-
Posts
6 -
Joined
-
Last visited
Posts posted by luke
-
-
A good counter shouldn't increment if it's the same visitor pressing the refresh button :P
FWIW, my take on the idea of a Hak5 darknet is that it was/has become a self-fulfilling prophecy. On looking back at the episode that spawned this thread, I think Darren was simply that high that he dropped the AACS key in there for kicks; an easter egg for those with a sharp eye; reliving that period in time when everyone was creatively reposting the key across the internet.
But then, after seeing it interpreted as a hint to a darknet due to its coincidental placement in the final cut of the episode, the idea of a darknet appeals to Darren so he actually creates one and follows the unintentionally-set precedent of making allusions to it in the episodes, which is ultimately what we have now:
- an indubitable 10-digit hex number, repeated several times (EEF5204D6A)
- a TXT DNS record whose content is also this number (darknet.hak5.org)
- a reference to port 1337
- the promise that it will all make sense over time
Possible?
-
How did you get that address? from fierce or how?
apache2-linus.tobias.dreamhost.com (69.163.251.47)
So if we know that he is running waste at apache2-linus.tobias.dreamhost.com (69.163.251.47)
but do we have any clue what those codes are?
I'm afraid it's likely a red herring. I explicitly specified port 1337 when nmapping the hosts, all turned up closed except webcam.hak5.org (69.163.251.47), which was filtered. Just a different firewall config on that particular host. :(
-
Then I also think that darknet.hak5.org is not on port 1337 but it is on port 7331, because Darren writes www.hak5.org in reverse "org.hak5.www" Hi also writes one of the ports in reverse (25 -> 52)
I assumed Darren wrote the name backwards because that's how DNS lookups are executed. The port looked like a genuine mistake when he wrote it, but that's just the vibe I get. As VoodooTorture points out, WASTE's native port is 1337.
I ran Fierce (also on a Macbook curiously enough ;) ) - its output is pretty ordinary:
bbs.hak5.org beta.hak5.org chat.hak5.org cs.hak5.org forums.hak5.org lists.hak5.org mail.hak5.org radio.hak5.org streaming.hak5.org voice.hak5.org webcam.hak5.org webmail.hak5.org wiki.hak5.org www.hak5.org
And then running nmap on the resolved hosts (I've removed closed ports):
Interesting ports on 66-11-227-124.managemyvps.com (66.11.227.124): PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 53/tcp open domain 80/tcp open http 110/tcp open pop3 111/tcp open rpcbind 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 143/tcp open imap 443/tcp open https 445/tcp filtered microsoft-ds 993/tcp open imaps 995/tcp open pop3s 3306/tcp open mysql Interesting ports on listserver.dreamhost.com (66.33.216.120): PORT STATE SERVICE 21/tcp open ftp 22/tcp open ssh 25/tcp open smtp 80/tcp open http 111/tcp filtered rpcbind 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 587/tcp open submission Interesting ports on sub4.mail.dreamhost.com (208.97.132.231): PORT STATE SERVICE 25/tcp open smtp 110/tcp open pop3 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 143/tcp open imap 445/tcp filtered microsoft-ds 587/tcp open submission 993/tcp open imaps 995/tcp open pop3s Interesting ports on webmail.dreamhost.com (208.97.187.139): PORT STATE SERVICE 80/tcp open http 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 443/tcp open https 445/tcp filtered microsoft-ds Interesting ports on apache2-linus.tobias.dreamhost.com (69.163.251.47): PORT STATE SERVICE 1337/tcp filtered waste
AFAIK filtered ports are as good as closed, I think the only difference is whether packets are dropped or rejected.
Remember, the domains Fierce found are only exposed using a wordlist; they aren't comprehensive. I'd be interested to see what Darren wants to show us on the subject of zone transfers...
-
Consider the implications if the authorities publicly admitted that they had the ability to crack strong encryption?
At the present time it's purely a question of computational power. The cops can set a whole farm of computers working on cracking an encryption key, but even if they get lucky and find it, they won't have "solved" any real problem - they'd have to start right back at square 1 following the exact same algorithms to crack another key.
Hypothetically speaking, if the cops were to crack the key in the case of this article they would have to handle the situation very gingerly, as I'm sure the public would expect them to be able to crack the keys of every defiant criminal from then on.
I've not done my homework on the subject but apparently quantum computing may bring encryption-cracking into the realm of feasibility, the implications of which I can only imagine (HTTPS anyone? )
-
"Police say they are still trying to crack the password."
..Of course they have to say that, but seriously - with realistic estimates of how much police resources would be allocated to cracking a 50 character passphrase, does the kid have much to worry about?
Hak5 Darknet?
in Hak5
Posted · Edited by luke
Think he's seen your post and un-secured it again!