[School Help]

In a couple years youll realize that what other people say has no relevance to your person in any way. words are words and its better to smile at them and reply with a witty statment that makes them think.

[Where do you live]

i sense social engineering

[MurderBox is teh sex]

that is freaking BEAUTIFUL!!!!

[ISP question]

call ISP show your papers and get it reactivated....simple but annoying process

[Movies on High Res Hand-Helds?]

my friend has an issue with his eyes similar to stigmatism, only it causes him to run away from a screen screaming headache, except for his iPod touch.

[HOWTO: RoM + Wine + Curse Client]

my only issue is the digging required for some games...like WoW and Blood2, some games work better than others

[Unhackable Netbooks]

Schools employing "unhackable" Wifi and netbooks make me laugh.

[Ophcrack Vista Free Tables, Useless?]

Ive had issues with ophcrack as well, simple seven alphanumerical characters. I dont know why but ophcrack has become not so useful.

[Ever wonder why large computer corps back linux??]

Personally i think big corporations look to linux for many reasons, Rkiver hit on most of them. ill add to the list.

-Its cheap and worth all the money if you actually pay for a non-iso disc

-Lack of viruses (the only other OS that comes close in the big three is OSX)

-Linux-based networks are very close to the pinnacle of security

-Funny side statment, no need to do restrictions on game instals because most games dont exist on linux paltforms (unless the person knows what theyre doing).

[Teh Cl0uDm@n C0mm3th]

this is sick

[ITT Technical Institute]

Pretty much self explanatory, anyone got some words of wisdom, esteemed opinions? Maybe even graduates from the program.

[WINE Versus PlayOnLinux]

this is true, it isnt true unix because apple made some of its components closed source. Making it its own OS.

[WINE Versus PlayOnLinux]

Why they develop for OS X over *nix? Well lets see here, people like new macbooks and ipods and hmmm... oh wait! Unless you're a tech savy person you want everything working out of the box just like you would if you're buying a new PC, without a *nix OS.

/slap

Mac IS *nix, in fact it was developed before Gates even thought hed make his own OS. So what was the main base out there? Some flavor of red hat or similar.

HINT:Confucius say, when company happy fan jab mouth, he best look at facts before posting on web forums.

[Gain Root Access on Any Windows Machine]

Well, I had a real world practical use of this trick yesterday. I was fixing a computer for someone, when I ran into some issues. In XP Home edition, you don't have access to other users files and can't set ownership like you can in XP Pro. Trying to view another persons documents is blocked. On top of that, I was installing some firewall and anti-virus software, which worked fine on the main acocunt I installed it on, but when you would then login as another user, the firewall would crash under the other user accounts and then you couldn't run any programs, getting an error "can not find the path or file".

So then I tried installing it under each user. That didn't work, because it said I didn't have rights to access the firewall install from the main account I installed it from, so I couldn't uninstall or repair it under other users. Then, it started giving me issue with deleting files, saying I didn't have permission to do so, which was a problem because at some point, I couldn't evne uninstall the firewall or delete its folder and clean the registry to fix the install.

In short, I used the "at" trick to make myself the "system" user. Once I did that, I could uninstall all the crap that was on there, and delete the corrupted files it wouldn't give me access to before. Then, I reinstalled the firewall as "system" and once I rebooted, ALL the other accounts worked fine and nothing was crashing or locking up.

Had I not remembered this little trick, I probably wouldn't have been able to fix those problems short of a backup and reinstall of the OS, which was not something I wanted to spend my day doing, nr have to set up each users programs, etc. Things were really fubared until I was able to have access to the system with full privledges in order to delete and install what I needed.

Props to the sorrow or whoever originally discovered this trick, it came in handy. The potential for legit use of this hack is there, you just need to have a reason to use it.

to be honest me and some buddies were trying to figure out how to get a root login like on linux and went looking around and were never given a straight answer except it uses the at command. So i was trying it out one day and just got tired of it and restarted the explorer on the cmd i brought up and saw SYSTEM in those bold letters and went "Holy shit...i feel epic"

Now i know others have already figured out this trick so i by no means take the honor of being the developer of this hole in the infastructure, in fact i found a video a week later on milw0rm demonstrating this bug in a different way. The only thing i use it for now is changing the background on the .net login screen to mess with my teacher.

[WINE Versus PlayOnLinux]

yea game companies just dont realize how many people use *nix bases, they make Mac OS stuff, why not *nix?

[Aircrack-ng Issues on Dell Inspiron 1525]

The restricted driver didnt work for me. Had to blacklist it and use ndiswrapper. This was back with 7.10, maybe things have changed...

yea i was using 8.04 so they have redone the dell restricted drivers because dell now sells ubuntu as one of their OS options.

[Aircrack-ng Issues on Dell Inspiron 1525]

the sorrow, I got the same laptop/wireless card as you. How'd you get the 1390 working in Ubuntu for normal browsing first off? I got mine working using ndiswrapper awhile back that of course doesnt allow you to put the card into monitor mode. I'm thinking just like you I'm going to be needing a usb card to do this kind of stuff. Isn't it a broadcom chipset? Also I notice you're using eth1 in your commands, shouldn't it be wlan0/1?

The restricted driver that comes with Ubuntu

[The server hosting Hak5.org and the Hak5 forums was hacked.]

Hey everyone,

First let me be the first to apologize for what has happened over the last two / three days.

After many cans of Red Bull, and more nicotine than I think I've ever had before there are very few issues that remain to be resolved.

Let's start on what exactly happened.

At approximately 3:30pm eastern time on Monday, the webserver that hosts Hak5 as well as 84 other non Hak5 related sites was exploited by a cross site scripting attack which resulted in the dump of a mysql field that contained the root password for the server.

The reason this password was stored is because the billing system we have in place handles orders and cancellations based on a cron job automatically.

However recently the billing system began to employ the use of a remote key hash, however not thinking about it, I never removed the root password from the other field. This mishap ended up causing the hell that has been my life for the last 48 hours.

This has been fixed, the remote access key can now only be used by scripts calling the key from the local machine. SSH certificate authentication has been enabled and password authentication is in the process of being disabled. We have modified our backup strategy and verified it's functionality. We're still working on getting the backups stored remotely and this will happen within the next week.

I want to once again sincerely apologize for the problems that this has caused to each of you, our dedicated members. It has also made me rethink exactly how I go about security on things such as this. When I offered to host Hak5, it was to save $100 per month and increase performance of the site. When we migrated the website to my server we received a number of emails about the noticeable performance increase.

It saddens me that there are those who hate what we do so much that they are willing to completely destroy what we've done without remorse or consideration, however there isn't anything we can do but to continue doing what we enjoy, bringing you weekly technolust.

I must also make this note, the attacker was not prdelka.

I've been in contact with the real prdelka (who is a weekly viewer of the show) over the past 24 hours and he has provided me with numerous valuable pieces of information on who really perpetrated this attack.

There are also others who have been instrumental in the process of getting us back online and educated as to what happened.

Mubix has done an amazing job of tracking logs and ip addresses and getting as much information as possible.

Vako has been rock solid in his support and offering to help in any way he can whether it be here on the forums, in IRC or elsewhere

The #hak5 irc guys; while we've had our differences, you've really outdone yourselves in helping out in this situation and keeping things under control in there, my hat goes off to you guys.

Steve from Rack911.com - Steve has been a good personal and professional friend of mine for a number of years, and his tireless hours in assisting me with getting the server and services on it back up and running have been an absolute life saver.

There are others I'm sure I'm forgetting, but please know that all of the help that everyone has provided during this incident has been nothing short of awe inspiring.

Once again, thank you for watching Hak5 and should you have any questions regarding this or any other topic please feel free to contact me or post them here in the forums and I'll do my best to answer them.

Thanks,

Matt

wow amazing how one small hole lets in a whole bunch of trouble. I thought the site was down for maintenance as well.

[What's it like being a penetration tester / Forensics expert?]

Honestly being a security admin and pentester is for me the most fun (I do work at my high school). Its more dynamic than coding and whats better than being paid (or in my case given extra credit) for breaking into systems?

[Home Network Security Question]

Essentially it breaks down to your wireless which is the front gate to your network. How well is your wireless protected WEP (hopefully not) or WPA. Then the router itself, got firewall software on it? Then its securing your individual PCs, if your really paranoid use a firewall on each individual one.

[Have you ever pirated anything?]

Convenience is another factor for me as well. im in high school, small town, no job, sorry but i cant afford to buy every program/movie/music album i want.

[Have you ever pirated anything?]

This is true, it is copyright infringement and that doesn't excuse anyone and allow them to do it, it's just that if i personally want to try a non freeware program and see if its good then ill do it. When that becomes outdated i may decide to buy a legit copy of the new software. However, bugs from the crack to remove the anti reproduction software thats in the program makes it less valuable and not as reliable as the original. Same applies to video, bootlegs and reproductions tend to be less quality than the bluray or DVD high definition merchandise. Its like sneaking in to those old drive thru movie places in the 70's, if you liked the movie you'll buy it.

[WINE Versus PlayOnLinux]

So i just came across PlayOnLinux and was wondering if anyone else had used it before that could tell me yeah or neigh on its performance versus WINE. Personally i dislike WINE at the moment and am looking for another option for windows gaming in linux and am open to other ideas besides WINE and POL.

[Have you ever pirated anything?]

I agree with ansichild, its not piracy unless your profiting (eg breaking bigger copyright laws and redistributing by sale)

[Gain Root Access on Any Windows Machine]

Wow, neat trick, assuming it works with a live distro im gonna have to try that some time.