Jump to content

Infiltrator

Dedicated Members
  • Posts

    4,287
  • Joined

  • Last visited

  • Days Won

    22

Posts posted by Infiltrator

  1. does this one have telnet access? maybe you could set your wireless region that way?

    I know that Asus router very well, I've been doing a bit of research into it and I don't believe its firmware supports Telnet.

  2. Just a heads up to you, certain forums don't like users trying to access them via a proxy. I say that, because I am a member of another hacking forum, and whenever I try to use TOR or any other proxy, they refuse me to log into my account at all.

  3. See, If you can get a hold of that Windows installation CD off your friend, and create an ISO image of it, Then, with the ISO image copy it to an USB drive and boot your netbook off it, at the the Windows installation screen, select the partition that has your Windows installed on, the Windows installation Wizard will then format that partition and install the Window on it.

    Once the Windows installation is complete, you will need to fix your boot grub, so that you can dual boot again.

  4. What browser(s) display a certificate error in your experience Inf? When I tested sslstrip on my pineapple with Chrome I received no errors...more testing is needed on my end apparently...

    telot

    The reason I mentioned certificate errors, was because when I am in BT using SSLStrip I always get certificate errors on my victims browser, unless there is something in the SSLstrip configuration file that I am missing or overlooking.

  5. What I want is to be able to log on to a forum with more than one account without anyone on the other side being able to know their on the same computer.

    Look for web-based proxies, like www.hidemyass.com.

  6. That doesn't sound right and the teatimer.exe is part of the Spybot - search and destroy program. Just out of curiosity, where did you download the spybot software from?

    "SpybotSD TeaTimer" can run at start up. TeaTimer is a new tool of Spybot S&D - spam filter which perpetually monitors the processes called/initiated. It immediately detects known malicious processes wanting to start and terminates them giving you some options, how to deal with this process in the future"

  7. What CD? My netbook is supposed to have a partition to boot from.

    My bad, I thought your netbook had a CD to restore it back to default settings, obviously it doesn't have a CD drive as you stated before. What puzzles me, is the fact that the disk utility deleted things it shouldn't have to. It's not something that, normally happens when doing a disk clean up, especially with the Windows disk clean up utility.

  8. I had a quick look in the Asus firmware support page and it's got all the major languages but Japanese. I also checked for open source firmware, but there's nothing for the type of router you have.

  9. I would use TOR if you want to surf the web anonymously, but I would emphasize that 100% anonymity is not possible, if that's what you are trying to achieve. Also you can use multiple VPNs to tunnel your traffic through, making the tracing back to you difficult. However, you will have to be careful what applications you use, as they could have the potential of revealing your real IP address.

  10. The problem is on my Windows partition... will restoring factory defaults effect my Linux partition?

    I believe so, if you were using just a normal Windows installation CD, you could choose which partition to format and install Windows on, since you are using the restore CD that came with your computer, there is a possibility that the CD will delete all the partitions on your hard drive, since its resetting your computer settings back to factory defaults.

  11. could you just use the dns spoofing when they type in "https://", and redirect them to the nonsecure website?

    You could certainty do that, but you will have to attack someone who is a total computer illiterate. As Saelani pointed out, it would be very difficult to trick or convince someone who has a strong IT knowledge, to continue browsing an insecure website.

    There is also an utility called SSLStrip, which basically strips off the (s) from the HTTP(s), making the connection insecure and giving you back the ability to sniff the traffic. However, this utility will cause the web browser to set off a warning message, stating that the website security certificate is either expired or not legit. Some users will choose to ignore the error message, whereas other users will simply stay way from the page.

    You should definitely play around with these tools and get a grasp for them. Like I said, before there are plenty of tutorial videos on Youtube and securitytube to assist you. And if you are not sure about something you can always research on Google, before posting a question in the forums.

  12. Listen to this man!!! Spybot and Avast!! Two of the best free services out there. The paid versions of Avast! do give you some additional protection, but are generally not needed. Spybot is a life saver, it actually kept me form getting key-logged a while back. On that note I'll give you a tip... check over your laptop after your girlfriend uses it to download programs...

    Also, don't just click "Allow" every time a spybot alert pops up. One of these alerts means that a registry file or another important file is being written, altered or deleted! It is very important to know what programs and making these changes and why. Generally speaking if you are installing a trusted program you can allow what it is trying to alter (this would be programs such as Adobe products and clients such as Steam or Skype). If you are ever installing an unknown or less trustworthy program, be sure you know what registry/sensitive files it is altering before letting them have the access. You can never be to sure now a days...

    While some of the Avast additional protection, is generally not needed, they are quite good to have, you never know what you might encounter.

  13. There are tools like Wireshark or TCPDUMP that you can use to capture the packets (information) that travels down the wire or through the wireless medium. When you arp poison the victim, the victim traffic flows through your computer, and with a program like Wireshark/TCPDump that traffic can be captured and viewed.

    You can only view traffic that is not encrypted, if the victim connects to a website, that uses HTTP(s) the traffic will be encrypted, and any information that the victim enters on the website will not be in a human readable form, everything will be gibberish to you.

    But you can still see what website the victim visited, the IP address of victim and so forth.

    All this stuff, I've learned from watching the Hak5 videos, reading other peoples comments, researching, reading books. Also Youtube and securitytube.net have plenty of videos on this kind of attacks. Its just a matter of searching on Google.

  14. You could do a bit of war driving, and as you drive around you could use a software like Kistmet combined with a GPS receiver to map the physical location of each AP.

    Then with Google Maps, you will be able to map all the AP's location using the GPS co-ordinates.

  15. Is Search and Destroy part of Spybot?

    Yes its part of Spybot! It no only detected spyware, but it also locks some important files like the host file for instance.

    If some malware, attempt to alter the host file, Spybot will protect the file from being modified.

  16. Ok thanks.

    Currently I just have Avast (free) and the Windows Firewall...

    I've been told to get EMET, Avira (free), Hitman Pro, Comodo Cleaning Essentials, MalwareBytes (free), Comodo D+... as well as several programs on this site.

    Keep Avast, install Spybot - search and destroy and Comodo firewalls. These will keep you protected.

  17. but its only works on xp and i want to install it on my windows server 2008 r2.

    Well that's the problem, if its only compartible with XP, then you won't be able to get it work on a server OS. Unless there is a driver specifically written for the server at all.

    Are you trying to share your internet connection through the server?

  18. do i need the wireless card that (the one that supports packet injection, sold on their website) in order for it to work, or will it work on its own.

    A wireless card like the one, they sell in the Hak5 shop its not necessary in order to connect to the WIFI Pineapple, but it would be very handy to have one, because of its high gain antenna and the ability to connect to the WIFI pineapple or any other acces point from a distance of hundreds or miles away.

    The WIFI Pineapple works just like a normal AP, it operates off a battery and can be placed anywhere. The attacker on the other hand, will only need to SSH or access it via its web-based interface to operate it remotely.

×
×
  • Create New...