-
Posts
1,311 -
Joined
-
Last visited
Posts posted by Netshroud
-
-
I just tried it on Darren's public IP (from the Meterpreter session) with no luck. 1337 is filtered there too. And I know it's still his IP because Untangle is listening on port 443.
-
I'd rather keep it in bash to keep it portable.
-
Neither EEF5204D6A or RSS5204Q6N seem to be the network id. At least, if waste is listening on twitterphishr.com:1337 it doesn't seem to be THAT network id. But then again, I'm pretty sure I'm still missing something.
Haven't seen the latest episode yet. I'm excited to see how IPv6 and/or metasploit might tie in.
Wow, I didnt think of twitterphishr.
1337 is filtered on twitterphishr.com and on beta.hak6.org, and is closed on the other IP that hosts hak5.org and hak6.org
-
Hey all,
I'm trying to convert a Squid3 log to mimic my Netgear WGR614v8 on stock firmware. So far what I have is as follows. (It may have a typo, I retyped it here instead of copying from a different machine)
FILE=/var/log/squid3/access/log exec 0<$FILE while read line; do TIME=`echo $line | gawk '{ print strftime("%c", $1) }'` IP=`echo $line | awk '{ print $3 }'` DOMAIN=`echo $line | awk '{ print $7 }' | cut -d '/' -f 3 | sed 's/^www\.//'` echo [Site allowed: ${DOMAIN}] from source ${IP}, $TIME done
Is there a more efficient way to do this?
-
Maybe EEF5204D6A is the WASTE network ID?
-
@38:33
104 116 116 112 58 47 47 119 119 119 46 103 111 111 103 108 101 46 99 111 109 47 115 101 97 114 99 104 63 113 61 119 97 115 116 101
That translates to http://www.google.com/search?q=waste
-
The thing that makes me think EEF5204D6A isn't representative of a network address is that it's 5 bytes.
-
I thought the Hakhouse was sold because he couldn't bring it with him.
-
Tried ROT13'ing WASTE and Darknet and trying it on hak5.org and a bunch of subdomains with no luck.
-
That makes more sense then. ROT13 of EEF5204D6A is RRS5204Q6N. I wonder what significance that has.
-
EEF5204D6A is RRS5204Q6A (ROT13).
Edit: Turns out the last letter isn't changed then. :S
-
Clever thinking, but then why isn't the 5204Q6A shifted?
-
Assuming the school disallows games on the school network:
If you can, subnet the network into computer rooms and block all the common gaming ports. Grab the core executables for all the common games at the school and deny them with group policy.
-
Start a podcast?
-
Can you redirect teachers profiles completely (including their desktop) to a shared network drive?
-
You would need to modify the code that translates the characters into keycodes for the german keyboard layout.
-
psychosis@helios:~] $ dig east.corp.hak5.org ; <<>> DiG 9.6.0-APPLE-P2 <<>> east.corp.hak5.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12803 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.zdnetasia.com. IN AAAA ;; ANSWER SECTION: www.zdnetasia.com. 300 IN CNAME zdnetasia.com. ;; AUTHORITY SECTION: zdnetasia.com. 300 IN SOA ns.cnet.com. hostmaster.cnet.com. 2010101400 21600 1800 2419200 300 ;; Query time: 172 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Mon Oct 18 14:26:49 2010 ;; MSG SIZE rcvd: 104 [psychosis@helios:~] $
I wonder if some packets here had some fun adventures, I can't replicate that dig again
Ignore that, some guy was running a MITM on the Uni WiFi (probably through a rogue DHCP server), and some packets appear to have gotten lost. The 192.168.0.1 from that dig gave it away, it's usually a public IP.
-
psychosis@helios:~] $ dig east.corp.hak5.org ; <<>> DiG 9.6.0-APPLE-P2 <<>> east.corp.hak5.org ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 12803 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 0 ;; QUESTION SECTION: ;www.zdnetasia.com. IN AAAA ;; ANSWER SECTION: www.zdnetasia.com. 300 IN CNAME zdnetasia.com. ;; AUTHORITY SECTION: zdnetasia.com. 300 IN SOA ns.cnet.com. hostmaster.cnet.com. 2010101400 21600 1800 2419200 300 ;; Query time: 172 msec ;; SERVER: 192.168.0.1#53(192.168.0.1) ;; WHEN: Mon Oct 18 14:26:49 2010 ;; MSG SIZE rcvd: 104 [psychosis@helios:~] $
I wonder if some packets here had some fun adventures, I can't replicate that dig again
-
Another hint to WASTE in the TXT record of darknet.hak6.org, although I personally couldn't get the zone transfer to work on my machine.
Edit: NVM, Darren secured it later in the episode.
-
Looks like *.corp.hak5.org is using a different DNS server than *.hak5.org
-
When I need to do this, I just send whatever file it is in a password-protected archive with the filenames encrypted, and include the password in the email.
-
The reason I want it is because I hate Apple products and was looking for an alternative to the Ipod Touch. Which I think this is a great one. It's basically a smart phone without the phone factor, but it does skype via android app.
Touch device + Desktop OS is just asking for trouble. It looks a bit big for an iPod alternative to me, and from what I've heard from 3 different Android users, the Android music player apps are utter garbage.
-
You can either reflash it, or check your default gateway settings (or nmap -sP) and try get in to it from the LAN side.
-
Hak5 Darknet?
in Hak5
Posted
Could be. I would try it, but for some reason I can't connect to Teredo.