pseudobreed

You have to create a session. The easiest way is to pop open windows explorer, throw the remote IP in the address bar and when the windows logon, logon with the remote admins credentials. The long way is using net session. Im not on a network so I dont remember what it is off hand. Pull up net session /? in console and go from there. Trial and error never hurt anyone.

In short, this all depends on how the network is setup. Is there a firewall, are you in the DMZ, is there a network admin who has any idea of what he is doing? For example, where I work, this would not be possible. The domain would not give you an IP as the MAC's dont add up. But if you wanted to spoof your MAC you are still blocked at the Firewall/Server before ever getting to the modem. Port traffic tends to get flagged then emailed to the administrator. So, depends on your network.

From command line: sc.exe <ip|computer name> <start|stop> <service> Example: sc 127.0.0.1 stop sharedaccess This will stop Windows Firewall on your machine. Replace 127.0.0.1 with the remote IP.

It has exploded into that. That's why Im glad the GUI/Framework has not come out to the public. Sometimes full disclosure can be a bad thing. I wonder if skiddies are just downloading Amish's payload, inserting said USB drive and saying they hacked the gibson.

Word.

One legit use: On a network where the use has to have local admin rights to run an application. The domain admin has locked the computer down heavily as a result of this and will not allow registry edits, runas to run, etc. Domain admin inserts U3 drive. Upon autorun it disables these locks and any type of packet filtering that gets flagged. Domain admin can now do what he needs to do without restrictions. Or worring about the user catching him type in the administrator password. On a side note, Im working on a way that it will lock the workstation back down based on the gpo when I remove the drive. For now, I have to execute a batch script to turn the locks back on. Another legit use: I mainly work off USB drives as I have no idea where Im going to be. When I insert the U3 drive with a hotkey pressed, it auto loads my enviroment I use on an everyday basis (TrueCrypt, Thunderbird, Firefox, VNC, etc). And lastly: Im trying a poc to give out U3 drives to users as a way to logon to various roaming profiled machines. I have a lot of kinks to work out, but nothing sets me off more to see passwords written or typed out in clear view or stickies! If anyone knows of a way I can get rfid readers to logon them in, please speak up. And it has to be reasonable... Im talking about a bunch of people.

Straight From the Horses Mouth

Are you keeping this data in a sql format? If so, do you plan on releasing the source to hak5rtables?

This really only applies if you notice "TCP/IP has reached the security limit imposed on the number of concurrent TCP connect attempts" under System in the Event viewer. Unless you are hitting that, you are fine. A nice patch - Use at your own risk, and backup your TCPIP.SYS

Has this ever brought about some really bad side effects? I played around with the priority level a couple times and each time it was never pretty. I would adore something where I can set a default processor priority on apps on a server platform. Im sick of servers spending more time filtering pop3 spam than actually allowing smb traffic.

Turn on View System and Hidden Files in the Explorer > Tools > Folder Options > View

Bah, someone had a BestBuy Geek Squad one. Working with OS/2 systems has all day has made me extremelly frustrated and tired. Im not sure, take it back. I have the 2g mini and it works fine. =/

Yeah, that was my fault. I assumed you had the Memorex drive not the BestBuy one. Honestly, if you have had it less than 30 days, I would take it back. That's the problem when smaller developers buy source but have no resources to manage the product they bought. Good ol' capitalism.

You could change the "Are you 13 years of age or older" segment in phpBB to show the swf which would only let you go further in the registration process until you watched it all.

All about the Google Seach Bar

I just ran into this:

I thought that was a Windows 98 thing. In order to get that to work on XP is to have the desktop viewing a webpage. It's very rare to see a user have that setup, actually I can not think of one person who uses it. Unless you know something I dont. *Edit - Got it to work but you have to view the folder and my AV had a fit with the folder.htt file.

I have no experience with Relakks, however, here are some articles you may want to reconsider: Geek to Live: Set up a personal, home SSH server HOW TO: setup full Internet access over Hamachi More Hamachi How To's My only complaint with Hamachi is how slow the traffic is.

@LavaHot LPInstaller does not work with Memorex. It's only for Sandisk Cruzer drives. Use Tyrone D's method for fixing the Memorex drive. (As previously mentioned)

@Jay LPInstaller only works on SanDisk Cruzer Drives. Use Tyrone D's Method for Memorex. @Nakaori Content of ultravnc.reg, change password to what you please. Windows Registry Editor Version 5.00 [HKEY_LOCAL_MACHINESOFTWAREORL] [HKEY_LOCAL_MACHINESOFTWAREORLWinVNC3] "DisableTrayIcon"=dword:00000001 "DebugMode"=dword:00000000 "DebugLevel"=dword:00000000 "AllowLoopback"=dword:00000000 "LoopbackOnly"=dword:00000000 "MSLogonRequired"=dword:00000000 "NewMSLogon"=dword:00000000 "UseDSMPlugin"=dword:00000000 "ConnectPriority"=dword:00000000 "DSMPlugin"=hex:00,4a,53,80,02,00,00,00,08,00,00,00,00,00,00,00,a5,4c,00,00,0a, 00,00,00,1d,4d,00,00,b0,fa,3f,84,a5,4c,00,00,10,e1,3f,84,a4,4c,00,00,a8,d3, 5a,c0,00,00,00,00,a8,d3,5a,c0,00,00,00,00,38,00,00,00,23,00,00,00,23,00,00, 00,ce,2b,de,77,44,ff,ac,00,88,2b,9b,00,00,00,4e,77,98,ad,15,00,15,c1,44,00, 00,00,00,00,29,06,81,7c,1b,00,00,00,00,02,00,00,fc,ff,bc,00,23,00,00,00,b6, 39,5c,80,50,1b,6a,b4,a0,23,9b,00,00,00,00,00,00,00,00,00,00,00,00,00,00,1b, 6a,b4,a0,ac,3c,84,07,00,00,00,c0,15,f6,83,07,00,00,00,c0,15,f6,83,78,13,f6, 83,bc,15,f6,83,78,13,f6,83,bc,15,f6,83,78,13,f6,83,00,a8,3c,84,78,13,f6,83, bc,15,f6,83,78,13,f6,83,30,a8,3c,84,00,13,f6,83,60,13,f6,83,7c,1c,6a,b4,2a, 57,5c,80,00,00,00,00,e0,06,6d,80,20,07,6d,80,55,ea,6f,00,00,00,00,00,00,00, 00,00,01,00,00,00,ff,0f,1f,00 [HKEY_LOCAL_MACHINESOFTWAREORLWinVNC3Default] "=AllowShutdown"=dword:00000000 "FileTransferEnabled"=dword:00000001 "FTUserImpersonation"=dword:00000001 "BlankMonitorEnabled"=dword:00000000 "CaptureAlphaBlending"=dword:00000000 "BlackAlphaBlending"=dword:00000000 "DefaultScale"=dword:00000001 "UseDSMPlugin"=dword:00000000 "DSMPlugin"=hex:00,4a,53,80,02,00,00,00,08,00,00,00,00,00,00,00,a5,4c,00,00,0a, 00,00,00,1d,4d,00,00,b0,fa,3f,84,a5,4c,00,00,10,e1,3f,84,a4,4c,00,00,a8,d3, 5a,c0,00,00,00,00,a8,d3,5a,c0,00,00,00,00,38,00,00,00,23,00,00,00,23,00,00, 00,ce,2b,de,77,44,ff,ac,00,88,2b,9b,00,00,00,4e,77,98,ad,15,00,15,c1,44,00, 00,00,00,00,29,06,81,7c,1b,00,00,00,00,02,00,00,fc,ff,bc,00,23,00,00,00,b6, 39,5c,80,50,1b,6a,b4,a0,23,9b,00,00,00,00,00,00,00,00,00,00,00,00,00,00,1b, 6a,b4,a0,ac,3c,84,07,00,00,00,c0,15,f6,83,07,00,00,00,c0,15,f6,83,78,13,f6, 83,bc,15,f6,83,78,13,f6,83,bc,15,f6,83,78,13,f6,83,00,a8,3c,84,78,13,f6,83, bc,15,f6,83,78,13,f6,83,30,a8,3c,84,00,13,f6,83,60,13,f6,83,7c,1c,6a,b4,2a, 57,5c,80,00,00,00,00,e0,06,6d,80,20,07,6d,80,55,ea,6f,00,00,00,00,00,00,00, 00,00,01,00,00,00,ff,0f,1f,00 "SocketConnect"=dword:00000001 "HTTPConnect"=dword:00000000 "XDMCPConnect"=dword:00000000 "AutoPortSelect"=dword:00000001 "InputsEnabled"=dword:00000001 "LocalInputsDisabled"=dword:00000000 "IdleTimeout"=dword:00000000 "QuerySetting"=dword:00000002 "QueryTimeout"=dword:0000000a "QueryAccept"=dword:00000000 "LockSetting"=dword:00000000 "RemoveWallpaper"=dword:00000000 "Password"=hex:db,d8,3c,fd,72,7a,14,58 "AllowShutdown"=dword:00000000 "AllowProperties"=dword:00000001 "AllowEditClients"=dword:00000001

Copy and paste the code into a .vbs file in the directory of your playlist. Dim oFolder Dim oFile Dim iCount Dim Random ReDim szaFiles(0) Set wshShell = CreateObject("WScript.Shell") Set FSO = CreateObject("Scripting.FileSystemObject") Set oFolder = FSO.GetFolder(".") For Each oFile In oFolder.Files iCount = UBound(szaFiles) + 1 ReDim Preserve szaFiles(iCount) szaFiles(iCount) = oFile.Path Next Randomize Random = Int((iCount) * Rnd + 1) wshShell.Run chr(34) &amp; szaFiles(Random) &amp; chr(34) Then just have your remote call the .vbs file.

There is a way to do this. However, if you are looking for the other usb drive to function the same way a u3 device, it will not. Once Im done with a couple other projects, Im going to test just how & where you can dump data for storage. I want to wait until the next release of Hak5 before I go into details. I think what you are wanting to do is what Darren has been working on.

TrustNoExe Does this rather well. I never try and reinvent the wheel unless I know I can do better, and so far I see no reason to develope preventive measures further beyond TrustNoExe and DeviceLock. On a side project, Im trying to figure out how to get around the OS knowing it's a drive. In short, Im playing with drivers, root kits and gpo's. If I can figure that out, then Im going to have to write something to fix it.

Im md5 all the way, only considering it's widely used in *cough*php forums*cough*.

These are endpoint tools. You just need the respective file first. In this case, you would have to grab access files, pcanywhere clients and ws_ftp ini files. Then crack them using the above tools. No need putting them on the drive itself. *pcAnyPass.exe does not work the most recent pcAnywhere client (12).