begood

"Google has launched the Google Apps Marketplace, providing a venue for third-party, cloud-based applications to supplement Google's own online applications. The program enables integrations with such applications as Google Gmail, Documents, Sites, and Calendar. All told, the effort begins with 50 vendors participating, including Atlassian, NetSuite, Skytap, and Zoho. Participation in Google Apps Marketplace is open to customers of the Premier, Standard, and Education editions of Google Apps. Applications are linked to the marketplace via REST Web services and APIs including OpenID and OAuth." Google opens Google Apps Marketplace | Applications - InfoWorld

nu are rost sa-ti faci inca. acum lucrez la un gpu-rainbowtable generator, inca nu stiu cand il gat(e in alfa), dar va fi de ~30 ori mai rapid ca un cpu. Pana gat tot, keep your pants on. tutorialul site <- vezi paci pana una alta.

A new Microsoft Internet Explorer 0day exploit has been found circulating in-the-wild. According to Microsoft, there are targeted attacks attempting to use this vulnerability. Microsoft published a security advisory for this vulnerability here: Microsoft Security Advisory (981374): Vulnerability in Internet Explorer Could Allow Remote Code Execution The vulnerability is a use-after-free (invalid pointer reference) vulnerability within iepeers.dll and only Internet Explorer versions 6 and 7 are vulnerable. Internet Explorer 8 and 5 are not affected. I’ve found this exploit in-the-wild on www.topix21century.com. The payload download and executes a binary file which connects back to notes.topix21century.com. Here’s the exploit as it was found in-the-wild, a bit un-obfuscated and payload removed – http://www.rec-sec.com/exploits/ie_iepeers_wild.txt And here’s a Metasploit exploit module for this vulnerability. Tested successfully on the following platforms: – Microsoft Internet Explorer 7, Windows Vista SP2 – Microsoft Internet Explorer 7, Windows XP SP3 – Microsoft Internet Explorer 6, Windows XP SP3 Download ie_iepeers_pointer.rb. As usual, this post will update with further references and updates when available. Happy exploitation source

Many people around the world get worried if someone hacks their accounts. So know what to do when gmail account is hacked and how to protect it: #1. Log-in to your Gmail / Google Account and associate a phone number. This is useful because you’ll then receive an SMS text message whenever someone tries to recover your Google password. #2. Create a new email address (on say Yahoo! Mail or Gmail itself) and set this as the secondary email address for your existing Gmail and Google Accounts. Check for emails on this new account manually or through a desktop client via POP3 / IMAP but do not enable auto-forward for the new email address as the original purpose will be defeated. #3. Take a paper and write down the following information about your Google Account. You will need this to verify your identify to Google in case someone else takes over your Google Account and the secondary email address associated with your account. * The month and year when your created your Gmail / Google Account. You can look at the last page of your Gmail Inbox (or go to Sent Items) to get an approximate idea of the date when you created the account. * If you created a Gmail account by invitation, write the email address of the person who first sent you that invite for Gmail. Use a search query like "in:all has invited you to open a free Gmail account" to find that invitation email. * The email addresses of your most frequently emailed contacts (the top 5). * The names of any custom labels that you may have created in your Gmail account. * The day/month/year when you started using various other Google services (like AdSense, Orkut, Blogger, etc.) that are associated with the Google account that you are trying to recover. If you’re not certain about some of the dates, provide your closest estimate*. [*] For Analytics, look at the first date when it started collecting stats for your website(s). For Orkut, look at the last page of your scrapbook. For AdSense, you may take the help of your AdSense account manager. #4. It goes without saying but do not use the same password for your main Google / Gmail account and your secondary email address. #5. If you access Gmail and other Google services over a Wi-Fi network, make sure that you always use the secure URLs like https://gmail.com. Go to Gmail settings and set ‘Browser Connection’ to ‘Always use https.’ This might make your Gmail access a bit slower but your account will be more secure. #6. Once in a while, do refer to that little line in the footer section of your Gmail Inbox that shows the different IP addresses from where your account is being accessed. If you find an unknown IP address, change your Google password immediately. The person who hacked my Gmail accounts configured them with his Hotmail account so he could effectively read all my email communication remotely from his Hotmail inbox without ever logging into my Google account again. I could figure that out only after I saw an IP address from a Microsoft server in my Gmail activity log. #7. You should also consider copying emails from Gmail to another service (like Yahoo! Mail or Hotmail – it is effortless) so when your Gmail account is compromised, you at least have access to all your previous emails. Or you can configure a desktop email client like Outlook or Thunderbird with your Gmail account (via POP3 or IMAP) and thus you’ll have an automatic offline backup of your Gmail Inbox. #8. Do a test run. Log-out of all your Gmail / Google Accounts and initiate the password recovery process for each one of them using this form. This will help you make sure that your SMS settings and secondary email addresses are configured correctly. For Google Apps users #9. You should always have a public email address on your website that others can use to contact you directly. This public email address will also help people find and connect with your on social networks like Facebook, LinkedIn, etc. However, you should make sure that you don’t provide administrative privileges to this email address in Google Apps because if someone hijacks this account, he will effectively take over your Google Apps domain. Create a new user in Google Apps as an administrator and never share this username with anyone else. #10. If you have lost access to your Google Apps dashboard, you’ll have to create a new CNAME record pointing to google.com to verify that you are actual owner of that web domain. To reset the password for the administrator of your Google Apps domain via your domain hosting company, the URL is: https://google.com/a/cpanel/xyx.com/VerifyAdminAccountPasswordReset [*] Replace xyz.com with your own domain address. source: Digital Inspiration: A Technology Blog on Software and Web Applications

am curatat threadul. no more offtopic !

Dojo saves you time, delivers powerful performance, and scales with your development process. It’s the toolkit experienced developers turn to for building great web experiences. The Dojo Toolkit - Download Dojo

The security specialist Objectif Sécurité has optimised its rainbow tables – a common tool used to crack password hashes – to make use of SSDs. The result is, according to Objectif Sécurité's Philippe Oechslin, an acceleration by a factor of 100 when compared to their old 8GB Rainbow Tables for XP hashes. A web form takes the XP-hashes and cracks them for free with the new, ten times larger tables. Oechslin has fitted an elderly Athlon 64 X2 4400+ with an SSD and the optimised tables. This system can, with only a 75% CPU utilisation, crack a 14 digit password with special characters, in an average of 5.3 seconds. Oechslin says that, worst case, it should be able to search arithmetically through 300 billion passwords per second, a speed that is a factor of 500 faster than an Elcomsoft cracker supported by a modern Tesla GPU from NVIDIA. Calculations with rainbow tables achieve the acceleration by pre-computing the intermediate steps of all possible password hashes for a specific algorithm and then storing those results as a table. The more steps that are stored, the bigger the tables and the faster the cracking process. Once the tables no longer fit in memory, the less-used parts of the tables are saved on mass storage devices, previously this would have been a hard disk, which in turn leads to slower access times while searching them. Password cracker 100 times faster with an SSD - The H Security: News and Features

WarDriving.com http://rstcenter.com/forum/20900-warlinux-bootable-wardriving-linux-distribution.rst

* Airsnort will carry out the WEP cracking vulnerability test. * Airtraf for linux, works with all but Lucent. * AP-Status - Perl Code to get status from an Apple Airport * E-Wireless - Enlightenment Wireless strength monitoring epplet * GPS::Garmin is a Perl module that you will need to use Pete's code * A great list of links and software from Guerrilla.net in Boston. * Gwireless - Gnome Wireless strength monitoring applet * Kismet is a Linux wireless network sniffer, works with libpcap and Wlan-NG. * Pete Shipley's Code can be found here and his post about it is here. * Two scripts written by frisco@blackant.net, which he used to map Ann Arbor, MI * A great collection of Wireless Sniffers over at Personal Telco. * Wirestat an X strength monitoring app, also watches dropped packets. * Wvlanmon another strength monitoring applet for X * Prismdump - Program to put prism2 cards into "monitor" mode, lets you sniff raw 802.11 frames, for cracking WEP. * Prismdstumbler is linux / gtk app that uses prism cards in monitor mode. * Radiate is 802.11 frame capturing, creation and injection. * THC-WarDrive THC-WarDrive is a tool for mapping your city for wavelan networks with a GPS device while you are driving a car or walking through the streets. * Wavemon is an ncurses-based app for drivers supported by wireless extensions (iwconfig) * Wellenreiter is a gtkperl sniffing program for Prism2 chipsets. Browse WarLinux Files on SourceForge.net

(New York Post) - A broke former New York Life employee was busted on charges he tried to extort $200,000 from the insurance firm by threatening to smear it with a spam attack of six million emails, the New York Post reported Tuesday. Anthony Digati, 52, allegedly vowed to use a "spam service" and his skills as a "huge social networker" to drag the company "through the muddiest waters imaginable." The Chino, Calif., man also told his ex-employer that the price would increase to $3 million if it failed to pay up by Monday, according to a Manhattan federal court complaint. Digati was declared bankrupt last year with more than $1.2 million in debts. He allegedly targeted the company after becoming "dissatisfied" with the performance of his own universal life insurance policy. Source: The New York Post

___ / /\ /__/\ / /::\ \__\:\ / /:/\:\ / /::\ / /:/ \:\ __/ /:/\/ /__/:/ \__\:\ /__/\/:/~~ \ \:\ / /:/ \ \::/ \ \:\ /:/ \ \:\ \ \:\/:/ \__\/ \ \::/ \__\/ Information This is the frontpage of the IO wargame, one of the wargames of the smashthestack network. Now with added radare. Connection Details You have to use an ssh client to connect to the game. ssh level1@io.smashthestack.org -p2224 password: level1 Need Assistance You can find basic help at the forum, but if you are in real need of guidance your best bet is to log on to irc irc.smashthestack.org #io. Even if you don't need our help, you are welcome to drop by and socialize. The game is still in development and levels get added regularly. io.smashthestack.org

"PayPal is a fucking liar, a cheat and a thug," says Cryptome operator John Young. The eBay-owned payment service closed the Cryptome account last week, with over $5,000 of donations intended for Young in limbo. Last night Anuj Nayar, PayPal's global director of communications, told us by email that Cryptome's account had been restored, but evidence provided by Young contradicts this. Screenshots of the Cryptome PayPal account show Young cannot withdraw money, but can only return donations to donors to the whistleblower website. "I can confirm that all funds associated with Cryptome have been released," said Nayar. Screenshots clearly show the Cryptome account unable to transfer money to another account. Young has refunded donors from his own pocket. With reasoning worthy of a Kafka plot, PayPal told Cryptome it couldn't provide a reason for shutting down the account. "In accordance with our Privacy Policy, we cannot share any specific information regarding this Account with you," Young was told. Young has asked that PayPal provide "any information requested/subpoened of PayPal about me or my website from government, law enforcement, commercial or private parties". He told us: "Cryptome refunded about $5300 on March 5, 2010 without action by PayPal while the account was frozen. No funds have been withdrawn. The account was, and is still, frozen except for the capability of making refunds which I chose to do to get the wad out of PayPal's hands where PayPal could use them for its own purposes contrary to the purposes of the donors." Cryptome has recently published law enforcement liaison guides from companies including Microsoft, Facebook and PayPal. ® Cryptome: PayPal a 'liar, cheat and a thug' ? The Register

The MS HTML Help control activex is prone to a remote CHM help file hijack vulnerability when applications invoke help. Multiple built-in applications are vulnerable to this. The impact of the vulnerability is the loading of the incorrect CHM help file when it resides in the same directory the application invoking help starts in. This proof of concept exploit leverages Notepad to demonstrate the vulnerability. Edu says Important Notice: I take no responsibility of what you do with this information. Test it only in computers that you own or have the explicit permission to perform tests. To the action! The MS HTML Help control activex is prone to a remote CHM help file hijack vulnerability when applications invoke help. Multiple built-in applications are vulnerable to this. The impact of the vulnerability is the loading of the incorrect CHM help file when it resides in the same directory the application invoking help starts in. The best attack vector I found for this, surprisingly is the safest and simplest Microsoft built-in application: Microsoft Notepad. Yes, the first remote code execution vulnerability involving the good old Notepad, and the vector as you are likely thinking of is an innocent TXT file, which can be opened in the local disk or in a remote Netbios share. (in the same directory of the file notepad.chm). Some user interaction is required though, specially if the file is invoked in a remote network share. Reason is, as Microsoft states, CHM files running in any security zone other than the local machine doesnt work. Well, this is partially true: When there is a table of contents (.hhc) file in the CHM, and it has the "local" parameter of an object tag pointing to a javascript URL, when the user clicks, the javascript URL is executed under the context of a local html file, which HTML Help uses to display an error page (reS://ieframe.dll/navcancl.htm), meaning the script code is parsed in the context of the local machine security zone, therefore arbitrary code can be executed. So, what the user needs to do in order to have arbitrary code executed ? 1) In a remote scenario : double click a text file located in a remote Netbios share, proceed to press F1 key and then click on a topic (in the left pane of the HTML Help window) 2) in the local computer, when eg. extracting files from a zip archive : double click a text file and then press F1. this is enough to run code, because the embeded HTML files are processed in the local machine security zone context, and can, for example, use the HTML Help activex and the shortcut parameter to run arbitrary programs automatically. Severity : medium-low / medium Impact : arbitrary code execution 2 POCs are provided, one that works on the local disk and the other on a remote network share. Network shares can be automatically invoked by Internet Explorer, upon accessing a webpage. instructions : place all the files in the root directory (C:\) put the start.htm in a webserver and access it with IE. it will open a default share (\\127.0.0.1\c$) all the code is executed having the above address as base, so if you are going to change stuff, edit all the files, else it wont work. If all works fine, you should see cmd prompt and calc being executed. You will need HTML Help Workshop to extract the files from the 'Notepad.chm' file and edit the script code in the 'notepad.hhc' file. System Affected : tested on Windows XP SP3 fully patched, 2000 SP4. Windows Vista and 7 are not affected because they use a new help system. Affected applications : most windows applications that utilizes the HTML Help control to display help to the user. This includes : Paint, Image and Fax Viewer, Wordpad, Internet Explorer (any version), etc. But the problem with these is : a) Paint on XP doesnt have by default any type of file associated. ON Windows 2000, bitmap images open in Paint by default so it can be a good vector on windows 2000. Image and Fax Viewer, this is a dll loaded in Explorer.exe process which by default starts in the user´s base dir (XP) so the only chance is placing a chm in the user´s base dir. not a good vector. c) Wordpad. it is forced to start in the "my documents" dir. not a good vector. d) Internet Explorer. it is forced to start in the user´s desktop dir. not a good vector. e) Notepad. good vector on both XP and 2000. -> using it! Researcher who found this funny bug: Eduardo Prado. .:[ packet storm ]:. - http://packetstormsecurity.org/ md5 : 3f0edb83fb8c525b3c7a93556ab16cc7

This was written by Michael Cheek on Wednesday, March 10, 2010, 8:07. At last week’s RSA Conference, security researchers with TippingPoint’s Digital Vaccine Group presented their research into mobile botnets. To date, the largest mobile botnet was centered predominately in Europe on “jailbroken” iPhones. Researchers Derek Brown and Daniel Tijerina were able to fool around 8,000 iPhone and Android users into “joining” a mobile botnet by downloading a seemingly innocent weather app. The app, called WeatherFist, captured a user’s GPS coordinates and telephone number before transmitting the weather data. The exercise was designed to demonstrate how social engineering techniques could be used to create a mobile botnet. The app was not available in the official apps stores but was posted in third party apps stores. Despite this seeming lack of legitimacy, thousands of individuals still downloaded the app. Researchers Create Mobile Botnet with Weather App | The New New Internet

A suburban Pennsylvania woman who went by the online alias JihadJane used the internet to recruit Islamic terrorists and to plot the assassination of a Swedish cartoonist who depicted the Prophet Mohammed, according to a federal indictment unsealed Tuesday. Colleen R LaRose was charged with conspiracy to provide material support to terrorists, conspiracy to kill in a foreign country and related charges, according to an indictment filed in US District Court in Pennsylvania. She has been detained since October, but the charges were only made public on Tuesday, following the arrests of others. According to prosecutors, LaRose began a series on online correspondences with unindicted co-conspirators after posting a comment on YouTube under the alias JihadJane that stated she was "desperate to do something somehow to help" Muslim people who were suffering. She said her blond hair and blue eyes were assets that would allow her to "blend in with many people". One conspirator directed LaRose to travel to Sweden, hunt down a resident there and to kill him, the indictment claims. Her answer: "I will make this my goal till i achieve it or die trying." The identity of the Swedish resident was not revealed in court documents, but numerous published reports, citing people familiar with the investigation, said it was Lars Vilks, a cartoonist who ignited outrage in the Muslim world after depicting Muhammed with the body of a dog. LaRose, also known as Fatima LaRose, allegedly corresponded with at least five conspirators to recruit men and women with the ability to travel in the US and Europe. In March 2009, she agreed to live in Sweden and marry one of the conspirators so he could live in Europe. If convicted, LaRose faces a maximum sentence of life in prison and a fine of $1m. ® Suburban woman accused of using net to recruit terrorists ? The Register

I found the camera to be quite good functionalities-wise, although I’ve experienced availability problems with it. It seems the camera freezes every once in a while. Well, this is true at least when you heavily customized its configuration which is what I’ve ultimately done after playing so much with it. I’ve loved playing with embedded devices for a while, and as a security researcher I find it quite an interesting topic as many "de facto" security principles that are usually (attempted to be) followed when designing other types of systems are not often applied to embedded devices. This, I believe is due to lack of limitations in hardware resources, and lack of awareness on consequences of getting a miscellaneous device compromised. i.e.: "who cares if my IP camera gets owned?" During the next days, I’ll be posting some vulnerabilities I’ve found. Some of them are fun and serious, while others you might find kind of boring. Meet the target You can learn a lot about the specs of a device by simply reading the product’s literature. However, sometimes not enough info is provided in these documents. The following are some of the specs I confirmed by interacting with the camera in various ways: * CPU: Faraday FA526id(wb) rev 1 (v4l) according to /proc/cpuinfo * OS: Linux version 2.4.19-pl1029 according to /proc/version plus Busybox (confirmed as the file /bin/busybox exists on the filesystem) * HTTPD: thttpd 2.25b (extracted from banner returned on default html error pages and ‘Server:’ HTTP headers) * Memory:30908 kB (32 MB?) according to /proc/meminfo * Firmware Version: V1.00R22 and V1.00R24 (latest version available as on 16th April 2009) Hacking Linksys IP Cameras (pt 1) | GNUCITIZEN Hacking Linksys IP Cameras (pt 2) | GNUCITIZEN Hacking Linksys IP Cameras (pt 3) | GNUCITIZEN Hacking Linksys IP Cameras (pt 4) | GNUCITIZEN Hacking Linksys IP Cameras (pt 5) | GNUCITIZEN Hacking Linksys IP Cameras (pt 6) | GNUCITIZEN

It goes without saying that sensitive information such as passwords or pass phrases should never be stored in plain text in the database in the first place. The common practice is to hash the user password and store the hash string of the password in the database. When the user tries to log in and supplies his password, it is used to generate a hash string to be compared to the one stored in the database. If they are identical, the password is the same because the chance of 2 distinct strings having the same hash string is so low that it’s mathematically impossible. This approach may be secure in the 70s of the last century, but barely any more. Thanks to unprecedentedly cheap computing power now, rainbow tables, the mapping function from hash strings to any possible combinations of keyboard characters (alphanumeric, punctuations, etc.) have rendered this password storage / validation method insecure. With a mapping table of trillions of hash to cleartext pairs, it takes only 160 seconds to crack the password “Fgpyyih804423” which most of us would generally agree is fairly safe. What can we do? Provide a random salt when you are hashing the secret text. For instance with the PHP’s SHA1 hashing function: $my_hash = sha1('whatever salt you put here would do,,,???'.$secret); As you can see, the salt string can be whatever you like, in a random manner, prefixed and / or suffixed to the secret text before it is hashed into a hash string which will be stored. This way, because the cracker has no idea what the salt is, there’s no way he can create the right rainbow table to perform the crack. Even if he does, he would have to specifically build a rainbow table to crack your database which can be time-consuming. Therefore, to make this much more difficult for the cracker to break the passwords in the database, you need to use different salt for each of the password entries in your database: $salt = generate_random_salt(); // your in-house function that generates a random salt, perhaps by uniqid(mt_rand(microtime())) $my_hash = sha1($salt.$secret); // the $salt must then be stored in your database on a per entry base // this function is the same as hash('sha1', $salt.$secret), but a better algorithm would be hash('whirlpool', $salt.$secret) When the salt string is a per application constant, you can store it rather obscurely somewhere in your application code. However when you use random salt strings, you will have to store it correspondingly with the hash string $my_hash in the database, or otherwise you won’t be able to generate the correct hash string of the password user provides for authentication against the one stored in database. It doesn’t even matter if the cracker gets the database and knows all the random salts, because he’d have to create and run through a huge rainbow table specific to each of the random salts to crack just one password. It’s so squarely and prohibitively time-consuming that he’d definitely give up. A better yet approach to defend against rainbow or dictionary attacks is to be creative in generating the hash string – such as taking the username string into the generation and implementing multiple layers of hashing, in a playfully diversifying manner. At last, it is recommended that you generate the initial hash string (the one to be stored in database) by running 1000 iterations of hashing instead of just 1. The extra computing burden on your server is negligible while it will increase the time needed to crack a single password by 1000 times at the cracker’s end. The point is to make the hashing process as slow as possible rather than the other way around. As the cracking usually makes password guesses and trial logins at a much higher paced speed, the slowness will have a much more detrimental effect on the cracker than on your website. Just Hashing is Far from Enough for Storing Passwords – How to Position against Dictionary and Rainbow Table Attacks

Sourceforge ar putea sa-mi hosteze toate tabelele Freerainbowtables (~2 TiB) ? Am observat ca ophcrack isi hosteaza tabelele gratuite acolo, dar acelea ocupa doar 700 mb or so. Idei ?

It's a common misconception among application developers that program memory is "safe" and anything stored in clear text in memory cannot really be hacked. Unfortunately, nothing could be further away from the truth. In this video created by John Strand from PaulDotCom we see how simple it is to identify and dump passwords from computer memory. However, in most cases one would need administrative privileges to be able to dump memory. But once a hacker has that he could very easily crack other passwords used on the system simply with a memory dump. This video uses the Mantech Memory DD tool for the demo. SANS has a nice listing of tools which can be used for memory dumping on windows here. Try them out! Happy Memory Hunting download : Download Memoryze 1.2.1.1 - Perform advanced analysis of live memory while the computer is running - Softpedia Search and Dump Passwords from Memory using Memory DD Tutorial

I had this laying around for a few years now. Maybe someone finds it useful n00bk1t ------- 0x01 About ---------- n00bk1t is a user-mode (ring3) rootkit. It is very similar to hxdef but it's written completely in C (well, 99% of it). It has the ability to hide processes/files/regkeys/ ports/services/.... It also logs windows login (local,via TS and runas) information and ftp/pop3 (plain/ssl) password(s). It's not perfect but it fool's alot of users 0x02. Configuration ------------------- n00bk1t uses string resources instead of a configuration file. This leaves us with one file. Resources are easily editted with a resource editor like PE Explorer or ResHacker. That's why i advise you to use a packer/crypter on the final exe. Multiple configuration items in one string must be delimited by ; (fe. root.exe;shit.exe) For ports you can use ranges, fe. 1001-1050;666;10-20. Space regkey contains a string value in the form of "DISK"="SPACE_TO_HIDE_IN_BYTES", fe. "C"="100000000". (you can use 64-bit numbers). Regkey must start with: \\Registry fe. \\Registry\\Machine\\Test String values: String 01 -> Root process(es) String 02 -> Hidden process(es) String 03 -> Hidden driver(s) String 04 -> Hidden file(s)/directory(-ies) String 05 -> Hidden local tcp port(s) String 06 -> Hidden remote tcp port(s) String 07 -> Hidden udp port(s) String 08 -> Hidden regkey(s) String 09 -> Hidden regkey value(s) String 10 -> Hidden service(s) String 11 -> Hidden space regkey String 12 -> Login/ftp/smtp/pop3... logfile String 13 -> Run as service ? (0=No/1=Yes) String 14 -> Service name String 15 -> Service display name String 16 -> Service description String 17 -> Shell name (unused for now) 0x03 Usage: ----------- If you set String 13 to 1, n00bk1t wil try to install and start itselfs as a service. If that fails or String 13 is set to 0, n00bk1t will run as a normal process. Parameters: -ui: uninstall, unstable (does not delete service) -ud: update (you can edit the resources and then perform an update) 0x04. Thanks to: ---------------- - Holy Father, creator of hxdef. RIP - z0mbie, creator of a lots of things, i'm using his LDE 1.05, thx dude, wherever you are - Greg & Jamie, the guys from rootkit.com, and not to forget the rootkit.com community ! - Agner Fog, creator of the random c lib i use - Ratter, also creator of a lots of thing, i thank him for his work on the lsalogonuser hook - Einstein, for his work on the raw registry stuff - PE386, for the blacklight file hiding idea http://www.rootkit.com/vault/jeffosz/n00bkit_v0.9d.zip

At age 55, men can expect another 15 years of sexual activity, but women that age should expect less than 11 years, according to a study by University of Chicago researchers published early online March 10 by the British Medical Journal. Men in good or excellent health at 55 can add 5 to 7 years to that number. Equally healthy women gain slightly less, 3 to 6 years. One consolation for women is that many of them seem not to miss it. Men tend to marry younger women, die sooner and care more about sex, the study confirmed. Although 72 percent of men aged 75 to 85 have partners, fewer than 40 percent of women that age do. Only half of women 75-85 who remained sexually active rated their sex lives as "good," and only 11 percent of all women that age report regularly thinking about or being interested in sex. Among those age 57 to 85 not living with a partner, 57 percent of men were interested in sex, compared to only 11 percent of women. "Interest in sex, participation in sex and even the quality of sexual activity were higher for men than women, and this gender gap widened with age," said lead author Stacy Tessler Lindau, MD, associate professor of obstetrics and gynecology at the University of Chicago. But the study also "affirms a positive association between later-life health, sexual partnership and sexual activity," she said. Lindau and co-author Natalia Gavrilova focused on two large surveys, the National Survey of Midlife Development, involving about 3,000 adults aged 25 to 74 and completed in 1996, and the National Social Life Health and Aging Project, involving another 3,000 adults aged 57 to 85, completed in 2006. Participants provided information about their relationship status and rated the quality of their sex lives and how often they had sex. They also rated the level of their general health as poor, fair, good, very good or excellent. The results showed that men are more likely to be sexually active, report a good sex life and be interested in sex than women. This difference was most stark among the 75 to 85-year-old group, where almost 40 percent of men, compared to 17 percent of women, were sexually active. The study also introduced a new health measure, "sexually active life expectancy," or SALE, the average remaining years of sexually active life. For men, SALE was about ten years lower than total life expectance. For women it was 20 years lower. Men at the age of 30, for example, have a sexually active life expectancy of nearly 35 years, but they can, on average, expect to remain alive for 45 years, including a sexless final decade. For 30-year-old women, SALE is almost 31 years but total life expectancy is more than 50. So men that age can anticipate remaining sexually active for 78 percent of their remaining lifespan, while women at 30 can expect to remain sexually active for only 61 percent of the remaining years. The authors conclude that "sexually active life expectancy estimation is a new life expectancy tool than can be used for projecting public health and patient needs in the arena of sexual health," and that "projecting the population patterns of later life sexual activity is useful for anticipating need for public health resources, expertise and medical services." In an accompanying editorial, Professor Patricia Goodson from Texas University says Lindau and Gavrilova's research is both refreshing and hopeful. She says: "the study bears good news in the form of hope ... the news that adults in the US can enjoy many years of sexual activity beyond age 55 is promising." Goodson adds that many unanswered questions remain in the field of older people and sexuality, such as problems with measurement and silence regarding the sexual health of ageing homosexual, bisexual or intersexed people. "They stand as dim reminders of the limitations inherent in applying science to the study of complex human realities, and the cultural values shaping the topics we choose to study," she concludes. Life is shorter for men, but sexually active life expectancy is longer

Botnets, which are networks of malware-infected machines that are controlled by an adversary, are the root cause of a large number of security threats on the Internet. A particularly sophisticated and insidious type of bot is Torpig, which is a malware program that is designed to harvest sensitive information (such as bank account and credit card data) from its victims. In this talk, we report on our efforts to take control of the Torpig botnet for ten days. Over this period, we observed more than 180 thousand infections and recorded more than 70 GB of data that the bots collected. While botnets have been hijacked before, the Torpig botnet exhibits certain properties that make the analysis of the data particularly interesting. First, it is possible (with reasonable accuracy) to identify unique bot infections and relate that number to the more than 1.2 million IP addresses that contacted our command and control server during the ten day period. This shows that botnet estimates that are based on IP addresses are likely to report inflated numbers. Second, the Torpig botnet is large, targets a variety of applications, and gathers a rich and diverse set of information from the infected victims. This allowed us to perform interesting data analysis that goes well beyond simply counting the number of stolen credit cards. In this talk we will discuss the analysis that we performed on the data collected and the lessons learned from the analysis, as well as from the process of obtaining (and losing) the botnet. How to Steal a Botnet and What Can Happen When You Do Tutorial

mi-ai luat-o inainte in clipa asta postam. cine ne ajuta cu trojan-ul ? is curios cum arata

Google

shellforge enables you to write shellcode programs in C. It transforms C program code into shellcode that will run on a Linux/x86 system. It provides macros to substitute libc calls with direct system calls and a Python script to automate compilation, extraction, encoding, and tests. ShellForge prezentare http://www.secdev.org/conf/shellforgeG2_csw04.pdf exemplu: #include "include/sfsyscall.h" int main(void) { char buf[] = "Hello world!\n"; write(1, buf, sizeof(buf)); exit(0); } $ ./shellforge.py hello.c ** Compiling hello.c ** Tuning original assembler code ** Assembling modified asm ** Retrieving machine code ** Computing xor encryption key ** Shellcode forged! \x55\x89\xe5\x83\xec\x24\x53\xe8\x00\x00\x00\x00\x5b\x83\xc3\xf4\x8b\x83\x67\x00 \x00\x00\x89\x45\xf0\x8b\x83\x6b\x00\x00\x00\x89\x45\xf4\x8b\x83\x6f\x00\x00\x00 \x89\x45\xf8\x0f\xb7\x83\x73\x00\x00\x00\x66\x89\x45\xfc\x8d\x4d\xf0\xba\x0e\x00 \x00\x00\xb8\x04\x00\x00\x00\xc7\x45\xec\x01\x00\x00\x00\x53\x8b\x59\xfc\xcd\x80 \x5b\xb8\x01\x00\x00\x00\xc7\x45\xec\x00\x00\x00\x00\x53\x8b\x59\xfc\xcd\x80\x5b \x5b\xc9\xc3\x48\x65\x6c\x6c\x6f\x20\x77\x6f\x72\x6c\x64\x21\x0a\x00