-
Posts
543 -
Joined
-
Last visited
-
Days Won
25
Posts posted by u0m3
-
-
Interesant... Trebuie incercat comparativ cu cel din sdk.
-
41 minutes ago, Nytro said:
Nu stiu cine sunt, nu am auzit de ei, dar din moment ce e gratuit si ei nu au nimic de castigat (doar din donatii), mi se pare o idee OK.
Ma refeream la partea cu inchisul FL. Cat despre acest nou tracker, mult succes. In opinia mea concurenta mana progresul.
-
6 hours ago, Nytro said:
Ce hateri sunteti, oamenii incearca sa faca ceva util. Stati sa crape filelist sa vedeti ce o sa mai cautati asta...
Sounds ominous... Know something we don't?
-
A avut probleme la open-vm-tools & company?
-
Yep... I'm done.
-
Felicitari. Nu mi-a trecut prin cap sa caut pe Google the code of holy bible.
Also, poti extrage foarte usor arhivele din poze folosind binwalk. Doar aveti grija ca e cam entuziast si le si dezarhiveaza si cand sunt parolate, rezultand intr-un mic fiasco uneori.
- 1
- 1
-
Se pare ca nu esti atent: ce vrei tu sa faci (indiferent ca are ca scop obtinerea unui interviu/job sau ca serveste in cadrul unei farse) se cheama Fals in acte si este ilegal
QuoteArt. 470. - (1) Falsificarea unui înscris oficial prin contrafacerea scrierii ori a subscrierii sau prin alterarea lui în orice mod, de natură să producă consecinţe juridice, se pedepseşte cu închisoare strictă de la un an la 4 ani.
https://www.avocatnet.ro/forum/discutie_200724/care-este-pedeapsa-pentru-fals-in-acte.html
Daca tu ai chef sa ajungi la inchisoare e treaba ta, dar ce te face sa crezi ca vrem sa fim, careva de pe aici, colegi cu tine?
- 1
-
1 minute ago, tjt said:
Cine e atat de prost sa isi faca poza la pasaport si la viza si sa le puna pe net ?
You'd be surprised...
- 1
-
Interesant mi se pare ca SysInternals nu e integrat mai bine cu WSL...
-
Blogul lui aelius, nginx tags: https://www.unixteacher.org/blog/tag/nginx/
Daca vrei raspunsuri mai concrete (aka mura-n-gura), avem nevoie de mai multe detalii legate de ce vrei sa obtii.
- 1
-
On 9/9/2017 at 6:15 PM, albastrel said:
Au putine surprize
Poti mentiona care au? Intreb deoarece am incercat CobaltStrike si nu pare sa sune acasa
-
Asa fac astia de la packetstormsecurity, mai fac "teste" pentru tools. Sau unele fake.
- 1
-
'sup with the As? Skiddie protection?
- 1
-
-
Versiunea Python2 dupa cum am promis. Imi cer scuze legat de calitatea codului.
Spoiler#!/usr/bin/env python2 import cookielib import urllib import urllib2 import re import time import logging # Config fl_username = 'FileList_username' fl_password = 'FileList_password' # Globals cj = None opener = None # URLS fl_login_url = 'https://filelist.ro/takelogin.php' fl_gift_url = 'https://filelist.ro/gift.php' # MISC match_regex = r"You won (?P<prize>.*)!|You already claimed a gift in the last 24 hours! Please check back again in (?P<hours>\d+)h (?P<minutes>\d+)m (?P<seconds>\d+)" def login(username, password, unlock=1): # type: (str, str, bool) -> [None, False, True] global opener log = logging.getLogger('main.login') login_data = urllib.urlencode({ 'username': username, 'password': password, 'unlock': unlock }) response = opener.open(fl_login_url, login_data) if response.code == 200: body = response.read() if body.find('User sau parola gresite.') == -1: log.info('Successfully logged in.') return True else: log.info('Failed to log in. Wrong username or password.') return None else: log.warn('Failed to log in. Request answered with non-200 code.') return False def get_gift(): global opener log = logging.getLogger('main.get_gift') response = opener.open(fl_gift_url) if response.code == 200: if response.url.find('login.php') != -1: log.info('We need to login again.') return False else: log.info('We have received the gift page. Returning contents for parsing') return response.read() else: # How did we get here? And where is HERE? log.warn('We have reached an unexplored zone of space-time.') return None def main(): global cj, opener logging.basicConfig( level=logging.DEBUG, format='%(asctime)s %(name)-12s %(levelname)-8s %(message)s', datefmt='%Y-%m-%dT%H:%M:%S' ) log = logging.getLogger('main') cj = cookielib.CookieJar() opener = urllib2.build_opener( urllib2.HTTPRedirectHandler(), urllib2.HTTPHandler(debuglevel=0), urllib2.HTTPSHandler(debuglevel=0), urllib2.HTTPCookieProcessor(cj) ) do_loop = True log.info('Setup complete. Entering loop.') while do_loop: ret = get_gift() if ret is False: log.info('We were not logged in. Logging in.') login(fl_username, fl_password) elif ret is None: log.error('For some reason we need to exit the loop.') do_loop = 0 else: match = re.search(match_regex, ret, re.IGNORECASE) if match: prize = match.group('prize') wait_hours = int(match.group('hours')) wait_minutes = int(match.group('minutes')) wait_seconds = int(match.group('seconds')) if prize is not None: wait_hours = 24 wait_minutes = 0 wait_seconds = 0 log.info('Congratz! You got %s' % str(prize)) else: log.info( 'We need to wait %d hours %d minutes %d seconds' % (wait_hours, wait_minutes, wait_seconds) ) wait_time = (wait_hours * 60 + wait_minutes) * 60 + wait_seconds log.info('Sleeping for %d seconds' % wait_time) time.sleep(wait_time) else: # How did we end up here?!?!?!?! log.error('Toto, we are not in Kansas anymore!') if __name__ == '__main__': main()
- 4
-
Cu ocazia aniversarii a zece ani de FileList, au decis sa lanseze mai multe surprize, unda dintre acestea fiind:
Quote10th anniversary gift! Începând cu 04 septembrie până în 11 septembrie inclusiv, o dată la 24 de ore puteți da click pe cadoul din stânga paginii și veți primi un cadou din partea site-ului. Cadoul este similar cu gift box-ul din Shop și puteți câștiga: Upload, FLCoins, Invitații, FLTokens, VIP.
Toate bune si frumoase, doar ca, daca esti tampit ca mine si ai gasit prima data giftbox-ul la ora 5 dimineata (sau pentru oamenii normali, esti ocupat) si nu ai cum sa verifici la 24 de ore, vei pierde din premii*.
Si cum suntem cu totii 0xH4X0R1 pe aici am decis sa fac un mic script in PowerShell (daca am chef/rabdare il voi face si in Python) care sa se ocupe de problema:
Spoilerfunction Get-FileListLogin { Param ( [parameter(Mandatory=$true)] [String] $Username, [parameter(Mandatory=$true)] [String] $Password, [parameter(Mandatory=$false)] [Int] $Unlock = 1 ) Process { $requestBody = @{ username = $Username; password = $Password; unlock = $Unlock; }; $webRequest = Invoke-WebRequest -Uri 'https://filelist.ro/takelogin.php' -Method Post -Body $requestBody -SessionVariable session -Verbose; if ($webRequest.StatusCode -eq 200) { Write-Debug -Message 'Loggin succesfull. Returning session variable.'; return $session; } else { Write-Debug -Message "Failed to login $($webRequest.StatusCode): $($webRequest.StatusDescription)."; return $false; } } } function Get-FileListGift { Param ( [parameter(Mandatory=$true)] $Session ) Process { $webRequest = Invoke-WebRequest -Uri 'https://filelist.ro/gift.php' -Method Get -MaximumRedirection 0 -WebSession $Session -Verbose; if ($webRequest.StatusCode -eq 200) { Write-Debug -Message 'Request succesfull. Returning raw content.'; return $webRequest.RawContent; } elseif (($webRequest -ge 300) -and ($webRequest -lt 400) -and ($webRequest.Headers.Location -eq '/login.php')) { Write-Debug -Message 'Request failed. You need to login.'; return $false; } else { Write-Debug -Message "Request failed with code $($webRequest.StatusCode): $($webRequest.StatusDescription). Returning request response."; return $webRequest; } } } function Invoke-FileListGetGift { Param ( [parameter(Mandatory=$true)] [String] $Username, [parameter(Mandatory=$true)] [String] $Password, [parameter(Mandatory=$false)] [Int] $Unlock = 1 ) Process { $doLoop = $true; $session = $false; while ($doLoop) { if ($session -eq $false) { $session = Get-FileListLogin -Username $Username -Password $Password -Unlock $Unlock; } $ret = Get-FileListGift -Session $session; if ($ret -eq $false) { $session = $false; } elseif ($(Get-TypeName -InputObject $ret) -eq 'HtmlWebResponseObject') { Write-Debug -Message "'Get-FileListGift' returned a 'HtmlWebResponseObject'."; } elseif ($(Get-TypeName -InputObject $ret) -eq 'String') { $sleepSeconds = 0; if ($ret -cmatch '(?i)You already claimed a gift in the last 24 hours! Please check back again in (?<hours>\d+)h (?<minutes>\d+)m (?<seconds>\d+)s.') { $hours = $matches['hours']; $minutes = $matches['minutes']; $seconds = $matches['seconds']; $sleepSeconds = ((($hours -as [Int])*60 + ($minutes -as [Int]))*60 + ($seconds -as [Int])); Write-Host -Object $matches[0]; } elseif ($ret -cmatch '(?i)You won (?<prize>.*)!') { $sleepSeconds = 24*60*60; Write-Host -Object $matches[0]; } else { Write-Debug -Message "Whoops! Page did not say we won nor did it say we need to wait... Strange... Here is the content:"; Write-Debug -Message $ret; } Write-Host -Object "Sleeping for $sleepSeconds seconds..."; Start-Sleep -Seconds $sleepSeconds; } else { Write-Debug -Message "This should have never reached. Get-TypeName -InputObject `$ret -FullName = $(Get-TypeName -InputObject $ret -FullName)"; } } } }
Mod de utilizare:
- Copy - Paste la cod intr-o fereastra de PowerShell apoi rulati Invoke-FileListGetGift.
- Salvati codul intr-un fisier *.ps1 apoi din PowerShell ii faceti source: adica scrieti in consola ". .\NumeFisier.ps1" (atentie la punctul din fata - e ca la bash) apoi rulati Invoke-FileListGetGift.
Daca doriti sa vedeti mesajele de debug setati $DebugPreference = "Continue" in consola din care rulati apoi apelati Invoke-FileListGetGift.
- 9
-
2 hours ago, Nytro said:
you can pay a 2000 USD MacBook with 2 USD.
2 hours ago, Nytro said:MasterCard rewarded me with 8500 USD for this bug.
Seems legit.
- 2
-
La multi ani!
-
Ferir-ar Sfantu' sa le puna o parola sau mai rau, filtre din firewall.
-
Pe ce parte de challenges te bagi?
-
Vezi ca
btc_address = rpc_conn.getnewaddress('accountname')
are un spatiu in plus.
-
4 minutes ago, theandruala said:
Un invite code ceva?
Quote0x01 How do I join Hack The Box?
In order to join you should solve an entry-level challenge that is presented here. If you are unable to "hack the invite process" you will probably wont be able to do much after joining also
- 2
-
Abstract:
Microcode is an abstraction layer on top of the physical components of a CPU and present in most general-purpose CPUs today. In addition to facilitate complex and vast instruction sets, it also provides an update mechanism that allows CPUs to be patched in-place without requiring any special hardware. While it is well-known that CPUs are regularly updated with this mechanism, very little is known about its inner workings given that microcode and the update mechanism are proprietary and have not been throughly analyzed yet.In this paper, we reverse engineer the microcode semantics and inner workings of its update mechanism of conventional COTS CPUs on the example of AMD’s K8 and K10 microarchitectures. Furthermore, we demonstrate how to develop custom microcode updates. We describe the microcode semantics and additionally present a set of microprograms that demonstrate the possibilities offered by this technology. To this end, our microprograms range from CPU-assisted instrumentation to microcoded Trojans that can even be reached from within a web browser and enable remote code execution and cryptographic implementation attacks.
Link: https://www.usenix.org/conference/usenixsecurity17/technical-sessions/presentation/koppe (via https://twitter.com/x0rz/status/903668526333997057)
-
Interesanta tehnica. Sunt curios daca se poate aplica ceva similar si pe cod compilat...
Arduino Amiga Floppy Disk Reader/Writer (V2)
in Electronica
Posted
https://create.arduino.cc/projecthub/RobSmithDev/arduino-amiga-floppy-disk-reader-writer-v2-239c97