Andrei0427
-
Posts
41 -
Joined
-
Last visited
Posts posted by Andrei0427
-
-
sslStrip on a usb drive?
Edit:
Just realised what the addon does.. my bad
-
Yes, it would need to be in monitor mode and obviously must be on the same channel, if all else fails, try
airreplay-ng -1 999 -a APBSSID mon0
and add a "-A" arguement to reaver, basically this just tells airreplay to do the associations, it might happen on some routers.
-
Hahahahahahahaha!!! That's awesome!
Though if the link goes any deeper than the .com or whatever it won't work. If I browse to www.mp3car.com/vbulletin/ it fails with "No such file or directory"
Dont quote me on this but in the DNS filtering file try add */* meaning any subdomain of any site. I didnt actually try it but it makes enough to sense to work
-
Dont forget R2 has been released :D
-
Indeed, Im slowly working my way to at least know half of what those guys do.. they obviously spent a lot of time to gain their knowledge.. one day...
I decided to stick to the networking course by the way and will learn a language in my free time, I already started Python.. I plan to learn C in the future for sure!
Definitely keeping what everyone said as a reference! Thanks for the insight :)
-
Well Ill deffo keep practising Java, I have covered the main parts at school, so if you need any help or references just ask ;)
-
I too am very interested in this. Mind sharing what resources you've found on the matter Andrei?
I've been working for the last 3-4 months on a business model somewhat like a employee-owned pen testing company. Each employee would have a share of the company and receive the percentage of profit per stock owned for every project they are involved with. I'm anticipating a team of 10-12, with 2-3 of that in administration (marketing, accts payable/receivable). Does anyone know of a pen testing company that operates this way?
telot
I will once I get on my laptop, I have all the history saved there. There although there isn't much to it to be honest.. just a few google searches is all.
Plus Im learning Python as a secondary language to Java, I feel its more portable and it can be compiled written on my little N900 :), I found C to be too advanced for what Im looking to learn <Memory Management> Im not too sure yet to learn it after I feel comfortable with Python. I see quite a few programming spots open for C programmers.
-
With that I agree, but networking shares the same importantance if not more.. right?
-
I was doing a little research on the most sought after jobs in IT, and to my dismay I see that the pen tester gets just above half of what a programmer gets. I truly love the this field in IT and was wondering if I should keep learning on security or focus more on programming. I love both subjects but I have found to be happier when dealing with security.
Plus I'm reaching the point of making a decision I wont regret for a BSC in computer science, specializing in either Web Application Development or Networking. I was wondering if anyone would like to give some advice on what the best choice I can make.
Thanks for an feedback :)
-
Ive read a couple of posts about phishing on this forum and made a mediocre facebook page that redirects the user to the real FB login page. Although this helps capture passwords, if the victim is aware of this, he can easily browse the root of the webpage and look at all the captured passwords <kind of whaling>. Is there anyway to secure them? Also, I was wondering if anyone managed to successfully pass on the credentials to facebook and log in the victim so it will be completely transparent?
Ideas taken from bobbyb1980's thread: Bobbyb1980's Thread
And Darren : Darren's Post
Below is my code, I know it sucks but this is the first time I ever coded PHP, I just looked up some tutorials..
Cheers for reading
N.B: Use
chmod o+w /var/www/
so PHP can make and write the files. Figured that out the hard way ;)
-
I recently watched the old episode where mubix demonstrated DNS tunneling <I think> where he had access to DNS and managed to gain internet access.
This made me think, a few days ago, I tried connecting to my provider's 3G through my n900 and realised I had ran out of credit in my account, thus prohibiting me from accessing the internet. So I pulled up a terminal and tried to ping google. It returned it's IP. Is this possible to apply what mubix did to gain free 3G?
NB I know Im sounding cheap and trying to hunt free internet but this isn't the case, I just want to know if it's possible to apply what he did in this scenario.
Thanks for your input :)
-
All that refresh spam paid off, and finally ordered the pineapple, cant wait to receive it and play with it. Good job to all involved, really is a sick release
-
No email yet either. Off to increase my check email interval!
This was the first thing I did xD.. still waiting for the normal email to get through.. hopefully it will be soon
-
Have the emails to the mk3 owners been sent out?
-
Try using mdk3's 'd' argument, it works similarly with whitelist and blacklist functionality
Recommendations: Portable Handheld Linux Device?
in Everything Else
Posted
I own an N900 and yes it supports most of the tools such as Ettercap, DSniff, Aircrack-ng, SET, Metasploit, Can be a rogue AP, mdk3 and sslstrip. Im in love with it.. its possible to run BackTrack on it through localvnc. I tried it but did really play with it. It also has support for other misc. tools such as Scapy, GrimWEPA, nmap, wireshark,kismet and TCP dump.
A suggestion from it is to flash it to the pwnphone image;
Pwnphone Manual
Pwnphone Homepage
Image
Installation Insturctions
PS. No one will ever notice you with it, I managed to grab some facebook credentials from my school network using this phone :)