Jump to content

Dragos

Moderators
 View Profile  See their activity

  • Posts

    2660

  • Joined

  • Last visited

  • Days Won

    75

 Content Type 

Everything posted by Dragos

  1. Dragos
    Terminati cu saraciile astea.
  2. Dragos
    De ce nu folosesti un modem sa trimiti din linie de comanda? Eu am folosit smstools inainte pentru un proiect de licenta fara probleme. Nu stiu de aplicatie pe Android, dar poti sa-ti faci o aplicatie simpla si sa o incarci pe telefon sa-ti citeasca un csv si sa trimita SMS https://stackoverflow.com/questions/26311243/sending-sms-programmatically-without-opening-message-app
  3. Dragos
    Nu exista un standard pentru cum sa faci query la o baza de date si sa-ti afiseze JSON-uri. Fiecare site are logica lui pentru generarea JSON-urilor in functie de ce au ei nevoie. Incearca urmatoarele: vezi daca poti sa parcurgi JSON-ul dintr-o pagina principala care iti afiseaza toate ID-urile evenimentelor si care poate ofera paginare vezi documentatia de la aplicatie, poate exista vreo metoda pe care nu ai gasit-o pentru query vezi daca aplicatia nu poate cumva sa-ti trimita tie evenimentele la X timp catre un endpoint de-al tau incearca sa contactezi service provider-ul / creatorul aplicatiei sa vezi care ar fi cea mai buna optiune pentru parcurgerea evenimentelor
  4. Dragos
    GDPR? Banned + locked
  5. Dragos
    Trebuie sa gasesti ceva ce poate sa genereze venit pasiv si sa-l implementezi la nivel de securitate cibernetica, de exemplu bloguri/vloguri/social media in care sa integrezi reclame sau vanzare de aplicatii/cursuri (sau sa fii intermediar sau reseller pentru Romania pentru companii mari). Greu nu e, dar trebuie sa-ti dedici timp sa gasesti ceva ce nu e supra exploatat pe piata din Romania sau pe piata pe care vrei sa o targetezi.
  6. Dragos
    Intrebare, ce faci mai exact de ai nevoie de atata monitorizare? Si eu lucrez ca sysadmin (Okta+AD), am loguri generate despre mine (ce am instalat, ce rulez pe calculator, timestamp-uri, alerte daca fac prostii gen sa modific hosts file) si la randul meu creez aplicatii care genereaza giga de loguri zilnice pentru ca lucrez cu date HIPAA. Dar monitorizare la nivel de actiune (screen grabbing, keylogging, etc.) e la alt nivel. Faci ceva in mod special cu datele? Lucrezi hybrid? Esti pe pozitie entry level sau nu au incredere in tine?
  7. Dragos
    Sa adaug la ce a zis gigiRoman, iti instalezi Fiddler pe calculator, configurezi cu ce trebuie si dupa pe telefon te conectezi pe wi-fi pe aceeasi retea cu calculatorul si iti pui datele de la calculator pentru proxy. https://docs.telerik.com/fiddler/configure-fiddler/tasks/configureforios https://www.telerik.com/blogs/how-to-capture-android-traffic-with-fiddler
  8. Dragos

    Buna ziua

    Dragos replied to chas13's topic in Bine ai venit

    Salut si bine ai revenit.
  9. Dragos
    Poti incerca https://fingerprint.com/products/bot-detection/.
  10. Dragos
    Depinde foarte mult ce intelegi prin hartuire. Daca e doxxing, poze furate din telefon, amenintari, etc., mergi la politie si fa plangere. Sunt si ONG-uri care te pot ajuta. Instagram are si un articol sa-i ajute pe politisti https://www.facebook.com/help/instagram/494561080557017. Daca doar te streseaza cu mesaje aiurea sau se ia de tine fara motiv, blocheaza-l.
  11. Dragos
    Ori incerci sa recreezi adresa aia de email si sa-ti recuperezi contul, ori gasesti invitatie la cineva.
  12. Dragos
    This topic is 10 years old.
  13. Dragos

    Caut Administrator/i

    Dragos replied to Kev's topic in Off-topic

    Pe ce nisa sunt blog-urile? Ce ai nevoie mai exact pentru administrare? Cat timp ai nevoie sa fie administrate?
  14. Dragos
    One by one. Use youtube-dl or other similar tools.
  15. Dragos
    Nu trebuie neaparat sa incalce o anumita lege, poate sa-i justifice prin declaratia unica cum fac youtuberii, PFA sau altele, asta in cazul in care ofera ceva la schimb in urma "donatiilor". Daca nu ofera nimic la schimb, donatia e considerata donatie si din cate stiu, nu se poate impozita.
  16. Dragos
    Primesti certificat de nastere nou la schimbarea numelui, cel putin in anumite cazuri. In cazul unui apropiat, a primit certificat de nastere nou dupa ce a luat numele de familie al tatalui adoptiv, chit ca are peste 18 ani.
  17. Dragos
    Pai cand isi striga cineva copiii la masa, te duci si tu cu ei? Iti trebuie motiv concret sa iti schimbi numele, primaria TM are un ghid destul de ok.
  18. Dragos
    Ai ban prin htaccess https://htaccessbook.com/block-ip-address/
  19. Dragos
    S-au pus pe treaba rusii sa readuca la viata Emotet si sa dea cu flood la dusmani.
  20. Dragos
    Ultima data era cineva de la Mediafax care manage-uia feed-ul. Tot Yahoo-ul Romania e facut pe pile, nu are treaba support-ul.
  21. Dragos
    Am incarcat pe Github mare parte din challenge-uri. O sa updatam repository-ul in functie de cum primim sursele. Crypto Coliziune https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/crypto/coliziune Hash-uri https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/crypto/hash-uri Forensics Forensics VM https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/forensics/forensics-vm Miscellaneous Apelul interceptat https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/miscellaneous/apelul-interceptat Discutii https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/miscellaneous/discutii Forum https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/miscellaneous/forum Networking Bruteforce https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/networking/bruteforce Pwn Boferk https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/pwn/boferk PWN Windows https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/pwn/pwn-windows Reversing Shellcode https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/reversing/shellcode Crack me https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/reversing/crack-me Pop-up https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/reversing/pop-up Stegano Steago https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/stegano/steago Web RST Coin https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/web/rst-coin API securizat https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/web/api-securizat Simple Admin Panel https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/web/simple-admin-panel Turnament https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/web/turnament DNS lookup https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/web/dns-lookup Eat safe https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/web/eat-safe Inception https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/web/inception Pastebin https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/web/pastebin Link https://github.com/RSTCon/rstcon-ctf-II-challenges/tree/main/web/link
      • 2
      • Upvote
  22. Dragos
    Daca s-ar sparge usor conturile de Steam, compania n-ar mai fi colosul care e astazi. Vorbeste cu prietenul tau sa ajungeti la o intelegere. Daca nu reusesti, contacteaza support-ul de la Steam sa vezi ce poti rezolva.
  23. Dragos
    Stock goes brrrrr https://www.marketwatch.com/story/okta-shares-fall-9-6-as-fallout-from-data-breach-continues-271648047367?mod=mw_quote_news
  24. Dragos
    Authentication services provider Okta Inc is investigating a report of a digital breach, the company said on Tuesday, after hackers posted screenshots showing what they claimed was its internal company environment. A hack at Okta could have major consequences because thousands of other companies rely on the San Francisco-based firm to manage access to their own networks and applications. The company was aware of the reports and was investigating, Okta official Chris Hollis said in a brief statement. "We will provide updates as more information becomes available," he added. The screenshots were posted by a group of ransom-seeking hackers known as LAPSUS$ on their Telegram channel late on Monday. In an accompanying message, the group said its focus was "ONLY on Okta customers." Security experts told Reuters the screenshots appeared to be authentic. "I definitely do believe it is credible," said independent security researcher Bill Demirkapi, citing pictures of what appeared to be Okta's internal tickets and its in-house chat on the Slack messaging app. Dan Tentler, the founder of cybersecurity consultancy Phobos Group, said he too believed the breach was real and urged Okta customers to be "very vigilant right now." In an email, Tentler added, "There are timestamps and dates visible in the screenshots indicating January 21st of this year, which suggests they may have had access for two months." Sursa: https://edition.cnn.com/2022/03/22/tech/okta-report-of-breach/index.html Screenshot-uri: https://twitter.com/billdemirkapi/status/1506107157124722690
  25. Dragos
    Trebuie sa se alinieze astrele ca sa poata fi folosita vulnerabilitatea. Mare parte din aplicatiile care genereaza PDF-uri iau totul din baza de date. Singura chestie unde as vedea asta e intr-o aplicatie care iti pune semnatura pe un PDF existent generat tot prin dompdf, asta in cazul in care cine a facut aplicatia nu a stiut sa puna validare pe input, macar ceva de genul ^[a-zA-Z -]{6,50}$ O alternativa buna, folosita, testata la dompdf e tcpdf. Face minuni pe shared hosting.
×
×
  • Create New...