Jump to content

begood

Active Members
  • Posts

    3972
  • Joined

  • Last visited

  • Days Won

    22

Everything posted by begood

  1. Greg Miller's Guide to Lock Picking for Beginners
  2. Are you smarter than a third-grader? Because the online education system used by the Fairfax County public schools apparently is not. Police say a 9-year-old McLean boy hacked into the Blackboard Learning System used by the county school system to change teachers' and staff members' passwords, change or delete course content, and change course enrollment. One of the victims was Fairfax Superintendent Jack D. Dale, according to an affidavit filed by a Fairfax detective in Fairfax Circuit Court this week. But police and school officials decided no harm, no foul. The boy did not intend to do any serious damage, and didn't, so the police withdrew and are allowing the school district to handle the half-grown hacker. washingtonpost.com
  3. begood

    Salve

    Bun venit, anubis.
  4. A block of 86 lines of C# code is creating a buzz online following claims it may make BitTorrent downloads untraceable. The code, sweetly named SeedFucker, is actually an exploit discovered last November that would allow a BitTorent user to fake the IP address of a server from where a file could be downloaded. It could also be used to flood a BitTorrent with dozens of fake peers. The sudden interest in the exploit follows measures in a new UK law, passed last week, where ISPs may be obliged to provide IP addresses to the authorities of files that are said to be infringing copyright. Since the Digital Economy Bill passed in a heavily criticised “wash-up” process in the final Parliamentary session before a general election, coders have been working hard on developing a new generation of download software that will make it impossible even for ISPs to identify where files are being stored. It is unlikely that SeedFucker in its current form would achieve that goal, but the exploit itself has coders excited about the possibilities of a truly anonymous downloading system. Of course, this is not the first time that heavy-handed action on the part of the authorities has caused a rapid evolution in software used to spread files around the Internet. Most famously, Napster was shutdown by the music industry because it allowed people to share and download music files. The weak point in that case was Napster’s own servers which made the connections between users and files. No sooner had Napster been taken down than a new method of file sharing, BitTorrent, was rapidly adopted. BitTorrent allows people to share files held on their hard drives across the Internet in very small pieces, with every person downloading each piece also becoming a source for download so long as they maintain an Internet connection. (The Napster shutdown also led to a big increase in size of the so-called Dark Net where private Internets are set up and taken down outside the view of any authorities). The BitTorrent iteration led to extensive efforts to shut down websites that held the initial seed files needed to start a download, with mixed success. The Pirate Bay became the target of international pressure after it thumbed its nose at both the music and film industries after broadband speeds made the exchange of video files a practical reality. The organization’s website was briefly taken down after a raid by the Swedish authorities. With companies now determinedly lobbying governments to force the providers of Internet access themselves – ISPs – to provide details of exchanged files, coders are working on ways to further anonymize the process. How successful that approach will be, or whether it is an inevitability given enough time, we shall have to see, but watching the enthusiasm surrounding SeedFucker, it is certain that if a solution is found it will rapidly make a mockery of the laws hurriedly passed without sufficient democratic review last week. And after that, where then? Legally enforced requirements for software to use specific port numbers? Mandatory use of iPads so only Steve Jobs can decide what you can use the Internet for? Who knows? ® theregister.co.uk
  5. Have you ever sent out a “tweet” on the popular Twitter social media service? Congratulations: Your 140 characters or less will now be housed in the Library of Congress. That’s right. Every public tweet, ever, since Twitter’s inception in March 2006, will be archived digitally at the Library of Congress. That’s a LOT of tweets, by the way: Twitter processes more than 50 million tweets every day, with the total numbering in the billions. We thought it fitting to give the initial heads-up to the Twitter community itself via our own feed @librarycongress. (By the way, out of sheer coincidence, the announcement comes on the same day our own number of feed-followers has surpassed 50,000. I love serendipity!) We will also be putting out a press release later with even more details and quotes. Expect to see an emphasis on the scholarly and research implications of the acquisition. I’m no Ph.D., but it boggles my mind to think what we might be able to learn about ourselves and the world around us from this wealth of data. And I’m certain we’ll learn things that none of us now can even possibly conceive. Just a few examples of important tweets in the past few years include the first-ever tweet from Twitter co-founder Jack Dorsey (Twitter / Jack Dorsey: just setting up my twttr), President Obama’s tweet about winning the 2008 election (Twitter / Barack Obama: We just made history. All ...), and a set of two tweets from a photojournalist who was arrested in Egypt and then freed because of a series of events set into motion by his use of Twitter (Twitter / James Buck: Arrested) and (Twitter / James Buck: Free). Twitter plans to make its own announcement today on its blog from “Chirp,” the Official Twitter Developer Conference, in San Francisco. So if you think the Library of Congress is “just books,” think of this: The Library has been collecting materials from the web since it began harvesting congressional and presidential campaign websites in 2000. Today we hold more than 167 terabytes of web-based information, including legal blogs, websites of candidates for national office, and websites of Members of Congress. We also operate the National Digital Information Infrastructure and Preservation Program Digital Preservation (Library of Congress), which is pursuing a national strategy to collect, preserve and make available significant digital content, especially information that is created in digital form only, for current and future generations. In other words, if you’re looking for a place where important historical and other information in digital form should be preserved for the long haul, we’re it! How Tweet It Is!: Library Acquires Entire Twitter Archive Library of Congress Blog
  6. Internet Worms' most important feature is the ability to scan for more vulnerable machines. The first part of the scan is to generate a victim IP address - this can be done through a variety of scanning techniques. A good listing is available in the "scanning section" of this paper. This 2 part video series will discuss the programming of a Sequential, Subnet and Random IP address generator. In this video tutorial we will focus on the Random Scanning pattern - which is simply to generate a random IP address and try to infect it. As the Internet has large chunks of unallocated IP addresses this technique definitely has a lot of drawbacks, but most worms use it. Internet Worm IP Scanning Programming Tutorial
  7. The Apache Software Foundation is the latest victim of a targeted attack aimed at its infrastructure - more specifically, at the SliceHost server (brutus.apache.org) hosting their issue-tracking software (Atlassian JIRA). The Foundation is warning users of the Apache hosted JIRA, Bugzilla, or Confluence that a hashed copy of their password has been compromised. Also, that if a user logged into the Apache JIRA instance between April 6th and April 9th, he should consider the password as compromised, because the attackers changed the login form to log them. The attack started on April 5th, when the attackers opened a new issue containing a text with the claim that they encountered an error while browsing some projects in JIRA, and a TinyURL link that led the Apache administrators to a page containing a cross site scripting (XSS) attack aimed at stealing cookie sessions from the logged-in user. Simultaneously, the JIRA login.jsp was targeted by a brute force attack. On April 6th, one of the attack vectors yielded access and the attackers managed to gain administrator privileges on a JIRA account. "The path they chose was configured to run JSP files, and was writable by the JIRA user," says in the official notice. "They then created several new issues and uploaded attachments to them. One of these attachments was a JSP file that was used to browse and copy the filesystem. The attackers used this access to create copies of many users' home directories and various files. They also uploaded other JSP files that gave them backdoor access to the system using the account that JIRA runs under." Three days later, the attackers began collecting and saving passwords at login. They tricked the members of the the Apache Infrastructure team into believing their passwords has been reset and collected their passwords as they changed them back. Unfortunately, one of those passwords matched one on a local user account on brutus.apache.org. From then on, the attackers managed to gain full access to the machine, then to minotaur.apache.org (aka people.apache.org). The Apache team started noticing something was wrong some 6 hours after the attackers began resetting the passwords, and started shutting down everything and notifying Atlassian and SliceHost. As of April 13th, Atlassian patched JIRA. JIRA and Bugzilla are now back online, but Confluence is still down. For more details about what worked and what didn't during this defensive action, and about the changes this attack brought to the Apache infrastructure and policies, read the original post by the Apache Infrastructure Team. Apache.org hit by XSS, bruteforce attack
  8. After much laziness I have finally completed the CSRF tool. I have named it Pinata. Overview: -WARNING - THIS IS NOT A POINT AND CLICK TOOL. YOU SHOULD KNOW WHAT YOU ARE DOING TO USE THIS TOOL. - The tool will generate proof of concept CSRF HTML given an HTTP request. It will automatically check whether it is a GET or a POST request and with further validation for standard POST and Multipart/form POST. - The tool will then create an HTML corresponding to the type of the request. - The GET CSRF HTML includes IMG tag with SRC set to the URL being tested. - The POST CSRF HTML is created with auto submit java script form with names and values from the HTTP request. Working: - Download pinata.zip from the downloads. - It is Python based tool. Needs Python installed – I have developed it on Python 2.6 and recommend using that version. - The tool consists of three files, piñata.py, markup.py and CSRFBody.txt. - To install it create a new directory like C:\Pinata and copy all three files to it. - Piñata.py is the main file and should be run to generate the HTML. - Markup.py is called by piñata.py to generate HTML, I did not develop it and do not take any credit for it - however I would like to thank the developer, it made my life much easier. NOTE:It should not be alerted. - CSRFBody.txt holds the HTTP request. - To use the tool go to a vulnerable page, create a request, capturing the HTTP request in the proxy. Copy this request and paste it in CSRFBody.txt, saving and closing CSRFBody.txt - Run the tool by going to command line and typing C:\Pinata\pinata.py - It should generate the HTML file in C:\Pinata\ Future Direction - I look forward to your suggestions. - Perhaps some features to beat referer header based CSRF protection. - This is essentially a hack so I will work towards cleaning up the current code. pinata-csrf-tool - Project Hosting on Google Code
  9. Proiectul de Lege a Educa?iei a fost aprobat ieri de Guvern. Guvernul a aprobat ieri noua Lege a Educa?iei propus? de ministrul Daniel Funeriu. Proiectul va ajunge acum la Parlament, unde va putea suferi noi modific?ri, iar “pachetul” final va fi gata cel târziu la 15 iunie. Urm?torul an ?colar va veni cu schimb?ri majore pentru to?i elevii. Num?rul maxim de ore pe care îl vor face copiii din clasele I-IV va fi de 20, iar pentru cei de gimnaziu, cel mult 25. Bacalaureatul se va schimba radical. Absolven?ii claselor a XII-a vor sus?ine urm?toarele test?ri: prob? oral? la limba român?, prob? de evaluare a competen?elor lingvistice la dou? limbi de circula?ie interna?ional?, prob? de evaluare a competen?elor digitale, prob? scris? la limba român?, plus înc? dou? probe scrise. «Umani?tii», cei mai chinui?i Cei de la profilul real vor fi examina?i la matematic? ?i ?tiin?ele naturii (subiectele vor con?ine întreb?ri din fizic?, chimie ?i biologie), iar cei de la uman, la geografie ?i ?tiin?ele socio-umane (istorie, economie, sociologie, filosofie ?i psihologie). Cu o evaluare atât de am?nun?it?, elevii nu vor mai ie?i de pe b?ncile ?colii “plante”. Sau, cel pu?in, asta î?i dore?te ministrul Funeriu. Un calcul simplu arat? c? absolven?ii de liceu de la profilul uman vor avea de înv??at la... zece materii pentru Bac: român?, dou? limbi str?ine, informatic?, geografie, istorie, economie, sociologie, filosofie ?i psihologie. libertatea.ro
  10. is pur sange 81%
  11. Researchers from Clear Skies Security have identified a flaw that negates the protection provided by certain Imperva Web Application Firewalls (WAF). This attack essentially bypasses security controls provided by the Imperva device and allows malicious requests to pass through the device unfiltered, allowing for potential application exploitation remotely over the Internet. The Imperva SecureSphere Web Application Firewall is designed to protect web applications against sophisticated online attacks. Using the flaw uncovered by Clear Skies Security, however, Imperva security protections can be bypassed by appending specially crafted data to web requests. When the Imperva device processes the attack code it creates an overflow condition, allowing the malicious payload to pass through unfiltered and directly attack the application. “What makes this attack so dangerous is that automated vulnerability scanners would not have identified this issue, which might give a company a false sense of security,” said Scott Miles, Principal Consultant from Clear Skies Security and one of the original developers of the first automated scanner, Internet Security Scanner. To further complicate things, affected Imperva devices provide no indication when this vulnerability is exploited, so Clear Skies Security highly recommends that other controls within the environment alert on similar malicious activity as a secondary warning mechanism. “Only minimal skill is required by an attacker to make the attack work, which will allow this technique to be easily incorporated into existing exploitation frameworks,” said Gunter Ollman, VP of Research at Damballa, a network security company that detects and terminates botnets and advanced persistent threats. “Criminal botnet operators will likely pounce upon this weakness and target the formally shielded applications – exploiting and then co-opting them to propagate new attacks.” “It is quite rare to find vulnerabilities in security software,” said Brad MacKenzie CEO for Clear Skies Security. “We hope that organizations understand the importance of incorporating manual security testing that leverages the same techniques a hacker would when conducting their security testing and not solely relying on automated scanners.” Clear Skies Security has worked closely with Imperva since identifying this issue, and Imperva reacted responsibly to ensure that their customers are protected. Patches are now available for the affected versions to address this vulnerability. Existing customers are strongly encouraged to apply the update as soon as possible. More information on the vulnerability can be found at: http://clearskies.net/documents/css-advisory-css1001-imperva.pdf CVE - CVE-2010-1329 (under review) Imperva - Altogether Better A Rare Find: New Exploit in Firewall puts Applications at Risk
  12. begood

    Where is esca?

    o legenda a forumului. all kneel esca.
  13. begood

    Where is esca?

    hai ca vine. parca-i viu.
  14. @vlad nu faci nimic fara engleza...
  15. maximul meu 15 ban-uri /day. nytro tu cu ce te lauzi ? @Vlad, bun venit.
  16. Filmarile pentru cea de-a doua parte a peliculei "Spartacus" vor fi amanate din cauza bolii actorului Andy Whitfield. Andy a fost diagnosticat cu cancer. Andy Whitfield, actorul din drama "Spartacus: Blood and Sand", a aflat ca are cancer, in urma unui control de rutina. In varsta de 38 de ani, Andy a fost diagnosticat cu limfomul non-Hodgkin, ceea ce inseamna cancer la nivelul sistemului limfatic. Medicii descriu boala sa ca fiind una "tratabila", deoarece a fost depistata devreme. Colegii de breasla il sustin si inteleg situatia inerenta de a amana filmarile pentru cea de-a doua serie "Spartacus". Andy declara ca nu ii este teama si ca se simte puternic, gandeste pozitiv, mai ales ca prietenii si familia il sprijina. Actorul in varsta de 38 de ani este optimist in ceea ce priveste starea sa de sanatate, dupa ce a fost diagnosticat cu limfomul Hodgkin. El a declarat ca tratamentul a dat deja rezultate, boala intrand in remisie.. Hall se considera norocos pentru ca a fost diagnosticat cu o afectiune care se poate vindeca. Actorul care ii da viata lui Dexter are cancer Andy Whitfield, starul din "Spartacus", este bolnav de cancer
  17. begood

    How to ?

    ...vrea "extensie dubla". keylogger.txt.exe sau keylogger.jpg.exe
  18. se vede perfect. doar cuprinsul l-ai scanat ?
  19. (IN)SECURE MAGAZINE issue 25 (APRIL 2010) * The changing face of penetration testing: Evolve or die! * Review: SmartSwipe * Unusual SQL injection vulnerabilities and how to exploit them * Take note of new data notification rules * RSA Conference 2010 coverage * Corporate monitoring: Addressing security, privacy, and temptation in the workplace * Cloud computing and recovery, not just backup * EJBCA: Make your own certificate authority * Advanced attack detection using OSSIM * AND MORE! http://www.net-security.org/dl/insecure/INSECURE-Mag-25.pdf //fara isbn
  20. A technology guru at Intel Corp. predict that the internet will look significantly different in five to 10 years, when much of it will be three dimensional, or 3D. Sean Koehl, a technology evangelist with Intel Labs, said technology is emerging that will one day change the way we interact with electronic devices and with each other. That could come as soon as five years from now when, he predicted, there will be realistic-looking three-dimensional applications. "I think our lives will be a lot different," said Koehl. "Look at the trends of the last decade or two. Think about computers becoming widespread, and the Internet and these mobile devices. With the availability of all this computing power, we're only beginning to exploit it. Now we're adding more intelligence and more capability. Add that to 3-D worlds and it could be very different than the sort of experiences that we have today." "When we get to the point where suddenly it becomes easy to do something that seemed hard before, then it will be a dramatic change," he added. Of all the emerging technology projects underway at Intel Labs, Koehl said he's most excited about its work on 3-D technology and how it will change the way we interact with online information. He said an initial push to develop three-dimensional online applications was slowed to do more work on 3-D quality and application functionality. "The Internet may never go fully 3-D, but making 3-D environments broadly accessible is probably capable within five years," noted Koehl. "I think it remains to be seen but there are certain kinds of interactions people will want in two dimensions, like reading text. The things we'll do in three dimensions may be things that we don't do at all on the Internet today because it isn't feasible." He explained that speeches at large conferences certainly aren't personal experiences to attendees. Creating a 3-D virtual world, ont he other hand, could let an audience member feel like he or she is sitting at a table with the speaker. "I think it's going to give flexibility to let people really take advantage of virtual realities. The power to shape your environment would be dramatic," said Koehl. "If you look at virtual worlds today, the graphics are a little behind," he added. "Once we get to a certain level of performance, the realism of the 3-D world will change by leaps and bounds. The realism could be like a Hollywood CGI (Computer-generated Imagery) movie in maybe 10 years." Dan Olds, an analyst with The Gabriel Consulting Group, said a three-dimensional Internet would cause a big shift in the way we use the network. "The introduction of a 3-D Internet, with the ultra-realistic representations of people and places, will definitely change things," he added. "We're going to be attending a lot more virtual meetings and fewer physical ones. This also will revolutionize entertainment. Why go to a sporting event, like a football game, when you can watch it in 3-D on the Net and position yourself anywhere in the stadium?" Olds added that this kind of technology, if it works well and is widely adopted, could wreak havoc on industries that depend on people who must travel to various venues, say a football game, a Nascar race or a dog show. If someone can get a better view of of the action on a 3-D Internet, then why deal with the hassles of airline travel, gas prices and crowds? "As the technology gets better, users are going to have a lot more choices," Olds said. "Any game, anywhere, at any time. People are going to be able to do a lot more remotely. Companies could use this technology as a competitive weapon to give customers better service. A lot could shift because of this." http://www.pcworld.com/article/193938/3d_internet_forecast_within_5_years.html?
  21. This week a classified video of a US air crew killing unarmed Iraqis was seen by millions on the internet. But for some, the whistleblowing website itself needs closer scrutiny http://www.youtube.com/watch?v=QJ_zTrjMhX8 It has proclaimed itself the "intelligence service of the people", and plans to have more agents than the CIA. They will be you and me. WikiLeaks is a long way from that goal, but this week it staked its claim to be the dead drop of choice for whistleblowers after releasing video the Pentagon claimed to have lost of US helicopter crews excitedly killing Iraqis on a Baghdad street in 2007. The dead included two Reuters news agency staff. The release of the shocking footage prompted an unusual degree of hand-wringing in a country weary of the Iraq war, and garnered WikiLeaks more than $150,000 in donations to keep its cash-starved operation on the road. It also drew fresh attention to a largely anonymous group that has outpaced the competition in just a few short years by releasing to the world more than a million confidential documents from highly classified military secrets to Sarah Palin's hacked emails. WikiLeaks has posted the controversial correspondence between researchers at East Anglia University's Climatic Research Unit and text messages of those killed in the 9/11 attacks. WikiLeaks has promised to change the world by abolishing official secrecy. In Britain it is helping to erode the use of the courts to suppress information. Its softly spoken Australian director, Julian Assange, was recently in Iceland, offering advice to legislators on new laws to protect whistleblowers. Assange, who describes what he does as a mix of hi-tech investigative journalism and advocacy, foresees a day when any confidential document, from secret orders that allow our own governments to spy on us down to the bossy letters from your children's school, will be posted on WikiLeaks for the whole world to see. And that, Assange believes, will change everything. But there are those who fear that WikiLeaks is more like an intelligence service than it would care to admit – a shadowy, unaccountable organisation that tramples on individual privacy and other rights. And like so many others who have claimed to be acting in the name of the people, there are those who fear it risks oppressing them. Assange has a shock of white hair and an air of conspiracy about him. He doesn't discuss his age or background, although it is known that he was raised in Melbourne and convicted as a teenager of hacking in to official and corporate websites. He appears to be perpetually on the move but when he stops for any length of time it is in Kenya. Almost nothing is said about anyone else involved with the project. WikiLeaks was born in late 2006. Its founders, who WikiLeaks says comprised mostly Chinese dissidents, hackers, computer programmers and journalists, laid out their ambitions in emails inviting an array of figures with experience dealing with secret documents to join WikiLeak's board of advisers. Among those approached was the inspiration for the project, Daniel Ellsberg, the US military analyst who leaked the Pentagon papers about the Vietnam war to the New York Times four decades ago. "We believe that injustice is answered by good governance and for there to be good governance there must be open governance," the email said. "New technology and cryptographic ideas permit us to not only encourage document leaking, but to facilitate it directly on a mass scale. We intend to place a new star in the political firmament of man." The email appealed to Ellsberg to be part of the "political-legal defences" the organisers recognised they would need once they started to get under the skin of governments, militaries and corporations: "We'd like … you to form part of our political armour. The more armour we have, particularly in the form of men and women sanctified by age, history and class, the more we can act like brazen young men and get away with it." Others were approached with a similar message. WikiLeaks organisers suggested that it "may become the most powerful intelligence agency on earth". Its primary targets would be "highly oppressive regimes in China, Russia and central Eurasia, but we also expect to be of assistance to those in the west who wish to reveal illegal or immoral behaviour in their own governments and corporations." But the group ran in to problems even before WikiLeaks was launched. The organisers approached John Young, who ran another website that posted leaked documents, Cryptome, and asked him to register the WikiLeaks website in his name. Young obliged and was initially an enthusiastic supporter but when the organisers announced their intention to try and raise $5m he questioned their motives, saying that kind of money could only come from the CIA or George Soros. Then he walked away. "WikiLeaks is a fraud," he wrote in an email when he quit. "Fuck your cute hustle and disinformation campaign against legitimate dissent. Same old shit, working for the enemy." Young then leaked all of his email correspondence with WikiLeak's founders, including the messages to Ellsberg. Despite this sticky start, WikiLeaks soon began making a name for itself with a swathe of documents and establishments started kicking back. Two years ago, a Swiss bank persuaded a US judge to temporarily shut down the WikiLeaks site after it published documents implicating the Julius Bare bank in money laundering and tax evasion. That revealed WikiLeaks' vulnerability to legal action and it sought to put itself beyond the reach of any government and court by moving its primary server to Sweden which has strong laws to protect whistleblowers. Since then the Australian government has tried to go after WikiLeaks after it posted a secret list of websites the authorities planned to ban, and members of the US Congress demanded to know what legal action could be taken after the site revealed US airport security manuals. Both discovered there was nothing they could do. It's been the same for everyone from the Chinese government to the Scientologists. Yet WikiLeaks worries more than just those with an instinctive desire for secrecy. Steven Aftergood, who has published thousands of leaked documents on the Secrecy News blog he runs for the Federation of American Scientists, turned down an invitation to join WikiLeaks board of advisers. "They have acquired and published documents of extraordinary significance. I would say also that WikiLeaks is a response to a genuine problem, namely the over control of information of public policy significance," he says. Yet he also regards WikiLeaks as a threat to individual liberties. "Their response to indiscriminate secrecy has been to adopt a policy of indiscriminate disclosure. They tend to disregard considerations of personal privacy, intellectual property as well as security," he says. "One of the things I find offensive about their operations is their willingness to disclose confidential records of religious and social organisations. If you are a Mormon or a Mason or a college girl who is a member of a sorority with a secret initiation ritual then WikiLeaks is not your friend. They will violate your privacy and your freedom of association without a second thought. That has nothing to do with whistleblowing or accountability. It's simply disclosure for disclosure's sake." Aftergood's criticism has angered WikiLeaks. The site's legal advisor, Jay Lim, wrote to Aftergood two years ago warning him to stop. "Who's side are you on here Stephen? It is time this constant harping stopped," Lim said. "We are very disappointed in your lack of support and suggest you cool it. If you don't, we will, with great reluctance, be forced to respond." WikiLeaks has also infuriated the author, Michela Wrong, who was horrified to discover her book exposing the depths of official corruption in Kenya, It's Our Turn To Eat, was pirated and posted on WikiLeaks in its entirety on the grounds that Nairobi booksellers were reluctant to sell it for fear of being sued under Kenya's draconian libel laws. Wrong was angry because, while she supports what WikiLeaks is about, the book is not a government document and is freely available across the rest of the world. From email distribution lists she could see that the pirated version was being emailed among Kenyans at home and abroad. "I was beside myself because I thought my entire African market is vanishing," says Wrong. "I wrote to WikiLeaks and said, please, you're going to damage your own cause because if people like me can't make any money from royalties then publishers are not going to commission people writing about corruption in Africa." She is not sure who she was communicating with because the WikiLeaks emails carried no identification but she assumes it was Assange because of the depth of knowledge about Kenya in the replies. "He was enormously pompous, saying that in the interests of raising public awareness of the issues involved I had a duty to allow it to be pirated. He said: 'This book may have been your baby, but it is now Kenya's son.' That really stuck in my mind because it was so arrogant," she says. "On the whole I approve of WikiLeaks but these guys are infuriatingly self-righteous." WikiLeaks does apparently expect others to respect its claims to ownership. It has placed a copyright symbol at the beginning of its film about the Iraq shootings. Assange has countered criticism over some of the material on the site by saying that WikiLeak's central philosophy is "no censorship". He argues that the organisation has to be opaque to protect it from legal attack or something more sinister. But that has also meant that awkward questions – such as a revelation in Mother Jones that some of those it claims to have recruited, including a former representative of the Dalai Lama, and Noam Chomsky, deny any relationship with WikiLeaks – are sidestepped. Despite repeated requests for a response to the issues raised by Aftergood, Wrong and others, WikiLeaks' only response was an email suggesting to call a number that went to a recording saying it was not in service. Who watches WikiLeaks? | Media | The Guardian
  22. Z (Z [at] wechall [dot] net) submitted this cool video to us. According to his submission:- I had to cut this video to a short one, so please use the pause button if something is too quick The mission is to create a new Windows domain administrator - in case we do not have any user in the domain or any local user at the workstation. Prerequisites: 1. Physical access to one of the domain member workstations for ~20 minutes. 2. Every local administrator user on the workstations have the same password. Strong or weak, it does not matter. NO social engineering, NO password stealer, NO password cracker, NO malicious code, NO exploiting zero-day or already patched vulnerabilities. Tools used for the attack: 1. ophcrack (to get the local admin LM&NTLM hashes) 2. Offline NT Password & Registry Editor, Bootdisk / CD from Petter Nordahl-Hagen (to login as local admin) 3. pass-the-hash toolkit from Hernan Ochoa - Core Security (to authenticate with the hashes, so we do not have to crack them) 4. psexec from Mark Russinovich (to run remote commands) Demo architecture: We have at least 3 computers: the workstation (WKS) for which we have physical access, the domain controller, and a workstation (ADMIN-WKS) with a logged in domain administrator (DomainAdmin). Steps: 1. Boot the workstation with ophcrack. Stop the cracking process, and save the hashes. View the hashes, and write the local administrator hashes down with pencil&paper (or copy it on a USB stick, etc.). 2. Boot in with the Offline NT Password & Registry Editor. Reset the local administrator password to blank, and reboot. 3. Login with administrator to the workstation with blank password. 4. Use iam.exe or iam-alt.exe to change the LM&NTLM hashes in the memory. 5. Copy the pass-the-hash toolkit to the admin-wks via an administrator share. 6. Run the whosthere.exe or whosthere-alt.exe to get the DomainAdmin LM&NTLM hashes. 7. Create a local user called DomainAdmin, and login into that profile. 8. Use iam.exe or iam-alt.exe with the DomainAdmin hashes to change the LM & NTLM hashes in the memory. 9. Right now we have the same privileges as the DomainAdmin, so we can create a domain admin for ourself. Or anything else we want in the domain (reset anyone elses password, read someone elses e-mail, etc.). Known limitations: 1. Some Windows versions / service packs are not compatible with the pass-the-hash toolkit, feel free to modify the source or debug the libraries to get the correct memory addresses. 2. Some AV engines detect pass-the-hash toolkit as malicious code, use AV evasion techniques against them. What is cool? 1. It does not matter how complex the local admin and domain admin passwords are. 2. It works even if the domain admins are forced to use smart cards for interactive login. 3. We have not used any of the attacks mentioned above, so it works on fully patched networks with security paranoid admins. How to own a Windows Domain Tutorial
  23. fa un scan, sa citim toti.
  24. begood

    Where is esca?

    va anunt cand apare. daca mai apare.
  25. A recent rant up at Attrition.org highlights problems with the responsible disclosure of security issues. While some vendors are happy to do their own research and patch reported problems, others drag their feet and make unreasonable demands on a researcher's time and effort, making anonymous public disclosure an ever-more-tempting option. Quoting: "After a couple hours of poking, I found a huge unauthenticated confidentiality hole. Once the euphoria wore off, I realized I had a big problem on my hands. I had to tell my employer's app owners and we had to assess risk and make a decision on what to do about it. After some quick meetings with stakeholders, we decided to severely limit access to the thing while we worked with the vendor. The vendor refused to acknowledge it was a security issue. Odd, considering most everyone who sees the issue unmistakably agrees that it is not acceptable. Now I'm forced to play hardball, yet nobody wants to fully-disclose and destroy relations with this vendor, whose software is somewhat relied on. Meanwhile, I know there are hundreds of institutions, small and large, using this software who have no idea that it has flawed security and who would probably not find the risk acceptable. What can I do? Nothing. Oh well, sucks to be them. ... I've had a vendor tell me to put a webapp firewall in front of their software. Did they offer to pay for it? No. That would be like Toyota telling its customers to buy ejector seats (unsubsidized ejector seats, that is) to resolve the accelerator problem in their vehicles. I've had other vendors demand I spend time helping them understand the issue, basically consulting for free for them. Have you ever knocked on a neighbor's door to tell them they left their headlights on? Did they then require you to cook them dinner? Exactly..." Slashdot Technology Story | Why Responsible Vulnerability Disclosure Is Painful and Inefficient
×
×
  • Create New...