Gianluca
-
Posts
45 -
Joined
-
Last visited
Posts posted by Gianluca
-
-
Hi guys,
I'd like to use my acer aspire one A110 (the one selled with linpus OS) as a wifi adapter for my Xbox360. I mean, I want to redirect the adsl connection I get from the wifi to the ethernet card of the acer aspire one. The Xbox360 is connected to the aspire one via ethernet cable. I'm pretty sure that this is called bridging mode.
Do I need some special utility to do that or it can be done with some iptable trick?
How to do that?
thanks!!
-
1. You can perform ARP poisoning (Redirect a user to another website, eg malicious one)
ARP poisoning redirects hosts in the same network (used most of the time to perform man in the middle attacks), what u mean is dns poisoning
-
metasploit is a good choice
also, check out the pineapple (here). It can trick other computer wifi card to associate to your pineapple instead of the legitimate AP, then you can do whatever you want, some MITM attacks and so on...
-
LOL
LOL and LOL again! its not pȱrɳ man lol,
LOL
it IS definitely pr0n...
if not, why so much dedication?
:lol: :lol: -
So much work for a 70-75% chance.
if you're targeting a specific user the 70-75% success rate may be not enough (there is a 25-30% chance that it is not enough :P :P :P ) but if you are just collecting random accounts that's very good.
-
Yeah, fake services or even cloned sites and some social engineering is the way to go. SET is the tool you would want for that. It integrates metasploit into it so payloads can also be used against the target in the process. All this without having to be on the same network, just need to get them to visit a site or click a link in an email and then its game over.
yep,
cloning sites means phishing = illegal but creating new services is absolutely legal...
as you said, no need to be in the same network
and no need to be in front of the computer too! just wait for the passwords to show up in your remote log file...
-
So much work for a 70-75% chance.
naaa.. just write the login page of the web service!
:lol: and of course, if u try this over 100 people, you get on average 70-75 facebook and email accounts... not bad IMHO.
the more users the better because the effort-per-account decreases very fast
-
add some bias to your brute force search! You MUST have some clue about your password. It was a random 18 key ascii password? I don't think so...
or you're another rain man... joke! 
If you are spanning the entire ascii space you'll not see the end, even with password key length = 8
but... in the meantime, have u changed gf? If so, what's the deal?
another tip:
I don't know exactly but if the zip file includes the hashed version of the password (to detect quickly the wrong passwords, for example), grab the hash, identify the hash function (from the zip specs) and try some rainbow tables. It's much faster than brute forcing using the zip file api functions because u can use some serious reverter like rainbow-crack or cuda, not thoose shitty zip file recovery programs.
-
that's weird. Is it really true you can't even remember the resemblance of that password? (some character, the meaning at least). Does it was a completely random password?
I think that would have been better to exploit the OS information leaking. I mean, to create a dump of the entire laptop disk drive and brute force the zip password against it (offsetting the candidate password byte by byte and using multiple lengths). In some cases OS paging can help you to recover lost passwords...
-
i have an IP address of my "friend" and want to enter her pc without her access of course. all i want to do is to see her facebook password and change the password.
this is old ok, but that's my 2 cents:
create a completely new web service online (online dating, gambling, fake sms free service, free calls, something NEW) with a username/password login page. Convice him/her to register on that web service (you have already done it ok? you know how cool this service is... :) :) :) ). There is a 70-75% chance (here the study) that the password he/she entered is the same as his/her facebook or email account. You are the admin on that server so you can store the password in clear and get it as it is.
not bad, uh? :)
-
Information leakage is everywere, it's almost impossible to avoid it.
The best I can do is to centralize all the confidential data in a very secure host (linux based of course) and use 2 other spare xp PCs for gaming, non-critical web browsing etc etc... (I don't mind if I get viruses on those 2 PCs)
Keepassx database stores all the passwords and an encrypted truecrypt volume store the personal data. One single master password unlocks the keepassx db and in turn all the other stuff. Every now and then I print on paper the keepassx password db in base64.
-
Ok guys, good work.
Of course, that's was just a very easy example... just to show that my trivias aren't beyond human capabilities. ;)
Now, take a look at that:
othiwqqbgpinnzconmohmfczefkacentmvmrcegygdwgpdzmlwsxfuafjgriajvaytgcqimryqhaehki kgamcwfoaevnxuwxhrpzsqvqiemwfothzktufzpzvrazuaehjfynlatguqzafkkoivyrbygmyhqrlrpg asitwgjjqckbfnzqsvntuxtmnvwilxjjuvxtjk
eheheh, no gaps between words to help you
and yes... I'm not using the password "hello" anymore! ;)
-
Hi all,
well, the coding challenge I proposed seems to be not so feasible (I red from the forum that the major problems are that people need to know a specific programming language, developing a single trivia like this takes a lot of time ad so on...)
so, why not a cipher challenge?
The aim is to decode a given ciphertext. Who posts the right plaintext win the trivia. Super simple.
Obviously, the plaintext must be an english sentence otherwise it isn't possible to realize when the code has been cracked.
For example, let's look at this ciphertext:
"alp bipgv mfvay qce nfxdz sgpf alp wogc ozu pw l aoukcla px slg iipy izio ec aide hftphfpxpcg hro ncttfesy opjpvecog hro tb vxspf htawwjeetcuw tyjvpgtbn eww cm xsp zlxepfz my evl iyrzpws lzwllmsa fpnobwp th pw lwgv e dscyx nzvlvpyh ziyesugp"
I used the "vigenere" encryption algorithm to produce this ciphertext.
(http://en.wikipedia.org/wiki/Vigen%C3%A8re_cipher)
It's an old algorithm of the 19th century, so don't worry, you can crack it quite easily now!
:lol: I think this is a good hint for new trivia sections,
bye!
-
mmmm.. yes. the c64 topic is very wide.. I'm in the field since 1989 (I was born in 1982 :) just in time!) and I know: there are so much things to say about it...
-
Episode 4x06
in Hak5
Why the need for English subtitles for an English speaking show? I can see a benefit for the deaf, but for what other reasons?Actually there's no benefit for the native english speaker but it can be very helpfull for non english people. Have you ever tried to learn a foreign language? at first it's a pain in the *ss to understand a normal conversation. It's easier to read :)
-
Episode 4x06
in Hak5
I've an idea for the hak5 crew: what about releasing english subtitled versions for all episodes? mmm.. this might works but it seems to be a lot of work!
-
I'd like to see a segment about THE old glory: the commodore 64
I don't mean a segment about c64 games (there are a pletora of sites showing c64 games of all types). I mean low level programming, circuits, mods, hacks... got the idea? ;)
-
Episode 4x06
in Hak5
I think, your videos might be watched by people around the world, which are not native English speakers, and might not followed so much easy. (Before someone is mourning: Yes, they can save it and repeat watching it !)I'm one of that people! I'm from italy, I can understand both italian and english and I've no problem listening to the videos. Sometimes I miss out some words but I can still understand very well what they mean. ;)
-
I love the idea. In fact, I'm ready to appoint a subcommittee to develop such gems. Just gimmie a week or two to implement.
thanks.
I can help you if u want...
However, I've got another idea :)
what about a cryptanalysis challenge? You submit a ciphertext and people try to decode it, possibly posting the correct plaintext. You realize that the plaintext cannot be encoded with very strong algorithm (I mean 3DES, blowfish448, rijndael and other similar stuff) otherwise the trivia becomes near to impossible letting Bruce Schneier winning all the time :)
We can use weak algorithms like simple transposition/substitution schemas, a custom invertible algorithm, a BASE64 or ASCIIarmor encoding (which are not cryptografic algorithms but they add complexity).
Obviously the plaintext must be a recognizable english sentence otherwise there isn't a way to see when the encoding schema has been reversed.
Again, google can't help because the plaintext is a custom one
what do u think about it?
but if its put towards only coding or w/e then its limited to certain peopleYeah, you're right, but I think that studying and pushing your limits is the most important part when trying to solve the trivias.
By the way, a trivia is by definition limited to certain people: this is why you cannot give the right answer 1 second after you read the question but you have to do some type of research (googling, study a new programming language and so on..) :)
Hak.5 Fan ++
****
Group: Members
Posts: 94
Joined: Thu, 04 Sep 2008 06:53:27 +0000
Member No.: 10,559
-
hi guys,
in the past I used to try to answering to the trivias, but recently I gived up 'cos my answer were always too late.
I think that at the moment the trivia is just a time challenge where the most important thing is to be very quick to post the right answer.
What I'm trying to say is that (IMHO) the trivia is too knowledge-based, so it's just a matter of googling enough to get the solution
What about a coding challenge? I mean a coding challenge like the one we've seen in a past episode instead of the same old "what's the name of the X thing that was released in the year Y" trivia
In this way, it's impossible to ask google for the answer and the winner is no more the quickiest one.
So, I want a tough coding challenge! :)
-
that video isnt availible for viewing in the usa :o
To avoid country restrictions do this hack:
instead of using the normal url: http://www.youtube.com/watch?v=VIDEOCODE
use this one: http://www.youtube.com/watch?v=VIDEOCODE
where VIDEOCODE is the id of the video you want to watch! :)
however, the video TOYPD7G14HA is no longer available. It has been removed from the database! :(
-
Episode 4x06
in Hak5
I liked it...
several commercials but still enjoyable...
However, I think it was better in the past... I don't know why, but I feel it was more DIY-style
maybe I'm biased by the italian TV witch is 99.99% about commercials and so it really sucks...
the IPTV is better :)
-
he said he didn't want to crack a WEP encrypted network, he just wanted to know what the key is!
Oh, sorry guys.. maybe I need to sleep :)
But I think we didn't understand what Antonio really wants. He wants to discover a WEP key without asking the owner for it and without having phisical access to the computer on that network, so this is a tipical case of WEP cracking :)
Maybe in Antonio's point of view the word "crack" just means keygen or other stuff...
IHMO
-
Hi ppl,
I need to now if is possible to access a wireless network, for example one program to help-me a find a key??
Its easy?
Thks for a help.
Regards,
Antonio
So, this is my solution to the problem:
- download backtrack3 and burn it on a cd.
- buy a sitecom wl-172. It's a wifi usb stick with the ralink chipset RT73. I have one of these beauties and it works perfectly in monitor mode and with kismet. You can buy it for 25 euro in Europe (I think 20$ in the USA)
- throw away the cd that comes with the usb stick. It's full of useless windows-shit :)
- boot your pc with backtrack3
- read this tutorial and follow the istructions: http://ryanunderdown.com/2007/02/12/cracki...sing-backtrack/
- send me a gift.
NOTE: Be careful when cracking WEP networks... It's ridiculously easy to crack WEP but the conseguences may be not so ridiculous. Think mcfly, think!
:lol: 
or you're another rain man... joke! 
Hacking HTTP Strict Transport Security (HSTS)
in Security
Posted
Hi guys,
On my blog I wrote a post about MitM attack using SSLStrip + arpspoof. It's in Italian so I don't know if u can undestand:
http://www.gianlucaghettini.net/intercettazione-traffico-https-e-recupero-dati-sensibili/
Other than the actual attack (which is very well known) I focused on the HSTS policy and how it is useful to prevent such attacks.
Do you known any successful attempt to break such security policy?
Poisoning the DNS cache of the target host could lead to a scenario in which the target browser goes to a fake domain, receive a forged HTTP header with a max-age value of zero:
Strict-Transport-Security: max-age=0; includeSubDomains
and then get redirected to the real site.
The HSTS RFC says that browser SHOULD ignore the HSTS header when in HTTP mode but maybe this very specific check was not implemented on all browser.