u0m3

HTTP/1.1 200 OK Date: Fri, 22 Dec 2017 22:44:31 GMT Server: Apache Strict-Transport-Security: max-age=63072000; includeSubDomains; preload X-Frame-Options: SameOrigin X-Content-Type-Options: nosniff X-XSS-Protection: 1; mode=block Referrer-Policy: origin-when-cross-origin Upgrade: h2 Connection: close Expires: Thu, 19 Nov 1981 08:52:00 GMT Cache-Control: no-store, no-cache, must-revalidate Pragma: no-cache X-XSS-Protection: 0 Content-Type: text/html;charset=UTF-8 Transfer-Encoding: chunked X-XSS-Protection apare de 2 ori: linia 7 si 14

Presupun ca e vorba de Windows ca OS. In acest caz poti incerca Null-modem emulator sau unofficial windows build of socat

Promotii online de black Friday / Thanksgiving Day: https://pastebin.com/EvJJqBJD (via: https://twitter.com/bbaskin/status/934074433664442369) Daca va uitat prin thread-ul de pe twiiter mai sunt cateva...

@FoxBlood: Uita-te la cum a fost rezolvat ultimul Sau asteapta writeup-ul de la acesta.

L.E.: oarecum tangential...

Oona Räisänen never disappoints...

Abstract: Today’s standard embedded device technology is not robust against Fault Injection (FI) attacks such as Voltage Fault Injection (V-FI). FI attacks can be used to alter the intended behavior of software and hardware of embedded devices. Most FI research focuses on breaking the implementation of cryptographic algorithms. However, this paper’s contribution is in showing that FI attacks are effective at altering the intended behavior of large and complex code bases like the Linux Operating System (OS) when executed by a fast and feature rich System-on-Chip (SoC). More specifically, we show three attacks where full control of the Linux OS is achieved from an unprivileged context using V-FI. These attacks target standard Linux OS functionality and operate in absence of any logical vulnerability.We assume an attacker that already achieved unprivileged code execution. The practicality of the attacks is demonstrated using a commercially available V-FI test bench and a commercially available ARM Cortex-A9 SoC development board. Finally, we discuss mitigations to lower probability and minimize impact of a successful FI attack on complex systems like the Linux OS. Link: https://www.riscure.com/publication/escalating-privileges-linux-using-fault-injection/

Si nu numai Word... Iar pentru cine e interesat de aceasta "functionalitate", aici este un articol care discuta DDEAUTO: https://www.endgame.com/blog/technical-blog/bug-feature-debate-back-yet-again-ddeauto-root-cause-analysis Update Metode de mitigare https://www.peerlyst.com/posts/no-macros-no-problem-how-microsoft-office-dde-attacks-work-and-how-to-block-them-barkly https://gist.github.com/wdormann/732bb88d9b5dd5a66c9f1e1498f31a1b Si inca un vector:

Synopsis: Cameradar hacks its way into RTSP CCTV cameras. An RTSP stream access tool that comes with its library. Link: https://github.com/EtixLabs/cameradar

Synopsis: Noriben is a Python-based script that works in conjunction with SysInternals Procmon to automatically collect, analyze, and report on run-time indicators of malware. In a nutshell, it allows you to run your malware, hit a keypress, and get a simple text report of the sample's activities. Link: https://github.com/Rurik/noriben

Synopsis: In past blog posts, we shared our approach to hunting for traditional in-memory attacks along with in-depth analysis of many injection techniques. As a follow up to my DerbyCon presentation, this post will investigate an emerging trend of adversaries using .NET-based in-memory techniques to evade detection. I’ll discuss both eventing (real-time) and on-demand based detection strategies of these .NET techniques. At Endgame, we understand that these differing approaches to detection and prevention are complimentary, and together result in the most robust defense against in-memory attacks. Link: https://www.endgame.com/blog/technical-blog/hunting-memory-net-attacks

Synopsis: Small and highly portable detection tests mapped to the Mitre ATT&CK Framework. Link: https://github.com/redcanaryco/atomic-red-team (via https://twitter.com/redcanaryco/status/918236402814394368)

Synopsis: UEFITool is a cross-platform C++/Qt program for parsing, extracting and modifying UEFI firmware images. It supports parsing of full BIOS images starting with the flash descriptor or any binary files containing UEFI volumes. Original development was started here at MDL forums as a cross-platform analog to PhoenixTool's structure mode with some additional features, but the program's engine was proven to be usefull for another projects like UEFIPatch, UBU and OZMTool. Link: https://github.com/LongSoft/UEFITool

Synopsis: PCILeech uses PCIe hardware devices to read and write from the target system memory. This is achieved by using DMA over PCIe. No drivers are needed on the target system. Link: https://github.com/ufrisk/pcileech/

Synopsis: A Threat hunter's playbook to aid the development of techniques and hypothesis for hunting campaigns by leveraging Sysmon and Windows Events logs. This project will provide specific chains of events exclusively at the host level so that you can take them and develop logic to deploy queries or alerts in your preferred tool or format such as Splunk, ELK, Sigma, GrayLog etc. This repo will follow the structure of the MITRE ATT&CK framework which categorizes post-compromise adversary behavior in tactical groups. In addition, it will provide information about hunting tools/platforms developed by the infosec community for testing and enterprise-wide hunting. Link: https://github.com/Cyb3rWard0g/ThreatHunter-Playbook

Synopsis: From the attacker’s perspective, the more logical way to do things nowadays is to simply move to the next level down into the software stack — after boot code, that is the way to the BIOS. Intel Boot Guard is an excellent example of a complex technology where exist a lot of places where making a small mistake allows an attacker to bypass full technology. Link: https://medium.com/@matrosov/bypass-intel-boot-guard-cc05edfca3a9

Your Computer’s Hard Drive Can Be Used to Listen to What You’re Saying Link: https://blog.hackster.io/your-computers-hard-drive-can-be-used-to-listen-to-what-you-re-saying-808b83f19f80

Disassembler and Runtime Analysis (or how IDA Pro has some difficulties when displaying correctly the assembly of the patched run-time whilst using a Graph view) Link: http://blog.talosintelligence.com/2017/10/disassembler-and-runtime-analysis.html

At a first glance at your code, you have some logic issues: the code you removed because it does not behave like you expected attempt to create a new instance of Form1 which is essentially itself (including all the socket stuff) the above mentioned code is supposed to be run on an <ENTER> key press, and display the received message in a new window, but that's not how events work: you need to define an event for when you receive the message and then check if you have a window for that client/person/nick/etc and if you don't, pop up a new one you use Yahoo Messenger as an example, but Yahoo Messenger was using a client (the aforementioned Yahoo Messenger) and a server (the Yahoo servers); your applications seems to be IP to IP UDP so you have to adjust accordingly Also in my opinion, it's a bad idea to have the network stuff in the GUI thread. My first suggestion would be to first define a communication protocol: a way to serialize data so you have an easy way to determine what goes where. This also covers message receiving signaling since you are using UDP. Now depending on what you want to achieve, you could go several ways as far as implementation goes: If you want to keep it as a p2p application, the simplest solution is to open a new application instance for each ip-port tuple (meaning for each client designated by an IP:Port combination you will launch an instance of the application) If you would like to allow for things such as a discussion channel or conference channel or what ever you want to call it: a way for your message to be received by more than one person without sending it to everyone, you could use IP Broadcast or IP Multicast. And for private messages you could either tell the application to disregard the messages if it's not meant for them or have the protocol open a private connection using the individual IP addresses. If you want to replicate the Yahoo Messenger "architecture" you would make two applications: one would be a server and one would be a client If I will have time I will try to make you a small demo.

https://riscybusiness.wordpress.com/2017/10/07/hiding-your-process-from-sysinternals/

Sorry it's an info-sec/hacking forum... you'll need to figure it out for yourself... I'll give you a hint: it's about the text not the actual link (as in the contents of the a tag not the contents of a href attribute)

Could you give some examples of what your code is, what you are trying to parse so on and so forth? Not all of us know what the API looks like... And I for one did not pass the psychic exam...

Ida Pro 7.0 + All Decompilers Full Leak-Pass Links: http://1024rd.com/ida-pro-7-0-all-decompilers-full-leak-pass (via: https://twitter.com/riusksk/status/913254688488792065) https://forum.reverse4you.org/showthread.php?t=2627 (via: https://twitter.com/malwareunicorn/status/913441973511454720) As always, use with caution, it has not been checked.

Interesant ca si concept, dar mi se pare cam inutil... Poti face asta si cu un webcam (hai, 2 ca sa nu fie pacalite de o poza, desi exista metode de a rezolva si problema asta). Ce uita sa mentioneze este faptul ca radiatia se aduna in corp... Doar ca emite o putere mica nu e chiar un plus. Nu le da idei...

Pentru cei interesati, tot Andrew Ng preda si o serie de cursuri mai avansate despre Deep Learning. https://www.coursera.org/specializations/deep-learning