Jump to content

Life like Opossum

Active Members
  • Posts

    78
  • Joined

  • Last visited

Everything posted by Life like Opossum

  1. I am looking to find a way to ensure that I do not directly know the IP addresses of any customers. My initial thought for this is to assign addresses through DHCP (as is currently done) taking the IP addresses, salting and hashing them then applying that hash to to the records. Obviously this would not work for statically assigned addresses. I am fully aware that this is no way making my customers anonymous. My main goal is to simply ensure that no customer IP addresses are directly known, thus we cannot be compelled to release a customer's address. Also, we would not have any kind of historical record as to which customer had which address in the past (aside from the salted and hashed address within the records). Is this a feasible option? Are there any programs/protocols currently available to do this?
  2. WOW This is rediculous. So it turns out in C:/xampp/htdocs/dvwa there is a .htaccess file. In this .htaccess file you will find: # Limit access to localhost <Limit GET POST PUT> order deny,allow deny from all allow from 127.0.0.1 </Limit> I think I just found the problem... Thanks for your help digip! It turns out the issue was so simple it went under the radar. Boy do I feel stupid for not checking for that sooner. Thanksa gain digip! I really appreciate all the effort you put in to help me out! I owe ya :)
  3. Well Saving the file as .htaccess was the easy part. I changed the save type to "All Types" and it let me save as .htaccess with no issues. I can see exactly what you are saying I should see within the apache conf file. <Directory "C:/xampp/htdocs"> Options Indexes FollowSymLinks Includes ExecCGI Options All Indexes IndexOptions FancyIndexing AllowOverride All Require all granted (having the lines in .htaccess didn't seem to change anyhting (server root is C:/xampp/apache (default)), the override line was present by default) I still cannot see the DVWA folder within my apache web server. I have verified the file is in the correct location of the folder and i know it works because i can view the file from the apache web server but only from the XP machine. There is a line in the conf file that I am wondeirng about, I will tinker with it and see if it helps. <Files ".ht*"> Require all denied (does this need to be granted?) </Files> Still abffled by this... I just can't figure it out :/ Edit: tried changing the Require all denied line to Require all granted. This changed nothing. I should also add that I can verify that the Fancy indexing is working within apache as when I add the lines the .conf file layout of my apache web server changes slightly. As stated earlier tho, a .htaccess file in the root directory for the server does not yeild any effect. Also, I found this in the .conf file. # Note that "MultiViews" must be named *explicitly* --- "Options All" # doesn't give it to you. Does this mean I need to specificaly name the dvwa folder in order for it to show?
  4. Ya I opened a ticket with the site admins and they pretty much ignored what I was trying to tell them. I've done all I can, the rest is up them...
  5. Great thank you! I'll give this a try once I have some time. Thanks again for the help!
  6. So tried to access the Apache server via the XP machine and I can see the DVWA folder present when I do this. Going to 127.0.0.1 shows the dvwa folder. I am stumped as to why it is not showing up in my BT5 R3 VM. I have windows firewall disabled on the Xp machine, this doesn't see to be helping.
  7. http://store.apple.com/ca/browse/home/shop_mac/family/macbook_pro http://www.amazon.com/Republic-Gamers-G75VW-AS71-17-3-Inch-Gaming/dp/B007MW73C2/ref=sr_1_3?s=pc&ie=UTF8&qid=1360558740&sr=1-3 5 minutees of google and I found this comparison. If you still want to buy a Mac for image reasons, that is your choice, but you would be spending over $1200 extra for this image. It is costing you $300 plus tax just to upgrade the CPU to 2.7Ghz ($250) and the HDD to a 750GB 7200rpm ($50). The ram is still half that of the ROG, screen is smalled and discrete GPU is worse. I'm not trying to tell you what to buy, but please do some research before you purchase your mac. I do not want you to over-spend on a mac for "image", when in reality you could have a fully functional PC (with better specs) for half the price. If you do decide to buy yourself a mac I just ask that you look at your alternatives. No matter what it comes down to, the skills of the individual doing the pen test, editing the video, music or photo will always show over their choice of hardware. Well, best of luck to you Skorpinok; I hope you can find yourself your perfect laptop.
  8. Yes I have and I recieve an error. Whe nI eneter this as a URL I recieve the error: Access forbidden! You don't have permission to access the requested object. It is either read-protected or not readable by the server. If you think this is a server error, please contact the webmaster. Error 403
  9. I see you have your flame suit on, I am not trying to flame but I do wish to parlay with you over this statement of "They have the best hardware." My question for you is what are you comparing it to? I know my brother has a very similar mentality to your statement in that he feels macs hardware is the best because he hasn’t replaced his MacBook in over 3 years where as he replaced his other laptops every year or two. Truth be told, he is comparing a $1900 MacBook pro to his previous laptops, those being cheap Toshiba, HP and ACER laptops. Before his MacBook purchase he had never owned a laptop worth more than $400. When comparing hardware of a MacBook to other laptop manufacturers you must compare on a level playing field. For example, it is NOT a level field to compare say, the Microsoft surface to an IPad; the Surface is more comparable to a MacBook AIR. When comparing something like the hardware of a $1K+ MacBook, it would be then reasonable to compare it with the hardware of a $700+ non-apple product. I don't know how apple gets away with charging the prices that they do. For ages people have complained that Microsoft charges "too much" for Windows, when apple is basically charging an extra 30% or more on all of their products. This is a rather extreme example, but it is very true. After I made my desktop I looked into what it would have cost me to get it in a mac. At the time, the cost for all the components of my computer was just over $3000. When I looked into what it would cost me to have gotten it in a custom Mac... It was absurd. Apple wanted $9500... For the same equipment that cost me 3x LESS. I full hearted feel that there needs to be an "Apple", there has to be a company to oppose Microsoft. I however cannot tell people to go buy a product that I know is overpriced. If you truly want a MacBook I would suggest finding yourself a good non-apple laptop priced lower than what you would have bought the mac for, then just go and buy OSX and install it on your laptop, if you so wish. You will save a pile of money and in the end you will end up with the same hardware for a whole lot less.
  10. If you want a desktop I highly recommend building your own. You will save money and be much happier with the hardware you chose. Laptops can be a tricky place because there are tons of factors. You need to decide exactly what you want out of your machine and work from there. Integrated graphics or a dedicated chip? How new do you want the processor? Do you want SSD or HDD storage? Go through a system piece by piece and develop what you feel would be your ideal system and from there begin looking for what types of laptops are available. Generally speaking steer clear of your generic brands like HP, ACER and Toshiba. While at times they can make good products, more often than not they only produce junk. I highly recommend ASUS laptops, I thoroughly enjoy mine, but I will warn you. Their tech support is pretty awful. I called them once to ask if I could purchase a driver install CD/DVD for my laptop as I wiped it and needed to reinstall the LAN drivers to get online. The woman on the line kept trying to get me to spend $100+ dollars to have some tech do it for me over the net... I don't think she understood why I wanted the disk, lol. Furthermore she proceeded to tell me that it isn't a good idea to download the drivers from their website because there could be "very bad viruses that could destroy my hard drive". So the jist of my story is this, good hardware, terrible service, never call them.
  11. The default port is 80, I just double checked the conf file for apache. I have The apache server and mysql server running (i included screenshots in the link), I also went to http://192.168.17.130, which is the ip of the XP machine. You can see in the SS the information listed form the apache web server w/ php version, ip adress and port number. From what I can tell everything is set up correctly and according to the DVWA setup guide I should eb up and running. Theissue i seem to be ahving is that I cannot see DVWA in the web server, even tho i have it in the corect directory. Thank you for the advise, I'll continue to look into this and see if I cna egt it working. I will also look into getting a VM that already contains XAMPP and DVWA. Perhaps I am missing soemthing, but I can't figure out what I am doing wrong. Thanks again for the info.
  12. So I have been looking to start getting into hacking and rfecently I decided that now is the time and I decided to try and start with DVWA. I installed Windows XP into a VM as well as BT5 (this is R2, I have recently updated). I installed XAMPP on my XP machine, extracted DVQA into the htdocs directory, started the apache an SQL servers, discovered my ip and entered it into my backtrack web browser. I cna see the apache web server but I am unable to see DVWA as i shoud. Instead, I am only able to see thumbs.db. Is anyone familiar with DVWA that can help me out? I greatly appreciate all help :) Here is a link to a post I made on the DVWA code.google page. I included screenshots in the post. http://code.google.com/p/dvwa/issues/detail?id=22
  13. It truly does scare me that the U.S. is resorting to these types of tactics and I genuinely am afraidn of them spreading to Canada. I would say "move to Canada, problem solved!" but trhthfully, who knows how long it will be untill these types of policies are adopted here in Canada? I honestly hope never, but it is impossible to know for sure.
  14. Hahaha great Digip! My inner Star Wars nerd was just came out. Greatest thing I've read all day. Bravo!
  15. I can't wait to see more! CES? Meh. Macworld? Crap. Kali Linux? Yes Fucking Please!!!!! Feed me more!
  16. I was browsing my online learning site for my school and i received an ODBC error message. On this message I could view the current working versions of both Microsoft .NET and ASP. NET. Is this an issue that I shold bring to my moderators attention? Both pieces of information were in plain text and clearly visible.
  17. Where do You Live? I kow of some schools that offer in-class training here in Canada (Calgary, Alberta). There are both accelerated and stadaard courses avilable.
  18. Well said digip. My apologies for turning this conversation in a very different direction than which it started. I have never fully understood how or why the American political system is still in place. While no system is perfect, and the one here is definitely flawed in some ways, it is vastly superior to the way things are handled in America. At least ere I can vote for the green party, the NDP, Conservative, Liberal, Marijuana (yes there is a marijuana party here), and any other political party that decides to run. Last year I actually voted for the Marijuana party. Not because I want to smoke pot, never have and never will, but because I didn't want to vote for the conservatives because they always win the area of Canada I live in and truthfully none of the parties interested me. In Canada all parties that are running for government get some money to spend on their campaign, this value is dependent on how many votes the party has received in the preceding years. Yes this is unfair, but it helps everyone out anyway. So I voted for the Marijuana party, suffice it to say, they did not win. To add to digip's recommendations for 9/11 documentaries I would highly recommend Zeitgeist. It is an excellent documentary about the state of the U.S. Economy, 9/11 and right wing conservative Christian beliefs.
  19. I still cannot believe the Patriot Act was enacted... It is for reasons such as the existence of that act that make me happy I don't live in the United States. Then again, how long will it be until something similar comes up here in Canada? With all the talks about internet censorship and regulation I am sure it is only time before something similar happens here. I just hope that when it does free-minded individuals will have the knowledge to stand up for themselves when accused. As far as Canadian law is concerned as of this moment, the fact that a government organization owns such an account would be classified as entrapment, as far as my knowledge of the legal system here in Canada goes anyway.
  20. I would just like to add, isn't what the FBI is doing with Sabu's accounts considered entrapment? Correct me if I am wrong, but the whole situation surrounding it screams entrapment.
  21. I have been looking at ways to do quite a few things around my house. On of which is to reduce the reliance I have on services provided by my ISP such as their default DNS server. I am aware of open and free DNS servers that are available, but I want to try and go further than that. My question is; What resources are required to host my own DNS for private use? That would be me and my room-mates, as well as anyone else whom I give access to my DNS. A slightly more hypothetical question I would like to ask is; What resources are required to run your own faux ISP? Obviously I'm not talking enterprise level here, just private. Again, just for me and my room-mates and possibly one day expanding to provide for outside sources, but this requires infrastructure, and lots of it! While I may be young and ambitious, I just wouldn't ever have the capital for that!
  22. You say you use type’s domains for business correct? Do you keep ANY personal information from your customers on ANY machine or domain? If so, you have an obligation to let all your customers know that their information may have been compromised. Ensure this is done on a clean machine so as not to cause any more issues. From the scale of the attack and how you say the infiltrators accessed all the accounts you have owned with service providers it is obvious to me that you yourself are compromised. Take every percussion and ensure you are protected. Use clean installs on all of your equipment that is used to connect to your domain services. Change your passwords (ensure they are unique for all accounts). I know this can be hard to do as multiple passwords can be hard to remember. I find it easiest to set a pattern in the password that you remember and to use things in your passwords that are memorable. For example, you can incorporate the names of your favorite video games, movies, TV shows or pieces of software as base components. Then add on special characters and include numbers and capital letters. An example could be duK3NuK3M&&0. So, the pattern in this example would be; a video game, common "1337"iffication of the numbers, Capitals before and after each number, two dollar signs and a 0 (the amount of money the newest duke nukem’ is worth). Do something similar for each of your accounts, and you should be all right. You can re-use a pattern, just ensure each password is entirely unique. So say this is my password for one email, I could also have my next email’s password follow the same pattern rules to make it easier to remember. Something you like - numbers in place of vowels - Capitals before and after numbers - special characters - worth of the item to you B10SH0CK1NF1N1T3$$thelifeofmyfirstbornchild Yes, that will work quite handsomely. You can spice it up more if you want to be ever more secure, just ensure you remember you passwords. DO NOT write them down and NEVER EVER keep your passwords in a file on any digital device. You will be one compromise away from losing all your accounts again.
  23. I do torrent frequently. I actually have my torrents off for now just to see what will happen. I have a feeling it is not due to torrents because the traffic seems to be coming regardless of wether or not my torrents are running. The traffic continued on my new public ip when my torren client was never on. I will run some scans with wireshark looking for conenctions to these IP addresses as you have suggested.
  24. New day, new IP and it seems nothing has changed. I am still getting bombarded by ACK packets, and there are a few others showing up now. I am beginning to think something within my network is probing out and giving them my IP address. What is the best way to solve this problem? I have checked all of my computers for any abnormal activity and everything seems to be ok (from what I can tell, I don't know all that much about this stuff). The new IP I was assigned last night when I let my lease expire seems to be in a similar series of IP addresses. Is it possible that someone is attacking a wide array of addresses at random? What is the best solution to the problem? I can ask my roommates to allow me to go through their computers. I suspect something may be on my one roommates PC as some of his personal accounts have been logged into by unauthorized persons. I suspected a key logger at the time but discovered no such activity. Is it possible that my friend’s computer has a program/service running on it, maliciously of course, that is sending out our public IP to a botnet, which is then trying to access our network? Or, possibly, is his computers already compromised and may be, or have been, part of a botnet? I am actually now questioning my thoughts on the matter because his computer has not received a new lease since I reset the public and private leases last night. This means his computer has not connected to the network since the release. Does anyone know what may be going on? Is this something I should call my ISP and inform them about? perhaps there is something that cna be done on their end, although, I highly doubt this. Here is the full log. I will not b other blanking out my IP, it has already been changed. The date and time are now correct as for my time zone. Nov 5 11:03:45 notice Blocked incoming TCP SynAck packet from 117.192.211.217:61137 to 68.147.181.245:57278 with unexpected sequence Nov 5 11:03:14 notice Blocked incoming TCP packet from 90.154.148.44:54405 to 68.147.181.245:55383 with unexpected sequence Nov 5 11:02:52 info UDHCPD Inform: add_lease 192.168.0.100 Nov 5 11:01:10 notice Blocked incoming TCP SynAck packet from 117.192.211.217:61137 to 68.147.181.245:56447 with unexpected sequence Nov 5 11:00:50 notice Blocked incoming TCP SynAck packet from 217.197.136.115:45814 to 68.147.181.245:56372 with unexpected sequence Nov 5 11:00:05 notice Blocked incoming TCP SynAck packet from 117.192.211.217:61137 to 68.147.181.245:56265 with unexpected sequence Nov 5 10:59:11 notice Blocked incoming TCP SynAck packet from 117.192.211.217:61137 to 68.147.181.245:56107 with unexpected sequence Nov 5 10:59:04 notice Blocked incoming TCP SynAck packet from 202.105.83.25:14821 to 68.147.181.245:56077 with unexpected sequence Nov 5 10:57:46 notice Blocked incoming TCP SynAck packet from 117.192.211.217:61137 to 68.147.181.245:55813 with unexpected sequence Nov 5 10:57:44 notice Blocked incoming TCP packet from 90.154.148.44:54405 to 68.147.181.245:55383 with unexpected sequence Nov 5 10:57:37 notice Blocked incoming TCP SynAck packet from 122.111.1.248:6881 to 68.147.181.245:55765 with unexpected sequence Nov 5 10:57:03 notice Blocked incoming TCP SynAck packet from 79.66.217.218:32244 to 68.147.181.245:55640 with unexpected sequence Nov 5 10:56:47 notice Blocked incoming TCP SynAck packet from 117.192.211.217:61137 to 68.147.181.245:55577 with unexpected sequence Nov 5 10:56:44 notice Blocked incoming TCP packet from 90.154.148.44:54405 to 68.147.181.245:55383 with unexpected sequence Nov 5 10:54:07 info version 1.0 started Nov 5 10:54:01 info UDHCPD Inform: add_lease 192.168.0.100 Nov 5 10:54:00 info read /etc/hosts - 1 addresses Nov 5 10:54:00 info using nameserver 64.59.135.145#53 Nov 5 10:54:00 info using nameserver 64.59.128.114#53 Nov 5 10:54:00 info reading /etc/resolv.conf Nov 5 10:54:00 info compile time options: IPv6 GNU-getopt no-ISC-leasefile no-DBus no-I18N no-TFTP Nov 5 10:54:00 info started, version 2.41 cachesize 150 Nov 5 10:53:54 info exiting on receipt of SIGTERM Nov 5 10:53:54 info using nameserver 64.59.135.145#53 Nov 5 10:53:54 info using nameserver 64.59.128.114#53 Nov 5 10:53:54 info reading /etc/resolv.conf Nov 5 10:53:52 info Lease of 68.147.181.245 obtained, lease time 3598 Nov 5 10:53:50 info Sending discover... Nov 5 10:53:48 info Sending discover... Nov 5 10:53:46 info Sending discover... Nov 5 10:53:16 info Lease of 192.168.100.10 obtained, lease time 30 Nov 5 10:53:05 info version 1.0 started Nov 5 10:52:57 info read /etc/hosts - 1 addresses Nov 5 10:52:57 info compile time options: IPv6 GNU-getopt no-ISC-leasefile no-DBus no-I18N no-TFTP Nov 5 10:52:57 info started, version 2.41 cachesize 150 Nov 5 10:52:51 info exiting on receipt of SIGTERM Nov 5 10:52:50 info Lease of 192.168.100.10 obtained, lease time 30 Nov 5 10:52:47 info Sending discover... Nov 5 10:52:47 info Sending discover... Nov 5 10:52:45 info Sending discover... Nov 5 10:52:43 info Sending discover... Nov 5 10:52:43 info Sending discover... Nov 5 10:52:41 info Sending discover... Nov 5 10:52:39 info Sending discover... Nov 5 10:52:39 info Sending discover... Nov 5 10:52:37 info Sending discover... Nov 5 10:52:35 info Sending discover... Nov 5 10:52:33 info Sending discover... Nov 5 10:52:31 info Sending discover... Nov 5 10:52:29 info Sending discover... Nov 5 10:52:29 info Sending discover... Nov 5 10:52:27 info Sending discover... Nov 5 10:52:25 info Sending discover... Nov 5 10:52:25 info Sending discover... Nov 5 10:52:23 info Sending discover... Nov 5 10:52:21 info Sending discover... Nov 5 10:52:21 info Sending discover... Nov 5 10:52:19 info Sending discover... Nov 5 10:52:17 info Sending discover... Nov 5 10:52:17 info Sending discover... Nov 5 10:52:15 info Sending discover... Nov 5 10:52:13 info Sending discover... Nov 5 10:52:07 info DHCP Release WAN IP address = 0.0.0.0 Nov 5 10:52:07 info Unicasting a release of 184.64.62.92 to 64.59.135.150 Nov 5 10:04:41 info UDHCPD Inform: add_lease 192.168.0.100 Nov 5 07:14:22 info UDHCPD Inform: add_lease 192.168.0.100 Nov 5 02:51:52 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:50:38 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:40:34 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:39:31 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:36:16 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:35:13 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:34:10 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:33:07 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:32:03 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:31:00 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:29:57 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:28:53 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:27:32 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:26:29 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:25:26 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:24:23 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:23:19 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:22:16 info UDHCPD Inform: add_lease 192.168.0.101 Nov 5 02:21:13 info UDHCPD Inform: add_lease 192.168.0.101
  25. Thanks a bunch digip. I disabled external WAN as you suggested. I browsed through every config page in my router several times and I could not find anything on forcing https. Somehow uPnP was enabled... I know more than enough about it to know that it should never be on in a network that can access the public internet. I have always had this disabled. It must have gotten turned on when I reset my modem to factory a couple weeks ago. I checked all my port forwards, DMZ, application rules and filters to ensure nothing has been changed, everything looks fine and uPnP is OFF now, as it should be. I will leave my modem off for the whole evening and I will turn it back on in the morning after I release the dhcp lease from my router as you have suggested. Thanks again digip. I owe you one. You are a gentleman and a scholar. Maybe one year I'll make it to a con, track you down, and buy you a drink! Two if you got the reference above! Also, if I may ask. What program do you use to trace IP addresses? I would love to have a tool such as that.
×
×
  • Create New...