Jump to content

curiosul

Active Members
 View Profile  See their activity

  • Posts

    990

  • Joined

  • Last visited

  • Days Won

    4

 Content Type 

Posts posted by curiosul

  7. Cum sa faci teste DRPCIV folosind si alte browsere!

    in Off-topic

    Posted

    Chestia este foarte simpla si extrem de folositoare pentru cei care au ubuntu sau nu au internet explorer!

    Te autentifici pe site si dai click dreapta pe "Testare examen onlone" > Deschide intr-o fereastra noua/Intr-un tab nou si bingo!

    Problema este ca timpul nu apare in alte browsere, dar acesta nu reprezinta neaparat un dezavantaj!

    Si daca vrei sa dai cuiva care nu are cont sa faca variante este simplu sa trimiti linkul generat:

    drpciv.ro/dl-public-exam/examLogin.do?timestamp=?????????????

    Vedeti si voi ce mai iese de aici!

  9. Ciudatenie YouTube

    in Off-topic

    Posted · Edited by curiosul

    De cand trimite Youtube echipe de maimute?

    526201140407pm.png

    Textul full:

    F3HO_fNKrhxb0Rj6WXe0kqO9b-isarE9Uua5QRqlKlYtxJH9Ee_3wI4mMcQo

    AmcDAHjx9wWv9H4pv8IpOI7QUBz3xK5Gn4RIGyypKYC4VPG5ENMWkWx9mRL5

    NmdgaGsgHbZ24KYXANGD6uah33026YLs-IxIrNyOopUCuIMI2d8lY66zQLa8

    WFk7mNmegezhnntPASQNWnCAHxF4LmYQERASIwlbvN0DcvqRWic0c63gpmIr

    JGlWaXSE9x-oYVVOZhiWBBbY0yWL9xl6p6ATufWB75-TGvLz3XC6id9y0Kud

    B2tBzCNWA0zPIGV4CFJ8O9a-fhJEljYY2oFXYImanx4JVncOFU7k1pr9MC-K

    HcmZukaW7upj89nKJj0eNOrB04zRHEqciBcQJZLM4sz2uY0N8jqqECCCqGSJ

    uYSdqs_LgWhyBNI1tVnpi3lq13tyRZSyh2l1R6qJl7946vjTGrc5-t9_UiHa

    EyUEY_SHPRzNsof64d_g6_GBetDPTC2teTGh3RLrR7vssHw_33E2E4DBFzZk

    yI5GILDaT3JFohxlUiuxtJ5HB57xFbiR7beRlRNVmUEmfSwRCwbIPND4ERID

    m8_XNq1tBMrgpOHxm0oUVcdSpew5UwmUYC_BGF0zfMJD-fqmPtuiIBcx0KMx

    nlfoDQBRV2XxNICvxBRtX86P5OaPHa3SdzrQXSIv_K6NrH-eNvyRb-w6u1H-

    _4VyFsepnRRxIWitf87B7Nd6wXJ9pbztw-6FYX_fQRO03rXqQf_TBw4ecjk_

    u0YRFm9kFe9vaMrTyAUVZimt4Gxhuf7tLtuGDhj8HViOCqHDsYfWCEUboGOQ

    0n9PEeQafsFFa19Z5Wvh8JpPS8wjyGML6mP_UGStxC85xCDOMYcQ20m3lDBI

    FPCnfb-CJdb5C9AwIpL6iVeWsc2FgTLZiNEj3zcX6uzvfEgeCforQAgvk7sI

    TJIFxwqBfh3QrOAJh5cZI_1faas2ICBc9e6ur0Htz0RGJ45bRQ-iAGlkYesX

    oPlrg8UUIwpeYWMGJhhNIt1B68IgUaR7oKE_uEANqafer_m9RbhfBSX62Mvp

    Rw8OmZDIr2cjYmbJ8GujGcSyaf-J8tXUaQI8s6XS_mcDCG-w7w3G1laMhL3b

    W9fFtK3jTqJykpYMxBElvPzQtIicw4sPDE2-QX5R_I4mbAHkwH6A1i3liYaf

    ocFlffAm7gVhEqv0kuxYEFXiRbjjBH8hlQtT4KxSRQBS6C51JdLFvUQaGup3

    jO0Z0Ky6140wfgi3cTcJzoLoDe0Bqfj_sSNn4dtQVQ96xL15q4KO1z3jh8Eb

    7s3Mpl7nLQXFRl5YsDw2wxaOREL3Es_DT6TF_ugeOghdILjH6W9eRCgAOB34

    eHCOakLK3QJ3VpC2LW_VCNneVTmzEWnYeqhnybVWNhGA7eOTwOAftkSOgCIi

    iREDhTI8JYXngE2nyFKjcPfgJwHvhK7CaaJECE9CBL0D30HiRt8aaCVqrklc

    INrgo-tPi0hWyWB-v3bpFzmuPJXu25NqMFgDpfD5YbauiPJ6MmK4o8zOu3s3

    cPMRXxFldwopAVxJR8KJD8VsdliVvA2C_Z0h08l6gVA3ko_8S4TDqUVaWXga

    j4tFVd9QsaGM21dIPxn6ofVyYizg0PCLLwy_cyy1SUSzh4YL1rX4H-16D9Q2

    F-jePkEYl4zP2c5JsexprcD9VQbSJoMiaaSXQZX3nUjor3O21ub7bGIGnn5S

    81l7m4TUfcX0_FzQprkNEBCO_1ovA8WxM8nzj8z4YyTudULSuMqcT1Q5jKEb

    Tx9LlTw6pYVZzA8TTjNf4SOKFGkGshKdt5Ze37G-LuJNTy0FZWa_xsrup-ps

    WqeeiOYyf5MJcRadAOsi2FJzT9YYjnpM7ipyU6KtwaOifdcLuEIJwOV0qDPc

    sh6_hJTV9g3ycLieEasfv1jTe-9wnZLIWmTtKQvPt7EEDdDy4EyaDnJFHTMZ

    162uLrAxOTSRrZEbk1UGlan_GlVsuXK0mAEcct0pxz1tqzqKg5Fvn0-EjNwC

    0uLvGYQ__1FJwSsKRUradA4I1blXHllniZoqRXD6fkfa2C4xw0vcU4mU78IX

    96AtBBVHLjLJ2BN2UOYyiTjZ5JTyH_QDF1eS4vvz17-WppThYitH30WCAcuD

    _ibhlmnDBHMAYZEmK09hD3HEcWe0C8VrykJKnV9vijiyQTPtRgG7lhD9wA5u

    grr5kt1EOzec1aBx4LKlMeo5edbD6sVqCfpKplfi2PBYHd6LjTR-DFQtvbs9

    mz1-utU5D5tHUG0W5D7Og783GcDERtR7rUk8G9B3l6UxFEHOS_VXS_I3k8o1

    FSEiMEurA0md7LcjHN7ct-8aMYXT4Ecl4MNLzuPYTvAhBZwZWHfzl02gTpEi

    QYo5OqjJtgsNGKhqUjYoRy9tO-bc10RFWpk2LIifYAqBpmlRoO-ZZo9Ca8_E

    FBTvIwbH2JdoRk87_mwj3CBk1Cjc7kjwAZbe-GHH3yzAvLga3eNpmZPlMJev

    XAm0ULW6n46Jby40e9V4cykJPciQQXqVz5sIW3-Y7cMwZ1_3UhpS9KAT_fGW

    MXTGXlz-eDAjb5tyV1KiAdvAgavhmgeEKWkmW2ZxX_SA5iXY24ELFke_96hg

    60B2U-ObXI1LGnw6hN8yYmkCMeq_DCS6tPH1TBM7KyvfHLcnH4_XURWU4iKQ

    qeHq3nO5g1Vwm6AFDVAXMLki15Co7Z3RkhZvKaN87VwXdPxKtJMgy3bGq2KG

    mMU4k-c4mdm8PCvJynRa0zznz75YEWaWC1hRhr_H25SYxzhl7aYLbCe7n96B

    Y4GlAHwns1O1OmxmxLYRNC71CH5qe038kCNOAEl3ertTB__h2qwHgbIpKGb_

    -FUbhPUMpvFSkGRgtcHVpXPfYoXCV7By8CEKT995cfloNhFHIbMIQqfUOBcr

    uQDQxrjmTVy9W-2cHcK15CSWJEdXExmV7S0-hS_-HDBYbikW8M_AGpvptKCH

    ZSaLUi8WXkHQ0sElenRLRA-qkJJqORMcITSCw_qLDa_aVAboAPs9iOmYIHA3

    ogH6ydPaWLkpN3_fx9SWGIzNSEQ5lxMo2MEionIokMJLUljWjspuKW0r9avV

    S8eQdB0DbDN1YRQ50avy805A6ti20RYxmsoUsrScQnIcQTvJvqXcK5rNwk4v

    Vy-D6t6eeV3nRmAfqKH8csXTTsWqpLK7CSMN8SJyz5FNP7n-r38Hl24TfaoR

    xc9WL3F1kTr8F-6GS4UxpKDRUQ5MavRA-Tqp3j5dq3tCLlT1YDUXrXguSYCg

    sZv4hSxlQ5TFl-5BpEQ3QTqHl6VlQ45RqyAU3lXkt9shkb0Sb1OOo4f5UmhX

    FXYKB0zDofsdUhQ6Z8GfuckYqKBFeZIb7M2bXz1h6iqrhrR8B3FJfNM51FZa

    QDlzbrvDgUeh0n7jOFFNIVGK65rzGuvy59t1K7m4mWg90o5RKcQ5RKl1SG5a

    c8L85T3Zq_tqE6tmRjoGtkAT2gvWTYIX1ABSeIlBWCRPKllnBG6TYDpCmvUq

    vdDf-4nXECQOMXRpFgcXsXMS_neuBN0L3xvdFUIU7r9Dv8j4dWrtuN_JIIPh

    3S867BHnrwflyio88RO4WZWvzVhrm8NjafDtnVhILs3ExKn6dQf-BRKnUKgX

    szbvBFsHalr6ch5PDy27QunvTJC0JMMhnXV30aa6RWMUE25dSdExvTFqrpuL

    F-fcLZuFQQ6ZVnDgituDA0ox1oZXB1FKO43wT6mvImCmA5FqWqvfwfFlm4Xj

    8VsN15mXP_ssgev9cPb2jlQdin_gXWZgH27666JmY0oOxtzDV4Ce-UdeDh-k

    YsUGULIAkdVhp29q_ixXm2RlKhWjaMTGk90BeSWkS6kWP80DGmBaTFOLF0-w

    k9MjFwDNuUInQ6HhhxpDwhK7gGJVrF5dVO-CxZCQn7Kxcsi8Sv_rnIjZ3OAR

    aFN4kdpugdvhEgDF-ZhkkCFY_gLR9oehLBL6s_C02wDasdVJ7mkDfwOGAIgq

    1BKp5JyLDQOREg2WXAtgp71_27hrXgF9IQzlKutCrTK6SajKOCr1YNSSyv2U

    yHbd8gVuiIa676dcwrhWw9E6WriZeAZsJ5RBhZlYXN5CJhf-KNXZ1U0npvsY

    1XV7sLlLcpo_Y3RU7lfH6eUkOG5cbvdtf0FE3MEhQUgDslKCbRUN5uMV6x08

    QnMaLA1tt5SNGsRkxU6kjNBQufPKWnsERwiX_8xQPtH2G0lIRmA6Co_8Z02e

    RKJdBjRICLeodCvLhoUL7O48xgsyODnaKO1nsj6CAWGq31fICfUwYSSN1LCk

    kPCbt5Eejws5K2wqm8rlwbUZGWS8sLVCzsNS8gOp_YcyL-lmeBSRYk9owWhP

    SPW1Y8_-Z2Vpo2p6NoAA329d877qXYZ5fct59bAhoTZAtFU85245ATAkzY_e

    Od3evzC8dmfRiBYGG_MBEDr31-sqNlBmyqcQHkVjTTRtGUUrBHQR4sq6W1iF

    NCbc-LOKXtmTA2qZnMM9F8VRPf5OI2KAmxEAiBPE6dufdvAe3ybIDYXAzxwB

    kXaDhU3JX5ZIqlpoWBrqmEOLwS35UMwa1VcE5Kl7d208Hv3Gpt2kzd964mrD

    HvyQhiEkAIcAgrkY9hzNsaGbHubBETYX1sG5UInwZ32cxaVJ50yq2Tt4RSk2

    Kho6ZKreKJgisFQ_aPG1nRxDIf3k9URwlxOY3bt39Cv0_RmEhHfEWTTvYgcJ

    rLHrcvBF9syLeq-aCUd30q4ABjEFOZ2shhW58TX6GeywzjV6ELvdrIqABW8h

    cDeznI-egp61EQ2U8oZ3rQLCL6Q2DWxXRUSwVFUZLILXaXv5sHzZm-yTnsgL

    hTvJtYQKVUeP7qdQCy2TS-b8tZI9Nc9bMQxRZZzdk6iy7oW5aUIPK9ff6jDR

    nAP_tU2hax2CXpv11xk6BLx1t-q60-74yvRgXgthQ_pQN6s7L0xnH_Z6jZYa

    tvOEq7aPJ5_3JoVzvpMBSfeNtxHOjSHonS4UBf2X_yDQO7wV7Xi4v2pu2_lg

    BqFWK_rgxa7gZnEnV_3A76PR0PIhNzpEZQieXG7ZSwSD5iCwzvZJOVvnAQvL

    6RvERil0RiWqwl6NY-0yX7JO4_1lVZyf09SkKr0xslJFHSrBZyn7Wg-k1uLb

    j7HqJXXEcp8xDvPgdFL5HfGWbzaumUHzxWGY4UFWCsc9Z4rXH9vUw65x689_

    99ZYU8oXKbbpBRyXv8OJlxHbOAOR_JOpbDFFc5v6PvOHaECZWEJR_GYXYf6c

    4TGudInXpqXWcUuS2bEJjQ==

    Textul nu este in base64 ca am incercat sa-l decriptez!

    Sa fie oare de la traducere?

  18. Exploiting Adobe Flash Player on Windows 7

    in Exploituri

    Posted · Edited by curiosul

    Internet Explorer CSS 0day on Windows 7 on Vimeo

    1) Advisory information

    Title : Adobe Flash player Action script type confusion

    Version : flash10h.dll

    Discovery : Malware writers

    Exploit : Abysssec Information Security and VUlnerability Research Group

    Vendor : Adobe

    Impact : Critical

    Contact : info [at] abysssec.com

    Twitter : @abysssec

    CVE : CVE-2010-3654

    2) Vulnerable version

    Adobe Flash Player 10.1.53 .64 prior versions

    3) Vulnerability information

    Class

    1- Type Confusion

    Impact

    Successfully exploiting this issue allows remote attackers to execute code under the context of targeted browser.

    Remotely Exploitable

    Yes

    Locally Exploitable

    Yes

    4) Vulnerability detail

    Here we have type confusion vulnerability in ActionScript bytecode language. The cause of these vulnerabilities is because of implementation of verification process in AS3 jit engine that because of some miscalculation in verifying datatype atoms, some data replaces another type of data and the confusion results in faulty machine code.

    Action script has the following structure. First our scripts are compiled using an action script compiler like flex to AS3 ByteCodes and embed it to DoABC, DoAction or DoInitAction tags in swf file format. When flash player opens the swf file, bytecodes are compiled to a jitted machine code through verification and generation process. Verification process is responsible for checking bytecodes to be valid instructions and it pass the valid bytecodes to generation process, thus generation process produces the machine code in memory.

    According to Dion Blazakis’s JIT Spray paper:

    windbg.png

    Exploitation:

    For exploitation purpose on recent protections on windows 7 without any 3rd party, it is possible to use the same bug many times to leak the imageBase address and payload address. In our exploit we used three confusion to read String Objects address and accordingly imagebase address.

    Chart.png

    Step1: read shellcode string object pointer by confusing it with uint and use it to leak ImageBase.

    Step2: leak address of the shellcode with the same pointer and NewNumber trick.

    Step3: send imageBase & shellcode address as parameters to the RopPayload function, develop Rop payload string and again confuse the return value with uint to read address of RopPayload string.

    Step4: send address of the rop payload as parameters to the last confused function that confuses string type with class object. And thus address of our rop payload will be used as vtable in the fake class object.

    Note: In using strings as a buffer for shellcode in action script, it is important to use alphanumeric characters because the toString method converts our ascii character set to uincode thus make our shellcode unusable.

    5) Conclusion

    Finally we got the point that memory leakages are extremely useful in modern exploitation to bypass DEP, ASLR protections. It would be possible to find same atom confusion situation and other object leakage in adobe flash player. Kudos to haifei li for his great research, although it was not that simple to implement a reliable exploit with just slides without attending in talk.

    6) Refrences

    http://www.cansecwest.com/csw11/Flash_ActionScript.ppt

    http://www.semantiscope.com/research/BHDC2010/BHDC-2010-Paper.pdf

    7) Exploit-Code

    Here you can get our reliable exploit against windows 7 :

    calc.exe payload

    Download :Download for free on Filesonic.com

    Exploited.png

    if you need other payloads for sure you know how to change it ;)

    as always feedbacks are welcomed and you can follow @abysssec in twitter to getting updates .

    #Sursa:Exploiting Adobe Flash Player on Windows 7 | Abysssec Security Research

    Happy Hunting !

  20. Fake scan pc.

    in Off-topic

    Posted

    Poate se nimereste cineva sa dea run la acea aplicatie mai ales daca foloseste IE6, la care diferenta dintre site si pe nu prea este sesizabila. Acuma gandestete ce ar putea sa fie acea aplicatie si o sa iti dai seama la ca ii foloseste!

×
×
  • Create New...