Jump to content

curiosul

Active Members
  • Posts

    990
  • Joined

  • Last visited

  • Days Won

    4

Everything posted by curiosul

  1. Ma refeream la flooder nu la creator!
  2. Dati-mi si mie va rog pm cu un Booter bun ca nu m-am mai jucat de mult cu treburi din astea si nu mai am unelte. Is curios sa vad ceva!
  3. Of! Ce va opreste sa verificati daca omul are urcate loguri pe host sau chiar le cauta?
  4. Chestia este foarte simpla si extrem de folositoare pentru cei care au ubuntu sau nu au internet explorer! Te autentifici pe site si dai click dreapta pe "Testare examen onlone" > Deschide intr-o fereastra noua/Intr-un tab nou si bingo! Problema este ca timpul nu apare in alte browsere, dar acesta nu reprezinta neaparat un dezavantaj! Si daca vrei sa dai cuiva care nu are cont sa faca variante este simplu sa trimiti linkul generat: Vedeti si voi ce mai iese de aici!
  5. curiosul

    Minimalsource

    Si la melodii nu ai nici macar un preview? Crezi ca sunt multi care vor descarca direct? Nu mai bine iti faci un canal pe youtube?
  6. De cand trimite Youtube echipe de maimute? Textul full: Textul nu este in base64 ca am incercat sa-l decriptez! Sa fie oare de la traducere?
  7. La misiunea 5 imi da mesajul "Nu ai acces la aceast? misiune.", este un level pus intenteionat? Sau chiar nu am acces?
  8. antivirus free download cu 4.090.000 cautari globale, si mai sunt si altele, ca sa vezi foloseste google keywords tool si poate te ajuta!
  9. O sa-ti explic pas cu pas: Mai intai vezi despre ce parola este vorba: WEP, WPA, WPA2 etc. si in functie de asta adaptezi cautarea pe youtube!
  10. Stiti cumva pe alte tipuri de smartphone merge? Tare is curios cum ar arata ubuntu.
  11. Nu mai bine afli parola cu un laptop si dupaia te conectezi cu iPhone-ul?
  12. Vulnes.com - Ia legatura cu baietii, au servicii de foarte buna calitate, daca ai bani 50$/24h si cred ca sunt capabili sa-l tin 30 de zile jos!
  13. HostMonster - Web Hosting Ai o gramada de servicii nelimitate, doar ca ii 6 euro!
  14. Si? Atata timp cat merge nu ma intereseaza data!
  15. Internet Explorer CSS 0day on Windows 7 on Vimeo 1) Advisory information 2) Vulnerable version 3) Vulnerability information 4) Vulnerability detail Here we have type confusion vulnerability in ActionScript bytecode language. The cause of these vulnerabilities is because of implementation of verification process in AS3 jit engine that because of some miscalculation in verifying datatype atoms, some data replaces another type of data and the confusion results in faulty machine code. Action script has the following structure. First our scripts are compiled using an action script compiler like flex to AS3 ByteCodes and embed it to DoABC, DoAction or DoInitAction tags in swf file format. When flash player opens the swf file, bytecodes are compiled to a jitted machine code through verification and generation process. Verification process is responsible for checking bytecodes to be valid instructions and it pass the valid bytecodes to generation process, thus generation process produces the machine code in memory. According to Dion Blazakis’s JIT Spray paper: Exploitation: For exploitation purpose on recent protections on windows 7 without any 3rd party, it is possible to use the same bug many times to leak the imageBase address and payload address. In our exploit we used three confusion to read String Objects address and accordingly imagebase address. Step1: read shellcode string object pointer by confusing it with uint and use it to leak ImageBase. Step2: leak address of the shellcode with the same pointer and NewNumber trick. Step3: send imageBase & shellcode address as parameters to the RopPayload function, develop Rop payload string and again confuse the return value with uint to read address of RopPayload string. Step4: send address of the rop payload as parameters to the last confused function that confuses string type with class object. And thus address of our rop payload will be used as vtable in the fake class object. Note: In using strings as a buffer for shellcode in action script, it is important to use alphanumeric characters because the toString method converts our ascii character set to uincode thus make our shellcode unusable. 5) Conclusion Finally we got the point that memory leakages are extremely useful in modern exploitation to bypass DEP, ASLR protections. It would be possible to find same atom confusion situation and other object leakage in adobe flash player. Kudos to haifei li for his great research, although it was not that simple to implement a reliable exploit with just slides without attending in talk. 6) Refrences http://www.cansecwest.com/csw11/Flash_ActionScript.ppt http://www.semantiscope.com/research/BHDC2010/BHDC-2010-Paper.pdf 7) Exploit-Code Here you can get our reliable exploit against windows 7 : calc.exe payload Download :Download for free on Filesonic.com if you need other payloads for sure you know how to change it as always feedbacks are welcomed and you can follow @abysssec in twitter to getting updates . #Sursa:Exploiting Adobe Flash Player on Windows 7 | Abysssec Security Research Happy Hunting !
  16. Esti constient de faptele tale daca zici ca ai trimis tuturor cu exceptia parintilor tai?
  17. Poate se nimereste cineva sa dea run la acea aplicatie mai ales daca foloseste IE6, la care diferenta dintre site si pe nu prea este sesizabila. Acuma gandestete ce ar putea sa fie acea aplicatie si o sa iti dai seama la ca ii foloseste!
  18. Free YOUNG PORN MOVIES - XXX Teen Porn, Young Sex Videos, & Teen Clips Vreau o clona la site-ul asta, raspunde la PM
  19. Tu ai facut tutorialul? Sunt sigur ca l-am mai vazut undeva dar nu-mi aduc aminte, o sa caut mai tarziu!
  20. O lista cu cine nu te voteaza nu faci?
  21. Grozav, acum ca au facut public vor sapa si altii si vor incerca smecherii!
  22. Ala ti le converteste in mp3.
  23. Download: http://www.facebookdevil.com/downloads/setup.exe In caz ca nu va descurcati:YouTube - Free Facebook Account Creator Software - Facebook Devil - Facebook Marketing Software Bafta!
  24. Nivel chiar foarte usor
  25. Inverseaza culorile si o sa vezi acelasi lucru.
×
×
  • Create New...