digitalnull

Having worked in a large school district I can say the most time consuming task was pressing hotkeys during desktop imaging. It would have been amazing to have even 10 rubber duckys to save the time wasting task of [ENTER][ENTER][ENTER][ENTER][ENTER][ENTER][ENTER].... having flashbacks...

Oh hey, Has anyone else attempted to use a captive portal page to inject script that calls on certutil to install a cert from a url as a trusted root ca? Thus providing ssl mitm that doesn't show certificate warning prompts? If so, is it written in java? Are there any windows security features to thwart this stuff? Thanks, digitalnull

Ok so I have inherited two domains, one domain runs active directory services that all of the workstations are joined to (domainA), the second domain hosts exchange (domainB). After signing in on a computer in domainA we have to authenticate outlook with domainB to get email. The end result, I would like is to be able to authenticate with domainA for email but have it load the profile as if it was domainB. I can create a one way trust from domainB to domainA but Im not sure how to fool exchange into believing DomainA\user1 is DomainB\user1. I've messed around with Authenticate as permissions on domainB but that doesnt seem to work correctly. I don’t want to mess with full access permissions on exchange as that would cause issues. I havent had any problems getting the trust functioning correctly, just the windows/exchange user side of things. Does anyone have any experience with this?

I’m curious if the screenshot code could be rewritten to stream the display, even if you could only get 32fps. Sound wouldn’t matter so much if you’re in the other room. I’ve connected to a few Smart TVs before but just for the purpose of capturing the browsing traffic. Don’t have time to “mess with people” but the above would actually be a useful hack around the house.

Does anyone use SET for credential harvesting? I'm trying to create as many harvesters as possible for use with dns spoof on the pineapple. My problem is that I’m running out of ram. I’m using a kali vm for each harvester but this just seems like resource waste… Does anyone know or use a better way of harvesting many sites at the same time while not using redirects and having separate IPs for each harvester? Id like to still use the kali setup with SET so I can use some of the other web attacks. Thanks. XD

After playing the game Im defiantly a little disappointed. The graphical style and functions are what I would expect from ubisoft (more about the gameplay), but they should have gotten together with rockstar or someone that has more experience with a larger city maps, physics and other details... The physics suck, realistic level is too easy, and the way you “hack” in the game is by holding X…. This games concept is pretty sweet, but it needs A LOT of work if anyone is going to play it more than once.

Large woman, 400+ pounds complains all week her printer doesn't work. I sat on the issue for a few days to let it resolve itself (like usual). On the third day I went to investigate. I walked into the small annexed room her printer was located in, grabbed 300~ pages off the printer, all the same document. Walked into her room and asked "is this what you were unable to print?" She replies “Oh, you know what I think happened? The door is usually open to that room, so I can hear it print”.... <3 IT Life.

Does anyone have a suggestion for software or script that could be used to scan ranges of frequencies and make note or save any over a specific threshold? Something where a complete scan could be done in a few minutes? I know radio and police scanners must have some sort of software to do this (example: seek button on your radio). Thank you.

I found an article that may help you understand the process better. http://www.google.com/url?sa=t&rct=j&q=&esrc=s&frm=1&source=web&cd=5&cad=rja&uact=8&ved=0CFsQygQwBA&url=http%3A%2F%2Fmathcs.slu.edu%2F~chambers%2Fspring11%2Fsecurity%2Fassignments%2Flab04.html%23dreplay&ei=-fgYU-r7KoOGyQHJ9oF4&usg=AFQjCNGmpbcV6AO6qtea7KWQPmXsdsg5Ng&sig2=OnZGpuZa_yklWuhPUDkvOw If you are using Distros such as BT or Kali there are tools/servers preinstalled that could do what you're saying.

I would recommend using godaddy.com or domain.com to buy the name then host it on Google sites, you can create up to 10 free email accounts, it’s easy and centrally managed.

For DNS spoof try using: 172.16.42.1 *facebook.com*/* Make sure 172.16.42.1 is your dns server on your lease.

I recently disabled recursion and forwarding in my network and have dhcp to give both the internal dns server and google's. This issue hasn't affected all pc's and when I renew the dhcp lease everything is fine. There are no logs pointing to a specific issue, so Im kinda lost. Any help to get both internal and external dns working would be greatly appreciated.

I want to get a honeypot set up on my dmz to observe the different styles of hacks... My question, what is the best way to log and monitor it without giving away its Identity or having the logs and reports of the hacks deleted? Anything else I'm missing? Thanks, Digitalnull

Ok so I was able to reset my pineapple... Note to other users, if you fill up your pineapple to the max, and can no longer log in, serial in and free some space then reset the pineapple... you wont be able to reset the password until you do so. If anything else, don't be lazy and just flash it.

I have my serial settings configured correctly. I turn on my pineapple, the menu comes up with options 1 - 3 and on the right it looks like its counting down. I press 1 a few times and it starts to load, I dont get a prompt right away. It then looks like its just booting the firmware... but it freezes before It fully loads and before I get the cool pineapple cli graphics and root cli. However, if I refrain from pressing 1 upon boot the firmware loads fully and I do end up at the root cli. Just wanted to add and it may help, but before any of this happened I remember getting some kind of "not enough space on device" error when i tried copying files to /www I wasn't able to modify my passwd in my previous post until I deleted files in www because there wasnt enough space to modify that shadow file.