PC646
-
Posts
48 -
Joined
-
Last visited
Posts posted by PC646
-
-
When I log in and look at the ROOT level I see 15+ directories vs. on the episode I don't see any directories or files in the root access. Should I delete them? Am I looking in the wrong area?
Thanks
-
Nothing new, thus why I stated "Script Kiddies will shit themselves..." but still pretty smooth setup.
-
All you script kiddies are going to shit yourself today. Firesheep, a cookie sniffing extension for firefox was released today. Simply run Firesheep and it collects user's cookies and info in an easy to use menu that you simply double click to log in as that user. No real hacking skills needed.
-
I sent you a private message to contact me.
-
EPSILON,
Thanks for the info...
StraightEdge???
-
How about a show on why hackers get caught and goto jail...
-
I prefer Mac MakeUp 1.95d at http://www.gorlani.com/publicprj/macmakeup/macmakeup.asp
Not only can you randomly change your mac address but if you do a sniff with cain on a network you need to pay for, you can clone a mac address and log onto the network for free ;) Or so I hear...
-
So are the feeds with "feeds.feedburner.com" yours so you can collect ad-sense from us?
-
Companies like Accessdata even allow PS3's to be connected to help crack passwords...
-
In the forensic world we call it distributed processing. I use it for indexing large amounts of data across 465 computers here at work. We also use it to crack passwords.
My personal idea was to use Amazon's EC2 to do this. I have seen some people use the Ec2 to crack passwords but I'm running into online transfer speeds and security issues for indexing sensitive information.
-
I just use wireshark for pcap files.
Not capturing Pcaps, but pulling files from pcaps. Photos, docs, etc on a large scale...
-
So it sounds like their isnt much out there to pull files from pcaps...
Wetwork-
When you say large what are we talking about here? I'm doing multiple 250mb files (51GB total) and one at a time or a handful it's slow or crashes.
-
As you have seen in my other posts I love Netwitness for analyzing pcaps, but I'm looking for other windows based programs for quickly data carving files. I have played with Network Miner but it tends to crash with the large amounts of pcaps I have, any other suggestions? Thanks.
-
Silicon Valley
-
Has anyone played with this freeware called IP Changer?
http://www.softpedia.com/get/Network-Tools...p-Changer.shtml
-
It can be done with many data types for a price. We use to do it with cctv video fairly easily 10 years ago... Although the "tool" cost a shit load 10 years ago I doubt the price has dropped due to the niche market of taking over a cctv system without physically splitting or touching the line.
-
Other than using the pineapple as MTM attack, does anyone have any other scripts you could share on here?
Thanks!
-
Try netwitnesses investigator. Its free, easy to use and decrypts ssl.
I capture with wireshark, remove the 802 header and load into investigator. Poof!
-
Mac Make Up works great...
http://www.softpedia.com/get/Network-Tools...ac-Makeup.shtml
Or watch my video on using it:
http://securitytube.net/How-to-Covertly-Mo...orks-video.aspx
-
"Im not the kind of guy who can sit behind a desk all day and program."
Then forensic work is not for you. I give two examples regarding forensic work, the first is fishing. You can sit in an office all day waiting for a bite and get nothing... Second I tell people forensics is an art, not a science. Yes there are scientific principles behind your work, but doing forensics is more of sitting in an office and digging for something. Tools like Encase and FTK exist to make searching easier, but it really comes down to your own dedication and drive to find that one piece of code or information to make or break your case.
-
The NSA uses AES-256 for Top Secret data because this data may need protecting for decades of time into the future. It has nothing to do with fears about current cryptanalysis, it's a safety measure that is part preparedness and part superstition. As far as NSA making "backdoors", you're either implying that all AES software distributed today has a U.S. government agency-regulated exploit, or that the Rijndael algorithm itself is a giant mathematical mousetrap made in collusion with the NSA. I can assure you, both of these are highly unlikely.
Most, if not all, cryptographers attest to AES's security, despite their personal misgivings about it. Bruce Schneier himself believes in the security of AES, even if he prefers Twofish and Blowfish.
I don't think we have anything to worry about. If AES was crackable, the NSA would not be using it at ALL.
Your logic is wrong... A) Decades old information would be worthless or reencrpyted and B) even with where computers will be someday the math for 128 bit still is millions of years of cracking... So why be so paranoid of something that truly is next to impossible to crack in any of our lifetimes? Backdoor, supermachine, super rainbow tables, something has them spooked. I vote for UFOs.
-
Quote: The proof that AES has no government backdoor is the fact that they use it themselves
Actually that isnt true. AES 128 is ok for two levels of classified data. This is how you know its been cracked...
The United States has three levels of classification: confidential, secret, and top secret. Each level of classification indicates an increasing degree of sensitivity and type of encryption. The NSA doesn't use AES 128-bit for TOP SECRET for a reason, they know its been cracked or has a back door (probably made by them). If they trusted AES like the math shows, it shouldn't be able to be cracked with today or tomorrows computers.
Also lets look at who would have similar resources to crack it, Britain, Russia, China...
-
Triangulation of signals is quite difficult to do in a built up environment as you will get interference from buildings and other obstacles (Sometimes they block the signal and other times they reflect it). Also you will need to know your antenna as well because most directional antennas have odd radiation patterns so the strong signal doesn't necesarily mean that you are point your antenna directly at it. So make sure you map the radiation pattern of your directional antenna before trying this, as it will help you interpret the information that you collect.
Triangulation isn't that hard with the right TSCM (Technical Surveillance Countermeasures) equipment. Most LE won't have this, but their private industry buddies and feds will. Even if they can't narrow down to an exact person like this device claims, they can focus on a building or coffee shop and then manually search individuals...
-
Looking at the other threads, number of comments and information shared vs. this post I would say my question wasn't crazy, noob or bad at all. It sparked a good conversation and was answered by people that want to help others.
As continuing to attack the police comment, shit happens. If you don't prepare for the worse, you can find yourself knee deep in that shit. Sharing information about preventive measures isn't something to dis, there are plenty of famous hackers that got caught because of tunnel vision, lack of information, behind the technology curve of LE (rare) or simple slip ups. A board of this nature should be happy to share mistakes, tools and challenges to hacking.
[Question][Payload] Vnc Server Payload
in Classic USB Rubber Ducky
Posted
I remember the switchblade had a payload to run VNC hidden on a target's computer. Does anyone have this for the rubberducky? Suggestions to write it?
Thanks