[Email-uri RO]

Nu am ce pont sa dau. Ce e asa greu de inteles?

[Socks]

190.39.200.213:9064
190.74.127.208:9064
37.187.242.67:1234
186.91.183.210:9064
190.75.140.34:9064
186.91.212.208:8080
190.198.239.166:8080
186.91.120.197:8080
186.167.32.130:3128
190.200.166.188:9064
201.210.152.240:8080
190.73.149.52:8080
190.198.108.112:8080
201.249.229.178:80
190.36.48.140:9064
186.92.43.14:9064
54.72.224.141:80
125.123.84.139:80
186.91.116.110:9064
200.109.60.43:9064
190.75.146.103:9064
190.79.140.5:9064
118.175.5.9:80
61.19.29.122:8080
219.70.123.168:8088
211.76.94.59:8088
190.38.79.175:9064
190.203.50.100:9064
190.97.244.95:9064
201.211.103.22:9064
201.242.37.221:9064
186.93.188.81:8080
186.91.40.128:8080
190.74.213.235:9064
72.133.32.186:38266
188.165.85.115:3128
203.209.87.53:8080
27.145.145.105:8080
58.10.206.144:3128
61.7.149.69:8080
27.131.173.2:8080
202.29.235.130:3129
202.173.222.43:8080
203.146.82.253:3128
203.146.82.253:80
122.155.165.128:3128
203.151.21.184:3128
61.19.42.145:8080
186.95.247.20:9064
201.242.239.134:9064
186.94.48.175:9064
190.204.60.41:9064
186.93.185.42:8080
186.94.199.227:9064
190.79.102.117:9064
195.62.78.1:3128
36.55.237.59:3128
190.200.153.228:9064
119.77.201.152:8088
123.110.31.5:8088
190.204.86.136:8080
119.97.164.48:8085
202.181.207.249:80
202.102.4.195:8054
190.200.48.187:9064
202.102.4.195:8005
186.95.93.226:9064
218.240.156.82:80
111.205.122.222:80
202.102.4.195:8020

202.102.4.195:8054
202.102.4.195:8005
202.102.4.195:8020
202.102.4.195:8034
202.102.4.195:8085
217.12.113.114:8080
192.227.146.119:8089
218.203.13.173:80
199.200.120.36:7808
198.52.217.44:8089
199.200.120.140:7808
188.40.252.215:8089
62.210.56.250:8089
37.239.46.50:80
149.255.255.250:80
212.175.17.238:8080
162.208.49.45:3127
209.170.151.142:8089
218.203.13.180:8080
198.136.50.131:3127
95.141.35.81:24809
190.38.216.123:9064
200.93.88.123:8080
190.204.100.21:9064
200.93.34.52:9064
186.89.215.35:9064
190.72.46.137:9064
103.249.101.218:3128
24.100.137.39:3128
203.222.24.65:9064
190.74.65.46:9064
111.13.2.141:80
190.37.166.146:9064
61.227.52.178:9064
190.36.183.209:9064
200.109.162.70:9064
186.91.232.145:8080
186.91.248.32:9064
186.94.107.239:8080
187.20.255.16:9064
186.92.195.242:8080
115.43.178.203:9064
201.242.46.5:8080
201.243.53.11:8080
190.207.226.198:8080
112.99.76.21:3128
195.112.199.210:8080
123.205.125.128:8088
186.209.106.11:8080
190.37.106.91:9064
186.93.142.87:8080
123.162.2.181:8080
140.112.228.111:9064
201.243.29.215:9064
190.36.18.130:8080
190.200.249.240:8080
121.31.24.143:18186
123.205.135.220:8088
190.74.215.18:8080
201.242.84.99:8080
222.165.207.10:3128
190.79.65.212:9064
111.251.242.114:9064
190.38.114.71:8080
190.77.10.123:9064
190.198.145.253:8080
201.248.243.10:8080
222.89.165.39:1982
218.29.92.182:9999
190.198.183.224:9064
203.172.211.70:8080
182.93.218.158:8080
190.75.34.222:8080
186.95.46.107:9064
190.73.255.142:9064
186.91.230.103:8080
186.90.28.144:8080
123.195.186.171:9064
201.81.210.172:9064
190.198.20.246:9064
203.76.100.154:8080
186.92.209.110:9064
190.199.207.149:9064
190.73.254.28:8080
190.73.237.68:9064
186.90.45.245:8080
190.72.24.209:9064
190.38.57.133:8080
190.200.22.60:8080
186.95.227.117:8080
202.102.4.195:8054
202.102.4.195:8005
202.102.4.195:8020
202.102.4.195:8034
202.102.4.195:8085
217.12.113.114:8080
192.227.146.119:8089
218.203.13.173:80
199.200.120.36:7808
198.52.217.44:8089
199.200.120.140:7808
188.40.252.215:8089
62.210.56.250:8089
37.239.46.50:80
149.255.255.250:80
212.175.17.238:8080
162.208.49.45:3127
209.170.151.142:8089
218.203.13.180:8080
198.136.50.131:3127

[Email-uri RO]

Parola Arhiva :

64+-MD5

3243c6fdf4719ff0a35b872b7d842eaa

// Page Rank 4

Download

[Carti Networking, Unix, Security & More]

Va atasez cateva carti , pentru Linux, Networking, Snort si mai multe :

Exemple :

Network Security Guide

O'Reilly - Internet Core Protocols the definitive guide

-"- - Network Warrior

TCP IP Network Administrator

APACHE COOKBOOK

APACHE SECURITY

si mai multe....

Bafta la citit!

DOWNLOAD

[Yahoo XSS]

Felicitari . Spune mi te rog, cea de la Microsoft, a fost prin post sau get?

@akkiliON , dai o bere Hategana ?)))

[vBulletin 4.2.2 XSS AdminCP]

Salut. Testam ceva in seara asta intr-un vbulletin 4.2.2 si am gasit un mic XSS si m-am gandit sa il postez aici..

Status: Neraportat

[Intrebare placa de retea wireles.]

@synkron :

credeti ca se simte diferenta intre placa asta wifi fata de cablu direct?

Conexiunea directa prin cablu trimite date cu 100Mbps pe langa WI-FI-urile, care trimit maxim cu 54Mbps. La wireless, reteaua nu este asa securizata, se poate face packet-sniffing. La Ethernet, reteaua e mai stabila, pe cand la wi-fi, daca cineva e suparat si a facut un aparat de bruiaj, nu e foarte bine pentru tine.. La Ethernet, atat trebuie, sa cablezi incat sa nu te incurce cablurile. Acesta ar fi singurul dezavantaj zic eu..

[Tutorial Instalare L2TP]

TUTORIAL INSTALARE L2TP Debian/Ubuntu

Layer 2 Tunneling Protocol (L2TP) este un protocol de tunelare, folosit în crearea re?elelor private virtuale (VPN).Acesta nu prevede nici un mecanism de criptare sau de confiden?ialitate în sine. Publicat în 1999, ca standard RFC 2661, L2TP î?i are originea în alte dou? protocoale de tunelare mai vechi pentru PPP, Layer 2 Forwarding Protocol (L2F) ?i Point-to-Point Tunneling Protocol (PPTP). De?i ac?ioneaz? la nivelul leg?tur? de date în modelului OSI, protocol L2TP este de fapt un protocol ce ac?ioneaz? la nivelul sesiune ?i folose?te portul înregistrat UDP 1701.

Cum se stabileste sesiunea unui L2TP cu serverul VPN:
-Intâi clientul stabile?te un tunel IPsec cu serverul VPN
-Clientul ?i serverul L2TP stabilesc apoi un tunel L2TP în vârful tunelului IPsec.
-Se stabile?te o sesiune PPP în partea superioara a tunelului L2TP, spre exemplu, pachetele PPP sunt încapsulate ?i trimise/recep?ionate în cadrul tunelului IPsec

1) apt-get install xl2tpd openswan [// Raspundeti cu nu cand va cere X.509 Certificate]

2) In sysctl.conf, adaugati :

net.ipv4.conf.all.accept_redirects = 0
net.ipv6.conf.all.accept_redirects = 0
net.ipv4.conf.default.accept_redirects = 0
net.ipv6.conf.default.accept_redirects = 0
net.ipv4.conf.all.send_redirects = 0
net.ipv4.conf.default.send_redirects = 0

3) Configuram /etc/ipsec.conf

config setup

protostack=netkey

nat_traversal=yes

oe=off

conn L2TP-PSK-NAT

rightsubnet=vhost:%priv

also=L2TP-PSK-noNAT

conn L2TP-PSK-noNAT

authby=secret

pfs=no

auto=add

keyingtries=3

rekey=no

ikelifetime=8h

keylife=1h

type=transport

left=1.1.1.1 [adaugam ip ul statiei aici]

leftprotoport=17/1701

right=%any

rightprotoport=17/1701

conn passthrough-for-non-l2tp

type=passthrough

left=1.1.1.1. [adaugam ip ul aici]

leftnexthop=0.0.0.0

right=0.0.0.0

rightsubnet=0.0.0.0/0

auto=route

5) Deschidem /etc/ipsec.secrets si adaugam :

1.1.1.1 %any: "parolamea" , unde 1.1.1.1 e ipv4 de la statia noastra si parolamea, putem seta orice parola.

E recomandat sa acordam permisii doar pentru root.

6) Configuram xl2tpd, nano /etc/xl2tpd/xl2tpd.conf :

[global]
port = 1701
auth file = /etc/xl2tpd/l2tp-secrets
access control = no
rand source = dev

[lns default]
exclusive = no
; enter the IP range you wish to give out to your clients here
ip range = 192.168.1.2 - 192.168.1.245
; address of the L2TP end of the tunnel (i.e. this machine)
local ip = 192.168.1.1
refuse authentication = yes
refuse pap = yes
refuse chap = yes
ppp debug = no
pppoptfile = /etc/ppp/options.l2tpd

8) Adaugam configuratia PPP : nano /etc/ppp/options.l2tpd

nobsdcomp
passive
lock

# Allow all usernames to connect.
name *
proxyarp
ipcp-accept-local
ipcp-accept-remote
lcp-echo-failure 10
lcp-echo-interval 5
nodeflate

# Do not authenticate incoming connections. This is handled by IPsec.
noauth
refuse-chap
refuse-mschap
refuse-mschap-v2

# Set the DNS servers the PPP clients will use.
ms-dns 8.8.8.8 # <-- change this to the IPv4 address of your DNS server
ms-dns 8.8.4.4 # <-- add extra entries if necessary

mtu 1400
mru 1400

7) Restart:

/etc/init.d/ipsec restart
/etc/init.d/xl2tpd restart

Si verificam daca totul este configurat :

ipsec verify

Multumesc pentru atentie.

[Ajutor Flood.]

Stii ce, m-am saturat de arzoi ca tine, care incearca sa profite si nu aduc nici un beneficiu..

(19:20:39) Linuxup: (whispers) anabolizante2008.com ia vezi pica..

(19:21:01) sleed: nuu

(19:21:04) sleed: ca eu bag asa ceva

(19:21:04) sleed: la sala

(19:21:06) sleed:

(19:21:15) Linuxup: (whispers) Si eu.

(19:21:19) Linuxup: (whispers) Si am

(19:21:29) Linuxup: (whispers) Ieri la picat un tov a facut proba dar nu mai e on...

(19:21:48) sleed: si de ce vrei sa il pici ?

(19:21:55) sleed: ce cacat ai cu un site de anabolizante ?

(19:21:56) sleed: )

(19:22:41) Linuxup: (whispers) Vreau sa vad ceva

(19:23:23) Linuxup: (whispers) Incerci ?

(19:24:20) sleed: ce sa vezi

(19:24:21) sleed: ?

(19:25:27) Linuxup: (whispers) Daca se duce

(19:25:32) RST: leet logs into the Chat.

(19:25:36) sleed: si daca se duce cu ce esti fericit?

(19:25:36) Linuxup: (whispers) Sau nu ai cu ce da ?

(19:25:48) sleed: am

(19:25:58) Linuxup: (whispers) O sa iti zic dupa, da-mi idul tau de mess. vb mai bn acolo.

(19:27:20) RST: Linuxup has been logged out (Kicked) by wtf.

GG wtf.

[[TUTORIAL] Instalare eAccelerator [PHP Cacher]]

Mai degraba, pe un web accelerator, un reverse proxy, ar merge de minune. Nginx + apache + postgresql + eacc, un mic tweak la kernel si cam aia e.. Ar trebui sa nu iti mai crape la 10 visitatori / s )

[[TUTORIAL] Instalare eAccelerator [PHP Cacher]]

eAccelerator - PHP Cacher

- eAccelerator este indicat pentru a creste performantele web-serverului dumneavoastra, pentru a optimiza procesele php-ului.

- Dupa parerea mea, este peste APC si XCACHE.

- Mai multe detalii aici : eAccelerator - Wikipedia, the free encyclopedia

1) Instalare dependinte pentru a putea configura eAcceleratorul [ Debian/Ubuntu ] :

 apt-get install php5-dev make gcc build-essential

2) Downloadam eAccelerator & configuram :

cd /var

wget -q https://github.com/eaccelerator/eaccelerator/tarball/master

mv master eacc.tar.gz

tar -zxvf eacc.tar.gz

__________________________________________________________

cd $(ls -ld *eacc*/|awk '{ print $9 }')

phpize

./configure

make

make install

mkdir -p /var/cache/eacc

chmod 777 /var/cache/eacc

cd /etc/php5/conf.d/

_____________________________________________________

Apoi adaugam in :

/etc/php5/conf.d/eaccelerator.ini URMATOARELE :

extension="eaccelerator.so"
eaccelerator.shm_size="48"
eaccelerator.cache_dir="/var/cache/eacc"
eaccelerator.enable="1"
eaccelerator.optimizer="1"
eaccelerator.check_mtime="1"
eaccelerator.debug="0"
eaccelerator.shm_max="0"
eaccelerator.shm_ttl="0"
eaccelerator.shm_prune_period="0"
eaccelerator.shm_only="0"
eaccelerator.compress="1"
eaccelerator.compress_level="9"

/etc/init.d/apache2 restart

Nota : Am comparat rezultatele obtinute de la APC, Xcache si eAccelerator si se pare ca eAccelerator a iesit castigator, cu putin peste APC [Alternative PHP Cache].

[La multi ani!]

La Multi Ani RST!

[Problema de matematica by io.kent]

Rezolvarea mea ar fi asta :

Faci produsul mezilor, belesti Pu*a iezilor,

trimiti iezii la pascut si iei capra la Pul* daca nu ti da rezultatul o iei de la cap cu tapul

faci produsul mezilor belesti Pu*a iezilor,

trimiti iezii la pascut si iei capra la Pul* daca nu ti da rezultatul o iei de la cap cu tapul,

faci produsul mezilor belesti Pul* iezilor trimiti iezii la pascut si iei capra la Pul* daca nu ti da rezultatul o iei de la cap cu tapul

[[RST] Pwnthecode [Beta]]

Multumim pentru notare. De aceea este in stadiul Beta, urmeaza un remake, traducerea in Engleza si finalizarea blogului. Vreau sa precizez ca se vor adauga functii noi. Orice idee / propunere este luata in considerare. Multumim

[Comercializare artificii]

Salut. In Timisoara cauta in Piata Dacia, poate ai ceva noroc. Sau te duce Zatarra la tigani la Hunedoara la piata sau in micro, au de la artificii la petarde militare

Craciun Fericit si tie!

[XSS Easy]

//Edit: CE troll de challenge )))))))

[Cum sa iti faci propria firma de hosting]

La atatea firme de hosting, vanzare dedicate, vps uri, greu pe piata. Foarte greu sa reusesti decat daca nu esti vechi in acest domeniu..Asa merita sa va faceti pentru un pachet de tigari.

[[Stored XSS] mail.yahoo.com #2]

Hai cu lada de bere, ca tot le-ai luat banii la aia de la Yahoo /..

Is jegosi rau astia de la yahoo, nici nu merita sa cauti la ei.

Feriti-va de yahoo si paypal[ alti ingramaditi ].

In rest , e ok...

[Tutorial Monitorizare Retea [CACTI]]

CACTI = Mediu Grafic pentru monitorizarea retelei

Cacti este o solu?ie completa pentru a face grafice ale retelei folosind RRDTool

Mai multe detalii gasiti pe site-ul oficial : Cacti® - The Complete RRDTool-based Graphing Solution

Testat pe Debian Wheezy.

___________________________

1) Se ne asiguram ca avem privilegii de root! [su...] [whoami = root !=ok]

2) Facem un update : apt-get update

root@sld:~# apt-get update
Hit http://dl.google.com stable Release.gpg
.....
Reading package lists... Done

3)

root@sld:~# apt-get install cacti[/B]
Reading package lists... Done
Building dependency tree       
Reading state information... Done
The following extra packages will be installed:
  dbconfig-common libdbi1 libjs-jquery-cookie libphp-adodb librrd4 php5-snmp
  rrdtool
Suggested packages:
  php5-ldap moreutils php5-adodb librrds-perl
The following NEW packages will be installed:
  cacti dbconfig-common libdbi1 libjs-jquery-cookie libphp-adodb librrd4
  php5-snmp rrdtool
0 upgraded, 8 newly installed, 0 to remove and 13 not upgraded.
Need to get 4,046 kB of archives.
After this operation, 10.2 MB of additional disk space will be used.
Do you want to continue [Y/n]? Y

Ne pune sa selectam un web-server, in cazul meu : apache2.

Apoi vom ajunge la db si ne va afisa :

 
-> Configure database for cacti with dbconfig-common? 

[/B][/I][B]Click pe YES[/B]
[B]
-> Password of the database's administrative user:   ce vreti voi, eu am pus aici ca test: mataigrasa                                                                
-> MySQL application password for cacti: ce vreti voi, eu am pus ca test : mataigrasa

-> Password confirmation: mataigrasa [ sau parola voastra aleasa]

verifying access for cacti@localhost: success.
creating database cacti: success.
verifying database cacti exists: success.
populating database via sql..

Daca totul este in regula si functioneaza corect mysql & apache, intram aici :

http://localhost/cacti/install/

-> Click pe Next,

->Ca type of installation dam select pe New-Install, apoi next..

-> RECOMAND SA LASATI CONFIGURATIILE CA AICI (AR TREBUIA SA FIE TOTUL FOUND) :

->CLICK PE FINISH.

4) Login : user: admin , parola admin

*** Forced Password Change ***

Va trebui sa adaugam alta parola : exemplul meu : mataigrasa

PENTRU ALTE DETALII : R.T.F.M

[I]http://www.cacti.net/downloads/docs/pdf/manual.pdf[/I]

Other Info's : Cacti® - The Complete RRDTool-based Graphing Solution

[Tutorial SSH Jail]

Acest tutorial prezinta un mijloc de a limita privilegiile unui user doar pentru folderul sau. Daca avem un server cu un numar foarte mare de useri, care folosesc pentru access, sftp/ssh, ar fi bine folosit ssh jail.

[in caz ca sunt probleme de autentificare la internet, pentru un utilizator, copiaza /etc/resolv.conf pentru cei in jailed sau adauga netbasics pentru jk_init.

1) Instalare, compilare

wget http://olivier.sessink.nl/jailkit/jailkit-2.17.tar.gz

tar -xzf jailkit-2.17.tar.gz

cd jailkit-2.17

./configure

make

sudo make install

// Nota : [sa aveti development tools instalat#]

2) Configurare

cd /mnt/jailuseri # [chown root:root pe /mnt/jailuseri]

mkdir -p jail/sleed

jk_init -v -j /mnt/dex/jail/sleed basicshell

adduser sleed 

passwd salam 

...

jk_jailuser -m -s /bin/bash -j /mnt/jailuseri/jail/sleed sleed

mkdir jail/sleed/tmp

chmod a+rwx jail/sleed/tmp

[h=2]### Sa adaugati alti useri, faceti ca la pasul II.[/h]

Ajutor:...

jk_init --help
jk_jailuser --help
jk_cp --help

Linux.com :: Put your OpenSSH server in SSHjail

[[XSS] *.microsoft.com]

Microsoft Security Response Center (secure@microsoft.com) Add to contacts

12/13/2014

To: 'Luciano Sld

Hello,

Thank you for contacting the Microsoft Security Response Center (MSRC). We have reviewed your report and have determined that someone reported this vulnerability before you.

Again, we appreciate your report.

Regards, Mollie

//EDIT - Au dat indienii de intranet

[[XSS] *.microsoft.com]

Sper ca da. Sper sa nu mi dea duplicate, am primit un duplicate zilele trecute Poate poate , cine stie.. // poq : nu. E prin post .

[[XSS] *.microsoft.com]

Vuln.: XSS Stored *.microsoft.com

Status: Raportat

Poc:

-----------------------

[[PWNTHECODE] Misty Mountain Challenge]

@djxpaul nup .

Hint ; // memset(payload,A,268);

[[PWNTHECODE] Misty Mountain Challenge]

PWNTHECODE MISTY MOUNTAIN CHALLENGE

- STARTING Challenge Point: 0Day is EveryDay:)

- To finish task, you must to create a shell & execute it ;

- Here you find an example :

---------------------------------------------------

_______________________________

Trebuie sa treceti de cativa pasi, sa scrieti un exploit. Daca ati reusit, imi trimiteti A.B din adresa voastra de I.P.

Solvers :

Locul 1)

Locul 2)

Locul 3)

Locul 4)

Locul 5)

................

Mentiuni &&:

......................

CHALLENGE CLOSED. VOI POSTA CUM SE REZOLVA!