X3N

its a good idea to make copies of all your configuration files especially for X if your messing with stuff... that way you can always bring it back to life.

the concept of binural beats is interesting if you want to check out a more advanced program look at gnaural its an open source binaral beats generator.

cool work... i released my code for my autoIT switchblade... i dont know if theres anything you wanted to use from it.. My code is kinda noobish but i liked the idea of autoIt cause its a bit better then batch scripts... there was also someone on here who realeased some code for a self extracting autoIT payload that uses Fileinstall to include all the files into one exe... http://hak5.org/forums/index.php?showtopic=10486

the challenge was interesting at first but i think I've officially lost interest now...

connecting via ssh is possible without putting in a password if you do it correctly. There is still some "authentication" yet its done behind the scenes heres a link that shows you how its done. http://wp.uberdose.com/2006/10/16/ssh-automatic-login/ as far as sending files without authenticating... its never recommended but in some cases you may want to do this... the best way i can think of is to use netcat it isnt secure by any means but like i said sometimes its easier to just do it this way... ive done it before when dd'ing a hardrive image over the network to store it on another computer.... http://linux.byexamples.com/archives/227/c...le-with-netcat/

actually gentoo and LFS is where the big boys play. RHEL is identical to CentOS and is pretty stable long as you dont add your own repositories to yum Same with ubuntu and debain. its pretty stable long as you dont add unstable repositories to apt fedora is red hat too just the unstable releases

ubuntu is debain

aint nothin wrong with ubuntu... ubuntu made it easy for anyone to run linux if they wanted to... you cant fault them for making it easy becuase that was the whole intent. Linux for everybody.

LOL putty is awesome but you might wanna try out filezilla with sftp might be easier for you to use...

wow... i totally missed this thread....

first things first.... never run something that you dont know exactly what it is... i'm not trying to sound like a jerk but you should understand how the switchblade works which involves reading the code for it or even just reading the documentation or even just the forum topics regarding the different payloads. also last time i checked those files in the packages area are pretty outdated now.

actually you can compile python files into pyc or exe(using the py2exe script) if you got the latest python py2exe comes with it already...

i got how it was supposed to work your code just confused me... i ran accross some python source code that does the same thing only alot better....in the spirit of not reinventing the wheel... the only thing is this code just outputs to a file. ''' UPDATES: Forgot to close the file after I opened it. It now splits the files after a set limit. It checks the file size after ever 1000 words. Easy to change. TO DO: Add in a way to restart the program from where it left off. ''' import os import time numFile = 0 f=open('wordlist-' + str(numFile) + '.txt', 'w') def xselections(items, n): if n==0: yield [] else: for i in xrange(len(items)): for ss in xselections(items, n-1): yield [items[i]]+ss # Numbers = 48 - 57 # Capital = 65 - 90 # Lower = 97 - 122 numb = range(48,58) cap = range(65,91) low = range(97,123) choice = 0 while int(choice) not in range(1,8): choice = raw_input(''' 1) Numbers 2) Capital Letters 3) Lowercase Letters 4) Numbers + Capital Letters 5) Numbers + Lowercase Letters 6) Numbers + Capital Letters + Lowercase Letters 7) Capital Letters + Lowercase Letters : ''') choice = int(choice) poss = [] if choice == 1: poss += numb elif choice == 2: poss += cap elif choice == 3: poss += low elif choice == 4: poss += numb poss += cap elif choice == 5: poss += numb poss += low elif choice == 6: poss += numb poss += cap poss += low elif choice == 7: poss += cap poss += low bigList = [] for i in poss: bigList.append(str(chr(i))) MIN = raw_input("What is the min size of the word? ") MIN = int(MIN) MAX = raw_input("What is the max size of the word? ") MAX = int(MAX) MAX_SIZE_MB = 100 MAX_SIZE_BYTES = MAX_SIZE_MB * 1024 * 1024 HOW_OFTEN_CHECK = 1000 count = 0 START_TIME = time.time() for i in range(MIN,MAX+1): for s in xselections(bigList,i): count += 1 f.write(''.join(s) + '\n') if count >= HOW_OFTEN_CHECK: size = os.path.getsize('wordlist-' + str(numFile) + '.txt') if size > MAX_SIZE_BYTES: f.close() numFile += 1 f=open('wordlist-' + str(numFile) + '.txt', 'w') count = 0 print 'New File. Current word: ', ''.join(s) f.close() END_TIME = time.time() print 'Time it took to compute files:', END_TIME - START_TIME, 'seconds'\

This is cool... Ok so theres a password encoded with md5 which is. PaSsWoRd The header needed to be fixed which i did. The rar still wont open but it looks like its an unencrypted rar file.

anyone have any success? or anymore ideas? i have a couple questions for plunk. does the file require any repairing? and if not then is the password guessable? guessable meaning using logic or word relationships is it figure-outable by a human? also are there any more clues to be found on or in the file in order to figure out the password? also when trying to use certain passwords with either rar.exe unrar.exe and 7z.exe it will spit out trash and say the file header is corrupt. is that just a bufferoverflow from the .exe or is that something having to do with what you did to the file? and one more thing... will we have to brute force the password or not? with that said... if anyone is still interested in figuring this out then i suggest we start compiling a list of methods of figuring it out.

you need to change it to what you want it to be.... or make your own vnc payload.

check out http://www.pcdecrapifier.com/ i wouldnt mind actually developing a tool to do this although i dont really have time to work on it. I think a script/program in autoIT or python would work great.

well theres a cool program called revouninstaller which is really good compared to the windows built in one... and there is another program called pcdecrapifier that is good for stripping clean a brand new computer of all that preinstalled crap... but as far as what your asking i dont think it totally exists.

the code doesnt work by itself can you show me how it prints out correctly? i can probably make it interface with rar if i understand your code when i try running your script this is what happens G:\crypto>test2.py File "G:\crypto\test2.py", line 17 while b=<62: ^ SyntaxError: invalid syntax G:\crypto>

does this actually work?.... could you show an example of use?

i posted this in the other topic too... its just a dictionary attack on a rar file or zip. I was thinking of taking both these codes and adding some menu's to them and maybe even figuring out the whole multithreading stuff.... this could be the start of a purely python based brute force wrapper that could be used on many things.... http://dl.getdropbox.com/u/332413/rarpass.py http://dl.getdropbox.com/u/332413/1DICT.TXT http://dl.getdropbox.com/u/332413/UnRAR.exe also a little base64 converter program http://dl.getdropbox.com/u/332413/base64decode.py The new and improved dictionary attack unrarer. Still needs some error handling work though but works ok for watching the output of weirdness from this arr_pirate.rar file...

Just some more information gathered. The header for an encrypted rar is this 526172211A0700CE9973 The header of an unencrypted rar is 526172211A0700CF9073 The difference being the CF90 vs CE99 but both translate to the same thing in ascii.

http://dl.getdropbox.com/u/332413/rarpass.py http://dl.getdropbox.com/u/332413/1DICT.TXT http://dl.getdropbox.com/u/332413/UnRAR.exe also a little base64 converter program http://dl.getdropbox.com/u/332413/base64decode.py The new and improved dictionary attack unrarer. Still needs some error handling work though but works ok for watching the output of weirdness from this arr_pirate.rar file...

heres another dump of a password that spits out some interesting stuff F:\crypto>rar x -pabey arr_pirate.rar RAR 3.61 Copyright © 1993-2006 Alexander Roshal 14 Sep 2006 Shareware version Type RAR -? for help ê2î→▬¥-+ÄÿåZ«-}+HoUédT▌▌îYêcY++♠)W☻↨É∟Jáj5¬=ú+←▬+n+2E!JL°%YXÉ~▌£Ü-ÑS☺&ì.l 0♫LE-g_♥2-k -♂~SA£#r↑k948{▌▌!n·B+\+¿;+<↨+9|B-⌂g-++£+f»- EÜ▌F}♦LölûÉv▌↕W*zvM▌²'+hr♦8D ? ÑGU▌8G+}{▌ajó+åÿÑo☼[e♥à]SWs*☻ -2W¼5ùo-8v+§2ßîg▌2åƒoª+?]Äoµ-á+ßßn☻▌vP]v)=~gæ8F ↑-++W¢_Ѳe%-*p-lÇ▲+O"<ü·Å▲+s- {Ä♫7u+ò6cA☻Vë@t\f¬J-ÿ!ä9¬ßsnP;¬0=ôܪw+=K▌m`+☻p°ûat º↔X_▌d²½S∟M▼4+☺xÄ-^ßW|aY*♣'▌tuì+=·)GÄ+▲9←òí+♠¬N`ñMg-edèMLR◄}J+"°Y▌+}_Z²+S w½n+ª↕ ÅÅ+♥á+n⌂-5Ü♠F~t▬O}·▌q+B+1+ i♣tQS_↨ ,sFh←↑ü=RYy▌ܶ‼ÆIJ'▬TpÑ+☻▌_☺p(ƒ \2H▌T-ï»▌:¡+{ å )▲I+ƒ▌}}5_|-[üc-◄&G▬\++M++"-vya=+¼> Kb⌂-▌☼H☺o÷+-++çï-æò)|]▌oòH;+;=nT ÖƒB1¬Ö¬-♦+▌`$ü1Q3ä+∟A▌+-♂c;ÅÆ)CfM-+Ií▌>↨i²T¡*_♂>-+Ñ☼►íù|»T+Å ▌¢ñxa6·ô▌96Æ4=Où D▬↕9æÇǧ+▌§▌ît(+¬a8<\&‼ùâ▬o_ÿ¢ë☻e+▬»▌4¬▌±↕)+S∟¿▬ Z¥UOö+¼\+) 3(zpn½!♂O▌ô♥=æNw$nf{r-~I=L-·O¢+)átû▌c7tGRl♀ñÑTY"O'là}¶▌»ªs▬H+∟yü Ö+s-d'-:8~bT§+3Xñ→-▌I-É+u▌m▲á+↔S▌ƒLv(wSP☺4▌▌^ów+ A+gÖû²}Z▌G-n& ·à▌¢DMU-p!◄$◄++‼-,ôàù→+▌Z%æ→-1aYï - the file header is corrupt Encrypted file: CRC failed in arr_pirate.rar (password incorrect ?) No files to extract

heres the output from 7z 7-Zip 4.58 beta Copyright © 1999-2008 Igor Pavlov 2008-05-05 Processing archive: arr_pirate.rar No files to process Files: 0 Size: 0 Compressed: 15732 7z x -pablins arr_pirate.rar I also tried it with the gui which opened it but doesn't show any files in it. However when i tried it with rar.exe it says CRC failed... so im guessing something else may be going on here...