-
Posts
1909 -
Joined
-
Last visited
-
Days Won
26
Posts posted by em
-
-
Deci a fi challenge solver inseamna ceva in ziua de azi? Inteleg ca te duce capul sa le rezolvi, dar e doar pierdere de vreme, la urma urmei.
Pe ideea asta po?i argumenta ca orice pasiune e o pierdere de vreme. Toat? via?a e o pierdere de vreme.
-
Asta rezolvi tu cu organizatorii. Cert e ca nu e frumos sa stricam o competitie in desfasurare. O sa fac restore la postul tau dupa ce se termina.
-
Nu mai puneti flagurile aici. E o competitie.
-
-
Am folosit si eu cont de @Live.com (ca altfel nu mai vin update-uri). Am scapat de el dupa.
Nu mi-ai raspuns la intrebare. Merge gestul cu trei degete sus daca esti logat? Adica, face ceva?
-
Foarte interesanta treaba asta, @em . Totusi, la mine nu se reproduce, desi am touchpad cu multitouch. Chiar in seara asta am facut update la noul build si am testat chestia asta.
?ie î?i apare acel ecran dac? e?ti logat? Poate nu ai driverele corespunz?toare la touchpad. Nu am verificat dac? exist? ?i o combina?ie de taste în loc de 3 degete.
-
@alinpetre,
Da, IP-ul t?u a fost dat de cineva din staff. Acel cineva a fost pedepsit. Din moment ce aceast? ac?iune nu se poate inversa nu pot decât s? îmi cer scuze în numele mods/admins. Consider acest subiect închis. Orice alt? continuare a discu?iei va fi considerat? offtopic.
-
Windows 10 RTM (10240) Close/Preview apps without autentification
Windows 10 is a personal computer operating system being developed by Microsoft as part of the Windows NT family of operating systems.
A new update to this OS is the three finger swipe up gesture, that opens the multiple screen mode and shows all the active apps, to allow them to be sorted/opened/closed/minimized. This feature also works without the user being logged in, potentially allowing an attackers to examine the running programs or close them.
By allowing an attacker to maximize random apps could lead to running unwanted code on locked machines. Preliminary tests show that on maximize events do trigger on maximize events (WM_SIZE message with the value SIZE_MAXIMIZED in wParam). This may allow an attacker to activate a previously installed backdoor on a user machine, and run it only on maximize if the screen is locked (thus, allowing him to run arbitrary code without logging in if he has physical access to the machine).
POC of this exploit:
In the first picture we can observe a Wordpad Document opened and a Google Chrome minimized
Lock the screen. Note: I have a password that is required for unlocking
Screen is locked
Execute the 3 fingers swipe up gesture with the touchpad
I can see all the running apps with a GUI that are minimized. Moreover, I can see a preview of them, maximize them, or close them. Note that I can see the text "Sensitive information without logging in"
I clicked chrome. After that I clicked space to open the login screen.
I am logging in with my password
Chrome is maximized. I've managed to preview an app (see sensitive text) and maximize another app without entering my login password.
Source: em @ Romanian Security Team.
- 3
-
Coaie nu pricep. Ai primit report cu "a postat poza cu una dintre persoanele de pe forum". Cine rahat e ?la?
- 1
-
Ontopic: Cum adic? nu merge? Ce nu merge? Unde s-a blocat?
-
-
Topicul ?la e un mare rahat plin de spam, hai ca dau ban la toti offtopistii. Se pare c? omul spune c? nu i-ai livrat produsul la "calitatea" ceruta.
-
Se va discuta, poate.
-
Ofertele de vânzare trebuie s? aib? clar specificat pre?ul. Editeaz? primul post ?i pune-l acolo.
-
Se pare c? Nytro ne reprezint? la DEFCON
The post-exploitation activities in a penetration test can be challenging if the tester has low-privileges on a fully patched, well configured Windows machine. This work presents a technique for helping the tester to find useful information by sniffing network traffic of the applications on the compromised machine, despite his low-privileged rights. Furthermore, the encrypted traffic is also captured before being sent to the encryption layer, thus all traffic (clear-text and encrypted) can be sniffed. The implementation of this technique is a tool called NetRipper which uses API hooking to do the actions mentioned above and which has been especially designed to be used in penetration tests, but the concept can also be used to monitor network traffic of employees or to analyze a malicious application.
Ionut works as a Senior Security Consultant at KPMG in Romania. He is passionate about ASM, reverse engineering, shellcode and exploit development and he has a MCTS Windows Internals certification.
He spoke at various security conferences in Romania like: Defcamp, OWASP local meetings and others and also at the yearly Hacknet KPMG international conference in Helsinki and Berlin.
Ionut is also the main administrator of the biggest Romanian IT security community: rstforums.com and he writes technical articles on a blog initiated by a passionate team: securitycafe.ro.
Sursa: https://www.defcon.org/html/defcon-23/dc-23-speakers.html#Popescu
Felicit?ri b?.
- 1
-
Te gânde?ti s? te mai întorci vreodat? în România?
-
-
Am jucat candva un joculet online , simplu , era pe site-ul unei firme de bere romaneasca.
Primii 100 sau 1000 din clasament primeau cadou un tricou.
Am modificat scorul jocului cu cheat engine si datele au fost salvate pe server.
Deci tricouri moka 4 me and friends.
Eu îmi modificasem la un c?cat de jocule? flash pe facebook (a trebui s? folosesc internet explorer c? în chrome e sandbox). Jocul ?la î?i m?sura inteligen?a, îmi pusesem manual IQ-ul la 999, primul din lume.
Apropo @MrW, f? ?i tu un tutorial pe urm?. Dac? vrei mi-l trimi?i mie înainte ca s? te ajut s? îl formatezi.
-
Not quite,
Uite, eu as putea sa dau inspect elements la pagina si sa ii modific continutul, asta nu inseamna ca am spart site-ul.
Daca tu iti modifici niste variabile locale si ele sunt trimise si acceptate de server (ex: scorul la un joc, numar de puncte) ala poate fi considerat bug. Vinde-l la oameni pe bani
Il poti raporta, probabil vor face niste filtre server-side.
-
P?i tu le-oi modifica local, dar se modific? ?i la server? NU.
A?a ar intra b?ie?ii s? î?i modifice suma pe PokerStars, na. ?la e bug?
-
Aerosol sau Kronzy nu pot sterge posturi. Trashed + warned la posturile impare.
- 1
-
Numele de domenii.ro vor putea fi inregistrate incepand din 2 iunie cu diacritice, anunta ROTLD, compania care ofera servicii de inregistrare de domenii cu extensia.ro.
Sursa: Numele de domenii de internet .ro pot avea diacritice de...
-
Nice TheTime, anyone else?
-
Transcriere apel
Greg: sase sase sase cinci sase
Alex: ce?
Greg: sase noua sase trei sase noua sapte patru sase unu sapte doi sase noua doi ...
Alex: CE?
Greg: doi zero sase unu sas..
Alex: CE?!?!?
Greg: sase cinci sapte opt doi.
Alex: eeee
(Alex inchide apelul).
Solvers:
-TheTime
- QUADMACHINE
- H3xor
Phone transcript - medium
in Challenges (CTF)
Posted
Gogusan si Byte-ul au mai rezolvat. Anyone else?