Jump to content

Gianluca

Active Members
  • Posts

    45
  • Joined

  • Last visited

About Gianluca

  • Birthday 05/19/1982

Contact Methods

  • Website URL
    http://www.gianlucaghettini.net
  • ICQ
    0
  • Skype
    giangio82

Profile Information

  • Gender
    Male
  • Location
    Perugia, ITALY
  • Interests
    computer, DIY, amateur electronic, hacking

Recent Profile Visitors

3,023 profile views

Gianluca's Achievements

Newbie

Newbie (1/14)

  1. Hi guys, On my blog I wrote a post about MitM attack using SSLStrip + arpspoof. It's in Italian so I don't know if u can undestand: http://www.gianlucaghettini.net/intercettazione-traffico-https-e-recupero-dati-sensibili/ Other than the actual attack (which is very well known) I focused on the HSTS policy and how it is useful to prevent such attacks. Do you known any successful attempt to break such security policy? Poisoning the DNS cache of the target host could lead to a scenario in which the target browser goes to a fake domain, receive a forged HTTP header with a max-age value of zero: Strict-Transport-Security: max-age=0; includeSubDomains and then get redirected to the real site. The HSTS RFC says that browser SHOULD ignore the HSTS header when in HTTP mode but maybe this very specific check was not implemented on all browser.
  2. Hi guys, I'd like to use my acer aspire one A110 (the one selled with linpus OS) as a wifi adapter for my Xbox360. I mean, I want to redirect the adsl connection I get from the wifi to the ethernet card of the acer aspire one. The Xbox360 is connected to the aspire one via ethernet cable. I'm pretty sure that this is called bridging mode. Do I need some special utility to do that or it can be done with some iptable trick? How to do that? thanks!!
  3. ARP poisoning redirects hosts in the same network (used most of the time to perform man in the middle attacks), what u mean is dns poisoning
  4. metasploit is a good choice also, check out the pineapple (here). It can trick other computer wifi card to associate to your pineapple instead of the legitimate AP, then you can do whatever you want, some MITM attacks and so on...
  5. LOL it IS definitely pr0n... if not, why so much dedication? :lol: :lol:
  6. if you're targeting a specific user the 70-75% success rate may be not enough (there is a 25-30% chance that it is not enough :P :P :P ) but if you are just collecting random accounts that's very good.
  7. yep, cloning sites means phishing = illegal but creating new services is absolutely legal... as you said, no need to be in the same network and no need to be in front of the computer too! just wait for the passwords to show up in your remote log file...
  8. naaa.. just write the login page of the web service! :lol: and of course, if u try this over 100 people, you get on average 70-75 facebook and email accounts... not bad IMHO. the more users the better because the effort-per-account decreases very fast
  9. add some bias to your brute force search! You MUST have some clue about your password. It was a random 18 key ascii password? I don't think so... or you're another rain man... joke! If you are spanning the entire ascii space you'll not see the end, even with password key length = 8 but... in the meantime, have u changed gf? If so, what's the deal? another tip: I don't know exactly but if the zip file includes the hashed version of the password (to detect quickly the wrong passwords, for example), grab the hash, identify the hash function (from the zip specs) and try some rainbow tables. It's much faster than brute forcing using the zip file api functions because u can use some serious reverter like rainbow-crack or cuda, not thoose shitty zip file recovery programs.
  10. that's weird. Is it really true you can't even remember the resemblance of that password? (some character, the meaning at least). Does it was a completely random password? I think that would have been better to exploit the OS information leaking. I mean, to create a dump of the entire laptop disk drive and brute force the zip password against it (offsetting the candidate password byte by byte and using multiple lengths). In some cases OS paging can help you to recover lost passwords...
  11. this is old ok, but that's my 2 cents: create a completely new web service online (online dating, gambling, fake sms free service, free calls, something NEW) with a username/password login page. Convice him/her to register on that web service (you have already done it ok? you know how cool this service is... :) :) :) ). There is a 70-75% chance (here the study) that the password he/she entered is the same as his/her facebook or email account. You are the admin on that server so you can store the password in clear and get it as it is. not bad, uh? :)
  12. Information leakage is everywere, it's almost impossible to avoid it. The best I can do is to centralize all the confidential data in a very secure host (linux based of course) and use 2 other spare xp PCs for gaming, non-critical web browsing etc etc... (I don't mind if I get viruses on those 2 PCs) Keepassx database stores all the passwords and an encrypted truecrypt volume store the personal data. One single master password unlocks the keepassx db and in turn all the other stuff. Every now and then I print on paper the keepassx password db in base64.
  13. Oh, sorry guys.. maybe I need to sleep :) But I think we didn't understand what Antonio really wants. He wants to discover a WEP key without asking the owner for it and without having phisical access to the computer on that network, so this is a tipical case of WEP cracking :) Maybe in Antonio's point of view the word "crack" just means keygen or other stuff... IHMO
  14. So, this is my solution to the problem: - download backtrack3 and burn it on a cd. - buy a sitecom wl-172. It's a wifi usb stick with the ralink chipset RT73. I have one of these beauties and it works perfectly in monitor mode and with kismet. You can buy it for 25 euro in Europe (I think 20$ in the USA) - throw away the cd that comes with the usb stick. It's full of useless windows-shit :) - boot your pc with backtrack3 - read this tutorial and follow the istructions: http://ryanunderdown.com/2007/02/12/cracki...sing-backtrack/ - send me a gift. NOTE: Be careful when cracking WEP networks... It's ridiculously easy to crack WEP but the conseguences may be not so ridiculous. Think mcfly, think!
  15. the chances of this are very low. It's far more likely to be run over by car in a sunny day :) this holds because (you must have the same ISP of the spammer's one) AND (you must be an hak5 fan) AND (you must log in on the same day) AND (you must be very unlucky :)) However you're right, IP ban is the last resort when fighting spammers. Indeed, I've always logged in forums without any problem.
×
×
  • Create New...