Active Members
  • Content count

  • Joined

  • Last visited

  • Days Won



About digip

  • Rank
    -we're all just neophytes-

Contact Methods

  • Website URL
  • ICQ

Profile Information

  • Gender
  • Location
  • Interests
    Forum Rules - https://web.archive.org/web/20150402012023/https://forums.hak5.org/index.php?/topic/7499-read-me-first/

Recent Profile Visitors

71,248 profile views
  1. Thats awesome..lol Would make decent outdoor antenna hardware when you're not worried about the weather being an issue for equipment, this takes the hit at next to no cost other than recycling old soda cans.
  2. If you want to test 100% SMB relaated attacks on port 445 (TCP) or odler SMB 135, 137-139(like on XP) from the internet, have the neighbor, or yourself, port forward to a test box, preferably a VM bridged to the network on a junk host machine, or thrown in a DMZ. This way, if you get a drive by hit from the internet, it's on a single VM and junk host machine you can always wipe later. Just disconnect the rest of the boxes on the lan..lol.
  3. Yeah, that was what I was getting at, how does it see the traffic without having all the thing flowing over it, either mirrored or with some kind of client stuff that sends it over.
  4. The ISP probably won't send you anything without a formal complaint, but their network setup might just drop packets of certain kinds as well as traffic over port 445 in general just because it's a high vuln target port in general.
  5. I don't know of any tools that get past NAT in this manner. However, throw enough shit it any device, it's bound to DoS the damn thing though. Sending to the external IP would kill the gateway if it's not beefy enough to handle or have redundancy built into the network somewhere. This is also sounding more like malicious intent vs learning some tool options or how things work. Unless stress testing your equipment, you're going into troubled waters there. I wouldn't recommend doing this to anyone but yourself and only in a closed network for testing, learning and understanding what is happening, or how to defend against. Get a few old routers on ebay or local thrift shop, classifieds, etc, then setup some home machines and hook them all up, set them up and have at it. Nothing wrong with understanding these things or learning them. Just don't point your laser at the world..
  6. macchanger -r should work or try using nmap with --spoof-mac, but read the help file for nmap and also the nse file - https://svn.nmap.org/nmap/scripts/smb-flood.nse Nmap can spoof both the source IP and MAC address.
  7. Sending should still contain your MAC address in the frame and packets somewhere I would think, but not your sending IP. You could use macchanger to at least not use your real hardware ID as well. SMB attacks generally only work on the local LAN and shouldn't cross NAT either. You can't sit at home and then point across the internet at someones external IP expecting to have much effect other than leaving a trail of packets on your outbound side. Your ISP might even drop this traffic. If on the same LAN, and you know the subnet you're in, you can pick a different private subnet group as the sender, example: if your on, set the sender IP as 10.x.x.x something or 172.16.x.x so no one on the same LAN gets reflected at with any of the packets.
  8. Looks like it's a bundle of IDS solutions - https://securityonion.net/#about I don;t work on that side of the network stuff, but when you install this, what sends the info to this for collection? You have to setup whatever the other boxes are, to send the info to this machine? I see on the wiki there are several ways to use it in different scenarios, but wouldn't this ideally be something that port mirrors traffic for inspection or is there something else you install on other devices to send it to this, like an SNMP type server and client?
  9. As a parent, you should probably have the plan setup to give you access and put some kind of parental controls on there to unlock for emergency but that is your call. Not going to tell you how to parent, but talking with your son about his phone use and your concerns might be better than spying on it with password breakers. He might even give you the password. On our girls tablets, we set them up and my wife created the emails attached to each. We can logon to the playstore and also install or remove things from the tablets, and they aren't allowed to just install whatever they want without asking us, but that is just us, not everyone has to be that way, they are just little though, so we monitor what they have access to and can run on them.
  10. Hmm. The sender IP can probably be spoofed, sure. I think you send it with "--source-ip=x.x.x.x" but read the help file or man page.
  11. Yeah, I just wans't sure if it was going to actually make any difference in reception and signal strength. Antenna design is not something I've played a lot with, but I know that there is a bit of math involved for dialing in the length for different kinds of antennas. The can part I mentioned was more like a collector and bounce the signal back at the antenna part itself, like a dish behind an LMB, the dish doesn't act as an antenna, it's only there to hone the signal back at the antenna part itself. Kind of like:
  12. From my understanding, SSLstrip2 works against HSTS, but I've not gotten either to work for me.
  13. Yeah, when I'm doing a CTF on my home lab network, I'm ok with hammering away with hydra or any other attacks like that and throw the kitchen sink at it. SSH usually works best with a single thread though, in my experience, and most of the ones I've cracked were because wordlist of passwords were from scraped data on the CTF pages themselves that were reused as passwords on the server for specific users.
  14. Hmm. I'll throw out a couple of ways you could get around this, but only one of them is really safe. Reverse shells(which anyone listening for could take over the system) and VPN. You could in theory use SSH with a bounce and have the system initiate the call to you, but whatever device you want to connect to the home network, would need an address on the internet in front of NAT at the other end as well. You'd have to use something like DynDNS on the external box and setup a service on the internal machine to always dial out to the DynDNS address and port for your externally used device, and then listen for the call, in a sense. Not sure SSH could be used, but "ncat" that comes with nmap, can do SSL with the switch --ssl when connecting to another system. All you have to do, is setup a listener with "ncat --ssl -lvp 443" and on the home box do "ncat --ssl -v somedydndns.address.com 443 -e /bin/sh" or if on windows "-e cmd". The home machine would need to be scripted to continually try this every few minutes to dial to you, and once connected, keep the connection alive, and when dies, restart the calling home to your DynDNS address. This lets you move around anywhere, so long as you're using the DynDNS address on your remote device in some manner, and it will always call you. --- That said --- I advise you NOT to do this. Reason being, this machine is returning a shell to the intended DynDNS address, but if someone else gets this address somehow, they could potentially be getting your shell as well. They would get your system's shell handed to them, but I wanted to show that it could be done to bypass NAT and the gateway without port fowarding. You could probably setup your own script to handle authentication in some other manner than blatantly handing over a full shell, but not sure how you go about scripting that side of it, but sure it can be done, and there are probably scripts or tools that already do this, but I don't know what they are. The last thing, is a VPN. Most VPN protocols, are allowed on routers by default, ie: no port forwarding needed I believe for certain ports. I think port 500 and another one I can't remember off the top of my head, work for VPN passthrough by default on nearly all home routers, unless explicitly denied/disabled. A VPN would also be the safest way to do this and allow you to not just SSH into the home network, but if configured properly, safely tunnel all your traffic when on the road through your home connection, safeguarding your data when at say a free wifi cafe, your traffic would be encrypted if on a VPN. an HTTP socks proxy, will only safeguard the browser or programs configured for one, where as a VPN, tunnels all traffic over the VPN.
  15. Are soda can tabs good antenna material? Wouldn't they do better to use the can itself and open it up as a sort of dish to focus the signal from behind to the antenna? Wifi doesn't really pass through metal too well and antennas generally have specific sizes to be cut for different wavelengths to match the required dipole, no?