Veneno no céu? - Aviões do governo estão pulverizando química misteriosa sobre nós?

Primeiro foram os "Buracos no Céu", e agora chegou a vez daquelas trilhas de fumaça que os aviões deixam ao passar, que se parecem com longos riscos brancos, e que às vezes demoram um bom tempo até sumirem de vez. Se você não tinha percebido nada disso, saiba que os entusiastas de teorias de conspiração perceberam... e na internet se espalham inúmeros posts com explicações bem alarmantes sobre o que seriam esses rastros de fumaça. Até mesmo o Discovery channel produziu um documentário abordando a questão.

A explicação básica para a formação dessas trilhas de fumaça é a condensação de vapores, que são emitidos pelas turbinas do avião, mas tem muita gente desconfiando que seja algo mais. Muitos alegam que trilhas de vapor não durariam tanto tempo nos céus, e que produtos químicos seriam responsáveis pela duração maior dessas marcas de fumaça.

As novas teorias de conspiração até adaptaram um termo pra essas marcas de fumaça, que estão sendo chamadas de "Chemtrails" (trilhas químicas). A palavra é uma adaptação de "Contrail" (trilhas de condensação), que é o termo real.


De onde tiraram essa ideia?

Tudo começou na metade da década de 90, quando a Força Aérea dos Estados Unidos especulava sobre a manipulação do clima no futuro, e como isso poderia ser utilizado como uma nova arma em combates militares. Hoje sabemos que já existem tecnologias e produtos químicos que são despejados na atmosfera pra fazer chover, e até a cidade de São Paulo já usou essa tecnologia diante de sua recente crise hídrica.

Os supostos planos "secretos" dos governos

Os teóricos de conspiração de plantão desconfiam que a tecnologia de pulverização atmosférica possa ser usada com outros propósitos mais nefastos, como por exemplo o controle mental dos cidadãos. Outras teorias que se espalham pela internet afirmam que a indústria farmacêutica também faria parte do complô, usando aviões pra disseminar doenças e depois vendendo remédios para curá-las. São muitos relatos afirmando que, após avistarem essas trilhas de fumaça sobre suas cidades, muitas pessoas ficaram doentes, com conjuntivite, problemas respiratórios ou resfriados, por exemplo.


As "provas" da conspiração

São várias fotos dos supostos aviões modificados, com equipamentos que seriam usados para pulverizar produtos químicos de todo tipo. Esses aviões parecem mesmo bem estranhos, e as imagens se espalharam pela internet fazendo muita gente acreditar que existe algo bizarro nessa história toda...


A explicação das fabricantes de aviões

Fabricantes de aeronaves afirmam que esses equipamentos são um sistema de simulação de passageiros. Dentro dos tanques haveria apenas água, que é bombeada de um tambor para o outro e simulam a movimentação de passageiros dentro do avião e suas implicações no centro de gravidade da aeronave. Ou seja, seriam apenas inocentes equipamentos de testes que servem para garantir a segurança das pessoas.



A explicação científica oficial para os rastros de fumaça

Governos e cientistas continuam afirmando que a explicação não mudou, e os riscos brancos no céu são apenas vapores das turbinas dos aviões. Segundo eles, dependendo das condições atmosféricas, esse rastro de fumaça pode ficar nos céus por um bom tempo. Ou seja, só porque o rastro demora muito pra sumir não significa que ele seja algum tipo de produto químico estranho ou prejudicial.

Source: Curto e Curioso

By OffensiveSec

Read More

Download - Php shell

Obs. the links are hosted in the internet, recommended to use virtual machine.

Php shell

PHP Shell exploits are developed in PHP that exploit the server can run shell - comands , upload files. 

So the attacker can connect to the server and gain access to the system root User and also do a " mass" deface.

TXT SHELL DOWNLOAD	LINUX & WINDOWS	RAR/ZIP DOWNLOAD
c99.txt	< Linux / Windows >	c99.rar
angel.txt	< Linux / Windows >	angel.rar
r57.txt	< Linux / Windows >	r57.rar
c100.txt	< Linux / Windows >	c100.rar
webroot.txt	< Linux / Windows >	webroot.rar
kacak.txt	< Linux / Windows >	kacak.rar
symlink.txt	< Linux / Windows >	symlink.rar
h4cker.tr.txt	< Linux / Windows >	h4cker.tr.rar
bv7binary.txt	< Linux / Windows >	bv7binary.rar
webadmin.txt	< Linux / Windows >	webadmin.rar
gazashell.txt	< Linux / Windows >	gazashell.rar
locus7shell.txt	< Linux / Windows >	locus7shell.rar
syrianshellv8.txt	< Linux / Windows >	syrianshellv8.rar
injectionv3.txt	< Linux / Windows >	injectionv3.rar
b374k.txt	< Linux / Windows >	b374k.rar
aspxspy.txt	< Linux / Windows >	aspxspy.rar
cyberwarrior.txt	< Linux / Windows >	cyberwarrior.rar
ernebypass.txt	< Linux / Windows >	ernebypass.rar
g6shell.txt	< Linux / Windows >	g6shell.rar
pouyaserver.txt	< Linux / Windows >	pouyaserver.rar
saudishell.txt	< Linux / Windows >	saudishell.rar
simattacker.txt	< Linux / Windows >	simattacker.rar
sosyeteshell.txt	< Linux / Windows >	sosyeteshell.rar
tryagshell.txt	< Linux / Windows >	tryagshell.rar
uploadshell_hima.txt	< Linux / Windows >	uploadshell_hima.rar
wsoshell.txt	< Linux / Windows >	wsoshell.rar
zehir4shell.txt	< Linux / Windows >	zehir4shell.rar
lostdcshell.txt	< Linux / Windows >	lostdcshell.rar
commandshell.txt	< Linux / Windows >	commandshell.rar

Source: r57shellphp.com

By OffensiveSec

Read More

Download - ExploitPack

Exploit Pack is a full IDE for exploit development and penetration testing with base workspace and an extensible module system. It is written mostly in JAVA but its modules use Python as an engine and it can be used to develop packages or tools which then can be run inside of GUI. Released under the GPLv3, Exploit Pack is free and open source tool running on Windows, GNU/Linux, FreeBSD and MacOSX.

A number of commercial and open source tools with similar functionality are already available ( e.g. Core Impact, Metasploit, Immunity Canvas ) and some of those will require an expensive license for more advanced options. You should stick to the one that suits you best. That said, Exploit Pack tries to address some of the common problems associated with penetration testing by using a GPLv3 and a friendly user interface.

You don’t have to be an Exploit writer to take advantage of Exploit Pack’s built-in features (such as user and module management, pentests logging and script development). An Exploit developed using Exploit Pack can be deployed as standalone script, but it will also run seamlessly inside of Exploit Pack.



Installation notes:

For Linux:

Under any Linux distribution that supports DEB packages like Ubuntu, Debian, Kali, etc. you can run the following commands to install Java 8 from an official repository 


Copy and paste the following in a terminal window:

$ echo "deb http://ppa.launchpad.net/webupd8team/java/ubuntu trusty main" >> /etc/apt/sources.list

$ echo "deb-src http://ppa.launchpad.net/webupd8team/java/ubuntu precise main" >> /etc/apt/sources.list

$ sudo apt-key adv --keyserver keyserver.ubuntu.com --recv-keys EEA14886

$ sudo apt-get update

$ sudo apt-get install oracle-java8-installer


For Windows:

Download and install Java 8 from Oracle:

Windows Java SE Java 8 for 32 bits or Java 8 for 64 bits 

After you have installed Java 8 in your machine, double click ExplotPack.jar or from a console run this command: "java -jar ExploitPack.jar"

For OSX:

Download and install Java 8 for OSX 32/64 bits from Oracle: OSX Java 8 32/64 bits

After you have Java 8 installed in your Mac, double click ExploitPack.jar to run it or from a console: "java -jar ExploitPack.jar"

Download ExploitPack

Read More

BSQLinjector - Blind SQL Injection Exploitation Tool

BSQLinjector uses blind method to retrieve data from SQL databases. I recommend using "--test" switch to clearly see how configured payload looks like before sending it to an application.

Options: 

--file Mandatory - File containing valid HTTP request and SQL injection point (SQLINJECT). (--file=/tmp/req.txt)

--pattern Mandatory - Pattern to look for when query is true. (--pattern=truestatement) 

--prepend Mandatory - Main payload. (--prepend="abcd'and'a'='b'+union+select+'truestatement'+from+table+where+col%3d'value'+and+substr(password,"

--append How to end our payload. For example comment out rest of SQL statement. (--append='#

--2ndfile File containing valid HTTP request used in second order exploitation. (--2ndfile=/tmp/2ndreq.txt)

--mode Blind mode to use - (between - b (generates less requests), moreless - a (generates less requests by using "<", ">", "=" characters), like - l (complete bruteforce), equals - e (complete bruteforce)). (--mode=l)

 --hex Use hex to compare instead of characters.

 --case Case sensitivity.

--ssl Use SSL.

--proxy Proxy to use. (--proxy=127.0.0.1:8080)

--test Enable test mode. Do not send request, just show full payload.

 --comma Encode comma. 

--bracket Add brackets to the end of substring function. --bracket="))" 

--schar Character placed around chars. This character is not used while in hex mode. (--schar="'")

--special Include all special characters in enumeration.

--start Start enumeration from specified character. (--start=10)

--max Maximum characters to enumerate. (--max=10)

--timeout Timeout in waiting for responses. (--timeout=20) 

--verbose Show verbose messages.

Example usage: 

ruby ./BSQLinjector.rb --pattern=truestatement --file=/tmp/req.txt --prepend="abcd'and'a'='b'+union+select+'truestatement'+from+table+where+col%3d'value'+and+substr(password," --append="'#" --ssl

Download Bsqlinjector

Read More

Distro - Weakerth4n

Weakerth4n is a penetration testing distribution which is built from Debian Squeeze.For the desktop environment it uses Fluxbox.This operating system is ideal for WiFi hacking as it contains plenty of Wireless tools. It has a very well maintained website and a devoted community. Built from Debian Squeeze (Fluxbox within a desktop environment) this operating system is particularly suited for WiFi hacking as it contains plenty of Wireless cracking and hacking tools.

Tools includes: Wifi attacks, SQL Hacking, Cisco Exploitation, Password Cracking, Web Hacking, Bluetooth, VoIP Hacking, Social Engineering, Information Gathering, Fuzzing Android Hacking, Networking and creating Shells.

Download Weakerth4n

Read More

Distro - Knoppix STD

Knoppix STD (Security Tools Distribution) is a Live CD Linux distribution based on Knoppix that focused on computer security tools. It included GPL licensed tools in the following categories: authentication, password cracking, encryption, forensics, firewalls, honeypots, intrusion detection system, network utilities, penetration, packet sniffers, assemblers, vulnerability assessment and wireless networking. Knoppix STD version 0.1 was published January 24, 2004, on Knoppix 3.2. Thereafter, the project stagnated, lacking updated drivers and packages. A release date for version 0.2 has not yet been announced. A list of tools is available on the official website.

Download Knoppix STD

Read More

Distro - Blackbuntu

Blackbuntu is distribution for penetration testing which was specially designed for security training students and practitioners of information security. Blackbuntu is penetration testing distribution with GNOME Desktop Environment. It's currently being built using the Ubuntu 10.10 and work on reference Back|Track.

Download Blackbuntu

Read More

Distro - GnackTrack

GnackTrack is an open and free project to merge penetration testing tools and the linux Gnome desktop. GnackTrack is a Live (and installable) Linux distribution designed for Penetration Testing and is based on Ubuntu.

Backtrack is not only a single player in the field of ethical hacking, so you can try some other distribution as well, if you are Gnome lover than must try this, however backtrack 5 is also available on Gnome platform. Just like backtrack, Gnacktrack comes with multiple tools that are really helpful to do a effective penetration testing, it has Metasploit, armitage, wa3f and others wonderful tools.

Download  GnackTrack

Read More

Distro - Pentoo for pentesters

Pentoo is a Live CD and Live USB designed for penetration testing and security assessment. Based on Gentoo Linux, Pentoo is provided both as 32 and 64 bit installable live cd. Pentoo is also available as an overlay for an existing Gentoo installation. It features packet injection patched wifi drivers, GPGPU cracking software, and lots of tools for penetration testing and security assessment. The Pentoo kernel includes grsecurity and PAX hardening and extra patches - with binaries compiled from a hardened toolchain with the latest nightly versions of some tools available.

Download Pentoo

Read More