Jump to content

404

Active Members
  • Posts

    73
  • Joined

  • Last visited

Contact Methods

  • MSN
    the404soup@hotmail.com
  • ICQ
    0

Profile Information

  • Location
    The Netherlands

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

404's Achievements

Newbie

Newbie (1/14)

  1. The Asus Eee is my first laptop, and my first opportunity to leave my home and sniff what kind of data is in the air outside. I'm using the built-in wireless and a Bluetooth USB dongle to "see" what's out there, especially in the train to work, or waiting in public places. These are basically my first proper steps in both Linux and wireless security (apart from a few fun tries with my Zaurus SL-5500), and I'm pretty much amazed by what's out there. In the train, I'll always discover several enabled Bluetooth devices in my proximity. On a train station, you can usually access an open wireless network. Only paying for access goes through a secured HTTPS connection, after that, it's unencrypted unless you choose for security yourself (only HTTPS, use SSH, VPN etc.). I was really surprised by this, as it sounds like a lot of opportunities for "misschief" or worse, leakage of data off of business laptops. For instance, I had my Eee spam every Bluetooth device it discovered with an image. I walked through the train with the Eee in my backpack, and in the end I had spammed 22 Bluetooth devices! I'm now trying out several other Bluetooth auditing/exploiting tools. I have no "black hat" aspirations, but I don't just wanna pretend everything's fine and dandy, and that every single person out there is gonna be a noble white hat hacker, refusing to listen to unprotected traffic out there just because mom said you shouldn't. If you like to join me and learn from this together, maybe we can hook up and compare notes.
  2. GetRight the download accelerator? I don't use it myself, but how does this reveal the directory's content?
  3. I am wondering what ways there are to expose what's stored on a website. It's simple when directory listing is enabled, if the directory doesn't contain an index file. The only other way I know of would be to look for files like "WS_FTP.LOG", a logfile which contains the files uploaded to the website. It's not always up-to-date or even complete, but it does give you a good idea of what files are stored on the server. Does anybody know of other logfiles, default settings or common scripts that can be used to expose which files are on the site?
  4. Cheers guys, thanks for the replies. At first I wasn't able to find a lot with google (mainly because I didn't realise that PocketPC/PPC/Windows Media 2003 were all more or less the same thing). I will definately check out your list, Darren, because that looks like exactly all the stuff I'm looking for. Also, for people who're looking for the same thing, check out http://www.irongeek.com/i.php?page=security/ppchack (by the same guy who's article on the Zaurus SL-5500 helped me a LOT!)
  5. I can pick up a couple of old Acer N10 PDA's for really cheap. The N10 runs on Windows Mobile 2003, and I was wondering how useful this is. I have no experience with Windows Mobile whatsoever, so I have no idea if there are any good sniffers, warwalking apps, ssh clients, etc. I have to decide fast on this, so I'm googling in the mean time, but your thoughts on this are really appreaciated! (On a side note, this little machine apparently can run Linux too, but not too comfortably, so I'm not really looking at that as an alternative).
  6. Yeah -- heard about the Medison Celebrity but it just sounds too good to be true and it looks like a scam. But seeing is believing, so when I read enough reliable sources that actually HAVE one, I'll change my opinion. I read today that (predicably) the release date for the Eee has been set back to the end of september... The same article also said Asus hadn't decided on the final specs yet, so if THAT isn't even clear, I doubt it will go into full production any time soon.
  7. I am really enjoying stuff like Hak5 and the shows on Revision3, but I'm really missing a show that focusses on coding and/or webdevelopment. Anybody know of anything out there?
  8. @metatron: souped up wifi reception and Bluetooh FTW. It should pick up everything that's interesting from the airwaves then. I'm never on the road for too long without being able to recharge, so a new battery isn't my biggest priority. I will be keeping a close eye on your - and others - findings though, and wait till the best replacement has been decided. GPS is also not a big priority for me, but I'd be very interested in the hack, especially if it's possible to keep it all out of sight. Sigh... is it August/September yet?
  9. @digip: Yeah, well, if you would've read my first post you'd know the answers all your questions. Except for Bluetooth and an optical drive, it has everything else you would need. The 8GB version will be sufficient for hacking (you're planning on getting > 6GB kismet logs?).
  10. A few days ago I stumbled upon the Asus Eee laptop project. It's a small, lightweight laptop in the OLPC-vein, and basically has all the built-in stuff you'd want, check out the spex: Display: 7" Processor: Intel mobile CPU (Intel 910 chipset, 900MHz Dothan Pentium M) Memory: 512MB RAM OS: Linux (Asus customized flavor) Storage: 8GB or 16GB flash hard drive Webcam: 300K pixel video camera Battery life: 3 hours using 4-cell battery Weight: 2lbs Dimensions: 8.9 in x 6.5 in x 0.82 in - 1.37 in (width x depth x thickness) Ports: 3 USB ports, 1 VGA out, SD card reader, modem, Ethernet, headphone out, microphone in It will run a Linux distro called Xandros. The Asus Eee PC701 should be released in August this year, and the price will (eventually) be $199. This will be for the version with the 4 GB flash "harddisk" (although the above specs don't mention 4GB, others do), so I guess a usefull version with 8GB or 16GB -- especially early on -- will be more expensive, between $250 and $300. Google for more info, or check out this review at notebookreview.com: http://www.notebookreview.com/default.asp?newsID=3829 As some of you might remember, I have posted before about cheap, portable "hacking devices", like the Zaurus SL-5500 PDA, the Zipit Wireless IM "toy" that can run Linux, or even smartphones. I never liked laptops because they were just too much for me. Too expensive, too heavy, too much of everything. One of the users on http://www.eeeuser.com/ (an early gathering place for Eee enthousiasts) sums up why the Asus Eee would be perfect for people like me: "After I dropped $1,400 on my MacBook I discovered something: It's too freaking big. Compared to other notebooks, it's relatively compact, and it's the smallest laptop Apple makes, so (being the Apple loyalist I am) I decided I'd just have to "make do" with it. I couldn't. A year later, I can count the number of times I've taken my MacBook outside of my house on one hand. I just don't like the idea of lugging a full computer around - especially a shiny expensive one." Here's why I think the Asus Eee will be popular and a great souped-up toy for hackers: [li]It's cheap. You can take it to more places knowing you won't be losing a $1500 device if you lose or break, or if it gets stolen/confiscated.[/li] [li]It's got all the basics. From audio in/out to webcam, from built-in wifi to 3 USB connectors[/li] [li]It runs Linux out of the box, and can run Win XP and probably many other *nix variants (like Ubuntu Mobile)[/li] [li]It's one common platform. People can develop and finetune tools, and they'll work on all laptops. No driver conflicts, no hardware incompatilibilties[/li] [li]Community. For the same reason stated above, I am sure this machine will get a lively community of hackers, coders and the like.[/li][li] I am wondering how many of you are interested in this machine and are thinking about getting one. I know I've seen Metatron around one of the ealy forums around the Eee :) I sure am interested in the Eee, although Europe is unfortunately last as far as releasing the Eee goes. :(
  11. Haha, the "Art of deception"-book? Same story here. I kinda liked the examples, but this is something I'd never use myself and I just got bored with it halfway through the book.
  12. I was interested in learning Ruby, I have read that book, and it's a great example of a book I'm looking for! Really funny and not a "do this exercise before continuing reading"-book. But I'm looking for one of those old school books made of paper ;) I am particularly interested in books focussing on changing your perspective -- way of thinking -- on programming. I need something for inbetween my "The Spectacular Rise and Fall of Commodore" and my zillionth re-read of "Hackers: Heroes of the Computer Revolution"!
  13. I will be going on a holiday without taking my laptop. I would like to take a book with me to improve my way of thinking on programming and/or hacking, but which doesn't require me trying out stuff on a computer every few pages. In other words: I'm looking for a book that's fun to read, not one with dry logic and programming examples. Any suggestions?
  14. To quote Captain: "WHAT HAPPEN!!!"
  15. That's a project I can't wait to hear more about! My goal is to stay under €100 (about $120), and to use devices that are already "complete" (PDA's like the Zaurus SL-5500, toys like the Zipit Wireless or handheld gaming devices like the Nintendo DS). Since this involves only little hardware hacks, I'm focussing on software mostly. This is pretty much a learning project for me, and probably some of the things I "discover" will be old news to you. Nevertheless, I hope to have a draft of my experiences ready to post somewhere this week, for who's interested!
×
×
  • Create New...