Jump to content

a5an0

Active Members
  • Posts

    204
  • Joined

  • Last visited

Everything posted by a5an0

  1. No -O -A ? NAh, OS fingerprinting isnt really needed. -A would be nice though. good call
  2. You know, I could do the usual thin and call the person a n00b or a lamer, or something. I could "give them a link" that points to google, and feel really clever. I could tell them to learn c, and then read a bunch of RFC's, and learn tcp/ip. I could tell them that hacking their school network is wrong and immoral and whatever, but its just so .... been done. Sometimes I et the feeling we're just kicking a dead horse here. So, instead, I'm going to tell you exactly what you need to know. figure out what services are running on your machine. This should be trivial to do, and if you really get stuck, install nmap and then do nmap -sS -sA -v -T5 localhost write down all the services and version numbers go to packetstorm or security focus and look for local privilage escalation exploits for the services that you just found. Keep in mind that many of these exploits are "skiddie-proofed". That is, they have made minor modifications to the code to keep it from compiling or running. So, you will ned to know enough of the chosen language (usually C) to fix the exploit. Once it is all set, compile, run, root. There, you are now a 1337 hax0r. you are k-rad. Have a nice day.
  3. I've started listening to the clash while hacking around, it's kinda nice
  4. I love peanut-butter sandwiches!!!!!!
  5. I don't trust any cryptosystem where I can't see the source. that doesn't mean open-source, I'm talking about seeing the source for the encryption algorithm. for example, pgp isn't open-source in a gpl kinda way, but you can see the source to verify integrity. I havn't been able to find such a thing for bitlocker, so I would stay away. They claim it's 128 bit AES, but how do you know it's properly implimented, etc. I use trucrypt, and a few home-brew python scripts for all my crypto needs.
  6. true, but it still sucks
  7. If you used the switchblade, then I am assuming that those hashes came from a windows box, and are more than likely LM hashes, which is *not* the same as MD5. LM hashes are the result of trunking/expanding a pass to 14 chars, converting to all uppercase, spliting into two 7 char keys, and then using each key to encrypt the string “KGS!@#$%” using DES. the resulting cyphertext is the hash. MD5 is the password hash used in FreeBSD if memory serves me. now, where could you find lm rainbowtables??? :-P
  8. We need to repeal the DMCA.
  9. yeah, it not bad at all. For those of you hacking up asm on linux, you can find all the syscalls in /usr/include/unistd.h in the kernel. :-P
  10. wow I have been gone for too long....
  11. It's not *taht* bad going from intel to AT&T. its all the same concepts, and mostly the same syntax, there are just some differences that you need to be aware of. for example, in intel syntax, you do [instruction] [destination],[source] int AT&T, you do [instruction] [source], [destination], for example, to load the value stored in ebx into eax, it would look like: intel: mov eax,ebx AT&T: mov %ebx,%eax as you can see, another difference is that in at&t, registers are prefixed with a %. so theres a lot of little things like that. if you google for it, you can find concise 2 page-ish summaries of the differences.
  12. if you're editing in vim, just push [esc] and then type ggVGg? (yes you do type the ?) ;-)
  13. I remember back in the day, when moonlit would swoop down out of nowhere and nija the shit out of posts like this. and by ninja I mean lock. it turns out that sometimes ninja==lock
  14. google for systemrescuecd, its a linux disk that I use to resize ntfs partitions when ubuntu can't
  15. http://forums.hak5.org/index.php/topic,6397.0.html Most people will tell you that the Art of Assembly is the best place to go, I have some philisophical issues with High-level assembly, so I stand by my above recommendation. In regards to the books Cooper mentioned, they preovide AMAZING reference, but you really don't need/want them until you understand how assembly works. That is, you don't need to read about PSRLW until you can explain mov eax, 1 mov ebx, 0 int 80h
  16. I started with Paul Carter's excellent PC Assembly Language. http://www.drpaulcarter.com/pcasm/ I never really bought into HLA (High level assembly from Art of Assembly), so it was really nice to find "pcasm". It starts you off with x86 asm using intel syntax, which is good and bad (imho it's easier to learn than AT&T syntax, but you need to get used to AT&T if you're going to disassemble in gdb). You start off learning how to write useful(?) programs, using a C wrapper, so you don't get overwhelmed from the start having to memorize syscalls. good luck!
  17. the Art of Assembly is a good read for asm. Once you have ASM and C/C++ down, its just a matter of running programs through debuggers an watching the registers.
  18. The python and perl packages from activestate also come in .msi's. Its just an installer.
  19. a5an0

    IRC

    what irc client were you using?
  20. a5an0

    School firewall

    I used http://freeproxies.us/ back in HS
  21. Hey all you party peoples. This was over at cDc (so dont flame me). You can several FREE x86 and x64 reference manuals either in PDF, or shipped to you. Again free. These are all straight from Intel, and include: Intel® 64 and IA-32 Architectures Software Developer's Manual Volume 1: Basic Architecture ntel® 64 and IA-32 Architectures Software Developer's Manual Volume 2A: Instruction Set Reference, A-M Intel® 64 and IA-32 Architectures Software Developer's Manual Volume 2B: Instruction Set Reference, N-Z Intel® 64 and IA-32 Architectures Software Developer's Manual Volume 3A: System Programming Guide Intel® 64 and IA-32 Architectures Software Developer's Manual Volume 3B: System Programming Guide Intel® 64 and IA-32 Architectures Optimization Reference Manual Go grab your today. http://developer.intel.com/products/proces...nuals/index.htm
×
×
  • Create New...