Jump to content

operat0r_001

Active Members
  • Content Count

    327
  • Joined

  • Last visited

  • Days Won

    1

About operat0r_001

  • Rank
    Hak5 Pirate

Recent Profile Visitors

16,466 profile views
  1. w00t the old alert was triggering on ANY 8152 (realtek) Device ... these added modload triggers will minimize false positives tested with only windows 10 q=modload:rassstp.sys modload:rtux64w10.sys (regmod:enum\usb\vid_0bda&pid_8152) added modload:rassstp.sys to confirmed use of LAN turtle to reduce false positives
  2. likly a false positive ... https://websec.ca/kb/sql_injection I like to start with fuzzdb's https://raw.githubusercontent.com/ethicalhack3r/fuzzdb/master/attack-payloads/all-attacks/interesting-metacharacters.txt with ZAP and burp as a proxy for ZAP ;P
  3. UPDATE: looks like as far as USB everything else is dynamic... I used USBDeview.exe from sysinternals to sort out the bits. I plan to look at what drivers it uses with process monitor and go from there. The issue there is it may be different from win 7 to 10 or builds of windows etc...
  4. I wanted to ask around before I create my own for the LAN Turtle but the current OIC we have is for ANY realtek device with PID 8152. Basically looking for out of the box file paths or if anybody has a Process monitor log or created OIC's for it before. I also wanted to know if there any different revs I am missing (the one I got was in a little envelope lily about 1-3 yers old. So I can add IOC's for them. (regmod:enum\usb\vid_0bda&pid_8152)
  5. From what I can tell there is no 'easy' way to set file associations in windows. It has always been a pain because you have system level associations and user level associations for EVERY USER on the system... anyway lets stop Windows Media Player for GOOD. Sick of Windows Media Player always popping up when you click any media? Maybe you have more than one login or app that constantly tries to take over your file associations? Use this script to set them right! Run as administrator to reset Windows Media Player extensions it hijacks: http://rmccurdy.com/scripts/ ftype_wipe.exe These incl
  6. So ya duh .. updated to kill firefox first before it does anything as if flash is in use you can't delete it .. the ping 123.123.123.123 is lazy way to do a sleep or timer back in my day :) so I still use it today
  7. Here we go again! Updated Flash or Firefox at some point it broke blocking ads. What I found is that YouTube was forcing HTML5 and not flash. Plugin to fix HTML5 on YouTube: https://addons.mozilla.org/en-us/firefox/addon/youtube-flash-player/ Grease Monkey script to block YouTube ads and Annotations (YousableTubeFix): http://userscripts-mirror.org/scripts/show/13333 My FU-LASH update script (Portable Firefox users) : http://rmccurdy.com/scripts/ FU-LASH.EXE Post on blocking ADS and Annotations on YouTube for ANDROID: https://www.linkedin.com/pulse/block-ads-android-youtube-tubemate-ad
  8. Well ya but I just decompile/recomple the apk so it shoudl just RUN ... IE I did nothing to the APK just recompiled it ..how do I include whats missing in VTS before I compile ... also why is this all missing I guess because it only decomiles what it uses or something ?
  9. operat0r_001

    NZB 360

    * I can't get it to open just decompile/recompiling the APK * http://nzb360.com/apk/nzb360.apk * I set it to 4.0 and 4.0.3 get the same errors .. ( based on targetSdkVersion and sdkVersion ) see : developer.android.com/reference/android/os/Build.VERSION_CODES.html * all I like to try is replace url accountstatus.php in \sabconnect\helpers\NZB360LicenseAPI to something else for POC testing * may need more then just URL patch.. I would assume .. lots of stuff the APK around license etc .. Here is a dump of the APK info: aapt dump badging c:\delete\nzb360.apk package: name='c
  10. Kills all unknown processes to quickly free up memory! tested XP/Win7 * you need admin * exclates to SYSTEM * runs psexec to dump a list processes not in the whitelist * kills all the task that are not in the whitelist http://rmccurdy.com/scripts/quickkill.exe c: cd C:\quickkill wmic process list brief | gawk "{print "PsExec" $2}"| egrep -vi "(conhost\.exe|explorer\.exe|winlogon|Name|System|UI0Detect|WMIC|svchost|lsass|lsm|spoolsv|cmd|smss|csrss|wininit|services\.exe|wdm|cmgshieldsvc|emsservice|emservice)" > out.txt FOR /F "delims==" %%A IN ('type out.txt') DO cax /killall %%A s
  11. root@ubuntu:/usr/share/rssdler042/config# cat config.txt [global] downloadDir = /usr/share/rssdler042/config/ workingDir = /usr/share/rssdler042/config log = 5 logFile = /usr/share/rssdler042/config/downloads.log verbose = 5 cookieFile = /usr/share/rssdler042/config/cookies.txt cookieType = MozillaCookieJar scanMins = 10 sleepTime = 2 runOnce = True urllib = True [somesite] link = http://showrss.karmorra.info/rss.php?user_id=126337&hd=1&proper=1&namespaces=true regExTrue = \d[^\d]+\d regExFalse = (nrg|ccd) download1 = . download1True = False Ex
  12. So looking for nzb indexer ? email freeload101@REMOVETHISPARTyahoo.com I only have 2 active users including myself :)
×
×
  • Create New...