Nytro

[h=1]Learn How Penetration Testers Use Nmap To Exploit Their Victims Computer[/h] [h=2]"Determining Attack Surfaces and Vulnerable Systems"[/h] Join Nmap Waiting List [h=3]Next Class Starts: May 2013[/h] Determining Attack Surfaces and Vulnerable Systems is a 90 minute live online Nmap class for Network Administrators, Data Security Analysts, System and Network Security Administrators, Network Security Engineer and Security Professionals who need to learn how to use the de-facto hacking tool all hackers MUST know, Nmap! After taking this 90-minute live online class, you'll have more confidence, less stress and a simple proven plan to to master the art of exploitation, reconnaissance, and enumeration. Join: Nmap Attack Surfaces

[h=3]Java is So Confusing...[/h] It's been a short while, but we find ourselves again with a Java vulnerability in our hands, this time via a PoC provided by IKVM.NET. This particular vulnerability is somewhat different than most java vulnerabilities we run into, but feels like a natural progression from the last Java 0day we discussed in our blog (CVE-2013-1493). Both these vulnerabilities allow direct memory manipulation, something which is quite uncommon in Java. The vulnerability itself has to do with type confusion between an int and a double, causing 8 bytes to be copied instead of 4, thus overwriting a pointer and allowing us to reach otherwise inaccessible area in the memory. First of all, let's take a look at the source code provided by Jeroen Frijters in two parts: The important thing to note here is Union2, which contains an instance of the SystemClass defined below, this will become relevant later on. Next, we'll take a look at the "disableSecurityManager" method, where the real magic happens! What this code basically does is get references, via reflection, to the "TYPE" field within the class that represents double type, and the class that represents integer type. This field is usually used to denote the type of the object (duh..). The first highlighted box shows how we overwrite these values causing a type comparison between two integers to fail, whereas a type comparison between a double and an integer will pass. This overwrite is possible due to insufficient security checks (which are now fixed, in Java 7u21). The next step will be to get a reference to "System.class" and place it in field2 of Union1. The second highlighted part in the code will attempt to copy Union1.field1 (int, 4 bytes) into Union2.field1 (int, 4 bytes). However, due to the type confusion we caused above, Union1.field1 will be treated as a double, copying 8 bytes in total: 4 bytes from Union1.field1, and 4 bytes from Union1.field2 (which, as you may recall, is now System.class). Now Union2.field2 is actually a reference to System.class, but due to the structure of our own defined SystemClass we can try and dereference inner members which are in fact inner members of System.class, including the infamous System.securityManager and disable it (set to null). Given the exploitability factor of this vulnerability, expect to see it next time you meet an exploit kit. Trustwave SWG customers are, of course, protected against attacks exploiting this vulnerability without any additional updates to the product. I would like to thank my colleague Arseny Levin, for his help in analyzing this vulnerability. Posted by Anat (Fox) Davidi on 19 April 2013 at 17:16 Sursa: Java is So Confusing... - SpiderLabs Anterior

[h=1]Stop disabling SELinux![/h]By Major Hayden on Apr 19, 2013 2:44 PM The push to cloud transforms the way we apply information security principles to systems and applications. Perimeters of the past, secured heavily with traditional network devices in the outermost ring, lose effectiveness day by day. Shifting the focus to defense in depth brings the perimeter down to the individual cloud instances running your application. Security-Enhanced Linux, or SELinux, forms an effective part of that perimeter. SELinux operates in the realm of mandatory access control (MAC). The design of MAC involves placing constraints on what a user (a subject) can do to a particular object (a target) on the system. In contrast, discretionary access control (DAC) allows a user with certain access to use discretion to limit or allow access to certain files, directories, or devices. You can set any file system permissions that you want but SELinux can override them with ease at the operating system level. Consider a typical server running a web application. An attacker compromises the web application and executes malicious code via the web server daemon itself. SELinux has default policies that prevent the daemon from initiating communication on the network. That limits the attacker’s options to attack other services or servers. In addition, SELinux sets policies on which files and directories the web server can access, regardless of any file system permissions. This protection limits the attacker’s access to other sensitive parts of the file system even if the administrator set the files to be readable to the world. This is where SELinux shines. Oddly enough, this is the point where many system administrators actually disable SELinux on their systems. Denials Troubleshooting these events, called AVC denials, without some helpful tools is challenging and frustrating. Each denial flows into to your audit log as a cryptic message. Most administrators will check the usual suspects, like firewall rules and file system permissions. As frustration builds, they disable SELinux and notice that their application begins working as expected. SELinux remains disabled and hundreds of helpful policies lie dormant solely because one policy caused a problem. Disabling SELinux without investigation frustrated me to the point where I started a site at stopdisablingselinux.com. The site is a snarky response to Linux administrators who reach for the disable switch as soon as SELinux gets in their way. All jokes aside, here are some helpful tips to use SELinux effectively: Use the setroubleshoot helpers to understand denials Working through denials is easy with the setroubleshoot-server package. When a denial occurs, you still receive a cryptic log message in your audit logs. However, you also receive a message via syslog that is very easy to read. Your server can email you these messages as well. The message contains guidance about adjusting SELinux booleans, setting contexts, or generating new SELinux policies to work around a really unusual problem. When I say guidance, I mean that the tools give you commands to copy and paste to adjust your policies, booleans and contexts Review SELinux booleans for quick adjustments Although the myriad of SELinux user-space tools isn’t within the scope of this article, getsebool and togglesebool deserve a mention. Frequently adjusted policies are controlled by booleans that are toggled on and off with togglesebool. Start with getsebool –a for a full list of booleans and then use togglesebool to enable or disable the policy. Quickly restore file or directory contexts Shuffling files or directories around a server can cause SELinux denials due to contexts not matching their original values. This happens to me frequently if I move a configuration file from one system to another. Correcting the context problem involves one of two simple commands. The restorecon command applies the default contexts specific to the file or directory. If you have a file in the directory with the correct context, use chcon to fix the context on the wrong file by giving it the path to the file with the correct context. Here are some additional links with helpful SELinux documentation: SELinux Project Wiki Red Hat Enterprise Linux 6 SELinux Guide Dan Walsh's Blog Major Hayden is Chief Security Architect and Linux Engineer at Rackspace. Sursa: http://www.scmagazine.com.au/News/340475,stop-disabling-selinux.aspx

Brakeman is an open source vulnerability scanner specifically designed for Ruby on Rails applications. It statically analyzes Rails application code to find security issues at any stage of development. Unlike many web security scanners, Brakeman looks at the source code of your application. This means you do not need to set up your whole application stack to use it. Once Brakeman scans the application code, it produces a report of all security issues it has found. Advantages No Configuration Necessary Brakeman requires zero setup or configuration once it is installed. Just run it. Run It Anytime Because all Brakeman needs is source code, Brakeman can be run at any stage of development: you can generate a new application with rails new and immediately check it with Brakeman. Better Coverage Since Brakeman does not rely on spidering sites to determine all their pages, it can provide more complete coverage of an application. This includes pages which may not be ‘live’ yet. In theory, Brakeman can find security vulnerabilities before they become exploitable. Best Practices Brakeman is specifically built for Ruby on Rails applications, so it can easily check configuration settings for best practices. Flexible Testing Each check performed by Brakeman is independent, so testing can be limited to a subset of all the checks Brakeman comes with. Speed While Brakeman may not be exceptionally speedy, it is much faster than “black box” website scanners. Even large applications should not take more than a few minutes to scan. Limitations False Positives Only the developers of an application can understand if certain values are dangerous or not. By default, Brakeman is extremely suspicious. This can lead to many “false positives.” Unusual Configurations Brakeman assumes a “typical” Rails setup. There may be parts of an application which are missed because they do not fall within the normal Rails application layout. Only Knows Code Dynamic vulnerability scanners which run against a live website are able to test the entire application stack, including the webserver and database. Naturally, Brakeman will not be able to report if a webserver or other software has security issues. Isn’t Omniscient Brakeman cannot understand everything which is happening in the code. Sometimes it just makes reasonable assumptions. It may miss things. It may misinterpret things. But it tries its best. Remember, if you run across something strange, feel free to file an issue for it. Changes since 1.9.4: Add check for unsafe symbol creation (Aaron Weiner) Do not warn on mass assignment with slice/only (#203) Do not warn on session secret if in .gitignore (#241) Fix session secret check for Rails 4 Fix scoping for blocks and block arguments Fix error when modifying blocks in templates Fix crash on before_filter outside controller Fix Sexp hash cache invalidation Respect quiet option in configuration file (#300) Convert assignment to simple if expressions to or More fixes for assignments inside branches Refactoring of CheckLinkTo and Report (Bart ten Brinke) Pin ruby2ruby dependency to version 2.0.3 (see here) Download Sursa: Brakeman The Static analysis security scanner for Ruby on Rails v1.9.5 Released | ToolsWatch.org - The Hackers Arsenal Tools | Repository for vFeed and DPE Projects

[h=2]A story of win32k!cCapString, or unicode strings gone bad.[/h] In the most recent blog post (“Fun facts: Windows kernel and guard pages”), we have learned how the code coverage of kernel routines referencing user-mode memory can be determined by taking advantage of the fact that kernel-mode code triggers guard page exceptions in the same way as user-mode does. Today, I will present how the trick can be used in a practical attack against an actual 0-day vulnerability in the Windows kernel. Don’t get too excited though – the bug is a very peculiar type of an information disclosure class, not particularly useful in any sort of real-life attack. Despite being of minimal severity due to the extent of information the bug makes it possible to leak, it makes a great example of how the misuse of the UNICODE_STRING structure and related kernel routines can lead to opening up a security loophole in the operating system. Microsoft has been aware of the issue for over 4 months, but due to its low severity, I believe it is rather unlikely it will be fixed any time soon. [h=1]Unicode string security[/h] All of the most recent versions of the Windows operating system (starting with Windows 2000) internally handle textual strings using the UTF-16 encoding and a UNICODE_STRING structure defined as follows: typedef struct _LSA_UNICODE_STRING { USHORT Length; USHORT MaximumLength; PWSTR Buffer; } LSA_UNICODE_STRING, *PLSA_UNICODE_STRING, UNICODE_STRING, *PUNICODE_STRING; Together with the structure definition, both user- and kernel-mode API interfaces provide a set of functions designed to initialize, examine, compare and otherwise operate on unicode strings, e.g. RtlInitUnicodeString, RtlAnsiStringToUnicodeString or RtlAppendUnicodeStringToString. In the above listing, the Length field represents the current length of the string in bytes (it must be a multiplicity of two due to the encoding used), MaximumLength indicates the total capacity of the buffer in bytes and Buffer points to the actual data. Note that both Length and MaximumLength fields are only 16-bits long, which is by far enough to accommodate the size of any string used during normal operation of the system. Perhaps contrary to intuition, the relatively limited ranges of the integers (making it possible to easily craft a string of a maximum size) do not pose any serious threat with regards to integer arithmetic, because overflowing either fields doesn’t give the attacker much edge. If you think about it, getting Length to be smaller than the actual length of the string can only lead to overwriting the existing buffer contents, but will never result in writing past the pool allocation. Similarly, setting MaximumLength to an overly small number only puts a more strict limitation on how many bytes can be stored in the corresponding buffer, or causes all subsequent calls to fail due to an invalid Length > MaximumLength condition. As a consequence, integer overflows are not of much interest in this context. Link: A story of win32k!cCapString, or unicode strings gone bad. | j00ru//vx tech blog

[TABLE] [TR] [TD][TABLE=width: 100%] [TR] [TD=align: justify]SSLCertStoreViewer is the free Tool to view all the installed SSL certificates from your local system store. [/TD] [/TR] [/TABLE] [/TD] [/TR] [TR] [TD][/TD] [/TR] [TR] [TD=align: justify] Currently it can automatically scan and display Certificates from following type of stores, CA Certificate Store Private Certificate Store Root Certificate Store Software Publisher Certificate Store For each discovered SSL certificate it displays following information Certificate Store Certificate Subject Name Certificate Issuer Name Issue Date Expiry Date It also checks if any of the certificate is expired. If so then it will be displayed in RED color. Finally you can generate detailed report of displayed certificate list in HTML/XML/TEXT file. SSL Cert Store Viewer is fully portable and works on all Windows platforms starting from Windows XP to Windows 8. [/TD] [/TR] [TR] [TD] [/TD] [/TR] [TR] [TD] [/TD] [/TR] [TR] [TD] [/TD] [/TR] [TR] [TD=class: page_subheader]Features [/TD] [/TR] [TR] [TD][/TD] [/TR] [TR] [TD] Instantly scan & list all the installed SSL certificates Display Certificates from all the system stores. Automatically verify and display the expired certificates in RED color. Generate report in HTML/XML/TEXT file. Very easy to use with cool GUI interface Fully Portable, can be run from anywhere [/TD] [/TR] [TR] [TD] [/TD] [/TR] [/TABLE] [TABLE] [TR] [TD]Screenshot 1: SSLCertStoreViewer showing all the installed SSL certificates from local system store. [/TD] [/TR] [TR] [TD] [/TD] [/TR] [TR] [TD=align: center] [/TD] [/TR] [TR] [TD][/TD] [/TR] [TR] [TD][/TD] [/TR] [TR] [TD]Screenshot 2: HTML report generated by SSL Cert Store Viewer[/TD] [/TR] [TR] [TD] [/TD] [/TR] [TR] [TD=align: center] [/TD] [/TR] [TR] [TD][/TD] [/TR] [TR] [TD][/TD] [/TR] [/TABLE] Download: http://securityxploded.com/download.php#sslcertstoreviewer Sursa: SSLCertStoreViewer : View Installed SSL Certificates from Local System Store | www.SecurityXploded.com

[h=1][C] Keylogger, keyboard hook with HTTP PHP upload[/h]By Anasazi Hi all, I realized that I've never really written a proper keylogger. So what I decided to do now that I have some time on my hands was to write one. It works good although I haven't througholy tested it, features include; Writing logs as HTML code, special keys such as CTRL/SHIFT etc is logged as red. Example log; http://warpzone.se/u...X_06_52_12.html Taking a screenshot of the screen after the log has reached maximum size Compresses the screenshot using zip technology Uploads both the screenshot and the log to a webserver through a PHP script, it connects using winsock. Names of files will be computer name and current time. Handles clipboard & window title A quick screenshot; Enjoy, constructive critisicm is welcome, and yes I know that a lot of you belives that hooks bad. Download: http://www.rohitab.com/discuss/index.php?app=core&module=attach&section=attach&attach_id=3733 Sursa: [C] Keylogger, keyboard hook with HTTP PHP upload - rohitab.com - Forums

nginx Arbitrary Code Execution NullByte Injection # Exploit Title: nginx Arbitrary Code Execution NullByte Injection # Date: 24/08/2011 # Exploit Author: Neal Poole # Vendor Homepage: http://nginx.org/ # Software Link: https://launchpad.net/nginx/0.6/0.6.36/+download/nginx-0.6.36.tar.gz # Version: 0.5.*, 0.6.*, 0.7 <= 0.7.65, 0.8 <= 0.8.37 # Tested on: Ubuntu Server 10.04.1 # nginx version: 0.6.36 # Advisory: https://nealpoole.com/blog/2011/08/possible-arbitrary-code-execution-with-null-bytes-php-and-old-versions-of-nginx/ # Description In vulnerable versions of nginx, null bytes are allowed in URIs by default (their presence is indicated via a variable named zero_in_uri defined in ngx_http_request.h). Individual modules have the ability to opt-out of handling URIs with null bytes. However, not all of them do; in particular, the FastCGI module does not. # Proof of Concept: http://<server>/<path>/file.ext%00.php or http://<server>/<path>/file.ext/x00.php Sursa:nginx 0.6.x Arbitrary Code Execution NullByte Injection

Crypto 2012 - Breaking And Repairing Gcm Security Proofs Description: In this paper, we study the security proofs of GCM (Galois/Counter Mode of Operation). We first point out that a lemma, which is related to the upper bound on the probability of a counter collision, is invalid. Both the original privacy and authenticity proofs by the designers are based on the lemma. We further show that the observation can be translated into a distinguishing attack that invalidates the main part of the privacy proof. It turns out that the original security proofs of GCM contain a flaw, and hence the claimed security bounds are not justified. A very natural question is then whether the proofs can be repaired. We give an affirmative answer to the question by presenting new security bounds, both for privacy and authenticity. As a result, although the security bounds are larger than what were previously claimed, GCM maintains its provable security. We also show that, when the nonce length is restricted to 96 bits, GCM has better security bounds than a general case of variable length nonces. Slide : - http://www.iacr.org/conferences/crypto2012/slides/1-3-Iwata.pdf Sursa: Crypto 2012 - Breaking And Repairing Gcm Security Proofs

Php Code Injection - English Version Description: Este y más videos en: http://www.el-palomo.com Síguenos en Facebook: http://www.facebook.com/El.Palomo.Seg... Síguenos en Twitter: @ElPalomo_Blog This video shows: - How to you inject PHP code - Use de Tamper Data to inyect code - PHP SCRIPT with CURL to sends attacks - Upload Payload Tags: php , code , inyeccion , injection , codigo , el , palomo , omar , palomino , payload , upload , Latest from the SecurityTube Blog: Finding Publicly Readable Files in your Amazon S3 Accountby Vivek Ramachandran - Apr 10, 2013 Amazon S3 is a cloud storage service which is used by thousands of Enterprises worldwide. The most common use case is data ... My Code made it to a Hollywood Movie by Vivek Ramachandran - Apr 06, 2013 One of the first things I do every morning is check the Twitter chatter about my website (@SecurityTube) . I was pleasantly ... Demystifying the Execve Shellcode (Stack Method) by Vivek Ramachandran - Apr 05, 2013 We launched the SecurityTube Linux Assembly and Shellcoding Expert course recently. The course introduces the student to the ... Simulating an SSH Worm using Python by Vivek Ramachandran - Apr 04, 2013 The topic of SSH Worms came up when I was speaking with a couple of students attending my workshop at Blackhat Europe in ... Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying. Original Source: Sursa: Php Code Injection - English Version

[h=1]Shellcode analysis on Linux x86 32bit[/h]Andrea Sindoni April 16, 2013 Most of the programs that we use every day contain bugs; a bug is a malfunction in a program, which can make the program take unwanted actions or errors. These bugs or vulnerabilities can be exploited by writing a code that is usually called an exploit. The most common types of vulnerabilities are those that concern the corruption of memory as buffer overflows, the heap overflows, race conditions, format string attacks, etc… In this article, we won’t learn to write an exploit, we will not even see how to search for a vulnerability in a software, but we will see how to write and analyze shellcode and the relationship with the above. The shellcode is generally regarded as a program that starts a shell, and is used as the payload of the exploit. In reality, one shellcode can do everything that makes a normal program. The shellcode is executed after the vulnerability has been exploited. In this article, we will analyze and write shellcode for Linux x86 32-bit architectures. I pointed out the type of architecture, that is because shellcode is usually written in assembly language, and each processor family has its own set of instructions. In addition, each operating system has its own system calls to make service requests to the kernel. To make a system call using the int 0×80 instruction, the kernel then checks the value of the EAX register to take the number of the system call. Each system call is identified by a unique number that the kernel recognizes. We look at the system call in Linux, they are located (in Ubuntu) in the following file: – /usr/src/linux-headers-3.0.0-25/arch/x86/include/asm/unistd_32.h It’s time to start! Let’s write our first shellcode – I have chosen to write a fairly simple, so as to better understand the steps necessary to analyze and optimize it. What we need is to write shellcode that should display the command “cat” the contents of the file /etc/passwd file (this file contains some information about the system account). Link: InfoSec Institute Resources – Shellcode analysis on Linux x86 32bit

[h=1]Stored XSS In Facebook Chat, Check In, Facebook Messenger - Break Security[/h] Today, I’m going to share a few of my favorite Stored XSS Findings in Facebook (Facebook Chat, Facebook Check In, Facebook Messenger. These findings are almost always interesting if you happen to find them in the right location. For instance, what would occur if the Malicious Stored XSS Payload ran on the victim every time they checked in? You could also inject the Payload into the Facebook Chat Screen, which could be really interesting. There are essentially two different ways to exploit Stored XSS issues. 1. Let the victim visit our stored XSS Payload (Facebook Check-In, Facebook Messenger, Facebook Chat) on their own. 2. Exploit it with the URL plus the Stored XSS data. I wanted to locate an interesting spot within Facebook that would run the data on the victim each time they visited one of my places. I could also just run it through Facebook Chat. This post will talk a lot about Stored XSS in regard to Facebook Chat, Check-In, Facebook Messenger (Windows Version). The vulnerabilities mentioned here has been confirmed patched by the Facebook Security Team Link: Stored XSS In Facebook Chat, Check In, Facebook Messenger | Break Security

Using xss-protection and blocking/bypassing javascript code Modern browsers have increased a function called "xss protection", which helps to avoid "Cross Site Scriptings" by preventing any script in the url from executing (complete tags as "<script>alert('xss')</script>" are totally stopped). Thanks to this protection, an attacker can spoof a fake XSS attack and stop code blocks in the webpage, avoiding possible security checks(example below). Examples working only with Chrome and Safari browsers. Tested browsers: Chrome ( Desktop and Mobile ), Safari, Opera, Firefox. Link: Using xss-protection and blocking/bypassing javascript code

Integrating DNS in Metasploit Metasploit Tutorial By Un0wn_X Posted by: FastFlux April 19, 2013 I made a small tutorial on integrating DNS in Metasploit backdoor executables. If you don’t know about creating backdoors please refer my previous tutorial http://www.youtube.com/watch?v=NiBsBKGf80Y.Ithink most of you know how to configure RATs. We use a DNS because our external IP changes every time. So a normal reverse_tcp connects like this. Victim’s internal IP—>Victim’s external IP—> Attacker’s external IP—> Attacker’s Internal IP But most of the time the Attacker’s External IP is Dynamic and changes. For that we can use a free domain name server such as No-IP. First of all create an account on No-IP and configure your DUC client correctly. Next make sure you port forward you router to a new internal IP. That is your Back Track machine. Use a bridged connection in Network settings because we are going to add our BT machine to our internal IP Range. So here we use the payload as windows/meterpreter/reverse_tcp_dns in making our backdoor. As the DUC client sends our External IP and updates our no-ip domain DNS is acting static. This is how it works. Victim’s internal IP—> Victim’s external IP—> Attacker’s DNS—>Attacker’s external IP—> Attacker’s Internal IP Set the LHOST to your no-ip domain, mine is (boomboom.no-ip.com). Set the LPORT to your forwarded port for the BT machine. Those are things new we should modify in making our backdoor the rest are normal. Now launch metasploit and use the multi/handler exploit which handles exploits outside the network. Set the LHOST to your internal IP which BT has been assigned. Set LPORT to your forwarded port number and exploit. Once the victim opens the backdoor it back connects through the DNS to our IP successfully. Now you can use that at any time because of DNS, it will be little similar to RATs. Making it FUD and undetectable is up to you. This video is just a demonstration and Special Thanx to Max for acting as the victim and helping me making this video in real world. Use this for Educational Purposes Only and I am not responsible for the damage you cause. Sursa: Metasploit Tutorial By Un0wn_X | ZeroSecurity

"private phpshell (x36-priv8) , can bypass any server. please keep it private." Arata cam asa: http://oi34.tinypic.com/29zsgav.jpg Download: http://www.multiupload.nl/5E1PAMHOSO Sursa: x36 priv8 (phpshell)

[h=1]Spybot +AV 2.1 Beta – Un nou antivirus cu motor BitDefender[/h] By Radu FaraVirusi(com) on April 20, 2013 Spybot era mai demult un nume in industria anti-malware cand venea vorba de detectie si indepartare adware, spyware, troieni. Intre timp performantele sale si notorietatea au scazut. Iata ca acum se relanseaza intr-o noua versiune cu antivirus, folosind motorul BitDefender. Noul produs se numeste Spybot +AV 2.1 si este in testare BETA pe site-ul oficial. Iata caracteristicile produsului: Antivirus scan (Home Edition and above) Enhanced GUI: a simple view has been added to many components and the number of dialogues has been reduced. Colour coded indicator on dialogue boxes for easy reference MRU Scan: ability to tell Spybot to only scan the Most Recently Used files Added scan mode to only scan for usage tracks Improved rootkit scan, suspicious results can be scanned with our File Scan Multi-core processor support in scan engine (Home Edition and above) Live Protection Internet Security: an integrated proxy server blocks access to suspect URLs (Windows 8 is currently not supported) Improved ‘Protected Repair Environment’ – now has its own easy to use Spybot taskbar Updated Boot CD Creator allows to create your own Boot CD with Spybot 1 and 2 Boot sector scanning Extensive white list for system files, now used in more Spybot components Spybot now prompts you to create a white list when installed on newly commissioned systems French and Italian translations now included by default O problema cunoscuta in aceasta versiune este protectia antivirus deficitara pe Windows 8. Pentru mai multe informatii si link-ul de download accesati: Beta Versions | Spybot © ™ - Search & Destroy Sursa: Spybot +AV 2.1 Beta – Un nou antivirus cu motor BitDefender

C/C++ Manual complet - Herbert Schildt C++ pentru incepatori, volumele I si II - Liviu Negrescu Totul despre C si C++ - Kris Jamsa Le gasesti prin librarii. Lasa cacaturile de tutoriale. Dupa ce inveti bine limbajul iti recomand Secrete C++ - Constantin Galatan.

"Astfel, zeci de experti din aceste institutii se vor antrena ca sa poata face fata unui atac cibernetic." Oare cati or sa devina "de-ai nostri"?

Poti sa iti faci nervi, ochii cat cepele si sa iti pierzi noptile uitandu-te la cateva linii de cod incercand sa gasesti problema. Dar are si avantajele sale.

// Edited

Doritori sunt, dar cine vine cu locurile de munca?

Ma pis pe ei de straini, nu imi pasa de ei, mie imi pasa de "ai mei"

Another way to hack Facebook accounts using OAuth vulnerability In recent few months White hat Hacker ,'Nir Goldshlager' reported many critical bugs in Facebook OAuth mechanism, that allowed an attacker to hijack any Facebook account without user's interaction. Another hacker, 'Amine Cherrai' reported a new Facebook OAuth flaw, whose exploitation is actually very similar to Nir Goldshlager's findings but with a new un-patched way. Before reading further, I would like to suggest you to read following post to understand the basic exploitation mechanism: Facebook OAuth flaw allows gaining full control over any Facebook account Facebook hacking accounts using another OAuth vulnerability URL Redirection flaw in Facebook apps push OAuth vulnerability again in action Now, if you are aware about the vulnerability used against Facebook OAuth in redirect_uri parameter in the URL, there is another way that Amine Cherrai found, to bypass the patch applied by Facebook security team. He found another file on Facebook, that allow redirection to steal access_token of victim's accounts. i.e Facebook Cross-Domain Messaging helper . Successful exploitation once again allowed hacker to hijack Facebook accounts using OAuth Flaw. Proof of concept : http://facebook.com/dialog/oauth?client_id=350685531728&response_type=token&display=page&redirect_uri=http%3A%2F%2Ftouch.facebook.com%2Fconnect%2Fxd_arbiter.php%3F%23%21%2Fapps%2Fmidnighthack%2F%3F%26origin%3Dhttp%3A%2F%2Ffacebook.com%2F Video Demonstration: By the way this bug was closed by Facebook Security Team few days back and your social accounts are once again secured, till next finding ! Sursa: Another way to hack Facebook accounts using OAuth vulnerability - Hacking News

Da, posibil in 1990. Dar ce a facut de e asa "cunoscut"? A fost Project Manager la DARPA, dar "in domeniu" ce a realizat?