Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Profile Information

  • Gender

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

bobbyb1980's Achievements


Newbie (1/14)

  1. Just a wild guess here, but maybe the reason somewhere like China has so many talented "hackers" is because they have an excellent education system who's students nearly always rank #1 in the world regardless of the subject, not because they send their kids to some weird cyber defense summer camp.
  2. Well obviously she needs to reply to close this deal. Not everyday do you get a shot at Fifty Million Five Hundred Thousand United States Dollars (US$50,500,000.00). Hah, jk. What exactly is your question - how did it get around the spam filter? I think we'd need to know the original email addresses and copies of the MIME header to be able to provide an accurate answer.
  3. As mentioned, many dos attacks come from forged packets, making it difficult to go on the offense against them. DoS also, IMO, isn't really that big of a threat, just a headache. It just becomes a pain if you're a public site with a lot of traffic and you can't simply white list client IP's or change your server IP on the go and have to stay public, on one IP, and devote a lot of server resources to blacklisting every IP perceived as a threat. I think you should give it a go. You'll never know how it will actually work until you try it.
  4. - AP isolation at the router. - A local/network script or antivirus to monitor arp-tables running on your os - Browser's can check for SSL - IPS could have various LAN defences, making sure is indeed itself, etc etc
  5. In infosec a lot of times your work will speak louder than any degree, in this respect it's pretty different than other traditional fields. Things like papers, past projects, tools you've written, etc. Some security positions at big corporations will require degrees, but many pentesting firms will have a test that applicants need to pass, and if you pass that test you're in, degree or not. IMO self learning, inside or outside a classroom, is the only way. Infosec pros need to be critical thinkers, something that can't be taught in a classroom.
  6. Linux is just the kernel. Each distribution will have it's own rules.
  7. You could probably have a 3rd party script run that would rewrite the install script and have your rewritten code run instead of the install script, but I wouldn't call that an exploit. Exploits are generally when an application crashes and you use the crash to gain control of one or more of the registers to get it to jump to your own instructions. Reversing is when you try to figure out what exactly a program is doing and how it's doing it. Reverse engineering and exploit development are different fields, but reversing would be the best place to start. For reversing, the most famous tutorials are Lena's. Random's are also very good too. http://tuts4you.com/download.php?list.17 www.thelegendofrandom.com For exploit writing, Corelan's are the best. www.corelan.be
  8. I used to use it for language ID, but instead of ID'ing a language with trigrams I'd use the trigrams to find unique characteristics like metaphors and whatnot inside of texts to confirm that it's English (because even when the trigrams are used for only language ID they still give false positives, like locating English inside of a text of another Germanic language). I could see someone using that method though to use regex in python to compare posts on forums.hak5.org and forums.backtrack.com to find who has similar writing patterns.
  9. Right, and the python implementation in my 2nd link does exactly that, or "comparing characteristic footprints of various registers or authors". I understand that he's trying to compare authors and not ID languages. However, when I have tried using a different algorithm to do that (but fundamentally the same method as bwall's method since the basis of both methods is matching strings), it didn't work very well. IMO, to accurately do this you need to compare speech patterns, and not just word patterns (trigrams should be used, but as a supplementary method, not primary). Look at my paragraphs, vs. your paragraphs. How would you tell the difference between the two based solely on character matches? We both use proper punctuation, spelling, and grammar. We both use similar vocabulary. How could a *program* see the difference? Of course we're both going to use "ing" and "ion" in certain frequencies, as will everyone who writes in English, which is why, for me at least, character matches showed many false positives. You need to compare whether the authors both use common figures of speech (oxymorons, hyperboles, similes, etc etc), or whether the authors commonly use pronouns with or without certain verbs (this method is used to ID slang), or comparison of the instance of pronouns each author uses (a program can see if someone talks about themselves a lot if they use "I" often). You can also programatically compare instances of adjectives, so you can know if a certain author is descriptive. There are many many many examples like this, unfortunately just not open sourced ones.
  10. Could be wrong, but I think the trigrams were originally designed by google (but abandoned after they stopped maintaining the translator), I heard that somewhere. All a "trigram" is, is a massive list of three character strings like "ing", "and" or "ion" that were originally used to identify what language a text is written in. People sometimes use them to try to ID the author of a language also, but in my limited experience I've found that using trigrams (or matching character strings) to ID an author is inaccurate and shows a lot of false positives. The first link describes this concept in detail, and the second two show some python implementations based on trigrams. http://www.cavar.me/damir/LID/ http://pypi.python.org/pypi/guess-language http://code.activestate.com/recipes/326576-language-detection-using-character-trigrams/
  11. I have experimented with this idea. I didn't run your script but it looks like it resembles the google trigrams method of handwriting/language identification, or comparing it to a predefined set of strings. In English, I found this method to be very prone to false positives, just because two texts use a lot of words with '-ing' or '-ly' or even a particular word/vocabulary doesn't mean they have the same author. The average English speaker uses about 17K base words, which IMO isn't enough words to rely only on this method when you're talking about matching possibly billions of words and tens of thousands of authors. For mine, I had to add more variables to increase chances of true positives, for example, if the author uses "like/as" in the same line as "a/to", they're probably doing a simile, or if the author uses word patterns like "word1....word2....word2....word1" it is probably a metaphor. Then you can say, ok, text 1 and text 2 both have not only similar trigrams, but both authors use hyperboles and similes, then you can have an extra "layer" to wean out false positives based solely on string matches. There are tons of figure of speech patterns like this that a script can recognize.
  12. It'd be hard to secure cookies. Even if it could encrypt the cookie and decrypt it at run time, then the attacker would look for the encryption key or info leading to the encryption key instead. Was that a custom protocol? Be interesting to hear how it was done in java (assuming it's in java since I saw the ide in your video).
  13. I'm still learning Java, but I agree with digi. First you should enumerate the contents of the directory, then pick and choose what to copy after that. I found a lot of code to do this on the internet. http://www.javabeat.net/2007/08/recursively-traversing-files-and-folders-using-java-file-api/
  14. In whatever exploit your using, typing '' as RHOST/LHOST will run it on all interfaces. Enter the IP of your wireless adaptor to have it run only on that interface.
  • Create New...