flat assembler
Message board for the users of flat assembler.

Index > Heap > must know backdoor exploits

Goto page Previous  1, 2, 3, 4, 5  Next
Author
Thread Post new topic Reply to topic
HaHaAnonymous



Joined: 02 Dec 2012
Posts: 1180
Location: Unknown
HaHaAnonymous
[ Post removed by author. ]


Last edited by HaHaAnonymous on 28 Feb 2015, 18:30; edited 1 time in total
Post 16 Jan 2014, 03:16
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
HaHaAnonymous wrote:
But the contents of that file was so wonderful that it's hard to believe you would lie.
Why? Is it a proof that P=NP? Or perhaps god's phone number? Source code for fasm2?
Post 16 Jan 2014, 03:20
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
revolution wrote:
fasm2?


Do we know the release time?
Post 16 Jan 2014, 11:49
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
typedef wrote:
revolution wrote:
fasm2?


Do we know the release time?
Sure we do. It will be released when it is ready.
Post 16 Jan 2014, 12:01
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
revolution
ready is not time. It is rather a state.

Therefore fasm2.state != READY

However I was asking for time. But thank you.
Post 16 Jan 2014, 13:34
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
fasm2.release_time = timeAt(fasm2.state == READY)
Post 16 Jan 2014, 13:37
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
It should be



Code:
state = (fasm2.work_done / fasm2.goal) * 1;
fasm2.release_time = state ? time.now() : 0;
    
Post 16 Jan 2014, 13:52
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
typedef wrote:
It should be
Code:
state = (fasm2.work_done / fasm2.goal) * 1;
fasm2.release_time = state ? time.now() : 0;
    
Perhaps I am misunderstanding your code but I think that gives a release time of 1-Jan-1970. And without any looping structure that date seems to be fixed and unchanging.

BTW: Well done on attempting to answer your own question.
Post 16 Jan 2014, 14:07
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
revolution wrote:
typedef wrote:
It should be
Code:
state = (fasm2.work_done / fasm2.goal) * 1;
fasm2.release_time = state ? time.now() : 0;
    
Perhaps I am misunderstanding your code but I think that gives a release time of 1-Jan-1970. And without any looping structure that date seems to be fixed and unchanging.

BTW: Well done on attempting to answer your own question.


No. This would be called upon request. I was only fixing your code anyway.

How is time always going to be 1-Jan-1970? time.now() is current time stamp. Unless you keep traveling back in time in a loop like you suggest, I don't see Jan-1-1970 anywhere.

fasm2.release_time will always be 0 (undefined) until state = 1 when work_done = goal.

consider this

Code:
struct fasm2 f2;
typedef.exe --> revolution.dll.fasm2_released() --> tomasz.dll.get_fasm2_info(&f2);

; in revolution.dll
return f2.release_time;
   
; in typedef.exe
if (release_time != 0)
     MessageBox,0,"fasm2 released on " + release_time, 0);
     update_fasm();
else
    MessageBox,0,"Nope", 0);
    


I don't see a need for a loop. unless you are a loop yourself hehehehehe
Post 16 Jan 2014, 14:43
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
typedef wrote:
How is time always going to be 1-Jan-1970?
Hmm. Well let's see shall we ...
typedef wrote:
fasm2.release_time will always be 0 ...
Aha. There is the answer. What time is equivalent to 0?
Post 16 Jan 2014, 14:47
View user's profile Send private message Visit poster's website Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
revolution wrote:
typedef wrote:
How is time always going to be 1-Jan-1970?
Hmm. Well let's see shall we ...
typedef wrote:
fasm2.release_time will always be 0 ...
Aha. There is the answer. What time is equivalent to 0?


time is already translated in time.now().

time.now() returns the actual human readable time stamp. If 0, then it is undefined.
Post 16 Jan 2014, 14:51
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
typedef wrote:
time.now() returns the actual human readable time stamp. If 0, then it is undefined.
Why create a discontinuity in the time? Just return the carry flag as false if the time is unknown. Out of band signalling is always preferable IMO. Oh yeah, that's right, it is C (or some other HLL), it doesn't have useful stuff like a carry flag. Razz

But even so, I still prefer my much simpler timeAt function. Your code keeps returning 1-Jan-1970 until sometime in the future and then gradually increments as time passes. As least my timeAt function returns one single time that is never changing and is always correct.

Note that coding the timeAt function is left as an exercise for the reader.

Also note that the margin here is too small for me to put the entire timeAt function.
Post 16 Jan 2014, 15:51
View user's profile Send private message Visit poster's website Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
btw, if you guys got fasm 2 screenshot or ... maybe new features lists,?
should get slashdotted, it is humanity job to guide them back into original path =0
=P
Post 16 Jan 2014, 17:10
View user's profile Send private message Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
revolution

time.now() is never Jan-1-1970, not ever unless your CMOS battery got messed up, even then, the function would return the day your computer was born (The hard wired date in your CMOS).

I don't see where you are getting your epoch time conclusion nonsense from.

If current time is 00:00 Jan-20-2014 and FASM2 is done at this time, then that will be the time returned, i.e "00:00 Jan-20-2014".

If FASM2 is not done, 0 (NULL) will be returned and the caller will no the release time is not available.

I don't know how else to explain this but face palm my ass because this is not worth face palming my face for.
Post 16 Jan 2014, 19:15
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
https://github.com/TalAter/chrome-is-listening

"Last year Google rolled out a new feature for the desktop version of Chrome that enabled support for voice recognition directly into the browser. In September, a developer named Tal Ater found a bug that would allow a malicious site to record through your microphone even after you'd told it to stop. Quoting: 'When you grant an HTTPS site permission to use your mic, Chrome will remember your choice, and allow the site to start listening in the future, without asking for permission again.

if it works on mic, it should works on camera too,

this allow website to access my cam & mic with a click is obvious spying built in capability.

btw, please block mic & cam inside contorl panel adobe flash player if you are using windows verzion.
Post 23 Jan 2014, 06:23
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
your angry bird could kill you,
filezilla ftp,

Quote:
"On the same day the world discovered Western intelligence agencies were siphoning user information from Angry Birds and other popular smartphone apps, a leading antivirus developer revealed hackers are doing the same thing with one of the most popular open-source applications on the Internet. Maliciously modified versions of the popular FTP application FileZilla look and act just like the real thing, but include extra code that steals the login data typed in by users and sends it to an unauthorized server using the same FTP operation launched by the user without going through a firewall that might spot what it's doing, according to an alert posted this afternoon by antivirus developer Avast Software.
Post 28 Jan 2014, 15:55
View user's profile Send private message Reply with quote
revolution
When all else fails, read the source


Joined: 24 Aug 2004
Posts: 17279
Location: In your JS exploiting you and your system
revolution
For those still running an AV: Never trust your AV to protect you. Ever. Delete it now and stop fooling yourself into a false sense of security.
Post 28 Jan 2014, 16:02
View user's profile Send private message Visit poster's website Reply with quote
AsmGuru62



Joined: 28 Jan 2004
Posts: 1409
Location: Toronto, Canada
AsmGuru62
The free AV is bad.
Paid ones are OK.
Post 28 Jan 2014, 16:12
View user's profile Send private message Send e-mail Reply with quote
typedef



Joined: 25 Jul 2010
Posts: 2913
Location: 0x77760000
typedef
AsmGuru62 wrote:
The free AV is bad.
Paid ones are OK.


Proof please.
Post 28 Jan 2014, 16:16
View user's profile Send private message Reply with quote
sleepsleep



Joined: 05 Oct 2006
Posts: 8903
Location: ˛                             ⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣⁣Posts: 334455
sleepsleep
i prefer minimalistic approach, less thing running at the background equal to better security,
less program got permission to read certain directory equal to better security,

i would say OS is bigger virus, we need a clean OS, now.
welcome 64bit realmode DOS, with open source hardware drivers implementation,
Post 28 Jan 2014, 16:19
View user's profile Send private message Reply with quote
Display posts from previous:
Post new topic Reply to topic

Jump to:  
Goto page Previous  1, 2, 3, 4, 5  Next

< Last Thread | Next Thread >
Forum Rules:
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You can attach files in this forum
You can download files in this forum


Copyright © 1999-2020, Tomasz Grysztar. Also on YouTube, Twitter.

Website powered by rwasa.