aelius

Ma nene, tu ceri sfaturi cum sa inseli oamenii aici ? Dute-n cacat de puslama! Spune merci ca nu iti iei ban pe costum. Mai terminati cu saraciile astea si puneti osu la treaba.

Adica ... vrei sa faci un site pe care sub pretextul ca esti o organizatie serioasa ce ajuta oameni cu disabilitati, tu defapt vrei sa le iei banii. Sau ma rog, sa iti fie dati. Imi place totusi ca ai formulat "Daca ar vrea o persoana ...". Sa fim seriosi, noi stim ca este ideea ta. Mai jos putin ai schimbat placa: Pai este si imoral si ilegal ce vrei tu sa faci. Eu cel putin cataloghez asta ca o frauda de doi lei.

Cyber Security Expert and Penetration tester, Ebrahim Hegazy has found a serious vulnerability in Yahoo's website that allows an attacker to remotely execute any commands on the server i.e. Remote Command Execution vulnerability. According to Ebrahim blog post, the vulnerability resides in a Chinese subdomin of Yahoo website i.e. http://tw.user.mall.yahoo.com/rating/list?sid=$Vulnerability Any remote user can manipulate the input to the sid parameter in the above URL, that passes the parameter value to an eval() PHP function on the server end. If an attacker is able to inject a PHP code into this web application, it forces the server to execute it, but this method only limited by what PHP is capable of. Read here: Yahoo! Remote Command Execution Vulnerability. | Security Down!

Tu in mod sigur. Sa ne spui cand iti iei monitor de 32' sa le poti vedea pe ale noastre )

Acum va intindeti si ne povestiti cu ce va stergeti voi la gaoaze ? Va puteti sterge si cu un smirghel, nu e treaba noastra si nu e cazul sa spuneti asta pe forum. Ati luat-o razna fratilor ...

Salut, Nu poti face asta. Routerul are port 53 deschis iar pe el este un daemon dns masquerade, nicidecum un serviciu named local. Este posibil sa iti serveasca intai ce are el in '/etc/hosts', dar fara acces telnet/ssh pe el nu poti face nimic.

Ba labare. Ti-am spus cu totii ca nu suntem interesati. Tu ne intrebi daca te credem sau nu. Trebuie desene 3D sa pricepi ca nu ne intereseaza subiectul asta ? Ce mare inginerie sa dai un site jos. Ai deschis un thread de rahat si l-am inchis, nu te-ai ales nici macar cu un warn. Dupa ce ca te caci in poteca, te opresti sa-l iei si la palme deschizand alt thread pe acelasi subiect ? Vai de steaua ta .... Dai jos un site cu un atac 'low profile' si te crezi hacker. Pica si tu facebook, google, yahoo, level3, ntt, cogenco, hurricane electric, nu bazaconia aia de site gazduita la rosite. (newhost) Ban, thread closed si mutat la gunoi.

O mentiune: ufw este un wrapper peste iptables.

Termina ma, in slobozul lu bunica sa-ti curga pe buze la vale. Thread closed. Ne doare-n cardan ca e down sau nu e. Cine intra pe saracia aia de site si cui i-ar pasa de el.

hint: utilizeaza smarty. php e php, template e template. nu face ciorba din cod.

Pe acelasi subiect: - https://rstforums.com/forum/59438-tipuri-de-atacuri-denial-service.rst - https://rstforums.com/forum/59365-discutie-legata-de-atacurile-dos-ddos-efectele-sale-si-metode-de-filtrare.rst - https://rstforums.com/forum/46523-nullrouting.rst - https://rstforums.com/forum/47282-detectia-atacurilor-supernova-utilizand-snort.rst - https://rstforums.com/forum/54894-se-mai-foloseste-supernova.rst @Kalashnikov.: Pai si retardul de admin nu vede ca nu intra nimeni ?

Ai uitat ceva: 1. Am vazut ca folosesti FastCgi dar ai instalat si php-fpm. De ce nu-l folosesti? 2. Ai uitat ceva "Normally SPDY is only ever used for SSL connections (https URLs)." 3. By default, Spdy este disabled. Trebuie sa adaugi SpdyEnabled on. Cum ai avut tu castig in timpul de raspuns ? 3. Timpul de raspuns intre nginx si apache nu are nicio treaba aici. Mod spdy config options: https://code.google.com/p/mod-spdy/wiki/ConfigOptions

marian@pluto:~$ wtf 196 ) // edit: a, nu ai voie sa-l scrii, hahaha De ce ? Pentru ca rst marian@pluto:~$ rst 196 Cum de afisaza ? marian@pluto:~$ function rst() { echo "`echo MTk2Cg== |base64 --decode`"; }; marian@pluto:~$ rst 196 erau si alte metode, cred ca mai simple

Pai cred ca scrie clar: "Vand sau inchiriez". Domeniile le-am luat mai demult si nu le-am folosit. Poate sunt ceva oameni care ar face treaba buna pe ele. De exemplu, primul domeniu, openvpn.ro s-ar preta foarte bine la un serviciu profesional de VPN. Cum nu le utilizez, le-am pus aici, poate e cineva interesat de vreun deal. Pot sa le si vand, sau pot doar sa le inchiriez pt. o perioada (ex: 1 an) Nu este specificat un pret pentru ca sunt receptiv la propuneri iar aici nu este shop online // edit: Pai sunt de vanzare, ala e scopul. Ca am adaugat in post faptul ca le pot inchiria, aia e altceva. Un exemplu sunt 90% din firmele de hosting care inchiriaza domenii cu extensia .ro (domeniile sunt luate pe numele firmei si oferite anual) E nevoie de desen multidimensional sa intelegi ?

Da nu e trist sa merg in Cluj sau in Miercurea Ciuc si sa ma intrebe panarama tumefiata de vanzatoare ce doresc in ungureste ? E ROMANIA dude, da-l in cacat de ungur nasol. Maghiara nu e limba internationala. Daca ungurul ala cordit cerea in engleza, ar fi fost servit mai repede. Nu e important deloc. Suntem in Romania si vorbim limba nationala. Daca nu le convine ceva, e granita deschisa. Si da, se numeste CLUJ, nu Kolozsvari.

Salut, Vand sau inchiriez urmatoarele domenii: - openvpn.ro - geodns.ro Rog pe cei interesati sa trimita PM cu oferta. Multumesc

Facebook has paid out its largest Bug Bounty ever of $33,500 to a Brazilian security researcher for discovering and reporting a critical Remote code execution vulnerability, which potentially allows the full control of a server. In September, 'Reginaldo Silva' found an XML External Entity Expansion vulnerability affecting the part of Drupal that handled OpenID, which allows attacker to read any files on the webserver. As a feature, Facebook allows users to access their accounts using OpenID in which it receives an XML document from 3rd service and parse it to verify that it is indeed the correct provider or not i.e. Receives at https://www.facebook.com/openid/receiver.php In November 2013, while testing Facebook's 'Forgot your password' functionality, he found that the OpenID process could be manipulated to execute any command on the Facebook server remotely and also allows to read arbitrary files on the webserver. In a Proof-of-Concept, he demonstrated that how an attacker can read the content of 'etc/passwd' file from Facebook's server just by manipulating the OpenID request with malicious XML code, and in order to extract the essential login information such as system administrator data and user IDs. "Since I didn't want to cause the wrong impressions, I decided I would report the bug right away, ask for permission to try to escalate it to a [remote code execution] and then work on it while it was being fixed," he said. After receiving bug reports from Silva, the Facebook Security team immediately released a short term patch within 3.5 hours, described as: "We use a tool called Takedown for this sort of task because it runs on a low level, before much of the request processing happens. It allows engineers to define rules to block, log and modify requests. Takedown helped us ensure this line of code ran before anything else for any requests hitting /openid/receiver.php." The Facebook team determined that the vulnerability could have been escalated to a remote code execution issue, and rewarded Silva accordingly after patching the flaw. Update: Facebook has accepted the flaw as Remote code execution (RCE). In a post Facebook said, "We discussed the matter further, and due to a valid scenario he theorized involving an administrative feature we are scheduled to deprecate soon, we decided to re-classify the issue as a potential RCE bug". Source: Facebook Hacker received $33,500 reward for Remote code execution vulnerability - The Hacker News Pe acelasi subiect mai este si asta.Pare scris mai bine: http://www.securityweek.com/facebook-pays-33500-security-researcher-uncovering-bug

haha, asta e de cand eram elev frate )))

Au trecut exact 13 ani decand este facut acel scanner. Gaseste-ti alta ocupatie sau invata sa-ti faci si tu unul. (e haitateam mass ssh scanner, s-au gasit niste retarzi sa editeze scriptul bash)

ai uitat ; if(preg_match("/paypal/i", $_SERVER['SERVER_NAME'])) { echo "you suck, i rule"; } else { die("suck it up"); } on: felicitari.

Pai este. Dar orice padure are si uscaciuni. Incercam sa scapam de ele. Arata-ne postul de unde ai descarcat. Aici se posteaza si tool-uri facute de altii, nu e neaparat nevoie sa fie facut de cel ce deschide un thread. Eu nu am descarcat niciodata vreun keylogger sau un binder pentru ca nu sunt interesat de asa ceva.

Aplicatiile postate de utilizatori nu sunt verificate de moderatori sau de administratori. Sunt cazuri in care se verifica, iar daca este ceva aiurea se iau masuri (ban, stergerea postului, s.a.m.d ..) Tot ce descarci este pe barba ta. Daca esti interesat de bindere, keyloggere si alte balarii, banuiesc ca ar trebui sa ai si ceva experienta. Scaneaza-le, ruleaza-le intr-un environment virtual sau chrooted.

Serios ? Pai de cand se aplica forta bruta in cazul asta? Ar trebui sa aibe alte metode. Dar in cazul unui criminal, ala nu le poate face freza la doi militieni cu toporul ? Ah, cacat, am uitat. Daca impusti un militian in frunte si iese glontul prin ceafa, nu atinge organele vitale. Deci nu are ce sa se intample.

In general, cei cu disabilitati mentale au si mecle dubioase. In plus, jurnalistii sunt de cacao. Iauzi titlu "Cel mai cautat hacker". Hai s-o lasam moarta. Si sa vedeti ce fel de legi avem: Dupa un Georgel de genul asta se duc mascatii, sparg usa la ora 6 dimineata si-l salta pe sus, timp in care talharii, violatorii si criminalii sunt invitati frumos la sectie sau se duc doi politisti dupa ei. Wtf?! Care saracia e pericolul real social in cazul unui om ce face infractiuni informatice sau economice?

Awesome home automation with Raspberry PI and Arduino using Node.js, MongoDB, HTML5 and Websockets. Responsive: The responsive design allows you comfortable control of your home devices using your smartphone or tablet. Everywhere: Open your Raspberry PI to the world and access your home automation app from everywhere in the world. Extendable: An elaborated plugin system makes it easy to extend the application with your own plugins. Features: heimcontrol.js was created to gain experience in Node.js, MongoDB, Websockets and a lot of other great technologies that were used in the project. Take a look in the package.json for a full list of used open source projects. The project is in active development and a very early prototype, so use it at your own risk! Hardware: - Full access to the GPIO of the Raspberry Pi - Communication with an attached Arduino - Wake-on-LAN (not really hardware, but at least it wakes up hardware) - Stream your webcam via socket.io Software: - Node.js, Socket.io, Expressjs, Requirejs - HTML5, CSS3 and Websockets - Jade templating - Responsive design Apps: Heimdroid (Android Application): Heimdroid Video: Source: heimcontrol.js - Home automation in Node.js with Raspberry PI and Arduino Get started: heimcontrol.js - Home automation in Node.js with Raspberry PI and Arduino