vdub
-
Posts
107 -
Joined
-
Last visited
-
Days Won
3
Posts posted by vdub
-
-
My favorite still has to be the "Now pretend you are going to take a bite into your delicious hard drive sandwich" Part, haha!
LMAO, what kind of sandwich is it?
-
Personally I run Linux so I don't have to worry about that. My VM's are Windows but my host's are all Linux machines.
Like I have said before, all Windows is good for is Netflix. lol
-
I had a customer today that was shocked to find out that when she closes Internet Explorer she is still connected to the internet.
She thought that when she closes her browser the internet turns off or something.
Working in IT support you get this kind of stuff on a daily basis. Eventually you don't even realize how funny it is. You just expect it.
-
Well, on my box, I think my hardware helps with that performance issue. I think for Virtualbox, if your host machine is on the lower end of the scale, that can always hinder performance, but I've got a 6core CPU with 16GB of ram and a 64bit OS host, so all of my VM's run smooth. I can run 64bit Windows Vista, 7, and 8, and Aero works in all of them as well. Not sure if VirtualBox uses GPU acceleration these days, I haven't messed with it in like a year or so, but VMware now has GPU acceleration, and I've even went as far as installing Doom, Warsow and Unreal 99 in virtual machines, just to check their game performance. Little bit slow, but still playable, which was hugely surprising. Right now I am running an ATI 5770, but when I get the money will upgrade it.
Virtualbox does support 3D hardware but its still experimental. I have a 4Ghz Quad core with 8Gb of ram and my VM is Windows XP with 2Gb and dual core and I was able to play the Back to the Future games with it. I rarely use them for gaming. I think VM's still have a ways to go before real gaming will be possible. Back to the Future is a very low resource game and I had a few problems making it run right. However, once I had it working it ran great.
I don't see a VM playing Modern Warfare 3 any time soon. I think the problem is that in order to use hardware 3D acceleration the VM can only interface with hardware though API's and without specific support by hardware manufacturers its going to be hard to make it perfect. We can't even get Nvidia to help with good Linux drivers I don't see them wasting time with VM's any time soon. I think it all comes down to horse power. If you though enough pony's at it then anything will work.
I do almost all of my gaming on the Xbox. I have two of them, one on the shop and one in the living room, and the nice thing about those is that I know any game I buy will work perfectly and I don't have to mess with it. I honestly abandoned PC gaming years ago because I got sick of upgrading my video card every time a new game came out. Today the only reason I want a 9 series Nvidia card is for Cuda.
-
http://prezi.com/waiqewbhgh5q/hackers-in-the-media-sxsw/ Good presentation too.
Very well done presentation.
-
Don't use Backtrack to run virtual machines for starters. Its highly customized for pentesting, and some kernel flags are lef tout by default, so its probably not an issue or yoru machines hardware capabilities, but dependencies and kernel modes not enabled. Also, f virtual box. I know its free, but I've never had much luck or stability with it on any system. I use VMware on WIndows 7 and all of the VM's I have ever created fork flawlessely except Windows 8, which I had to get an update from VMware for to balanced the new BIOS requirements to boot Windows 8, and after that worked fine. If you don't want to buy vmware, vmware player is free, and can also be used to make new machines with a little canoodling. There is also Proxmox, but from the complaints I see with getting it to run anything, it seems to be more a pain in the ass than vbox.
The only real use I have for virtualbox is an XP VM that I use to watch Netflix but for the most part I have never had any serious problems with virtualbox. Its a great platform and I have set up many Linux VM's for customers that are virus prone. The only issue I think I have had is lack of performance. A slow system is not a great system to use as a host anyway.
-
You can also setup DD-WRT to disconnect her between certain hours.
I thought about doing that but I would rather her just follow the rules. If I put limits in place she will not learn anything.
I have already gave her Kindle fire back to her and she knows that next time it happens her fire becomes mine. And she knows I will keep it. I kind of want a tablet. All I have right now is my galaxy note and a 7" screen would be nice.
-
IMHO, drop the proxy and read up on ettercap.
Will do, thanks for the tip.
I honestly have abandoned the entire experiment until I have more time to devote to it. I played with it for about a week and did some really cool stuff but the ssl really put the brakes on it. many sites are starting to use ssl. Like Google for instance is running everything though ssl now.
Basically what I am doing is trying to get the android app "network spoofer" working in native Linux. So far I have it working great and have written quite a few scripts that go way beyond what the Android app does. My favorite one uses archive.org to make every site the user visits the way it looked in 2000. Its funny as hell but ssl has really been messing up the fun. That's why I want to make ssl strip work along side squid.
Its just one of those time wasters that I think would be fun to play with but another problem I am having is the scripts are almost to much for my netbook to handle. Like the time machine scrip crashes after a few minutes and arpspoof stops working. Once I get some important work caught up I will devote some more time to it and actually write a paper on what I am doing. What would be really cool is if this could be used with a pineapple to really cause some trouble. I still need to purchase myself a pineapple but right now I cant justify the cost. Maybe once I start working on this project again I will have a reason to get one.
-
I think without even reading it "Hackers Are Not Criminals" is just that. They are not criminals. Criminals, are criminals. Just like a guy with a hunting license and a gun, is not a murderer or serial killer, until he does just that. Tesla, Edison, Einstein, Babbage, Wozniac, Da Vinci, and I can't even think of the hundreds or thousands of others, were all tinkerers, inventors and hackers in their own right. We wouldn't have anything technologically advanced today, if people didn't experiment or think outside the box on how to make somethign do something other than what it was intended for, or invent it in the first place.
I could not have said it better. History is full of hackers. Hackers are not just computer geeks, but rather the term hacker can be used to describe anyone that does not except the limits put in front of them.
I think my main purpose of writing this was to point people to a paper rather then trying to explain my stance every time the subject came up.
Honestly the criminal stereotype has its benefits. It lays a cloak of mystery behind what we love to do.
-
I don't know what I was thinking. I usually NEVER run any service on their default ports at all. I did change the port. I'll disable root logins as well, though I'm not to sure how to block China, Russia, etc. When I was running an FTP years ago and had this same issue, I believe it was coming from China.
@ digip,
I'll look into that. I assume it's linux based only? That's fine though I've wanted to setup a honey pot for some time to play with.
Thanks guys for all the info!
Here's a way to do it with iptables.
http://www.cyberciti.biz/faq/block-entier-country-using-iptables/
-
The problem I had the other day was with XP. In Windows 7 you can migrate to a system process from a limited account but it won't give you sys privs like in XP.
I tried running that .bat, but in Windows 7 SP1 you can't run files as admin without an admin password. A shell pops up but nothing happens. That script works for you in Win 7 SP1 to go from a limited user acct to admin/system?
Can you pull the hash's and just crack the admin account?
-
ok, it turns out that properly installed. I insalled two instances on using the .run and another using Synaptic. After removing both instances and installing the ubuntu version of BT 64 using gdebi it worked. However, now the problem is the internal VT-x/AMD-V modules. Vbox apparently cannot load 64bit operating systems, even though its a quad core intel running a 64bit version of BT5. I feel Im making progress at a snails pace. any suggestions?
I don't think Virtualbox supports 64bit. I always run 32bit operating systems in vitualbox so I have never tried.
I am almost positive I read somewhere recently that Virtualbox will not load 64bit.
Why not just load a 32 bit OS. Is there a specific reason you want to vitalize a 64 bit environment.
-
You do have kernel_dev installed right?
-
Will the kernel module compile?
-
Rather than serving replicas of websites, would it be possible to serve up actual sites by acting as a proxy for DNS servers?
Yeah why not. You could use a foreword. However, you would have to spoof the address bar.
I use a script that forewords Google to Google gravity. However, its obvious when you look at the address bar.
-
Blocking China, Russia, and the Middle Eastern countries stops a lot of this crap too.
I do that on my website.
Since I run a local computer repair buisness I don't care if people from other country’s can see my site. Its stopped all of the SEO spam emails though my contact page. Also almost completely stopped all hack attempts. I use the country ban module for Drupal. It works well. It gives a php error to IP addresses in the country’s you select. As far as they know your sites just messed up.
-
I have a dilemma. I am playing around with arp poisoning with squid to flip images and other senseless stuff. The problem is it does not work on ssl sites.
I want to run all the arp poisoned traffic though sslstrip first and then though squid before its returned to the victims browser. I currently have all port 80 traffic redirected to port 3128 for squid. However I can't seam to figure out how to send all traffic though sslstrip first. I was reading a little about chaining proxy’s but kind of got lost.
Or maybe I am completely off base and this will not work.
Any ideas?
-
Wow, this works absolutely perfectly!!! 10/10!! Love it!
Can somebody show me how to set up SSLstrip with this? Would you have to redirect the traffic through your phone, and then use SSLStrip as a separate application somehow? I'm fairly new to this, but have a little experience with linux networking.
Using shark, I don't think you would get SSL packets like you would with SSLstrip.
The program is nothing but scrips that run on a Debian image. There is no reason why sslstrip wouldn't work. The modified version for a Linux PC uses sslstrip. You would have to compile and install sslstrip on the Debian image and then modify the scripts to use it.
-
I assume you have changed the external port from the SSH standard of 22 to something high and random. If you are using 22 you will get the world of bots cherry knocking, I find it amazing how simply changing the port now and again reduces this to virtually nothing.
This was going to be my suggestion.
Simply changing the port helps a lot. I keep port 22 on the system but block 22 at the router and foreword another port to 22 the system I ssh to.
Also like others have said, disable root logins. There is no reason to have root use ssh. its to easy to just su once you are logged in.
-
Figured it out.
In the squid.conf change umask to 022 should give you 644, by default its 027 making the permissions 600. This is why I was getting the 403's.
-
I am following this how to.
http://tech-ape.com/wp-content/uploads/2012/06/NSReverseEngineering-WordPress.html
The problem it was written for Ubuntu and I cant get the permissions right.
In this section
groupadd -g 3003 aid_inet # this works
usermod -aG aid_inet proxy # usermod does not have -a option and I have no proxy group ????
#Make an images directory for storage
mkdir -p /var/www/images # this works think god, lol.
chown proxy:proxy /var/www/images # I have no user or group named proxy
usermod -aG proxy www-data # agian no user proxy and no -a option in usermod
usermod -aG www-data proxy # " " " " " " " " " " " " " " " " " " " " " " " "
I have no proxy user. I am at a loss as to how to make this work. I have the arp poisoning working but all the images just give 403 - Forbidden errors. All the images in the www directory are owned by squid and I can't even view them on the machine. If I chmod the files I can view them and can see that they have been flipped.
Any help would be greatly appreciated. This would work perfect if I could just give the files in the images directory 777 permissions. However squid will not allow me to tell it what permissions I want to use. However, the files are downloaded with wget so I am not sure where the owner is coming from.
-
Hilarious! You could also set up a pineapple to rick roll her after bed time!
telot
I have the network spoofer Android app for that.
You should use the policy rules in DD-WRT to just disallow network access at X hours.
You may even be able to have that apply to only one MAC address
This is what I plan to do. However, I am hoping she learns from experience that dad knows all. The bad part is some day she will be better then me.
-
Maybe a feature request or just a cool idea. Wouldn’t aireplay-ng be great on this for deauthing.
Could help out in a quarantined attack.
-
Dude this is brilliant.
I’m glad I have spare battery, I'm going to need them.
Works great on my Galaxy Note.
Plastic Laptops
in Everything Else
Posted
I have had very few incedences where plastic has been a problem. I have worked on hundreds of laptops and I can only think of one or two that have had problems related to broken plastic.