Jump to content
Hak5 Forums


Active Members
  • Content count

  • Joined

  • Last visited

  • Days Won



About cooper

  • Rank
    Re-born-again Hak5er
  • Birthday 09/11/1976

Profile Information

  • Gender
  • Location
    Veenendaal, The Netherlands
  • Interests
    Pretty much anything with an electicity plug.

Recent Profile Visitors

27,475 profile views
  1. Since you're currently completely in the dark either find *any* SBC to see how close you get to where you want. Once you know the performance you need you can assess which board would be (more) sufficient for this task. For ease of development I would start with a Pi. (Arduino would be better-suited for ease of low-level development, but if you're worried about performance the Pi is a more potent device).
  2. Is it still possible to host malware via web

    The words you're looking for are XSS and CSRF. It's a seemingly eternal problem that's not going anywhere. Also, check out how ad platforms are being leveraged as a delivery vector for malware. That stuff gets embedded into the website and is hosted elsewhere.
  3. Im new so hi

    Sorry about skylu being a bit of a dick. Most people here tend to be a bit more willing to help. The problem with your question is that "getting into hacking" is a very broad thing. It's like saying "I want to become a surgeon", but that can be anything from a vet to a brain surgeon. So maybe you could elaborate a bit on what, specifically you want to do? Something that might be able to get you started is this very lengthy thread in our security section. It's mostly about how hacking programs, coming to grips with the underlying technology and working out why things act the way they do, but there's a couple of outliers there. Just browse through that, see if there's anything that tickles your fancy and go from there. One thing I will say is that questions, while very welcome, tend to get a better response when you show that you've already done some of the basic work in researching the subject (google, wikipedia...) yourself and your questions is about something somewhat specific.
  4. My Python IRC Bot PikeBot

    I'm puzzled why you have 2 separate but almost equal IRC classes.
  5. Hacker EDC? defcon EDC? every day carry?

    I'm going to slightly hijack this thread, sorry. What's the maximum acceptable weight (by which I mean the bag and its contents combined) for an EDC? As you see here, people generally say bag X can carry everything I put in, but once you cross, say, 10 pounds your EDC becomes a millstone to drag around as opposed to the nimble toolbox people often claim it to be. Also, with a given weight you need a certain quality bag for it to last a while. This is why any good quality bag tends to have a significant price tag. My regular laptop is too huge (and, at 6 pounds, *WAY* too heavy) to get involved in any EDC discussion. My Chromebook interestingly enough tends to be too small for most bags. These days I rely on a mostly cheap shoulder bag I got for being a HitB crew member. It's great because by the time the thing would become too heavy to hang over your shoulder, it's just full. I can fit my Chromebook, an A4-sized writing pad, some pens, MP3 player and 2 books. The things I do are such that all my kit goes into a trolley case (Pelican 1510 - it's *great*!). If my Chromebook won't cut it, I'll bring my beast of a laptop in its backpack which means I try as much as I can to limit everything else since it weighs me down so much.

    The other option is to use the monitor port. Just plug in a coax cable, run it up to your home and attach it to a CCTV monitor. That monitor can be the gameboy the guy had, but it can just as easily be a standard monitor. I'm sure ebay or craigslist or whatever has a few on offer for a normal price. I suspect the coax cable can be a longer run than the VGA one but in either case you need a more-than-low-grade cable to bridge the gap. I have plenty of experience with recording problems resulting from using shoddy coax. Shielding really is key.

    http://www.instructables.com/id/Make-your-own-VGA-cord-of-CAT5-cable/ You can go up to 250ft away from the source with this if the resolution is low-ish (like, 1280x1024 or 1024x768). Cat6 cable is a bit more rigid and better shielded, so you might get more distance with that.
  8. Cruch Usage

    I made a script to output a sequence. The lines with ' echo "$CURRENT" produce the output so that can be trivially adapted to become "usr${CURRENT}pass${CURRENT}" on a sequence going from 1 to 99.
  9. Best Password Manager?

    Unless your 'devices' include a phone, I'd say have a look at qtpass. It's a Qt front-end over the 'pass' program, which uses gpg for encryption and git for syncing (optional - you can just put the files on a usb stick or whatever). It uses the pinentry command for receiving your passphrase, which can be made to (also) do 2FA with, say, a YubiKey. All open source, all free.
  10. I'm a newbie

    As it happens, we've got a stickied topic on this very forum to answer that exact question.
  11. Has my street been hacked

    Very interesting reading. It does imply that the lock being out of whack had exactly nothing to do with the attack since everything that was happening did so according to protocol. The suggested mitigations seems valid too: Keep the key in a metal container when at home, or if you choose to leave it out in the open (on a table or something) verify that clicking the unlock button on the fob at that distance doesn't actually open the car. Main thing though, which you thankfully did right: Don't keep important/expensive shit in your car overnight.
  12. Password Manager Keyfob

    Yubikey is the 2FA device, not a keystore. All you can feign is that you can't find the damned thing, which is quite implausible... Kinda like claiming to not know the passwords. Unless this frenemy is a child this excuse would last about 5 seconds. You're putting a lot of time, money and effort into allowing a girl to be dumb. It's a lot more efficient to tell her to not be dumb.
  13. Has my street been hacked

    You have 2 keys, right? Both are fobs and both should Just Work (tm), no matter what had happened to the car before. If the key and the car really did go out of sync it means that you're re-synced one key but not yet the other. I'm quite sure the key syncs to the car and not the other way around so if it really is a case of the two of them being out of sync the spare key should STILL be out of sync. Try that. My guess is that whatever had happened put the car's lock system out of whack and it just wanted to verify that a valid key was present, i.e. inside the car. So bring the car to the dealer and let them run some diagnostics. This stuff should pop up and indicate in some way what happened when and with a bit of luck even how. While you're there, give the dealer an ear full about how such a modern car can be opened this trivially, and what THEY are going to do to prevent this from happening in the future.
  14. Password Manager Keyfob

    You're busy solving the wrong problem. What you want is the PC to have multiple user accounts - one for her to get serious on, one for the frenemies who can go mental on the thing. At the end of a day, just wipe the frenemy account and make a new one.