Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Messages - edu19

Pages: [1]

General discussion / Re: Reliable Antivirus/Antispyware site to send out files

« on: May 27, 2014, 04:30:53 AM »

thank you very much for the feedbacks, folks. Well the program itself is not malicious in anyway, the problem is the size is large just that. DeepCopy, you´re damn right the best way to do it is on a VM with like 1 or 2 AVs (maximum) installed for testing, preferably with the internet cable disconnected just in case of false positives and the risk of them sending the file to their db.

I tested on a machine in my local network that has Kaspersky up to date. Did not detect anything. Let´s see the others now.

+1 to everyone

PS: sorry for the above quote post, it was supposed to modify the first reply but it quoted.

Staff note: do not double post FFS!!!

General discussion / Reliable Antivirus/Antispyware site to send out files

« on: May 26, 2014, 11:40:38 AM »

Hi people. I would like to know a good and trustworthy site to test files against Antivirus and Antispyware softwares that won´t send them to the Vendors. It is just a non-malicious, large file that I compressed with UPX (it is free simple to use and popular). Since AVs. and ASs. are dumb they may start detecting the file as malicious for the simple fact it was compressed.

Thanks in advance.

Hacking and Security / Re: Revealed: how US and UK spy agencies defeat internet privacy and security

« on: September 09, 2013, 11:36:05 PM »

the privacy invasion goes far beyond this. that is the problem...dont forget about sattelites and stuff. we are all being monitored. but...what can we do if we let the system take care of us without saying a word?...now we must tolerate or make a great change on the system which wont be easy at all.

about encryptions...what is created by man can be broken by man...so I believe most encryptions can be cracked, not by bruteforcing but by implementation flaws

I dont trust encryptions at all, if you want my honest opinion and they ring the bells to the feds.

Hacking and Security / Re: Windows8 : Logon passwords stores in plain text.

« on: August 20, 2013, 12:27:01 PM »

yeah I know, I was talking about Windows, locally, only. if it exchanges password data with, for instance, websites in unencrypted form then that is really a serious issue, since it could be prone to MITM attacks.

And criptography doesnt save us 100% unfortunately since it is about implementation...if an implementation flaw is found, the encrypted data might be recovered.

Hacking and Security / Re: Windows8 : Logon passwords stores in plain text.

« on: August 20, 2013, 11:57:19 AM »

Anyone with phisical access can own the computer by running something under the NT AUTHORITY\SYSTEM account. One can use an USB stick, or CD ROM with software to rea and write to/from NTFS partitions; Once this person eg. replaces a file that will run with NT AUTHORITY\SYSTEM privileges on every boot it will be able to access the passwords, create admin accounts, and even keylog, "screenshot log" the logon password.

The great problem is when a remote vuln is discovered and the machine gets exploited and is running the standard user account (which by default has admin privileges and can bypass UAC). Attacks that requires users to have phisical access to a machine are considered low risk, although the consequences can be pretty bad.

That´s it... simple hehe.

Hacking and Security / Re: Microsoft warns it'll hand out zero days for Windows XP.

« on: August 20, 2013, 11:48:40 AM »

Windows 7 was pretty much based on Vista, specially its kernel, it is a Vista improved Kernel. Windows 8.1 is coming out and guess what, I am testing it and it is worse than Windows 8.0 . IE 11 looks basicly the same as IE 10 which looks the same as IE 9, which is a cheap copy of Google Chrome, sad to say. IE should remain its classic look, but with improved performance and security, just that. Not rip the look and some features like the download manager, from eg. Google Chrome browser.

Windows XP is extremely good, Windows 7 is cool too. But Windows 8 unfortunately is worse than Vista (at least with SP2).

The real good Windows would have the features and look of Windows XP with the kernel of Windows 7. that´s it.

About vulnerabilities... well the attackers are probably targeting Windows XP because it is one of the most used OSes in the World. There are still a lot of people using IE 6 or at least with it installed on the machine. IE 8 is simply better and can be installed for free, and it comes in the automatic updates.
If one day Win 7 becomes the most used one, they will surely try to reverse the patches and then re-exploit the vulnerability even if 7 was not listed in the vulnerable systems. I remember one of my first findings which was in a Windows XP component and it remained active for like 2 years then someone else found the same thing and posted. I played a bit and found a way out to re-exploit it; Never got patched or publicly disclosed.

Hacking and Security / Re: A female friend of mine gets stalked!

« on: August 13, 2013, 11:30:17 PM »

if the stalker is your ex....then she is really retarded, I would simply tell her to f**** off and block her.

btw, when you have your number blocked, what does it happen?.... busy...or you get a recording voice saying something like the number cant receive calls at the moment??

General discussion / Re: Busted...

« on: August 13, 2013, 11:23:24 PM »

e-mails can be spoofed. this includes the header and originating IP address.If you were to get really busted.....the feds would knock at your door and review your computer activities. depending on what they found out you could be prosecuted...or not....my suggestion is not to mess with copyrighted stuff because you are breaking a law and depending on where you live you can be easily traced and caught, then prosecuted, arrested or pay a kind of fee for what you did.

privacy used to be a lux in the past or 2 decades ago. now it is an uthopy.

Hacking and Security / Re: First Banking Trojan for Linux in the Wild

« on: August 09, 2013, 02:23:06 PM »

A trojan for Linux should exploit a vulnerability that requires little and "safe" user interaction like visiting a website, playing a video, etc. But then it wouldnt last long. The vuln would be patched and AV softwares would detect the code, unless it uses polymorphism. At times you see an entire page at securityfocus for Linux vulnerabilities and software running on linux, like webbrowsers for example. They could do it a lot more, but since the majority of users are on Windows and are stupid as hell, they prefer to send out exe´s with less common extensions like .PIF, .COM, .SCR, .CMD or double extension ".jpg.scr" to try to mislead the user. There have been extension spoofing vulns in IE and there is a LOT of file types in Windows that can run code, by design but the malware writers keep on these because they simply rename their exe to .com, .cmd, .scr etc and voila. Actually most of them are skiddies using plain social engeneering.

Found it on the Webs / Re: Super computer simulates human brain!

« on: August 07, 2013, 05:04:00 AM »

A machine will possibly never simulate, 100%, a human brain because it is in constant change, evolution and each individual is unique. Our real abilities and capabilities go far beyond our imagination/dreams.

Though using genetic engeneering we may be able to re-generate ruined neurons and possibly clone a brain with all its current info/data one day and even store it in some kind of ultra large size storage device. Stay tuned!

Operating System / Re: Windows 8 Problems

« on: July 31, 2013, 05:42:44 PM »

Well, what I know it happens on all versions of Windows is that when you have a shortcut for a network location like \\IP\Share and that ip is offline, it freezes Windows explorer for several seconds, more than a minute sometimes because it keeps trying to connect to the offline IP several times performiing "SMB requests" via SMB protocol.

But for local available drives and "new" option that is odd. I have Windows 8 on a VM. I did not like it at all to be honest. My advice is that you do not use Windows until at least the first service pack is released, because it is full of bugs, and it is hard to contact Microsoft to report the bug and when you do it, a lot of times they do not care.

So your best bet is downgrading to Windows 7 which is better and more stable for sure.

Windows XP, although is very old by now is very stable and compatible with most programs, because it has already received a hell lot of patches. Then comes the question, if its life cycle has been extended due to the Vista fiasco, why didnt they released SP4 to XP. My opinion is, just not to have as many as its previous OS, Windows 2000 haha. M$ sucks my friend, learn to live with it.

Operating System / Re: Someone hacked my system

« on: July 23, 2013, 01:45:22 PM »

Sorry for late reply but when you think your system is hacked you must monitor it using tools like process explorer, process monitor and a sniffer like "WireShark" which in my opinion is a very good one. it will show you traffick in real time for all ports and protocols.

by the way, a tip...use Kaspersky AV if you wish to use one, by far the best one.

Tutorials / Re: backdoors with netcat

« on: July 23, 2013, 01:34:58 PM »

netcat is a very useful tool if you are familiar with the cmd line of linux and windows. on Windows, if you can direct connect to the computer you can enable the default telnet server (not installed by default on Vista and up, but you could monitor the installation; guess you need the windows cd and then pick up the files and make a simple installer using eg. IExpress.

I may do it one day I have enough time and post here. btw you can change telnet port since most ISPs blocks port 23. and you can use remote desktop to view the screen.

to transfer files you can use the cmd line ftp tool. bingo you can fully control a Windows computer with built in tools

Tutorials / Re: A guide to Alternate Data Streams

« on: July 23, 2013, 01:28:21 PM »

how to run a file that is an ADS of another one?

well first off, you need to transfer the file to the "victim" right?

Most if not all softwares for file sharing like P2P softwares, webbrowsers, etc doesnt preserve the stream, so this thing is useful more as a local issue rather than remote.

Nowadays most AVs will warn if there is an executable file streamed into another file and they can remove it.

So, in my opinion unfortunately this became something of the past unless you find a way to run the ADS. I used to have an "exploit" for some Windows program in which you clicked an element of the window and it would run the ADS. but again it is just local because the softwares remove the ADS.

It is nicer to make a chimera with a file, like hiding rogue code inside "safe" files.

Pages: [1]