Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by miT

  1. Wow, a throw-back from the old Hak House! What is a Rainbow Table? Google is your friend :) http://en.wikipedia.org/wiki/Rainbow_table Spliff666's tables are pre-compiled with the a database of the most commonly used SSIDs. If your victim changed their SSID to something unique, that wasn't already in Spliff666's tables, then you would have to pre-compile your own rainbow hash tables with the SSID you wanted to attack. I'm probably going to be doing some WEP/WPA videos pretty soon. I'll follow up to this post if i get around to it. Good luck!
  2. Thanks! :) My article is quite dated and im in the midst of testing my new "perfect server" with Ubuntu 10.10 before i go forward with a full write up and tutorial video. Torrentflux has basically been replaced by Torrentflux-b4rt. The b4rt version supports torrents, newsgroups and wget for direct downloads. I currently have it running and have had no issues thus far.
  3. Sorry about the late replies guys, i've been working on a user requested "Perfect Kubuntu Desktop" which will be similar to my other "Perfect Desktop" video/tutorial. My next "Perfect linux server" video is adding mediatomb + a podcast grabber script that will auto download your favorite rev3 shows (i.e. Hak5) in HD so you can stream it on your network to other PC's or your HD TV via PS3. It would be really hard to put in Mythbuntu or Boxee on a headless linux server since there is no GUI. Thanks!
  4. I got a lot of requests to do a more updated of my "Perfect Desktop" and "Perfect Server" videos, well i finally got around to make it! http://www.youtube.com/watch?v=xWGX00hVtH4 Text version available on my blog @ http://timashley.me/node/721 Enjoy! ;)
  5. I got some emails about my article not working for Ubuntu 10.04 and 10.10. I just posted a new article fixing the issues! http://timashley.me/node/718 Enjoy :)
  6. miT

    Airpwn 1.4

    Some readers recently emailed in and informed me that my article on installing AirPWN 1.4 on Ubuntu 9.10 was out-dated and no longer worked. It turns out that Ubuntu dropped Python 2.4 for Python 2.6. Since AirPWN 1.4 relies on python 2.4 dev header files, we needed to find a way to replace the newer Python with 2.4. I put up a new article up on how to accomplish this and get AirPWN 1.4 running on Ubuntu 10.04 and 10.10. http://timashley.me/node/718 Enjoy! ;)
  7. Remember XDCC bottler scripts that would neatly display all the packages available in a channel? Well i use to use a mIRC script for it back in the day. Now that im 100% linux (5 years now!) i wanted to rock it old school and start getting my IRC XDCC fix again. I dug up an old ruby project called XDCC-Fetch, which didn't work right out of the gate. With a bit of patching, i managed to get it to work! Full article on with the patched version is available on my blog, http://timashley.me/node/674 Enjoy! ;)
  8. miT

    Minecraft On Linux/mac

    I don't include the Minecraft.jar file that is placed in the home directory since the Alpha version im hosting is "patched" so you can try the game for free. The reason i launch it with the minecraft_name.jar is because i want users that are connecting to my LAN minecraft server to have personal nicknames other than the default "player".
  9. It took me HOURS and HOURS to find out how to get Minecraft to run on Ubuntu Linux and Mac. Posted a great article on how i did it on my blog - http://timashley.me/node/596 Enjoy! ;)
  10. Just got my new Nexus One Google phone yesterday. I'm in love! It's everything the iphone strives to be, and then some. Would love to see what comes of your work, keep it up!
  11. I actually moved from rTorrent to Torrentflux. Sure it spawns a python process for each torrent, but i'm not exactly seeding 6k distros. I also use the ability to create user accounts within Torrentflux so users on irc.omgirc.com can download some things. It's nice to jump in and see what people decided to download :)
  12. So let me break this down: 1) Secure SSH (Change ports, ect) 2) Host filtering (probably focus on squid for that one) 3) iptables (for what exactly?) 4) SSH-Key Generation (for auto SSH login? i did this for a project im working on, its quite easy) 5) Netinstall (You're referring to installation of a Debian server via Minimal CD? I.E. over the internet) Side note: i understand netinstall via Minimal CD would save space (more space = awesome) but how would it keep it faster? Other than a couple services running that you usually wouldn't install, i don't see a great increase in performance. Feel free to tag on any other things you guys want to see on the next perfect server build. Thanks! :)
  13. I can do a video tutorial on arp spoofing on linux. Will even use the GUI in Ettercap for some visual flavor ;)
  14. When i first saw this i thought you wanted to do some arp spoofing with your droid phone, lol. You can totally capture packets via MITM if you run Jasager + ettercap/tcpdump or even some karmetasploit (karma+metasploit). As long as your box has internet access through your phone and you have ip_forward + correct nat tables (assuming you're running linux), you can pretty much do anything you want. I may just have to do a video tutorial on this one ;)
  15. Thanks man :) It's always nice to get some positive feedback. I have been keeping it up, check out my other posts: Video Tutorial: Installing Airpwn On Ubuntu 9.10: http://forums.hak5.org/index.php?showtopic=15880 Video Tutorial: Installing Aircrack + Wicrawl On Ubuntu Linux: http://forums.hak5.org/index.php?showtopic=15929 Yes. I wanted to communicate with the google mail servers over a TLS SSL connection. Since my server will be sending me reports (Such as security patches to my linux server), i don't want someone to see that email and realize that my server is unpatched and vulnerable to attack. Yeah i know this is probably over-board and involves a couple extra steps, but i try to keep security in mind at all times. ;)
  16. Aircrack-ng Aircrack-ng is a set of tools for auditing wireless networks. These tools can recover 802.11 WEP and WPA-PSK keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools. Last year i walked you through installing the Aircrack-ng suite on Ubuntu Linux. We will be installing and using just part of the Aircrack-ng suite, airmon-ng. This will allow us to put our wireless card into "Monitor" mode. Wicrawl Wicrawl is a simple wi-fi (802.11x) Access Point auditor with a simple and flexible plugin architecture. The plugins allow us to find out useful information about an AP so we don’t have to manually check each access point. Plugins are implemented for existing common tools, and new plugins can be written in any language. Wicrawl is able to use multiple cards, and eventually will be able to use multiple computers. The goal is to automate the tedious task of scanning wi-fi access points for interesting information. This can be a useful tool for penetration testers looking to “crawl” through massive numbers of APs looking for interesting data. Plugins will be everything from DHCP and nmap to aircrack or hooks to move a motorized directional antenna around. The guys over at Midnight Research Labs stopped development back in 2007. Being a bit out-dated, it wouldn't compile on the latest Ubuntu without a couple tweeks. I replaced the entire source code in the Aircrack-ng plugin folder with the latest SVN (as of this post). I also had to add a header file to the discovery folder to help it compile. I went ahead and tared up my folder with all of these edits so you can easily compile it on the latest Ubuntu Linux (9.10 as of this post). In this video tuorial, i walk you through installing Aircrack-ng as well as Wicrawl. http://www.youtube.com/watch?v=cpcurS2VoU0 As always, there is a text version available on my blog: http://timashley.me/node/383 P.S. I cant believe i was on hak5 last week! It still blows my mind!
  17. I was thinking of doing a new "Perfect linux server" setup for 9.10 or 10.4. Anything you guys want to add to it? What would you consider a perfect server?
  18. I almost always prefer the terminal over anything (see my videos) but Ettercap has a really useful GUI. Not only is it easier and faster to manage my hosts/targets with, it's also has a pretty sweet interface. Why pass that up? :) Covered that in step 6 ... ... annnd step 8
  19. Haven't been hearing good things over on freenode lately about 10.4. If they go with the new themes i've been seeing floating around, i'll be happy. Hope it doesn't have to many issues, and they ditch pulseaudio (its awesome when it works, but when it doesnt... omg) and stick to the tried and true ALSA. Do you know if 10.4 is LTS?
  20. Based off my previous post on Installing AirPWN on Ubuntu Linux is a nice quick 2min video tutorial walking you through the process visually. As usual, there is a text version available on my blog http://www.youtube.com/watch?v=bd7dCLno64E http://timashley.me/node/375 Enjoy! :)
  21. Continuing in part off of my last Ubuntu Server post, "The Perfect Linux Server" - http://forums.hak5.org/index.php?showtopic=15160, I decided that i wanted the server to send me emails updating its status with me. If the HD space gets low, the RAM is all used up, services go down, or even i lose internet at my house while im out and about, i get a nice email from my server notifying me of the problem (at least when my inet comes back online). What better way to top this off than with use of a gmail account that i already owned and used? In this post, i will walk you through installing the following along side your postfix installation: Self signed SSL certfication (don't want anyone being nosey!) Apticron - A nice set of scripts that will execute 'apt-get udpate' and email you the results Webmin - One of the best web based management consoles for head-less servers. Has a great system notification setup, along with many many many other goodies. Note: This how-to assumes you've already installed Postfix mail server on an Ubuntu Linux Server (sudo apt-get postfix) http://timashley.me/node/370 Enjoy! :)
  22. Back at Black Hat 2009, sslstrip was demonstrated and Darren even used the tool in this past season of Hak5. If anyone is interested in stripping ssl in Ubuntu Linux, i posted a nice how-to article on my blog. http://timashley.me/node/368 Enjoy!
  23. I finally broke down and bought myself my very own all-in-one outdoor wireless access point. I decided to pick up the Senao EnGenius EOC-5610 because it obviously supports the ever so powerful DD-WRT firmware. This thing is really tricked out. Not only does it utilize the Atheros AR2313 wireless chipset (yay for aircrack-ng), it also has a built in 8db internal omni-directional antenna and 8mb of storage if you ever wanted to capture some yummy wireless packets. In this post, i walk you through installing DD-WRT Professional on a Senao EnGenius EOC-5610 wireless access point / client bridge. http://timashley.me/node/365 Enjoy! :)
  24. My point is, there really is no reason to put icons of platforms your client runs on when your platform is Adobe AIR. Not Windows, not Mac, not Linux. If i were twhirl, i would embrace the fact that my platform (Adobe AIR) can be ran on any system available. Instead, they go out of there way to show their client running on everything but the Linux OS. It's just retarded.
  • Create New...