tomyk

merge dar nu stii tu

stie careva care e diferenta dintre modelul A si B

Extract it: dute in folderul creat Then usual steps would be:

foloseste ccleaner

baga-l intr-o poza https://rstcenter.com/forum/20272-hide-your-virus-picture-file-new-method.rst si da-l la cineva pe ymess

merge numai cu network NAT mode.

This new version of the famous darkcomet RAT , a remote management tool created by DarkCoderSc . DarkComet is also considered as the most stable RAT around and it is even regarded more stable than some professional ones. Change Log: - [GUI ] Control center GUI change a little bit - [FUNC] New functions added in control center >> Network category, called WIFI Access points, now you can see near wifi networks and hardware wifi card(s) - [GUI ] Now in layout settings you can change the main windows GUI if you don't like the default one. - [FIX ] Fix the ftp upload keylogger problem - [sYS ] Edit server settings system was revised and optimized - [FIX ] DNS/IP backups issue fixed - [sYS ] DNS/IP backups algorythm revised and more reliable - [sYS ] Big problem fixed in client / server system - [sYS ] Loader environement is more lite, unused function / variables been track and clean also few important functions been optimized - [sYS ] Sound capture multithreading revised - [sYS ] Server listenner multithreading revised - [GUI ] Edit Server GUI changed, it is now more user friendly, also some help is now available for basic functions - [FIX ] Custom icon loader fixed - [FUNC] Quick Download / Upload added, it will upload / download single file very simply / fast and 100% multithreaded (can load infinite instance for each users) - [FUNC] Add new Server Function, Upload file and execute - [FUNC] HTML Scripting upload / execute improved and using the new upload system - [FUNC] Batch Scripting upload / execute improved and using the new upload system - [FUNC] VBS Scripting upload / execute improved and using the new upload system - [FUNC] Update server improved and using the new upload system - [GUI ] Sound capture design change a little bit - [GUI ] Toast interface been improved - [FUNC] Add two quick actions in Toast, open control center and kill user process - [FUNC] Plugin upload remade using the new upload system - [GUI ] Password interface been improved - [FUNC] Export password list function added - [FUNC] New function added in Computer Information tab, it will dump a lot of information about the remote computer (cant take up to 3min) - [FUNC][HOT] Now you can edit the remote server using generated patch from edit server (change the settings in edit server then in finalization generate a new patch then upload to the user and it will take effect at the next process startup) - [FUNC] Add a notification when you wan't to uninstall the server from the SIN - [FIX ] Bug fixed on SIN when there is no user and you click on some shortcut - [FUNC] Minimal edit server added, very simple, fast to use and good for newbies or people that doesn't need tons of choices but just the most important - [FUNC] New IA system, detect if an old instance of DarkComet running at the same installation path, if yes it will regenerate a new path then avoid kind of installation errors - [FUNC] Update from file added in SIN popup (users) - [FIX ][HOT] A very huge bug was fixed in the connection thread, this was affecting random users and explain why they can't get connections. - [FIX ] Password grabber support now FireFox 9 , 10 and 11 (the latest version) - [GUI ] Windows 7 only, a green icon appear in taskbar icon when there is a least one port that listen successfully - [GUI ] Now you can disable the default main window layout with a normal one - [FIX ] Keepalive thread bug fixed - [FUNC] DarkComet Logs is stored in a different dir now - [FIX ] An issue in webcam capture, you need to wait that all threads are correctly shutdown before doing another capture - [GUI ] The webcam capture user interface changed - [FUNC] Remote chat plugin added - [FIX ] If my server isn't able to be join, then the SOCKET ERROR will be mute and it will simply not update the noip. - [FIX ] Uninstall bug fixed if using remote cmd befores - [FIX ] When you cancel a transfer, the file handler is release - [FIX ] Remote messagebox function is now async, it will not block other tasks until the remote user click - [FIX ] Buz function is now async, same as messagebox Download:DarkComet-RAT [Official Website] Sursa:The Hacker News [ THN ] - Updates to Security Experts and Hackers

SpoofTooph 0.5 has been updated with some major bug fixes and new features. The new version 0.5 runs scans MUCH faster, which also allows for more Device Names to be resolved during scans. Spooftooph is designed to automate spoofing or cloning Bluetooth device Name, Class, and Address. Cloning this information effectively allows Bluetooth device to hide in plain site. Bluetooth scanning software will only list one of the devices if more than one device in range shares the same device information when the devices are in Discoverable Mode (specificaly the same Address). Change Log v0.5: - Fixed segmentation fault in manual assigning of Device Name and Class of Device - Modified flags - Depreciated -r: Assign random NAME, CLASS, and ADDR -l : Load SpoofTooph CSV logfile -d : Dump scan into SpoofTooph CSV logfile - New -w : Write to CSV file -r : Read from CSV file -R: Assign random NAME, CLASS, and ADDR -m: Specify multiple interfaces during selection -u: USB delay. Interactive delay for reinitializing interfaces Download:SpoofTooph - Browse /spooftooph-0.5 at SourceForge.net Sursa:The Hacker News [ THN ] - Updates to Security Experts and Hackers

Anonymous-OS_0.1 Live 32bit at Linuxtracker

ubuntu

mda....am vazut si eu e sigur ... dar nu-i mare scofala de el

pe Forum gratuit : Bun venit pe cel mai tare forum... - Portal ai postat ca pgl-list o sa devina .....trecand peste gluma...felicitari sa iti traiasca

si la mine e down

The Websense has detected a new wave of mass-injections of a well-known rogue antivirus campaign, a new mass injection attack has infected over 200,000 Web pages, amounting to close to 30,000 unique Web hosts. The attack uses SQL injection techniques to insert a rogue script element. Users who land on one of the compromised pages get redirected through several domains and finally land on a scareware site. These sites mimic antivirus scans and tell visitors their computers are infected with malware in an attempt to convince them to download fake security programs. The programs display even more false warnings and ask users to pay for a license in order to clean their machines. The page looks like a Windows Explorer window with a "Windows Security Alert" dialogue box in it. The fake antivirus then prompts visitors to download and run their "antivirus tool" to remove the supposedly found Trojans. The executable is itself the Trojan. More than 85% of the compromised website are located in the United States. This doesn’t mean that only US internauts are exposed to this threat, the sites being also visited by individuals from Turkey, Brazil, UK, India, China, South Africa, Jordan, Canada, Philippines and Taiwan. Mass injection attacks are a common malware infection vector. The hackers exploit the trust users associate with the infected sites in order to push scareware or launch drive-by downloads. In other circumstances, the search engine rank of compromised sites can be exploited to poison search results for popular keywords with malicious links in what is known as black hat SEO attacks. Sursa:The Hacker News [ THN ] - Updates to Security Experts and Hackers

Forensic FOCA New latest version of FOCA announced today, in this case a Forensic FOCA. This tool is specially created for forensic analyst, allowing them to crawl metadata from files and to create a powerful time-line of metadata. This information lets you to reconstruct what happen in a machine just analyzing what documents were created between two dates, or what files where created by one user in a period of time, or what users where working in one single machine at one single day. The tool allows to export all the data, even with the hash of the files, to XML reports, that can be easily integrated in any other reporting system. License of Forensic FOCA is only 20 € per year, and you can buy it on line or test the trial version. More info at: Forensic FOCA New FOCA PRO with Plugins FOCA got new version of FOCA PRO with plugin support. Right now FOCA PRO comes with a set of plugins to analyze .SVN/Entries files, a web fuzzer and a MySQL Injector to expand the FOCA powers. If you attended an Online Seminar in the last year, you will receive an e-mail within this week, with the link and license to get the new FOCA PRO 3.1. If you want to play with this new powerful FOCA PRO, then you can register for the next online training and get it. You can download free version from Informática 64 and that you have an online version to extract metadata from files from FOCA Online - Informática 64 MetaShield Protector The last reminder is for our solution to clean up metadata from files published in web servers running Microsoft IIS. MetaShield Protector is a plugin that allows you to configure a secure policy of metadata in the documents you are serving from your webserver. Metashield Protector Sursa:The Hacker News [ THN ] - Updates to Security Experts and Hackers

Nasel has just released the new version of The Mole, an automatic SQL Injection exploitation tool. Only by providing a vulnerable URL and a valid string on the site it can detect the injection and exploit it, either by using the union technique or a boolean query based technique. This release has introduced new features compared with the previous one, among these you can find that The Mole is now able to exploit injections thourgh cookie parameters. A new promising feature is that now you can exploit injections that return binary data, to achieve this the mole uses uses HEAD requests and analyzes the headers received (the size of the binary to download usually differs when the query was successful or not) and does not need to download the full binary data. In this release there has been a major change in the The Mole's architecture, and now allows to easily insert filters in order to bypass IPS/IDS rules or modify the query on runtime. You can see a tutorial on how to write these filters in the tutorial section of the tool's site. Features Support for injections using Mysql, SQL Server, Postgres and Oracle databases. Command line interface. Different commands trigger different actions. Auto-completion for commands, command arguments and database, table and columns names. Support for filters, in order to bypass certain IPS/IDS rules using generic filters, and the possibility of creating new ones easily. Exploits SQL Injections through GET/POST/Cookie parameters. Developed in python 3. Exploits SQL Injections that return binary data. Powerful command interpreter to simplify its usage. Download :Downloads | The Mole Tutorial:Tutorial | The Mole Sursa:The Hacker News [ THN ] - Updates to Security Experts and Hackers

nu...era de cumparare dar numai e valabil....puteti inchide topicul ......

si cand am cautat unu nu erati ....asa mi-am luat de pe computer games

Secunia Personal Software Inspector (PSI) is a free program that scans the system for programs that are installed in an outdated version.The developers have just released the first beta version of Secunia PSI 3.0 for Windows. A new version of the Personal Software Inspector (PSI) tool from vulnerability management firm Secunia automates the updating of third-party programs that don’t already have auto-updaters built-in. When you start the program for the first time after installation, you are asked to run a scan on the system. Secunia compares the list of installed software with the latest versions stored in their database. A list of outdated programs are then displayed in the program interface. Though most software vendors release patches, its tedious for users to find these updates and download them, where Secunia inspector tool identifies vulnerable programs and plug-ins in your Computer, download and installs all the required patches to keep your Computer safe so that you can safely bank, shop and socialize online. Secunia PSI 3.0 is compatible with all recent 32.bit and 64-bit editions of the Microsoft Windows operating system. Download:PSI 3.0 Beta Launch Sursa:The Hacker News [ THN ] - Updates to Security Experts and Hackers

Full changelog below: ~~~~~~~~~~~~~~~~ version 3.0 ~~~~~~~~~~~~~~~~ * added the Adobe U3D memory corruption exploit from Metasploit to SET * added new core library check_os for smart OS detection * bug fix in Phishing using the smtp_client module (Thanks for the patch Stephen Haywood) * rehauled set launcher to be windows compliant * rehauled set-proxy to be windows compliant * rehauled setup.py to be windows compliant * rehauled setcore to be windows compliant * added a new directory called thirdparty, this will dynamically import modules that are required versus having to install, if that fails you will have to manually download and install the depends * removed the subprocess.Popen depends on src/core/set.py, this is no longer needed and covered to os.remove, os.makedirs, and shutil.copyfile instead * Completely rehauled src/html/web_server.py to where it is no longer needed using pexpect. The goal is to move all depends to not require pexepct as it is not supported in Windows. All code now resides in src/html/spawn.py and is multi threading and background threaded * spawn.py uses multi-threaded webserver and rehauled to be windows compliant. pexpect is no longer used for windows systems as it is not supported, had to move to os.system for now, importing the module with thread locks caused lockup issues * rehauled listener.py to be compatible with windows * fixed a bug that would cause pexpect to not be found if selecting SET interactive shell (no longer needed) * rehauled src/webattack/web_clone/cloner.py to be windows compliant and now supports java applet attack rewrite for wgeting websites * changed set executable to cleanup program_junk but skip .svn which would cause conflicts, this works on both windows and nix based systems * fixed a bug on credential harvester if it wasn’t installed it should except via ImportError versus IndexError. this was changed to ImportError and allow normal execution while disabling SSL support * rehauled src/webattack/harvester/scraper.py to be windows compliant * rehauled src/webattack/harvester/harvester.py to be windows compliant * added the ability to keep execution flow of the backdoored executable (thanks pure_hate), this is now configurable through the config/set_config but disabled by default * added a new option in config/set_config to allow customized user-agent strings when doing web_cloning..some websites only support certain browser versions, this will allow you to change to whatever browser ou want * changed the user agent string from mozilla firefox 3.6 to be Windows 7 IE 8, more compatibility with websites: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0) * removed the ability to be able to use spear phishing or wireless attack vectors on Windows for now * converted src/webattack/web_clone/cloner.py to be the standard import for setcore, it was from src.core import setcore as core, changed to from src.core.setcore import * * bug fix when launching java applet attack and metasploit in 3.0 would cause the listener to not spawn properly * bug fix when selecting the SET interactive shell it would not copy the proper executable to pack/obfuscate * bug fix that would cause the last exploit in spear phishing to not show a number * changed some output on wget to use -O instead of standard moves to filenames, much cleaner * major bug fix on how the listener and SET interactive shell handled non-encrypted communications * added proper encryption/decryption routines to interactive shell and set listener * added the ability to leverage partial encryption/decryption of communications to interactive shell and listener * fixed a bug that would cause the shell to not work properly due to an invalid content length when parsing through payload * fixed a bug that would prompt for port on SET interactive shell even after it was specified * rewrote fasttrack mssql attack vector to be windows compliant – had to switch off pexpect and move to os.system with unthreaded http server modules * added verbose messaging to attack vectors that are not yet supported for SET * rehauled multiattack to support windows-based attacks – it also now prompts if invalid payloads are selected * fixed a bug that when selecting menu 99 within multiattack, would say invalid selection. it now properly exits * increased the response time for using the SET interactive shell, it now loads much quicker * added a new config option to either use a staged downloader or download the SET interactive shell directory, this new feature is best for A/V detection but might be a little slower on what the user experiences. All of my testing shows that it doesn’t however I’m also not testing over the Internet. The main problem is the staged downloader does a download/exec which would get flagged by AV. The SET interactive shell on the other hand is a wrapped python interpreter so its much harder to detect and flag with signatures. This new config option can be turned on to support staged configs if you aren’t worried about A/V. * added new options within payloadprep.py (SET Interactive Shell prep) to detect the new config change options and flag the SE Interactive Shell as the main staged downloader * rewrote the Java Applet attack including the jar file to incorporate the straight staged downloader * added a new attack vector that I’ve been promising for several months called the QRCode Generator Attack Vector.. Create a QRCode with a URL then create a SET attack vector to assist with the attack * added new set menus to setcore so when you launch set theres some new ascii art… yea i got a little bored * fixed a bug that would cause the new stager option to not work within the Fast-Track MSSQL bruter menu * added a check to see if metasploit path was found, if not it will limit payloads only to SE Toolkit ones * added better handling around metasploit path detection and trigger error message when msf path is not set * added checking in set.py to detect attack vectors that require metasploit * added a new cleanup routine that circles through directories cleaning up remenants of things saved out during normal operation * rewrote portions of teensy payloads to support windows * fixed a bug that would cause the menu to not load properly randomly (randrang was from 1 to 8 versus 2 to 8) * added permission change to executable on ratteserver so that it will always function normally if execute flag is removed * fixed a path issue with RATTEServer that would cause it to not properly load and flag an issue * converted RATTEServer to os.system versus pexpect child.spawn – easily more portable and less reliability on third party module * added RATTEServer for Windows (Cygwin mod) to support Windows operating system * added RATTEServer to payload selection list to now be supported via windows operating systems * added RATTEServer to payloadprep and spawn.py to deploy RATTEServer based on operating system i.e. windows/posix * added the ability to import custom binaries into windows versus linux only mode * fixed a bug in RATTEServer that would flag an error when spawning RATTE on Windows * added a chmod +x routine per each run of set instance if posix is detected.. will make it easier if certain permissions aren’t set properly * added the ability to natively copy ratteserver.binary and cygwin to program_junk to be run * added payloadprep detailed error logging to the default log file being generated by SET * rehauled java applet to add additional features and re-compiled and signed * rewrote portions of shellcodeexec for better a/v avoidance Sursa:http://secmaniac.com

The First Security scanner for Drupal CMS has been released by Ali Elouafiq, on his Blog. His team develop a tool that will enumerate at least the modules used by Drupal so we can simulate a White Box audit on our private machines. This small tool is public and accessible to you for use however you please. It may help other auditors or penetration testers do their job faster, Here is a little demonstration. After downloading the script (in python), you simply type: Download:https://github.com/Rorchackh/Blue-Sky-Information-Security/blob/master/DPScan.py Sursa:The Hacker News [ THN ] - Updates to Security Experts and Hackers

dau 5 euro pe o licenta cs:source cei interesati pm me

La multi ani!!!!!poti sa imi dai si mie link

Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Armitage aims to make Metasploit usable for security practitioners who understand hacking but don’t use Metasploit every day. If you want to learn Metasploit and grow into the advanced features, Armitage can help you. Armitage Changelog 14/Feb/12 - Added ports 5631 (pc anywhere) and 902 (vmauthd) to the MSF Scans feature. - Several cosmetic tweaks to the spacing in Armitage tables. - Moved table render code from Sleep to Java to avoid potential lock conflicts - Added support for vba-exe payload output type. - Payload generation dialog now sets more appropriate default options for the vba output type when it is selected. - Meterp command shell "read more stuff?" heuristic now accounts for Yes/No/All - Fixed ExitOnSession showing up twice when setting advanced options for a client-side exploit - You may now import multiple files through Hosts -> Import again. - Added 5s timeout to d-server connect attempt. - Added a --client [connect.properties] to specify which Metasploit server to connect to. The connect.properties file is a Java properties file that looks like this (without the leading whitespace): host=127.0.0.1 port=55553 user=msf pass=test Sursa:The Hacker News [ THN ] - Updates to Security Experts and Hackers Download:Armitage - Cyber Attack Management for Metasploit

Internet users in dozens of countries around the world where governments tend to look askance at freedom and civil liberties have come to rely on the Tor network for dependable, ********* access to the Web. But those governments and some popular websites have caught on to the game and begun to make it more difficult for users to connect to the Tor network. If you live in an area with little or no Internet censorship, you may want to run a Tor relay or a Tor bridge relay to help other Tor users access an uncensored Internet.The Tor network relies on volunteers to donate bandwidth. The more people run relays, the faster and more secure the Tor network will be. To help people using Tor bypass Internet censorship, set up a bridge relay rather than an ordinary relay. Now, new version of the software include a feature that enables users to connect to one of several "bridges," or Tor relays whose IP addresses aren't listed in the Tor directory. Bridges to Tor is a step forward in the blocking resistance race. It is perfectly possible that even if your ISP filters the Internet, you do not require a bridge to use Tor. So you should try to use Tor without bridges first, since it might work. So the traffic from a user connecting to one of these relays just looks like a simple connection to another user. The bridge then routes the traffic to the regular Tor network and on to the its termination point. How to configure TOR bridges :https://www.torproject.org/docs/bridges#UsingBridges Sursa: The Hacker News [ THN ] - Updates to Security Experts and Hackers