Jump to content

QuoVadis

Active Members
  • Posts

    2713
  • Joined

  • Days Won

    192

Everything posted by QuoVadis

  1. L-a pus in tags, sub titlu. Nu e premium deloc.
  2. In this paper we present a new class of side-channel attacks on computer hard drives. Hard drives contain one or more spinning disks made of a magnetic material. In addition, they contain different magnets which rapidly move the head to a target position on the disk to perform a write or a read. The magnetic fields from the disk's material and head are weak and well shielded. However, we show that the magnetic field due to the moving head can be picked up by sensors outside of the hard drive. With these measurements, we are able to deduce patterns about ongoing operations. For example, we can detect what type of the operating system is booting up or what application is being started. Most importantly, no special equipment is necessary. All attacks can be performed by using an unmodified smartphone placed in proximity of a hard drive. Paper here: http://caslab.eng.yale.edu/publications/2015-fc.pdf
  3. @adrian94 - daca vrei sa prinzi vara/toamna pe aici, te sfatuiesc sa lasi cerseala si sa incerci sa oferi ceva mai intai comunitatii. Iar daca ceri lucruri macar sa fie ceva folositor nu jocuri de copii de 12 ani. E Romanian Security Forum. Citeste si regulamentu lforumului, in special mentiunea la postarile inutile (cum e cea de mai sus ":))" ). Peace! Trashed & closed.
  4. Petya ransomware victims can now unlock infected computers without paying. An unidentified programmer has produced a tool that exploits shortfalls in the way the malware encrypts a file that allows Windows to start up. In notes put on code-sharing site Github, he said he had produced the key generator to help his father-in-law unlock his Petya-encrypted computer. The malware, which started circulating in large numbers in March, demands a ransom of 0.9 bitcoins (£265). It hid itself in documents attached to emails purporting to come from people looking for work. Security researcher Lawrence Abrams, from the Bleeping Computer news site, said the key generator could unlock a Petya-encrypted computer in seven seconds. But the key generator requires victims to extract some information from specific memory locations on the infected drive. And Mr Abrams said: "Unfortunately, for many victims extracting this data is not an easy task." This would probably involve removing the drive and then connecting it up to another virus-free computer running Windows, he said. Another tool can then extract the data, which can be used on the website set up to help people unlock their computer. Independent security analyst Graham Cluley said there had been other occasions when ransomware makers had "bungled" their encryption system. Cryptolocker, Linux.encoder and one other ransomware variant were all rendered harmless when their scrambling schemes were reverse-engineered. "Of course," said Mr Cluley, "the best thing is to have safety secured backups rather than relying upon ransomware criminals goofing up." SOURCE
  5. Vezi sa nu fie pe 192.168.1.1 caci unele routere sunt pe 1.1. in loc de 0.1. Baga un ipconfig /all in cmd prompt si fa-i o poza si pune-o aici.
  6. Daca i-ai dat factory reset cum trebuie, incearca doar cu userul Admin si nu pune nimic la parola si vezi daca merge. Daca nu incearca admin la user si admin la parola.
  7. https://www.theguardian.com/technology/2016/apr/08/man-hacked-random-number-generator-rig-lotteries-investigators-say
  8. Hi @AlexPrada - it would be useful if you could also specify whether this position would be remote or requires relocation. Taking into consideration your spelling & grammar, I dare to presume that said company is somewhere quite far off and this aspect is quite important to many here who might be interested. That will also eliminate time wasting (with signing of the NDA, etc.) on both sides. Also one thing you added in the job description: "Advise us in regard of the possibility in which we want to identify the "entity" that hack us before and retrieve those sensitive documents back" sounds quite illegal even though you (apparently) wish to retrieve what is yours.. It is for the local and national authorities to "play detective". Best of luck! P.S. are you from Mossack Fonseca?
  9. Vezi pe fiverr.com , gasesti like-uri de cumparat acolo si probabil vei iesi mai ieftin. Orienteaza-te dupa cineva cu rep bun si vanzari multe decat aia fantoma cu 1-2 vanzari (probabil facute catre prieteni ca sa-si faca rep).
  10. Mersi dar sunt scumpi si prastie - cel mai ieftin la 200 usd / luna + 50 set-up cica "Bandwidth: 30 Mbps", daca vreau upgrade la un 100 e 300 usd/luna + 50 set-up. Ceream pareri de la oameni care au experienta cu astfel de firme. Nu-mi spune ca esti clientul lor... I forbid you!
  11. @last20 - momentan la ei sunt cu gandul in caz ca nu dau de ceva mai breaz @aelius - Softlayer stiu ca sunt buni dar ma cam ustura la buzunar... o sa ma uit de Hurricane, danke!
  12. Are cineva un managed dedicated server prin vreun datacenter prin US? De cata vreme? Experiente placute cu dansii? Sau companii de evitat? Ma intereseaza daca e posibil intr-un datacenter mai catre Texas - sudul tarii. Multumesc!
  13. ( Din pacate este accesibil doar cetatenilor americani insa se pot vinde cetatenilor americani si impartit profitul ) The Department of Defense (DoD) announced today that interested participants may now register to compete in the "Hack the Pentagon" pilot. The pilot, designed to identify and resolve security vulnerabilities within DoD websites through crowdsourcing, is the first bug bounty program in the history of the federal government. DoD is partnering with HackerOne, a reputable Bug Bounty-as-a-service firm based out of Silicon Valley, to run the Hack the Pentagon pilot over the next several weeks. The Hack the Pentagon bug bounty pilot will start on Monday, April 18 and end by Thursday, May 12. Qualifying bounties will be issued by HackerOne no later than Friday, June 10. The program will target several DoD public websites which will be identified to the participants as the beginning of the challenge approaches. Critical, mission-facing computer systems will not be involved in the program. HackerOne has set up a registration site for eligible participants. Eligible participants must be a U.S. person, and must not be on the U.S. Department of Treasury's Specially Designated Nationals list, a list of people and organizations engaged in terrorism, drug trafficking and other crimes; U.S. citizens and companies are prohibited from doing business with listed entities. In addition, successful participants who submit qualifying vulnerability reports will undergo a basic criminal background screening to ensure taxpayer dollars are spent wisely. Screening details will be communicated in advance to participants, and participants will have the ability to opt-out of any screening, but will forgo bounty compensation. The registration site is now live and can be accessed at https://hackerone.com/hackthepentagon. The Hack the Pentagon pilot is modeled after similar challenges conducted by some of the nation's biggest companies to improve the security and delivery of networks, products, and digital services. By providing a legal avenue for the responsible disclosure of security vulnerabilities, bug bounties engage the hacker community to contribute to the security of the Internet. Individual bounty payments will depend on a number of factors, but will come from the $150,000 in funding for the program. "This initiative will put the department's cybersecurity to the test in an innovative but responsible way," said Secretary Carter. "I encourage hackers who want to bolster our digital defenses to join the competition and take their best shot." The "Hack the Pentagon" initiative is being led by the department's Defense Digital Service (DDS), launched by Secretary Carter last November. The DDS, an arm of the White House's dynamic cadre of technology experts at the U.S. Digital Service, includes a small team of engineers and data experts meant to improve the department's technological agility. SOURCE
  14. Am regasit un link aici: aHR0cHM6Ly93ZS50bC8wVFJFZmhtVkQ1 Nu stiu cate zile va fi valabil. Grab it while it's hot.
  15. Pai daca faci putin research vei vedea ca Gigelul care a postat aici isi face reclama la propriul tool, un fel de spam-reclama, caci vrea sa atraga cati mai multi noobs sa il foloseasca sa prinda si el niscai pesti. Tocmai de asta i-am ediat postarea si lasat fara link-uri.
  16. Draga Stefan, Daca astepti ca cineva sa iti toarne informatie cu palnia in cap din pacate acest lucru nu este posibil. Iar pe langa cunostintele tehnice si practica necesara, trebuie sa ai si un anume talent artistic. Poti sa cunosti Photoshop-ul de la A la Z daca nu ai acel talent necesar. Acestea fiind spuse, uite cateva sugestii: - Ai incercat sa pui pe Google.ro aceeasi fraza care ai pus-o aici in titlu? Doar asa de curiozitate... - Dar pe YouTube.com? - Daca te descurci in Limba Engleza ai incercat sa pui "learn photoshop" pe Google si Youtube? - Daca te descurci in Limba Engleza cauta tutorialele Lynda.com. Sunt foarte multe pe torrente referitoare la Photoshop pentru beginners, intermediate si advanced. - Romanii, pupa-i muma sa nu-i deochi, aveau o fraza inteleapta: "repetitio est mater studiorum" care tradus inseamna "repetitia este mama invatarii". Cu alte cuvinte pune in practica cat mai mult ceea ce inveti. Seteaza-ti anumite tinte tot mai dificile si incearca sa le depaseti constant. Cand te impotmolesti nu-ti fie frica sa folosesti prietenul Google. Ar mai fi unele lucruri de spus referitoare la folosirea acestor cunostinte in scopuri comerciale insa e prea devreme. Succes!
  17. Da, peste 90% din ele au stealer, keylogger, cryptolocker si alte magarii. O sa dau o geana pe cel mentionat de Byte-ul
  18. Daca faceti rost de ceva asemanator care sa mearga pe primedice dau eu satoshi-ul necesar pentru PoC.
  19. @infinite Daca iti sunt de folos si vrei, lasa o donatie aici. 2015, valabil 7 zile: aHR0cHM6Ly93ZS50bC9XUHlxUTRJZDBh
  20. @mumtaz_gohar - we cannot know that the jabber ids you mentioned (eliot@rows.io and black.market@rows.io) belong to him, they could belong to anybody else. If you got in touch through RST, then there should be some inbox messages where he provides you with those. If you didn't get in touch through RST then it's not our business. Unless you can provide a proof that he specifically asked you to discuss through those ids and then screenshots/proof that he sent you the said vps, the topic is closed. Because so far you have only brought accusations and no concrete proof. This should be a lesson in the future to maintain records of what you buy and also mind your own business (if you wanted a vps you could have bought from hundreds of companies online, no need to go through some no-name individuals on the black market unless you're up to no good.). If you have anything else related to this matter you can pm me. T/C
  21. @worm128 - Din cate am inteles respectivul a primit deja un vps de la tine si vroia unul cu specs mai bun. Poate ca ma insel eu, si daca e asa imi cer scuze in prealabil, insa am o banuiala ca ceea ce vinzi tu nu iti apartine ci este ciordit - fapt pentru care este toleranta 0. Astept in urmatoarele 48 ore un PM cu dovada achizitionarii acelui vps care ii l-ai dat (respectivul mi-a trimis detaliile in privat).
  22. @mumtaz_gohar - please use this topic to reply, stop posting in other threads. Do you have a screenshot where he provided you with that specific bitcoin address so you can send the payment? Because that bitcoin address can belong to anybody, it doesn't mean it's his bitcoin address - unless you can prove so. If you provide some screenshots with the entire discussion with him would be useful. Also, as you can see in the very screenshot you posted, it says that he hasn't read your message yet. @Dr.Mengele - vreo explicatie?
  23. I have moved your post here so to avoid off-topic. Mind your language please! I understand you're upset but you can be civilized at the same time. Do you have any proof that shows you sending him that money?
  24. Da, e Drupal. @mariuss_f18 - tema e redenumita in "pariuri" deci nu merge vazuta la un simplu inspect element. Insa daca dai search la niste teme Drupal si te uiti sa vezi care au acelasi layout poate ai noroc sa o gasesti sau daca nu ceva asemanator. Spre exemplu asta - http://refaktorthemes.com/demos/?theme=Porto - si o modifici tu cum ti-o trebuie.
×
×
  • Create New...