BrandonND

I was just wondering because today I was setting up my latest hack + mod, a Wifi sattelite dish. And I saw at least 10 open networks out of the 15 that came up ( this is in a small town btw) the other five were wep, 3 were 64 bit, two were 128, according to kismet at least. (didnt break in, I was just curious ) I went through the hoops of connecting to the strongest Open Network, 1) Pop in a live cd 2) Use Mac Changer to change to somethign that would decode to an acer with an atheros chipset. ( thank god for nmaps config files that halped me to do this xD ) 3) connected 4) Did a quick LAn security scan, to check if I might have been being monitored. 5) Connected to the router and sliced out the logs that showed I had ever been there. ( there was no password NONE) And this got me to wondering, if this is legal, why am I hiding it? In fact... is this legal? I knew with a little effort I could take over this entires town netowrking in a matter of hours, this kind of security ashames me, with a quick 15 minute wireshark monitor, I saw about half a dozen people I could have ARP poisined. Anyway, thanks for telling me, I was just wondering :P I take like 100% more precaution then is needed, but thank you

I am in Canada under the ISP of Sasktel, but they are under either Saktel or Shaw, or Rogers, but only about 1% of them.

To connect to a OPEN network.

Well, I will never need 300+ tools and I prefer to build my own things whenever I can, and this is one thing I can do. I agree bt3 + 4 + 1 + 2 are great, but Id liek someting that I can customize 100% the way I want it. Thanks to the first person who gave my the tip on the kernal files :)

I wont give away the full details lol, but you could very easily make an auto deploying boot disk so that on next reboot you have 100% control of the system. Assuming you have even a little coding experience at least Mine takes about 30 seconds to boot + deploy. With no user input Ill give you a rundown in english and tell you that I based my boot disk off of a linux live cd. 1) you put in disk and boot up. 2) boot p script loads the very core of a linux distrobution and deploys an executable into the windows folder. It also edits a reg key to make it boot up before user permissions are established. (bash and c++ ) 3) On next boot a series of things happen, the program deletes the reg key and makes a ifferent one with the same exploit Confiker uses to make a SYSTEM only reg key. It then gains SYSTEM level access via an exploit in all windows platforms, that is as of yet unpatched. (c++) 4) SO right now we have two things, a reg key and a file, both undeletable by noormal means. The file copies itself deeper into the Windows Tree. Then starts its main code which can be customized completely. ( c++ ) This entire time its acted normally and because it is a legitimatly named program ( I named it like 1 letter off a real MS program lol.) noone will delete it.

Id like to start by clarifying that I am not one of the many noobs who use ubuntu for like a month then decide to try this. I also know this will not outtclass BackTrack or even Knoppix STD. I am going to be building a less bloated Pen Testing Distro, with all tools I have tried and tested and a few that I coded myself. So far this is my plan: Base Debian Install with KDE. A nice Dark Theme with Compiz and a good Conky Script by default. And The Following Programs: Information Tools: Maltego CE Information Gatherer Finger Google OverPowered Google Searcher Autopsy + sleuthkit Remote Computer Autopsy Tool Frameworks: Metasploit Exploit Framework Immunity Canvas Exploit FrameWork Other: Socat Multipurpose Tool (ping, tracert, etc. ) MacChanger Change my Mac SPIKE Multi Purpose Fuzzer Matahari Reverse Connecting Backdoor Kit Samba Connect to Windows Shares Pstools + Sysinternals most can run in wine Router Exploitation: Fragrouter IDS evasion cicso --all of them Scanners: p0f Service Identifier nmap Port Scanner amap Service Identifier Zenmap GUI for nmap hping3 Port Scanner + packets Passwords: FGdump Sam Dumper Bob The Butcher Hash Cracker John The Ripper Hash Cracker Medusa Password Cracker Hydra Password Cracker Packets: Scapy Packet Forger Yersinia Packet Forger EtterCap, Etterape -- Packet Manipulation Wireshark Packet Monitor and Injector Web Scanners: Nessus Vuln Scanner Absinithe SQL Injecting Fuzzer WebScarab Web Application Proxy Wapiti Web Script Fuzzer Nikto Web Vuln Scanner + Fuzzer Burp Web Scanner Wireless: Gkismet AP and Client Monitor AirCrack-ng Wireless Cracking Set ( 15 tools ) AirSnarf + Airsnort AP impersonation coWpatty WPA cracker On Top of those will be my favourite ones, the ones I made myself, GainKey- You supply the raw info, it automaticly runs through the hoops of cracking into a wireless network. Drop2SYSTEM - An exploit in 2000, XP, Vista and Windows 7, that allows any process to become a SYSTEM process. -UNRELEASED InfoGet - A program that automaticly gathers almost every kind of information you could want from a target. RevCon- A Reverse Connecting Server + Client for windows Boxes. MonitorAll - A Monitoring program capable of taking 1 fps video and monitors keys + mouse. My problem is this: How can I get a very compatible kernel? I was wondering if it was possible to extract the bt4 kernel and then applying it to my distro. Any help on this front would be appreciated.

Command Line ToolKit This will be a Archive of As many Command Line Programs I can fit in 100 mb of Space, they will all (or almost all) relate to taking control of a Windows Computer. Current Status: Pre-Alpha, I have Almost all the tools, now to arrange them properly and figure out a way around the "Blocked EXE" problem. I would also like to get some Remote Tools Built into this as well.