Jump to content

akkiliON

Active Members
  • Posts

    1203
  • Joined

  • Last visited

  • Days Won

    61

Everything posted by akkiliON

  1. Umm ... Maybe ? Am mai multe XSS-uri în Yahoo! Mail.
  2. Sorry for double-post.
  3. Mno, ce mesaj am primit de la AT&T. // Solved
  4. Am s? revin ?i cu ni?te video-uri când le fixeaz?. Înc? nici acuma nu le-or fixat (unele) Or zis c? le fixeaz? dar dup? s?rb?tori. Doar cele critice le repar? momentan. Odat? ce sunt reparate, primesc ultima tran??.
  5. Scuze pentru double-post ! Trebe s? le trimit datele pe 8 Decembrie. În sfâr?it voi fi în Wall of Fame.
  6. Orice lucru la care te a?tep?i mai pu?in, se întâmpl? (la asta m-am referit cu true story). De exemplu cum ai zis tu, c? ai ajuns admin pe RST "Eu nici n-am visat vreodat? c? o [orice lucru] când te a?tep?i mai pu?in." Crezi c? m-am gândit ?i eu vreodat? c? voi avea VIP pe RST ? Eu pu?in m-am a?teptat, pot s? zic.
  7. True story.
  8. https://www.youtube.com/watch?v=dmQh5b6lZ28
  9. True story De tot era vorba de PS4 Gecko
  10. Caut? ?i vei g?si. https://rstforums.com/forum/cosul-de-gunoi.rst
  11. Video released.
  12. Epic...Fail
  13. Irene Abezgauz, a security researcher from the Quotium Seeker Research Center has found a vulnerability in Facebook website that allows anyone to see a users’ friends list, even when the user has set that information to private. The exploit is carried out by abusing the "People you may know"' feature on Facebook, which suggests new friends to users. It suggests friends to you based on mutual connections and other criteria such as work or education information. This Hack is really very simple! All a hacker would have to do would be to create a fake Facebook profile and then send a friend request to their target. Even if the targeted user never accepted the request, the hacker could see that person’s friends via the “People you may know" feature. But Facebook said that that a hacker would have no way of knowing if the suggested friends represented a user’s entire list. She explained and replied the Facebook,"I could see hundreds of suggestions. So, you know what, it’s not all of them. It’s 80 percent, so what. There’s a reason why I made my friends list private and I don’t want people from the internet just looking at who my friends are." For now, Facebook hasn't recognized the her finding, but we hope that they will take users privacy seriously by considering it again to patch the issue. Facebook vulnerability allows to view hidden Facebook Friend List - The Hacker News
  14. 194,993 btc = $ 165,159,494.50
  15. Link: https://blockchain.info/tx/1c12443203a48f42cdf7b1acee5b4b1c1fedc144cb909a3bf5edbffafb0cd204 Am postat s? vede?i si voi asta. Nu e normal omu'
  16. Security researcher Henry Hoggard recently discovered a cross site request forgery (CSRF) vulnerability in Twitter’s “add a mobile device” feature, giving him the ability to read direct messages and tweet from any account. Hoggard, a security researcher at MWRInfosecurity, told Threatpost via email that he found the bug in his spare time and reported it to Twitter. Twitter then resolved the vulnerability within 24 hours. Hoggard then posted the details on his personal blog. Related Posts Marketplace for Phony Twitter Followers is Big Business November 5, 2013 , 10:54 am Threatpost News Wrap, August 30, 2013 August 30, 2013 , 9:20 am Researchers Put a Dent in the Twitter Underground August 15, 2013 , 10:09 am A CSRF vulnerability forces a user to execute unwanted actions in an application or service for which that user is already authenticated. These attacks generally involve some social engineering such as sending an email with a malicious attachment. When successful, an attacker can wrest control of a user’s account, which could have a wide range of impacts depending on the application in question and the level of rights granted to the targeted user. In this case, Hoggard found the CSRF bug in a Twitter feature that gives users the ability to add a mobile device to their account and control that account via SMS using the mobile device added. By creating a CSRF page, Hoggard realized that an attacker could enter his own phone number and network to the victim’s account. Of course, Twitter built an authentication token into the feature that should have prevented this sort of attack. Unfortunately, Twitter was not actually checking to make sure that the token-value was correct, which means that an attacker could enter any value whatsoever for the token and still get validated. Hoggard claims that an attacker could compromise a victim account by sending the targeted user a link to a malicious website containing his exploit code (the CSRF page plus a link to Twitter’s “add a device” activation page). If the user clicks the link, he or she will be unwittingly initiating the process to authenticate the attacker’s device. Twitter, therefore, would be waiting for someone (in this case the attacker) to text “GO” to the mobile short code number that activates the device. Once this is done, the attacker would receive a device activation notification and would now have the ability to send and receive tweets by texting his or her desired message to the same mobile short code number. Users with the No-Script extension installed on their browser would not have been affected by this vulnerability even before Twitter fixed it, according to the researcher. Twitter did not respond to a request for comment, but Hoggard provided communication logs between himself and the social network’s application security team, noting that Twitter fixed the bug incredibly quickly. The logs show that Twitter received his bug report on the morning of November 3, requesting that Hoggard not publicize his findings immediately. Early that same afternoon, the logs indicate that Twitter had resolved the issue. Twitter Fixes Bug that Enabled Takeover of Any Account | Threatpost | The First Stop For Security News
  17. https://pbs.twimg.com/media/BZGNYU9IYAE8Bk9.jpg
  18. Da.
  19. Yep.
  20. Update: Fixed Reward:
  21. Dac? vroiai s? î?i cumperi telefon scump, puteai s? mergi la vreun magazin GSM ?i s? vezi cât cost?. Eu nu a? putea s? cump?r ceva scump de pe internet . Te treze?ti cu el defect dupaia poate. Fiecare cu alegerea lui. // Mai bine trebuia s? î?i iei samsung. Sunt unpic mai mici pre?urile pe lâng? Iphone. Suporturi
×
×
  • Create New...