Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

« 1 / 5 »

Ce parere aveti de viteza/ modul ...

Love Lies Bleeding - 2024

Cum sterg mails din Promotions

Vanzare cumparare fara transfer b...

Receptie ciudata, in functie de t...

Donez medicamente renale ptr pisica

Ce componenta e asta si ce ziceti...

Dupa 20 ani de facultate, am uita...

Mobile.de ofera imprumut de bani ...

problema test grila

Digi24 a disparut de pe TV Lg

Drept de proprietate intelectuala...

Jante noi shitbox

Trinitas TV 4K

Dacia 1316 cu 6 usi ...

Frecventa modificata radio

View New Content

Hacking?

Last Updated: Oct 13 2018 17:44, Started by veman , Jan 28 2015 13:13

Please log in to reply

24 replies to this topic

#19
Mihai_3

Posted 29 January 2015 - 10:29

我會回來的...

Grup: Senior Members
Posts: 10,041
Înscris: 26.04.2007

analizand logurile....tocmai ce am vazut ca cineva "bine intentionat" ma scana de logon la adresa
http://[siteul_meu]/admin/index.php?route=common/login

Dragut Posted Image

I-am pus catcha pe pagina ca sa il linistesc Posted Image

IP: 93.114.43.244

inetnum: 93.114.40.0 - 93.114.47.255
netname: VOXILITY-SRL
descr:   VOXILITY SRL
descr:   Dimitrie Pompei 9-9A Cladirea 24, etaj 2, sector 2
descr:   Bucuresti 2 020335
country: ro
admin-c: AT4216-RIPE
tech-c: SS7482-RIPE
status: ASSIGNED PA
remarks: Registered through http://www.ip.ro/ip.html
mnt-by: RO-MNT
mnt-lower:   RO-MNT
mnt-routes: VOXILITY-MNT
source: RIPE # Filtered

LaterEdit: Si pentru ca vad ca angajeaza hakeri pe bestjobs le-am mai dat ceva de treaba un BAN pe 93.114.40.0/21

Edited by Mihai_3, 29 January 2015 - 10:37.

#20
Mihai_3

Posted 29 January 2015 - 11:44

我會回來的...

Grup: Senior Members
Posts: 10,041
Înscris: 26.04.2007

Si pentru ca m-am suparat am redenumit folderul de ADMIN, schimbat token key-ul si pus si CAPTCHA pe pagina de login.
Sa ii vad eu acum cum "ghicesc" numele folderului Posted Image

Edited by Mihai_3, 29 January 2015 - 11:45.

#21
tigerheart

Posted 29 January 2015 - 13:24

Savage Member

Grup: Senior Members
Posts: 9,897
Înscris: 07.08.2008

veman, on 28 ianuarie 2015 - 18:21, said:

totusi, mi se pare aiurea sa incerci sa hack-uiesti un site de la care nu prea ai ce obtine...

Saptamana trecuta am devirusat un OC 1.5 si ceva... Magazinul nu cred ca are vreo 10 vizitatori pe zi, e ceva mai local... Hackerii nu urmaresc neaparat site-uri populare, ce prind cu brese de securitate sparg, fara nici o problema.
Pe langa faptul ca iti pot folosi site-ul la mai multe tampenii(cum zice si dexter), ei pot sa sparga apoi si serverul pe care ai tu cont de gazduire folosind informatii luate de pe site-ul tau.

Anul trecut pe vreo 5 site-uri am gasit niste fisiere malitioase prin care hackerii putea face cam ce vroiau muschii lor. Vezi exemplul de mai jos:

[ https://www.youtube-nocookie.com/embed/IjSpci2tYOQ?feature=oembed - Pentru incarcare in pagina (embed) Click aici ]

Mihai_3, on 29 ianuarie 2015 - 10:29, said:

IP: 93.114.43.244

inetnum: 93.114.40.0 - 93.114.47.255
netname: VOXILITY-SRL

Pe Voxility multe lucruri se intampla

).. spam, bot-uri, hack-uri...
Daca vrei toate ip-urile lor... have fun Posted Image

#22
SpargatorulDeVise

Posted 09 May 2015 - 00:27

Member

Grup: Members
Posts: 441
Înscris: 03.07.2009

dexterash, on 28 ianuarie 2015 - 19:36, said:

Daca este pe un VPS incearca fail2ban "customizat" pentru reguli de Apache, pe erori 403/404.

Asta asa, ca un minim-minimorum de siguranta.

Nu ar fi ok si un script de genu' ?
http://pastebin.com/tzEFDKhB

Spoiler


#!/bin/sh

# IP blacklisting script for Linux servers
# Pawel Krawczyk 2014-2015
# documentation https://github.com/kravietz/blacklist-scripts

# Emerging Threats lists offensive IPs such as botnet command servers
urls="http://rules.emergingthreats.net/fwrules/emerging-Block-IPs.txt"
# Blocklist.de collects reports from fail2ban probes, listing password brute-forces, scanners and other offenders
urls="$urls https://www.blocklist.de/downloads/export-ips_all.txt"
# badips.com_ssh, from score 0 up
urls="$urls http://www.badips.com/get/list/ssh/0"
# badips.com_http, from score 0 up
urls="$urls http://www.badips.com/get/list/http/0"
# badips.com_nginx-proxy, from score 0 up
urls="$urls https://www.badips.com/get/list/nginxproxy/0"
# badips.com_ftp, from score 0 up
urls="$urls http://www.badips.com/get/list/ftp/0"
# badips.com_squid-proxy, from score 0 up
urls="$urls https://www.badips.com/get/list/squid/0"
# badips.com_vnc, from score 0 up
urls="$urls https://www.badips.com/get/list/vnc/0"
# infiltrated.net
urls="$urls http://www.infiltrated.net/blacklisted"
# openbl.org
urls="$urls http://www.openbl.org/lists/base.txt"
# cinsscore.com
urls="$urls http://cinsscore.com/list/ci-badguys.txt"
# zeustracker.abuse.ch
urls="$urls https://zeustracker.abuse.ch/blocklist.php?download=badips"
# CustomList, hosted on dropbox , my sites or whatever...
urls="$urls http://examples.com/ipblocklist/ipblocklist.txt"


blocklist_chain_name=blocklists

if [ -z "$(which ipset 2>/dev/null)" ]; then
	echo "Cannot find ipset"
	echo "Run \"apt-get install ipset\" or \"yum install ipset\""
	exit 1
fi

if [ -z "$(which curl 2>/dev/null)" ]; then
	echo "Cannot find curl"
	echo "Run \"apt-get install curl\" or \"yum install curl\""
	exit 1
fi

if [ "$(which uci 2>/dev/null)" ]; then
	# we're on OpenWRT
	wan_iface=$(uci get network.wan.ifname)
	IN_OPT="-i $wan_iface"
	INPUT=input_rule
	FORWARD=forwarding_rule
	COMPRESS_OPT=""
else
	COMPRESS_OPT="--compressed"
	INPUT=INPUT
	FORWARD=FORWARD
fi
   

# create main blocklists chain
if ! iptables -L | grep -q "Chain ${blocklist_chain_name}"; then
	iptables -N ${blocklist_chain_name}
fi

# inject references to blocklist in the beginning of input and forward chains
if ! iptables -L ${INPUT} | grep -q ${blocklist_chain_name}; then
  iptables -I ${INPUT} 1 ${IN_OPT} -j ${blocklist_chain_name}
fi
if ! iptables -L ${FORWARD} | grep -q ${blocklist_chain_name}; then
  iptables -I ${FORWARD} 1 ${IN_OPT} -j ${blocklist_chain_name}
fi																

# flush the chain referencing blacklists, they will be restored in a second
iptables -F ${blocklist_chain_name}

# create the "manual" blacklist set
set_name="manual-blacklist"
if ! ipset list | grep -q "Name: ${set_name}"; then
	ipset create "${set_name}" hash:net
fi
iptables -A ${blocklist_chain_name} -m set --match-set "${set_name}" src,dst -m limit --limit 10/minute -j LOG --log-prefix "BLOCK ${set_name} "
iptables -A ${blocklist_chain_name} -m set --match-set "${set_name}" src,dst -j DROP
																	 
# now process the dynamic blacklists
for url in $urls; do
	# initialize temp files
	unsorted_blocklist=$(mktemp)
	sorted_blocklist=$(mktemp)
	new_set_file=$(mktemp)
	headers=$(mktemp)

	# download the blocklist
	set_name=$(echo "$url" | awk -F/ '{print substr($3,0,21);}') # set name is derived from source URL hostname
	curl -v -s ${COMPRESS_OPT} -k "$url" >"${unsorted_blocklist}" 2>"${headers}"

	# this is required for blocklist.de that sends compressed content if asked for it or not
	if [ -z "$COMPRESS_OPT" ]; then
		if grep -qi 'content-encoding: gzip' "${headers}"; then
			mv "${unsorted_blocklist}" "${unsorted_blocklist}.gz"
			gzip -d "${unsorted_blocklist}.gz"
		fi
	fi

	sort -u <"${unsorted_blocklist}" | egrep "^[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}$" >"${sorted_blocklist}"

	# calculate performance parameters for the new set
	tmp_set_name="tmp_${RANDOM}"
	new_list_size=$(wc -l "${sorted_blocklist}" | awk '{print $1;}' )
	hash_size=$(expr $new_list_size / 2)

	if ! ipset -q list ${set_name} >/dev/null ; then
		ipset create ${set_name} hash:net family inet
	fi

	# start writing new set file
	echo "create ${tmp_set_name} hash:net family inet hashsize ${hash_size} maxelem ${new_list_size}" >>"${new_set_file}"

	# convert list of IPs to ipset statements
	while read line; do
		echo "add ${tmp_set_name} ${line}" >>"${new_set_file}"
	done <"$sorted_blocklist"

	# replace old set with the new, temp one - this guarantees an atomic update
	echo "swap ${tmp_set_name} ${set_name}" >>"${new_set_file}"

	# clear old set (now under temp name)
	echo "destroy ${tmp_set_name}" >>"${new_set_file}"

	# actually execute the set update
	ipset -! -q restore < "${new_set_file}"

	iptables -A ${blocklist_chain_name} -m set --match-set "${set_name}" src,dst -m limit --limit 10/minute -j LOG --log-prefix "BLOCK ${set_name} "
	iptables -A ${blocklist_chain_name} -m set --match-set "${set_name}" src,dst -j DROP

	# clean up temp files
	rm "${unsorted_blocklist}" "${sorted_blocklist}" "${new_set_file}" "${headers}"
done

Daca atacatorii i-au incercat pe altii inaintea ta si sunt deja in blacklist-uri , nu mai au posibilitatea sa se conecteze la tine de pe IP-urile respective

#23
dexterash

Posted 09 May 2015 - 01:06

--something---

Grup: Senior Members
Posts: 22,912
Înscris: 19.08.2004

Te ajuta, dar trebuie customizat/verificat intervale(nu uita de IPuri dinamice, mai ales pe zona mobile) etc

#24
nume111

Posted 24 May 2015 - 02:36

New Member

Grup: Junior Members
Posts: 14
Înscris: 08.02.2015

Salut! Am si eu o intrebare. Exista vreo solutie sa pot sa vad un comment la o poza de pe facebook daca acesta a fost sters?

#25
TigerGirl

Posted 13 October 2018 - 17:44

Member

Grup: Members
Posts: 253
Înscris: 28.08.2012

In sugestiile de cuvinte tastate pe telefonul mobil am gasit asta 69i57.2633j0j7&client. Ar putea cineva sa imi spuna ce este si cu ce scop a fost introdus?

Anunturi

Chirurgia spinală minim invazivă

Chirurgia spinală minim invazivă oferă pacienților oportunitatea unui tratament eficient, permițându-le o recuperare ultra rapidă și nu în ultimul rând minimizând leziunile induse chirurgical.

Echipa noastră utilizează un spectru larg de tehnici minim invazive, din care enumerăm câteva: endoscopia cu variantele ei (transnazală, transtoracică, transmusculară, etc), microscopul operator, abordurile trans tubulare și nu în ultimul rând infiltrațiile la toate nivelurile coloanei vertebrale.

www.neurohope.ro

Back to Web Scripts Forum

▶ 0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

© 2001-2024 Softpedia. All rights reserved. Softpedia® and the Softpedia logo are registered trademarks of SoftNews Net SRL.
Ora implicita a Forumului Softpedia este ora standard a Romaniei (GMT+2). Mai multe informatii →
⚠ Postarile afisate pe Forumul Softpedia reprezinta o opinie subiectiva a membrilor care le-au publicat si nu a SoftNews Net SRL.

Hacking?

#19 Mihai_3 Posted 29 January 2015 - 10:29

#20 Mihai_3 Posted 29 January 2015 - 11:44

#21 tigerheart Posted 29 January 2015 - 13:24

#22 SpargatorulDeVise Posted 09 May 2015 - 00:27

#23 dexterash Posted 09 May 2015 - 01:06

#24 nume111 Posted 24 May 2015 - 02:36

#25 TigerGirl Posted 13 October 2018 - 17:44