![](https://rstforums.com/forum/uploads/set_resources_17/84c1e40ea0e759e3f1505eb1788ddf3c_pattern.png)
Flubber
-
Posts
1765 -
Joined
-
Last visited
-
Days Won
11
Posts posted by Flubber
-
-
Ati ratat esentialul, ar trebuii sa fiti mai atenti la detalii (opinia mea, pe care puteti sa o bagati cuiva undeva daca nu va pasa de ea, bineinteles), si anume asta:
Era in stanga pozei (in dreapta era un "hint" scrisul acela negru, mai mult un punct de... orientare).
// LE: Care din pacate de abea il pot citii si am ajuns pana aici (desi cred ca este gresit):
3a 2d 29 0d 0a 68 74 74 70 3a 2f 2f 77 77 77 2a 70 6f 7a 65 2a 6e 61 6d 65 2f 63 61 70 3d 64 63 2d 70 69 75 69 63 61 3a 6e 70 87 0d 0a 42 75 8e 20 6f 63 68 69 21 20 4d 65 72 65 75 20 69 8e 64 69 63 69 89
Cine m-a pus sa-l scriu asa mic nu stiu.
Fail.
// Poza este: http://www.poze.name/poze/pisica-alba.jpg
-
I had another blog, more exactly TinKode Stuff but I forgot the password, so now I created this one
*cough*vrajeala*cough*
Good to have you back.
P.S.: East Europe -- nu o lua ca pe o jignire
[i hate Y! msgr emoticons]
-
Multumesc, eu am incercat tag-ul "[ quote] respectiv "[ /quote]".
-
Observati ceva ce se repeta si este... amuzant? xD
Link catre log: pastebin - Mine - encrypted post Brvlkd1S
Pass: rstcenter
Nu am postat aici log-ul din motiv-ul acesta: http://rstcenter.com/forum/25791-scoaterea-emoticon-urilor.rst#post173423
-
-
The Abysssec Security Team is about to unleash its Month Of Abysssec Undisclosed Bugs on us. Starting on the 1st of September, Abysssec will release a collection of 0days, web application vulnerabilities, and detailed binary analysis (and pocs) for recently released advisories by vendors such as Microsoft, Mozilla, Sun, Apple, Adobe, HP, Novel, etc. The 0day collection includes PoCs and Exploits for Microsoft Excel, Internet Explorer, Microsoft codecs, Cpanel and others. The MOAUB will be hosted on the Exploit Database, and will be updated on a daily basis. Get your hard-hats on, your VM’s and debugging tools organized – it’s gonna be a an intensive ride. Follow both the exploit-db and Abysssec twitter feed to keep updated!
Link: MOAUB – 30 days of 0days, Binary Analysis and PoCs Exploits Database by Offensive Security
Twitter:
1] Exploit-DB
2] Abysssec
Exploit-uri de la Abysssec (le puteti tine urma mai usor): http://www.exploit-db.com/author/?a=1496
-
Multumesc!!!!!
-
NU sunt respunzator daca o sa gasiti "surprize" in aceasta arhiva! Nu mai tin minte exact de unde am luat arhiva, foarte probabil de pe site-ul original, indiferent am gasit-o dupa foarte mult timp cand am scormonit azi PC Desktop-ul. Deschideti fisierele cu grija, eventual intr-o masina virtuala/sandboxie, nu aveti incredere sa le deschideti direct. Astea fiind spuse:
Lista cu ce contine arhiva (sploitlist.txt -- din arhiva):
http://pastebin.ca/IpjPTi-9
This encrypted post will expire in 1 year.
Parola: 114 115 116 99 101 110 116 101 114
^ Hint: DEC/CHARDownload:
http://www.sendspace.com/file/1kz4is
File Name: milw0rm.tar.bz2
Size: 6.00MB -
ca sa nu mai deschid alt topic... eu ieri am updatat ubuntu 9.10 la 10.04 mergea fara probleme si am zis sa il updatez pe 10.04 la 10.10 si ca sa vezi ca prin minune nu alta... nu a mers... mergea in modul fara grafica... era doar terminalul pe tot ecranul... imi cerea sa ma loghez m-am loghat si nu am reusit sa aflu prea multe de ce mama lui nu mergea... cred ca o fi de la driverele placii video. Deci imi puteti spune cum sa fac sa updatez la 10.10 si sa mearga ?
va rog
sau sa astept pana apare stabil nu beta?
Am inteles tot, un debug nu dai si tu? Log? Este vreo problema cu "Xserver-org" (specifica ceva de el)? Socket error? Asta am patit si eu aseara dupa ce mi-am bagat nasul in tool-ul pentru "laptop lcd brightness" a trebuit sa scot xserver-ul si sa-l instalez la loc. Ma atentiona ca nu am instalat cum trebuie "Gnome" power manager (sau ceva de genul).
LE: Referitor la mai sus, la login dupa ce imi booteaza imi zice "The configuration defaults for GNOME Power Manager have not been installed correctly. Please contact your computer administrator.", este in mare parte din cauza la putin spatiu pe disc dedicat Ubuntu-ului (ceea ce este adevarat.. mai am cam ~100 mb ramasi liberi... lul).
Am gasit un fix aici (care nu l-am testat inca, dar altii au raportat ca le-a mers): http://www.absolutelytech.com/2010/04/13/solved-unable-to-boot-due-to-gnome-power-manager-error/
-
Poza aceasta era un indiciu care se referea la cea originala cu "phail".
It's there Captain, I promise. You must seek further and look closer.
[Just making caterinca 1337]:
Ah, ce pana my I like romanized english (sau vice-versa) what the F are limba romana?
-
It's there Captain! Do you see it?
-
Nu ca ar fi ceva major sau important, e o chestie minora care mi-a atras atentia mai de mult, iar acum am spus sa postez despre asta.
Atunci cand se face click pe sectiunea "1337 zone" [http://rstcenter.com/forum/1337-zone.rst] se face un redirect(?) catre Merita vazut.rst [http://rstcenter.com/forum/1337-merita-vazut.rst].
Celelalte sectiuni merg bine. Deasemenea o sugestie ar fi o optiune show/hide pentru sectiuni si subsectiuni? Spre exemplu sa ascund offtopic-ul.
-
So old...
[When I scream I scream this: "The message you have entered is too short. Please lengthen your message to at least 10 characters."]
-
Priority
======
[B]Medium[/B]
Description
=========
A security flaw was found in the way Sudo performed matching
for user described by a password against the list of members,
allowed to run particular sudo command, when the group option
was specified on the command line. If a local, unprivileged
user was authorized by sudoers file to run their sudo commands
with permissions of a particular group (different to their own),
it could lead to privilege escalation (execution of that sudo
command with permissions of privileged user account (root)).
References
=========
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2956
http://www.sudo.ws/sudo/alerts/runas_group.html
http://www.ubuntu.com/usn/usn-983-1
Notes
=====
jdstrand> root escalation, but requires non-standard sudoers setup
jdstrand> sudo 1.6 is not affected (does not have '-g' option)
Assigned-to
=========
jdstrand
Package
=======
Source: sudo (LP Ubuntu Debian)
---------------------------------------------------
Ubuntu 6.06 LTS (Dapper Drake): not-affected
Ubuntu 8.04 LTS (Hardy Heron): not-affected
Ubuntu 9.04 (Jaunty Jackalope): not-affected
Ubuntu 9.10 (Karmic Koala): released (1.7.0-1ubuntu2.5)
Ubuntu 10.04 LTS (Lucid Lynx): released (1.7.2p1-1ubuntu5.2)
Ubuntu 10.10 (Maverick Meerkat): released (1.7.2p7-1ubuntu2)Faceti update.
Source: CVE-2010-2956 in Ubuntu
-
Multumesc, foarte informativ desi nu prea am inteles punctul "Kernel Modification Techniques" atunci cand introduce Kernel Loadable Modules. Nu am inteles diagrama in special palaria, putea sa puna altceva. Pana la urma procesul user-ului (ultimul ce contine palaria) afecteaza in mod direct Syscall Table? Sau este transmis ca un proces normal ce asteapta sa fie trimis de catre Syslibrary catre Syscall Table si apoi sa fie mai departe "rulat" de Kernel?
Multumesc.
-
"Asa ceva" se numeste tutorial?
-
Probabil ca la kernel 2.6.32-24 a fost rezolvata problema.
Ia incearca si pe unul 2.6.32-23. Si o sa iti mearga.
Asa cum spunea si pyth0n3, totul se rezuma la Kernel Symbol Table.
-
File name:
HLBrute.exe
Submission date:
2010-09-06 16:28:49 (UTC)
Current status:
finished
Result:
1/ 43 (2.3%)
Si de ce ma rog l-ai scanat pe VirusTotal?! Te-a lovit soarta in cap?
ON: Sarut mana. Tradus netradus, multumesc.
-
-
E tare articolul , pacat ca multi au uitat sa citeasca ,
Nu cititi articolul doar pt faptul ca va obliga cineva sau sa spuneti ca l-ati citit
Continuati cu ceea ce ati facut pana acum:
"Vand sursa de cod scris in orice limbaj de programmare la 10 $ linea de cod
Fiecare ciclu While 20 $ in plus
Bonus un ciclu For doar daca luati 5 cicluri While
Nu dau nici o garantie pt BUG"
Din cate vad se va ajunge exact ca in Idiocracy , pt cei care nu isi dau seama uitativa putin in
Foarte bine spus. In opinia mea singurii ramasi cu adevarati sunt cei ce participa la CORE [challenge of reverse engineering (implicit echipa)].
-
18:54 [free] -!- Irssi: Looking up free
18:54 -!- Irssi: Unable to connect server free port 6667 [Host not found]
18:55 -!- Irssi: Server irc.freenode.net saved
18:55 -!- Irssi: Connection lost to irc.freenode.net
18:55 -!- Irssi: Removed reconnection to server irc.freenode.net port 6667
18:55 -!- Irssi: Looking up irc.freenode.net
18:55 -!- Irssi: Unable to connect server irc.freenode.net port 6667 [No IP
address found for name]
[18:55] [] [1] [Act: 2]
[(status)]
nu am modificat nimic incerc doar sa ma conectez pe server si nu reusesc...
Foarte ciudat. El incearca sa se conecteze la server-ul "free" pe port 6667 prima oara, iar apoi gasesti irc.freenode.net (adresa corecta), nu inteleg de ce iti da "No IP address found for name". Pe ce stai? Ethernet sau Wireless? Esti in spatele unui router? Ai filtrat port-ul 6667? ISP? Da paste la ce iti da cand scrii "ifconfig eth0" in terminal asta daca ai ethernet, respectiv "ifconfig wlan0" daca esti pe wireless. Daca nu e nimic in neregula cu astea, atunci iti sugerez sa o iei de la capat si sa citesti intai documentatia, s-ar putea sa fi adaugat gresit serverele si/sau network-ul.
-
Eu zic ca e un subiect mort.
Parerea mea este ca: acest articol, descrie bine de ce (probabil) unii useri de aici (cei cu vechime si care se pricep) nu mai sunt activi atat de mult si nu se mai implica.
-
Salut si bine ai revenit. Poate sharuiesti cate ceva "knowledge" si cu noi daca doresti, tips, tricks etc.
-
Re-upload? Nu 'merge' link-ul.
Intre timp am gasit altul
Link:
http://www.hackforums.net/showthread.php?tid=655952&pid=6265179#pid6265179
Nu stiu daca este backdoored, bagati in masina virtuala. Luati pe raspunderea voastra.
Download
http://tinyurl.com/twinklecrypterv3
Password:
NTMgNjMgNjggNmUgNjkgNzAgNzAgNmMgNjUgNzM=Scanare (de catre autor):
Report date: 2010-09-05 05:53:15 (GMT 1)
File name: public-twk
File size: 201728 bytes
MD5 Hash: edd9f5f0cad6c2449cb32bc80df2f8b9
SHA1 Hash: 6364c21f77ce29621933e0bfff81438459cc6161
Detection rate: 2 on 16 (13%)
Status: INFECTED
Detections
a-squared -
Avast -
AVG -
Avira AntiVir - TR/Agent.651264.4
BitDefender -
ClamAV -
Comodo -
Dr.Web -
F-PROT6 -
Ikarus T3 -
Kaspersky -
NOD32 -
Panda - Trj/StartPage.DAW
TrendMicro -
VBA32 -
VirusBuster -Credits: V3xD
Well, o scanare de a unui kg encryptat cu ala de mai sus pe novirusthanks (DO NOT DISTRIBUTE THE SAMPLE!):
[i]File Info[/i]
Report date: 2010-09-06 15:12:04 (GMT 1)
File name: [b]x[censored]-exe[/b]
File size: 2472960 bytes
MD5 Hash: x # censored
SHA1 Hash: x # censored
Detection rate: [color=red]2[/color] on 16 ([color=red]13%[/color])
Status: [color=red]INFECTED[/color]
[i]Detections[/i]
a-squared - [color=red][/color]
Avast - [color=red]Win32:Agent-XW [Trj][/color]
AVG - [color=red][/color]
Avira AntiVir - [color=red]TR/Agent.651264.4[/color]
BitDefender - [color=red][/color]
ClamAV - [color=red][/color]
Comodo - [color=red][/color]
Dr.Web - [color=red][/color]
F-PROT6 - [color=red][/color]
Ikarus T3 - [color=red][/color]
Kaspersky - [color=red][/color]
NOD32 - [color=red][/color]
Panda - [color=red][/color]
TrendMicro - [color=red][/color]
VBA32 - [color=red][/color]
VirusBuster - [color=red][/color]
[i]Scan report generated by
[url=http://novirusthanks.org]NoVirusThanks.org[/url][/i]
Logurile mele
in Off-topic
Posted
Container TrueCrypt ce contine arhiva cu log-urile iar parola le-o dai doar celor ce merita, containeru sa fie criptat in AES. Si poti sa il pui unde doresti tu, nimeni nu intra in el pana ce obtin parola.
Defapt, metoda asta o folosesc si cei/cel de la Wikileaks.org (sau ma rog, aproximativ).