Alias

The WPA specification is about as indepth as you can get.... http://www.wi-fi.org/knowledge_center/wpa2 Problem is it's very, very boring to read.

If you're going to do key strengthening then at least use it properly. Doing what you have said above will certainly make the overall encryption key slightly stronger to brute force attacks however then if ever there is a weakness (and there are a few) in SHA256 then your key strengthening also breaks. Overall it doesn't really matter your method will work fine however if you're encrypting something that you want to keep secret for say 20 years then it probably won't stand up. Also on a side note, what you're saying will work however it would be much more secure if you looped the process say 100000 times, it's CPU and time consuming however a lot more secure. Or you could just replicate the chosen password 100000 times and then hash that cause if someone's trying to brute force the key then they'll have to deal with so much more data thus slowing the attack.

Also there is no such thing as AES-512. The largest block size developed at the moment is 256.

Depends on which AES variant you're talking about, if it's AES-256 then academically, it's broken, however practically it's decades from being broken.

These spammers dun goofed.

I do agree however I think it's fantastic that they've managed to keep the show running despite the team being seperated by 1000's of kilometres/miles.

Disable logging?

Definately be interested. Also can you clarify on how you mean "abused"?

This might seem like a really stupid answer but why not just delete the logs?

Yeah but there a derps everywhere. I was living next to this guy who had his wireless setup with the ESSID of 'wireless' so I just downloaded the WPA tables from Offensive Security and within a few minutes I had his password. It was 'lovefishing' *facepalm* Turns out that one of those so called 'Computer Experts' had set him up with a wireless network for free neglecting to set it up properly.

Yes

I am really lovin Geany, it has multiple languages and some fantastic syntax highlighting which you can change depending on how you like your colours.

Actually I don't even think you need to crack the WEP key anymore. Tools like easside-ng and wesside-ng which are included in the aircrack-ng suite basically killed the need to crack a WEP key. It's a pretty fine line but it's not really cracking the network.

Finally someone understands what the weakest link of a security system is.

Depends on how hard he's going to try and get the file. Instead of cracking your computer what he's more likely to do is smash the fuck out of you until you tell him the password. It'll be a lot easier and faster probably.

You know why it can't compile? Cause it's Java, ooooooh Java burn :)

S'pose that would work, problem is they might be able to find out your contact details from the dyndns account and then from their, your facebook, twitter, myspace, hak5 account :P and then they know who you are.

First I reckon it would be better todo a bind_tcp instead of reverse cause if you IP address changes you won't be able to get back in the system unless you update the payload with your new IP address and then Ducky them again. Second I don't think these payloads will work if you have them coded straight into the C program and then execute them, usually you have to inject the payload into a running process. Not too sure about that, should probably check it out. This is a good idea :P

You're right space could potentially be a problem but I know that Poison Ivy Rat server executables are only about 20KB depending on what you put in them. The Teensy documentation is woefully inaccurate on how much flash memory you get, it doesn't tell you whether the flash memory it contains is bits or bytes. My guess is it's bytes in which case you'll get approx 32 bytes. This should be more than enough for a Poison Ivy Rat installation, or a TCP backdoor, or any other small application.

MIND. JUST. BLOWN. Cheers for you help

If the USB HID works as I expect it will then why not just hardcode the executable into the programming of the Teensy. Just have the executable that you want to transfer and then run... xxd -i /input/executable/path /output/c/array/path.c This will convert the hex of the program to C arrays. Then copy the C arrays into your own Teensy code. Then make the main() function of the program just copy the hex to a file and execute it.

Write Access? :o

So I was browsing the Teensy code documentation and came along this page http://www.pjrc.com/teensy/usb_keyboard.html . On the page it displays a table to show the C definitions for key presses. However their is no lowercase/uppercase keys, I assume that the definition for KEY_A is in fact lowercase and to make it uppercase you first have to press shift. This seems rather inefficient, wouldn't it be better to hardcode more definitions for lower/upper case letters such as KEY_a as well as KEY_A or would it be better to have a function that converts to upper/lower case, something along the lines of... char upper(char herp) { return (char) (((int) herp) - 32); } What do you reckon would be more easier/efficient to use?

Sounds pretty awesome and you should continue development, however I suggest releasing the code now and getting others to collaborate. Also you may run into a problem with computers that don't have the .NET runtime installed. Hopefully you're using .NET 2.0 when compiling cause it'll most likely work with more versions of Windows.

Here is where you want to go for python references and it has a pretty good tutorial... http://docs.python.org http://docs.python.org/tutorial/