begood

Ghiciti cine ? "Unu" A greyhat hacker has discovered a critical SQL injection vulnerability in Yahoo! Local Neighbors discussion board website. The flaw can be used to read information about administrative and user accounts or upload a shell on the server. Neighbors is a Yahoo! Local feature launched at the end of 2007 with the purpose of providing a place for people to exchange information about events happening in their local communities and other useful info. Yahoo! describes the site as a "practical discussion board for any topic - from neighborhood safety to contractor recommendations." The hacker who discovered the vulnerability goes by the online nickname of "Unu" and had previously uncovered similar vulnerabilities in other high profile websites. He notes that despite finding SQL injection and cross-site scripting (XSS) vulnerabilities in Yahoo! websites before, this is the first time when he encountered a MySQL 5 server being used by the company. The screenshots provided by the hacker reveal the databases available on the server, as well as the users with access to them. While connections with the "root" account can only be established from local IP addresses owned by Yahoo!, Unu points out that an account called "reply_mon" can be used to access the databases from any host. Querying the database table where details about the website's admins are stored reveals their user names, e-mail addresses and publicly displayed names. Furthermore, the UserLocations table contains information about registered users, including their Yahoo! ID, address, city, state, zip code, country and e-mail. However, one of the most dangerous finds is that the server allows load_file, which means that a writable directory can be used to execute malicious code in order to obtain command line access. The hacker notes that, from that point on, "we can do virtually anything we want with the website: upload shells, redirects, infect pages with trojan droppers, even deface the whole website." In an e-mail to Softpedia, Unu wrote that he is an adept of responsible disclosure practices and confirmed that Yahoo! had been notified of this vulnerability in advance. "As far as I know it has been addressed," he noted. Yahoo! Local Hacked

sau na..un mic ddos

Salut Si ce anume vrem sa realizam aici ?

In conclusion, annonym666 is a gay fuck And the program is infected.

84.56.222.11 son of a bitch. http://network-tools.com/default.asp?prog=ping&host=84.56.222.11 Ping 84.56.222.11 [dslb-084-056-222-011.pools.arcor-ip.net] Timed out Timed out Timed out Timed out Timed out Timed out Timed out Timed out Timed out Timed out Average time over 10 pings: 0 ms vai de mine, dar ce s-a intamplat ? O_o

i've just scanned it results : Virustotal. MD5: a679b99df41be5f84b83e0a4c6d24566 Net-Worm.Win32.Kolab!IK BackDoor.IRC.Sdbot.5217 Net-Worm.Win32.Kolab DrWeb 5.0.0.12182 2009.08.24 BackDoor.IRC.Sdbot.5217 Jiangmin 11.0.800 2009.08.23 Backdoor/SdBot.nkh VBA32 3.12.10.9 2009.08.24 Backdoor.Win32.SdBot.olz VirusBuster 4.6.5.0 2009.08.24 Trojan.Ceeinject.Gen a-squared 4.5.0.24 2009.08.24 Net-Worm.Win32.Kolab!IK Ikarus T3.1.1.68.0 2009.08.24 Net-Worm.Win32.Kolab File Info Report generated: 24.8.2009 at 22.29.39 (GMT 1) Filename: xrumer.exe File size: 6789 KB MD5 Hash: a679b99df41be5f84b83e0a4c6d24566 SHA1 Hash: 32EF347042D053EDA4136004095CE9B105D643FE Self-Extract Archive: Nothing found Binder Detector: Nothing found Detection rate: 4 on 22 Detections a-squared - Net-Worm.Win32.Kolab!IK Avira AntiVir - - Avast - - AVG - - BitDefender - - ClamAV - - Comodo - - Dr.Web - - Ewido - - F-PROT6 - - Ikarus T3 - Net-Worm.Win32.Kolab Kaspersky - - McAfee - - NOD32 v3 - - Norman - - Panda - - QuickHeal - - Solo Antivirus - - Sophos - - TrendMicro - - VBA32 - Backdoor.Win32.SdBot.olz VirusBuster - Trojan.Ceeinject.Gen Scan report generated by NoVirusThanks.org

NO shit ?! that's the most stupid argument I've ever heard ! You are full of shit. If you leaked it [whatever that means to you] and it doesn't run on vmware then you added an anti-virtual environment => why did you do that ? logic answer => malware. Because you added that type of encryption, protection, I think that you binded something to it, in order that antivirus software can't detect it [av's can't reverse engineere it]

translated : It doesn't run in an virtual environment, be careful...(could be a malware)

Cum as putea sa te contactez "secure", ce preferi ? poti instala simp for yahoo pentru discutii encriptate AES-256 cu chei RSA-2048. BTW acel fpga presupun ca face calcule intensive pentru a afla key-ul sim-ului, sau ? Eram curios daca ai informatii cum anume se " decripteaza " acel key din sim. "Pe baza acestot interogari repetate, interceptorul este capabil sa extraga si sa calculeze Ki-ul (cyphering key-ul - cheia de criptare) stocat pe fiecare SIM in parte." Cat dureaza decriptarea ? ce atac se foloseste ? Am auzit cred ca la hak5 ca in jur de 6 ore pe un pentium 4, imi poti da mai multe detalii tehnice ? Se poate extrage hash-ul fara acel atac de 30 minute ? Sau e de tip chall-resp. PM-ul nu merge pe acest forum. pana una alta documentatie ce trebuie parcursa http://reflextor.com/trac/a51 http://www.gsmfordummies.com/index.html http://www.h33t.com/details.php?id=a6a359c31326ad6816fefe24dc7d53d8df8ad8cf&hl=%2Bgsm http://www.h33t.com/details.php?id=90c24703ae9ad1a5733ec9bacce3ea1b0a820f03&hl=%2Bgsm Btw, voiam sa discutam de procesare pe placa video in loc de CPU/FPGA. generarea unor lookup tables pentru A5/1 pentru a gasi acel key unic din sim mult mult mai rapid.

FSpy, da-mi te rog add vreau sa vorbim ceva de atacul [key-ului] gsm, optimizari.

Totul se invarte in jurul banilor grei...pe astia ii doare'n cur de informatie, distribuirea ei cat mai ieftin ... idiot de idealist ce sunt...

probabil e un inside job...ceva penibil gen keylogger=>sniff

reversing + optimizari pe cpu + sse2 inversarea unui hash criptografic Sc00bz, neinbrucke, barsmonster au lucrat la algoritmi

this is the fuckin holy grail of black hat ! mai trebuie p2p + encrypted mode +polimorfic+ vulnerabilitate windows+mozilla...si suntem toti fripti

What is Stoned Bootkit? A bootkit is a boot virus that is able to hook and patch Windows to get load into the Windows kernel, and thus getting unrestricted access to the entire computer. It is even able to bypass full volume encryption, because the master boot record (where Stoned is stored) is not encrypted. The master boot record contains the decryption software which asks for a password and decrypts the drive. This is the weak point, the master boot record, which will be used to pwn your whole system. No one’s secure! For whom is Stoned Bootkit interesting? 1. Black Hats 2. Law enforcement agencies 3. Microsoft Why is Stoned something new? Because it is the firts bootkit that.. * attacks Windows XP, Sever 2003, Windows Vista, Windows 7 with one single master boot record * attacks TrueCrypt full volume encryption * has integrated FAT and NTFS drivers * has an integrated structure for plugins and boot applications (for future development) “A bootkit is a rootkit that is able to load from a master boot record and persist in memory all the way through the transition to protected mode and the startup of the OS. It’s a very interesting type of rootkit.” – Robert Hensing about bootkits You can download Stoned Bootkit here: Open Source Framework – Stoned Bootkit Framework.zip Infector file – Infector.exe Or you can read more here.

vezi ce porturi sunt deschise...incearca tcpview

poate are un trojan care face black seo... sau poate rulezi un proxy ? tor ?

Wuala este un sistem distribuit de stocare, pentru orice platforma (win/linux/mac) prin care se poate face schimb de fisiere, poze, muzica, videoclipuri, filme cu prietenii, sau cu tot internetul, este un loc unde grupurile sociale infloresc. Este gandit astfel incat sa fie foarte interactiv, usor de folosit, iar informatia stocata de dumneavoastra se va encripta cu cei mai puternici algoritmi din prezent, pentru a va oferi o siguranta si intimitate sporita. Cum merge sistemul ? Rulati o aplicatie care nu va va afecta sistemul, iar pentru inceput veti primi 1 GB de stocare online, iar daca sharuiti spatiu pe hardiscul dumneavoastra puteti sa va extindeti spatiu de stocare online cat doriti dumneavoastra, totul gratuit ! Oferta : 2GB stocare online garantata daca va inregistrati acum accesand linkul de mai jos (invitatie personala). Personal folosesc sistemul de peste 6 luni si sunt foarte multumit de el ! Am uitat sa mentionez : viteze de 5MB/s la upload si download (depinde doar de performantele computerului dumneavoastra si conexiunea la internet ). Wuala - Your personal invitation

troieni poti scrie si in vb6...exploituri pentru win32/linux scrise de cineva nu am mai vazut de muuult mult timp. poate iti faci tu timp sa [ne]explici cate una alta in ASM ?

Nu cred ca o sa fie neme bucuros

o_O suferi ?

Am intrebat retoric "cati crezi ca stiu sa faca un bootloader" presupun ca trebuie cunostiinte de ASM, iar pe acest forum activi sunt doar 2-3 care stiu, si aia dau din an in paste

nervermind...

welcome. sugerez sa nu mai invii topicuri.

Sustin motiunea !