Kev

Salut, a incercat cineva platforma https://maiar.exchange/ Din am aflat este creata de români... pãreri?

A incercat cineva pe modelele vechi? Pe modelele noi imi afiseaza *74# (nr. tastatura) in send box, iar in content box *ri# (plain text). Edit: @dixongsm esti prezent?

Era cineva pe aici de compara preturile, daca nu ma insel @Wav3 Umflã preturile inainte si dupe sunt aceleasi

Ma refer la Nokia 5110 , 3310, 8110, Siemens, s.a.m.d Sunt in App Store o multime de aplicatii de la USSD pana la sender-id

Salut In trecut exista o metoda prin care se trimite-au SMS-uri cu numar ascuns. Imi aratase un coleg de liceu, era similar cu #31# (apel), dar in SMS se adauga *9...# (atat retin) Mai functioneaza? Multumesc anticipat.

As many as 13 security vulnerabilities have been discovered in the Nucleus TCP/IP stack, a software library now maintained by Siemens and used in three billion operational technology and IoT devices that could allow for remote code execution, denial-of-service (DoS), and information leak. Collectively called "NUCLEUS:13," successful attacks abusing the flaws can "result in devices going offline and having their logic hijacked," and "spread[ing] malware to wherever they communicate on the network," researchers from Forescout and Medigate said in a technical report published Tuesday, with one proof-of-concept (PoC) successfully demonstrating a scenario that could potentially disrupt medical care and critical processes. Siemens has since released security updates to remediate the weaknesses in Nucleus ReadyStart versions 3 (v2017.02.4 or later) and 4 (v4.1.1 or later). Primarily deployed in automotive, industrial, and medical applications, Nucleus is a closed-source real-time operating system (RTOS) used in safety-critical devices, such as anesthesia machines, patient monitors, ventilators, and other healthcare equipment. The most severe of the issues is CVE-2021-31886 (CVSS score: 9.8), a stack-based buffer overflow vulnerability affecting the FTP server component, effectively enabling a malicious actor to write arbitrary code, hijack the execution flow, and achieve code execution, and in the process, take control of susceptible devices. Two other high-severity vulnerabilities (CVE-2021-31887 and CVE-2021-31888), both impacting FTP servers, could be weaponized to achieve DoS and remote code execution. Real-world attacks leveraging the flaw could hypothetically impede the normal functioning of automated train systems by sending a malicious FTP packet, causing a Nucleus-powered controller to crash, in turn, preventing a train from stopping at a station and causing it to collide with another train on the track. ForeScout's telemetry analysis has revealed closed to 5,500 devices from 16 vendors, with most of the vulnerable Nucleus devices found in the healthcare sector (2,233) followed by government (1,066), retail (348), financial (326), and manufacturing (317). The disclosures mark the seventh time security weaknesses have been discovered in the protocol stacks that underpin millions of internet-connected devices. It's also the fifth study as part of a systematic research initiative called Project Memoria aimed at analyzing the security of TCP/IP network communication stacks — URGENT/11 Ripple20 AMNESIA:33 NUMBER:JACK NAME:WRECK INFRA:HALT In an independent advisory, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) urged users to take defensive measures to mitigate the risk of exploitation of these vulnerabilities, including minimizing network exposure for all control system devices, segmenting control system networks from business networks, and using VPNs for remote access. Via thehackernews.com

Ba, nu imi spune ba, ti-am mai explicat, iar daca dai quote, pune tot postul Am repetatat, este o porcarie de website made in Japan, facut cu 0,00035 de centi Tre incadrat in sectiunea fake news Off: se vede cine e prost, dar nu imi pun mintea cu o mica exceptie, se observa cata troll faci https://rstforums.com/forum/profile/240619-crtzfldt/

Grije cum vorbesti, nu ne tragem de sireturi Name Servers:dns19.ovh.net ns19.ovh.net ID ccTLD whois server Please see 'whois -h whois.id help' for usage. Domain ID: PANDI-DO375401 Domain Name: docdro.id Created On: 2015-04-06 02:09:04 Last Updated On: 2021-03-25 16:09:03 Expiration Date: 2022-04-06 00:09:04 Status: ok ==================================================== Sponsoring Registrar Organization: Jagat Informasi Solusi (int) Sponsoring Registrar URL: belidomain.co.id Sponsoring Registrar Street: Indosurya Plaza 3A Floor Jl. MH Thamrin No. 8-9 Sponsoring Registrar City: Jakarta Sponsoring Registrar State/Province: Jakarta Sponsoring Registrar Postal Code: 10230 Sponsoring Registrar Country: ID Sponsoring Registrar Phone: 02129388505 Sponsoring Registrar Email: email@belidomain.co.id Name Server: dns19.ovh.net Name Server: ns19.ovh.net DNSSEC: Unsigned Abuse Domain Report https://pandi.id/domain-abuse-form/?lang=en For more information on Whois status codes, please visit https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en Interested in similar domains? doctordro.comBuy Now doctorsdro.comBuy Now getdocdro.comBuy Now buddydro.comBuy Now docdro.netBuy Now doctordro.netBuy Now .space $24.88 $0.88 BUY NOW *Offer ends 31st October 2021 On Sale! .fun .FUN @ $1.48 $23.88

Ne lasi cu domenii cumparate cu 0.039 ¢, din Indonesia

ABOUT WHAT IS CRYPTO SCAM ? The DeFi revolution comes also with a lot of fraudulent projects and scams with millions of Crypto having already been stolen via elaborate schemas known as rug pulls PROBLEMS NFT and Crypto rug pulls and exit scams formed approximately 95% of all crypto frauds in 2020. Both exit scams and rug pulls are crypto frauds. Exit scams happen when crypto promoters and Developers disappear with investors money during or after an initial coin offering (ICO).Ideally when the price of the Crypto or NFT Spikes up. Rug pulls are a new form of exit scam whereby crypto developers abandon a project and Disappear with investors' money. SOLUTION We are a group of friends who are blockchain experts and enthusiasts,(also huge coffeezilla Fans :P) that have come together to screen through any Project you feel might be a scam. We will do due diligence in terms of Coin/NFT Utility, Long term sustainability and Everything that will really make or break the project. we will then Send you the results via Email scoring the project over 10 and also Give strong reasons on why we believe the project is a Scam or Not. We will most likely reply within 24 Hours URL: https://cryptoscam.softr.app Source: Google

Visual editor and API for network environments script generation. Define your network components and download a BASH script creating your setup. root@(none):/# ./netpen.sh ____ _ | _ \ ___ _ _ | |_ ___ _ __ | |_) | / _ \ | | | || __| / _ \| '__| | _ < | (_) || |_| || |_ | __/| | |_| \_\ \___/ \__,_| \__| \___||_| +-----------+------------------------------------+ | Namespace | IPv4 | +-----------+------------------------------------+ | a | 198.51.100.130/25 (atorouter.dev1) | +-----------+------------------------------------+ | b | 198.51.100.2/25 (btorouter.dev1) | +-----------+------------------------------------+ | router | 198.51.100.129/25 (atorouter.dev2) | | | 198.51.100.1/25 (btorouter.dev2) | +-----------+------------------------------------+ net.ipv4.route.mtu_expires = 15 net.ipv4.conf.all.forwarding = 1 net.ipv6.conf.all.forwarding = 2 net.ipv4.conf.all.forwarding = 1 net.ipv6.conf.all.forwarding = 2 net.ipv4.conf.all.forwarding = 1 net.ipv6.conf.all.forwarding = 2 [ 10.578767] ip (1451) used greatest stack depth: 12224 bytes left [ 10.769523] random: crng init done [ 10.777003] IPv6: ADDRCONF(NETDEV_CHANGE): atorouter.dev1: link becomes ready [ 10.923704] ip (1460) used greatest stack depth: 12096 bytes left [ 11.121881] IPv6: ADDRCONF(NETDEV_CHANGE): btorouter.dev1: link becomes ready root@(none):/# [ 11.578224] IPv6: ADDRCONF(NETDEV_CHANGE): atorouter.dev2: link becomes ready root@(none):/# ip netns exec a ping 198.51.100.2 PING 198.51.100.1 (198.51.100.2) 56(84) bytes of data. 64 bytes from 198.51.100.2: icmp_seq=1 ttl=63 time=7.00 ms 64 bytes from 198.51.100.2: icmp_seq=2 ttl=63 time=0.956 ms Project Page: https://github.com/ebirger/netpen.git Source

FiveSys rootkit somehow used a valid digital signature to help bypass cybersecurity measures in order to steal usernames and passwords from victims. Cybersecurity researchers at Bitdefender have detailed how cyber criminals have been using FiveSys, a rootkit that somehow made its way through the driver certification process to be digitally signed by Microsoft. The valid signature enables the rootkit – malicious software that allows cyber criminals to access and control infected computers – to appear valid and bypass operating systems restrictions and gain what researchers describe as "virtually unlimited privileges". It's known for cyber criminals to use stolen digital certificates, but in this case, they've managed to acquire a valid one. It's a still a mystery how cyber criminals were able to get hold of a valid certificate. It's uncertain how FiveSys is actually distributed, but researchers believe that it's bundled with cracked software downloads. Once installed, FiveSys rootkit redirects internet traffic to a proxy server, which it does by installing a custom root certificate so that the browser won't warn about the unknown identity of the proxy. This also blocks other malware from writing on the drivers, in what's likely an attempt to stop other cyber criminals from taking advantage of the compromised system. Analysis of attacks shows that FiveSys rootkit is being used in cyber attacks targeting online gamers, with the aim of stealing login credentials and the ability to hijack in-game purchases. The popularity of online games means that a lot of money can be involved - not only because banking details are connected to accounts, but also because prestigious virtual items can fetch large sums of money when sold, meaning attackers could exploit access to steal and sell these items. Currently, the attacks are targeting gamers in China – which is where researchers also believe that the attackers are operating from. The campaign started slowly in late 2020, but massively expanded during the course of summer 2021. The campaign is now blocked after researchers at Bitdefender flagged the abuse of digital trust to Microsoft, which revoked the signature. ZDNet contacted Microsoft but hadn't received a response at the time of publication. While the rootkit is currently being used to steal login credentials from gaming accounts, it's possible that it could be directed at other targets in future. But by taking some relatively simple cybersecurity precautions, it's possible to avoid falling victim to this or similar attacks. Via zdnet.com

IMAGINE: ONFOKUS / GETTYIMAGES The hacker turned against his former partner, accusing him of stealing his fair share of a $16,000 heist. There’s no honor among thieves, including those who steal cryptocurrency. On Tuesday, the Department of Justice announced that a SIM swapper who stole almost $17,000 with an accomplice pleaded guilty to aggravated identity theft in a case of criminal partnership gone wrong. The SIM swapper, 20-year-old Kyell Bryan ended up doxing and swatting his former partner, according to the hacker’s guilty plea. Doxing refers to the common and unsavory online practice of revealing a person’s real identity and other personal information such as home address in order to harass them. Swatting refers to another dangerous and sometimes fatal internet harassment tactic in which someone pretends there’s an emergency at their target’s home, prompting police to send a SWAT team. In June of 2019, Bryan and Jordan Milleson worked together to steal the password of an employee working for an unidentified cellphone carrier using one of several phishing websites Bryan set up. They then used the password to login into the company's internal network, which allowed them to steal the phone number of victims in what is a typical SIM swapping attack. At that point, they used their control of the phone number to break into the victim’s cryptocurrency account and steal cryptocurrency valued around $16,847.47, according to the Department of Justice. Hours later, Bryan and other accomplices started suspecting that Milleson had “snaked” them. In other words, they believed Milleson had not given them their fair share of the heist. Bryan and the others then began to try to identify Milleson, whom at the time only knew by an alias. Soon, they figured out Milleson used the nickname “Chikri,” and they asked a chat room for help doxing him. Bryan then learned Chikri also went by Jordy and started asking around for more information about him. At the time of the message, someone called the Baltimore County Police Department claiming he shot his father and was going to shoot himself. The person then gave the police Milleson’s address, and threatened to shoot the cops if they showed up. When they did show up, there was no emergency at all. Milleson was sentenced to two years in prison on May 5, 2021. Bryan faces two years in prison for aggravated identity theft. Subscribe to our new cybersecurity podcast, CYBER. Subscribe to our new Twitch channel. Via vice.com

This tool enumerates hostnames from Bing.com for an IP address. Bing.com is Microsoft's search engine which has an IP: search parameter. Written in Bash for Linux. Requires wget. Changes: Minor release. Changed User-Agent to wget/1.20. Fixed an error where it finds no results. README.md [](https://raw.githubusercontent.com/urbanadventurer/whatweb/master/LICENSE) [](https://www.gnu.org/software/bash/) # Bing-ip2hosts Bing-ip2hosts is a Bing.com web scraper to discover hostnames by IP address.  ## Description Bing-ip2hosts is a Bing.com web scraper that discovers hostnames by IP address. Bing is the flagship Microsoft search engine formerly known as MSN Search and Live Search. > It provides a feature unique to search engines - it allows searching by IP address. Bing-ip2hosts uses this feature. It can be used to discover subdomains and other related domains. It also helps to identify websites hosted in a shared hosting environment. This technique follows best practices during the reconnaissance phase of a penetration test or bug bounty, to expand the target's attack surface. Unlike other many other recon tools that web scrape Bing, this tool has smart scraping behaviour to maximize the discovery of hostnames. ### Features - Smart scraping behaviour to maximize hostname discovery. - Console user interface showing scraping progress. - Discovers subdomains and hostnames by IP address. - Can search by hostname or IP address. - Output with or without URL prefix. - Output to file, in list or CSV format. - Bing API key not required. - Select the search language and market. - Specify targets from the command line or from a file. - Lightweight Bash shell script without heavy dependencies. ## Bing Web Scraping  Bing provides a feature unique to search engines - it allows searching by IP address. To try this, go to Bing.com and search for `IP:40.113.200.201`. It should show you results from microsoft.com. If it shows empty results, then add a single dot. ### Smart Scraping Behaviour Unlike other Bing web scrapers that stop after scraping 10 result pages, bing-ip2hosts can scrape thousands of results. It continues scraping search result pages until it no longer finds new results. Scraping completes when any of the following conditions are met: - After a configurable threshold of pages fail to return new results (default: 5). - A single page of search results, e.g. 10 or less results. - The last page of search results. - Empty results. It also alerts the user when Bing reports that some results have been removed. ### Avoid Empty Search Results If searching by an IP address returns empty search results, add a single dot. Bing-ip2hosts always appends a single dot (%2e) to the query to avoid this issue. ### Search Language and Market By default this tool specifies the search language as "en-us". The market is left as unset, as this seems to maximize results. The following URL parameters can be configured: - setlang (Language) - setmkt (Market code) Both these parameters can affect how many results are returned. A full list of market codes can be found at [docs.microsoft.com/en-us/azure/cognitive-services/bing-web-search/language-support](https://docs.microsoft.com/en-us/azure/cognitive-services/bing-web-search/language-support). ### Repeating Search Result Pages Sometimes Bing does not permit the user to reach the end of search result pages. For example, in a search that shows 3 pages of results, it will not always allow the user to reach the 3rd page. Instead it will return the first page of results. This can be demonstrated by searching for `ip:8.8.8.8 .`. Note that it is not always the first page that it returned to. ## Help  Use the following command for usage information. ``` bing-ip2hosts is a Bing.com web scraper that discovers websites by IP address. Use for OSINT and discovering attack-surface of penetration test targets. Usage: ./bing-ip2hosts [OPTIONS] IP|hostname OPTIONS are: -o FILE Output hostnames to FILE. -i FILE Input list of IP addresses or hostnames from FILE. -n NUM Stop after NUM scraped pages return no new results (Default: 5). -l Select the language for use in the setlang parameter (Default: en-us). -m Select the market for use in the setmkt parameter (Default is unset). -u Only display hostnames. Default is to include URL prefixes. -c CSV output. Outputs the IP and hostname on each line, separated by a comma. -q Quiet. Disable output except for final results. -t DIR Use this directory instead of /tmp. -V Display the version number of bing-ip2hosts and exit. ``` ## Installation ### Dependencies bing-ip2hosts requires wget. This is installed by default in Ubuntu Linux and Kali Linux. It can be installed in macOS with homebrew. ```sh homebrew install wget ``` It can be installed in Debian and Ubuntu Linux with apt. ```sh sudo apt install wget ``` ### Install Copy bing-ip2hosts into a folder in your $PATH. ```sh sudo cp ./bing-ip2hosts /usr/local/bin/ ``` ## Compatibility Bing-ip2hosts uses the Bash scripting language. It is known to work with the following systems. * Ubuntu Linux ``` GNU bash, version 4.4.20(1)-release (x86_64-pc-linux-gnu) Copyright (C) 2016 Free Software Foundation, Inc. License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> This is free software; you are free to change and redistribute it. There is NO WARRANTY, to the extent permitted by law. ``` * macOS Catalina The version of Bash bundled with macOS was published in 2007 and is the most recent version licensed with GPLv2. More recent versions are licensed with GPLv3, with licence terms that preclude Apple from bundling it in macOS. ``` GNU bash, version 3.2.57(1)-release (x86_64-apple-darwin19) Copyright (C) 2007 Free Software Foundation, Inc. ``` ## Links - Homepage: http://www.morningstarsecurity.com/research/bing-ip2hosts/ - Source: https://github.com/urbanadventurer/bing-ip2hosts - Kali Linux Tools: https://tools.kali.org/information-gathering/bing-ip2hosts - Kali Linux Package: https://gitlab.com/kalilinux/packages/bing-ip2hosts/tree/kali/master - Homebrew Kali: https://github.com/b-ramsey/homebrew-kali - ArchLinux Package: https://aur.archlinux.org/packages/bing-ip2hosts/ - ArchStrike : https://archstrike.org/packages/bing-ip2hosts - BlackArch : https://blackarch.org/recon.html ## Related Projects Here's a list of projects that also search Bing by IP address. - [HostHunter](https://github.com/SpiderLabs/HostHunter/) by SpiderLabs Here's a list of other related projects for recon using Bing. Note that these do not search Bing by IP address. - [Sublist3r](https://github.com/aboul3la/Sublist3r/) by aboul3la - [recon-ng](https://github.com/lanmaster53/recon-ng) by lanmaster53 ## Author Copyright Andrew Horton, aka urbanadventurer. ## Licensing This project is licensed under GPL version 3. See the attached `LICENSE.txt`. ## Contributing :hammer_and_pick: If you have any ideas, just open an issue and tell me what you think. If you'd like to contribute, please fork the repository and make changes as you'd like. Pull requests are warmly welcome. ### Community contributors - @paralax - @mathieu-aubin (bug fix) ## Acknowledgments This project uses the following opensource packages. - [bash](https://www.gnu.org/software/bash/) - [wget](https://www.gnu.org/software/wget/) - [grep](https://www.gnu.org/software/grep/) - [sed](https://www.gnu.org/software/sed/) Download: bing-ip2hosts-1.0.5.tar.gz Source

Salut Pot implementa cumva un sistem de alarma SSID pe o platforma CSS si HTML? Cod rosu, portocaliu... s.am.d. sa trezesc mortii din morminte Multumesc anticipat

Researchers find that lax ICS security is putting critical services at risk of exploitation. The "abysmal" state of security for industrial control systems (ICSs) is putting critical services at serious risk, new research finds. You only need to look at the chaos caused by a ransomware attack launched against Colonial Pipeline this year -- leading to panic buying and fuel shortages across part of the US -- to see what real-world disruption cyber incidents can trigger, and their consequences can go far beyond the damage one company has to repair. It was only last month that the Port of Houston fended off a cyberattack and there is no reason to believe cyberattacks on operational technology (OT) won't continue -- or, perhaps, become more common. On Friday, CloudSEK published a new report exploring ICSs and their security posture in light of recent cyberattacks against industrial, utility, and manufacturing targets. The research focuses on ICSs available through the internet. Some of the most common issues allowing initial access cited in the report include weak or default credentials, outdated or unpatched software vulnerable to bug exploitation, credential leaks caused by third parties, shadow IT, and the leak of source code. After conducting web scans for vulnerable ICSs, the team says that "hundreds" of vulnerable endpoints were found. CloudSEK highlighted four cases that the company says represents the current issues surrounding industrial and critical service cybersecurity today: An Indian water supply management company: Software accessible with default manufacturer credentials allowed the team to access the water supply management platform. Attackers could have tampered with water supply calibration, stop water treatments, and manipulate the chemical composition of water supplies. CloudSEK The Indian government: Sets of mail server credentials belonging to the Indian government were found on GitHub. A gas transport company: This critical service provider's web server, responsible for managing and monitoring gas transport trucks, was vulnerable to an SQL injection attack and administrator credentials were available in plaintext. Central view: The team also found hardcoded credentials belonging to the Indian government on a web server supporting monitors for CCTV footage across different services and states in the country. The US Cybersecurity and Infrastructure Security Agency (CISA) was informed of CloudSEK's findings, as well as associated international agencies. Via zdnet.com

@Jimmy @TheTime @MrRip@symboss@hirosima @Oust mai respiri?

Nu e troll, doresc un wallet pentru receive & send PS: Mutat aici daca se poate Cryptocurrency

Salut, Am incercqt sa-mi creez un vont pe blockchain, dar primesc rreject, gmail nu primesc nimic, unde imit crea un wallet? PS: postat de pe telefon si e oglinda

Te rreferi la stirea asta? Era un topic pe undeva din care poti apela cu un notebook si un telefon mobil 3310, revin cu edit

Gecko mai traiesti bre?

A cryptocurrency expert who gave a talk at a Pyongyang conference has admitted conspiring to help North Korea evade sanctions. Virgil Griffith, a former senior researcher with the Ethereum Foundation, pleaded guilty on Monday. The US Department of Justice said he had "jeopardised the national security of the United States" by undermining sanctions. His lawyer told the Wall Street Journal Griffith was "sincerely remorseful." Launder money In April 2019, Griffith attended the Pyongyang Blockchain and Cryptocurrency Conference, with about 100 other attendees. He had applied for permission to travel to North Korea - but when this was refused, he went anyway, reaching the country via China. Seven months later, Griffith, who had been living in Singapore, was arrested at Los Angeles International Airport. Prosecutors said Griffith, had given a presentation on blockchain technology and cryptocurrency, with topics approved by North Korean officials, and "participated in discussions regarding using cryptocurrency technologies to evade sanctions and launder money". 'Personal trip' The title of the presentation was Blockchain and Peace. Blockchain is the technology underpinning cryptrocurrencies, in effect a giant shared ledger of transactions. After Griffith's arrest, Ethereum cryptocurrency co-founder Vitalik Buterin circulated a petition in support of him, which attracted only modest support. In the Twitter thread, Mr Buterin said the foundation had not supported Griffith's activities in North Korea, saying: "It was Virgil's personal trip, that many counselled against". The BBC is not responsible for the content of external sites. View original tweet on Twitter On Monday, Griffith pleaded guilty to conspiring to violate the US International Emergency Economic Powers Act by providing services to North Korea, including technical advice on using cryptocurrency and blockchain technology to evade sanctions, according to a Department of Justice statement. Griffith's presentation, the justice department said, had among other things, focused on "how blockchain technology such as 'smart contracts' could be used to benefit the DPRK [North Korea], including in nuclear weapons negotiations with the United States". US Attorney Audrey Strauss said Griffith had agreed to help "one of our nation's most dangerous foreign adversaries, North Korea". 'Deep sighs' Griffith, who will be sentenced in January, faces up 20 years in jail but his plea will probably mean his final sentence is considerably shorter. Ethan Lou a journalist who attended the conference in North Korea and is following the trial, said the admission of guilt was a "plea deal with up to six and a half years in prison". "Virgil was quite emotional - deep sighs sometimes when he spoke," he tweeted. Griffith, who has a PhD from the California Institute of Technology, worked for the Ethereum Foundation's Special Projects group before his arrest. 'Wonderful qualities' On his now defunct personal website, he said his personal goals were "expose corruption, curb abuses of power, and with 'gloves off' ensure the digital age never becomes a digital dystopia". He first rose to wide public attention as the creator of Wikiscanner, a tool that made it easy to discover, often embarrassing or self-serving, Wikipedia edits made on computers belonging to well known organisations including the CIA, the Vatican, the Ministry of Defence and the BBC. Griffith also appeared in reality-TV programme King of the Nerds. His lawyer, Brian Klein, said he had "many wonderful qualities, and no-one should define him by this mistake". Via bbc.com

adica no ? <?php Print "Hello, World!"; ?> Este absurd PS: Stati linistiti fac studentii petii de viseaza cocori

Util, dar este cu bani. Gasesti la tot pasul Reclama mascata