penetration Tester for SecureWorks Romania. Speaker at DefCon and DefCamp, writer of NetRipper, ShellcodeCompiler and a family man. Questions Q: What was your motivation to getting into the security field? A: First of all, the security field is challenging. It’s like a good movie whose main character has to do some tricky moves to find the truth – In the security field it’s he same. Second, it’s fun. Get access to different systems or to exploit applications. Your friends will think you did something really complicated when you actually exploited a simple vulnerability. My motivations were never (and will never be) fame or money, it’s the challenge and learning. Q: When did you get into the security field? A: I got my first computer when I was 16. I used it to play games until I found a small Romanian security forum. I saw that there was a lot of challenging stuff you could do and I became interested in the security field. During this process I learned Visual Basic 6 / HTML / CSS / JS / PHP / MySQL and practiced my web application vulnerability research skills. After some time I became interested in more complicated stuff such as C/C++ and ASM. It’s was step by step learning where the more you know, the more you realize you don’t know. Q: Since you started, you have found vulnerabilities (vBulletin for example), wrote exploitations tools like NetRipper and ShellcodeCompiler. Why did you decide to specialize in offensive security? A: Offensive security is the fun part of security. From my point of view, it is more complicated, more fun and more challenging than defensive security. Let’s take the vBulletin example. I managed a vBulletin installation and I wanted to make sure the forum was secure. I always updated with the latest vBulletin patches, our server was up to date and it even had a few hardening configurations – this is defensive security. But when I decided to take a look on my own at vBulletin, I found an SQL Injection. Guess what made me happier – installing patches and keeping a system up to date or the discovery of an SQL Injection? Since I was young, I was more attracted by the offensive part of security. Q: Why did you develop NetRipper and ShellcodeCompiler? A: A long time ago I discovered that by using API hooking (intercepting Windows function calls) you can do a lot of stuff. While working on an internal penetration test on a limited system, I had the idea that I could capture the traffic made by administration tools in order to pivot to other systems. The idea was not new, but the available tools did not offer what I wanted – a post-exploitation tool to help penetration testers on their engagements. So, I started working on NetRipper, which was released at Defcon 23. Recently, being interested in low-level stuff such as ASM and Windows Internals, I wanted to write my own shellcodes. I did it easily on Linux, but it was a little bit more complicated on Windows. I noticed that you will repeat a lot of the content from one shellcode to another, so I decided to automate this. This idea was also not new. I saw a basic shellcode compiler, but its users had to write ASM code. I wanted a fast and easy way to write one. This is how Shellcode Compiler was born. Q: What is the most innovative project you did as offensive security researcher? A: I think the most innovative project I did as a security researcher is Shellcode Compiler. Even if the idea is not new and the tool is really limited, it turns a difficult job into a really easy one, and anyone can write a shellcode. However, I still need to implement a few features that will make it more useful. I don’t have a lot of free time to work on this project, but I always try to make some time for it. Q: Where did you learn to be an offensive security researcher? A: I started to learn from security forums. I still remember hacky0u forums. Now I get most of my technical stuff from Twitter. My tweets are actually a “to read” list. I like to see that a lot of technical people share their knowledge. I read anything that’s new from blogs, whitepapers and security conferences. I find Twitter is the central place where I can find all this information by following the right people. Q: How big is the security community in Romania? A: The security community in Romania is medium-sized. There are really good security guys in Romania, but many of them don’t have the necessary time to share their knowledge. There are security researchers from Romania that spoke at well-known security conferences, write tools and whitepapers, but not as much as I would like to. In my opinion, it doesn’t matter from where is the researcher – we live in international world, especially the security researchers community. Q: I saw that you are one of the Admins in the Romanian security forums called RST Forums. Why did you open the forum? What was the goal? How helps you to manage it? A: RST Forums is the largest Romanian security community. It is a well-known forum in Romania and most of the content is Romanian. I did not open this forum; a few other guys did it in 2006. However, they decided to leave the community, and so I am just continuing it. The goal is to help young and newbie Romanian learn security. I have friends that visited the forums for game cheats or programming help, eventually they got in to the security field and now they are working as penetration testers for large companies – the forum helped a lot of us in our careers, and that’s why it is still open. I hope many other young Romanians will use it as a way to start their careers in the field of information security. Q: How do you support the security research community today? A: I don’t do as much for the security research community as I would like. The two tools I released, NetRipper and ShellcodeCompiler, were to support the research community. I have written different technical articles and whitepapers and spoken at security conferences. Oh, and I also tweet useful technical stuff. It is not much, but it is something, and I hope someone will find my work useful. Q: Do you have a tool you are working on today? Do you know when you are going to release it? A: Right now, I would like to work on my current projects. I don’t have a new idea for a tool and it is not a good idea to work on one until the other tools are not as fully-featured and stable as I would like them to be. It was a pleasure, Ionut, to talk to you and get so much information on the local Romanian community You’re welcome. Link: https://blogs.securiteam.com/index.php/archives/2916
  36. 9 points
    The vulnerability It is a known issue that Microsoft NTLM architecture has some failures, hash stealing is not something new, it is one of the first things a pentester tries when attacking a Microsoft environment. But, most of these techniques require user intervention or traffic interception to fulfill the attack. These new attacks require no user interaction, everything is done from the attacker’s side, but of course, there are some conditions that need to be met to be successful with this attack. Link articol: http://www.sysadminjd.com/adv170014-ntlm-sso-exploitation-guide/
  37. 9 points
    Breaking News Au implementat un bot in Chrome Web Store care da remove la toate extensiile cu cod aparent obfuscat / malicious (asta inseamna in viziunea lor: minificat sau pur si simplu prea mult -- intr-una din extensii aveam cod compilat de webpack si mi-au dat-o jos ca fisierele generate erau de 50-80k linii). Ideea principala e sa scape de extensiile care injecteaza adware si malware, dar in realitate, se caca pur si simplu pe munca oamenilor. La cei numai 400 de useri pe care-i aveam, cred ca e irelevant sa mentionez ca nu aveam asa ceva in sursa, iar scanarea lor si procesul de a o aduce inapoi in store e de tot cacatul. In plus, nu au setat niciun fel de regula clara care sa precizeze ce e acceptat si ce nu, pur si simplu daca vrei sa rezolvi situatia trebuie sa "rezolvi" ceva ce nu vezi, orbeste, si apoi sa tot dai submit la noi versiuni in sperata ca ti-o accepta din nou, numai ca e o limita si aici, iar daca o depasesti, ii da remove de tot. Nu am sa ma complic sa incerc sa o mai readuc in store si nici nu e singura pe care mi-au dat-o jos. Muie Google.
  38. 9 points
    Cu ocazia aniversarii a zece ani de FileList, au decis sa lanseze mai multe surprize, unda dintre acestea fiind: Toate bune si frumoase, doar ca, daca esti tampit ca mine si ai gasit prima data giftbox-ul la ora 5 dimineata (sau pentru oamenii normali, esti ocupat) si nu ai cum sa verifici la 24 de ore, vei pierde din premii*. Si cum suntem cu totii 0xH4X0R1 pe aici am decis sa fac un mic script in PowerShell (daca am chef/rabdare il voi face si in Python) care sa se ocupe de problema: Mod de utilizare: Copy - Paste la cod intr-o fereastra de PowerShell apoi rulati Invoke-FileListGetGift. Salvati codul intr-un fisier *.ps1 apoi din PowerShell ii faceti source: adica scrieti in consola ". .\NumeFisier.ps1" (atentie la punctul din fata - e ca la bash) apoi rulati Invoke-FileListGetGift. Daca doriti sa vedeti mesajele de debug setati $DebugPreference = "Continue" in consola din care rulati apoi apelati Invoke-FileListGetGift.
  39. 9 points
  40. 9 points
    Hello everyone. I joined this community a while ago; I have/had been a lurker for even longer. A huge part of what made the hacker community what it was (and what it is here) involves a willingness to share knowledge (without spoonfeeding). I would feel remiss if I gained so much from so many of you and did not give something back on occasion. What follows are anecdotes, opinions and observations I can share after almost 7 years working professionally in the InfoSec/Netsec field. Most of my work in this sphere has been anchored in Penetration Testing. Even when my official designation was Network Security Analyst, I spent most of those 3 years in engagements against PCI environments utilized for subcontracting work from Comcast, Verizon, Time Warner, Sprint and AT&T (to name a few of my former employers clients). Currently, I manage the Cybersecurity Lab of an International company that employees over 200,000 employees. Most of my work in my current position involves Penetration Testing (every type imaginable, including focused blackbox testing against embedded devices and the network/control structures surrounding them). I am also a lead point of contact for our international teams during remediation and triage of major security threats, incidents and breaches. For example, I was the my company’s head analyst for the recent Shamoon 2.0 attacks (W32.DisttrackB/W97M.Downloader) last February, as well as the recent Wannacry outbreak. I also serve in a Security Engineer capacity, as I am regularly asked to evaluate facets of our products and provide feedback and opinions on the security ramifications involved. I am extremely busy and wanted to give back what I have taken thus far, so this is going to be long... Here goes nothing: 1) I am completely self taught (meaning I acquired no college/formal education to get where I am). That being said, a solid Computer Science degree is invaluable as a base (I would generally avoid Cybersecurity degrees and go for CS ), and even the degree itself will open doors into this business. Also, I work alongside high-level engineers (CS and Electrical Engineering PhDs); what they can do in a short period of time once they take an interest in InfoSec/NetSec is frightening. 2) That leads me to this: to be great in this industry ( or great for this industry), I believe that InfoSec/NetSec has to become a lifestyle,not just a job. I easily work 80+ hours a week (every week) between work, further study and skills building. And I love just about every minute of it. There is a huge need for InfoSec/NetSec professionals,which I feel is going to lead to a flood of low knowledge, low passion, low skill hiring. Anyone trying to get into this industry for the cash alone is going to have a rude awakening: there are probably lower pressure, lower work hour ways to earn the same money doing something that actually interests you.. Also, those of us really invested in these arts can pretty easily spot our own. 3) Learn to study, and learn to love the act of studying. Much of this job is continual study; eventually, when presented with an issue youare ignorant of, you will feel confident in knowing that you can find the answers you need. Break the issue into small, manageable pieces (goals really), and put the pieces together until you can view the whole answer. 4) Most of my success in this industry has been due to a willingness to work hard, persevere and never give up. Ever. Most of this job is the creative solving of problems that do not or may not have any easy answer (or any answer at all…yet). You have to build a no retreat, no surrender, obsessive need to conquer problems. 5) I specialize in network penetration, though I have become fairly well rounded. To me, network penetration is the art of acquiring advantages. During an engagement, I am always looking to acquire advantages. I study and train to better recognize and maximize the resources within an environment that allow me to gain those advantages. Gaining these advantages are more a product of knowledge and experience then an application of tools. 6) I am also looking to be efficient; the best penetration tests replicate real world attacks. In that vein, each action you take raises the probability that you will be detected. For hackers and freedom fighters engaged in illegal activity,you may want to consider the latter a bit. Once you make ingress and launch any manner of offensive action, you have escalated the legal ramifications of your trespass by multiple magnitudes. Also remember that the probability of you getting caught and prosecuted is never 0.00%: you have to be prepared, you have to be careful, you have to be patient and you have to prepare contingencies. 7) I use a measurement/assessment of risk vs. reward to make each action within the network as efficient as possible; by percentages,losing a queen to take a rook is generally a loser’s bet. The best way I’ve learned to temper a careful approach is with an old sales slogan (“ Always be closing the deal”, which I modified to “Always be advancing your position(s)”). 7) I try as much as possible to engage a target as a stalking, ambush predator: I move carefully and try to use the environment to hide myself as I seek to exploit the target/objectives lack of awareness. I work to remain patient and identify/quantify as many of the variables of the current environment/situation as possible. Sometimes the best decision you can make is to slow down or hold your current position for a bit; watching Tcpdump or Wireshark while thinking on a better move is still advancing your position. 8) To lower the probability of detection (whenever possible) I attempt to attack, enumerate or probe from an obfuscated position. Configuring your attack host/node for the highest probability of situational anonymity (using tunneling, proxies, encapsulation ,etc.) is infinitely useful in pentesting, hacking and/or general security/privacy. Mastering the manipulation of proxy, tunneling and encapsulation protocols (which involves a deep understanding of networking/TCP/UDP) almost lends you quasi-magical invisibility and teleportation powers when involved in network penetration. Obfuscation itself is one of 10,000 reasons why experience/knowledge in the disciplines of networking, OS and programming combined with security research are such huge advantages (and another reason why if you take up this path you may never stop learning). 9) Learn to use every tool you can, but more importantly, learn why the tool works. If you work in/at exploitation long enough, the principles governing the tools will help you exploit a box someday,regardless of whether you use that particular tool to get the wanted/needed result.. 9) Knowledge/experience over tool use is especially important today: regardless of what many sites say, you will not find many enterprise/corporate networks today (as a professional penetration tester at least) where there are gross configurations/deployments leading to an easy, out of the box (deploy tool== Meterpreter) exploitation. 10) When training for a fight, professional mixed martial artists put themselves in the worst possible positions so they react properly when the fight is underway. Eventually, training/practicing your exploitation/research techniques the same way will be a huge boon in engagements, POCs (or in the wild). I especially like to round difficulty up during research; it is difficult for someone else to minimize your findings if you have added (and circumvented) greater security measures than the norm (rather than having reduced them). 11) Most of my exploitation of networks in the last couple years have been a process of discovering network misconfigurations and weaknesses (especially in Windows firewall, Programs and Features, LGPO/GPO policies and/or IE/Internet Options within Window Domains/Networks) or information leaks that I locate online or through DNS enumeration that ultimately leads to my gaining access to a host. From there, remote exploitation (toward post exploitation/privilege escalation/pivoting) will often occur This is largely when knowledge of things such as Powershell (leveraged by itself or tools like Powersploit/CrackMapExec/PsExec/Empire) become invaluable (in Windows networks). I have actually been finding easier remote exploits when attacking Linux/Unix boxes in enterprise networks (finding Solaris with Apache Tomcat during enumeration still springs hope eternal in my human breast). Many (actually, maybe all) of these companies are/were new at deploying Unix/Linux boxes in their networks and were making some serious mistakes with deployment. 12) Enumeration is the most important part of an engagement to me. You should get used to enumeration without automated tools; I love Nmap, but many times it is not feasible to usewithin the customer’s network (network overhead issues, the chance of detection by IIDS, the chance of breaking PLCs or other embedded devices, etc.). In cases where you are on the customer’s network, tools like Wireshark, Tcpdump, knowledge of networking protocols/ports and banner grabbing are your friends. 13) For those engagements where you first need to gain access to the network, you definitely have more room for running some louder tools: I love Fierce (and DNS enumeration in general) as it often presents my way in. Google dorking is still also an incredible tool, as is Firefox with the right set of extensions (Hackbar, Tamperdata, Wappalyzer, BuiltWIth, Uppity, IP Address and DOmain Information, etc,.). Who loves Dirbuster in these cirumstances? This carbon/caffeine based lifeform right here. Whether you are pentesting, bughunting or hacking/freedom fighting, a paid Shodan subscription will($50) is worth every cent. The capacity to make exacting, accurate searches for greater than five pages has helped me in more engagements/bughunts than I can remember. 14) When I am explaining why a config/setting/LGPO /GPO (etc.) is a security risk to a client or my fellow employees, I like to explain that many of the advantages I look for in my environment are most often advantages that are needlessly provided to me. If it does not break key functionality or seriously impede efficiency/development time, than it is in their best interest to deny me as many advantages as possible, even when the advantages appear as if they are minutia. When dealing with a client or non-security fellow employees,you should work to create a relationship of mutual help and teamwork. I am not there to rub their noses in there crap; I am there to help improve their security so the company can prosper. This is partially a customer service gig where solutions (remediation/counter measures) are more beneficial to the customer than the exploitation itself. Whenever possible, I like to end the post-exploitation/penetration test conversation/meeting/presentation with the attitude that I am here to help fix these issues , how can WE best close these gaps? How can I help make your (or our) company safer, so that we can become more prosperous? 15) I personally despise Microsoft (and many proprietary products/companies) on many levels, but when it comes to work, I am platform agnostic. Whatever tool is needed to complete the mission is the tool I am going to employ. However, whenever possible without jeopardizing the mission, I am going to employ an Open Source/Unix/Linux-centric solution. I work hard to show my company the value in Open Source. The way to show that value isn’t to be the super Unix/Linux/GPL neckbeard who constantly bemoans proprietary software./platforms. The best way (for me), is to show how effective the strategy involving the Open Source tool is. Then, in my report, I explain the business hook of using Open Source (if the tool is free for commercial use). I am sensitive to companies taking Open Source tools and turning them into something proprietary. However, if I can make my company (which is both huge and almost universally recognized as ethical, which is rare) see the value in Open Source, I know they will eventually incorporate Open Source into the support packages for their products (which they have while keeping the tools ad the license in tact). This than spreads the value of Open Source to smallercompanies who see it being trusted by a much larger company. 16) I have tens of thousands of dollars worth of licenses atmy disposal. However, I will never use tools like Nexpose, Nessus, Canvas orMetasploit Pro unless the project, client, or a governing body specificallyrequire them. I believe these tools develop poor habits. Obviously, if a project such as evaluating an entire domain of IP/hosts for vulnerabilities is my task, I am going to use Nessus. However, (whenever a time/project permits, which they most often do) I am going to evaluate the findings (and search for other vulnerabilities) manually. 17) The ultimate goal should be reliance on nothing more than a Linux/Unix Terminal, some manner of network access and a programming language. One of my favorite exploitation tools is my Nexus 7 2013 flo tablet (running a modified version of Nethunter) and a Bluetooth folio keyboard ( I got the idea from n-o-d-e, https://www.youtube.com/watch?v=hqG8ivP0RkQ44) as the final product is a netbook that fits in a jacket pocket). I have exploited some seriously huge clients with thislittle rig (for ingress and a quick root shell, WPS on network/enterpriseprinters and knowledge PCL/PJL/Postscript are often your friend). I have also exploited other customers with a cheap UMX smartphone with 5 gigs of storage, 1 gb of memory and GNUroot Debian (Guest Wifi access from the parking lot or an onsite public restroom, human nature, and Responder.py analyze mode, followed by WPAD, LLMNR and NetBios poisoning with NTLMv1 and LM authorization downgradefor the win). 18) During (red team, onsite, etc.) engagements, even when the ultimate target of the engagement is located on a hardwired network with heavy segmentation/compartmentalization (such as the conduit/zone based layouts that are general best practice in Industrial sectors), it is always worthgaining a host/node with corporate WIFI access. One thing WIFI access provides is reach: an Administrator’s (or other privileged user’s) dedicated workstation may be out of reach, but his other devices (if in scope) may be connected to Corp. WIFI for reasons such as saving data on a plan. Also, WIFI allows me attacks of opportunity even when I am doing other things. Running Responder.py on a misconfigured network’s WIFI while I am elsewise engaged is gaining me advantages (maybe clear text creds, maybe hashes, maybe NTLMv1 and LM hashes) at little cost to my time or attention. When I employ this, I like to spoof the poisoning machines hostname/mac address to something familiar on the network. If you see a bunch of hosts named “Apple” during your recon, and all of those hosts are not online, spoof the hostname/MAC to match one of the Apple machines (this will not withstand close scrutiny, but will often suffice with a little work). It always helps to watch and take note on the norms of the network traffic and protocols. Try to match this as much as possible (this will likely help you avoid IDS/IPS, firewall rules, etc.) and whatever traffic would seriously stand out, try to tunnel or encapsulate with normal network traffic/protocols. 19) This leads to two other points: A) Be prepared for the majority of people within a company who do not care about, or will minimize security issues. Do not get frustrated; I find that showing the parties involved what they stand to lose as a company from a vuln to be more effective than focusing on the vuln itself. This is where the Nexus and cheap smartphone come into play: taking the client’s domain with a laptop may scare up some results, but showing s customer that an attacker could cost them tens of millions with a $20 dollar smartphone or a $100 dollar tablet (from the parking lot) works wonders. C) I have an interest in learning to exploit everything and anything. This has served me well during network penetration tests, as many targets will defend their DCs, file servers and hosts, but not pay much attention to the printers and IoT devices within the network. D) To this end, learn to work with uncommon protocols. UPnP. NTLDNA and SSDP have been serving me well for the last couple years. Many file servers (and company smartphones/tablets when they are in scope) keep the UPnP door (and associated protocols) wide open. I once grabbed SNMP and other default network appliance creds from a fileserver through UPnP. 20) If you are going to pay for certs with your own cash, I recommend the OSCP. Yes, some of the machines/exploits are outdated. You won’t find many of the SMB remote exploits used for the course in the wild very often anymore (unless an Admin leaves a test server up, which happens occasionally). However, the overall experience, breakdown on enumeration methodology, self reliance and mindset the entire experience teaches you are invaluable. I have seen some sites peddling garbage certs with no industry recognition. Save your money for the OSCP; its profile in the industry is high and growing. Certs are no replacement for experience, but starting out with a IT/CS related degree or some general IT experience (even Helpdesk work) along with the OSCP will get you hired somewhere. 21) For persistence, I prefer adding innocuous user accounts/Remote Desktop accounts. If I am going to add some manner of privileged user account early to mid engagement, I usually try to add a more low profile account (if I have the option) such as Server Operator; these type of accounts allow privileged access you can build from, but generally are not watched with the scrutiny of an Administrator account. When I do create Administrator accounts (I try to wait until I begin my endgame), I will try to match the naming convention to similar accounts in within the network. if a For example, if the Administrator accounts within the network are named USsupervisor, I will name the added account something like USupervisor. If I know the clear text password of the account I have mimicked, I will use the same password. 22) Keep good notes during the engagement; too much information is better than to little information. Captured PCAPS of network traffic are great for examination during down time between engagements. 23) If you are a hacker, freedom fighter, or someone generally concerned about max privacy, this series of articles and configurations are for you: https://www.ivpn.net/blog/privacy-guides/advanced-privacy-and-anonymity-part-146 24) My favorite distro is Backbox; it starts out with a solid set of tools ninus the obscure bloat (and so far I have been able to add anything Kali has to Backbox). You can use Backbox's "Anonymous" option for a full transparent Tor proxy, Macchanger and host name changer and set RAM to overwrite on exit. I also keep Portable Virtualbox on a USB drive with a Kali Linux image... You could follow some of the advice here: http://www.torforum.org/viewtopic.php?f=2&t=1832020 And here: http://www.torforum.org/viewtopic.php?f=2&t=1832020 The articles above could help you create an encrypted USB with a Whonix gateway and Kali Linux workstation (you could probably exchange Kali OS in the Whonix Workstation for any Debian/Debian like OS). This configuration is disposable and concealable, and will run all of the Kali Workstation's (or other Debian/Debian like OS) through Tor. You could also create multiple other Vanilla Whonix Workstations/Gateways on the USB to create a type of local jumpbox sequencea to tunnel between/through SSH and/or VPN them before final Kali workstation. (Note: This is just a gut feeling, but for your own OpSec/security/anonymity, you are probably best replacing the Kali workstation with another Debian/Debian like distro. I have tried Katoolin in the Whonix Workstation, but I find that Katoolin often breaks i). 25) A VPS with your pentest tools installed is a valuable commodity; I call mine DeathStar, and I can call down some thunder from my Nexus 7 2013 flo (and a prepaid Wireless hotspot) from pretty much anywhere. There are some providers who do not give a damn about the traffic leaving your VM as long as you are using a VPN and a DMCA does not come their way. For hackers and freedom fighters, get your VPS from a country outside 14 Eyes countries (providers in Eastern European/former Soviet Block countries can be both dirt cheap and extremely honorable; just do your research and have tolerance for the occasional technical issue). You could pay with laundered/tumbled Bitcoin; even better are those providers who except gift cards (much like some VPN providers do)as payment. Have another party buy the gift cards a good distance away from you; you can find some of these providers who take gift cards on Low End Box. The VPS can be a valuable addition to the encrypted USB above (as you now have a host/node to catch your reverse shells without sacrificing Tor) when combined with SSH or IPsec (such as Strongswan, which is in the Debian repos). 26) Again, this post was long because I am busy, and Iwanted to make the contribution I felt I owed this site since shortly after it began. If you have technical questions concerning (or any questions in general), please post them as comments and I will definitely get you back an answer. https://0x00sec.org/t/shared-thoughts-after-6-years-in-pentesting/2492
  41. 9 points
  42. 9 points
    O aplicaţie realizată de IT-iștii din Cluj, folosită de către NASA pe Staţia Spaţială Internaţională Mai mulţi IT-işti clujeni, dezvoltatori ai unei aplicaţii de back-up, au ajuns cu produsul lor chiar pe Staţia Spaţială Internaţională, după ce americanii de la NASA au cumpărat 20 de licenţe ale soft-ului lor, aflat în prezent deja la a şasea versiune, cu vânzări pe întreg mapamondul, scrie News.ro. NASA a achiziţionat 20 de licenţe ale soft-ului Backup4all, o aplicaţie dezvoltată de o echipă de programatori clujeni care deţin compania Softland. Începând cu luna mai, aplicaţia este folosită pe Staţia Spaţială Internaţională pentru activităţile de backup realizate de către agenţie. O licenţă pentru această aplicaţie costă 49,99 dolari, dar pentru că NASA a cumpărat o cantitate mai mare de licenţă, a primit şi o reducere, astfel încât preţul total a fost de 770 de dolari. De asemenea, pentru că este folosită într-un mediu în care nu există conexiune la internet, aplicaţia a trebuit modificată. "În ianuarie anul acesta am primit un mail de la NASA în care ne spuneau că şi-ar dori să instaleze Backup4all într-un mediu foarte securizat, fără acces la internet. Ne-au explicat că modalitatea noastră de activare nu va funcţiona în environment-ul lor şi atunci am aflat că vor să instaleze aplicaţia pe Staţia Spaţială Internaţională. A urmat o lună întreagă de teste şi configuraţii pentru ceea ce aveau nevoie şi în 31 mai a început să fie utilizată. Astfel, acum rulează pe opt laptopuri de pe Staţia Spaţială Internaţională”, a explicat Lóránt Barla, din partea companiei Softland. Clujenii, care au ajuns cu Backup4all la a şasea versiune, au explicat că mai ţin legătura cu cei de la NASA, în cazul în care aceştia au nevoie de ajutor pe partea de suport. "Cei de la NASA au cumpărat aplicaţia de pe site-ul nostru ca orice client normal. Nici măcar nu am ştiut. Poate mai avem şi alţi clienţi la fel de importanţi, dar nu ştim. Ar fi avut şi alte opţiuni pentru că este destul de mare concurenţa pe partea de backup. De ce au ales aplicaţia noastră? Pentru că li s-a părut că este cea mai bună soluţie pe care o pot configura conform nevoilor lor. În ceea ce îi priveşte pe clienţii noştri de la NASA, mai comunicăm profesional cu ei şi dacă vor avea nevoie de suport, pot conta pe ajutorul nostru. Dar, de regulă, Backup4all se configurează şi îşi face back-up automat fără să fie nevoie de altă interacţiune cu dezvoltatorii”, a precizat Lóránt Barla. Ca firmă, Softland funcţionează din 1999, la început desfăşurând activităţi de outsourcing. Din 2002 însă, echipa s-a concentrat să dezvolte şi să vândă propriile programe. În prezent, Softland are 13 angajaţi care se ocupă inclusiv de marketing, relaţia cu clienţii şi vânzări. Sursa: http://www.digi24.ro/stiri/externe/o-aplicatie-realizata-de-it-istii-din-cluj-folosita-de-catre-nasa-pe-statia-spatiala-internationala-737922
  43. 9 points
  44. 9 points
    Asta face 50$/zi gasind prostii care cred ca se vor imbogati usor si repede.Probabil ca a cumparat si el metoda, a vazut ca nu functioneaza, si cand se uita in oglinda, si se gandea "cum pula mea am fost asa de prost sa dau banii pe asa ceva?" i-a venit ideea..... oh, da stai, sunt multi ca mine.... si asa s-a apucat sa vanda "metoda". Este simplu sa faci bani, se gaseste zilnic un cocalar care sta pe net crezand ca e jm3k3rie sa faci bani din h3k3r3ala.
  45. 9 points
    @alezu2000 la creatie
  46. 9 points
    Eu cu ma-sa lu Ganjaa. Cand nu vrea s-o ia, dau cu --force
  47. This post cannot be displayed because it is in a forum which requires at least 10 posts to view.
  48. 9 points
    Din CV-ul ministrului de la energie, Toma Petcu. Pe langa altele, competenta de "Bine" in Acrobat Reader =)))))))))))))))) Muie Rromania!
  49. 9 points
    Romanii sunt chiar atat de prosti. Nu s-a trisat deloc
  50. 8 points
    A inceput razboiul. Propun sa ne echipam si sa intram si noi.
×