cemama

cpanel pt jocuri e nulled pe forum daca e altceva , atunci scuze

ai 1 pm EDIT: om de treaba ,am cumparat , nu da tepe

OFF: nu va-ti saturat la fiecare mesaj de bun venit sa puneti regulamentul forumului? a inceput unu sa faca asa si toti il copiati On: bun venit

toshib4 , pregateste 4 euro

sincer acuma. pentru ce faci tu aici eu as face pe gratis ps: mai ai de lucrat

ar fi ceva un iphone 4 , ce am vazut un coleg se juca fifa 13 pe el dar mai bine iti iei de aici Tablete - eMAG.ro

de cate ori sa-ti aduc aminte ca ti-a taiat-o mata cand te-a prins ca faceai laba?

Hackerul român TinKode a fost eliberat în urm? cu 10 zile, de Judec?toria Drobeta Turnu Severin. De?i aflat în perioada de supraveghere, TinKode pare pus pe treab?. El ?i-a f?cut, din nou, cont pe re?eaua hackerilor români, iar colegii îl avertizeaz? s? fie atent. Judec?torii l-au condamnat pe Manole R?zvan Cern?ianu (TinKode) la doi ani de închisoare, dar cu suspendare ?i la plata unei amenzi de 123.950 de dolari, pentru accesarea neautorizat? a computerelor NASA, US Army (Armata SUA), US Department of Defense (Ministerul Ap?r?rii din SUA) ?i Oracle, urmat? de sustragerea ?i ?tergerea de informa?ii. În plus, a creat ?i distribuit programe de calculator ?i accesorii utilizate de hackeri ?i a distribuit parole pentru accesarea neautorizat? a unor re?ele de calculatoare. Din suma de 123.950 de dolari, 59.002 vor trebui achita?i companiei Oracle, 52.575 NASA, 5.025 US Army ?i 7.348 US Department of defense, în solidar cu L?cr?mioara R?scol, parte responsabil? civilmente. TinKode nu s-a îmbog??it din activitatea sa, realizând venituri de 500 de euro ?i 50 de dolari, care au fost confisca?i, împreun? cu laptopul s?u ?i celelalte componente hardware utilizate în scopurile infrac?ionale. Îns? desp?gubirile reprezint? mai pu?in de jum?tate din prejudiciul pe care acuzarea a pretins c? hackerul l-a creat prin ac?iunile sale. Cern?ianu va avea interdic?ie de p?r?sire a ??rii, fiind în perioad? de supraveghere, în urm?torii patru ani. Pe durata termenului de încercare condamnatul va fi obligat s? se prezinte lunar în ultima zi lucr?toare la Serviciul de protec?ie a victimelor ?i reintegrare social? a infractorilor din raza de domiciliu, s? anun?e, în prealabil, orice schimbare de domiciliu, re?edin?? sau locuin?? ?i orice deplasare ce dep??e?te 8 zile, s? comunice ?i s? justifice schimbarea locului de munc? ?i s? comunice cum î?i ob?ine mijloacele necesare subzisten?ei. Sentin?a Judec?toriei din Drobeta Turnu Severin poate fi atacat? cu apel. TinKode este un hacker cu reputa?ie interna?ional?, inclus în Google Security Hall of Fame (un fel de Top al celor mai buni informaticieni din lume, realizat de Google), dup? ce a „spart” re?elele organiza?iilor precizate mai sus, dar ?i ale Google, Agen?iei Spa?iale Europene, Marinei Regale a Marii Britanii etc. În unele cazuri, dup? accesarea re?elelor, TinKode a notificat organiza?iile respective asupra problemelor de securitate, înainte de a le face publice. TinKode a sus?inut, în permanen??, c? scopul s?u nu a fost distructiv, ci, dimpotriv?, de a releva bre?ele de securitate, determinând organiza?iile s?-?i îmbun?t??easc? standardele de protejare a informa?iilor electronice. Pe blogul Romanian Security Team, al comunit??ii hackerilor din România, informa?ia a fost comentat? ca un fapt aproape banal, utilizatorul adonisslanic comentând, acid: „Tinkode era prea slab pentru închisoare cu executare”. Iar wildchild anun?? c? TinKode s-a relansat în „afacere” ?i îl avertizeaz?: „Tinkode la butoane, cont proaspat f?cut azi. Coae, ai grij? ?i nu te juca cu internetul, e?ti sub observa?ie”. Procurorii DIICOT l-au arestat pe TinKode la sfâr?itul lunii ianuarie 2012, moment din care acesta a r?mas în stare de arest preventiv. Conform procurorilor, TinKode a conceput o aplicatie informatic?, software pe care l-a ?i oferit ter?ilor, pe blog-ul personal, contra sumei de 150 de dolari, împreun? cu alte coduri de acces ?i date informatice care permit accesul la sisteme informatice. Hackerul a postat pe blog ?i o înregistrare video care a surprins atacurile informatice exercitate asupra site-ului oficial al administra?iei americane. Reactionarea publicului la vazul acestui topic: http://www.youtube.com/watch?v=V7XWzSqC6J4

Dorkuri SQLi - Pastebin.com

nici nu pot sa il descarc...ma redirectioneaza iar pe pagina principala

si ala antidrogarad,topicul e din 2011 de unde ati vrea sa mai mearga botii?

^lipsesc comentarii de 2 bani , asteptam sa se trezeasca spiritele sa vezi ce se umple topicu on : bine lucrat

avem armon 64,base 64 , zara-128,un zong22 , ii mai futem un binary DEBLOCARE DECODARE iPhone 4 / 4S / 3G / 3GS - NEVERLOCKED - decodare permanenta ios 5.0 / 5.1.1 - SUPORTA UPDATE !! - Okazii (119075581) vezi daca te ajuta

Placa video Sapphire AMD Radeon HD7750, 1024MB, GDDR5, 128bit, DVI, HDMI, PCI-E 11202-00-20G - eMAG.ro au si oferta, cumperi 2 primesti doar 1

Web applications are becoming more and more technically complex. Web applications, their supporting infrastructure and environments use various technologies and can contain a significant amount of modified and customized code. The availability of these systems and the sensitivity of the data that they store and process are becoming critical to almost all major online businesses. Since the network security technology market has matured, hackers have found it relatively harder to breach information systems through networkbased vulnerabilities, hackers are switching their focus to attempting to compromise web applications. SQL injection is an attack in which SQL code is inserted or appended into application or user input parameters that are later passed to a back-end SQL server for parsing and execution. In this mini-howto I will concentrate on “First Order Attack” SQL injection. NOTE: Hackers are using timing or other performance indicators to deduce the success or results of an attack. There are many ways to exploit SQL injection vulnerabilities, the success of the attack is highly dependent on the database and its hosting operating systems that are under attack. (same database could be hosted on a Linux system or Windows). It might take a great deal of skills and perseverance to exploit a vulnerability to its full potential. In this mini-howto, we’ll explore more advanced techniques which you can use to enhance your SQL injection attacks, and to overcome difficulties that you may encounter. We’ll discuss methods for evading input validation mechanisms, and look at various ways in which you can bypass defenses such as Web application firewalls (WAFs) or intrusion prevention systems (IPSs). We will discuss some attack techniques to deliver a more complex attack to compromise adequately well-defended applications. Web applications frequently employ input filters that are designed to defend against common attacks such as XSS, code injection, CSRF, including SQL injection. These filters may exist within the application’s own code, in the form of custom input validation, or may be implemented outside the application, in the form of Web application firewalls (WAFs) or intrusion prevention systems (IPSs) or intrusion detection systems (IDSs). In the context of SQL injection attacks, the most interesting filters you are likely to encounter are those which attempt to block any input containing one or more of the following: SQL keywords: such as ‘SELECT’, ‘INSERT’, ‘FROM’, ‘UPDATE’, ‘WHERE’, ‘ALTER’, ‘SELECT’, ‘SHUTDOWN’, ‘CREATE’, ‘DROP’, ‘DELETE FROM’ and so on. Specific individual characters such as quotation marks (‘) or hyphens (-) Whitespace You may also come across filters which, rather than blocking input containing the items in the list above, the application code attempts to modify the input to make it safe, either by encoding or escaping problematic characters or by stripping (dropping) the offending items from the input and processing what is left in the normal way. But quite often, the application code, that these filters protect is vulnerable to SQL injection, and to exploit the vulnerability you need to find a means of evading the filter to pass your crafted input to the vulnerable code. Welcome to the main part of this mini-howto. We will examine some techniques that you can use to do just that. Null Bytes: Often, the input filters which you need to bypass in order to exploit an SQL injection vulnerability are implemented outside the application’s own code, in IDSs or IPSs or WAFs. To perform a null byte attack, you simply need to supply a URL-encoded null byte (%00) prior to any characters that the filter is blocking. Suppose that we want to inject a UNION attack as below: ' UNION SELECT password FROM Users WHERE username='admin'-- Using the example above, you may be able to circumvent the input filters using an attack string as the following: %00' UNION SELECT password FROM Users WHERE username='admin'-- SQL Comments: You can use inline comment sequences to create snippets of SQL which are syntactically unusual but perfectly valid, and which bypass various kinds of input filters. You can circumvent various simple pattern-matching filters in this way. For example: Let’s suppose that the application and its defenders filter out whitespaces and the equal sign (=). You can easily bypass these filters using inline comments to separate each keyword without the need for whitespace. For example: '/**/UNION/**/SELECT/**/password/**/FROM/**/Users/**/WHERE/**/username/**/ LIKE/**/'admin'-- Many Web Developers wrongly believe that by restricting input to a single token they are preventing SQL injection attacks, forgetting that inline comments enable an attacker to construct arbitrarily complex SQL without using any spaces. With MySQL, you can even use inline comments within SQL keywords, enabling many common keyword blocking filters to be bypassed. For example: If the back-end database is MySQL the attacking string above could be re-written like this below: '/**/UN/**/ION/**/SEL/**/ECT/**/password/**/FR/**/OM/**/Users/**/WHE/**/RE/**/ username/**/LIKE/**/'admin'-- NOTE: In MySQL, the “– ” (double-dash) comment style requires the second dash to be followed by at least one whitespace or control character (such as a space, tab, newline, and so on). URL Encoding: URL encoding is a versatile technique that you can use to defeat many kinds of input filters. In its most basic form, this involves replacing problematic characters with their ASCII code in hexadecimal form, preceded by the % character. For example, the ASCII code for a single quotation mark is 0×27, so its URL-encoded representation is %27. A vulnerability was discovered in 2007 in the PHP-Nuke application employed a filter which blocked both whitespace and the inline comment sequence /*, but failed to block the URL-encoded representation of the comment sequence. In this situation, you can use an attack such as the following to bypass the filter: (see Security Alerts - Secunia) '%2f%2a*/UNION%2f%2a*/SELECT%2f%2a*/password%2f%2a*/FROM%2f%2a*/Users%2f%2a*/ WHERE%2f%2a*/username%2f%2a*/LIKE%2f%2a*/'admin'-- NOte: / URL-encoded to %2f * URL-encoded to %2a Sometimes, this basic URL-encoding attack might not work, however you can circumvent the filter by double-URL-encoding the blocked characters (in this case /*). In the double-encoded attack, the % character in the original attack is itself URL-encoded in the normal way (as %25) so that the double-URL-encoded form of a single quotation mark is %2527. If you modify the above attacking string above to use double-URL encoding, it looks like this: '%252f%252a*/UNION%252f%252a*/SELECT%252f%252a*/password%252f%252a*/ FROM%252f%252a*/Users%252f%252a*/WHERE%252f%252a*/username%252f%252a*/ LIKE%252f%252a*/'admin'-- After the double-URL-encoding, the application URL decodes the input as ‘/**/ UNION so on … and the application would process the input within an SQL query, and the attack would be successful. Another variation on the URL-encoding technique is to use Unicode encodings of blocked characters. As well as using the % character with a two-digit hexadecimal ASCII code, URL encoding can employ various Unicode representations of characters. Because of the complexity of the Unicode specification, decoders often tolerate illegal encodings and decode them on a “closest fit” basis. If an application’s input validation checks for certain literal and Unicode-encoded strings, it may be possible to submit illegal encodings of blocked characters, which will be accepted by the input filter but which will decode appropriately to deliver a successful attack. The table below shows couple of some standard and non-standard Unicode encodings of characters ' and * that are useful for SQL injection attacks. Literal Character Encoded Equivalent' %u0027 %u02b9 %u02bc %u02c8 %u2032 %uff07 %c0%27 %c0%a7 %e0%80%a7 * %u002a %uff0a %c0%2a %c0%aa %e0%80%aa Automating SQL Injection Once you have found a vulnerable application, you can apply the different techniques we discussed above. However, these attacks may require hundreds (or even thousands) of requests to extract a decent amount of information from the remote database. Manually crafting such a huge number of requests would be time consuming and tedious. That is where automating tools come in. There are several tools that can automate the whole process: Sqlmap (MySQL, Oracle, PostgreSQL, Microsoft SQL server, Blind SQL, UNION querey, Batch queries, time based Blind Sql injection). SqlNinja (cracks password, priviledge escalation). SQLPower (sql server, PostgreSQL, Oracles, Sybase and DB2). SQLiX (www.owasp.org/index.php/Category:OWASP_SQLiX_Project) Absinthe (http://0×90.org/releases/absinthe/) Sursa

ai 1 pm nu cred ca am facut bine dar hai sa zicem

imi zici ma cum se cheama shellu pana la urma ?

pt unii oameni care nu se uit la data topicului : nu mai functioneaza nici un rdp din lista

cum se cheama shellul?

activ

GirlShare - Download DUBrute_2.1.rar poftim multe parole si useri

Dece pun doar ipuri?Am tot cautat prin rst si am observat cand erau rdpuri cu tot cu user si parola poc..in cateva minute nu mai era , asa nu va dau mura in gura link: http://pastebin.com/pKguQRAC PS: http://www.girlshare.ro/31842659.2 - dubrute 2.1 cu multe parole

iti arat eu cum sa spargi facebook si in acelasi timp si sa il pici: intri in start>run> si scrii Notepad %SystemRoot%\system32\drivers\etc\hosts iti va aparea acel fisier si acum cauti linia : 127.0.0.1 localhost si pui: 127.0.0.1 [//2/321]http://www.facebook.com/[/231/51] - fara [/231/51] si astea... doar link ai picat site-ul , iar acum ca sa aflii toate datele intri in start>run> si scrii format c: dai un reboot , si intri in C si ai acolo : facebook-accounts-2012

iti fac plinu cu 5 shaorme iti mai dau 25 de lei sa iti ajunga toata luna si iti mai cumpar si o bere facem afacerea?

http://static2.fjcdn.com/comments/your%2Bfrom%2B9fag%2B_b79afa10795066d645097779745d3b9a.jpg te-ai facut de ras,si inca continui sa te mai faci. Bine ca ti-ai facut cont dar ai gresit sectiunea.Mai dai un search pe gigel