bowler
-
Posts
22 -
Joined
-
Last visited
Posts posted by bowler
-
-
When I set up the tunnel socat and then set nmap to use localhost and my port selection, nmap quickly returns with a result that port is open (which it is) and unknown. What I would like nmap to do is to tunnel thru the port and not actually scan the port itself. Possible?
-
Hi,
Recently on a show, Darren highlighted a security suit for smartphones. I am trying to remember which one it was. Can someone remind me? It may have been a sponsor.
Thanks.
-
Hi all.
On the last episode Mubix showed how he can retrieve a persons private key as it was stored in a sqlite db in the clear.
I think it is usually the case that private keys are password protected (or should be). Now in the case that the private key is protected with a lenghty complex password (basically a password generated by a generator) would the private key be of any use to anyone without the associated password that protects it?
Thanks.
-
Hi all,
When exactly is the next Challange. In the last episode Snubs says its on Sunday May 21 2011, the screen just says May 21 2011, but Sunday is not May 21st it is May 22nd.
Whats the deal.
Thanks.
-
Hi,
in episode 902 of hak5, snubs does a walkthru of the CCC challange for Feb 27. One of the tools used was networkminer. She was able to extract a file from a pcap file called kerberos.jpg using networkminer. The file came out perfectly fine. I have not tried networkminer myself but am sure that I would get the same results.
However I tried using linux tools such as foremost, tcpxtract, dsniff suit to carry out the same funtion. But when I look at the kerberos.jpg file for example its corrupted. See the attached pic to see what I mean.
My question is are there any reliable linux tools for parsing a pcap file and dumping any files found. Foremost and tcpxtract seem to do a good job of the parsing bit, but as from seen here somehow the pics are corrupted.
-
I got a perl script to brute force steghide passwords. I have a feeling there is something in that picture. I'm building the wordlist now. You can use any wordlist with this program. You can get it off of my blog at www.cypherround.blogspot.com I'll report once i got the wordlist done and have tested.
Can you explain how to use this program? Like what command line I would use to try to crack the password for a pic called kerberos.jpg.
For instance you have in the top of the program you have
#!/user/bin/perl -w
instead of
#!/usr/bin/perl -w
After getting by that i run the command
./brutefore.pl
to see if it has any help but only get the output
Bareword "script" not allowed while "strict subs" in use at ./bruteforce.pl line 50. Execution of ./bruteforce.pl aborted due to compilation errors.
What do I do to use it correctly.
Thanks.
-
If i have this command,
ettercap -T -q -o -i wlan0 -M arp:remote -P repoison_arp /192.168.1.105/ /192.168.1.1/
and I also want to run the reply_arp plugin, how would I add this to the above command.
Thanks.
-
So i just got a pm in my forum account that goes...
Hello, friend. There are viruses' activities from your computer in last few days. Strongly recommend you to scan your computer. You can find a report about your computer's security and solve every problem with it here: <LINK REMOVED> Thank you. Forum member.
I am in a frenzy what to do what to do... :)
Any ideas?
WHOIS information for total-scan.net : Domain ID: Domain Name: total-scan.net Created On: 08-Feb-2010 00:00:00 Expiration Date: 08-Feb-2011 00:00:00 Sponsoring Registrar: 'Check Whois' (UK2 GROUP LTD.) (UK2 GROUP LTD.) Status: client_transfer_prohibited Name Server: ns1.freedns.ws Name Server: ns2.freedns.ws Registrant ID: Unknown Registrant Name: Unknown Registrant Organization: Unknown Registrant Street1: Unknown Registrant Street2: Unknown Registrant Street3: Unknown Registrant City: Unknown Registrant State/Province: Unknown Registrant Postal Code: Unknown Registrant Country: Unknown Registrant Phone: Unknown Registrant Fax: Unknown Registrant Email: Unknown Admin ID: Unknown Admin Name: Unknown Admin Organization: Unknown Admin Street1: Unknown Admin Street2: Unknown Admin Street3: Unknown Admin City: Unknown Admin State: Unknown Admin Postal Code: Unknown Admin Country: Unknown Admin Phone: Unknown Admin Fax: Unknown Admin Email: Unknown
-
7. Honey Snap (https://projects.honeynet.org/honeysnap/)
I think thats most of the tools available for analysing pcaps for anything from passwords to data flow.
Have you actually used this before?
-
Can't you just use something like sudo iwconfig wlan0 mode monitor
You probably could but from reading there is a specific way using airmon-ng that is used with the this Card and the RTL8187/RT8187 drivers. And I believe it is what Psychosis has said.
-
I figured out what was causing me so much problems. I had the ubuntu firewall enabled (ufw). Once I disabled this firewall before I begin to do anything, ettercap/arpspoof works as is expected. No more lost internet on the target.
sudo ufw status sudo ufw disable
-
Hi.
What are the terminal commands to put the AWUS036H into monitor mode on Ubuntu 9.04.
I assume I can do it using airmon-ng.
Can someone post the full set of commands. including putting it into and taking it out of monitor mode.
Do I have to issue a stop to it first and then a start etc.
Tried to find it here on the forums and google but came up empty.
Thanks.
-
The way I see it, everything causes cancer these days.
That made me laugh, because it's true. Hmmm I think what i will do is put it very high in a cupboard above me and away from me attach to a long usb cable. Just in case...or send it thru the window and let it be outside attach to the wall.
-
How safe are these teh 500mW especially with regards to cancer and RF burns or other health issues?
Are they safe to operate in the same room as you?
Mine has arrived and now I am afraid to turn it on because I just thought about that.
-
If both machines are running different websites on port 80.
You cant forward the port to both of them.
So what you should do is put both websites on 1 server.
Once both websites are on 1 server, Im going to assume you are using apache, Create a Virtualhost host for the different domains.
Then forward port 80 to the webserver.
so if you request blah.info it will send you to the webroot you set up for blah.info
and if you request blah.com it will send you to the webroot you set up for blah.com
Your solution may also lay in reverse proxying....
-
could this be the "client filtering" option?
c
nope..guess not,tried it.
Would it help changing the mode in basic settings.
I've got ap,station ad hoc,station infrastructure,ap bridge point to point,
ap bridge point to multipoint and ap bridge wds
thx
If you do an nmap scan (replace xxx.xxx.xxx with the address or your network)
nmap -T4 -F xxx.xxx.xxx.0/24
Does that show your router only as well?
-
Probably. I know that whenever I try to ARP spoof a system on my network from a VM, their net and mine drops out as well, because both systems think the router is <my MAC address here>.
I still dont know why my computer responds to 'its own' ARP poisoning.
My usual setup is to have 2 usb wireless adapters, one for the host machine and guest bridging. The second is usually attached directly to the vm (attacker) so that the vm (attacker) can access it as a usb wireless device. That works for me. But I did not have one at the moment so I was trying this until a new one arrives.
But now that I think of it. I wonder if I add a third adapter to the host (wired) where the host can use the wired for internet. I can use the host wireless adapter as the bridge for the vm's.
I will try that and see what the results are.
-
I beleive a vmware Bridged nic shares the hosts adapter for connections, as where the NAT option gives them their own ip and mac's.
In a bridged set up each vm do have their "own mac addresses sort of.
When I look into the arp table of the host (no spoofing going) the mac address of all vm's are the same as the host. So yes in that you are correct. Each vm though see's each other with distinct mac addresses. It's just that the host sees all vm's with the same mac address. That of it's own, and probably uses some wizardry to route traffic to the various vm's.
I was wondering if it is because of this that the spoofing will not work as expected.
-
did you set /proc/sys/net/ipv4/ip_forward to 1?
Yes I have turned on forwarding on the attacker.
attaker# echo 1 > /proc/sys/net/ipv4/ip_forward
-
Hi all,
I need an explanation of why I can't get arpspoofing to work. I think it is because of the particular setup but you can tell me.
--=Particulars=--
Host: Ubuntu 9.10 with 1 wireless adapter
Guest #1 (Attacker): Ubuntu 9.04 bridged
Guest #2 (Victim): Ubuntu 9.10 bridged
Vmware Workstation v7
Now when I begin arpsoofing the victim I check its arp table and see that it's cache is being poisoned correctly. I have turned on forwarding on the Attacker.
I have used both ettercap and arpspoof but the results are the same.
The Victim looses internet connectivity.
Usually how I would set up is like this but I am replacing a physical wireless adapter with one on order
--=Particulars=--
Host: Ubuntu 9.10 with 1 wireless adapter
Guest #1 (Attacker): Ubuntu 9.04 (physical wireless adapter)
Guest #2 (Victim): Ubuntu 9.10 bridged
Vmware Workstation v7
Is it because both guest are bridged to the same host that the victim looses connectivity to the net when the arp poisoning begins?
Thanks.
-
http://www.amazon.com/Adapter-Wardriving-E...3134&sr=8-2
But when I see it on hak 5 the antenna always looks bigger. Is that a custom antenna on that thing or the small one that comes by default on the above device.
How may I tunnel nmap through TOR using SOCAT
in Security
Posted
Thanks guys!