- Apocalipsa dupa Nemessis
- Cand dorinta de afirmare depaseste granitele bunului simt – PaxNwo un leecher ordinar
- Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta
- Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac?
- Experiment social II – andimoisescu.ro
- Pentru posteritate
- In curand…
- “Hot” de id-uri messenger
- Chiar ca sunteti retardati
- Ce nu se invata la scoala – Vendetta (6)
- Apocalipsa dupa Nemessis in (183 Visits)
- Ce servicii de mail folositi? in (101 Visits)
- This is the end in (94 Visits)
- Hackersblog.org is now blog.rstcenter.com in (67 Visits)
- Raportare vulnerabilitati in (66 Visits)
- La multi ani România, la multi ani românilor in (62 Visits)
- De reţinut in (59 Visits)
- News in (58 Visits)
- Un nou membru in (58 Visits)
- So... lol in (56 Visits)
- Mi s-a furat id-ul de messenger/adresa e-mail. Ce sa fac? in (895 Visits)
- SMS scam (1) in (114 Visits)
- Hi5.com coders read this in (109 Visits)
- Dezinformare sau proasta informare? in (90 Visits)
- Phishing Bancpost in (86 Visits)
- Si tentativele de phishing pot fi amuzante in (85 Visits)
- Phishing Raiffeisen cu atasament html in (82 Visits)
- [Utilitare] Suna gratis de pe internet sau de pe iPhone in (261 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/Hi5 (4) in (216 Visits)
- Cum sa iti protejezi adresa e-mail si datele confidentiale din aceasta in (188 Visits)
- Ce nu se invata la scoala - (D)DOS (5) in (179 Visits)
- Despre CSRF, hi5.com, cum sa trisezi la concursuri s.a.m.d. in (174 Visits)
- Virusi in clipuri video [how to] in (166 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam (1) in (142 Visits)
- Ce nu se invata la scoala - Tipuri si tehnici spam/mail (2) in (139 Visits)
- Ca musca in... in (96 Visits)
- Internet vs. privacy (1) in (69 Visits)
- Simpatie.ro, matrimoniale3x.ro, apetisant.ro, deliciu.ro , etc Sql injection in (830 Visits)
- usa.kaspersky.com hacked ... full database acces , sql injection in (604 Visits)
- RedTube.com ... The Free Sex Video Community in (212 Visits)
- Yahoo! epic fail - permanent xss unleashed in (178 Visits)
- In atentia BitDefender.com, SQL Injection in (171 Visits)
- No comment - o2.co.uk (forum) in (159 Visits)
- Telegraph.co.uk hacked, sql injection in (156 Visits)
- eJobs.ro si peste 1.300.000 de conturi cu date personale in (145 Visits)
- Facebook hacked - sql injection in (144 Visits)
- F-Secure.com - SQL Injection + Cross Site Scripting in (140 Visits)
- Hacker Uses XSS and Google Street View Data to Determine Physical Location in (111 Visits)
- Wannabe Hackers [1] - Cum sa hack-uiesti RapidShare-ul in (108 Visits)
- Wannabe Hackers [2] - cum sa faci un virus by sppy_hacker in (77 Visits)
- Digital Photocopiers Loaded With Secrets in (74 Visits)
- [Video] The History Of Hacking in (52 Visits)
- Christopher "moot" Poole: The case for anonymity online in (49 Visits)
- OWASP Phishing demo in (40 Visits)
- Hope 2603 – Kevin Mitnick - Life a Computer Hacker – Revealed in (35 Visits)
- Owasp5005 Part1 - New zero-day browser exploits - ClickJacking in (35 Visits)
- Email Security - Why You Should Encrypt Your Email - Part One in (35 Visits)
- Se poate sparge parola de Yahoo? in (844 Visits)
- phpBB.ro hacked in (334 Visits)
- Forumul Andreei Balan spart in (324 Visits)
- Camera de supraveghere a universitatii Alexandru Ioan Cuza din Iasi in (175 Visits)
- Experiment social in (165 Visits)
- Experiment social II - andimoisescu.ro in (159 Visits)
- Site-ul Inspectoratului General al Politiei Romane (igpr.ro) a fost spart in (128 Visits)
- Cand dorinta de afirmare depaseste granitele bunului simt - PaxNwo un leecher ordinar in (126 Visits)
- Doua cu Netbridge si una cu Hi5 in (122 Visits)
- "Hot" de id-uri messenger in (116 Visits)
Archive for the ‘Tutorials’ Category
Posted on January 30th, 2009
Rapida prezentare pe care o voi face in acest articol nu se vrea a fi o metoda de educare a spammerilor ci o modalitate de a explica utilizatorului de rand care sunt etapele, scopul si mijloacele folosite de acesti oameni, pentru a sti ce il asteapta la doar un click distanta si procesul din care, fara voia lui, face parte. Articolul este scris la 5 dimineata asa ca imi cer scuze daca exprimarea mea e prea greoaie.
Trimiterea mesajelor nesolicitate in casutele de mail este una dintre cele mai ilegale metode de promovare dar in acelasi timp extrem de eficienta pentru marirea rapida a traficului.
Ei bine exista si in acest domeniu oameni profesionisti si cei care incearca marea cu degetul.
Un spammer profesionist isi cunoaste tinta, stie ce tip de trafic doreste, lucreaza cu unelte mai avansate de spam. Cel ocazional/incepator isi atinge scopul doar pentru scurt timp, nu targeteaza oamenii ce ar trebui contactati, totul se petrece haotic si se bazeaza pe noroc.
Voi explica acum care sunt diferentele dintre un spammer profi si unul ocazional si pasii pe care ii urmeaza inainte de a incepe distribuirea mesajelor.
Read the rest of this entry»
Posted on January 29th, 2009
Cu totii am primit mesaje de tip spam in mail, forumuri, bloguri sau pe profilele site-urilor de tip social network (hi5, myspace, neogen etc). Mesajele de tip spam sunt extrem de enervante, cele trimise in mail sunt ilegale (chiar si la noi). Pierdem timpul cu ele stergandu-le, apasand butonul “spam” aproape zilnic si intrebandu-ne de unde au luat spammerii adresa noastra de mail.
Hai sa lamurim in primul rand cam ce ar dori un spammer sa realizeze prin actiunile sale:
1. Marirea traficului pe un site sau pe o intreaga retea de site-uri.
2. Infectarea masiva cu programe de tip adware/malware/spyware.
3. Distribuirea de produse originale sau contrafacute (ex: pharmacy spam).
4. Phishing pentru aflarea datelor personale a diferitelor persoane.
- in aceasta categorie putem include si vizitarea unei pagini ce contine vulnerabilitati xss avand ca unic scop “furtul” sesiunii de logare (cookie stealer/grabber)
5. Hoax-uri/pacaleli menite sa induca oamenii in eroare.
6. Cresterea numarului de voturi la diferite concursuri in care castigarea premiilor depinde de voturile vizitatorilor.
Tipurile de spam:
1. Spam prin mesaje trimise la un numar ridicat de adrese mail.
2. Spam prin intermediul retelelor sociale (hi5, myspace etc).
3. Spam prin IM (msn messenger, YM! etc.), sau pe servere de chat (ex: IRC).
4. Spam prin intermediul comentariilor (forumuri, bloguri, guestbooks etc).
* acest tip de spam este de obicei automatizat prin folosirea unor boti sau scripturi
5. Spam prin mesaje telefonice.
6. SEO Spam – bombardarea motoarelor de cautare cu cuvinte cheie.
Posted on January 25th, 2009
Acest articol este publicat atat in romana cat si in engleza.
Yahoo redirects are and have been continuously used in spam tehniques, for phishing and black SEO. Even though Yahoo is struggling to solve this problem, they are easy to find. When I say ease i mean seconds not minutes or hours
The whole trick is to know how a patched link looks like.
Its not hard at all. All you need is:
Firefox
Link Gopher add-on
A search engine.
How does a link that can be used as for a redirect looks like?
http://us.ard.yahoo.com/SIG=15temu9ra/M=289534.6253107.7244481.6080815/D=classreal/
S=750052198:FOOT/Y=YAHOO/EXP=1232849833/L=BmyXB86.ODX4VzI3SXtvrR9kVmjCm0l7r4kACp1e/
B=NoaQBNj8a.0-/J=1232842633729605/K=pIWiCLQq81S96lmhwDqmiw–
/A=2650127/R=2/SIG=11lp7krrc/*http://docs.yahoo.com/info/copyright/copyright.html
How does a link that can NOT be used as for a redirect to a site outside *.yahoo.com look like?
http://rds.yahoo.com/_ylt=AkWscG8XXla3AoABf80g_WeHHwx.;_ylv=0/
SIG=11idii63e/EXP=1232929280/**http%3A//hk.knowledge.yahoo.com/
How can we tell which link can be used? Notice this part of the link (from the first example):
SIG=11lp7krrc/*http://docs.yahoo.com/info/copyright/copyright.html After /* there follows the unaltered link to a diffrent domain.
The second link is a bit diffrent.
1232929280/**http%3A//hk.knowledge.yahoo.com/
Don’t mind the number of “stars”. This is what tells us that this redirect is useless: http%3A//.
All links from redirect that start with http%3A// cannot be used for sites outside yahoo.com.
I can bet that there wont be more then a week from now (the moment of posting the article) and this bug will be fixed cause we noticed a sudden love from Yahoo staff who is kind enough to pay us visits almost every day 
Versiunea in limba romana: