Jump to content

haxwithaxe

Active Members
 View Profile  See their activity

  • Posts

    53

  • Joined

  • Last visited

 Content Type 

Everything posted by haxwithaxe

  1. haxwithaxe
    hey all ignore my suggested short cut. see the link below. i was looking for a sollution to a different problem and found that apparently plain old grub isn't as flexable as grub4dos. (dman it now i have to boot into windows) >: ( http://knowhowbyromiz.blogspot.com/2008/09...x-and-back.html
  2. haxwithaxe
    The cable based ISP's seem too be the worst when it come to freedom of info on the internet. I wouldn't be the least bit suprised if that's exactly what's happening. At least Verizon(my evil ISP) has a profit based motive to their restrictions. Comcast and Cox seem to just like messing with people.
  3. haxwithaxe
    Hey all, I'm writing this post to share what i've learned about making a good passphrase. good = secure + memorable I understand that there are sysadmins for big companies that need to use randomly generated passphrases and that's okay, those people need to use lots and lots of passwords and there's no way in hell they can remember them all. This is for those one-off email accounts and social networking accounts that you want to keep the real life red team out of. my rules that I use in addition to the normal passphrase hygiene(ie long, all 4 char types represented): 1) Never, Ever write it down in any way. that includes the passphrase keepers. Again not for all passphrases just the ones you can manage to keep in your head. You'll be suprised what you can do and in most cases. If you do forget it you can use the automated passphrase recovery procedure on the site you used it on. 2) It Never, Ever has any dictionary words in "plaintext"(I explain latter) 3) I must remember it. With me that's a feat in and of itself. I have left an account idle for years and been able to go back and remember the passphrase within 3 tries. 4) It must be pronounceable (yes no dictionary words and yet it's "pronounceable" as in sentence) 5) IT'S A PASSPHRASE not a password so don't be afraid to use spaces and make phrases(thanks to the hak5 crew for reminding us of that a few ep's back) The way I do this is i set out a cypher for certian letters(ala 1337 speek, btw never use leet speek for your cypher). I use letters, numbers or special characters or combonations there of to represent individual or multiple characters. Think of it as ascii art passwords. The characters you use in your cypher should have a significance to you. If %@ reminds you of H then by all means use it as such. Also don't forget to use spaces. Always use the same cypher though, its the secret decoder ring for your electronic life. Also never share it with anyone. If there is a share account for something(family email perhaps) use a shared cypher. I use passwords that have a significance to what they protect. This may be something I think about the site/app or something I'm trying to do on the site ... whatever. Just don't rely on the physical appearance of the site/app 'cause that tends to change. Please share your tips, tricks, and rules of thumb for crafting a good passphrase, but don't let your self give away the keys to the kingdom. ps. After i started writing this I went back and changed all the occurences of password to passphrase. I suggest we all never use the word "password" again as it perpetuates the (often unconcious) idea that it needs to be a single word.
  4. haxwithaxe
    PLAIN OLD GRUB DOESN'T WORK FOR THIS IGNORE ME. A possible shortcut might be(this is the source of my not being able to map iso's and floppy images) to just boot into ubuntu/your favorite linux distro and format the drive as wanted and then to make it all bootable with the following: 1) mount the "boot" partition on /mnt/bootusb/ 2) sudo grub-install /dev/sdx --root-directory=/mnt/bootusb/ sdx should be the device corresponding to your usb drive and /mnt/bootusb/ can be any path you want or where ever your distro puts it if it auto-mounts you can use the same command for grub 1 and 2. this will create a directory /mnt/bootusb/boot/grub/ in which you need to place your menu.lst or grub.cfg file.
  5. haxwithaxe
    Wow, xPud looks cool. it looks like a good distro for tablets or wall mounted kiosks(think home automation/startrek). Anyone gotten an iso to load on anything and if so lets try to figure out how, and why the computer voodoo gods have blessed them. (yes computers(software at least) have voodoo inside and just like the magic blue smoke if you let it out (or it's never there to start) it's gone for good). my system is 1 year old nvidia based biostar mb. 8GB kingston datatraveler USB drive. I can't boot isos. i used ubuntu 9.04 default grub-install to install grub to my usb. anyone else have any of the same specs and have problems booting isos? anyone have similar setup and not have problems booting isos? otherwise i need a chicken ...
  6. haxwithaxe
    Yeah the memdisk method works with floppy images in general so that's what I used with the others (freedos, dban, sbm) but kon-boot needs that special sauce to work so i'm trying to figure that out right now, as well as the iso loading thing. I haven't tried yet with the even simpler name so I'll see if that somehow changes things.
  7. haxwithaxe
    Thanks, That would be Darren's method wouldn't it and I have already renamed it to "konboot-1.1.img". I went through the entry line by line in the grub prompt and the first line is what's throwing a "bad device" error. I'll try again with an even simpler name I guess.
  8. haxwithaxe
    no need to use u3. infact i would think u3 would mess things up a bit if anything in this case. your also not using the u3 partition to store anything for this as the bios 1) might not recognize it as a "cd" and 2) might treat it like a cd when it's not ment to be in this setup. so in short all the stuff being talked about in relation to this ep is going on the fat partition not the u3 partition.
  9. haxwithaxe
    Just a thought... Grub errors from the people who are having grub problems might be useful. ie i keep getting "bad device string" errors trying to boot from isos. EDIT: I switched from the standard grub 1 to grub4dos and the errors have ceased : ) <ignore this> As per the above, I need some help understanding what I'm doing wrong with some of these entries particularly the booting direct from isos. </ignore this> here is my menu.lst color red/black white/black title Smart Boot Manager (good) kernel /memdisk initrd /sbm.img floppy title BT3 (good) kernel /bt3_root/boot/vmlinuz vga=0x317 ramdisk_size=6666 root=/dev/ram0 rw quiet initrd=/bt3_root/boot/initrd.gz boot title BT4 pre (good) configfile /bt4-pre_root/boot/grub/menu.lst savedefault title Ophcrack (good) kernel /ophcrack_root/boot/bzImage rw root=/dev/null vga=normal lang=C kmap=us screen=1024x768x16 autologin initrd /ophcrack_root/boot/rootfs.gz title Kon Boot (works with darren's method after switching to grub4dos) title Hirens 9.9 (good) kernel /memdisk initrd /hirens_root/boot.gz title ntpasswd (good) kernel /memdisk initrd /ntpasswd.img floppy title DBAN (good) kernel /memdisk initrd /dban-floppy.img floppy title Clonezilla (boots to error) kernel /clonezilla_root/live/vmlinuz1 initrd=/clonezilla_root/live/initrd1.img boot=live union=aufs hostname=jaunty edd=on nolocales noprompt ocs_live_run="ocs-live-general" ocs_live_extra_param="" ocs_live_keymap="" ocs_live_batch="no" ocs_lang="" acpi=off irqpoll noapic noapm nodma nomce nolapic nosmp ip=frommedia vga=normal initrd /clonezilla_root/live/initrd1.img edit: title Parted Magic(good after moving pmagic dir to root dir) kernel /pmagic/bzImage noapic load_ramdisk=1 prompt_ramdisk=0 rw vga=791 sleep=10 loglevel=0 keymap=us initrd /pmagic/initramfs ## old one that didn't work #title Parted Magic(can't remember) #kernel /pmagic_root/pmagic/bzImage noapic load_ramdisk=1 prompt_ramdisk=0 rw vga=791 sleep=10 #loglevel=0 keymap=us #initrd /pmagic_root/pmagic/initramfs #map --unmap=0:0xff (this line caused grub error: bad device) title FreeDOS (good) kernel /memdisk initrd /freedos.img floppy title Damn Small Linux (update: good after moving KNOPPIX dir to root dir) kernel /dsl_root/boot/isolinux/linux24 ramdisk_size=100000 init=/etc/init lang=us apm=power-off vga=789 initrd=minirt24.gz nomce noapic BOOT_IMAGE=dsl initrd /dsl_root/boot/isolinux/minirt24.gz title Super Grub Rescue Disk(boots but needs editing in submenus) configfile /super-grub_root/grub/menu.lst savedefault title Trinity Rescue Kit (boots to error (I know there's abunch of stuff wrong with this one)) kernel /trinity_root/kernel.trk initrd=/trinity_root/initrd.trk ramdisk_size=49152 root=/dev/ram0 vga=788 splash=verbose initrd /trinity_root/initrd.trk title Ubuntu LiveCD(works after switching to grub4dos) find --set-root /ubuntu-9.04-desktop-i386.iso map /ubuntu-9.04-desktop-i386.iso (0xff) map --hook root (0xff) kernel /casper/vmlinuz file=/cdrom/preseed/ubuntu.seed boot=casper iso-scan/filename=/ubuntu-9.04-desktop-i386.iso quiet splash locale=en.UTF-8 -- initrd /casper/initrd.gz boot title Memory Test kernel /memtest86+.bin (stolen from BT4pre) title Boot the First Hard Disk root (hd1) chainloader +1 ##END################ boot here is my dir stucture ROOTDIR of BOOTUSB |-- BT3 | |-- base | |-- livecd.sgn | |-- make_iso.bat | |-- make_iso.sh | |-- modules | `-- tools |-- KNOPPIX(for dsl) | `-- KNOPPIX edit:(no more boot folder switched to grub4dos don't got the grub-install route if you want to do the fun stuff) |-- bt3_root | `-- boot | |-- bootinst.bat | |-- bootinst.sh | |-- bootlilo.sh | |-- chain.c32 | |-- dos | | |-- BT3.bat | | |-- config | | |-- loadlin.exe | | `-- readme.txt | |-- initrd.gz | |-- isolinux | | |-- isolinux.bin | | |-- isolinux.boot | | `-- isolinux.cfg | |-- msramdmp.c32 | |-- mt86p | |-- syslinux | | |-- ldlinux.sys | | |-- lilo | | |-- mbr.bin | | |-- syslinux | | |-- syslinux.cfg | | |-- syslinux.com | | `-- syslinux.exe | |-- vesamenu.c32 | `-- vmlinuz |-- bt4-pre_root | |-- boot | | |-- bootsplash | | |-- grub | | | |-- bt4.xpm.gz | | | |-- menu.lst | | | `-- stage2_eltorito | | |-- initrd.gz | | |-- initrd800.gz | | |-- initrdfr.gz | | |-- memtest86+.bin | | `-- vmlinuz | |-- boot.catalog | `-- md5sum.txt |-- casper (for bt4) | |-- filesystem.manifest | |-- filesystem.manifest-desktop | `-- filesystem.squashfs |-- clonezilla_root | |-- COPYING | |-- Clonezilla-Live-Version | |-- home | | `-- partimag | |-- live | | |-- eb.zli | | |-- filesystem.squashfs | | |-- freedos.img | | |-- gpxe.lkn | | |-- initrd1.img | | |-- memtest | | |-- packages.txt | | |-- parameters.txt | | `-- vmlinuz1 | |-- syslinux | | |-- chain.c32 | | |-- drblwp.png | | |-- memdisk | | |-- menu.c32 | | |-- ocswp.png | | |-- syslinux.cfg | | `-- vesamenu.c32 | `-- utils | |-- README.txt | |-- linux | | |-- VERSION.txt | | |-- makeboot.sh | | `-- syslinux | |-- mbr | | `-- mbr.bin | `-- win32 | |-- VERSION.txt | |-- makeboot.bat | `-- syslinux.exe |-- dban-floppy.img |-- dsl_root | |-- boot | | `-- isolinux | | |-- boot.cat | | |-- boot.msg | | |-- f2 | | |-- f3 | | |-- german.kbd | | |-- isolinux.bin | | |-- isolinux.cfg | | |-- linux24 | | |-- logo.16 | | `-- minirt24.gz | `-- index.html |-- freedos.img |-- grldr |-- grub-rescue-floppy.img |-- hirens_root | |-- Vdefs | |-- WinTools |-- konboot-1.1.img |-- memdisk |-- memtest |-- ntpasswd.img |-- ophcrack_root(works so excluded) | |-- boot |-- pmagic_root(works so excluded) | |-- boot | | `-- grub |-- pmagic | `--(important stuff) |-- sbm.img |-- super-grub_root | |-- grub | | |-- choose | `-- sgd | | `-- menu.lst | |-- menu.lst |-- tables | `-- vista_free |-- trinity_root | |-- boot.cat | |-- bootlogo.jpg | |-- initrd.trk | |-- isolinux.bin | |-- isolinux.cfg | |-- kernel.trk | |-- ldlinux.sys | |-- memdisk | |-- memtest.x86 | |-- pxelinux.0 | |-- pxelinux.cfg | |-- syslinux.cfg | |-- trinity.ico | |-- trk3 | `-- vesamenu.c32 `-- ubuntu-9.04-desktop-i386.iso I tried to make it as small as possible so there is a lot of stuff missing.
  10. haxwithaxe
    see the grub docs for how to boot windows(as in hard drive) and i'm betting that you can just chainload the boot directory as if it were an installed copy of windows.
  11. haxwithaxe
    Hey all, Any progress on this? I work for a company that makes custom OpenWRT based firmware and I've noticed OpenWRT has an ettercap package in their opkg repo. And we've thought of doing this but never have tried and I'd love to be able to show the results of this discussion to my boss cause he's been jonesin' for this stuff for a while but hasn't wanted us to spend time on it. Also I have routers i can use to test on so if someone want's testing done I'll gladly help out. Idea: use remote mysql db, and local ettercap. you'd be suprised the stuff you can squeeze out of a linksys wrt54gl.
  12. haxwithaxe
    I have a workaround for admin rights. <not mine src="can't remember"> 1) find a service that doesn't use quotes in the executable reference and has user writeable directories with a space in the name. eg C:\Program Files\Dumb Admin Installed Stuff\srvc.exe (program files dir not writable usually but i'm lazy) 2) insert an exe that creates an admin account into C:\Program Files\Dumb.exe 3) reboot windows handles unquoted spaces by checking for C:\Program >C:\Program Files\Dumb > C:\Program Files\Dumb Admin >C:\Program Files\Dumb Admin Installed >C:\Program Files\Dumb Admin Installed Stuff\srvc.exe after the file is inserted it will be executed in place of the service when windows looks for C:\Program Files\Dumb </not mine> Also, does anyone know of a way to make the user created by "net user" not have a profile path. My current workaround for this is to make the profile path a hidden & system file, but clean up when i'm done via a autoit script (eventually an exe) that removes all obvious traces of the user and the script/exe fails 'cause the user is still using it and it would be best anyways to not have it there at all in the first place 'cause that's just more footprints for people to find. Thanks. hax
  13. haxwithaxe
    Hey guys, I've been doing some looking around and Sandisk indeed hold the patient for U3 and they started charging royalties for the use of the technology. So everyone else dropped the U3 stuff from their products. I've seen a few articles online saying various companies dropped inclusion of U3 from a few months ago. Now we need to find out if there is still hardware support for U3 even though it isn't advertised. I would think that they might have kept support for it to save on the cost of refitting there production lines yet again. hax
  14. haxwithaxe

    USB Lojak

    haxwithaxe replied to haxwithaxe's topic in USB Hacks

    Hey all, I've decided to implement all your suggestions thus far. ddns updater ping ?mail? -- I need to play with that one a while. ?ftp? if mailing doesn't workout also I've been looking at windows built-in utillities (hence ftp instead of blat). perhaps getmac, ipconfig will be in there next as well to give some more device specific evidence to the authoities in case of theft. Again this isn't aimed at uber-hackers so I'm working under the assumtion that at least on of the methods will work properly. So if the shmuk at school steals your drive you can turn over the logs to the police and the campus IT department can give them what they need.
  15. haxwithaxe

    USB Lojak

    haxwithaxe replied to haxwithaxe's topic in USB Hacks

    True. I plan to do a redundant execution. Both autorun from U3 and from all the menu options in the autoplay menu of the fat16 part of the drive. Infact the script above has only been tested with auto play so far. (finals week and I needed an excuse for myself to mess around instead of studying.) Now if they have autorun usbdevices turned off completely I have to rely on the DCoT part of the script to work it's social engineering magic and have the person return the drive to me.
  16. haxwithaxe

    USB Lojak

    haxwithaxe replied to haxwithaxe's topic in USB Hacks

    Some ISPs have their networks setup so that the ping would appear to come from an ISP server and not the target box. Also if their using a ftp proxy when the drive is plugged-in I don't want to get the ftp proxy's ip. and if they're using a web proxy their ip will show up in my logs. If for some reason they're using both then I'm up a creek. This isn't meant to be a tool for hacking just something to help me get my thumb-drive back if it's lost or stolen. Also the above site was my personal site so don't use it please. I've changed it protect the inconsiderate from themselves.
  17. haxwithaxe

    USB Lojak

    haxwithaxe posted a topic in USB Hacks

    Hey all, I just finished the initial test of my ftp based usb lojak (cause the c is superfluous and the the name is trademarked) system. Haven't check my ftp server yet but we'll see when I get home. I did the alpha in batch and used a complied autoit script for the last test. It uses wget (if anyone can think of a windows built-in get app I'd like to know about it) to grab the automated whatismyip.com page and windows built-in ftp to send it to my ftp server at home. If anyone can point out a webmail service that doesn't require ssl/tls to use the smtp please tell me because I couldn't find any, and part of the whole point of this app is that when joe shmoe user (not His/Her Holyness sysadmin) plugs in the drive it will still tell me where it is. So stunnel isn't going to cut it. the autoit script is based off of the Daily Cup of Tech Script with some slight modifications. #NoTrayIcon Dim $Message1 Dim $Message2 Dim $Message3 Dim $Message4 Dim $Message5 Dim $Message6 Dim $Title $Title = "Help! I'm Lost!" $Message1 = "I've been lost and my owner would love to get my data back." $Message2 = "Please return me to:" $Message3 = "hax , 1337 Haxor WarDrive, Tahkalb, MD 01337" $Message4 = "or email me at haxor@haxor.com to arrange a pick-up." $Message5 = "Your will receive a shiny new USB drive just as big as this one for your trouble." $Message6 = "Thanks for your honesty in advance. - hax" MsgBox(266304,$Title,$Message1 &amp; @CRLF &amp; $Message2 &amp; @CRLF &amp; $Message3 &amp; @CRLF &amp; $Message4 &amp; @CRLF &amp; $Message5 &amp; @CRLF &amp; $Message6 ) Run ( "explorer ..\..\..\..\..\..\..\..\..\" ) ;no drive change so it will display the toplevel dir on drive it is run from #NoTrayIcon DriveGetDrive ( "cdrom" ) ;get ipaddr and mail it if safe.dat does not exist on C:\ If FileExists ("C:\safe.dat") Then Exit Run ( "wget -P %temp%\ http://whatismyip.com/automation/n09230945.asp" ) Run ( "ftp -n -s:ip.dat example.com" ) ip.dat is as follows echo user ftpuser ftppasswd echo bin echo put %temp%\n09230945.asp echo quit Also I'm a giant noob when it comes to autoit scripting so please feel free to flame my scripting. woops left the wrong address in there
  18. haxwithaxe
    I second that. I'll send any apps you want, as well as seed continuously. my list of apps &lt;file name="NAPALM"&gt; (write or draw in flames on the desktop) &lt;file name="Sudoku Portable"&gt; &lt;file name="Sysinternals BSOD Screen Saver"&gt; &lt;file name="Push BSOD"&gt; (the sysinternals BSOD Screensaver wraped in a script to push it to the target computer...fun on friends computer when their gon for a minute or more) &lt;file name="Audacity Portable"&gt; &lt;file name="VLC Media Player Portable"&gt; (for mac and windows) &lt;file name="Firefox"&gt; (for mac and windows) &lt;file name="Pidgin Portable"&gt; &lt;file name="SSH, Telnet and Rlogin client"&gt; &lt;file name="Thunderbird"&gt; (for mac and windows) &lt;file name="WinSCP Portable"&gt; &lt;file name="uTorrent"&gt; &lt;file name="VNCViewer"&gt; &lt;file name="7-Zip Portable"&gt; &lt;file name="Autostart program viewer"&gt; &lt;file name="ClamWin Portable"&gt; &lt;file name="CoolMon Executeable"&gt; &lt;file name="Eraser Portable"&gt; &lt;file name="hacksaw--antidote"&gt; &lt;file name="Notepad++"&gt; &lt;file name="SBConfig"&gt; SIW used to be there but is missing for some reason &lt;file name="vnc--antidote"&gt; I will be adding: cmd portable DoubleKiller.exe Undelete+.exe VirtualDrives.exe WirelessKeyView.exe
×
×
  • Create New...