Nytro

Inca o data ratatii de la inj3ct0r au demonstrat ca sunt niste copii si ca nu prea ii duce capul. Ai dreptate pyth0n3. E motivul pentru care mi-am schimbat total impresia despre acesti baieti. Daca erau hackerii in vechiul sens al cuvantului, ar fi facut orice pentru accesul liber la informatie, adica NU ar fi cerut bani pentru niste cursuri care de fapt sunt mai mult pentru script-kiddies. Nici o data nu mi-au placut tutorialele despre "cum sa folosesti un program".

Merge si cu prima. Folderul se deschide cu executabilul "explorer.exe". E in C:\Windows\explorer.exe. Si daca apar spatii folosesti ghilimele. Cu placere

Se poate deschide in Explorer (cred ca asta vrei) cu functia asta: WinExec Function (Windows) Sau mai urat cu: CreateProcess Function (Windows) Nu stiu Delphi, dar cred ca aceste functii se afla intr-un fisier pe care trebuie sa il incluzi. In C++ mai e functia "system" din stdlib.h, dar nu cred ca te ajuta prea mult.

Ooo da, un vechi fan de-al meu cred. Nu stiu cum poti spune ca tu m-ai invatat VB6, cred ca nici macar nu stii VB6. Si nu cred ca am discutat foarte multe noi. Uite cum am invatat VB6: eram moderator pe un alt forum, care exista si azi sub un alt nume, si un baiat pe nickname E.M.I.N.E.M. m-a ajutat. Apoi am citit o carte "draguta" de 900 de pagini si inca una de 700 de pagini care era pentru VB5. Si multa practica, programele de 2 lei. Cum m-ai ajutat tu? Pe PSC am postat cateva proiecte la mult timp dupa ce le-am facut. Oricum, nu stiu prea multe despre tine, doar am o banuiala ca esti doar una dintre "victimele" mele. Nu imi aduc aminte mai nimic de tine, deci nu te-ai facut remarcat cu nimic, nici macar in sensul rau. In fine, ideea e simpla. Eu nu am nimic cu utilizatorii normali. Dar cand apar tot felul de specimente care nu aduc nici un folos forumului si tot ce fac e sa comenteze aiurea, nu am decat sa fac ceea ce trebuie, si sa le dau ban. Cine respecta regulile forumului, ale eticii si ale bunului simt nu are nici o problema cu mine. fmmets: As dori sa vad acel post. Da, mai facem publice adrese de mail si IP-uri ale persoanelor care incearca sa infecteze membri forumului sau cine stie ce tampenii mai fac. In rest nu facem asa ceva. Ar fi mai multe lucruri de spus, dar ce am spus aici cred ca e de ajuns.

Cum "sa afisezi"? Vrei sa listezi toate fisierele din acel folder, sa le ai in program, sau sa il deschizi in Explorer?

Sa vad daca reusesc sa dau de kwe.

Cred ca merge si asa Sau asa: Stiu, PS de 2 lei, nu ma pricep, dar am incercat si eu cate ceva.

VirtualBox 4.0 Simplifies Virtual Operating System Management, Adds Extensions Windows/Mac/Linux: VirtualBox 4.0 makes creating virtual operating systems a lot less bothersome. The interface is easier to get around, the virtual machines easier to move or wipe away, display and hardware compatibility is improved, and new "extensions" can add new capabilities. Previously, moving your virtual machines around, or deleting them and all their snapshots, required some knowledge of how VirtualBox stored your stuff, and some tricky XML editing. No longer, as VirtualBox adds commands to do a complete wipe of a machine, and also explains where your stuff is stashed. Beyond that deep-down fix, the interface has seen a pretty nice upgrade—stuff you would regularly look for before, like the prompt to load up an ISO file as a virtual CD drive, are now front and center, and the Settings dialog easier to move through progressively. There aren't many Extensions right now, but third-party coders may soon add some nice capabilities to this free virtual machine manager. And Oracle does offer up one extension, USB management, that will likely allow users of the open source version (usually distributed by Linux desktops) to get that previously unavailable capability. VirtualBox 4.0 is a free download for Windows, Mac, and Linux systems. If you're intrigued and want to get started with VirtualBox and virtual operating systems, try our beginner's guide to virtual machines, or take on the seemingly impossible by running Mac OS X on Windows in VirtualBox. VirtualBox 4.0 Changelog: Changelog - VirtualBox Sursa: VirtualBox 4.0 Simplifies Virtual Operating System Management, Adds Extensions

Florin Salam & Costi Ionita - M-am saturat de oameni perversi

Nu am PSD, nu am nimic. Trebuie decupat logo-ul de aici: O sa incerc si eu sa fac asta. Modificare: Am incercat eu sa decupez, fara acea urma alba. Apoi am pus putin Stroke. PSD: http://www.2shared.com/photo/bYgJ34Nn/RST_Logo_3.html http://www.filehost.ro/1639680/RST_Logo_3_psd/ http://www.mediafire.com/?4mhdzzcdhnk4b8u

Asta sa fie, cu vechiul logo, vechiul scut cu cei 3 si fara bordura, sau una mica de 1-2 pixeli. Cam asta e parerea mea.

Trebuie vechiul logo. Si sa se potriveasca cu tema. Si craciunita/craciunite, si ceva 1337 si RST. Cam asta ar fi pe scurt.

Botnets A botnet is a network of compromised computers that are controlled remotely and surreptitiously by one or more individuals, called bot-herders. Computers in the botnet, called nodes or zombies, are usually ordinary computers with always-on broadband connections, sitting on desktops in homes and offices around the world. Usually, computers belong to botnets because their owners or users have been tricked into installing malware that secretly connects the computer to the botnet and performs tasks like sending spam, hosting malware or other illegal files, and attacking other computers. Often the user never knows his or her computer is being used for nefarious ends. A botnet is in many ways the perfect base of operations for computer criminals. Botnet malware is designed to operate in the background, without any visible evidence of its existence. Often the victim has no idea that his or her computer is infected and so is less likely to subject it to a malware scan that might detect and remove the infection. By keeping a low profile, botnets are sometimes able to remain active and operational for years. Botnets are also attractive to criminals because they provide an effective mechanism for covering the tracks of the botnet user—tracing the origin of an attack leads back to the hijacked computer of an innocent user, where the trail ends. Getting a botnet up and running is only the first step. A botnet can be used as a platform for a variety of criminal activities, depending on how the bot-herders choose to configure the individual nodes. In addition to identity theft, botnets have many uses, including: Sending spam. Much of the spam sent today originates from botnets, which use several different techniques to get their unwanted messages past recipients’ mail filters. In addition to renting out the botnet to spammers, bot-herders also send spam themselves in an effort to increase the size of the network. Perpetrating distributed denial of service (DDoS) attacks. In a DDoS attack, multiple computers attack a target server (typically a web server) by flooding it with traffic, saturating the target’s bandwidth, and rendering it effectively unavailable to other users. Criminals sometimes threaten companies with DDoS in an effort to extort money from them, or they launch DDoS attacks against security researchers or others they believe have wronged them. DDoS has even been used in “cyber-warfare” attacks launched against countries or regions. Hosting malware or illegal content. Peer-to-peer (P2P) networks are effective mechanisms for retrieving or distributing media content. They work like search engines to locate media that people have made available. Some content is illegal, either to own or to distribute, so criminals often use hijacked computers as a place to store illegal content. Unwitting owners of hijacked computers may be delivered lawsuit papers by rightful content owners for distributing copyrighted material—or arrested by police for distributing child pornography. Hijacked computers are also used to host web pages used in phishing attacks and to host and distribute additional malware. Perpetrating click fraud. Criminals sometimes use botnets to generate fraudulent “clicks” on pay-per-click advertisements, such as those hosted by some search engines and other websites. The advertiser pays a fee to the advertising network for every click its advertisement receives, so click fraud can be used to financially harm a competitor. The most common method used for controlling botnets is Internet Relay Chat (IRC), a distributed system for real-time chatting. When the botnet is installed on a victim’s computer, it connects to an IRC channel that the bot-herder has established and waits for instructions. From there, all the bot-herder has to do to activate the bots is connect to the channel and type in some predefined commands, and they’re off—sending spam, launching DDoS attacks, hosting phishing pages, or whatever else the herder has in mind. Recently, botnets have even used P2P mechanisms for command and control, making them more difficult to shut down once discovered. Sursa: Reference Guide

Quick Security Reference - SQL Injection Download: http://download.microsoft.com/download/E/E/7/EE7B9CF4-6A59-4832-8EDE-B018175F4610/Quick%20Security%20Reference%20-%20SQL%20Injection.docx

Quick Security Reference - Cross-Site Scripting Download: http://download.microsoft.com/download/E/E/7/EE7B9CF4-6A59-4832-8EDE-B018175F4610/Quick%20Security%20Reference%20-%20Cross-Site%20Scripting.docx

Quick Security Reference - Exposure of Sensitive Information Download: http://download.microsoft.com/download/E/E/7/EE7B9CF4-6A59-4832-8EDE-B018175F4610/Quick%20Security%20Reference%20-%20Exposure%20of%20Sensitive%20Information.docx

How is DNSSEC related to web site security? murater - 10-24-2010 2:45 PM When you have a web site where Money is changing hands, customer trust has upmost importance. The moment you loose trust you loose your customers. You will need to invest on your security strategy in a multi layered fashion. Here is a short list (not a comprehensive one) of items you should keep in mind: · SSL certificate: You will need too have a SSL web site certificate that you can get from a well trusted authority. As expected the most important thing you will want to look at is their assurances and operations. Asking for a web certificate with highest key length is not enough, its about what policiees are in place. The questions you would need to ask is when your private key gets comprimized, how fast is their CRL updated?, what measures are taken to prevent comprimise of their intermediate and what standards their are applying to their operations. · Securing the environment: You would definetely want to have a secure network, securely configured host and applications. There are plenty of documentation on how to secure your routers, firewalls, locking down your servers and IIS configuration. If you would like to have more informataion please provide feedback and I will provide more information on this one. Get yourself ready for using IPv6. If you are planning for a web site or if you already have one running on older system, consider moving to Windows Server 2008 R2. · Secure Operations: Securing the environment is only the first half of the story. You need to keep it that way. This means you need to monitor your servers, keep them up to date and upgrade them when necessary. Fully secured web server with no recent updates is sitting ducks ready to be used by criminals. · Secure your web application: Its sometimes overlooked to get security review for your web application in place. No matter how good developers you have, you will need to get a security review from a security experts. This is also true on updating your web applications. · Intrusion prevention and detection: Even if you did everything to secure your environment you will need to watch for activities on your web site. You need early warning signs if there is something unusual happening. This would need delicate tuning as these devices can create a lot of noise which can easily become overwhelming. There are different standards that you would need to adhere to and you should also check them out. For example if you want to process credit cards you would need to look at PCI DSS. However there is one more important part that needs your attention which is DNS. DNS protocol has been around for a long time. When it was first introduced security was not a concern. However as Internet grew, attacks based on DNS has increased considerably. The worst part is that as DNS is distributed service you need to trust other entities to provide security for DNS service. When a client asks for a dns name, DNS server will ask several dns servers before returning and answer to the client. If anyone of these servers are comprimized, client is redirected to a different web server which may look just like the original web site but actually is planned to get your username and password or credit card numbers. The best way to solve this problem is a standard that has recently popularized namely DNSSEC (DNS System Security Extensions). DNSSEC is specified in RFCs 4033-4035. It adds new operations to DNS server and client and 4 new DNS records (DNSKEY,RRSIG,NSEC and DS). DNSSec digitally signs all records in a DNSzone. A client will obtain the public key and validate that the responses are authentic. So when a client asks a question to DNS servers the answer is digitally signed. Each time you hop from DNS server to DNS server you know that the answer is genuine as long as signature is valid. DNSSec is a feature of Windows Server 2008 R2 and Windows 7. If you want to learn more about DNSSec on Windows you can find more information here. Even clients that do not understand DNSSEC can stil use the DNS servers in question, albeit without reaping the benefits of validation. One of the most important blockers for wide DNSSEC implementation was top level DNS zones not being signed. As of the time of this writing most of the top level zones have been digitally signed. One of the most important zones is .com and is expected to be signed early next year. This will be a key milestone to make DNSSec mainstream. When you are planning your DNS Infrastrcuture, you should keep in mind the following about DNSSEC: · Dynamic update is not supported. You should use DNSSec on your external DNS entries and not on your internal DNS where clients are using dynamic DNS. · DNSSec is not a lightweight protocol. You will need extra bandwidth and strong servers to handle DNSSec traffic. · Clients will need to understand DSSec messages, which will happen with new operating systems. Do not expect that all clients trying to access your web site is secured the moment you implement DNSSec on your servers. DNSSec will help secure Internet but it will need effort from all implementing parties. It would be necessary to start planning as soon not to be left behind. As always, feedbacks are welcome. Sursa: How is DNSSEC related to web site security? - Murat Cudi Erenturk, Insights of an Architect - Site Home - TechNet Blogs

On the effectiveness of DEP and ASLR swiblog - 8 Dec 2010 9:59 AM DEP (Data Execution Prevention) and ASLR (Address Space Layout Randomization) have proven themselves to be important and effective countermeasures against the types of exploits that we see in the wild today. Of course, any useful mitigation technology will attract scrutiny, and over the past year there has been an increasing amount of research and discussion on the subject of bypassing DEP and ASLR [1,2]. In this blog post we wanted to spend some time discussing the effectiveness of these mitigations by providing some context for the bypass techniques that have been outlined in attack research. The key points that should be taken away from this blog post are: * DEP and ASLR are designed to increase an attacker's exploit development costs and decrease their return on investment. * The combination of DEP and ASLR is very effective at breaking the types of exploits we see in the wild today, but there are circumstances where they can both be bypassed. * Exploits targeting Microsoft and third party vulnerabilities have been created that are capable of bypassing DEP and ASLR in the context of browsers and third party applications. * We are currently not aware of any remote exploits that are capable of bypassing DEP and ASLR in the context of in-box Windows services and various other application domains. * Knowledge of potential bypass techniques directly informs our future work to improve the robustness and resiliency of DEP, ASLR, and our other mitigation technologies. DEP effectiveness (without ASLR) In a previous blog post series we went into detail on what DEP is and how it works[part 1, part 2]. In summary, the purpose of DEP is to prevent attackers from being able to execute data as if it were code. This stops an attacker from being able to directly execute code from the stack, heap, and other non-code memory regions. As such, exploitation techniques like heap spraying (of shellcode) or returning into the stack are not immediately possible. The effectiveness of DEP hinges on the attacker not being able to 1) leverage code that is already executable or 2) make the attacker's data become executable (and thus appear to be code). On platforms without ASLR (that is, versions of Windows prior to Windows Vista), it is often straightforward for an attacker to find and leverage code that exists in modules (DLLs and EXEs) that have been loaded at predictable locations in the address space of a process. Return-oriented programming (ROP) is perhaps the most extensive example of how an attacker can use code from loaded modules in place of (or as a stepping stone to) their shellcode [3,1]. In addition to loaded modules, certain facilities (such as Just-In-Time compilers) can allow an attacker to generate executable code with partially controlled content which enables them to embed shellcode in otherwise legitimate instruction streams ("JIT spraying")[2]. The fact that modules load at predictable addresses without ASLR also makes it possible to turn the attacker's data into executable code. There are a variety of ways in which this can be accomplished, but the basic approach is to use code from loaded modules to invoke system functions like VirtualAlloc or VirtualProtect which can be used to make the attacker's data become executable. Summary: DEP breaks exploitation techniques that attackers have traditionally relied upon, but DEP without ASLR is not robust enough to prevent arbitrary code execution in most cases. ASLR effectiveness (without DEP) Attackers often make assumptions about the address space layout of a process when developing an exploit. For example, attackers will generally assume that a module will be loaded at a predictable address or that readable/writable memory will exist at a specific address on all PCs. ASLR is designed to break these assumptions by making the address space layout of a process unknown to an attacker who does not have local access to the machine. This prevents an attacker from being able to directly and reliably leverage code in loaded modules. The effectiveness of ASLR hinges on the entirety of the address space layout remaining unknown to the attacker. In some cases memory may be mapped at predictable addresses across PCs despite ASLR. This can happen when DLLs or EXEs load at predictable addresses because they have not opted into ASLR via the /DYNAMICBASE linker flag. Prior to Internet Explorer 8.0 it was also possible for attackers to force certain types of .NET modules to load at a predictable address in the context of the browser[6]. Attackers can also use various address space spraying techniques (such as heap spraying or JIT spraying) to place code or data at a predictable location in the address space. In cases where the address space is initially unpredictable an attacker can attempt to discover the location of certain memory regions through the use of an address space information disclosure or through brute forcing[5]. An address space information disclosure occurs when an attacker is able to coerce an application into leaking one or more address (such as the address of a function inside a DLL). For example, this can occur if an attacker is able to overwrite the NUL terminator of a string and then force the application to read from the string and provide the output back to the attacker [4]. The act of reading from the string will result in adjacent memory being returned up until a NUL terminator is encountered. This is just one example; there are many other forms that address space information disclosures can take. Brute forcing, on the other hand, can allow an attacker to try their exploit multiple times against all of the possible addresses where useful code or data may exist until they succeed. Brute forcing attacks, while possible in some cases, are traditionally not practical when attacking applications on Windows because an incorrect guess will cause the application to terminate. Applications that may be subjected to brute force attacks (such as Windows services and Internet Explorer) generally employ a restart policy that is designed to prevent the process from automatically restarting after a certain number of crashes have occurred. It is however important to note that there are some circumstances where brute force attacks can be carried out on Windows, such as when targeting an application where the vulnerable code path is contained within a catch-all exception block. Certain types of vulnerabilities can also make it possible to bypass ASLR using what is referred to as a partial overwrite. This technique relies on an attacker being able to overwrite the low order bits of an address (which are not subject to randomization by ASLR) without perturbing the higher order bits (which are randomized by ASLR). Summary: ASLR breaks an attacker's assumptions about where code and data are located in the address space of a process. ASLR can be bypassed if the attacker can predict, discover, or control the location of certain memory regions (particularly DLL mappings). The absence of DEP can allow an attacker to use heap spraying to place code at a predictable location in the address space. DEP+ASLR effectiveness In the previous sections we described the effectiveness of DEP and ASLR in isolation from one another. In reality, DEP and ASLR are designed to be used in combination on Windows Vista and beyond. Both of these mitigations are enabled in the context of important applications like Internet Explorer 8, Microsoft Office 2010, and in-box services and applications that ship with the OS. This means that attackers looking to exploit vulnerabilities in these environments will need to overcome both obstacles (in addition to numerous other mitigations). The DEP+ASLR bypass techniques that are currently being explored in attack research have primarily focused on identifying and refining methods of bypassing ASLR. Once ASLR has been bypassed it is typically straightforward to bypass DEP using established techniques such as return-oriented programming. At this point in time there have been multiple exploits which have demonstrated that it is possible in practice to bypass the combination of DEP+ASLR in the context of certain application domains (such as browsers and third party applications). These exploits have bypassed ASLR through the use of predictable DLL mappings, address space information disclosures, or JIT spraying and have bypassed DEP through the use of return-oriented programming (or some simpler variant thereof) or JIT spraying. In many cases these exploits have relied on predictable mappings caused by DLLs that ship with third party components or by JIT compilation capabilities included in non-default browser plugins. This means that these exploits will fail if the required components are not installed. Although exploits have been written which are capable of bypassing the combination of DEP+ASLR, the vast majority of exploits that have been written to date do not have such capabilities and instead strictly target applications and platforms that do not enable these mitigations. This affirms our position that DEP+ASLR are strong countermeasures for the types of attacks that we see in the wild today despite weaknesses in their current implementations. Summary: DEP+ASLR are most effective when used in combination; however, their combined effectiveness is heavily dominated by the effectiveness of ASLR. Exploits have been developed that are able to bypass DEP+ASLR in the context of browsers and third-party applications. Nevertheless, the vast majority of exploits written to date do not attempt to bypass the combination of DEP+ASLR. Future directions As we look toward the future it is clear that attackers will continue to become increasingly incentivized to attempt to develop exploits which are capable of bypassing the combination of DEP+ASLR. Our understanding of the ways that DEP and ASLR can be bypassed directly informs the future work we are doing to improve the robustness and resiliency of our mitigation technologies. Although this work is ongoing there are two noteworthy improvements that we would like to highlight. The first improvement can be seen in the latest version of the Enhanced Mitigation Experience Toolkit (EMET) which now includes support for a feature known as mandatory ASLR. This feature enforces ASLR for all modules regardless of whether or not they are ASLR aware (which effectively eliminates predictable DLL mappings when enabled on Windows Vista and above). This resolves the ASLR bypass technique we described previously and it has been used in practice to successfully mitigate exploits in the wild. The second improvement consists of JIT spraying mitigations that have been directly incorporated into the JavaScript JIT compiler that was recently released in the Internet Explorer 9 beta. These mitigations act as countermeasures against the JIT spraying techniques that have been described in attack research. These two improvements help to further illustrate our belief that DEP, ASLR, and exploit mitigations in general are extremely important due to the impact they have on the cost of developing reliable exploits and due to the knowledge demands they place on attackers. Mitigations such as these enable us to be proactive about providing additional protection to customers who may be running software with an unknown or unpatched vulnerability. Ultimately our goal with exploit mitigations is to reach a point where vulnerabilities become too expensive to reliably exploit - and this is a goal we are actively working toward. Recommendations For enterprises and users We recommend that enterprises and users enable DEP for all critical applications and run a version of Windows that supports ASLR (such as Windows 7). The Enhanced Mitigation Experience Toolkit (EMET) can be used to easily enable DEP and other mitigations for a process. You can read more about EMET here: The Enhanced Mitigation Experience Toolkit For ISVs The effectiveness of mitigations like DEP and ASLR across the Windows ecosystem is heavily contingent on ISV adoption. ISVs that are interested in more details on how to enable DEP, ASLR, and other mitigations in their products are encouraged to refer to the guidance below: Windows ISV Software Security Defenses Matt Miller, MSEC Security Science References [1] Dino Dai Zovi. Practical Return-Oriented Programming. April, 2010. [2] Dionysus Blazakis. Interpreter Exploitation: Pointer Inference and JIT Spraying. February, 2010. [3] Hovav Shacham. Return-Oriented Programming: Exploits Without Code Injection. August, 2008. [4] Peter Vreugdenhil. Pwn2Own 2010 Windows 7 Internet Explorer 8 Exploit. March, 2010. [5] Hovav Shacham et al. On the Effectiveness of Address-Space Randomization. 2004. [6] Alexander Sotirov and Mark Dowd. Bypassing Browser Memory Protections. August, 2008. *Posting is provided "AS IS" with no warranties, and confers no rights.* Sursa: On the effectiveness of DEP and ASLR - Security Research & Defense - Site Home - TechNet Blogs

Nu, vechiul logo, cu cei 3 crai, tot acel scut sa ramana.

Mai baieti, sa fim seriosi, ganditi prea mult.

E bun asta: Numai sa fie fara bordura, sau sa aiba 1-2 pixeli maxim. Modificare: Pune mai bine vechiul logo, cel din partea dreapta al vechiului header.

Pune link sa radem si noi.

E mai bun primul. Cred ca ar fi mai bine sa muti textul mai sus si sa scrii si "Security Research" sub el, ceva mai mic. In rest imi place.

Doar sa le mai misti putin sa se vada mai bine, sa nu mai fie asa mari spatiile goale. Pe aripi nu stiu, cred ca ar merge 2 globuri. Si cred ca o sa iti trimita PSD-ul daca ii trimiti un PM. PS: Bravo. Modificare: Ar mai trebui si ceva verde, sa se asorteze cu tema. Ori Romanian... cu verde, ori acele coduri, nu stiu

Ultimu e cel mai frumos. Ca mic detaliu trebuie aranjate putin acele texte, sa se vada mai bine. Si sa pui cate ceva pe aripi. Si poate scutu ceva mai mare.