Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by ax0n

  1. And part three, complete with sidejacking.
  2. Thanks for the linkage :) I also had to do some updates to the article because I was working with TWO different versions of jasager while writing it. What's up there now should do the trick. I am working on showing how to integrate it with some other evil tools as well. I've been having a lot of fun playing with Jasager on and off over the past few months. I still love that video explaining how Jasager (and Karma in general) works. Part two will be even more evil. Part three, if it works out the way I want it to, will be even worse. But it's all in fun. Right?
  3. ax0n

    Whats this hash

    It looks like a 3DES hash like what older versions of UNIX-Like operating systems use.
  4. Acoustic Coupler. A decade ago (plus three weeks), I wrote how to build one for under $20. http://stuff.h-i-r.net/articles/hir9/hir9-5.txt Basically, with a 9V battery, you can take any two phones and make them "talk" to each other, or you can make a phone and modem talk to each other. Seriously, grab a phone cord and cut the red or green wire. Then hook a 9 Volt up to each cut end of that red or green wire. Hook it between two phones and you and your friend can talk to one another. Now, to make a normal phone into an acoustic coupler, you have to use something to isolate outside noise a bit. I used cheapo suction cups. Old-school acoustic modems (and those classic payphone TDD terminals) used thick rubber cups. Either way, moving the microphone and the speaker to the outside of the phone's housing and getting some sound insulation around them to make a good acoustic connection is all you need to do. The acoustic coupler shown strapped to my cordless phone is a professional-grade one from the mid-90s. It's a "Telecoupler II" by Road Warrior. Another one popular at about the same time was the the KONEXX Koupler. You could probably find either one on eBay cheap, but it's more fun to build it yourself. Maybe I should go through and re-do my article with photos and better grammar. As has been mentioned in this thread a few times already, the usefulness of dial-up (much less crappy acoustic modem dial-up) is very limited these days with ubiquitous open WiFi and affordable broadband wireless (WiMax, EV-DO, EDGE). But hey, us retro-geeks have to hold on to something, don't we?
  5. ax0n

    PHP on mac

  6. The only thing that can be proven here is INSECURITY. If a bunch of forum-dwellers break it, then you might need to consider using a stronger key. If we can't, however, it really doesn't mean anything. 1. I don't think that any of us are skilled cryptanalysts. That means that we could just lack the skill to pull it off. 2. None of us here are irresistibly motivated to crack your file. I mean, some people who are bored or really, really want to prove themselves might take a crack at it, but see #1. They might not be the most skilled of the people here, and they aren't nearly as motivated nor have the resources that a dedicated attacker (research team, corporate spy, or government agency) might have. 3. You can't hide secrets from the future with math.
  7. ax0n

    Undo rm -r *

    http://freshmeat.net/redir/unrm/10963/url_...nrm-0.92.tar.gz The shellscript needs some tweaking for ext3 but I've used this several times before and it usually does an okay job. Not perfect but it might get some (or all) of it back.
  8. I know, but I do have good antennae and the good cards with >100mW tx are usually quite sensitive. And the high power comes in handy when doing other stuff that I still might do that's... well, NOT war-driving. ;) *coughaircrackngcough* sorry, I must have bronchitis ;)
  9. You need something more than Ettercap to do this. The easiest way I know of is using something that can man-in-the-middle the encryption, such as Jay Beale's Middler. Ettercap just sniffs (and arp poisons to get traffic from switched networks). MiTM attacks try to trick users into using encryption that you have the key for, so then you can decrypt the session.
  10. Here's something funny. When my wife and I drove down to Springfield MO to kick it with Darren and Snubs, I didn't yet have my Alfa, so I just drove the trip with Rig #1. I found more than 6,000 networks on that trip, and more than half of them, I was the first to report to WiGLE. You can see my usual turf in this map, and the bizarre trail down to Springfield from that one trip.
  11. As far as what I do with the wardriving data? I have EV-DO so I don't need to steal anyone's wifi. I have full coverage almost everywhere. I just upload my stats to http://wigle.net for fun. I also look at the WiGLE maps to see how many noobtards are still running wide-open nearby. Rig #1 (bicycle rig a.k.a. The WarCycle): HP Jornada 720 jLime Linux Kismet Garmin GPS12 SMC EliteConnect (high-power PCMCIA with two mmcx) Two omni-directional mag-mount antennae The bicycle is good because the slow rate of speed and ability to tool through dense neighborhoods really does give you a really complete picture. It might take longer, but it's a lot of fun, and I get my cardio while still nerding out. Rig #2 (usually in my car): MacBook OS X Leopard KisMac Alfa AWUS036H (outfitted with a 12dBi antenna) Garmin GPS12 Rig #3 (usually used for stealthy indoor site surveys): La Fonera running on a battery pack OpenWrt unlocked Kismet no GPS
  12. Basically, a darknet is any network that is private and invite-only. Usually, it's for file sharing. Some buddies and I ran a Waste network for a while. If people leave their stuff online, it works. At the time, Waste was windows-only. I'm too lazy and uninterested to figure out if that's still the case. Many serious darknets are using a VPN and are really more flexible than Waste. You can implement whatever you want on the VPN.
  13. Or some of us just might not like his policies? Imagine that. Not that I liked Bush's much, either. I like the freshness Obama brought. A lot of the "transparency" stuff, while it sounds honorable, is just a big PR stunt, though. And he is still saying "I will" (issue a stimulus, shut down Gitmo as examples) instead of "effective now, this shit is gettin' DONE." - This isn't the campaign trail anymore, but he's still writing checks that may not be able to be cashed. I've got plenty a good reason to be cautiously optimistic about our new Prez without being some wack-job that thinks B.O. is a terrorist, but it's another discussion for another thread (or best yet, another FORUM in general!) For what it's worth, I laughed my ass off at the joke.
  14. Mountain biker? I need to dig out my collection of bizarre keys. They've got a collection of their own: dust. :(
  15. The internet and all of the universe as we know it are just part of a simulation made out of a bunch of rocks in a desert.
  16. Depends what I'm up to. Assuming I'm heading out for an evening of digital mischief: MacBook Jornada 720 (running jLime Linux) Alfa AWUS036H (500mW USB WiFi) FON Bomb (La Fonera + Battery Pack) LG Chocolate 2g (Hacked for Bluetooth Tethering) Canon PS A530 Digicam (with CHDK) USB/Ethernet/Power Cables Flashlights My Black Notebook Writing devices Gerber Evolution multi-tool
  17. I've done a variety of sysadmin gigs over the last 8 years, and I don't have a degree. I took plenty of IT classes, just never earned a full-on degree. If you can weasel your way into the Information Services department at school on a work study, apprentice or part-time basis, you'll likely be able to hang out with the real systems admins at school quite a bit. You'll learn more that way than you will in any classroom. Set yourself up a server within VirtualBox or some other virtualization platform (or use an old junker machine on your home network) and start playing around. Server 2003 (Windows) or Ubuntu Server Edition (Linux) are reasonable places to start. You could also try Windows 2000 Server (runs on slower hardware better) or one of the free enterprise-based Linux distros such as CentOS. Unfortunately, classes really can't prepare you for sysadmin life. They can teach you the commands and actions to perform certain tasks on the operating systems. Classes can also teach you about things like troubleshooting hardware problems, project management, and stuff. There's a lot more to sysadmin work than that, though. This includes office politics, irate and selfish users, how to genuinely automate your own mundane work, and a myriad of other things that classroom time simply cannot prepare you for. When things are running smooth, you're basically invisible. You can, as was mentioned, often go off and do whatever you want. The flip side is that no one really appreciates your work when things are running smoothly, but at the first sign of trouble, they want your head on a silver platter. If you're lucky, they'll praise you if you get the problem fixed quickly, but usually they'll just whine about how much time or work they lost. While some sysadmins slack off in the downtime, I usually look for ways to increase system performance, reliability and recoverability. I do this through security testing, server status history analysis (big brother, Cacti, etc) database, filesystem and kernel tuning, ensuring the backup scheme is optimal and running properly, etc. I have to test a lot of the tuning stuff in the lab environment and wait until we're allowed to change settings on the servers to make it to the production environment, but there's a lot of stuff you can do with your free time to make sure that your job is easier in the future. It's usually a 9-5 (or 8-5 with an hour lunch) type job. Usually, sysadmins spend some time on-call, where they may be pulled into work in the middle of the night for some system failure, or perhaps need to work late if they have to migrate a server, do security patches, etc.
  18. ax0n


    Also, if you're really paranoid, you can force all your traffic through VPN or SSH. Even if the Jasager does get you, your session is tunneled and encrypted. So long as you don't let it MITM you (i.e. accept a forged SSH key or VPN Cert) you'd be relatively secure.
  19. ax0n


    By default, the MAC isn't spoofed. And if it's spoofed, there will probably be other problems. I have spoofed a computer's wireless MAC before and it ends up with flaky communication for both. Access points with the same MAC would probably end up with similar results. Although, all you really need to do is know is if your access point is encrypted, you know you got pineapple'd if your current connection is in the clear and not WEP/WPA/WPA2 etc.
  20. ax0n


    Also, this thread probably belongs in the Jasager forum. Mods?
  21. ax0n


    If Karma mode on Jasager is active, you'd almost certainly get roped into the Jasager network. Even though the network you want to join is encrypted. This is because before the encryption is established, the protocol says 'I want to join "HOME-NET". What's your BSSID?' and just like that, Jasager transmits "HOME-NET is at BSSID xx:xx:xx:xx:xx:xx" where it inserts its own BSSID. It then never asks for your encryption key, and you're now Pineapple'd. Technically, it's a race condition, whoever transmits the BSSID to you first will "get" you, but in the lab, I've seen that if you're in range of Jasager, it pretty much always gets the response back to you faster than the real access point.
  22. Sparda nailed it. Any time you use IRC or IM, anything you have to sign into, you're handing over something that can probably be tied to you directly. The fact that you even mentioned "anonymous" and "untraceable" while mentioning services where you have to use a name (and will likely use one you've used in the past) means that you don't really understand the concepts of being anonymous and untraceable.
  23. I know it's not "computer security" but the title of this forum is Security & Hacking. So I thought I'd bring it up. I like physical security almost as much as I like InfoSec, and the lockpicking/locksport community is pretty interesting. Another hang-out of mine is http://www.lockpicking101.com/ Some stuff I've written on physical security, cracking, bypassing and picking locks that you might find interesting: HiR: Cracking thumb-wheel combination padlocks i-Hacked: Smuggling lockpicks past the TSA HiR: Series - Make your own lockpicks HiR: Bypassing merchandise display locks HiR: Shimming a cable lock Other papers and links I've enjoyed this year: Sploitcast: Why high-sec locks are pickable The Open Locksport Guide to lockpicking Barry Wels' (DefCon, HOPE speaker) Blackbag Blog Post some of your favorite links and sites for physical security and locksport stuff.
  24. I Guess PullThePlug.org changed names to "Over The Wire" now. It's a good place as well: http://www.overthewire.org/wargames
  • Create New...