Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Everything posted by nemo_nihil

  1. I like this one for demos. It works pretty seamlessly and doesn't get flagged by AV. Also it is not malicious (if you looked for it you could find it) however I suppose you could make it masquerade as a legit plugin https://github.com/S489/gumshoe
  2. Let me start by explaining the goal. I am at my university and I would like to reverse ssh to connect to certain services remotely. I have an EC2 instance that is acting as my server. On to the problem. When I ssh to my server like this: ssh -R 9091:localhost:9091 [username]@[serverip] and at the same time configure firefox and do this: ssh -D 8080 [username]@[serverip] I can connect to the service running on localhost:9091. However when I point my web browser to [serverip]:9091. If someone could explain what I am doing wrong that would be wonderful.
  3. amazon ec2 has a free tier for their services, I use them for other things but i am sure a VPN would be easy to set up there.
  4. I have a MKII (that hast the MKIII firmware on it but that is beside the point) and I broke the battery pack... I am no good with hardware problems so I have no idea which end goes where, any help would be appreciated. https://dl.dropbox.com/u/12870612/2012-08-04%2014.04.13.jpg
  5. what about with a MKIII? I have both and My concern is locking myself out of the flash capability.
  6. I am concerned with locking myself out as Sebkinne mentioned. is there a way that I can "safely" do this?
  7. irongeek has a good guide on how to get it running on the Raspberry Pi. If you can get all the dependencies onto the device I don't see why it wouldn't work. Check it out over here http://www.irongeek.com/i.php?page=security/raspberry-pi-i2p-svartkast
  8. I have been following irongeek's guide located here: http://www.irongeek.com/i.php?page=security/svartkast-pogoplug-dropbox and I am stuck at the remote access part. I have successfully installed i2p and I can access a few of the eepsites I have setup, however I am stumped on how to get remote access working. I supposedly should be able to ssh and point it at my localhost which will forward to the base32 address of my blackthrow. Any help on how to proxy my ssh connection over the i2p network would be great.
  9. I cracked up so hard when I saw this! Terrific idea Darren, keep up the good work.
  10. I have heard a lot about how "Cell phones are unsafe" and it is possible to turn on the mic/camera to listen in. I was wondering if there is any open source version of this sort of program. There are a lot of spy things you can buy to "catch a cheating spouse" (not interested) and I have been playing with Georgia Weidman's botnet (http://www.grmn00bs.com/SMSbotPoC-complete.c and http://georgiaweidman.com/wordpress/more-android-sms-bot-stuff/). While this is both fun and useful I have had a tough time sifting through all the crapware out there to find anything that has some of the more "fun" functions that we all worry about.
  11. I have seen a lot of articles on how to exploit a machine through some sort of java applet or exe embedded into another file type that calles back to the attacker and then run post exploit modules such as persistence.rb from there. The problem that I have with these exploits is that I need to have a listener and/or a machine hosting the exploit running somewhere else. Is it possible to have a standalone backdoor that can be interacted with at a more convenient time? (note this is with physical access unattended computer, etc)?
  12. nemo_nihil

    Cheap Vps

    Just thought I would throw in my 2 cents. I use Amazon EC2 now and then if I want to try something offsite. as long as you stay under 750 hours (and a few other easy requirements) it is free to use. Just something to think about depending on what your needs are. There are ubuntu and backtrack instances that are prebuilt and ready to go.
  13. when I tried to put the interface up it failed (that was why I thought that wireless was not buit into TRK) but I should have tried my card first, regardless I ended up just removing the drive and putting it into my dock and running several virus scans from there as well as TRK through a VM. Thanks for all the help.
  14. you need credentials for the wireless, but for the wired you need to have some sort of cisco client software (i don't mess with wired) it is a laptop so that is an option but as far as wireless i didn't think trinity supported that natively.
  15. I am trying to remove some viruses from a friends computer. He opened an email and had like 87 pop up on his computer. It is blocking me form opening up clam av and any other exe type of file I try to open so I booted into trinity on my Katana USB. It found some viruses, but the definitions were out of date so i assume that is why it didn't find all of them. Regardless i burned CD of it and now i am trying to share internet from my Mac (sharing internet sharing then from easyteather to ethernet) to the computer. We are at college and they do not allow unauthorized connections (otherwise i would just plug him in to the wall). I have tried to share internet from my phone tether but it is not recognizing a connection "neither dns nor proxy paramaters found ...". Any help getting this connected to the internet OR virus removal would be appreciated.
  16. Get bigger/better rainbow tables/wordlists the links that have provided already should give you a good starting point
  17. you are lucky you have one. the AP51 seems to be a hard item to find lately.
  18. Darren talks about this in episode 911 (http://hak5.org/episodes/episode-911). There is a good breakdown on the site (http://hak5.org/hack/pineapple-phishing), but the basics of the hack is that he had a fake paywall if you went to any place other than facebook or twitter. Then the fake websites (file save page as "web page complete") are stored in /www on the pineapple and you modify it to store the username and password locally. The tutorial gives detailed information on how to do this but what I think you are asking is "how does this work" basically it works by editing the variables in the webpage to store it rather than send it.
  19. ok option one: turn off anti virus boot into backtrack on a separate machine on the network start Social Engineering Tool kit set up browser based attack (numbers 1, 1, 2, 1, 1, 2, 2, 16, then just follow the instructions) login into guest account and navigate to the ip of your browser attack wait for exploit to run getsystem hashdump then take the hash to an online hashcracker OR check out this http://project-rainbowcrack.com/tutorial.htm option two download from http://unetbootin.sourceforge.net/ select disk image select USB drive select drive letter click "ok" then boot into USB and from there i assume you know what you are doing if you need help on a specific step i hang out in the IRC just pm me and i will do my best
  20. my suggestion is to just reset that password. while you could crack it it will probably take a long time. you could burn i to a live usb (http://unetbootin.sourceforge.net/) but i would suggest stealing the password hash and then running it on a more powerful machine maybe amazon cloud?
  21. Can you give any more info than that? Have you tried the reset from the web interface yet?
  22. if I were you I would probably start off with some reading these are a few books/resources I found helpful: BackTrack 5 Wireless Penetration Testing Beginner's Guide by Vivek Ramachandran (creator of securitytube.net) also check out his WLAN Security Megaprimer course DVD (free download) and the Metasploit Megaprimer (also free to view) metasploit the penetration tester's guide brought to you by Dave Kennedy (ReL1K), Devon Kearns (dookie), Jim O’Gorman (_Elwood_), and Mati Aharoni (muts) http://www.offensive-security.com/metasploit-unleashed/Metasploit_Unleashed_Information_Security_Training (by the guys at OffSec) http://www.social-engineer.org/framework/Social_Engineering_Framework http://www.social-engineer.org/se-resources/ (same site this one is just videos though) Viveck does a good job of explaining what is going on for most of these attacks (don't just ignore those parts that is what will help you really learn to hack) so i would read his book watch his dvd and poke around his site as much as possible. The other resources focus mostly on how to use the tools which is great, but that really won't make you a great hacker
  • Create New...