Jump to content

Kev

Active Members
  • Posts

    1026
  • Joined

  • Days Won

    55

Everything posted by Kev

  1. Salut, Cum au facut redirect din acest link aHR0cHM6Ly9teWZvb2RpZXMuY29tL3JlY2lwZXByaW50LnBocD9saW5rPWh0dHA6Ly9lc2NvcnQtc2VydmljZS1sb25kb24uY28udWs= b64 UTF-8 Fara acces la site-ul principal? Hint: .com/recipeprint.php?link=http://site.com
  2. Da-mi pentru seo si fac excange, sau faci tu, imi rup din timp sa-ti fac logo. Ceri o licenta pentru doua computere
  3. Apple has released security updates to fix two zero-day vulnerabilities that have been seen exploited in the wild to attack iPhones and Macs. One is known to be used to install the Pegasus spyware on iPhones. The vulnerabilities are tracked as CVE-2021-30860 and CVE-2021-30858, and both allow maliciously crafted documents to execute commands when opened on vulnerable devices. The CVE-2021-30860 CoreGraphics vulnerability is an integer overflow bug discovered by Citizen Lab that allows threat actors to create malicious PDF documents that execute commands when opened in iOS and macOS. CVE-2021-30858 is a WebKit use after free vulnerability allowing hackers to create maliciously crafted web page that execute commands when visiting them on iPhones and macOS. Apple states that this vulnerability was disclosed anonymously. While Apple did not release any further information on how the vulnerabilities were used in attacks, Citizen Lab has confirmed that CVE-2021-30860 is a zero-day zero-click iMessage exploit named 'FORCEDENTRY.' The FORCEDENTRY exploit was discovered to be used to bypass the iOS BlastDoor security feature to deploy the NSO Pegasus spyware on devices belonging to Bahraini activists. BleepingComputer has contacted Citizen Lab with further questions about the attacks but has not heard back at this time. Apple zero-days run rampant in 2021 It has been a very busy year for Apple with what seems like an unending streaming of zero-day vulnerabilities used in targeted attacks against iOS and Mac devices. The FORCEDENTRY exploit disclosed in August (previously tracked by Amnesty Tech as Megalodon), three iOS zero-days (CVE-2021-1870, CVE-2021-1871, CVE-2021-1872) in February, exploited in the wild and reported by anonymous researchers, an iOS zero-day (CVE-2021-1879) in March that may have also been actively exploited, one zero-day in iOS (CVE-2021-30661) and one in macOS (CVE-2021-30657) in April, exploited by Shlayer malware, three other iOS zero-days (CVE-2021-30663, CVE-2021-30665, and CVE-2021-30666) in May, bugs allowing for arbitrary remote code execution (RCE) simply by visiting malicious websites, a macOS zero-day (CVE-2021-30713) in May, which was abused by the XCSSET malware to bypass Apple's TCC privacy protections. two iOS zero-day bugs (CVE-2021-30761 and CVE-2021-30762) in June that "may have been actively exploited" to hack into older iPhone, iPad, and iPod devices. Project Zero also disclosed 11 zero-day vulnerabilities this year that were used in attacks targeting Windows, iOS , and Android devices. Update 9/13/21: Added confirmed from Citizen Labs that this update fixes the FORCEDENTRY vulnerability. Source
  4. Iti fac eu logo, pt key, dar cer in schimb un key pentru Photoshop, sau Adobe Ilustrator
  5. Kev

    Vand pc

    Esti camatar? Il cumpar cash, un system requirements pentru SSD+HDD PS: lasa dobanda, deja ai smuls din el PS2: 0.0078 BTC ultimul pret (pierdut garantie) nici refurbished
  6. Kev

    bug or not?

    Dude, step 1: incarcat telefon & turn on step 2: introdus clasicul PIN 0000 stept: 3. ajung pattern, glisat (fara sa introduc pattern-ul) sa observ nivelul bateriei si, lanterana si ce bijuterii mai sun in header, dupa ce am "deglisat" intru direct in menu, fara a introduce pattern-ul Lamuriti?
  7. Kev

    bug or not?

    Nu, am facut bypass la pattern edit: poate nu m-am exprimat corect
  8. Salut Recent am repornit telefonul (Android 11, cea mai noua versiune). Din intamplare. Dupa ce am introdus codul pin, i-am dat slide sa observ bateria si, starea vremii, etc...; iar prin urmare am trecut de pattern Am incercat si a doua oara
  9. https://en.wikipedia.org/wiki/Intranet Mai mult de atat nu ai ce face.
  10. Kev

    Vand pc

    Rate? ://accepti rate fixe?
  11. In niciun caz sa nu raspunzi cu 'Da!'. Intreaba cine sunt, ce vor si de unde au nr. de tel. (te portezi la o alta companie, dupa ce compari raspunsurile).
  12. Artica Proxy VMWare Appliance versions 4.30.000000 SP273 and below suffer from a path traversal vulnerability. Advisory ID: RCS20210707-0 Product: Artica Proxy VMWare Appliance Vendor/Manufacturer: ArticaTech (https://www.articatech.com) Affected Version(s): 4.30.000000 <=[SP273] Tested Version(s): 4.30.000000 [SP273] Vulnerability Type: Relative path traversal [CWE-23], Improper Limitation of a Pathname to a restricted Directory [CWE-22], [CWE 35], [CWE 36], [CAPEC-126] CVSS v3.1 Risk Level: High CVSS v3.1 Risk Score: 8.1 CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS v3.0 Risk Level: High CVSS v3.0 Risk Score: 8.1 CVSS v3.0 Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS v2.0 Risk Level: High CVSS v2.0 Base Score: 7.8 CVSS v2.0 Temporal Score: 6.1 CVSS v2.0 Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:N/A:N CVSS v2.0 Temporal Vector: CVSS2#E:POC/RL:OF/RC:C Solution Status: Fixed in Version 4.30.000000 [SP273] Manufacturer Notification: 5th July 2021 Solution Date: 9th August 2021 Public Disclosure: 26.08.2021 CVE Reference: Author of Advisory: Heiko Feldhusen, Rheinmetall Cyber Solutions GmbH ####----####----####----####----####----####----####----####----####----####---- Vendor-Description: Artica Tech is a new French Software Publisher, an independant company, established in 2012. It is based near Paris in France. Artica project began in 2004 and stemmed from ideas about how to improve the Open Source security solutions available at the time, which were difficult and often expensive to implement and maintain Artica claim to provide a user-friendly Web interface. Today, with around 100.000 servers installed worldwide, Artica solutions are as relevant to small and medium-sized entreprises as they are to the largest of firms. Source: https://www.articatech.com/about-artica.php ####----####----####----####----####----####----####----####----####----####---- Product-Description: Artica V4 is an appliance based on Debian 10 Operating system. Your can install it on the Hardware or Virtual Machine of your choice and get a Web Gateway appliance within minutes. Artica embeds technologies such as Antivirus, URL Filtering, Web HTTP Proxy, Web Caching, Web Secure Proxy, SSH Gateway/Proxy, RDP Reverse Proxy, Firewall, SSL Inspection, Kerberos Authentication, Access Logging, Bandwidth Shaping, HTTP Compression, WAF (Web Application Firewall), Web traffic Load Balancing. Artica-Proxy claim to offer a full HTTP/HTTPS/FTP/SSH/RDP/VNC proxy infrastructure. Source: http://articatech.net/about-proxy.php ####----####----####----####----####----####----####----####----####----####---- Vulnerability Details: The software uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize sequences such as ".." that can resolve to a location that is outside of that directory. This allows attackers to traverse the file system to access files or directories that are outside of the restricted directory. This vulnerability allows to use the Web-filtering page to read any file on the system. This vulnerability exists in the used cgi function, which is a build in part of the proxy. This board has a security flaw in the CGI main.cgi that lets an attacker read arbitrary files with the privileges of the http daemon (usually root or nobody). We were able to read the passwd, so we assume the http deamon runs with root-priviledges. Source: https://cwe.mitre.org/data/definitions/23.html ####----####----####----####----####----####----####----####----####----####---- Proof of Concept (PoC): http://yourproxynamehere/cgi-bin/main.cgi? filename=/../../../../../../../../etc/passwd ####----####----####----####----####----####----####----####----####----####---- Solution: Fix provided from Artica Tech. Update to Version 4.30.000000 [SP273] ####----####----####----####----####----####----####----####----####----####---- Disclosure Timeline: 2021-06-28: Vulnerability discovered 2021-07-05: Vulnerability reported to manufacturer 2021-07-07: Patch released by manufacturer 2021-08-26: Public disclosure of vulnerability ####----####----####----####----####----####----####----####----####----####---- References: [1] Product website for Admin Columns https://www.articatech.com/about-proxy.php ####----####----####----####----####----####----####----####----####----####---- Credits: This vulnerability was discovered by Heiko Feldhusen. E-Mail: heiko D:O:T feldhusen () rheinmetall-cyber D.O.T solutions Public Key: https://keys.openpgp.org/vks/v1/by-fingerprint/2532144FBD175EAF6F9A314FC64DA4E4D3CDF74C ####----####----####----####----####----####----####----####----####----####---- Disclaimer: The information provided in this security advisory is provided "as is" and without warranty of any kind. Details of this security advisory may be updated in order to provide as accurate information as possible. ####----####----####----####----####----####----####----####----####----####---- Copyright: Creative Commons - Attribution (by) - Version 3.0 URL: http://creativecommons.org/licenses/by/3.0/deed.en ####----####----####----####----####----####----####----####----####----####---- Heiko Feldhusen ISOC Engineer Engineering Rheinmetall Cyber Solutions GmbH Rheinmetall Cyber Solutions GmbH Mary-Somerville-Str. 14, 28359 Bremen, Germany Sitz der Gesellschaft: Bremen Amtsgericht Bremen HRB 35995 Gesch?ftsf?hrung/Executive Board: Moritz Pichler, Jendrik Kreisel This email may contain confidential information. If you are not the intended addressee, or if the information provided in this email including any attachments) is evidently not destined for you, kindly inform us promptly and delete the message received in error (including any attachments) by erasing it from all your computers and other storage devices or media and destroying any hard copies thereof. Any unauthorized processing, forwarding, disclosure, distribution, divulgation, storage, printout or other use of this message or its attachment is prohibited. If your system is infected or otherwise bugged by any virus that is carried by this email, we disclaim any liability whatsoever for the ensuing loss or damage unless caused by our intention or gross negligence. Source
      • 2
      • Upvote
  13. Practice your vim skills with these fun exercises. Learn to use vim Vim is a powerful text editor that can make you more productive and efficient. Easy Exercises Once you get the hang of it, you’ll wonder how you ever lived without it. Super Powers Increase Productivity. You can use vim mode inside the terminal, SSH, Jetbrains IDE, Visual Studio Code and many more Link: https://vim.is/#exercise Via google
  14. Omul vrea in Windows versiunea alternativa. On: teoretic tu vrei sa il decompilezi si sa il comprimezi?!
  15. CMD split YourLogFile.txt -b 500m
  16. Trimite-mi pm, posibil sa te ajut incepand de luni.
  17. Cu alte cuvinte, intervine sunetul de 4Hz și iți distrage atenția.
  18. Learn math quickly & painlessly with a system that continually adapts to your specific learning needs. Create Free Account https://www.grokkoli.com/beta/ Via google
  19. In opinia mea ar trebui eliminat 90% din populatia globului. Sunt sanse minime cu 6 intrebari 1. administrare hrana gratuita pentru muncitori - locuinte; 2. pedepse uriase pentru criminali, pedofili si hoţi; 3. colaborare externa cu: Noua Zeelandă (civilizatie), Coreea de Nord, Afganistan; 4. in cateva cuvinte... Edit: uitat sa precizez: Cyber Security Intarirea fortelor terestre, sub-marine, aviatice
  20. taxa inversa ca mor, Pune spoilere
  21. a intrat foamea in voi? https://web.archive.org/web/*/weyu.io
  22. https://linuxize.com/post/chmod-command-in-linux/ Succes
  23. Kev

    connector senzori

    6 conectori PS am lucrat sub 320 On: multumesc pentru raspuns, insa firele din tavan sunt de o singura culoare (doua fire)
  24. Bun, deci avem Senzor + Connector + Bec + 2 fire in tavan 1. Senzor, connector, bec, stecher 2. Senzor + schema 3. Senzor Cum pot le connecta cu 6? Multumesc anticipat
×
×
  • Create New...