Jump to content


Dedicated Members
  • Posts

  • Joined

  • Last visited

Everything posted by Zimmer

  1. Digip I don't see how dns lookups could slow down a download that much it just has to lookup the one address for the download, though in regular browsing it could.
  2. To add to Sparda also have the user's My Docs etc on a network drive and have a limit of say 256mb for their user folder (so they don't fill it up with crap), the network drive will stop that data from being wiped out, also lock out the C drive that has all the windows crap and make every one limited users and you should be fine. Might want to also install a management system so teachers can see what students are doing and lock them out etc and install an av just for extra safety
  3. Zimmer


    Look at the homepage of the site it sends you to http://www.ligattsecurity.com/ Also a bonus website http://msdn.microsoft.com/en-us/beginner/bb308754.aspx
  4. Ok some of you may know that there are several attempted apps that play pandora on your desktop as well as save the songs. Recently though Pandora changed it up, if anyone is interested in obfuscated and decompiling flash you might be interested in this. Pandora is an XML based service, every communication with the server is based in XML however to make it harder pandora uses an encryption algorithm called blowfish ( http://en.wikipedia.org/wiki/Blowfish_(cipher) ) and the password is the user's password. However to make it even more complex they also use custom p and s boxes, which are 4 arrays of 256 integers and 1 array of 18 integers respectively that are used in the encryption process. Pandora uses one pair of these to encrypt the xml and another pair to obfuscate the audio urls. Now to the part that involves flash one pair of the s and p box arrays is in the source code and is easy to find, however those that are used to encrypt the xml are obfuscated. If you are still interested (and we welcome the help) here is the stuff you will need Decompiled Code: http://zzj.itf-inc.com/downloads/Frame%201.as All, what we believe, relevant parts together http://pastebin.com/kPTTNfb2 Main parts of the obfuscated code: http://paste.pocoo.org/show/271964/ http://paste.pocoo.org/show/272039/ <-- a lot of these are the same value ( output() but link through variable names) Thanks to ZigZagJoe, Lars-Dominik Braun (PromyLOPh) (Author of Pianobar), fforde, lfaraone, and all those who jumped on irc and helped or asked questions.
  5. Sharky Alpha Version, Downloads Linux: http://bit.ly/TAx7nj Windows: [Coming Soon]
  6. That is because email attachments are different encodings then just text in the email body. To do that you need MimeMultiPart to encode the attachments properly.
  7. Ok it is a little over the top, but it still is a huge industry (I'd guess at least a couple million if not more), and it still is stealing. We have not reached that yet in North America (besides it would be a 3 nation raid :)).
  8. One of your points is that they would be moving to open source. So what? They need to move to what will get the job done most efficiently and right now that is Microsoft because all the people know how to use it and moving to open source because its open source is not going to help that.
  9. Well ya he is serious kinda undermines his companies profits. :) As for the iPad, take a blow torch to it, well either that or keep it, I find they are a great frisby.
  10. For diagrams I would suggest tux paint (I'm serious), it is quiet handy for diagramming stuff out using the shapes panel and text control. As for visual studio, just google for an ide for your language, for C++ I have been using Dev C++ recently but switched over to Code::Blocks (actually about an hour ago) and have been loving it, I never liked Visual Studio, to bloated and slow.
  11. Zimmer

    Blue Hat

    Vako I do; though it still is fun to make Micro$oft LULZZZ comments.
  12. All encryption is broken. Ok, I guess I should clarify that. All encryption is weak to brute force attacks, so with a weak key then no algorithm will help. AES 256 practically however is not broken (IIRC). Also on a side note... To get AES 256 bit encryption couldn't you just take your password split it, make two hashes (instead of one) and then encrypt with one hash then the other so for example Your password is: password so get the hashes for pass and word (using a secure hash such as SHA 256) Then encrypt the plain text with the hash of pass and then of word.
  13. Just run them in a VM, also cheating may make you get more points, but the only fun in getting points if you do it within the games rules otherwise your just wasting your time and have not achieved anything.
  14. Ok I don't care how you get it morally or immorally, legally or illegally; Just a) don't try to justify the ethics of stealing, it is, period; now you can get it here http://www.exosyphen.com/index.php?sel=inc...uy.php&id=3 or you can go onto google or bing or yahoo and go try and find another way, but places like Hak5 can't because it would be illegal.
  15. Zimmer


    sablefoxx have you been able to find any implementation details on the .lnk exploit, from what I read if has something to do with the parsing of the picture on any shortcut with shell32.dll, but that is all I could fund.
  16. If you have physical access it is over, period. Even if you can't access the OS, just grab the hard drive and go. Technically even encryption is vulnerable, just takes a "little" time.
  17. And you think the FCC would do so much better with the internet, I can picture it, they have the biggest reason to have content filters, "It's for the children". Also what is Britain's position on hate speech? Also I don't like the FCC blocking swearing (besides I think most kids know what they are even when they are bleeped out) or any other content.
  18. Yes Vako because I don't like government intervention I must be with the Tea Party obviously, if I apply that logic then Obama must be Hitler! </sarcasm> Why do you assume that the FCC needs to regulate network neutrality, why? For that to be needed it would mean that ISPs would set up a system where some content gets preferential treatment, as already established people don't care about the ISPs they care about content, content providers have plenty of leverage to stop the ISPs from giving preferential treatment. If any ISP decides to start a cable like setup (Video 5$, News Package 15$, etc) content providers have all the power, if they say no and don't agree to that deal (why would they they want to reach the most people with their content) that ISP is in trouble they no longer have an content and an internet without content is kinda pointless. Also for net neutrality why does the FCC have to be the monitor and make it illegal, why can't people make it financially unattractive, is it because they won't because most of them won't care, well if they don't care why does it shouldn't matter.
  19. Keep it there that way if any one else encounters it, they will be able to fix it.
  20. Exactly users would ditch ISPs if they could get there content, this would create a huge market of people just waiting for a better option then their ISP and if it gets as bad as suggested by those who support FCC regulation then ISPs can't risk that, they can't risk such a huge loss of profit. Also internet is available almost everywhere, satelite is faster then dial-up and I have used dialup it is painful, but still very usable.
  21. Digip just to point out, So you want the same people to both prevent and be a part of the problem. Also Vako profit is not the goal in life but it is the goal of a company. Also the government basically takes one big supposed avenue for profit and makes it illegal for no reason (food poisoning and lead poisioning cause physical harm that is bad preventing someone from watching Hulu doesn't). Also if the demand for the views of people who can't afford the ISP charges for speed they will find another way, creating another whole industry probably one that makes the internet of today as old as paper journalism is right now.
  22. Reminds me of what they do with that thing called the ACTA, or does that really exist, I just don't know ;) By the way the above and the "It's for the children" where sarcasm. (just to make sure)
  23. But but but its for the children. Right? ;) Also for websites, right now they are using the ISP internet for free, oh wait they aren't. They have to pay the ISP (directly or indirectly) and it works fine. This wouldn't be the silencing of information, the ISPs don't care if you are right wing left wing, etc etc; They are there to make money and they are not going to take sides on issues because thay costs them money. As for charging users for access sites are not going to like it and will just not use that ISP, then it comes down to who the user sides with, the content or the ISP.
  24. By allowing the government to control cases where a company can make profit, limits the potential profit, by limiting profit it becomes less appealing for more companies to come onto the market, and with less companies there is less competition and with that there is less reason to innovate and offer faster speed for cheaper.
  25. Nope just the stuff that transmitted strongest :) I knew that, but this is just an example that government regulation is no where near perfect and flawed, also if any ISP decided to say stop traffic to Bing.com but allow Google.com, the consumer could go to another ISP, and/or google could decide to pay up, after all it is the ISP's network.
  • Create New...