Exetools  

Go Back   Exetools > General > General Discussion

Notices

Reply
 
Thread Tools Display Modes
  #16  
Old 08-10-2024, 21:39
TOM_RUS TOM_RUS is offline
Friend
 
Join Date: Sep 2023
Posts: 25
Rept. Given: 0
Rept. Rcvd 21 Times in 8 Posts
Thanks Given: 0
Thanks Rcvd at 161 Times in 21 Posts
TOM_RUS Reputation: 21
More versions found:
Code:
https://out5.hex-rays.com/beta90_6ba923/idademo_90_x64win.exe
https://out5.hex-rays.com/beta90_6ba923/idademo_90_x64linux.run
https://out5.hex-rays.com/beta90_6ba923/idademo_90_armmac.app.zip
https://out5.hex-rays.com/beta90_6ba923/idademo_90_x64mac.app.zip

https://out5.hex-rays.com/beta90_6ba923/idaedu_90_x64win.exe
https://out5.hex-rays.com/beta90_6ba923/idaedu_90_x64linux.run
https://out5.hex-rays.com/beta90_6ba923/idaedu_90_armmac.app.zip
https://out5.hex-rays.com/beta90_6ba923/idaedu_90_x64mac.app.zip

https://out5.hex-rays.com/beta90_6ba923/idafree_90_x64win.exe
https://out5.hex-rays.com/beta90_6ba923/idafree_90_x64linux.run
https://out5.hex-rays.com/beta90_6ba923/idafree_90_armmac.app.zip
https://out5.hex-rays.com/beta90_6ba923/idafree_90_x64mac.app.zip

https://out5.hex-rays.com/beta90_6ba923/idaarm_90_x64win.exe
https://out5.hex-rays.com/beta90_6ba923/idaarm_90_x64linux.run
https://out5.hex-rays.com/beta90_6ba923/idaarm_90_armmac.app.zip
https://out5.hex-rays.com/beta90_6ba923/idaarm_90_x64mac.app.zip

https://out5.hex-rays.com/beta90_6ba923/idam68k_90_x64win.exe
https://out5.hex-rays.com/beta90_6ba923/idam68k_90_x64linux.run
https://out5.hex-rays.com/beta90_6ba923/idam68k_90_armmac.app.zip
https://out5.hex-rays.com/beta90_6ba923/idam68k_90_x64mac.app.zip

https://out5.hex-rays.com/beta90_6ba923/idamips_90_x64win.exe
https://out5.hex-rays.com/beta90_6ba923/idamips_90_x64linux.run
https://out5.hex-rays.com/beta90_6ba923/idamips_90_armmac.app.zip
https://out5.hex-rays.com/beta90_6ba923/idamips_90_x64mac.app.zip

https://out5.hex-rays.com/beta90_6ba923/idapc_90_x64win.exe
https://out5.hex-rays.com/beta90_6ba923/idapc_90_x64linux.run
https://out5.hex-rays.com/beta90_6ba923/idapc_90_armmac.app.zip
https://out5.hex-rays.com/beta90_6ba923/idapc_90_x64mac.app.zip

https://out5.hex-rays.com/beta90_6ba923/idappc_90_x64win.exe
https://out5.hex-rays.com/beta90_6ba923/idappc_90_x64linux.run
https://out5.hex-rays.com/beta90_6ba923/idappc_90_armmac.app.zip
https://out5.hex-rays.com/beta90_6ba923/idappc_90_x64mac.app.zip

https://out5.hex-rays.com/beta90_6ba923/idapro_90_x64win.exe
https://out5.hex-rays.com/beta90_6ba923/idapro_90_x64linux.run
https://out5.hex-rays.com/beta90_6ba923/idapro_90_armmac.app.zip
https://out5.hex-rays.com/beta90_6ba923/idapro_90_x64mac.app.zip
Reply With Quote
The Following 11 Users Say Thank You to TOM_RUS For This Useful Post:
alekine322 (08-12-2024), besoeso (08-11-2024), binarylaw (08-22-2024), blue_devil (08-11-2024), darkBLACK (09-15-2024), garry (08-11-2024), ionioni (08-10-2024), tonyweb (08-16-2024), uranus64 (08-11-2024), wx69wx2023 (08-11-2024), zeuscane (08-11-2024)
  #17  
Old 08-11-2024, 04:45
TOM_RUS TOM_RUS is offline
Friend
 
Join Date: Sep 2023
Posts: 25
Rept. Given: 0
Rept. Rcvd 21 Times in 8 Posts
Thanks Given: 0
Thanks Rcvd at 161 Times in 21 Posts
TOM_RUS Reputation: 21
hexvault+hv+hvui cracked
Code:
https://gofile.io/d/E1oCvH
hexvault server requires Linux to run, you can run it in WSL on Windows, in Linux VM or on dedicated Linux server.

Last edited by TOM_RUS; 08-11-2024 at 18:59.
Reply With Quote
The Following 3 Users Gave Reputation+1 to TOM_RUS For This Useful Post:
blue_devil (08-11-2024), Shub-Nigurrath (08-28-2024), TQN (08-11-2024)
The Following 7 Users Say Thank You to TOM_RUS For This Useful Post:
besoeso (08-11-2024), blue_devil (08-11-2024), garry (08-11-2024), mmx (08-26-2024), niculaita (08-11-2024), wx69wx2023 (08-12-2024), zeuscane (08-11-2024)
  #18  
Old 08-12-2024, 18:32
N0P's Avatar
N0P N0P is offline
Friend
 
Join Date: Aug 2003
Location: [CPU]
Posts: 96
Rept. Given: 19
Rept. Rcvd 13 Times in 12 Posts
Thanks Given: 12
Thanks Rcvd at 48 Times in 22 Posts
N0P Reputation: 13
source:
[
Code:
https://x.com/gmhzxy/status/1822871063795315135
translation:

This is a common .DS_Store path leak flaw @HexRaysSA

1. Subdomain enumeration to get the second-level domain name http://out5.hex-rays.com
2. Download http://out5.hex-rays.com/.DS_Store file
3. Decrypt .DS_Store and get the relative path beta90_6ba923
Reply With Quote
The Following User Gave Reputation+1 to N0P For This Useful Post:
MarcElBichon (08-12-2024)
The Following 3 Users Say Thank You to N0P For This Useful Post:
blue_devil (08-12-2024), uranus64 (08-12-2024), wx69wx2023 (08-12-2024)
  #19  
Old 08-12-2024, 18:43
blue_devil's Avatar
blue_devil blue_devil is offline
Family
 
Join Date: Dec 2011
Location: Observable Universe
Posts: 371
Rept. Given: 84
Rept. Rcvd 53 Times in 26 Posts
Thanks Given: 384
Thanks Rcvd at 550 Times in 183 Posts
blue_devil Reputation: 53
You can still download the infamous .DS_Strore file
But you cannot download files :/
Reply With Quote
  #20  
Old 08-12-2024, 18:56
blue_devil's Avatar
blue_devil blue_devil is offline
Family
 
Join Date: Dec 2011
Location: Observable Universe
Posts: 371
Rept. Given: 84
Rept. Rcvd 53 Times in 26 Posts
Thanks Given: 384
Thanks Rcvd at 550 Times in 183 Posts
blue_devil Reputation: 53
After dowloading the .DS_Store file from this url:
Code:
http://out5.hex-rays.com/.DS_Store
You can extract the path by using the python script below:
Code:
'''SCT'''
import ds_store

def extract_paths(ds_store_path):
    paths = []
    with ds_store.DSStore.open(ds_store_path, 'r') as ds:
        for record in ds:
            paths.append(record.filename)
    return paths

# Usage
ds_store_path = './Untitled.DS_Store'
extracted_paths = extract_paths(ds_store_path)
for path in extracted_paths:
    print(path)
You need 2 python packages to install in you environment
Code:
mac-alias
ds-store

Last edited by blue_devil; 08-12-2024 at 18:57. Reason: typo
Reply With Quote
The Following 3 Users Say Thank You to blue_devil For This Useful Post:
MarcElBichon (08-12-2024), uranus64 (08-12-2024), wx69wx2023 (08-12-2024)
  #21  
Old 08-12-2024, 23:36
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,405
Rept. Given: 969
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,682
Thanks Rcvd at 484 Times in 343 Posts
niculaita Reputation: 89
https://out5.hex-rays.com/.DS_Store
Forbidden
You don't have permission to access this resource.

https://out5.hex-rays.com/beta90_6ba923

Not Found
The requested URL was not found on this server.

but works https://out7.hex-rays.com/files/idafree84_windows.exe
__________________
Decode and Conquer

Last edited by niculaita; 08-12-2024 at 23:47.
Reply With Quote
  #22  
Old 08-13-2024, 01:13
JMP-JECXZ JMP-JECXZ is offline
Friend
 
Join Date: Mar 2017
Posts: 102
Rept. Given: 0
Rept. Rcvd 4 Times in 3 Posts
Thanks Given: 14
Thanks Rcvd at 119 Times in 58 Posts
JMP-JECXZ Reputation: 4
some subdomains:
Code:
partners.hex-rays.com
docs.hex-rays.com
api.hex-rays.com
my.hex-rays.com
hub.hex-rays.com
assets.hex-rays.com
dist5.hex-rays.com
dist7.hex-rays.com
public-lumina.hex-rays.com
plugins.hex-rays.com
mx200.hex-rays.com
mail.hex-rays.com
lumina.hex-rays.com
mx100.hex-rays.com
forum.hex-rays.com
out5.hex-rays.com
out7.hex-rays.com
Reply With Quote
  #23  
Old 08-13-2024, 06:42
jonwil jonwil is online now
VIP
 
Join Date: Feb 2004
Posts: 390
Rept. Given: 2
Rept. Rcvd 21 Times in 9 Posts
Thanks Given: 2
Thanks Rcvd at 67 Times in 35 Posts
jonwil Reputation: 21
None of the links work anymore by the look of it.
Reply With Quote
The Following 2 Users Say Thank You to jonwil For This Useful Post:
blue_devil (08-13-2024), niculaita (08-13-2024)
  #24  
Old 08-13-2024, 22:44
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,405
Rept. Given: 969
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,682
Thanks Rcvd at 484 Times in 343 Posts
niculaita Reputation: 89
Quote:
Originally Posted by jonwil View Post
None of the links work anymore by the look of it.
forum.hex-rays.com works for me
__________________
Decode and Conquer
Reply With Quote
  #25  
Old 08-22-2024, 20:48
Artic Artic is offline
Friend
 
Join Date: Jul 2014
Location: target folder
Posts: 112
Rept. Given: 48
Rept. Rcvd 15 Times in 9 Posts
Thanks Given: 197
Thanks Rcvd at 43 Times in 25 Posts
Artic Reputation: 15
damn thats crazy, thanks to all involved!
Reply With Quote
  #26  
Old 08-26-2024, 07:40
Bidasci Bidasci is offline
Friend
 
Join Date: Jan 2022
Posts: 9
Rept. Given: 0
Rept. Rcvd 0 Times in 0 Posts
Thanks Given: 6
Thanks Rcvd at 9 Times in 2 Posts
Bidasci Reputation: 0
Quote:
Originally Posted by JMP-JECXZ View Post
some subdomains:
Code:
partners.hex-rays.com
docs.hex-rays.com
api.hex-rays.com
my.hex-rays.com
hub.hex-rays.com
assets.hex-rays.com
dist5.hex-rays.com
dist7.hex-rays.com
public-lumina.hex-rays.com
plugins.hex-rays.com
mx200.hex-rays.com
mail.hex-rays.com
lumina.hex-rays.com
mx100.hex-rays.com
forum.hex-rays.com
out5.hex-rays.com
out7.hex-rays.com
Don't know what you were using to subdirectory brute but here are more:
Code:
hex-rays.com (FQDN) --> ns_record --> davina.ns.cloudflare.com (FQDN)
hex-rays.com (FQDN) --> ns_record --> garrett.ns.cloudflare.com (FQDN)
hex-rays.com (FQDN) --> node --> api.hex-rays.com (FQDN)
hex-rays.com (FQDN) --> node --> dist5.hex-rays.com (FQDN)
hex-rays.com (FQDN) --> node --> out5.hex-rays.com (FQDN)
hex-rays.com (FQDN) --> node --> mx100.hex-rays.com (FQDN)
hex-rays.com (FQDN) --> node --> mx200.hex-rays.com (FQDN)
api.hex-rays.com (FQDN) --> cname_record --> phgftqutpkutozwgtvoj.supabase.co (FQDN)
dist5.hex-rays.com (FQDN) --> cname_record --> out5.hex-rays.com (FQDN)
mx100.hex-rays.com (FQDN) --> a_record --> 91.183.32.78 (IPAddress)
mx200.hex-rays.com (FQDN) --> a_record --> 95.211.160.134 (IPAddress)
hex-rays.com (FQDN) --> mx_record --> smtp.google.com (FQDN)
hex-rays.com (FQDN) --> node --> forum.hex-rays.com (FQDN)
hex-rays.com (FQDN) --> node --> docs.hex-rays.com (FQDN)
forum.hex-rays.com (FQDN) --> a_record --> 95.211.160.134 (IPAddress)
docs.hex-rays.com (FQDN) --> a_record --> 13.227.37.107 (IPAddress)
docs.hex-rays.com (FQDN) --> a_record --> 13.227.37.69 (IPAddress)
docs.hex-rays.com (FQDN) --> a_record --> 13.227.37.102 (IPAddress)
docs.hex-rays.com (FQDN) --> a_record --> 13.227.37.94 (IPAddress)
hex-rays.com (FQDN) --> node --> out7.hex-rays.com (FQDN)
hex-rays.com (FQDN) --> node --> dist7.hex-rays.com (FQDN)
hex-rays.com (FQDN) --> node --> get.support.hex-rays.com (FQDN)
dist7.hex-rays.com (FQDN) --> cname_record --> out7.hex-rays.com (FQDN)
get.support.hex-rays.com (FQDN) --> cname_record --> get-support-hex-rays-com-49d4571b-07ee-402f-a4f5-76ce5b74ceb5.saas.atlassian.com (FQDN)
lumina.hex-rays.com (FQDN) --> a_record --> 95.211.194.33 (IPAddress)
hex-rays.com (FQDN) --> node --> mail.hex-rays.com (FQDN)
hex-rays.com (FQDN) --> a_record --> 85.17.15.247 (IPAddress)
hex-rays.com (FQDN) --> node --> assets.hex-rays.com (FQDN)
mail.hex-rays.com (FQDN) --> cname_record --> hex-rays.com (FQDN)
phgftqutpkutozwgtvoj.supabase.co (FQDN) --> a_record --> 104.18.38.10 (IPAddress)
phgftqutpkutozwgtvoj.supabase.co (FQDN) --> a_record --> 172.64.149.246 (IPAddress)
assets.hex-rays.com (FQDN) --> a_record --> 85.17.15.247 (IPAddress)
out5.hex-rays.com (FQDN) --> a_record --> 212.32.227.138 (IPAddress)
support.hex-rays.com (FQDN) --> a_record --> 172.67.202.197 (IPAddress)
support.hex-rays.com (FQDN) --> a_record --> 104.21.77.5 (IPAddress)
support.hex-rays.com (FQDN) --> aaaa_record --> 2606:4700:3031::ac43:cac5 (IPAddress)
support.hex-rays.com (FQDN) --> aaaa_record --> 2606:4700:3033::6815:4d05 (IPAddress)
get-support-hex-rays-com-49d4571b-07ee-402f-a4f5-76ce5b74ceb5.saas.atlassian.com (FQDN) --> a_record --> 108.157.142.117 (IPAddress)
get-support-hex-rays-com-49d4571b-07ee-402f-a4f5-76ce5b74ceb5.saas.atlassian.com (FQDN) --> a_record --> 108.157.142.18 (IPAddress)
get-support-hex-rays-com-49d4571b-07ee-402f-a4f5-76ce5b74ceb5.saas.atlassian.com (FQDN) --> a_record --> 108.157.142.50 (IPAddress)
get-support-hex-rays-com-49d4571b-07ee-402f-a4f5-76ce5b74ceb5.saas.atlassian.com (FQDN) --> a_record --> 108.157.142.107 (IPAddress)
hex-rays.com (FQDN) --> node --> my.hex-rays.com (FQDN)
my.hex-rays.com (FQDN) --> cname_record --> portal-web-six.vercel.app (FQDN)
hex-rays.com (FQDN) --> node --> partners.hex-rays.com (FQDN)
hex-rays.com (FQDN) --> node --> public-lumina.hex-rays.com (FQDN)
partners.hex-rays.com (FQDN) --> cname_record --> ghs.googlehosted.com (FQDN)
public-lumina.hex-rays.com (FQDN) --> a_record --> 37.48.109.121 (IPAddress)
plugins.hex-rays.com (FQDN) --> a_record --> 37.48.115.12 (IPAddress)
Reply With Quote
The Following 2 Users Say Thank You to Bidasci For This Useful Post:
blue_devil (08-26-2024), niculaita (08-26-2024)
  #27  
Old 08-26-2024, 16:20
Shub-Nigurrath's Avatar
Shub-Nigurrath Shub-Nigurrath is offline
VIP
 
Join Date: Mar 2004
Location: Obscure Kadath
Posts: 923
Rept. Given: 62
Rept. Rcvd 419 Times in 94 Posts
Thanks Given: 70
Thanks Rcvd at 335 Times in 103 Posts
Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499 Shub-Nigurrath Reputation: 400-499
Coming back from summer break, I notice numerous discussions about IDA 9.0 leaks. Could someone be so kind as to provide a recap or a step-by-step tutorial on limitations and how to obtain, install and patch it?

thanks
Shub
__________________
Ŝħůb-Ňìĝùŕřaŧħ ₪)
There are only 10 types of people in the world: Those who understand binary, and those who don't
http://www.accessroot.com
Reply With Quote
  #28  
Old 08-26-2024, 23:09
bolo2002 bolo2002 is offline
VIP
 
Join Date: Apr 2002
Posts: 649
Rept. Given: 111
Rept. Rcvd 14 Times in 13 Posts
Thanks Given: 243
Thanks Rcvd at 249 Times in 159 Posts
bolo2002 Reputation: 14
Quote:
Originally Posted by Shub-Nigurrath View Post
Coming back from summer break, I notice numerous discussions about IDA 9.0 leaks. Could someone be so kind as to provide a recap or a step-by-step tutorial on limitations and how to obtain, install and patch it?

thanks
Shub
hi,check this thread:
https://forum.exetools.com/showthread.php?t=21067&page=4
__________________
I like this forum!
Reply With Quote
  #29  
Old 08-26-2024, 23:38
niculaita's Avatar
niculaita niculaita is offline
Family
 
Join Date: Jun 2011
Location: here
Posts: 1,405
Rept. Given: 969
Rept. Rcvd 89 Times in 61 Posts
Thanks Given: 4,682
Thanks Rcvd at 484 Times in 343 Posts
niculaita Reputation: 89
your trying to access was logged
__________________
Decode and Conquer
Reply With Quote
  #30  
Old 08-26-2024, 23:51
bolo2002 bolo2002 is offline
VIP
 
Join Date: Apr 2002
Posts: 649
Rept. Given: 111
Rept. Rcvd 14 Times in 13 Posts
Thanks Given: 243
Thanks Rcvd at 249 Times in 159 Posts
bolo2002 Reputation: 14
Quote:
Originally Posted by niculaita View Post
your trying to access was logged
what the f**k?
i just replied to Shub-Nigurrath!
__________________
I like this forum!
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



All times are GMT +8. The time now is 15:20.


Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX, chessgod101
( 1998 - 2024 )