Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won


u0m3 last won the day on October 16

u0m3 had the most liked content!

Community Reputation

298 Excellent


About u0m3

  • Rank
    Registered user
  • Birthday 12/14/1987

Profile Information

  • Gender
  • Location
  • Interests


  • Location

Recent Profile Visitors

4392 profile views
  1. u0m3

    Modificari forum

    Hmm, interesant... Ce broser folosesti?
  2. u0m3

    Modificari forum

    Fixed. Ca fapt divers, cred ca mergea si daca le marcai defered <script defer src="myscript.js"></script> Sau daca faceai bootstrap separat.
  3. u0m3

    Modificari forum

    La mine e la fel.
  4. u0m3

    Modificari forum

    Nu chiar. Cred ca mai de graba tine de browser internals... Am deschis WebApp-ul in mai multe browsere in ferestre incognito si singurul care face pe nebunul pare sa fie Google Chrome: Google Chrome Version 69.0.3497.100 (Official Build) (64-bit): http://prntscr.com/l6iq4d Mozilla Firefox Quantum 62.0.3 (64-bit): http://prntscr.com/l6it23 Microsoft Edge 42.17134.1.0 / Microsoft EdgeHTML 17.17134: http://prntscr.com/l6iub8 Daca va uitati atent, Google Chrome ramane blocat la un "Establishing secure connection..." desi in "Network" pane nu apare sa fie vre-o conexiune initializata si neterminata... Nu stiu ce asteapta. Ce este "clar" este ca nu ruleaza niciodata app.js, adica aplicatia. Si mai ciudat de atat, daca il opresti din incarcat (ramane in "Establishing secure connection..." mult si bine), si ii ceri sa reincarce pagina (permitand folosirea fisierelor din cache), va functiona corect. L.E.: Daca pui un break-point pe linia 3 in app.js (unde este definita aplicatia) si ii dai "Resume script execution" dupa ce a fost atins, WebApp-ul functioneaza. Concluzia mea este ca problema apare din modul in care incarca angularjs (sau modul in care vede incarcate) anumite fisiere/module. Thoughts @Gecko?
  5. Eu am cont pe eMag si (inca) nu am primit asa ceva... Ca atare votez pcgarage.ro
  6. u0m3

    Python offensive

    Eu inteleg ca sentimente si etc., dar...
  7. Synopsis: CarHacking.Tools is a script I built to help people who are interested in exploring car hacking and research to get a quick start. I decided to invest the time into building this script after spending many hours finding, installing, configuring many of the tools available and very little of it actually "hacking" a car. Link: https://carhacking.tools/
  8. Synopsis: As of early 2018, the Facebook-owned messaging application, WhatsApp, has over 1.5 billion users with over one billion groups and 65 billion messages sent every day. With so much chatter, the potential for online scams, rumours and fake news is huge. It doesn’t help then, if threat actors have an additional weapon in their arsenal to leverage the platform for their malicious intentions. Check Point Research, however, recently unveiled new vulnerabilities in the popular messaging application that could allow threat actors to intercept and manipulate messages sent in both private and group conversations, giving attackers immense power to create and spread misinformation from what appear to be trusted sources. Our team observed three possible methods of attack exploiting this vulnerability – all of which involve social engineering tactics to fool end-users. A threat actor can: Use the ‘quote’ feature in a group conversation to change the identity of the sender, even if that person is not a member of the group. Alter the text of someone else’s reply, essentially putting words in their mouth. Send a private message to another group participant that is disguised as a public message for all, so when the targeted individual responds, it’s visible to everyone in the conversation. Following the process of Responsible Disclosure, Check Point Research informed WhatsApp of their findings. From Check Point Research’s view, we believe these vulnerabilities to be of the utmost importance and require attention. Link: https://research.checkpoint.com/fakesapp-a-vulnerability-in-whatsapp/
  9. Synopsis: In this writeup, I'll describe a new technique to crack WPA PSK (Pre-Shared Key) passwords. In order to make use of this new attack you need the following tools: hcxdumptool v4.2.0 or higher hcxtools v4.2.0 or higher hashcat v4.2.0 or higher This attack was discovered accidentally while looking for new ways to attack the new WPA3 security standard. WPA3 will be much harder to attack because of its modern key establishment protocol called "Simultaneous Authentication of Equals" (SAE). The main difference from existing attacks is that in this attack, capture of a full EAPOL 4-way handshake is not required. The new attack is performed on the RSN IE (Robust Security Network Information Element) of a single EAPOL frame. At this time, we do not know for which vendors or for how many routers this technique will work, but we think it will work against all 802.11i/p/q/r networks with roaming functions enabled (most modern routers). The main advantages of this attack are as follow: No more regular users required - because the attacker directly communicates with the AP (aka "client-less" attack) No more waiting for a complete 4-way handshake between the regular user and the AP No more eventual retransmissions of EAPOL frames (which can lead to uncrackable results) No more eventual invalid passwords sent by the regular user No more lost EAPOL frames when the regular user or the AP is too far away from the attacker No more fixing of nonce and replaycounter values required (resulting in slightly higher speeds) No more special output format (pcap, hccapx, etc.) - final data will appear as regular hex encoded string Source: https://hashcat.net/forum/thread-7717.html
  10. Website: https://buckets.grayhatwarfare.com/ Via:
  11. Synopsis: Process Dump is a Windows reverse-engineering command-line tool to dump malware memory components back to disk for analysis. Often malware files are packed and obfuscated before they are executed in order to avoid AV scanners, however when these files are executed they will often unpack or inject a clean version of the malware code in memory. A common task for malware researchers when analyzing malware is to dump this unpacked code back from memory to disk for scanning with AV products or for analysis with static analysis tools such as IDA. Source: http://split-code.com/processdump.html (side-note: unul dintre cele mai interesante website-uri din punc de vedere al design-ului) GitHub Repository: https://github.com/glmcdona/Process-Dump Via:
  12. Synopsis: The recent DDoS drama with Dyn has had me reading up on Domain Name Systems (DNS). Time and time again, bad guys have proved that one of the best ways to execute a successful Distributed Denial of Service (DDoS) is to hit DNS servers. As a pentester, name servers do come up a lot during assessments, especially during the reconnaissance phases. We still come across a few public name servers allowing zone transfers every now and then, which is always a treat, but I hardly ever look at DNS servers as an actual target. I still haven’t come across a client that’s actually willing to pay anyone to bring their services down. The DDoS against Dyn was particularly troublesome because Dyn is a major DNS provider and the attacks caused serious outages to a number of popular sites; Twitter, Paypal, Reddit, Github, Spotify and more. Which got me thinking; if I was a bad guy doing my recon, looking for the best name servers to hit, how would I go about it? Which name servers would I pick? Querying a domain for the name server(s) it uses is pretty straight forward, but if the name server was my target and a denial of service was my goal, I’d want to find out the opposite; how many domain names are using the target name server? Source: https://thevivi.net/2016/11/17/dnsnitch-reverse-ns-lookups-zone-transfers/ GitHub Repository: https://github.com/V1V1/DNSnitch Bonus: axfr.py - https://github.com/V1V1/axfr.py (script that takes a list of domains as input and attempts zone transfers on all of them against a specified name server)
  13. Synopsis: RedHunt aims to be a one stop shop for all your threat emulation and threat huning needs by integrating attacker's arsenal as well as defender's toolkit to actively identify the threats in your environment. GitHub Repository: https://github.com/redhuntlabs/RedHunt-OS
  14. Synopsis: As an emerging concept, the industry has yet to settle on a definitive definition of adversarial simulation, but it involves simulating [components of] targeted attacks in order to test both an organization’s instrumentation stacks and their ability to respond to the attack via their incident response process. This differs from Red Teaming in that adversarial simulation is typically a cooperative activity between the simulation runners and the simulation recipients with an end goal of validating defensive telemetry and testing incident response plans and playbooks. Raphael Mudge wrote a great blog post on the subject, which I recommend. Source: https://medium.com/uber-security-privacy/uber-security-metta-open-source-a8a49613b4a GitHub Repository: https://github.com/uber-common/metta