Apr 16 26

Integendeel!
Mooie video over privacy en beveiligde instant messaging

written by d45id \\ tags: , , , , ,

Apr 16 26

Avec ce petit script que vous pouvez voir quel type de fichiers serait chiffré en cas d’infection par le LOCKY virus.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
@echo off
setlocal enabledelayedexpansion
echo 
set total=0
cls
for %%i in (a b c d e f g h i j k l m n o p q r s t u v w x y z) do (
  set DRIVE=%%i:\
  if exist !DRIVE! (
    call :lookup !DRIVE!
  )
)
echo Nombre de fichiers potentiellement affectés : %total%
pause
goto :eof
 
:lookup
set drive=%1
set subtotal=0
echo Examiner %drive%
for /r %drive% %%i in (*.mid *.wma *.flv *.mkv *.mov *.avi *.asf *.mpeg *.vob *.mpg *.wmv *.fla *.swf *.wav *.qcow2 *.vdi *.vmdk *.vmx *.gpg *.aes *.ARC *.PAQ *.tar*.bz2 *.tbk *.bak *.tar *.tgz *.rar *.zip *.djv *.djvu *.svg *.bmp *.png *.gif *.raw *.cgm *.jpeg *.jpg *.tif *.tiff *.NEF *.psd *.cmd *.bat *.class *.jar *.java *.asp *.brd *.sch *.dch *.dip *.vbs *.asm *.pas *.cpp *.php *.ldf *.mdf *.ibd *.MYI *.MYD *.frm *.odb *.dbf *.mdb *.sql *.SQLITEDB *.SQLITE3 *.asc *.lay6 *.lay *.ms11 *.sldm *.sldx *.ppsm *.ppsx *.ppam *.docb *.mml *.sxm *.otg *.odg *.uop *.potx *.potm *.pptx *.pptm *.std *.sxd *.pot *.pps *.sti *.sxi *.otp *.odp *.wks *.xltx *.xltm *.xlsx *.xlsm *.xlsb *.slk *.xlw *.xlt *.xlm *.xlc *.dif *.stc *.sxc *.ots *.ods *.hwp *.dotm *.dotx *.docm *.docx *.DOT *.max *.xml *.txt *.CSV *.uot *.RTF *.pdf *.XLS *.PPT *.stw *.sxw *.ott *.odt *.DOC *.pem *.csr *.crt *.key wallet*.dat) do (
  echo %%i
  set /a subtotal=subtotal + 1
  set /a total=total + 1
)
echo fichiers trouvés: %subtotal%
pause
goto :eof

written by d45id \\ tags: , , , , ,

Feb 16 18

tuxOh no! google engineers discovered a stack-based buffer overflow vulnerability in the getaddrinfo() library function in the DNS resolver, shipped with glibc versions since 2.9, which may allow a remote attacker to execute arbitrary code.

written by d45id \\ tags: , , , , , ,

Feb 16 11

Engineers from exodus intelligence demonstrated an awesome undocumented feature in Cisco Adaptive Security Appliance (ASA), remote code execution via UDP. This feature is implemented in the Cisco IKE feature set. The algorithm for re-assembling IKE payloads fragmented with the Cisco fragmentation protocol contains a bounds-checking flaw that allows a heap buffer to be overflowed with attacker-controlled data.

Find out more:

written by d45id \\ tags: , , , , , , ,

Jan 16 14

sourcecodeToday OpenSSH project reported an bug in the client component of OpenSSH versions 5.4 up to 7.1.
The announced issue could allow an OpenSSH client to leak client memory to the connected SSH server including (private) key information. The vulnerability was discovered in the roaming feature of OpenSSH client which is default active.

This vulnerabilities affects the OpenSSH client on most operating systems like Linux, FreeBSD and Mac OSX. Continue reading »

written by d45id \\ tags: , , ,

Jan 16 09

gated-communitiesLecture recordings from the 32nd Chaos Communication Congress (32C3) release by the Chaos Computer Club Video Operation Center are now available and can be find at media.ccc.de

 

written by d45id \\ tags: , , , ,

Sep 15 28

written by d45id \\ tags: , , ,

Sep 15 25

After a successfull exploit on ESET’s antivirus scanner NOD32 and Kaspersky’s engine now googles security expert taviso has found a new critical bug in avast! antivirus scanner with which a system call could be done.
AvastUI-load-calc

 

Now everybody wonders who will be the next, Trend Micro, Intel (formerly known as McAfee) or somebody else ?

written by d45id \\ tags: , , , , , , ,