Nytro

/* This file has been generated by the Hex-Rays decompiler. Copyright © 2009 Hex-Rays <info@hex-rays.com> Detected compiler: Visual C++ */

Stuxnet Source Code Released Posted by The Hacker News On 1:05 AM Stuxnet is a Microsoft Windows computer worm discovered in July 2010 that targets industrial software and equipment. While it is not the first time that crackers have targeted industrial systems,it is the first discovered malware that spies on and subverts industrial systems,and the first to include a programmable logic controller (PLC) rootkit. Stuxnet is designed to programmatically alter Programmable Logic Controllers (PLCs) used in those facilities. In an ICS environment, the PLCs automate industrial type tasks such as regulating flow rate to maintain pressure and temperature controls. Download: http://www.multiupload.com/BDNYSCY5PC Sursa: Stuxnet Source Code Released Online - Download Now ~ THN : The Hacker News

Multe chestii interesante: http://skypher.com/wiki/index.php/Main_Page

Tot respectul pentru cei care l-au facut, baieti destepti.

Pe aici nu exista foarte mult bun simt, dar cred ca te vei acomoda repede. Bine ai venit.

Probleme "tehnice". Nu. E tot VIP.

Protecting Linux Against DoS/DDoS Attacks Tuesday, June 28, 2011 Contributed By: Jamie Adams When I first heard ridiculous-sounding terms like smurf attack, fraggle attack, Tribal Flood Network (TFN), Trinoo, TFN2K, and stacheldraht, I didn't take them too seriously for a couple of reasons — I worked mainly on non-Internet facing systems, and I was never a victim. I thought it was primarily a network or application administrator's problem. I am not too proud to admit that I was completely wrong. The truth is that I only had a grasp of the impact of such attacks but I didn't know anything about the methods and the things that can and should be done at the operating system level. I have been neck-deep in completing documentation for our product's Common Criteria for Information Technology Security Evaluation (ISO/IEC 15408) submission so I hadn't had much time to think about topics for a blog post. Besides, how can I compete with all of these eye-catching,dramatic headlines about LulzSec, Anonymous, and Ryan Cleary? A co-worker asked me how our Security Blanket operating system lock down tool could help against denial-of-service (DoS) attacks. So began my research and I quickly had the epiphany that I barely knew anything about DoS attacks. Of course this topic is far too broad and complex to cover in one blog post but I am going to highlight some of my findings. First of all, I strongly recommend visiting the SANS Institute InfoSec Reading Room and reading “A Summary of DoS/DDoS Prevention, Monitoring and Mitigation Techniques in a Service Provider Environment.” Secondly, read the W3C's “The World Wide Web Security FAQ - Securing against Denial of Service attacks.” In “HACKING the art of exploitation”1, Erikson describes two general forms of DoS attacks: those that crash services and those that flood services. Wikipedia goes on to describe five basic types of attacks: Consumption of computational resources, such as bandwidth, disk space, or processor time. Disruption of configuration information, such as routing information. Disruption of state information, such as unsolicited resetting of TCP sessions. Disruption of physical network components. Obstructing the communication media between the intended users and the victim so that they can no longer communicate adequately. The W3C defines DoS as “an attack designed to render a computer or network incapable of providing normal services. The most common DoS attacks will target the computer's network bandwidth or connectivity. Bandwidth attacks flood the network with such a high volume of traffic, that all available network resources are consumed and legitimate user requests can not get through. Connectivity attacks flood a computer with such a high volume of connection requests, that all available operating system resources are consumed, and the computer can no longer process legitimate user requests.” The W3C differentiates a DoS attack from a Distributed Denial of Service (DDoS) attack. The DDoS “attack uses many computers to launch a coordinated DoS attack against one or more targets. Using client/server technology, the perpetrator is able to multiply the effectiveness of the Denial of Service significantly by harnessing the resources of multiple unwitting accomplice computers which serve as attack platforms.” In the case of smurf and fraggle attacks, one method of prevention is to configure the router to block broadcast packets that did not originate from that network. On Linux systems, you can configure the kernel to disregard ICMP ECHO and TIMESTAMP requests that were sent to broadcast or multicast addresses by setting the kernel parameter net.ipv4.icmp_echo_ignore_broadcasts to one. When it comes to “SYN flood” DoS form of attacks, you can configure Linux to send out requests (syncookies) to remote hosts if they are flooding your system’s backlog queue with SYN packets; to enable this set the kernel parameter net.ipv4.tcp_syncookies to one. These requests check whether or not the inbound SYN packets are legitimate. In cases where these inbound SYN packets are not legitimate, your system might be experiencing a “SYN flood” DoS attack. Enabling this option on a system under normal load is useful. If your system is under high load it will make new connections but without advanced features such as explicit congestion notification (ECN) or selective acknowledgment (SACK). All of the normal hardening procedures for the operating system will of course help. Namely, it will help reduce the likelihood your system will become compromised and become the platform for which attacks will be launched. Additionally, it is critical to know what software is present on your system. One technique to monitor this is to baseline (or fingerprint) your system to include the use of cryptographic hashes where possible. Then periodically, perform another baseline and compare it to the previous one. The use of host-based firewalls (e.g., iptables) is strongly encouraged as well as disabling of unnecessary server services. System minimization has been a topic in many of my posts before and I believe it is one of the easiest but most effective techniques because it reduces your “attack surface.” The W3C FAQ also says, “assume a service should be turned off, unless it is absolutely required.” And I would take it one step further by removing the software packages associated with those unused services. Safeguarding and monitoring operating systems against DoS and DDoS are areas which I continue to learn about and develop techniques. Please, share your knowledge and techniques so we all might learn. Sursa: https://www.infosecisland.com/blogview/14788-Protecting-Linux-Against-DoSDDoS-Attacks.html

A Window Into Mobile Device Security Examining the security approaches employed in Apple’s iOS and Google’s Android Carey Nachenberg VP, Fellow Contents Executive Summary............................................1 Introduction........................................................1 Mobile Security Goals.........................................2 Web-based and network-based attacks ......2 Malware ........................................................2 Social Engineering Attacks...........................3 Resource Abuse.............................................3 Data Loss ......................................................3 Data Integrity Threats...................................3 Device Security Models......................................3 Apple iOS.......................................................4 Android........................................................10 iOS vs. Android: Security Overview...................17 Device Ecosystems ............................................17 Mobile Security Solutions................................20 Mobile Antivirus..........................................20 Secure Browser...........................................21 Mobile Device Management (MDM)...........21 Enterprise Sandbox.....................................21 Data Loss Prevention (DLP)........................22 Conclusion........................................................22 Download: http://www.symantec.com/content/en/us/about/media/pdfs/symc_mobile_device_security_june2011.pdf

Au primit multi. Exista categoria "Ajutor". Exista categoria "Cereri". Exista n posturi in care specific sa nu se ceara ajutorul sau alte prostii in aceasta categorie. Exista x persoane care au primit avertisment pentru asa ceva, nu trebuie sa te simti special.

Ca azi sunt de obicei, insa doar azi am ceva timp liber si am timp sa dau avertismente si banuri. Ca nu prea am mai activat de o saptamana-doua.

Da, poate fi foarte util. Oricum, e publica de putin timp. O sa fac niste teste sa vad daca reusesc ceva automatizare.

Foarte interesant. Ai numai posturi interesante. Ban.

A fost un experiment. Am anuntat de "x" ori. Si nu eu am dat Add la cele 1000 de persoane din lista, doar la cateva. Si tot nu inteleg de unde tot primeam add-uri legate de Metin. Si exista optiunea "Ignore".

La Academia Tehnica Militara nu e tocmai "frumos"... Din mai multe motive: - nu ai foarte multa libertate: nu prea poti lipsi de la cursuri, se verifica camerele uneori, nu ai voie sa iesi de capul tau, sa vii mai tarziu de 23:00 parca, trebuie sa iesi cu invoire, o gramada de chestii - trebuie sa stii si o sa fii forjat cu o gramada de matematica si fizica. Daca vrei sa mergi acolo pentru informatica, nu e alegerea potrivita - da, o sa iesi cu salariu, venit stabil, dar trebuie sa semnezi contract pe 10 ani, si nu poti sa iti dai demisia, cred ca te pun sa platesti daune - la fel cu facultatea, daca vrei sa o abandonezi, trebuie sa platesti cat ai stat - va pun brom in mancare/bautura, in ceai am inteles ca sa nu vi se mai scoale. Sa nu mai aveti asa chef de sex - dimineata trezirea, dati ture pe acolo si tot felul de alte prostii, pe langa datul cu matura prin curte - trebuie sa purtati uniformele alea urate, vara muriti de cald, iarna degerati - salariile nu sunt foarte mari, sfatul meu e sa dai la STS, probele fizice sunt date la misto dar cele scrise sunt mai grele, la MApN am inteles ca nu sunt salarii foarte mari Sunt multe motive pentru care iti recomand sa nu te duci acolo, dar e alegerea ta. Eu iti spun parerea mea si ce am vorbit cu persoane de acolo, cunosc mai multe.

Mie imi place, bravo A, eu nu sunt foarte pretentios la partea de grafica.

Oare ne lasa si pe noi sa il folosim sa crack-uim md5-uri?

XSSF - Cross-Site Scripting Framework v.2.0 Released Friday, June 24, 2011 The Cross-Site Scripting Framework (XSSF) is a security tool designed to turn the XSS vulnerability exploitation task into a much easier work. The XSSF project aims to demonstrate the real dangers of XSS vulnerabilities, vulgarizing their exploitation. This project is created solely for education, penetration testing and lawful research purposes. XSSF allows creating a communication channel with the targeted browser (from a XSS vulnerability) in order to perform further attacks. Users are free to select existing modules (a module = an attack) in order to target specific browsers. XSSF provides a powerfull documented API, which facilitates development of modules and attacks. In addition, its integration into the Metasploit Framework allows users to launch MSF browser based exploit easilly from an XSS vulnerability. Download: https://code.google.com/p/xssf/downloads/list Video demo: http://www.youtube.com/user/X0x1RG9f Sursa: Security-Shell: XSSF - Cross-Site Scripting Framework v.2.0 Released

Poza e facuta la Nicolae Balcescu - Lahovari. Da, e cu mine, o aveam de mult la avatar.

Ca sa inteleaga toata lumea... NU folosesc eu acest ID, poveste lunga. Daca il aveti in lista aflatii IP, trimiteti un fisier si verificati cu netstat sau cu Wireshark incotro se duc datele, nu cred ca trec prin serverele Yahoo. Trimiteti o poza ceva. Sau cel mai bine dati ignore. Desi pe mine ma amuza mass-urile lui. Nu stiu cine e, dar incearca sa va dea stealere. Daca nu aveti ce face, luati fisierele de la el, dar NU LE EXECUTATI, si trimiteti-mi PM cu un link catre ele.

A mea e simpla, dar nu cred ca o ghiciti...

http://www.meh.ro/wp-content/uploads/2011/06/meh.ro7678.jpg

Am vazut ca unele avatare sunt mai mari, cred ca se poate ceva. Vedeti YDK. Dar nu am timp momentan.

[C++] Notiuni de limbaj E un articol scris de mine inainte de examenul de POO (Programare Orientata pe Obiecte) - C++. M-am gandit ca poate ajuta cat de cat colegii mei. - Introducere - Mediu de lucru - Exerci?iul 0: caractere speciale - Exerci?iul 1: const - Exemplul 2: Constructori: - Exerci?iul 3: Func?ii virtuale Acopera notiuni de POO. E scris pentru a exemplifica probleme care pot sa apara in programe C++ si care pot fi de la usor la foarte greu de identificat. Insa este doar o mica colectie, cu explicatiile de riguare. Probleme pot fi multe si foarte variate, si am acoperit foarte putin. PS: Necesita cunostinte de POO: sa stii ce e ala constructor, constructor de copiere, derivare, cateva notiuni cel putin elementare. "Citat": S? lu?m acum un exemplu mai interesant. Lu?m clasele Test ?i Test2, care e derivat? din Test, ambele cu parametru int implicit 0. ?i cre?m un obiect x ?i înc? unul y = x. #include <iostream> using namespace std; class Test { int x; public: Test(int i = 0) : x(i) { cout << "Test: " << i << "\n" ; } ~Test() { cout << "~Test: " << x << "\n" ; } }; class Test2: public Test { int y; public: Test2(int i = 0) : y(i) { cout << "Test2: " << i << "\n" ; } ~Test2() { cout << "~Test2: " << y << "\n" ; } }; int main() { Test2 x(3), y = x; return 0; } În ce ordine se vor apela constructorii? E simplu: Test: 0 - Pentru x, mai întâi se apeleaz? constructorul clasei de baz? cu valoarea implicit? Test2: 3 - Apoi constructorul s?u, Test2, cu valoarea 3 ~Test2: 3 - Destructor y ~Test: 0 - Destructorul clasei de baz? ~Test2: 3 - Destructor x ~Test: 0 - Destructorul clasei de baz? Ce se întâmpl? apoi? E simplu: pentru y nu se apeleaz? constructorul normal, ci se apeleaz? constructorul de copiere, care nu este definit de noi. Deci se creaz? y, un al doilea obiect, de aceea vedem c? se apeleaz? de dou? ori seria ~Test2/~Test. Îns? lucrurile devin mai interesante dac? definim un constructor de copiere pentru Test2. S? îl definim ?i s? increment?m cu 1 valoarea lui y (din Test2) pentru a face diferen?a între obiectele x ?i y. Test2(Test2 &ob) { cout << "Copiere Test2\n" ; y = ob.y + 1; } La rulare, se va afi?a: Test: 0 - Pentru x - baza Test2: 3 - Pentru x – constructorul din derivat? Test: 0 - Interesant. Acum, înaintea constructorului de copiere care se apeleaz? la crearea lui y, se apeleaz? constructorul din clasa de baz? pentru y. Motivul e simplu: se creaz? un nou obiect Test2 ?i asta presupune apelul constructorului clasei de baz?, clasa Test. În primul caz, în care nu aveam un constructor de copiere, x-ul se copia bit cu bit in y ?i nu se mai apela niciun constructor al clasei de baz?. A?adar, aten?ie la astfel de lucruri m?runte Copiere Test2 - Se apeleaz? ?i constructorul de copiere ~Test2: 4 - Destructorul lui y mai întâi, destructorii se apeleaz? în ordine invers? ~Test: 0 - Destructorul din baz? al lui y ~Test2: 3 - Destructorul lui x ~Test: 0 - Destructorul din baz? al lui x Download: http://www.speedyshare.com/files/29050808/C_notiuni_de_limbaj.pdf http://www.mediafire.com/?sn66k96645034tj http://www.megaupload.com/?d=RZ13C013 RTTI - Runtime Type Identification/Information: E o facilitate a limbajului care permite identificarea tipului variabilelor la executie. Pentru inceput e necesar un header: #include <typeinfo> Utilitatea lui e urmatoarea: poti identifica tipul unei variabile, de obicei pointer, la executie, si poti preveni anumite erori. Sa zicem ca avem o clasa A, o clasa B care o mosteneste pe A, si o clasa C care o mosteneste pe A. Folosind un pointer la A vom putea indica catre un obiect de tipul A, B sau C, si e posibil sa nu stim sigur catre ce tip de obiect indica pointerul. A *p; Putem avea: p = new A; // Clasic p = new B; // B fiind derivata din A p = new C; // Putem crea p-ul in functie de niste date introduse de la tastatura de exemplu, deci nu putem stii catre ce tip indica, aici ne ajuta RTTI-ul. Pentru a obtine tipul unei variabile, apelam functia "typeid()". Functia NU returneaza un sir de caractere care reprezinta numele tipului variabilelei, ci returneaza un obiect de tipul "type_info". Aceasta este de fapt o clasa cu cateva metode. Deci functia va returna un obiect care are metodele: - name() - Cea mai importanta metoda, returneaza un sir de caractere care reprezinta numele tipului variabilei (pointer, obiect, int... ) ca parametru. De exemplu, typeid(x).name va fi "i" in cazul in care x e un int, va fi "l" pentru cazul in care e un long si asa mai departe. Insa utilitatea apare la pointeri cand lucram cu clase derivate. Sa luam urmatoarele clase: class C1 { public: C1() { cout << "C1\n"; } }; class C2: public C1 { public: C2() { cout << "C2\n"; } }; Apoi vrem sa cream un pointer si sa vedem tipul sau: int main() { C1 *x = new C1; cout << typeid(x).name(); return 0; } E cazul clasic, se va afisa "P2C1". "P" = pointer, "2"-ul reprezinta numarul de caractere al numelui clasei. Clasa "C1" are 2 caractere, daca aveam clasa "Test" aveam 4 caractere. Iar "C1" reprezinta desigur tipul pointerului. De asemenea: C1 *x = new C2; cout << typeid(x).name(); Va afisa TOT "P2C1" pentru c x este un pointer la tipul C1, chiar daca indica spre un obiect de tipul C2. De asemenea: C1 *x = new C2; cout << typeid(*x).name(); Va afisa "2C2", deci va afisa ca indica spre un obiect de tipul C2. Despre type_info ar mai fi important ca supraincarca operatorul ==, astfel poti compara typeid(x) == typeid(y). La fel si !=. E scris pe la 23:00 - 24:00 inainte de examen, nu am avut timp sa scriu mai mult. Sper sa va ajute.

Iar incepeti cu topicuri dinastea penibile? Inchis si mutat la gunoi.