Outsourcing: June 2020

Tuesday, June 30, 2020

FRANCIA 5: Gargantas Del Verdon II

20 de septiembre de 2017

Dedicamos todo el día a hacer un par de actividades en plena naturaleza por dentro de las Gargantas del Verdon. Empezamos haciendo una corta travesía de dos horas en kayak por su tramo inicial. Y a primera hora de la tarde hicimos un tramo de la larga excursión de Blanc Martel, que discurre por el mismo fondo de las gargantas.

Después de haber recorrido el día anterior las carreteras panorámicas de las Gargantas del Verdon para contemplar sus espectaculares paisajes, en esta jornada tocaba disfrutar de alguna de las muchas actividades de turismo activo que se puede hacer por la zona. Como el día anterior habíamos visto las gargantas desde miradores lejanos, nuestra intención era recorrer las gargantas por dentro de dos formas: haciendo kayak y senderismo. Por la mañana decidimos hacer el kayaking. Hay decenas de empresas que ofrecen alquiler de embarcaciones por todo el recorrido del río Verdon, y en nuestra zona estaban emplazadas en las orilla del lago Sainte-Croix. Lo mas interesante es escoger alguna de las pocas empresas emplazadas en la cabecera del lago, ya que permiten navegar no solo por el lago sino por un tramo de las gargantas, una experiencia totalmente única.

Nosotros escogimos Verdon Canoe, en la que el alquiler de 2 horas de un kayak para dos personas cuesta 25 €. Una cosa que nos gustó era que el kayak disponía de un bidón estanco para dejar los móviles a salvo y poderlos sacar para hacer alguna foto. Empezamos nuestra travesía con el kayak sobre las 10:30 h, hacía poco que habían abierto y apenas había gente en el agua. Remamos hacia la entrada de las Gargantas del Verdon y de sus altos acantilados. Una vez dentro de las gargantas la sensación era indescriptible; por mas que las habíamos visto el día anterior desde infinidad de miradores, estar navegando por el río rodeados completamente por los acantilados nos pareció impresionante. Además, la primera parte de la navegación la hicimos prácticamente solos, y con el silencio ese tipo de paisajes se disfruta mas. El río no llevaba apenas corriente, cosa que hacía muy fácil remar y avanzar. Nosotros lo hacíamos tranquilamente, para disfrutar plenamente de aquella maravilla.

Entrada de las gargantas

Navegando por el río

Disfrutando de nuestro kayaking

En unos tres cuartos de hora llegamos al final del tramo navegable de esa zona del río Verdon, marcado con una boya. Dimos la vuelta e iniciamos el regreso. Eran pasadas las 11 y las aguas del río se empezaban a llenar de embarcaciones. En la navegación de vuelta disfrutamos de nuevos paisajes que nos habían pasado inadvertidos al hacer la ida. Una vez que salimos de las gargantas, como nos sobraba tiempo estuvimos navegando un rato por el lago Sainte-Croix. Como sus orillas son llanas, navegar por allí no es ni mucho menos tan espectacular como hacerlo por dentro de las gargantas. Tras completar las 2 h regresamos a devolver el kayak. La experiencia nos encantó, seguramente una de las mejores de todo aquel viaje, así que la recomendamos al 100%.

Estrechos acantilados de las gargantas

Navegando entre acantilados

Remando un poco por el lago

Después del kayak tocaba el senderismo. La región de las Gargantas del Verdon está llena de posibilidades de excursionismo (se puede ver una lista aquí). Nosotros en un principio íbamos con la idea de hacer el Sentier du Pécheur, una popular excursión circular de unas 2-3 h que recorre un buen tramo del fondo de las gargantas. Pero la propietaria de nuestra casa de huéspedes nos avisó por la mañana que el sendero estaba cerrado, ya que éste atraviesa propiedades privadas y sus propietarios estaban cansados de ver tanta gente por sus tierras (a 2020 el sendero continua cerrado). Como alternativa nos dijo que podíamos hacer el Sentier Blanc Martel, también muy popular pero también mas largo y duro (7 h y 900 m de desnivel en total), aunque solo fuera un tramo. Es un sendero que va desde el Chalet de la Maline (en la Route des Crêtes, donde se deja el coche) hasta el parking del Tunnel du Baou. En temporada alta hay un servicio de navettes que te lleva desde allí al punto inicial. En aquella época no vimos rastro de aquel servicio y la falta de tiempo nos terminó de convencer de hacer solo un tramo del sendero, el que va del Tunnel du Baou hasta la Brèche Imbert, que son 7 km de los 12 del total de la excursión, evitando el tramo de mayor desnivel.

Así que volvimos a recorrer la carretera de la Route des Gorgues que habíamos hecho el día anterior. Cuando llegamos al parking del Tunnel du Baou estaba hasta arriba de coches, pero milagrosamente logramos encontrar un hueco para dejar el nuestro. Antes de empezar a caminar compartimos un kebab que habíamos comprado al pasar por La Palud-sur-Verdon. Eran sobre las 14 h cuando empezamos a caminar por el Blanc Martel. Desde allí el río atraviesa un estrecho congosto, por lo que el sendero discurre por varios túneles mas o menos largos, en los que conviene llevar una linterna. Al salir de ellos empezamos a disfrutar de los espectaculares paisajes de las gargantas, ya que el sendero discurre muy cerca del río. Estar en el fondo de las gargantas te hacía sentir muy pequeño. Además, esta parte de las gargantas es especialmente abrupta, con escarpados acantilados a lado y lado, mucho mas impresionante que la parte donde navegamos por la mañana.

Estrecho congosto al principio del sendero

Escarpados acantilados

Vistas cerca del Tunnel du Baou

Un poco mas adelante el sendero asciende de altitud y se interna en un bonito bosque de caducifolios. De vez en cuando, el bosque nos dejaba ver las maravillosas vistas que nos ofrecen las gargantas. Luego vimos que el río vuelve a llegar a otro estrecho congosto; para superarlo, esta vez el sendero serpentea hacia arriba por las faldas rocosas de la montaña, con unos tramos con algo de complicación. En esta parte vimos que había un cartel que decía que a partir de allí es de sentido único, y nosotros íbamos en contra dirección. Supusimos que esta restricción debía aplicarse en temporada alta, en la que debía haber muchos mas excursionistas (aquel día no nos cruzamos con muchos), así que continuamos. En muy poco espacio se superan unos 100 m de desnivel, para volver a bajar un poco después, llegando a un escarpado saliente esculpido por un meando del río Verdon. Este nuevo obstáculo se supera ascendiendo por unas inclinadas escaleras de hierro hasta la Brèche Imbert. Arriba hay un buen mirador, pero las vistas no son muy amplias: justo enfrente se encuentran el Balcon de la Mescla, uno de los miradores donde paramos el día anterior.

Fantásticas vistas a lo largo del Blanc Martel

Atravesando el bosque de caducifolios

Escaleras de suben a la Brèche Imbert

Vistas desde la Brèche Imbert

Habíamos tardado unas 2,5 h en llegar a la Brèche Imbert. Para que no nos pillara la noche, decidimos que no continuaríamos mas allá e iniciamos el regreso. Tardamos unas 2 h en volver nuevamente al parking del Tunnel du Baou, cuando ya empezaba a atardecer. La excursión nos encantó, poder caminar por dentro de las gargantas era una experiencia que nos hacía mucha ilusión hacer y cumplió con creces nuestras expectativas. El tramo de la excursión que hicimos no nos resultó extenuante ni complicado. Aunque hay que tener en cuenta que no hicimos el tramo con mas desnivel, el que va desde el Chalet de la Maline al fondo de las gargantas (300 m desde inicio si partes desde allí). Así que si no se quieren hacer las 7 h del Blanc Martel completo, nuestra variante es una opción recomendable.

El sendero Blanc Martel, una de las actividades más recomendables de las gargantas del Verdon

Volvimos al alojamiento a darnos una merecida ducha y a descansar un poco. Había sido un día muy productivo, con dos actividades geniales. Para cenar volvimos a Moustiers-Ste.-Marie, y comprobamos que todavía había menos restaurantes abiertos que el día anterior. Al final acabamos en Le Cantine, un pequeño restaurante familiar. Pedimos cerdo especiado y andouillette, una especie de salchicha hecha a base de tripas (intestino y estómago) de cerdo o ternera. El cerdo estaba bien, pero la salchicha de tripas no nos convenció demasiado. De postre pedimos una tabla de quesos muy buena, y los propietarios nos obsequiaron con un chupito de génépy, un licor hecho a base de artemisias. Junto con un par de copas de vino, la cena nos salió por 49,50 €.

Nuestra cena

< Anterior día	Siguiente día >
Francia 4: Gargantas del Verdon I	Francia 6: Villefranche sur Mer & Niza

Puedes leer el resto de entradas de este viaje aquí

9 Best Hacking Websites to Learn Ethical Hacking From Basic 2018

KitPloit: Leading source of Security Tools, Hacking Tools, CyberSecurity and Network Security.
Hacked Gadgets: A resource for DIY project documentation as well as general gadget and technology news.
HackRead: HackRead is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance, and Hacking News with full-scale reviews on Social Media Platforms.
Packet Storm: Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers.
The Hacker News: The Hacker News — most trusted and widely-acknowledged online cyber security news magazine with in-depth technical coverage for cybersecurity.
Hakin9: E-magazine offering in-depth looks at both attack and defense techniques and concentrates on difficult technical issues.
Phrack Magazine: Digital hacking magazine.
Exploit DB: An archive of exploits and vulnerable software by Offensive Security. The site collects exploits from submissions and mailing lists and concentrates them in a single database.
Metasploit: Find security issues, verify vulnerability mitigations & manage security assessments with Metasploit. Get the worlds best penetration testing software now.

re: Social traffic

hi
17179107078185237248noreply

here it is, social website traffic:
http://www.mgdots.co/detail.php?id=113

Full details attached

Regards
Gaye Gorley

Unsubscribe option is available on the footer of our website

Tuesday, June 23, 2020

re: re: Boost SEO with quality EDU backlinks

hi there
Yes, of course, here it is:

1000 Edu blog backlinks to improve your backlinks base and increase SEO
metrics and ranks
http://www.str8-creative.io/product/edu-backlinks/

Improve domain authority with more .edu blog backlinks

Apply 25% coupon and get your discount before the Offer ends
COUPON: 25XDISC

Contact us:
http://www.str8-creative.io/contact/

Unsubscribe from this newsletter
http://www.str8-creative.io/unsubscribe/

001 (516) 926-1772, 18 Richmond St, Albany, New York

2018-11-13, tr, 10:37 djsoutsourcing.sindia12345
<djsoutsourcing.sindia12345@blogger.com> ra�e:
Hi there, Coul^d you send me that Coupon again? for the edu links T!hanks
again,& will wait your reply.

Monday, June 22, 2020

re: How to remove a site from top 10 for important keywords

Negative SEO with Satisfaction Guaranteed
http://www.blackhat.to

Thursday, June 18, 2020

re: Additional Details

hi there

After checking your website SEO metrics and ranks, we determined
that you can get a real boost in ranks and visibility by using
aour 49 usd / Economy Plan:
https://www.hilkom-digital.com/product/economy-seo-plan/

thank you
Mike

Wednesday, June 17, 2020

re: I`m interested in your offer of Social Signals

hi
djsoutsourcing.sindia12345

Glad to hear that, here are the details below

More information here:
http://www.realsocialsignals.co/buy-social-signals/

For the best ranking results, buy Monthly basis Social signals, provided
daily, month after month:
http://www.realsocialsignals.co/custom-social-signals/

Regards
Milo

http://www.realsocialsignals.co/unsubscribe/

2018-11-9, tr, 19:37 djsoutsourcing.sindia12345
<djsoutsourcing.sindia12345@blogger.com> ra�e:
Hi there, Please send me the Social signals offer that we talked about over
the phone. I`m interested and I want to boost my SEO metrics with this new
SEO method. T&hanks again, will wait your reply.

Thursday, June 11, 2020

Linux Command Line Hackery Series: Part 2

Welcome back to Linux Command Line Hackery, yes this is Part 2 and today we are going to learn some new skills. Let's rock

Let us first recap what we did in Part 1, if you are not sure what the following commands do then you should read Part 1.

mkdir myfiles # make a directory (folder) with myfiles as name
cd myfiles # navigate to myfiles folder
touch file1 file2 file3 # create three empty files file1, file2, file3
ls -l # view contents of current directory
echo This is file1 > file1 # write a line of text to file1
cat file1 # display contents of file1
echo This is another line in file1 >> file1 # append another line of text to file1
cat file1 # display the modified content of file1

Command: cp
Syntax: cp source1 [source2 ...] destination
Function: cp stands for copy. cp is used to copy a file from source to destination. Some important flags are mentioned below
Flags: -r copy directories recursively
-f if an existing destination file cannot be opened, remove it and try again

Let us make a copy of file1 using the new cp command:

cp file1 file1.bak

what this command is going to do is simply copy file1 to another file named file1.bak. You can name the destination file anything you want.
Say, you have to copy file1 to a different folder maybe to home directory how can we do that? well we can do that like this:

cp file /home/user/

I've used the absolute path here you can use whatever you like.

[Trick: ~ has a special meaning, it stands for logged in user's directory. You could have written previous command simply as
cp file1 ~/
and it would have done the same thing.]

Now you want to create a new directory in myfiles directory with the name backup and store all files of myfiles directory in the backup directory. Let's try it:

mkdir backup
cp file1 file2 file3 backup/

this command will copy file1 file2 file3 to backup directory.
We can copy multiple files using cp by specifying the directory to which files must be copied at the end.
We can also copy whole directory and all files and sub-directories in a directory using cp. In order to make a backup copy of myfiles directory and all of it's contents we will type:

cd .. # navigate to previous directory
cp -r myfiles myfiles.bak # recursively copy all contents of myfiles directory to myfiles.bak directory

This command will copy myfiles directory to myfiles.bak directory including all files and sub-directories

Command: mv
Syntax:   mv source1 [source2 ...] destination
Function: mv stands for move. It is used for moving files from one place to another (cut/paste in GUI) and also for renaming the files.

If we want to rename our file1 to  file1.old in our myfiles folder we'll do the follow:

cd myfiles # navigate first to myfiles folder
mv file1 file1.old

this command will rename the file1 to file1.old (it really has got so old now). Now say we want to create a new file1 file in our myfiles folder and move the file1.old file to our backup folder:

mv file1.old backup/ # move (cut/paste) the file1.old file to backup directory
touch file1 # create a new file called file1
echo New file1 here > file1 # echo some content into file1

Command: rmdir
Syntax: rmdir directory_name
Function: rmdir stands for remove directory. It is used for removing empty directories.

Let's create an empty directory in our myfiles directory called 'garbage' and then remove it using rmdir:

mkdir garbage
rmdir  garbage

Good practice keep it doing. (*_*)
But wait a second, I said empty directory! does it mean I cannot delete a directory which has contents in it (files and sub-directories) with rmdir? Yes!, you cannot do that with rmdir.
So how am I gonna do that, well keep reading...

Command: rm
Syntax: rm FILE...
Function:   rm stands for remove. It is used to remove files and directories. Some of it's important flags are enlisted below.
Flags: -r remove directories and their contents recursively
-f ignore nonexistent files and arguments, never prompt

Now let's say we want to delete the file file1.old in backup folder. Here is how we will do that:

rm backup/file1.old # using relative path here

Boom! the file is gone. Keep in mind one thing when using rm "IT IS DESTRUCTIVE!". No I'm not yelling at you, I'm just warning you that when you use rm to delete a file it doesn't go to Trash (or Recycle Bin). Rather it is deleted and you cannot get it back (unless you use some special tools quickly). So don't try this at home. I'm just kidding but yes try it cautiously otherwise you are going to loose something important.

Did You said that we can delete directory as well with rm? Yes!, I did. You can delete a directory and all of it's contents with rm by just typing:

rm -r directory_name

Maybe we want to delete backup directory from our myfiles directory, just do this:

rm -r backup

And it is gone now.
Remember what I said about rm, use it with cautious and use rm -r more cautiously (believe me it costs a lot). -r flag will remove not just the files in directory it will also remove any sub-directories in that directory and there respective contents as well.

That is it for this article. I've said that I'll make each article short so that It can be learned quickly and remembered for longer time. I don't wanna bore you.

USE OF CRYPTOGRAPHY IN HACKING

WHAT IS CRYPTOGRAPHY?

The Cryptography is derived from the Greek words "Kryptos". This is the study of secure communication techniques that allow only the sender and recipient of a message to view it's contents of transforming information into nonhuman readable form or vice versa is called cryptography.

As we know that information plays a vital role in running of any business and organizations etc, sensitive details in the wrong hands can leads to loss of business.

Cryptography is the science of ciphering and deciphering messages.To secure communication organizations use cryptology to cipher information .

Or

Cryptography is a method of protecting information and communication through the use of codes so that only those whom the information is intended can read and process it.

In Computer Science, Cryptography refers to secure information and communication techniques derived from mathematical concepts , a set of rule based calculations called algorithm to transform message in ways the hard to readable for human.

This is one of the secure way of communications for a hacker with the help of virtual private network(VPN) like Tor Browser which is also very helpful to change the IP Address(Location of the sender ) for illegal purpose to perform crime in cyberspace . I will discuss in brief about the VPN .

How to Encrypt and Decrypt the text in Cryptography?

Open this website with the help of internert surfing for encryption-"http://wwwmd5online.org"

Open the link for Decrypt the code text-"http://www.md5online.org/md5-decrypt.html"

Type whatever you want for encryption and it will crypt in the code form, copy that code and forward to the intended person whom you want for secure communication and then he/she will Decrypt in the real form.

Related posts

Testing SAML Endpoints For XML Signature Wrapping Vulnerabilities

A lot can go wrong when validating SAML messages. When auditing SAML endpoints, it's important to look out for vulnerabilities in the signature validation logic. XML Signature Wrapping (XSW) against SAML is an attack where manipulated SAML message is submitted in an attempt to make the endpoint validate the signed parts of the message -- which were correctly validated -- while processing a different attacker-generated part of the message as a way to extract the authentication statements. Because the attacker can arbitrarily forge SAML assertions which are accepted as valid by the vulnerable endpoint, the impact can be severe. [1,2,3]

Testing for XSW vulnerabilities in SAML endpoints can be a tedious process, as the auditor needs to not only know the details of the various XSW techniques, but also must handle a multitude of repetitive copy-and-paste tasks and apply the appropriate encoding onto each message. The latest revision of the XSW-Attacker module in our BurpSuite extension EsPReSSo helps to make this testing process easier, and even comes with a semi-automated mode. Read on to learn more about the new release!

SAML XSW-Attacker

After a signed SAML message has been intercepted using the Burp Proxy and shown in EsPReSSO, you can open the XSW-Attacker by navigating to the SAML tab and then the Attacker tab. Select Signature Wrapping from the drop down menu, as shown in the screenshot below:

To simplify its use, the XSW-Attacker performs the attack in a two step process of initialization and execution, as reflected by its two tabs Init Attack and Execute Attack. The interface of the XSW-Attacker is depicted below.

XSW-Attacker overview

The Init Attack tab displays the current SAML message. To execute a signature wrapping attack, a payload needs to be configured in a way that values of the originally signed message are replaced with values of the attacker's choice. To do this, enter the value of a text-node you wish to replace in the Current value text-field. Insert the replacement value in the text-field labeled New value and click the Add button. Multiple values can be provided; however, all of which must be child nodes of the signed element. Valid substitution pairs and the corresponding XPath selectors are displayed in the Modifications Table. To delete an entry from the table, select the entry and press `Del`, or use the right-click menu.

Next, click the Generate vectors button - this will prepare the payloads accordingly and brings the Execute Attack tab to the front of the screen.

At the top of the Execute Attack tab, select one of the pre-generated payloads. The structure of the selected vector is explained in a shorthand syntax in the text area below the selector.
The text-area labeled Attack vector is editable and can be used to manually fine-tune the chosen payload if necessary. The button Pretty print opens up a syntax-highlighted overview of the current vector.
To submit the manipulated SAML response, use Burp's Forward button (or Go, while in the Repeater).

Automating XSW-Attacker with Burp Intruder

Burp's Intruder tool allows the sending of automated requests with varying payloads to a test target and analyzes the responses. EsPReSSO now includes a Payload Generator called XSW Payloads to facilitate when testing the XML processing endpoints for XSW vulnerabilities. The following paragraphs explain how to use the automated XSW attacker with a SAML response.

First, open an intercepted request in Burp's Intruder (e.g., by pressing `Ctrl+i`). For the attack type, select Sniper. Open the Intruder's Positions tab, clear all payload positions but the value of the XML message (the `SAMLResponse` parameter, in our example). Note: the XSW-Attacker can only handle XML messages that contain exactly one XML Signature.
Next, switch to the Payloads tab and for the Payload Type, select Extension-generated. From the newly added Select generator drop-down menu, choose XSW Payloads, as depicted in the screenshot below.

While still in the Payloads tab, disable the URL-encoding checkbox in the Payload Encoding section, since Burp Intruder deals with the encoding automatically and should suffice for most cases.
Click the Start Attack button and a new window will pop up. This window is shown below and is similar to the XSW Attacker's Init Attack tab.

Configure the payload as explained in the section above. In addition, a schema analyzer can be selected and checkboxes at the bottom of the window allow the tester to choose a specific encoding. However, for most cases the detected presets should be correct.

Click the Start Attack button and the Intruder will start sending each of the pre-generated vectors to the configured endpoint. Note that this may result in a huge number of outgoing requests. To make it easier to recognize the successful Signature Wrapping attacks, it is recommended to use the Intruder's Grep-Match functionality. As an example, consider adding the replacement values from the Modifications Table as a Grep-Match rule in the Intruder's Options tab. By doing so, a successful attack vector will be marked with a checkmark in the results table, if the response includes any of the configure grep rules.

Credits

EsPReSSO's XSW Attacker is based on the WS-Attacker [4] library by Christian Mainka and the original adoption for EsPReSSO has been implemented by Tim Günther.
Our students Nurullah Erinola, Nils Engelberts and David Herring did a great job improving the execution of XSW and implementing a much better UI.

---

[1] On Breaking SAML - Be Whoever You Want to Be
[2] Your Software at My Service
[3] Security Analysis of XAdES Validation in the CEF Digital Signature Services (DSS)
[4] WS-Attacker

Outsourcing