Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

  • Days Won


Everything posted by bobbyb1980

  1. Just a wild guess here, but maybe the reason somewhere like China has so many talented "hackers" is because they have an excellent education system who's students nearly always rank #1 in the world regardless of the subject, not because they send their kids to some weird cyber defense summer camp.
  2. Well obviously she needs to reply to close this deal. Not everyday do you get a shot at Fifty Million Five Hundred Thousand United States Dollars (US$50,500,000.00). Hah, jk. What exactly is your question - how did it get around the spam filter? I think we'd need to know the original email addresses and copies of the MIME header to be able to provide an accurate answer.
  3. As mentioned, many dos attacks come from forged packets, making it difficult to go on the offense against them. DoS also, IMO, isn't really that big of a threat, just a headache. It just becomes a pain if you're a public site with a lot of traffic and you can't simply white list client IP's or change your server IP on the go and have to stay public, on one IP, and devote a lot of server resources to blacklisting every IP perceived as a threat. I think you should give it a go. You'll never know how it will actually work until you try it.
  4. - AP isolation at the router. - A local/network script or antivirus to monitor arp-tables running on your os - Browser's can check for SSL - IPS could have various LAN defences, making sure is indeed itself, etc etc
  5. In infosec a lot of times your work will speak louder than any degree, in this respect it's pretty different than other traditional fields. Things like papers, past projects, tools you've written, etc. Some security positions at big corporations will require degrees, but many pentesting firms will have a test that applicants need to pass, and if you pass that test you're in, degree or not. IMO self learning, inside or outside a classroom, is the only way. Infosec pros need to be critical thinkers, something that can't be taught in a classroom.
  6. Linux is just the kernel. Each distribution will have it's own rules.
  7. You could probably have a 3rd party script run that would rewrite the install script and have your rewritten code run instead of the install script, but I wouldn't call that an exploit. Exploits are generally when an application crashes and you use the crash to gain control of one or more of the registers to get it to jump to your own instructions. Reversing is when you try to figure out what exactly a program is doing and how it's doing it. Reverse engineering and exploit development are different fields, but reversing would be the best place to start. For reversing, the most famous tutorials are Lena's. Random's are also very good too. http://tuts4you.com/download.php?list.17 www.thelegendofrandom.com For exploit writing, Corelan's are the best. www.corelan.be
  8. I used to use it for language ID, but instead of ID'ing a language with trigrams I'd use the trigrams to find unique characteristics like metaphors and whatnot inside of texts to confirm that it's English (because even when the trigrams are used for only language ID they still give false positives, like locating English inside of a text of another Germanic language). I could see someone using that method though to use regex in python to compare posts on forums.hak5.org and forums.backtrack.com to find who has similar writing patterns.
  9. Right, and the python implementation in my 2nd link does exactly that, or "comparing characteristic footprints of various registers or authors". I understand that he's trying to compare authors and not ID languages. However, when I have tried using a different algorithm to do that (but fundamentally the same method as bwall's method since the basis of both methods is matching strings), it didn't work very well. IMO, to accurately do this you need to compare speech patterns, and not just word patterns (trigrams should be used, but as a supplementary method, not primary). Look at my paragraphs, vs. your paragraphs. How would you tell the difference between the two based solely on character matches? We both use proper punctuation, spelling, and grammar. We both use similar vocabulary. How could a *program* see the difference? Of course we're both going to use "ing" and "ion" in certain frequencies, as will everyone who writes in English, which is why, for me at least, character matches showed many false positives. You need to compare whether the authors both use common figures of speech (oxymorons, hyperboles, similes, etc etc), or whether the authors commonly use pronouns with or without certain verbs (this method is used to ID slang), or comparison of the instance of pronouns each author uses (a program can see if someone talks about themselves a lot if they use "I" often). You can also programatically compare instances of adjectives, so you can know if a certain author is descriptive. There are many many many examples like this, unfortunately just not open sourced ones.
  10. Could be wrong, but I think the trigrams were originally designed by google (but abandoned after they stopped maintaining the translator), I heard that somewhere. All a "trigram" is, is a massive list of three character strings like "ing", "and" or "ion" that were originally used to identify what language a text is written in. People sometimes use them to try to ID the author of a language also, but in my limited experience I've found that using trigrams (or matching character strings) to ID an author is inaccurate and shows a lot of false positives. The first link describes this concept in detail, and the second two show some python implementations based on trigrams. http://www.cavar.me/damir/LID/ http://pypi.python.org/pypi/guess-language http://code.activestate.com/recipes/326576-language-detection-using-character-trigrams/
  11. I have experimented with this idea. I didn't run your script but it looks like it resembles the google trigrams method of handwriting/language identification, or comparing it to a predefined set of strings. In English, I found this method to be very prone to false positives, just because two texts use a lot of words with '-ing' or '-ly' or even a particular word/vocabulary doesn't mean they have the same author. The average English speaker uses about 17K base words, which IMO isn't enough words to rely only on this method when you're talking about matching possibly billions of words and tens of thousands of authors. For mine, I had to add more variables to increase chances of true positives, for example, if the author uses "like/as" in the same line as "a/to", they're probably doing a simile, or if the author uses word patterns like "word1....word2....word2....word1" it is probably a metaphor. Then you can say, ok, text 1 and text 2 both have not only similar trigrams, but both authors use hyperboles and similes, then you can have an extra "layer" to wean out false positives based solely on string matches. There are tons of figure of speech patterns like this that a script can recognize.
  12. It'd be hard to secure cookies. Even if it could encrypt the cookie and decrypt it at run time, then the attacker would look for the encryption key or info leading to the encryption key instead. Was that a custom protocol? Be interesting to hear how it was done in java (assuming it's in java since I saw the ide in your video).
  13. I'm still learning Java, but I agree with digi. First you should enumerate the contents of the directory, then pick and choose what to copy after that. I found a lot of code to do this on the internet. http://www.javabeat.net/2007/08/recursively-traversing-files-and-folders-using-java-file-api/
  14. In whatever exploit your using, typing '' as RHOST/LHOST will run it on all interfaces. Enter the IP of your wireless adaptor to have it run only on that interface.
  15. Don't understand what exactly you're saying (airodump-ng mon0 will listen to all AP's), but if you think you have a wifi warrior on your grounds, go physically search for them, they can't be far.
  16. In python it's very simple. libcurl is a very powerful open source library for many protocols. import pycurl import time g = pycurl.Curl () # starts instance g.setopt ( g.url, 'www.google.com' ) # pass url as argument type g.perform () # send request to http server Alternatively, instead of visiting one URL, you could go to multiple ones. # The following is psuedo code and unconfirmed, but something like the following should work for multiple urls import time, pycurl g = pycurl.Curl () # start instance of curl class url_list = [ 'www.google.com', 'www.yahoo.com', 'www.hotmail.com' ] # put the urls you want to visit into this list for x in url_list: # Define number of iterations g.setopt( g.url, url_list[ x ] ) # takes item from url_list and puts it as argument to setopt function g.perform () # sends get request to http server time.sleep(.5) # Wait before entering the next iteration (iteration is fancy talk for loop) If you're doing this to generate fake traffic, I don't think it will work. I don't know much about websites, but I imagine there would be server side scripts running to verify that requests are coming from a browser (or other legit ways and not automated programs). For fake traffic I think a rogue DNS server is the preferred method, yet very illegal, as people pay money for traffic. C/C++ or a low level language is the way to go for this though, python is slow and you'll notice that. As a project, you could download Dev C++ (free and small) and copy and paste the code from here (http://curl.haxx.se/...rl/c/https.html) and compile it (only after linking the necessary library files to the linker). Take the same principal of python's list (which is what allowed in the previous script for multiple urls), and apply it to C++ by putting your multiple url's in either a vector, (possibly) array, and pass them as arguments into the libcurl functions (you could probably pass it in as a normal string too). This will run 50x faster than python. I am by far from a C++ expert, but this way could possibly work. But only if you want it to : ) libcurl is also probably one of the best documented libraries IMO, as such an excellent place to start. A side note, when you have questions, we'd be more than happy to help here, but there will be questions we can't answer, in which case stackoverflow.com is your friend.
  17. Comodo, I gave you the link to support my statement that web app's are more commonly worked, and available at your prices but from people with strong reputations. Alternatively, you could expand this service. Like "find a stack overflow in this C++ app" or "tell me what this mysterious .exe is doing" or "unpack this .exe, rebuild it's IAT", etc etc. However, there are already well known people who do this for free in a lot of different forums, but they don't offer nice write ups, which is where maybe your friends could fill in the gaps. If they have the talent. As hackforfun mentioned, the way in which you do payments will probably make/break the service. People aren't going to pay the new guy up front, and something (besides your word) should be given so the client knows your worth your salt.
  18. "Everything Else" doesn't include your anti American sentiment (for which many past threads have been closed). On a related note, instead of having a captcha before registration, can we replace that with an IQ test?
  19. 1. Since it looks like this service is mainly targeting web vulnerabilities, I think it might start slow as even now there are a lot of people doing SQL injection, RFI, XSS, and PHP based based stuff at (arguably) affordable prices. On exploit-db there are various PHP vulns being put out daily pretty much. 2. I agree with you 100% here. It is very difficult to find information about the vast majority of topics in infosec, but especially difficult to find info about reverse engineering, exploit development (referring to low level stuff, stack/buffer overflows, SEH vulns, etc), and assembly code development. There seem to be only a few big names of people/groups who truly understand what they're doing, and many others that are really not in positions to be teaching this and pollute the field with bad/misleading information, and obviously only doing it for profit. I'd really only be willing to pay for courses taught by people with years of real world experience and not just a lot of university degrees. I do look forward to seeing the free info on the 10th though.
  20. Instead of complaining on the internet, you should get a job in law enforcement to see to it that rights aren't abused if that's how you feel. We don't live in a perfect world, but we'd live in a much better world if everyone approached problems like this. And PS dude, this is a forum about hacking and related topics. Given the motives of many posters on forums today, I think your sudden entry here is questionable at a minimum, but that aside, keep your posts about hacking and security. This isn't a place to express your political opinions.
  21. Not everywhere is a peaceful upper/middle class suburb and in some places laws like this can mean the difference between police ruling the streets or a 15 year old drug dealer with a rifle calling the shots.
  22. Obviously this is for pentesting purposes, but there are people trained to detect stuff like that, I'd be careful where I pentest at with that.
  23. If you have a strong command of the msf api, it can speed up certain things, but it won't make/break you. It's also pretty simple to edit their scripts to your liking, but as a rule of thumb try to create your own code in your language of choice, then if need be you can port it to metasploit. The "old fashioned" way as you say, is really the only way to do it.
  • Create New...