Sud0x3

This may be of interest, https://github.com/pantsbuild/pex

Glad i could help, some google fu and a little tinkering with the api docs. I did not find any reference to this data source in the docs though, found someone asking on stackoverflow about user rss feed and i figured it out from there.

I was just watching hak5 when they announced that Threatwire was back and i too went hunting for a feed, i came across your post so i thought i would let you know what i found. All videos via `channel_id` https://www.youtube.com/feeds/videos.xml?channel_id=UC3s0BtrBJpwNDaflRSoiieQ All videos via `user` https://www.youtube.com/feeds/videos.xml?user=hak5darren Threatwire playlist via `playlist_id` https://www.youtube.com/feeds/videos.xml?playlist_id=PLW5y1tjAOzI0Sx4UU2fncEwQ9BQLr5Vlu

Im interested to see what you found on this device. Was the number printed on the card associated with an of your friends personal accounts. I have heard of people leaving malicious usb devices in public places but this is taking it to a new level, more likely to be used in targeted attacks i would have though. Once you have done your investigation would be cool to see what is inside the card.

I was under the impression that U3 drives virtually mounted an iso as a disc on windows. as windows used to inherently run the autorun.inf file from a cd when inserted you could configure autrun.inf to run any script application when you inserted the drive. Was great for stealing data as you still had the usb storage available to you on the u3 drive. I don't see how having u3 would benefit you now though. Thinking about implementing your own ducky script alternative you may want to get yourself a teensy from pjrc.com. If you decide to go down this route you may want to look at Adrian Crenshaw's project http://www.irongeek.com/i.php?page=security/programmable-hid-usb-keystroke-dongle, he also created his own library called PHUKD which you could learn a lot from.

I like the idea of making this yourself, if you want people to contribute you may get a better response if you make the code your working on open source. The problem i find with current key recovery is thier documentation of supported apps.

Would I be right in saying this infusion will basically try to crack all available wireless networks? I have found that WPS attacks are becoming less prevalent every day now. Even the default ISP routers have rate limiting and lockout periods now. Maybe some kind of phishing attack using karma would yield better results than wps bruteforcing.

I would also suggest linux mint 13 as a good distrobution for starting out in linux. Its very stable and has a familiar interface if your coming from windows.

If you cant achieve this then you have a long way to go and i am assuming no one here is going to do this for you. I will however give you a little information, You need a copy of the login page and a scipt that will take the data entered into user name and password fields and save or send it somewhere. More complex scripts are sometimes able to take the information and log the user into the target site, To use this attack on someone with any knowledge of computing whatsoever you will need to employ attacks like dns spoofing. @loozr you do not require any of the scripts hosted on the target site, you simply need a site that looks like the target.

Really is pointless buying one of these but they are available all over, use google! http://www.cantenna.com/ As for getting long range with the Reaver Pro or Alfa One, they are bot the same device and has an rp-sma connector if you again google "rp-sma yaagi" or directional antenna rp-sma

If your good enough you should be able to determine what anti virus is installed on a machine :) regardless i dont think you get my point, virus total use submitted information to improve anti virus solutions. There are other online malware scanners that do not share thier infomation with anyone. You should really check one of those out for the future. Here is an extract taken from virustotal.com When you submit a file to VirusTotal for scanning, we may store it and share it with the anti-malware and security industry (normally the companies that participate in VirusTotal receive files containing virus samples that their engines do not detect and are catalogued as malware by at least one other engine). The samples can be analysed by automatic tools and security analysts to detect malicious code and to improve antivirus engines.

Google is your friend, "UG802 root" --> http://liliputing.com/2012/09/rooting-the-ug802-android-mini-pc-installing-custom-recovery.html Third search result o Google full guide to rooting your device, wasn't hard to find :)

Could it have been https://code.google.com/p/wifite/, I thinks its included in BT5r3

Heres some reading material to get you started :) http://schierlm.users.sourceforge.net/avevasion.html http://adaywithtape.blogspot.nl/2010/05/creating-backdoored-exe-with-metasploit.html

Why would you run it through virus total? Pick the target anti virus, install it in a virtual machine with full updates, run executable This way the signatures of your executable are not sent to the anti virus companies for analysis Edit: unless you are planning something malicious like infecting hundreds of machines with a binary, this method should work fine.