X3N
-
Posts
270 -
Joined
-
Last visited
Posts posted by X3N
-
-
the concept of binural beats is interesting if you want to check out a more advanced program look at gnaural its an open source binaral beats generator.
-
SCORPIO HACKSAW PAYLOAD BETA 1.0
By now, the current hacksaw is utterly useless without some kind of av killer because the primary program (usb dumper) is detected and automatically deleted by antivirus.
So, I have coded up a new version of usb dumper in autoit.
In case it eventually becomes detected, I have included all source as well as binary.
You can use the current binary or compile it with autoit here:
http://www.autoitscript.com/autoit3/downloads.shtml
INSTRUCTIONS
1. change the the info in config.ini to your own information.
from=example@gmail.com (put in your own gmail account)
to=example@gmail.com (put in your own gmail account)
username=exampleusername (put in just your username)
password=examplepassword (put in your password)
2. If you would like, modify the file extensions in config.ini to those which you would like collected from a target usb drive (or just leave the current ones).
ext1=.txt
ext2=.doc
ext3=.xls
3. Run go.bat
Please PM me any problems/concerns/questions.
If anyone has an idea of how to upload files (other than ftp or email), please notify me.
I don't think sql would work...because its not text data.
DOWNLOAD HERE: http://www.mediafire.com/?gymdtgsmroj[/font]
cool work... i released my code for my autoIT switchblade... i dont know if theres anything you wanted to use from it.. My code is kinda noobish but i liked the idea of autoIt cause its a bit better then batch scripts... there was also someone on here who realeased some code for a self extracting autoIT payload that uses Fileinstall to include all the files into one exe...
-
You wont need to use a hex editor in the current password stage.
the challenge was interesting at first but i think I've officially lost interest now...
-
Someone told me this was possible.
So there is no way to upload a file to someone's computer, or download a file from their computer, without authenticating?
connecting via ssh is possible without putting in a password if you do it correctly. There is still some "authentication" yet its done behind the scenes
heres a link that shows you how its done.
http://wp.uberdose.com/2006/10/16/ssh-automatic-login/
as far as sending files without authenticating... its never recommended but in some cases you may want to do this... the best way i can think of is to use netcat it isnt secure by any means but like i said sometimes its easier to just do it this way... ive done it before when dd'ing a hardrive image over the network to store it on another computer....
http://linux.byexamples.com/archives/227/c...le-with-netcat/
-
Don't get me started on Debian..
Red hat is where the big boys go to play.
RHEL - Developer Support
CentOS - Stable
Fedora - Bleeding edge
Pick one.
actually gentoo and LFS is where the big boys play.
RHEL is identical to CentOS and is pretty stable long as you dont add your own repositories to yum
Same with ubuntu and debain. its pretty stable long as you dont add unstable repositories to apt
fedora is red hat too just the unstable releases
-
Ubuntu is awfull, clicki-soft, bah !
Debian - good documentation, multilingual, pure linux. And most people use it. And it is REALLY free !
ubuntu is debain
-
Ubuntu is a script kiddie low life OS.
aint nothin wrong with ubuntu... ubuntu made it easy for anyone to run linux if they wanted to... you cant fault them for making it easy becuase that was the whole intent. Linux for everybody.
-
I found a solution.
I have to use something called PuTTY
LOL
putty is awesome but you might wanna try out filezilla with sftp might be easier for you to use...
-
wow... i totally missed this thread....
-
sure.
problem 1 with Gonzer switch blade.
Gonzer works fine. the problem is it woln't log at all. the only time it logs anything is when I set it up. and then it saves it to the local HD, not the thumb drive
problem2. with MAXdamage switchblade
I downloaded the program, I install it, the files are there but nothing happens abnormal when I run it. (basically its not running at all, but it installs)
Am I missing something?
first things first....
never run something that you dont know exactly what it is... i'm not trying to sound like a jerk but you should understand how the switchblade works which involves reading the code for it or even just reading the documentation or even just the forum topics regarding the different payloads.
also last time i checked those files in the packages area are pretty outdated now.
-
Well, I've personally had no experiance with Glade, so I can't help you out at all with it, but I can point out something about what you said.
You don't "compile" Python. Python is a scripting language, and interpreted at start (when you launch your .py file your use the Python Shell). There are ways to compile it, though. I have heard of many ways, but personally the one I have heard the best things about is Py2EXE (although I have yet to try it myself, as I haven't had an application that needs to be compiled).
actually you can compile python files into pyc or exe(using the py2exe script) if you got the latest python py2exe comes with it already...
-
How it works...
Well think of a clock
60 seconds to a one minute
60 minutes to an hour
24 hours to a day
7 days to a week
of 60*60*24*7=604800 seconds to a week.
so if you have 3 letters and a password that has either 1-3 letters in it. Then
a
b
ccc
....
each time the next letter moves on the other numbers reset bcc to caa
i got how it was supposed to work your code just confused me... i ran accross some python source code that does the same thing only alot better....in the spirit of not reinventing the wheel... the only thing is this code just outputs to a file.
''' UPDATES: Forgot to close the file after I opened it. It now splits the files after a set limit. It checks the file size after ever 1000 words. Easy to change. TO DO: Add in a way to restart the program from where it left off. ''' import os import time numFile = 0 f=open('wordlist-' + str(numFile) + '.txt', 'w') def xselections(items, n): if n==0: yield [] else: for i in xrange(len(items)): for ss in xselections(items, n-1): yield [items[i]]+ss # Numbers = 48 - 57 # Capital = 65 - 90 # Lower = 97 - 122 numb = range(48,58) cap = range(65,91) low = range(97,123) choice = 0 while int(choice) not in range(1,8): choice = raw_input(''' 1) Numbers 2) Capital Letters 3) Lowercase Letters 4) Numbers + Capital Letters 5) Numbers + Lowercase Letters 6) Numbers + Capital Letters + Lowercase Letters 7) Capital Letters + Lowercase Letters : ''') choice = int(choice) poss = [] if choice == 1: poss += numb elif choice == 2: poss += cap elif choice == 3: poss += low elif choice == 4: poss += numb poss += cap elif choice == 5: poss += numb poss += low elif choice == 6: poss += numb poss += cap poss += low elif choice == 7: poss += cap poss += low bigList = [] for i in poss: bigList.append(str(chr(i))) MIN = raw_input("What is the min size of the word? ") MIN = int(MIN) MAX = raw_input("What is the max size of the word? ") MAX = int(MAX) MAX_SIZE_MB = 100 MAX_SIZE_BYTES = MAX_SIZE_MB * 1024 * 1024 HOW_OFTEN_CHECK = 1000 count = 0 START_TIME = time.time() for i in range(MIN,MAX+1): for s in xselections(bigList,i): count += 1 f.write(''.join(s) + '\n') if count >= HOW_OFTEN_CHECK: size = os.path.getsize('wordlist-' + str(numFile) + '.txt') if size > MAX_SIZE_BYTES: f.close() numFile += 1 f=open('wordlist-' + str(numFile) + '.txt', 'w') count = 0 print 'New File. Current word: ', ''.join(s) f.close() END_TIME = time.time() print 'Time it took to compute files:', END_TIME - START_TIME, 'seconds'\ -
Ok so the last Crack me challenge proved to be a bit to difficult for many people.. So here is the new one..
Hints:
Password is staring you in the face
Watch that hex
Difficulty:
UB3R NOOB
Download:
This is cool...
Ok so theres a password encoded with md5
which is.
PaSsWoRd
The header needed to be fixed which i did.
The rar still wont open but it looks like its an unencrypted rar file.
-
anyone have any success? or anymore ideas?
i have a couple questions for plunk. does the file require any repairing?
and if not then is the password guessable? guessable meaning using logic or word relationships is it figure-outable by a human?
also are there any more clues to be found on or in the file in order to figure out the password?
also when trying to use certain passwords with either rar.exe unrar.exe and 7z.exe it will spit out trash and say the file header is corrupt. is that just a bufferoverflow from the .exe or is that something having to do with what you did to the file?
and one more thing... will we have to brute force the password or not?
with that said... if anyone is still interested in figuring this out then i suggest we start compiling a list of methods of figuring it out.
-
Hi Hak5 community. I successfully created a modded version of the Gonzor payload to only install vnc server and nothing else. Now what the heck is the password? I recall reading it on the Gonzor website last year I was playing with it. But seeing the website is down atm maybe someone can help me out?
Now I did manage to find this in vnc.reg:
"Password"=hex:bb,c4,e0,69,bc,4a,36,3b
"PasswordViewOnly"=hex:bb,c4,e0,69,bc,4a,36,3b
But a simple hex ascii converter wont do it. Any idea's as to what the password is?
Thanks in advance! (:
you need to change it to what you want it to be.... or make your own vnc payload.
-
Sweet ill check them out so far I have a vbs script for MSI and all the control/text scipt for autohotkey
http://www.autohotkey.com/forum/topic18915.html
the idea is I want to feed it a huge list of crap to uninstall and come back and it all be gone !
check out http://www.pcdecrapifier.com/
i wouldnt mind actually developing a tool to do this although i dont really have time to work on it. I think a script/program in autoIT or python would work great.
-
well theres a cool program called revouninstaller which is really good compared to the windows built in one... and there is another program called pcdecrapifier that is good for stripping clean a brand new computer of all that preinstalled crap... but as far as what your asking i dont think it totally exists.
-
the code doesnt work by itself can you show me how it prints out correctly? i can probably make it interface with rar if i understand your code
when i try running your script this is what happens
G:\crypto>test2.py
File "G:\crypto\test2.py", line 17
while b=<62:
^
SyntaxError: invalid syntax
G:\crypto>
-
does this actually work?.... could you show an example of use?
Ya I have it know up to 5 letters and then 10 letters using upper lower and numbers.Update Code
import sys def crack10(): print x[q]+x[w]+x[e]+x[t]+x[y]+x[v]+x[z]+x[r]+x[c]+x[b] x = "abcdefghijklmnopqrstuvwxyzzABCDEFGHIJKLMNOPQRSTUVWXYZZ1234567890" #64 b = -1 c = -1 r = -1 z = -1 v = -1 q = -1 w = -1 e = -1 t = -1 y = -1 ch=b while b=<62: ch = b + 1 b=ch if b==64: c = c + 1 b = 0 if c==64: r = r + 1 c = 0 b = 0 if r==64: z=z+1 r = 0 c = 0 b = 0 if z==64: v=v+1 z = 0 r = 0 c = 0 b = 0 if v==64: y=y+1 v = 0 z = 0 r = 0 c = 0 b = 0 if y==64: t=t+1 y = 0 v = 0 z = 0 r = 0 c = 0 b = 0 #tewq if t==64: e=e+1 t = 0 y = 0 v = 0 z = 0 r = 0 c = 0 b = 0 if e==64: w=w+1 e = 0 t = 0 y = 0 v = 0 z = 0 r = 0 c = 0 b = 0 if w==64: q=q+1 w = 0 e = 0 t = 0 y = 0 v = 0 z = 0 r = 0 c = 0 b = 0 crack10()
-
i posted this in the other topic too... its just a dictionary attack on a rar file or zip. I was thinking of taking both these codes and adding some menu's to them and maybe even figuring out the whole multithreading stuff.... this could be the start of a purely python based brute force wrapper that could be used on many things....
http://dl.getdropbox.com/u/332413/rarpass.py
http://dl.getdropbox.com/u/332413/1DICT.TXT
http://dl.getdropbox.com/u/332413/UnRAR.exe
also a little base64 converter program
http://dl.getdropbox.com/u/332413/base64decode.py
The new and improved dictionary attack unrarer.
Still needs some error handling work though but works ok for watching the output of weirdness from this arr_pirate.rar file...
-
Just some more information gathered.
The header for an encrypted rar is this
526172211A0700CE9973
The header of an unencrypted rar is
526172211A0700CF9073
The difference being the CF90 vs CE99 but both translate to the same thing in ascii.
-
http://dl.getdropbox.com/u/332413/rarpass.py
http://dl.getdropbox.com/u/332413/1DICT.TXT
http://dl.getdropbox.com/u/332413/UnRAR.exe
also a little base64 converter program
http://dl.getdropbox.com/u/332413/base64decode.py
The new and improved dictionary attack unrarer.
Still needs some error handling work though but works ok for watching the output of weirdness from this arr_pirate.rar file...
-
heres another dump of a password that spits out some interesting stuff
F:\crypto>rar x -pabey arr_pirate.rar
RAR 3.61 Copyright © 1993-2006 Alexander Roshal 14 Sep 2006
Shareware version Type RAR -? for help
ê2î→▬¥-+ÄÿåZ«-}+HoUédT▌▌îYêcY++♠)W☻↨É∟Jáj5¬=ú+←▬+n+2E!JL°%YXÉ~▌£Ü-ÑS☺&ì.l
0♫LE-g_♥2-k
-♂~SA£#r↑k948{▌▌!n·B+\+¿;+<↨+9|B-⌂g-++£+f»-
EÜ▌F}♦LölûÉv▌↕W*zvM▌²'+hr♦8D
? ÑGU▌8G+}{▌ajó+åÿÑo☼[e♥à]SWs*☻ -2W¼5ùo-8v+§2ßîg▌2åƒoª+?]Äoµ-á+ßßn☻▌vP]v)=~gæ8F
↑-++W¢_Ѳe%-*p-lÇ▲+O"<ü·Å▲+s- {Ä♫7u+ò6cA☻Vë@t\f¬J-ÿ!ä9¬ßsnP;¬0=ôܪw+=K▌m`+☻p°ûat
º↔X_▌d²½S∟M▼4+☺xÄ-^ßW|aY*♣'▌tuì+=·)GÄ+▲9←òí+♠¬N`ñMg-edèMLR◄}J+"°Y▌+}_Z²+S w½n+ª↕
ÅÅ+♥á+n⌂-5Ü♠F~t▬O}·▌q+B+1+ i♣tQS_↨ ,sFh←↑ü=RYy▌ܶ‼ÆIJ'▬TpÑ+☻▌_☺p(ƒ \2H▌T-ï»▌:¡+{
å
)▲I+ƒ▌}}5_|-[üc-◄&G▬\++M++"-vya=+¼> Kb⌂-▌☼H☺o÷+-++çï-æò)|]▌oòH;+;=nT
ÖƒB1¬Ö¬-♦+▌`$ü1Q3ä+∟A▌+-♂c;ÅÆ)CfM-+Ií▌>↨i²T¡*_♂>-+Ñ☼►íù|»T+Å ▌¢ñxa6·ô▌96Æ4=Où
D▬↕9æÇǧ+▌§▌ît(+¬a8<\&‼ùâ▬o_ÿ¢ë☻e+▬»▌4¬▌±↕)+S∟¿▬
Z¥UOö+¼\+) 3(zpn½!♂O▌ô♥=æNw$nf{r-~I=L-·O¢+)átû▌c7tGRl♀ñÑTY"O'là}¶▌»ªs▬H+∟yü
Ö+s-d'-:8~bT§+3Xñ→-▌I-É+u▌m▲á+↔S▌ƒLv(wSP☺4▌▌^ów+
A+gÖû²}Z▌G-n& ·à▌¢DMU-p!◄$◄++‼-,ôàù→+▌Z%æ→-1aYï - the file header is corrupt
Encrypted file: CRC failed in arr_pirate.rar (password incorrect ?)
No files to extract
-
heres the output from 7z
7-Zip 4.58 beta Copyright © 1999-2008 Igor Pavlov 2008-05-05
Processing archive: arr_pirate.rar
No files to process
Files: 0
Size: 0
Compressed: 15732
7z x -pablins arr_pirate.rar
I also tried it with the gui which opened it but doesn't show any files in it.
However when i tried it with rar.exe it says CRC failed... so im guessing something else may be going on here...
Some advice
in Security
Posted
its a good idea to make copies of all your configuration files especially for X if your messing with stuff... that way you can always bring it back to life.