NegativeSpace
-
Posts
316 -
Joined
-
Last visited
-
Days Won
2
Posts posted by NegativeSpace
-
-
Ah, the joys of tracking down linux problems. DO NOT delete the file. Instead, when booting, login as your new users, but don't startx yet.
Type: "sudo apt-get install indicator-applet-session" and Y to let it run. This will fix the error. The background however, is just a wallpaper, you can reapply that from the desktop by right clicking it and set background. Click the add and browse the file system. They are in /usr/share/wallpapers/backtrack/. As for theme, you can probably stick with what is there or if you like the backtrack one, click on the themes tab from the desktop wallpaper screen and select(I think) Dust. I think thats the one they use. To get the transparent background in the terminal, on the menu edit > profile prref > background and check the transparency slider.
I still have not learned how to associate with the AP in the command line, so I can't download the package without starting x. That's another thing I haven't been able to find help with on the internet yet. I know it sounds crazy that the instructions aren't out there and easy to find but that's been the case for me so far.
-
Most broadcom chips, only work for connection to access points, and don't work well with injection. As for the realtek 8187 there seems to be a bug in VMware with this card because there were two versions of the card with different radio types/drivers see here: http://www.backtrack-linux.org/wiki/index.php/Rtl8187_vs_r8187
These are tested and working cards: http://www.backtrack-linux.org/wiki/index.php/Wireless_Drivers#Tested_and_working_cards
I didn't think the Broadcom would work either, but I saw it working with airodump a couple days ago, I just can't remember hwo I got there. Maybe it won't do injection but it should at least go into monitor mode again if it did it before, right? The Realtek won't even go into monitor mode! I don't know what the hell is going on. I have no idea what to try.
-
I've been trying and trying, and I just can not get airodump-ng to work. If i use the wlan0 broadcom chip, I get the data fields to come up, but ther eis no data present in them. If I use the wlan1 RTL8187 chip, there is an error "SET failed on device wlan1 ; invalid argument". I know that airodump-ng can work with my broadcom chip because I had it working once before, but I was only following instructions given to me by another forum user via Skype, and I can't remember exactly which commands he told me to issue and in what order. I am getting really frustrated. I can't find anything on the internet that helps me.
-
Doh! Just realized why it didn't create the folder for you. I gave you the wrong command. GO back in, logon as root, enter "userdel usernametodelete" and also "rm -rf /home/usernameyouchose" and then re-add the user using "adduser usernameyouwant". adduser, will walk you through the prompts for password, etc, and will create the home folder with proper .Xauthority file so you can startx normally. When you boot for the first time, you will need to adjust your screen size but from there, when you now use the terminal, you should be logged in as your username vs root as before. If you already setup sudoers, you should be fine.
I now have a sudo user, and I can use startx instead of sudo startx, bu tnow I have the problem of my desktop being a default ubuntu 10.04 desktop instead of the nice BackTrack one. I also get the message "The panel encountered a problem while loading "OAFIID:GNOME_FastUserSwitchApplet" and am then asked if I want to delete the applet, and I chose no. If I delete teh applet will that fix the problem, or is there somethign else I will have to do to fix it?
If I log out and log back in as root, everything seems to be fine.
-
Should have created a user folder for you in /home/username you chose, but if not, login as root and type useradd -D and see what the defaults are for the home folder, then just append the default path with your username to create the home folder for yourself. Example, if useradd -D shows HOME=/home, then do a "mkdir /home/yourname" where yoruname is the username you created, then reboot and login as that user and you should be good to go.
edit: forgot to mention, you will need to add yourself to the sudoers file. While logged on as root, type "visudo".
Arrow down to you see %admin, and on the next line, copy what you see on the line above but instead of %admin, you start the line with your new username. Then ctrl+x and Y to save. You can then use sudo as that user and will need to do so in order to startx from now on when using the new user. Make sure you set a different password than what root was when creating this user, or be sure to use passwd again to change it for the new user!!!
Any linux users care to fill in anything I may have skipped or left out?
It worked! Thanks! How come, when I start a terminal, the prompt says sh-4.1#? Shouldn't it say something like SudoUser@bt or something like that?
Edit - I didn't see that last post by you. I was able to log in and start the x server with sudo startx. I wasn't aware that I could start the xserver without having to type sudo startx. I will follow the instructions from your last post and fix it.
Also, is the .Xauthority file just a list of users who are authorized to use the xserver?
-
You have to add a new user, and when booting, login as the new user vs logging in as root. Then anything you do that needs root from the command line will fail unless you use sudo or it was put in your users group.
useradd YourNewLoginName passwd YourNewLoginName
You could also add a user to a spcific group:
useradd -g GroupName YourNewLoginName
Where GoupName is the group you want the user to be part of and YourNewLoginName is whatever you want to sign onto the machine with.
Also read up on sudoers file and adding users.
I have just issued useradd and gave a new username, then issued passwd and gave it a new password. I logged out, and tried to log back in as my new user name, and after I gave my password, I got "No Directory, logging in with HOME=/
SudoUser@bt:/$"
What am I missing?
-
Some cards might cause some issues, but the realtek card should work. You can run dmesg before plugging in the card, then run it again, and see if the card shows any errors when plugging it in. Sometimes you need to shut down the interface and bring it back up again if something gets hosed. My old Linksys with a prism chipset gives me all kinds of issues, and since BT4 hasn't worked right since. I get get it to work, but not as well as it used to with BT2 and 3. The Drivers they have in BT4 and later always seemed to give me issues, but the realtek cards always seem to work fine for me.
You can also try using airmon-ng to start the card for you, or use airmon-zc if airmon-ng causes the card to hang or not respond to bringing it up and down (I find airmon-zc works better for me though).
I didn't know about the dmesg command. I really need to get a BackTrack book and a BASH book. I ran the command, then ran again after I plugged in the Realtek USB card, but I didn't see any differences in the data. I didn't see anything that said wlan1, Realtek, 8187, or anything that would indicate I had plugged in the new card. I did see several "wlan0" entries. Might I need to run a command to start the card, and then run dmesg? I did try bringing both wlan interfaces down and back up several times. I even restarted the machine which, as I understand, isn't usually necessary or helpful when it comes to the linux kernel. Restarting the netbook is kinda slow though so the last ten times I tried it I was getting lazy and just restarting the x server.
Could I have done something to cause airmon-ng to stop working between the times when I had it working (I had someone helping me on Skype) and the last time I tried it?
When I issue dmesg, what is all that data I'm looking at? It looks like general hardware logs but there are some entries that look like encrypted SMS messages.
What is the difference between airmon-ng and airmon-zc?
-
When you run as a lower user, anything that requires root, you would have to run sudo before hand, which requires the root password. So if an attacker got in and wanted to change anything that required root, they wouldn't be able to without knowing the root password, unless you didn't change it, by which thats just bad to begin with. Not changing the root password while still creating a new user, might as well not even bother, since they could easily guess root:toor.
Anyway, its a safeguard to them getting at root on the machine. Being that its backtrack, they could use everything on it, to attack the rest of your network, and it would look like your machine was the attacker, by which they wouldn't really care anyway. They could also use your machine to attack other machines on the internet, as if they were you, and you would be the ones authorities come after if something got traced back to your IP. Either way, you don't want to be running as root if you don't have to, its just not good practice to always be running as root. Same goes for windows. You should have an admin account, and the rest of the users should be under privileged, and require an admin to enable things, or for you to right click and "run as administrator" prompting for the admin password. Privilege escalation in windows is pretty trivial these days, but its definitely worth doing to safeguard the rest of the machine and the admin account from attack. If a users profile got hosed or hacked, you could just delete it and create a new user while shielding the system form the attacked profile(so long as they weren't able to gain system level access).
That makes sense. Now the question is, how do I command BackTrack to default to prompting for cerdentials before it allows root privilges?
-
Not lets start the card in monitor mode. Some cards, need to be configured before bringing them up, so try the following commands first.
iwconfig wlan0 mode monitor ifconfig wlan0 up promisc
What we did there, was put the card into montior mode, and bring it up in promiscuous mode. Not all cards can do promiscuous mode, but if its on the list I gave you above, it should work.
Not that the NIC is up and in monitor mode, we can do a quick survey of the access points around us to determine what channel your router is on.
airodump wlan0
By itself, this will listen to all access points on all channels and hop between them. Look for your AP and what channel its on. If its on channel 6 for example, take note of that. Also take note of your routers SSID and associated MAC address.
Earlier today, when I tried this the first time, I got wlan0 to go into monitor mode (or at least it seems that way). Then when I ran airodump-ng wlan0, the correct data fields came up, but they were all empty. I could see the card channel hopping. I used the WICD network manager and it said there were no networks in range. I had another machine right beside me that was connected to my network. I then restarted the machine and tried again, and when I got to putting the card in monitor mode, I got "Eroor for wireless request "Set Mode" (8B06): SET failed on device wlan0 ; invalid argument"
I tried again for wlan1, which is a no-name usb card with the RTL8187 chipset. I get the same error.
I never made it back to getting either card into monitor mode and getting airodump-ng to even search for and not find my network again.
-
This camera has been in storage for over ten years. It worked when I stopped using it right before I put it in storage but I don't know if it still works. It probably needs to be disassembled and cleaned and lubricated or whatever you do to refresh a camera. It definitely needs a new battery. I've read some reviews about these cameras from some well respected photography nerds. Some of them say the XE-7 is one of the best SLRs ever made for the consumer market. It has a Rokkor 50mm lens that has some dust or something inside that would need to be cleaned out. One of the coolest things about this camera is the integral light sensor with a needle inside the viewfinder that shows the light level. You can see in the pictures that this camera has all kinds of extra functions and adjustments, but I don't know what most of them are.
I don't know what the camera is worth in this condition, so if you're interested just make an offer!
-
no, no, no, no, no...when you are on backtrack, open a console and type "passwd". That will prompt you for a new password for the root user. However, just because you changed the password, does not necessarily make you secure. It doesn't create a new user, it only changes the root user password. But if you get hacked, while logged in as root and not a lower privileged user, if you are on an installed vs live environment, they now have root access and can do whatever they want with your system. For anything other than pentesting in a live disc, you would want to be logged on as a normal user that requires sudo or su to elevate to root privileges. Doing so, if you got hacked, prevents them from having root access, but thats a whole other ball of wax that in itself, could still be bad depending on the flaws in your system and the ability to elevate privileges.
In general, you should never run as root, but because of the way backtrack works, most tools require root access.
I've been warned that it's potentially dangerous to run as root, but what can actually happen? Online articles and guides and such mostly just say that it allows attackers to have root after they own your box, or that the authorized user can screw things up. I don't use my BT box outside of my home network very often, and never on any unsecured or public WiFi, so I'm more worried about screwing things up myself, but what can actually happen? Is the accepted method for operating with lower priveleges to create a second user that defaults to sudo? If so, how is that done? What do you do when you are running with sudo priveleges and you need root?
-
They will kick you from the channel if they see you are connected via backtrack using IRC as root. Mainly, because everyone knows the username and password for backtrack of root:toor, and you would get hacked pretty quickly running as root on IRC even if you changed your password, if they did hack your IRC client.
Guess you should start googling IRC for some more info. ;)
I guess it's time I get with the program and start using some IRC. That will be another source that should help me a lot. This info about the default user name and password for BackTrack has me wondering..... When a person changes his password, does that simply create a new user and leave the defualt root:toor user account available for anyone, who picks up your machine or connects remotely, to use with full on root privileges? What is the point of changing the password if it just leaves the default root account there?
-
If you want real time help, join an IRC channel on the topics you need help with, and in all seriousness, sign up for the Offensive Security classes. They have a dedicated IRC channel, just for students of the class and will help you with the exercises as well as anything backtrack related.
Damn didn't think of IRC! That's a good idea. I've never used it before though. Which ones do you use?
-
They seem neat. Personally I like my Pandaboard quite a bit. I know it's much more expensive. But still very interesting. Ubuntu runs very smooth on it.
I'm not all that familiar with the Pandaboard. I think you may have spoke too soon about the Raspberry Pi 2 being much more expensive, because the original 35 dollars price for the RPi 2 is pretty much out the window scrapped at this point. They have this complicated spreadsheet table for pricing, which figures in location for shipping and taxes and fees or something and the cheapest real life in your hands price seems to be substantially more than $35 dollars, more like about $45 if you are lucky.
Then there's the fact that the RPi 2 doesnt come with a wifi or bluetooth adapter, a storage disk for your OS, or a power supply, so there's a minimum of what about 30 or 35 dollars more you have to spend. Then if you are using a USB mouse and keyboard instead of bluetooth and want a free USB port for storing sessions or data or whatever, you will need a hub, so theres 10 more dollars. Then you will need a dedicated HDMI cable unless you want to swap back and forth from your Bluray player or PC, so there's another 10 dollars. They are supposed to offer bundle packs that include the Disk, Wireless radios adapter, power supply, and mouse/keyboard, but the last I checked they are only offering the board itself for sale, so you will have to buy the other stuff seperately, at full retail price more than likely.
I bet the Pandaboard actually ends up competitive with the Raspberry Pi 2.
-
You don't want links to tutorials, but you need them. You should start, with Linux tutorials, and learn your way around the terminal. If you can use CMD in windows, you can use a terminal in Linux. Most of the tools you will use in BackTrack, are all command line based. Not all of them, but for the majority of what you will be doing, it will all be done from the command line.
As for WPA cracking, there are several tools these days to do it, but for me, I use the Aircrack suite. If you've watched/read any tuts on this and can't follow it, then maybe its a matter of getting more familiar with the command line and the tools in use.
I think maybe you overlooked the prupose of the post. I posted this to try to find someone, who likes teaching hacking, to agree to talk to me live from time to time to help me out with anything I haven't been able to figure out. The learning WPA cracking techniques example is valid, because that's one thing I need help learning, but the point of this is to find a teacher, not to directly get help with WPA carcking. Don't get me wrong, your instructions are the best one's I've seen so far and I can probably use them to actually crack a WPA key, so thanks for that. However, considering how little experience I have with BASH and BackTrack, I want to be able to quickly message or skype or email someone, such as yourself, who can talk with me in real time when I am having trouble. It's just not practical to post a forum topic and wait for replys, or to look through 20 web sites whenever I get stuck on something that an experienced hacker can be helping me with inside of 30 seconds.
I have been reading a whole bunch of turtorials but most of them, honestly, are very poorly written, which is one of the reasons why I don't want links to those. I don't know if you read the part where I said I don't have good reading comprehension. I am pretty badly learning disabled when it comes to reading, so it can take me hours to read a few pages, and even then I have a hard time with comprehension. A lot of the decent ones assume a certain level of experience that makes them useless to me. My point to all of this is, I can learn a lot from online tutorials, but I still need a live human teacher.
-
I've asked the question here before and had no luck so far. Maybe I haven't described what I was looking for to enough detail. I am hoping there is a mature, experienced, and trustworthy hacker in the forums who likes to be a teacher. I am hoping that one of you is willing to talk to me directly form time to time to help me work my way through some hacking techniques that are a little bit out of my current ability. An example of one of these instances: today I have some free time, and before today I haven't really sat down and tried to learn the process of WPA PSK cracking in BackTrack 5, so I decided to do that. I of course went out on the internet looking for tutorials on ways to do crack WPA encryption keys, which are out there to be had. The problem is, most of these assume a certain level of prior BackTrack or BASH experience, and I don't have much of that. Needless to say, I have made zero progress in learning how to use a BackTrack tool/tools to crack a WPA PSK.
I can't always comprehend ideas that I read about very well. Most of the time I can learn more, and much easier, from watching someone do something than I can from reading about someone doing it. That's why I would like for someone with a teachers mentality to help me directly, in a live environment. I was thinking that maybe certain software like Skype, Teamviewer, Pidgin, etc, could be used to make it easy.
It wouldn't always be necessary to explain every detail of every step of a technique, but sometimes I will need detailed instructions. Cracking a WPA PSK, for example. I pretty well understand the concept of the WPA PSK encryption method, but that understanding doesn't really do anything to help me operate the software to crack it. I already understand what the software is going to do, I just don't know how to command it to do that. I don't need someone to explain to me hwo WPA PSK works, I just need someone to walk me through the steps of using the software. So after I learn the first technique of cracking WPA PSK's, I will understand what is actually happening, instead of just knowing that I can type some commands and the software will give me a string of characters on the other end.
Just to be clear and save everyone some time, I am not asking for links to online WPA PSK cracking tutorials or suggestions on which software to use. I have tried several tutorials and none of those have been exact and detailed enough to be useful to me. I'm also not asking for instructions on how to crack WPA PSK, I am asking for volunteers who like to wear a teaching hat. Anyone who is interested, please send me a private message or respond here. Thanks in advance!
-
Whatever netbook I do decide to get it will be strictly to run BT5 R2. I have a couple of other computers that are for other tasks, I just wanted a highly portable netbook with BT5 to add to my toolkit.
If you will use only Backtrack on the new machine, there is a cool way to save quite a good percentage of the cost of the machine. I don' tknow if oyu have ever read the entire Windows 7 EULA, but I'll go out on a limb for the sake of argument and assume you haven't. There happens to be this cool clause in there, by law I have heard, that says you can 'return', your Windows product key to Microsoft, thereby relenquishing your right to use Windows on the machine, and receiving a refund for the value of the OS. Just make sure you don't try to run initial Windows setup before you do it. When it comes to netbooks, the price you pay for Windows can be a significant percentage of teh overall price of the machine. Maybe that could help you get a faster processor minus Windows, for the same price you would have paid for a slower one including Windows.
-
There have been ongoing problems with the HAK5 Wiki. What probably happened was, since it's a wiki that random people can edit without special permission or credentials, some professional troll spammer asshole tried to convice a bunch of hackers to go to a scam site by posting it there in the wiki, and that automatically flagged the wiki as spam somehow, which locked Shannon out from managing, and now it can't be edited by anyone until it's unlocked. I understand that there has been a problem with getting it unlocked because some idiot thinks that Shannon Morse spammed her own Wiki. I'm not that familiar with the way a wiki works but I've seen some facebook posts saying something to that effect.
Eitehr way, the people who should know about the problem do know about it.
-
I think the thing with the most potential to cause problems is the fact that these netbooks usually have small heat sinks. Mine has a heat sink made of a flat piece of aluminum with no fins or anything. It's small and probably just barely big enough to keep up under load. A faster processor would probably need a bigger heatsink in the same amount of space somehow, and I suspect the same would be true for you if you upgrade your processor. A bigger/better heat sink might be an option, but It's going to be a whole lot of trouble to get a bigger heatsink to fit in s space that barely fits the one it was made for. I actually thought about making a copper replacement for mine (as opposed to the aluminum factory one), with a little bit of added surface area over the original, and this might be something you could do also.
It looks like all of the models in the same line as the AOD722 have identical or very similar processors, which means you probably wouldn't be able to buy a replacement processor from another very similar model of netbook that has a higher performance processor. I believe these netbooks generally have hardware parts that are more intended to work specifically with certain other hardware in order to keep size and cost down, as opposed to having a higher range of flexibility to work with many different hardware configurations. Even if you installed a new processor that happens to work perfecetly, I expect you will only see a maximum increase in performance of maybe 5% or 10%, due to the fact that the other hardware is designed for a certain range of performance.
I can't help but think that there might be a better option besides buying lower perfromance and then trying to upgrade it, at least as far as netbooks are concerned. If you are intent on doing that, maybe consider buying somethign with a lower end Atom chip, and upgrade it to a better Atom, since there is a wider selestion of different ones that use the same architecture/socket.
All that being said..... When you buy a notebook or netbook, you get a pretty big discount on each one of the individual parts than if you were to buy the parts seperately. Because of that, and the fact that most of the compatible processors are going to have similar performance, you are probably wasting your money on a potentially very difficult and troublesome upgrade that will net a very small performance increase. Don't forget that you will also be destroying any chance at keeping your warranty in tact.
I run BackTrack 5R2 on my AOD257, and it does work pretty well, but I have had a few problems. I'm not sure if they are caused by my hardware because I haven't used backTrack much at all before I installed it on the 257. Once in a while it locks up and I have to power it down and restart it. I also see some errors with Flash video that I don't see with Windows, but I didn't install BT5 to watch cats chase laser beams. My stupid Broadcom WiFi card even works, though I don't know if it will do packet injection yet because I don't know how to try it as of yet.Having BT5 on a netbook is super cool because you can take the thing anywhere.
-
Here's one that I always like to throw into the mix.
I found this one to be an awesome and quirky indie type hacker based film made right here in Australia.
Seriously, spend some time and give this one a look.
It comes across at a little amateurish, but honestly one of the better "fictional" movies I've seen on hacking scenarios.
here's the link...
Haven't heard of this one before. I think I'll be glad to see one that made a serious attempt at being technically accurate. Seems like a very cool story too, and wow, the Google Video link works! I haven't been to a video.google webpage in like a year! Good suggestion!
-
lol I used to have a BBS I still have the original Wildcat BBS discs & box, but switched to a WWiV system because the ANSi graphics looked more awesome and it was open source. I will have to check that movie out.. thanks
btw; I even made a BBS system which uses telnet instead of dail-up using synchronet which was pretty cool imo, so they are still around.. still working on my ANSi graphic skills lol
I've not heardof most of these, ummm, systems/standards/protocols. What were these used for exactly, and When did these go out of favor? The first comparable thing (if I understand the first thing about what BBS is) ever really used was USENET. I never really had a use for it, as I was pretty young, and the format didn't really appeal to me. This thread was the first time I had ever heard of BBS and a little reading has made me curious so now I definitely have to see the movie.
Is BBS still in use, or has it been made obsolete? I understand that it differed from USENET in the fact that it had administrators and central servers? Seems like it would still be favored by certain people for those reasons, at least over USENET newgroups if not more widely adopted internet forums and such.
-
You can get most from NetFlix if you wanna do things above board.
Most, if not all, of the mainstream fictional story type ones are available on netflix but I have seen pretty much all of those I think. I'm more into the documentaries, which seem to be the hardest kind to find unfortunately. I loved Track Down, even though it wasn't that close to the actual true story. It was a good mix between reality and Hollywood.
-
Yeah that's the one!
It looks pretty badass!
-
I am wondering if the creators/administrators/moderators of the forum intend for the forum members to use the little red and green "+1" "-1" buttons in the individual posts to be used as casual 'good post, dude', 'this post is lame bro' buttons, or if they are intended to be used as more serious 'this post really deserves the attention of all of the forum members because it is so useful or educational to everyone', 'this post is offensive to everyone and has no place in this forum or in society, and you maybe shoud not be allowed to continue to abuse this forum' buttons.
I had been wondering what those were intended to be used for, but I also want to know because someone -1'd a post of mine from a couple months ago that I think was a relevant and completely appropriate post (else I wouldn't have started the topic). I think the user did that because he responded to the post with a totally uncalled for smartass confrontational attitude, and I responded with my own smartass words and asked him to leave. I don't actually know that is true of course, because the system is anonymous as far as I can tell, but there's no other obvious reason. The -1 is no big deal really. I stand behind my conduct here and everywhere, but on the other hand it does seem like an underhanded way of slandering me, and not to mention, it's an abuse of the forum if it's used purely out of spite like it seems to have been used in this case.
Are There Any Teachers In The House?
in Everything Else
Posted · Edited by NegativeSpace
This is what I've been needing! It's amazing that someone hasn't wirrten it down likle this somewhere already that is easy to find. I prefer not to use GUI at all, but I think it's going to be a while before I can do that in linux.
That last command seems to have some syntax errors. BASH "failed to read or parse configuration -c.=/home/sudouser/wpa.conf. I put a space between the "supplicant" and the "-Dwext", still no go. I tried to add spaces and fix other syntax errors that might or might not be actual errors. I'm basically guessing at those.
Also, if I sudo ifconfig wlan1 up and then dmesg | tail, I get a strange message that
udev: renamed network interface wlan0 to wlan1
udev: renamed netowork interface wlan1_rename to wlan0
What is that about? By the way, I know this is stuff that people are paid to teach so thanks for keeping up with my questions.