SeedTheNet

Check out our TF2 Server CTF_2FORT 24/7 https://www.gametracker.com/server_info/116.202.33.28:27015/

Hello Most of us know now that Microsoft will try to force you to create an Online account for your Windows 11 even though sometimes you don't have internet access there is no way to continue the installation sometimes because of no-internet Once you finish installing press Shift+F10 , A cmd window will open , we need to type the following : CMD Command start ms-cxh:localonly Clicking enter will take you to prompt that will ask you to create a local account This works till Microsoft decides to remove it and stop it from working. Enjoy.

I think it's the hobbit homes from Lord of The Rings I wish I can live somewhere like this :)

After months , Microsoft reports that 24H2 is safe for everyone.

I have seen that , it's because Kaspersky was banned in the USA and Kaspersky moved it's clients to UltraAV without any notifications , but anyhow the Kaspersky company is no longer available in the United States

Instructions The Remote Desktop Services (RDS) role in Windows server requires appropriate client access licenses (CALs) to be installed in order to function properly. However, there is a 120-day licensing grace period which begins when the role is installed. During this grace period, RDS functions without any CALs having been installed. This is to allow an organization to configure and test its RDS environment to ensure that everything works as expected before purchasing and installing CALs. It is possible to reset this grace period, but resetting the grace period is not a substitute for purchasing and installing the required Remote Desktop CALs. The following steps should not be performed on a server that is in production. To reset the RDS licensing grace period, perform the following steps: On the RDS session host, launch Registry Editor (regedit) as an administrator. In regedit, browse to HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\RCM\GracePeriod. Within this registry key is a REG_BINARY entry whose name begins with the string L$RTMTIMEBOMB. (This is likely the only entry in this key.) The default permissions on this entry do not allow it to be modified or deleted, so these permissions must be changed Right-click the GracePeriod folder in the left pane of regedit and select Permissions. In the permissions window that appears, select Administrators, and assign this group Full Control permissions. Click OK to close the window. Right-click the L$RTMTIMEBOMB... registry entry and select Delete. Click Yes to confirm the deletion. Exit regedit. Reboot the session host server in order for the registry change to take effect. You may confirm that the procedure was successful by using the RD Licensing Diagnoser tool from the Tools menu of Server Manager. Clients should now be able to connect to this session host without the applicable CALs. Again, this procedure is not intended to be a substitute for purchasing and installing Remote Desktop CALs. It should only be performed in a non-production (that is, a test or lab) environment. Additional Information The following PowerShell command returns the number of days remaining in the grace period: (invoke-cimmethod -inputobject (get-ciminstance -namespace root/CIMV2/TerminalServices -classname Win32_TerminalServiceSetting) -methodname GetGracePeriodDays).DaysLeft

Yes bro unfortunately it's not anymore updated , I believe Whatsapp want to force everyone to use the Microsoft Store.

More info is found here about Remcos Loader Guloader - https://any.run/malware-trends/guloader And one more VBS file related to same Trojan https://www.virustotal.com/gui/file/eb1d835b72b54ec4d9553aefe22e30893df403ca128f826455972311e0493806/detection

I bet this is a GUI for the command DISM https://learn.microsoft.com/en-us/windows-hardware/manufacture/desktop/what-is-dism?view=windows-11 I will take a look at it , thanks for suggestion brother.

I will see why you cannot PM me , but no it is against the site rules to provide keys.

Before in the days of Windows XP , this used to be more helpful because before the CPUs were slow and not that much big disk space and by the time Windows will grow slow , those apps used to come in play But in those days , I don't find them useful , if you are on Windows 10+ , don't use those as a personal opinion , waste of time and Windows does that job for itself.

DrWeb has posted an article about Remcos https://news.drweb.com/show/?i=14728&lng=en

Sometimes after updating Ubuntu or some accident happen and you manage to get yourself disconnected or restarted the wrong service after the update Connecting back again would show you this error message : Normally restarting the server would allow us to connect again , but if a restart isn't possible we will have to SSH to the machine so we can get back to XRDP After logging into SSH , we have to run this command https://manpages.ubuntu.com/manpages/jammy/man1/loginctl.1.html loginctl — Control the systemd login manager sudo loginctl list-sessions You will receive output like this SESSION UID USER SEAT TTY 246 1000 TESTUSER pts/0 c2 1000 TESTUSER seat0 Your XRDP sessions would be most likely as c1 , c2 , c3 ,c4 etc... We will run after sudo loginctl terminate-session <your session ID> sudo loginctl terminate-session c2 After terminating the session it would be possible again to login in XRDP.

In this topic we will explain on how to remove Trojan/Remcos from your PC. Remcos is a RAT type malware that attackers use to perform actions on infected machines remotely. This malware is extremely actively caped up to date with updates coming out almost every single month. We will have to use an Antivirus to clean up the stuff for us , for example : ESET , Kaspersky , Fortinet or any other good vendor, but those are our recommended vendors. Before around a month(from this topic date) , Remcos weren't known to most AV vendors and the file can be seen here : A full analysis : https://any.run/report/b1afbce51ad052f936b989214964d56e2290a7fb5548763273c1fc4382cd5c1c/f26fd95b-3cc1-4578-abf1-17289380ebe5 ------------------------------ Regenererede.vbs - https://www.virustotal.com/gui/file/08739fea7bfdf3b641709a3d5b6e6d64be4ea75375dda9fe5cf7234e40cfbe12/detection TrueCrypt.exe - https://www.virustotal.com/gui/file/b1afbce51ad052f936b989214964d56e2290a7fb5548763273c1fc4382cd5c1c/detection And then the Trojan proceeds to drop multiple files including a legit and trusted but vulnerable executables Python.exe VLC.exe notepad++.exe Firefox.exe Yet the .dll with those files are the ones that are infected/hijacked , and those are the files that will be included with those vulnerable executables python39.dll - https://www.virustotal.com/gui/file/e9262441ef8e401acce28d13100c63e90e3de2ffb0ec6763611eebdc1aa60dbd/detection/f-e9262441ef8e401acce28d13100c63e90e3de2ffb0ec6763611eebdc1aa60dbd-1679390226 libvlccore.dll - https://www.virustotal.com/gui/file/e7754d8e4c33b35b85d85554488069fe731190201fa9e42d1b53f38c843025a3/detection/f-e7754d8e4c33b35b85d85554488069fe731190201fa9e42d1b53f38c843025a3-1679390159 ss3.dll - https://www.virustotal.com/gui/file/65327e1555994dacee595d5da9c9b98967d1ea91ccb20e8ae4195cd0372e05a0 And so on to prevent the Trojan from coming back again , we have to check the Task Scheduler in Windows There would be weird entries with very long commands for the fake executables that we explained about, upon entering the Task Scheduler incase you find any of these vulnerable executables are set to run everyday, make sure to remove the entries, and also as far as we know that in Windows 10, the Trojan is able to create a startup entry also, that can be taken out through Examples of Task Scheduler entries that we must remove <Command>C:\Users\xxxxxxx\AppData\Roaming\Adobe\python.exe</Command> <Arguments>--yoky=66585 --uapb --vgb --mgxfde</Arguments> <Command>C:\Users\xxxxxxx\AppData\Roaming\36c011cd\vlc.exe</Command> <Arguments>-cbriqvr</Arguments> Downloading Autoruns from Microsoft https://learn.microsoft.com/en-us/sysinternals/downloads/autoruns , and then using Autoruns to see what runs on Logon, a weird entry should be there for one of the fake executables or something to run Powershell , we also need to remove it Yet there are few images that are downloaded from imgur.com which they contain the load as Steganography which is the code is hidden inside a photo so it can avoid detections, and then it will be decrypted through somekind of application inside the computer probably the vulnerable ones that are provided with the trojan. Photo source : BleepingComputer Fruit.png - https://www.virustotal.com/gui/file/cadd19935b6d2bd7208402c760923bbaa2807633d0306c3cb15337227179399e?nocache=1 Fruit.png - https://www.virustotal.com/gui/file/4bb7fcab55b4f55f74d98c20205148a69f33dc39f3f99d9c11d1b22a4476562f?nocache=1 ms.png -https://www.virustotal.com/gui/file/b2b8b97427bacead4a3de569d4901c13fb60131d7d9c5ba10fa885e13a9cc1f7?nocache=1 Those are marked as CLEAN in VT because they are encrypted, but Fortinet also checked them and detects them , but in VT still shows clean. <Regenererede.vbs> with MD5: e627f016283c17b4badc6f5b47f677d3 - <VBS/Agent.77d3!tr> <SciLexer.dll> with MD5: 688c0480ed192ed336911d7ed3730561 - <W32/Rugmi.0561!tr> <Fruit.png> with MD5: c2a09a3c72717c71a6ac22c9f342a0d2 - <Data/Agent.STGP!tr> <ms.png> with MD5: 7b2f3421621a080c2043e6c90821c618 - <Data/Agent.STGP!tr> <Fruit.png> with MD5: fd5cb5160053fcd028ad81016357dff5 - <Data/Agent.STGP!tr> <Pine.png> with MD5: 7f5546e1202e06e17c3eabe86107a504 - <Data/Agent.STGP!tr> <Fruit.png> with MD5: 0086f1ed58e6516027bdc7d8a6c2c9ad - <Data/Agent.STGP!tr> Any of those files if they are available somewhere in your AppData Roaming folder , then you should remove them manually if an AntiVirus doesn't pick them up. If more assistance is needed about this Trojan , please reply to this topic.

Whatsapp has moved installer to Microsoft Store only If you cannot use Microsoft Store in your environment , you can use this direct download link from Whatsapp website https://web.whatsapp.com/desktop/windows/release/x64/WhatsAppSetup.exe - Link doesn't work anymore. Currently this version shows [OUTDATED] and a black Whatsapp icon.

https://www.fortiguard.com/psirt/FG-IR-22-401 Summary A relative path traversal vulnerability [CWE-23] in FortiOS and FortiProxy may allow privileged VDOM administrators to escalate their privileges to super admin of the box via crafted CLI requests. Affected Products FortiOS version 7.2.0 through 7.2.3 FortiOS version 7.0.0 through 7.0.8 FortiOS version 6.4.0 through 6.4.11 FortiOS version 6.2.0 through 6.2.12 FortiProxy version 7.2.0 through 7.2.1 FortiProxy version 7.0.0 through 7.0.7 FortiProxy version 2.0.0 through 2.0.11 FortiProxy 1.2 all versions FortiProxy 1.1 all versions Note: Impact on FortiProxy 7.0.x, 2.0.x, 1.2.x, 1.1.x is minor as it does not have VDOMs Solutions Please upgrade to FortiProxy version 7.2.2 or above Please upgrade to FortiProxy version 7.0.8 or above Please upgrade to FortiProxy version 2.0.12 or above Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.9 or above Please upgrade to FortiOS version 6.4.12 or above Please upgrade to FortiOS version 6.2.13 or above Acknowledgement Internally discovered and reported by Théo Leleu of Fortinet Product Security team.

https://www.fortiguard.com/psirt/FG-IR-23-001 Summary A buffer underwrite ('buffer underflow') vulnerability in FortiOS & FortiProxy administrative interface may allow a remote unauthenticated attacker to execute arbitrary code on the device and/or perform a DoS on the GUI, via specifically crafted requests. Exploitation status: Fortinet is not aware of any instance where this vulnerability was exploited in the wild. We continuously review and test the security of our products, and this vulnerability was internally discovered within that frame. Affected Products FortiOS version 7.2.0 through 7.2.3 FortiOS version 7.0.0 through 7.0.9 FortiOS version 6.4.0 through 6.4.11 FortiOS version 6.2.0 through 6.2.12 FortiOS 6.0 all versions FortiProxy version 7.2.0 through 7.2.2 FortiProxy version 7.0.0 through 7.0.8 FortiProxy version 2.0.0 through 2.0.12 FortiProxy 1.2 all versions FortiProxy 1.1 all versions Even when running a vulnerable FortiOS version, the hardware devices listed below are *only* impacted by the DoS part of the issue, *not* by the arbitrary code execution (non-listed devices are vulnerable to both): FortiGateRugged-100C FortiGate-100D FortiGate-200C FortiGate-200D FortiGate-300C FortiGate-3600A FortiGate-5001FA2 FortiGate-5002FB2 FortiGate-60D FortiGate-620B FortiGate-621B FortiGate-60D-POE FortiWiFi-60D FortiWiFi-60D-POE FortiGate-300C-Gen2 FortiGate-300C-DC-Gen2 FortiGate-300C-LENC-Gen2 FortiWiFi-60D-3G4G-VZW FortiGate-60DH FortiWiFi-60DH FortiGateRugged-60D FortiGate-VM01-Hyper-V FortiGate-VM01-KVM FortiWiFi-60D-I FortiGate-60D-Gen2 FortiWiFi-60D-J FortiGate-60D-3G4G-VZW FortiWifi-60D-Gen2 FortiWifi-60D-Gen2-J FortiWiFi-60D-T FortiGateRugged-90D FortiWifi-60D-Gen2-U FortiGate-50E FortiWiFi-50E FortiGate-51E FortiWiFi-51E FortiWiFi-50E-2R FortiGate-52E FortiGate-40F FortiWiFi-40F FortiGate-40F-3G4G FortiWiFi-40F-3G4G FortiGate-40F-3G4G-NA FortiGate-40F-3G4G-EA FortiGate-40F-3G4G-JP FortiWiFi-40F-3G4G-NA FortiWiFi-40F-3G4G-EA FortiWiFi-40F-3G4G-JP FortiGate-40F-Gen2 FortiWiFi-40F-Gen2 Solutions Please upgrade to FortiOS version 7.4.0 or above Please upgrade to FortiOS version 7.2.4 or above Please upgrade to FortiOS version 7.0.10 or above Please upgrade to FortiOS version 6.4.12 or above Please upgrade to FortiOS version 6.2.13 or above Please upgrade to FortiProxy version 7.2.3 or above Please upgrade to FortiProxy version 7.0.9 or above Please upgrade to FortiOS-6K7K version 7.0.10 or above Please upgrade to FortiOS-6K7K version 6.4.12 or above Please upgrade to FortiOS-6K7K version 6.2.13 or above Workaround for FortiOS: Disable HTTP/HTTPS administrative interface OR Limit IP addresses that can reach the administrative interface: config firewall address edit "my_allowed_addresses" set subnet <MY IP> <MY SUBNET> end Then create an Address Group: config firewall addrgrp edit "MGMT_IPs" set member "my_allowed_addresses" end Create the Local in Policy to restrict access only to the predefined group on management interface (here: port1): config firewall local-in-policy edit 1 set intf port1 set srcaddr "MGMT_IPs" set dstaddr "all" set action accept set service HTTPS HTTP set schedule "always" set status enable next edit 2 set intf "any" set srcaddr "all" set dstaddr "all" set action deny set service HTTPS HTTP set schedule "always" set status enable end If using non default ports, create appropriate service object for GUI administrative access: config firewall service custom edit GUI_HTTPS set tcp-portrange <admin-sport> next edit GUI_HTTP set tcp-portrange <admin-port> end Use these objects instead of "HTTPS HTTP "in the local-in policy 1 and 2 below. When using an HA reserved management interface, the local in policy needs to be configured slightly differently - please see: https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-a-local-in-policy-on-a-HA/ta-p/222005 Please contact customer support for assistance. Acknowledgement Internally discovered and reported by Kai Ni from Burnaby InfoSec team.

https://community.companyofheroes.com/coh-franchise-home/company-of-heroes-3/blogs/34-multiplayer-tech-test Access can be gained through CoH3 Steam Store page. Schedule Registration January 4th – January 13th Playtest registration can be found on the CoH3 Steam store page here. Multiplayer Tech Test Wednesday, Jan 11th @ 10am PT to Monday, Jan 16th @ 10am PT Planned Downtime January 12th from 1pm PT to 3pm PT Dependent on player numbers Backup Downtime January 13th – 10am PT to 12pm PT We will only use this downtime if we did not conduct maintenance on January 12th Dependent on player numbers Once the planned downtime is complete, we will be providing access to the Annihilation victory condition. Review : The game has been dumbed down a lot since Company of Heroes 1 Comparing to gameplay of CoH1 , This game look like a Console edition or even a Mobile edition Textures of the units are so big and colored like it is a Fortnite of Heroes game , The tank shells and mortar shells , are so slow that you can even watch them travel. Zoom level is so bad that you can't even focus on more than what you are looking at , a tank and an infantry unit and you will feel overwhelmed because you are almost sitting with the tank crewan Coming from Blitzkrieg Mod from Company of Heroes 1 , this game feels so much downgraded , even more downgraded than what Company of Heroes 2 had. In the positive side , the animation and soldiers and some of the sounds are good, but still need improvement , like for MG42 , it should rip anyone infront of it and also it have a unique sound , but in game it feels like it's a paintball MG42 Tanks repeadetly hitting soldiers with tank shells , mortar falling multiple times on soldiers units , but nothing happens to them only after the 5th or 6th round

You can find your own stats from the game here : https://quake-stats.bethesda.net

https://wiki.rpcs3.net/index.php?title=Fat_Princess Download link - Updated Link: https://www.mediafire.com/file/6smy7rfxnr6e2uv/Fat+Princess+PSN+[NPEA-00111].zip/file RPCS3 Emulator : https://rpcs3.net/download Sadly this version of Fat Princess cannot be found anywhere and Sony removed it from the Store For the memories we put it back.

Status_Breakpoint Fix If you recently try to browse to WhatsApp Web for example and you would receive this error in your Google Chrome In this version : You have to change the TimeZone in Windows from International Date Line West -12:00 to your actual TimeZone. Then this error should disappear. Google should fix this in Chrome 107.

I actually hate ZOOM and hate ZOOM Meetings

Most common ways are Phishing with fake login websites , with people that won't really notice that it's not the original page Or people who would run malware that would silently steal their stuff from their PC while they are unaware.

Yes, Google and big companies will always put a prize for people who will report vulnerabilities so they would earn money from it , rather than selling it in darknet or some other places.

Does anybody still play this game? , It's completely playable on RPCS3 with multiplayer support up to 4 people.