bobbyb1980

There's been a lot of funny stuff happening with DNS lately...

I had a similar problem. You can run a dhcp exhaust attack against the router if you don't have admin axx, otherwise you could just change the DNS server to your own, just a basic bind9 install nothing fancy. I wrote a script that monitored the DNS queries, and if it received a query for a few certain places affiliated w/downloading movies, from a certain IP on the LAN, it would send that person (who was warned several times) a few deauth packets. Naturally they keep trying, but after a few hours they'll get the point.

The power of regular expressions is that they can specify patterns, not just fixed characters. Here are the most basic patterns which match single chars: a, X, 9, < -- ordinary characters just match themselves exactly. The meta-characters which do not match themselves because they have special meanings are: . ^ $ * + ? { [ ] \ | ( ) (details below) . (a period) -- matches any single character except newline '\n' \w -- (lowercase w) matches a "word" character: a letter or digit or underbar [a-zA-Z0-9_]. Note that although "word" is the mnemonic for this, it only matches a single word char, not a whole word. \W (upper case W) matches any non-word character. \b -- boundary between word and non-word \s -- (lowercase s) matches a single whitespace character -- space, newline, return, tab, form [ \n\r\t\f]. \S (upper case S) matches any non-whitespace character. \t, \n, \r -- tab, newline, return \d -- decimal digit [0-9] (some older regex utilities do not support but \d, but they all support \w and \s) ^ = start, $ = end -- match the start or end of the string \ -- inhibit the "specialness" of a character. So, for example, use \. to match a period or \\ to match a slash. If you are unsure if a character has special meaning, such as '@', you can put a slash in front of it, \@, to make sure it is treated just as a character.

I'd steer clear of ESET products, I've gotten several n00b payloads past NOD32.

Whatever OS you use, be sure to use antivirus. Linux/OSX without antivirus or other active counter measures is still very vulnerable.

PIneapple firmware isn't that difficult to make, even if it is closed source it shouldn't be hard to build an imitation from scratch and do whatever it is you want to do with it from there.

I wouldn't let domain.com's feelings interfere in a creative solution : ) Besides, the prolly won't notice. If they did, they'd just change it back. Beats FTP'ing and it's not anything malicious.

Maybe you can host a vulnerable PHP or web app, then use MSF to exploit it to get a shell. Once you have the shell, you can change the owner of the folder so you can upload via http.

Thanks for clearing that up Sitwon. I have been studying C++ and yes it will turn a normally rational/calm peson into a ticking timebomb : P I started studying C also per your recomendation and find that it's pretty close to C++, a lot of times I'll read tutorials and it will be hard to tell the difference in the code. I am using it for security stuff as you know, can you recommend any concepts that I should learn that would assist in this field? I can definately see python being created for simplicity. I was writing a file parser the other day in C++ and the EXACT same thing took MUCH less code and MUCH less time in python. On the contrary though, python is pretty slow at parsing files compared to C++. So in retrospect l33t ninja, I think you should start with C/C++ first. It's going to give you a base that will serve you well throughout the rest of your career as a programmer. Not to mention after learning C/C++ interpreted languages won't be difficult to learn and you'll have a huge leg up. Regarding resources, I've found the best way to learn programming is to find a task you want to do and do it. If you get stuck come post here. Spend more time creating programs than reading how to create them. There are some basics you'll need to learn like arrays and functions and classes, but past that the only way to really learn it is to create programs and smile when they work : )

I personally found the SET credential harvesting pages to be quite buggy. If you're trying to harvest credentials, I reccomend using the PHP method. The same method they use on the pineapple, but instead of httpd, use apache2 and instead of a pineapple use a server. You can read all about it in the pineapple tutorials.

I think this would be done via one of the windows message box api calls. This is fairly straightforward in python. Read about smtplib.

Sounds like a satellite option might be better for you. tons of people offering somewhat reasonably priced broadband sat connections in afghan and much of the region. check this out, http://www.caworldwifi.com/wl2410gm-1-watt-outdoor-wifi-transmitter.html, was able to provide a signal ~750 meters in an urban area w/a 17dbi directional atenna.

Might not be a good idea to talk to your family on an unknown AP. U dont want them knowing who u r back home.

There's tons of viri out there that delete it's traces or will uninstall itself if it detects a debugger running. Why does that have to come from a government? I'm new in the game, but from what I've read that's an old trick. The wiki article says it infected 1000 machines. I bet there are people on this board who have pwned more boxes than that with a single method. Kaspersky does make one of the better antiviruses, but after seeing their interviews and meeting one of them face to face I lost a lot of respect. They're like Russian cheerleaders for viri.

I believe the attack you're trying uses multiple handlers for different payloads and they'd each be running on different ports. Your config file should explain it.

I think the younger you would be learning C++ the better. I wish I learned it at your age. It really depends what you want to do. For web design, python and PHP will probably be more than enough. But for security you're going to need C/C++ and I say that for several reasons. First reason being that in security you're dealing with Windows environments by large, and python isn't native to Windows. So when it comes time to develop your own payload for a client you're running a pentest on, python isn't going to help you much there unless you want to socially engineer someone to install python, then go to the dos prompt and type "python payload.py" (don't think that would work well in the wild). Anti virus evasion plays a huge part of pentesting and to my knowledge (I could very well be wrong) C/C++ is the only "default" way to fight the antivirus. Remember that not everyone has Java installed either. Secondly, there are some concepts in C++ that don't exist in python (honestly I don't know if they don't exist, but if they do the interpreter automatically handles them so you don't have to worry about them) like pointers, memory addresses, referencing and dereferencing. When you start doing work in the debugger like finding your own exploits or reverse engineering software, you're going to HAVE to at least have a working knowledge of these concepts as they exist and are quite common in assembly language also. Python is a great language, but I think learning C++ first will be much more beneficial to you. Besides, if you know C++ it won't take you very long to learn python after.

Or you could do it the tough way and start with C/C++ and then learn others after. If you start with a high level language like C++, languages like python or PHP will come quite easily. In fact it might be better to do it this way. Personally speaking, the stuff I use python for, most if not all of it is C/C++ based anyways, curl, regex, popen, etc. I'm no expert, but big picture wise, I'd say start with C++. Since you're on the hak5 forums, I assume you're interested in security, and I think C++ is probably going to be the most beneficial to a career in security.

Sir, Have you tried any other programs like hydra?

Oh ok I didn't see that, thanks for clearing that up digi.

How can the OP use chntpw or ophcrack or any of the aforemetioned tools to get the hash from a router?

For some reason when I use service to stop apache2 it doesn't work, I always have to do /etc/init.d/apache2 stop. You might also want to tell us if in your set_config your using apache or the default python web server.

Good thing Usenet isn't peer to peer : )

http://www.noob.us/humor/the-website-is-down-sales-guy-vs-tech-support/

John Gotti used to say that too.

Don't waste your breath digip, he's into some shady business deals or something, had a small convo with him in PM. Dude, what you're asking for here is akin to someone going out and selling drugs, making a bunch of enemies, and then going to Brink's to ask for private security. No one is going to want to deal with you, and those that do are probably trying to take advantage of you.