aelius

Deci, trimiteai email html cu sms sender? Interesant dude

Ba tu esti dus? Ti-ai facut 47.000 de usere doar de dragul de a injura aici. 666b666 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] 666BLODAS666 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] BL0DAS666 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] BLODAS666 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] BlodasIsBack 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] CacatLaCur 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] COAILI_Productions 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] Evanescent 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] Evanescent2 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] FuckMe 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] I_love_M2G 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] MasterOfCrowz 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] MuiePentruRST 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User] TheMadNigga 109.100.232.27 [Find Latest Posts by User] [View Other IP Addresses for this User]

Domnu, fai asta cu iptables (vezi ce e cu bold). Connmark este pentru marcarea pachetelor iar cu hashlimit definesti o rata de pachete intr-o unitate de timp, nicidecum o latime de banda. ext_if = "hme0" ext_if2 = "hme1" int_if = "hme2" ext_gw2 = "192.168.1.1" protocols = "{ tcp, udp, icmp, gre, ipv6, esp, ipencap }" icmp_types = "{ echoreq, unreach }" state_inspection = "flags S/SAFR modulate state" udpblock = "{ 22, 80, 443 }" ftp_ports = "{ 20:21 }" passive = "{ 32000:63000 }" voipports = "{ 5060, 5061, 5062, 5063, 5064 }" torrent = "{ 6881:6999 }" table <BLACKLIST> persist file "/etc/firewall/blacklist" table <SLOWQUEUE> persist file "/etc/firewall/slowqueue" set fingerprints "/etc/firewall/os-fingerprint" set block-policy drop set optimization aggressive #set ruleset-optimization basic # http://kestas.kuliukas.com/pf.conf/#NATQueueing set state-policy if-bound set optimization normal set loginterface $ext_if set skip on lo0 set skip on tun0 set skip on hme1 set skip on hme3 set skip on gif0 set skip on gre0 set skip on $int_if set require-order yes set timeout { frag 10, tcp.established 3600, interval 5 } set timeout { tcp.first 30, tcp.closing 30, tcp.closed 30, tcp.finwait 30 } set timeout { udp.first 30, udp.single 30, udp.multiple 30 } set timeout { other.first 30, other.single 30, other.multiple 30 } set timeout { adaptive.start 0, adaptive.end 0 } set limit { states 32000000, frags 32000000, src-nodes 320000000, tables 32000000, table-entries 32000000 } scrub on $ext_if all random-id reassemble tcp fragment reassemble [B]altq on $int_if bandwidth 100Mb hfsc queue { ether, nattraffic } queue nattraffic hfsc ( upperlimit 400Kb ) bandwidth 420Kb { toint_pri, toint_def } queue toint_pri qlimit 10 hfsc ( red, realtime 35%, linkshare 50% ) priority 4 bandwidth 70% queue toint_def qlimit 10 hfsc ( red, realtime 15%, linkshare 30% ) priority 3 bandwidth 20% altq on $ext_if priq bandwidth 2.0Mb qlimit 800 queue { ftp, ssh, web, voip, icmp, torrent, other } queue other qlimit 200 priority 5 priq(rio,default) queue ftp qlimit 50 priority 2 priq(rio,ecn) queue web qlimit 300 priority 14 priq(rio,ecn) queue voip qlimit 500 priority 15 priq(red) queue ssh qlimit 50 priority 4 priq(red) queue icmp qlimit 50 priority 3 priq(red) queue torrent qlimit 20 priority 6 priq(rio,ecn)[/B] nat from 10.0.0.2 to any -> ($ext_if) # Workstation nat from 10.0.0.3 to any -> ($ext_if) # Voip nat from 10.0.0.4 to any -> ($ext_if) # SUN nat from 10.0.0.5 to any -> ($ext_if) # NetBSD nat from 10.0.0.6 to any -> ($ext_if) # VM nat from 10.0.0.7 to any -> ($ext_if) # IBM nat from 10.0.0.8 to any -> ($ext_if) # HP nat from 10.0.0.9 to any -> ($ext_if) # Alina (Wireless) nat from 10.0.0.10 to any -> ($ext_if) # HP Printer nat from 10.0.0.11 to any -> ($ext_if) # Netgear Wireless nat from 10.0.0.12 to any -> ($ext_if) # Server nou nat from 172.16.0.2 to any -> ($ext_if) # tex nat from 192.168.1.0/24 to any -> ($ext_if) # VPN # HP rdr on $ext_if inet proto tcp from any to $ext_if port { 20, 21, 22, 53, 81, 443 } tag HP -> 10.0.0.8 rdr on $ext_if inet proto udp from any to $ext_if port { 20, 21 } tag HP -> 10.0.0.8 rdr on $ext_if2 inet proto tcp from any to $ext_if2 tag HP-PRINTER -> 10.0.0.10 rdr on $ext_if inet proto tcp from any to $ext_if port $passive -> 10.0.0.8 # vm rdr on $ext_if inet proto tcp from any to $ext_if port 400 -> 10.0.0.6 port 22 rdr on $ext_if inet proto tcp from any to $ext_if port 515 -> 10.0.0.7 port 22 # VoIP rdr on $ext_if inet proto tcp from any to $ext_if port $voipports tag VOIP -> 10.0.0.3 rdr on $ext_if inet proto udp from any to $ext_if port $voipports tag VOIP -> 10.0.0.3 no rdr block in quick on $ext_if from <SLOWQUEUE> to any probability 97% block in quick on $ext_if from <BLACKLIST> to any block out quick on $ext_if from any to <BLACKLIST> block in quick on $ext_if proto tcp from <HTTP_OVERLOAD> to any port 80 block in quick on $ext_if proto tcp from <HTTPS_OVERLOAD> to any port 443 block in quick on $ext_if proto tcp from <SSH_ABUSIVE> to any port 22 block in quick on $ext_if proto tcp from <FTP_ABUSIVE> to any port 21 ## UDP DDoS Block block in quick on $ext_if proto udp from any to any port { !=20, !=1723 } ## Juno block in quick on $ext_if proto tcp from any port { 1024,3072 } to any block out quick on $ext_if proto tcp from any to any port { 1024,3072 } block in on $ext_if block out on $ext_if set skip on lo0 antispoof for $ext_if inet # disabled for vpn block in from no-route to any block in from urpf-failed to any block in quick on $ext_if proto tcp flags FUP/WEUAPRSF block in quick on $ext_if proto tcp flags WEUAPRSF/WEUAPRSF block in quick on $ext_if proto tcp flags SRAFU/WEUAPRSF block in quick on $ext_if proto tcp flags /WEUAPRSF block in quick on $ext_if proto tcp flags SR/SR block in quick on $ext_if proto tcp flags SF/SF pass out quick on $ext_if route-to ($ext_if2 $ext_gw2) from { 192.168.1.0/24 } to any block in quick on $ext_if from any to 255.255.255.255 pass out on $ext_if proto tcp from any port 21 to any flags S/SA modulate state queue ftp pass out on $ext_if proto tcp from any port 22 to any flags S/SA modulate state queue ssh pass out on $ext_if proto tcp from any port 80 to any flags S/SA modulate state queue web pass out on $ext_if proto tcp from any port $torrent to any flags S/SA modulate state queue torrent pass out on $ext_if proto tcp from any port $voipports to any keep state queue voip pass out on $ext_if proto tcp from any to any flags S/SA modulate state queue other pass out on $ext_if proto icmp from any to any keep state queue icmp pass out on $ext_if proto { udp, gre, ipv6, esp, ipencap } from any to any keep state pass in on { $int_if, $ext_if } proto tcp from any to any port 515 $state_inspection pass in on $ext_if proto { tcp, udp } from any to any port 1723 keep state pass in quick on $ext_if all allow-opts pass in on $ext_if proto tcp from any to any port 80 $state_inspection \ (source-track rule, max-src-conn 180, max-src-conn-rate 140/1, overload <HTTP_OVERLOAD> flush global) tag HTTP-SERVICE pass in on $ext_if proto tcp from any to any port 443 $state_inspection \ (source-track rule, max-src-conn 180, max-src-conn-rate 140/1, overload <HTTPS_OVERLOAD> flush global) tag HTTPS-SERVICE pass in on $ext_if proto tcp from any to any port 22 $state_inspection \ (source-track rule, max-src-conn 10, max-src-conn-rate 1/60, max-src-nodes 20, overload <SSH_ABUSIVE> flush global) tag SSHD-SERVICE pass in on $ext_if proto tcp from any to any port 81 keep state pass in on $ext_if proto tcp from any to any port 554 keep state pass in on $ext_if proto tcp from any to any port $ftp_ports $state_inspection \ (source-track rule, max-src-conn 30, max-src-conn-rate 30/1, overload <FTP_OVERLOAD> flush global) tag FTP-SERVICE pass in on $ext_if proto udp from any to any port $ftp_ports keep state pass in on $ext_if proto tcp from any to any port $passive keep state pass in on $ext_if proto udp from any to any port $passive keep state pass in on $ext_if proto tcp from any to any port { 5060, 5061 } keep state tag VOIP-IN pass in on $ext_if proto {tcp, udp} from any to any port 2222 keep state tag WRT # allow traceroute out pass out on $ext_if inet proto udp from any to any port 33433 >< 33626 keep state

Ai targetul 'TOS', dar nu se compara. E ceva low end. In plus sunt doar 5 optiuni sinistre. Atentie, vorbim de netfilter nu de tc din pachetul iproute2 Functioneaza foarte empiric prioridizant pachetele, atata tot.

The Military Units that rely on very small aperture terminals (VSATs) for satellite communications in remote areas are vulnerable to cyber attack. Researchers from cyber intelligence company IntelCrawler recently identified nearly 3 million VSATs, many of them in the United States, and found that about 10,000 of them could be easily accessed because of configuration weaknesses. Researchers have warned that terminals having data transmission rate 4kbps to 16 Mbps used in narrow and broadband data transmission are vulnerable to cyber attack. VSATs are most commonly used to transmit narrowband data such as credit card, polling or RFID data or broadband data for VoIP or video using the Satellites in geosynchronous orbit generally used for Television & Radio broadcast, direct broadcast, military communication. Its name originated from the relatively small dish antenna with a diameter no longer than 10 feet (3 meters). IntelCrawler claimed that VSAT can be easily hacked because of poor password policy & default settings. Vulnerable terminals can be used for a planned cyber-attack, to be more precise on distributed network and infrastructure. Dan Clements, IntelCrawler's President said: "There's a lot of information that could be used in a nefarious way," Clements said. "Certainly you could put together a plan to go after certain grids or dams or power plants and have access to the centralized network at some point. According to the report, there are more than 313 open UHP VSAT, 9045 open terminals (HUGHES) and 1,142 terminals (SatLink), that can be easily hacked by malicious attackers. HUGHES is one of the largest manufacturers of VSATs which are mostly used in offline ATMs by several national central banks. Physical locations of a number of VSATs can be easily searched on Google maps and Google Earth, which could allow attackers to plan more sophisticated physical attacks. IntelCrawler also found network ranges of government and classified communications, e.g. Ministry of Civil Affairs of China infrastructure in ranges belongs to Shanghai VSAT Network Systems Co. LTD, and Ministry of Foreign Affairs of Turkey in Turksat VSAT Services, that poses critical threat to National Security. Source: Small satellite terminals (VSAT) are vulnerable to Cyber attack

Salut, Cred ca este vorba de 'session.gc_maxlifetime', vorbim imediat cu stimabilii sysadmini sa mareasca valoarea. Este curios faptul ca m-a delogat foarte rar. Cel mai probabil ai apucat cateva momente cand s-a facut cleaning la sesiuni

A fost distractie mare. 666BLODAS666 bantuia pe acolo pe chat si ne-am gandit sa-i facem un prank. Askwrite a dat pe chat un link cu o poza (aparent), era defapt un php ce facea header location pe logout-ul de la chat. Am profitat de ocazie si i-am pus un avatar frumos si o semnatura potrivita. El le-a schimbat repede. Le-am schimbat si eu inca odata. El intreba pe chat disperat, credea ca askwrite i-a luat cookie-urile. I-am spus ca ala i-a dat un trojan, un malware ceva si l-am sfatuit sa formateze hdd-ul. Cred ca nu mai avea mult oricum. Bineinteles, a urmat o ploaie de injuraturi catre askwrite, sa nu-i mai umble prin cont. (00:21:41) askwrite: ahahahahahahahahhahahahahahahaha?hahahaha (00:21:48) 666BLODAS666: cine pula mea imi tot schimba avatarul si toate si isi bate pula de contul meu? (00:21:53) askwrite: eu (00:55:49) 666BLODAS666: mi-ai furat cookieurile (00:55:50) 666BLODAS666: atat

Mai bine lasa-l asa. E mai rapida asta. Fuck web 2.0; Nu ai nevoie de desene animate, doar de o interfata de email decenta. Cred ca am folosit pine (client email de CLI) cativa ani. Just plain text.

Sunt unele aplicatii care determina daca sistemul are swap sau nu. Nu functioneaza fara el. Daca ai SSD (sau orice alt storage rapid) si suficienta memorie, recomand un sysctl -w vm.swappiness=0 si sa pui 'vm.swappiness=0' in '/etc/sysctl.conf' Deci, poti pune un 512 MB swap (just in case). Daca ruleaza deja sistemul si nu vrei sa umblii la partitionare, poti face swap cu dd (imagine)

As promised in an October 2013 announcement, consumer Internet giant Yahoo! has enhanced the privacy and security for its users by enabling HTTPS connections by default for all Yahoo Mail users. “Anytime you use Yahoo Mail - whether it’s on the web, mobile web, mobile apps, or via IMAP, POP or SMTP- it is 100% encrypted by default and protected with 2,048 bit certificates,” Jeff Bonforte, SVP of Communication Products at Yahoo! wrote in a blog post Tuesday. The HTTPS encryption will secure emails, attachments, contacts, as well as Calendar and Messenger in Mail, Yahoo said, protecting data and messages as they move between users' browsers and Yahoo’s servers. Yahoo Mail users have had the choice to enable HTTPS for some time, but now all users will benefit from the secure connections by default. The move to the secure browser sessions by default follows similar moves by Facebook, which enabled HTTPS by default in July 2013, and Google, which set the HTTPS default in early 2010, but has had the option for users to do so since 2008. Using HTTPS is increasingly beneficial when accessing Internet services from public networks such as Wi-Fi hotspots, and helps protect browser sessions from being snooped on by others. Nota personala: S-au facut magarii in Franta inclusiv cu certificatele ssl pentru google. Deci, nu o sa-i impiedice nimic sa obtina ce vor. Zilele trecute raspandeau malware prin intermediul site-ului, acum fac si ei 'by default' SSL. Praf in ochi pentru utilizatori. Source: Yahoo Enables HTTPS Encryption by Default for Yahoo Mail | SecurityWeek.Com

PARIS - France's data protection watchdog on Wednesday fined Google 150,000 euros ($205,000) -- the maximum possible -- for failing to comply with its privacy guidelines for personal data. The watchdog, the CNIL, also ordered the US Internet giant to publish a statement relating to its decision on its French homepage for at least 48 hours within the next eight days. Google was informed of the decision on January 3, the CNIL said in a statement. France's move follows Google's introduction in 2012 of a new privacy policy which enables it to track user activity across its search engine, Gmail, the Google+ social networking platform and other services it owns, which include YouTube. The changes make it easier for Google to collect and process data that could be used by advertisers to target individuals with tailored offers, thereby increasing the company's revenue potential. The CNIL had asked Google to inform web users in France on how it processes their personal data and to define exactly how long they can store the information. It had also requested that the US giant obtain user permission before storing cookies on their computers, referring to files that track web surfers and allow companies to target them with tailored commercials. Google has always maintained that its treatment of data gathered from users is in line with European law and has previously refused to get into an argument about the specific French requirements. The issue of data protection has gathered steam worldwide following revelations by Edward Snowden, a former contractor with the National Security Agency, that the US had a vast, secret program called PRISM to monitor Internet users. Google has defended the changes it made last year on the ground that they simplify and standardize its approach across its various services. But critics argue that the policy, which offers no ability to opt out aside from refraining from signing into Google services, gives the operator of the world's largest search engine unprecedented ability to monitor its users' tastes and purchasing patterns. Source: France Fines Google Maximum Penalty in Data Privacy Row | SecurityWeek.Com

Iti recomand blog-ul lui Valentin Bosioc

Valim, respectul nu se castiga 'bagand' flood la site-uri fara un motiv anume. Nu castigi nimic si iti faci si dusmani. Crezi ca forumul tau nu pica la DDoS ? Orice pica. Inclusiv GOOGLE, AKAMAI, YAHOO. Infestezi 200.000 servere si trimiti din ele pachete ca pe conducta. Nu e nimic constructiv.

Daca vreti sa descarcati toate cartile de acolo si sa aveti si timp liber de cafea: marian@pluto:~$ mkdir books marian@pluto:~$ cd books/ marian@pluto:~/books$ marian@pluto:~/books$ wget -r -A "pdf" http://n-pn.info/repo/HackBBS/HackBBS/Docs_HackAngel/ marian@pluto:~/books$ mv n-pn.info/repo/HackBBS/HackBBS/Docs_HackAngel/* . marian@pluto:~/books$ rm -rf n-pn.info/

Pai ai codul la indemana, poti implementa singur absolut tot ce iti trebuie. E si 'how to' acolo. https://rstforums.com/forum/79735-emergency-self-destruction-luks-kali.rst http://thehackernews.com/2014/01/Kali-linux-Self-Destruct-nuke-password.html

Si aici, pe forum, avem/am avut masoni. Unu era vai de steaua lui, agramat, dadea cu Haviji si aposostroful in site-uri si dupa un an a devenit expert in securitate, inginer in cibernetica, mecatronica, fizica cuantica si General Manager la o firma de securitate. 'De care este.' Oare tot 'pro/re gresul' asta s-o datora masoneriei si stiintelor oculte ?! )

Pai si ... nu stiu cum sa te intreb. Vrei sa-l ajuti ? O fi crezut omul ca esti poponete si s-a simtit lezat. Nu vad asta un abuz de putere. "Nu e nicidecum o insult? adus? unui moderator" - Si Becali zicea: "El m-a facut incult, eu l-am facut oligofren si hahalera, nu l-am jignit!"

https://www.youtube.com/watch?v=aeaPanpU-iw

Raspunsuri sunt, trebuie doar sa pui intrebarea potrivita. "Nu ma pot conecta la internet. Cum sa fac asta?!" nu este o intrebare buna. Citeste pe aici cate ceva, o sa ai nevoie. Deci, ce fel de conectivitate ai la internet ? - Este PPPOE ? (Cu user si parola) - Ai un router "in fata" pc-ului ? - Ai un modem 3G sau dialup ? - Ce furnizor de internet ai? - Cum ai incercat sa te conectezi si nu ti-a reusit ? Si scoate emoticonurile alea cand intrebi ceva serios.

Da, chiar nu e o solutie asta. Dar e recomandat sa iti schimbi periodic parolele.

Kali Linux Full Disk Encryption As penetration testers, we often need to travel with sensitive data stored on our laptops. Of course, we use full disk encryption wherever possible, including our Kali Linux machines, which tend to contain the most sensitive materials. Setting up full disk encryption with Kali is a simple process. The Kali installer includes a straightforward process for setting up encrypted partitions with LVM and LUKS. Once encrypted, the Kali operating system requires a password at boot time to allow the OS to boot and decrypt your drive, thus protecting this data in case your laptop is stolen. Managing decryption keys and partitions is done using the cryptsetup utility. Nuking our Kali Linux FDE Installation A couple of days ago, one of us had the idea of adding a “nuke” option to our Kali install. In other words, having a boot password that would destroy, rather than decrypt, the data on our drive. A few Google searches later, we found an old cryptsetup patch by Juergen Pabel which does just that, adding a “nuke” password to cryptsetup, which when used, deletes all keyslots and makes the data on the drive inaccessible. We ported this patch for a recent version of cryptsetup and posted it on Github. Read more: Emergency self-destruction of LUKS in Kali | Kali Linux

(12:18:32) Oust: )) (12:18:38) Oust: Tre' sa merg sa ma pensez. (12:19:02) aelius: iti dai si cu creme ? (12:19:08) aelius: pai ce ma, esti muiere (12:19:08) Oust: Nu. (12:19:10) aelius: )))) (12:19:11) aelius: hahahaha (12:19:13) Oust: Imi e frica. (12:19:18) Oust: M-am mai dus odata sa ma penseze. (12:19:21) Oust: Ba imi era frica... (12:19:23) Oust: Serios va spun. (12:19:27) nedo: e doar un pic de frica (12:19:32) nedo: un pic de durere* (12:19:33) Oust: Imi era asa o frica ca ma face muiere. (12:19:35) nedo: mare branza (12:19:37) aelius: te penseaza si la Fofoloanca ? (12:19:37) Oust: Nu e durere. (12:19:39) Oust: Nu de durere ma. (12:19:42) nedo: ) (12:19:42) Oust: Pis pe ea de durere. (12:19:45) aelius: ))))))))))))))))))))))) (12:19:49) Oust: Mie imi era frica ca imi fute sprancenele. (12:19:55) Oust: Si o sa arat ca smigle. (12:20:02) Oust: Ca AZIS. (12:20:04) Oust: (12:20:08) aelius: ))) (12:20:15) Oust: Ma duc doar sa le tunda si sa ia din parti putin. (12:20:17) ENCODED: eu nu`mi pensez sprancenele (12:20:18) Oust: Nu sa le contureze. (12:20:20) ENCODED: sunt perfecte (12:20:21) ENCODED: ) (12:20:22) aelius: sa-ti proptim spranceana pe maciuca ma (12:20:24) Oust: Foarte bine. (12:20:26) aelius: )))))))))))))))))))))))))))) (12:20:27) ENCODED: la tine se unesc ? (12:20:32) Oust: Nu. (12:20:37) aelius: da-ne-ai cu spranceana-n burta (12:20:39) aelius: ahahahaha (12:20:39) Oust: Ca nu le las. (12:20:49) Oust: Eu sunt paros ba, am par si pe piept. (12:20:56) Oust: Sunt barbat, nu muiere. (12:21:09) aelius: http://wow7.ro/wp-content/upload?s/2013/08/tanar-haios-infiorator-?cu-sprancene-unite-01.jpg (12:21:10) Oust: Am dat 200 ron pe un bodygroom. (12:21:11) aelius: HAHAHAHHAHAHAHA (12:21:16) aelius: ete ma, ai pus poza pe net (12:21:21) Oust: Hahahaha (12:21:25) Oust: Nu ma nu le am asa. (12:21:25) aelius: ce pula mea e aia, spranceana sau COZOROC de sapca (12:21:28) aelius: )))}HAHAHAHHAHAHAHAHA (12:21:30) aelius: HAHAHAHHAHAHAHHAHA (12:21:33) Oust: HHHAHAHAHAHAHAHAHA (12:21:36) Oust: )) (12:21:56) ENCODED: ala e Oust ? (12:21:57) ENCODED: Oare e Oust ? http://wow7.ro/wp-content/upload?s/2013/08/tanar-haios-infiorator-?cu-sprancene-unite-01.jpg

Acele aplicatii malware sunt destinate Windows-ului. Pe linux oricum ai control mai mare: Rulezi aplicatiile sub un user cu privilegii restranse, poti vedea foarte usor procesele ce ruleaza si ai o gramada de scule pentru monitorizare si debugging. (tcpdump, iptraf, ps, pstree, lsof). Daca esti paranoic, poti face "daily md5sum" pe binare pentru a te asigura ca este totul ok. (poti instala chiar si un IDS sa monitorizeze fisiere, etc ..) (acum depinde si de experienta)

Suntem de parere ca esti un mare labagiu si ca te folosesti de munca altuia, fara a acorda credit. This photo set was shared via Share.Pho.to Cand copiezi o idee de la un om, pui link catre el, nu iti atribui tu munca lui. Eject. (ban)

After Snapchat hack, this can be another worst data breach of the new year. A Pakistani hacker 'H4x0r HuSsY' has successfully compromised the official Forum of 'openSUSE', a Linux distro developed, sponsored & supported by SUSE. The hacker managed to deface the Forum and uploaded its custom message page as shown and account information of 79,500 registered users' may have been compromised. The popular website MacRumors's Forum was compromised in last November using an alleged zero day exploit, which is based on vBulletin, a famous forum software. The openSUSE Forum is also based upon vBulletin. Another interesting fact is that openSUSE is still using vBulletin 4.2.1, which is vulnerable to inject rogue administrator accounts flaw. Whereas, the latest patched vBulletin 5.0.5 is available. Possibly, Hacker exploits same or another known vBulletin version 4.2.1 vulnerability to access the website's administrative panel. Read more: Exclusive - openSUSE Forum Hacked; 79500 Users' Data Compromised Nota personala: Mie imi pare o cacanarie sa se intample asta cu un soft comercial. Costul nu este deloc mic si pe langa costul lui, trebuie sa platesti pentru suport. Suport la ce ? La o saracie low-end cu gauri de securitate?! Se pare ca vBulletin devine un fel de mambo. Cine e vechi pe net stie ce nebunie era inainte la mambo / joomla. Observ din imaginile de acolo ca au folosit inclusiv un phpshell. Cat de retard sa fie un admin incat sa nu stie sa dezactiveze niste functii php si sa instaleze ceva module de protectie (just in case).