sober
-
Posts
79 -
Joined
-
Last visited
-
Days Won
2
Posts posted by sober
-
-
err why not just a phone, these and google glasses just useless...
-
my team competes tomorrow, anyone else from illinois going to be there with me? should be a good time assuming i dont mind loosing hair.
-
i will say im enjoying them as i am picking up rubber ducky and was getting payloads in order, few less i have (or get) to write :D
-
Oops my bad, Its just that the title contained 2 statement that my mind couldn't accept... but yeah with ssh support and a pineapple there is definitely some fun thing to do. I didn't knew about the android arm app support.
I had the surface for 1 day and returned it back when I realized how locked the device was... secure bootloader? its just a matter of time before someone find a way to install Linux on it... I can't live without the capability to boot into Ubuntu, but I have to admit that the surface is a really cool tablet considering its not a computer but a tablet.
cool link and project, good luck.
thanks and yes it is locked down but I bought it as a tablet that I could get work done with, bonus that I get to mess around and get desktop apps to it, and yes I hope for boot to usb *nix in future
-
your first amendment right to what exactly?
No, it isn't against the law to possess pictures or videos of a murder or of rape. Only child porn, it's treated as a special case. This is a problem which has been acknowledges by members of the EFF.
Even being falsely accused of involvement with child pornography can end a persons career and ruin their life. This is a big stick that both corporations and governments wave around to silence viewpoints they don't like. I've watched it happen in Washington DC and the surrounding suburbs. These exceptional laws on child pornography are being used to actively restrict First Amendment rights. -
Hi Sober, I would advise not to buy the RT version for that purpose, its extremely limited, wait for the PRO or buy a W7 tablet and put W8 if you really want it.
I did that on my Acer Iconia Tab W500, W8 run perfectly and I can use any windows app, W8 RT will limit you to app in the app store only so no hacking for you my friend!
hope this help.
I bought the rt for school but I can infact use rt for that purpose, check out my links to xda, you can run any application made for the arm processor, I currently have working putty on my surface, and the rpi will be whats hosting metasploit
entire point of the project is too push the restrictions placed into rt
-
grawr this disappeared mid post first try
everything is work in progress parts on order
1.end goal: pen testing tablet with minimum of wifi pineapple and metasploit functionality (keep gear in bag and look like tablet user)
2. proposed rig:
64gb surface rt
powered usb hub sporting lan to usb http://forum.xda-developers.com/showthread.php?t=1963384&page=2
raspberry pi running the metasploit via wheezy, or full blown suite over pwnpi
mk4 pineapple
powerpacks for devices
3. how:
putty on surface http://forum.xda-developers.com/showthread.php?t=2092348 unlock easily found on those forums
metasploit on pi: comes on pwnpi
ssh enabled by default on weezy
4. potential issues: win 8 rt may not include ics in which case the rpi would have too take its place which could tax it
post not in depth like first one as it disappeared on me but will edit/ lengthen / update s I go
-
forgot about this game I was in test months ago, was not bad
-
Each virtual machine requires some overhead memory to manage it, which means each uses a total of up to about 1.3 times the amount of memory (RAM) given in the virtual machine settings, yes windows 98 will easily run off 500 megs of ram, its maximum was 1.5 gb
486DX2/66 MHz or higher processor (Pentium processor recommended)
16 MB of RAM (24 MB recommended, it's possible to run on 8 MB machines with /nm option used during the installation process)
At least 500 MB of space available on HDD. The amount of space required depends on the installation method and the components selected, but virtual memory and system utilities as well as drivers should be taken into consideration.
you should be able to image the system, vmware virtualizes the hardware so you dont have to worry about different hardware then original
you can assign hardware to each virtual machine yes
there is no reason to use av on win 98 vms with no net, virtual machines can not infect host, host cant infect vms, wont transfer over
10 clients is a bit iffy but to give you an idea i run my host windows 7 and 3 others relatively comfortably on an i5, then again thats giving them each a core. but running all the way back in win 98 i think it should pull it off.
-
Well, I had meant the credentials (username and password). I believe that on a small network, an easy way to identify the router's IP would be to simply find the gateway you're using. So, I missed default credentials on my little list at the top :P I didn't really know people are known to leave these as stock!
In any case, is that it? :|
most people leave them stock, my post links are the stock username and password for nearly every router/brand, and if that fails yes a reset would be easiest way.
-
ssl strip will run with karma yes.
-
tested working on a few units, feel free to try it and tell me how else you broke it :) (so far window size issues in network connections is known)
-
Hey, as a side note, I just plugged this beast into backtrack running in VMware Fusion on a Macbook, its working fine, but when I try to change my country because I am in bolivia right now for the evening, it is stuck on country 98..... I searched around and it looks like other people on other forums think that the adapters now have an eeprom programmed to not allow changing it when I fly into bolivia for the evening? The adapter came from snubs when I bought it from her at Defcon with my pineapple this year, so its a model from the hak5 group...
Oh, and for the OP, I plugged it into my win7 box and it loaded drivers automagically for it... Works automagically in win7, and linux
did not automatically load drivers for me into windows 7, also drivers i downloaded dont work, but it works in bt5 with no hassle, must be something going on with my win7 box
-
would be interesting to see if you can assign ips a "host file" as it were that takes precedence over the standard, something i will look into another time when its not 2 am.
/etc/dsniff/dnsspoof.hosts --> Sample hosts file.[4] If no hostfile is specified, replies will forged for all address queries on the LAN with an answer of the local machine’s IP address.
never played with dns sniff, will in the morning, but perhaps there is a way to have multiple host files, and to specify specific clients access via mac or ip
basic command
# dnsspoof -f spoofhosts.txt host 192.168.1.245 and udp port 53
could you do something like
# dnsspoof -f 1.txt host (client 1 ip) and udp port 53
# dnsspoof -f 2.txt host (client 2 ip) and udp port 53
something like that?
i get the following from this article
http://tournasdimitr...spoof-on-linux/
which makes me think you could in theory craft multiple host files and manually assign to targets.
edit: guess this post more for peter then op lol, the question interested me and its something i would want
-
deleted old post, updated first link and download link, may upload video of script in action.
-
you want it going into the poe lan of the pineapple and wan port out assuming only reason your not using a normal box is the fact you want to monitor your traffic going across the network? you will see alot of well junk coming in as well btw
in any case try the network manager module from the pineapple bar, also you may need to change settings on the router, the pineapple trys to send data to a 172. address and the router is probably a 192 or a 10
check these settings and if you are still having problems i will go troubleshoot it on my home network and post my findings :)
-
google.com has twelve IP numbers (74.125.228.34, 74.125.228.35, 74.125.228.39, 74.125.228.33, 74.125.228.36, 2607:f8b0:4004:801::1003, 74.125.228.38, 74.125.228.41, 74.125.228.32, 74.125.228.40, 74.125.228.37, 74.125.228.46). All twelve of them are on the same IP network.
http://www.robtex.co...om.html#records
redirecting all ips to your file should take care of any issues with it occasionally loading the legitimate page.
edit: and seeing as your dns spoofing that was useless advice
-
lets see we had our first computer when i was 5, got internet at 6 or 7, ever since i was looking at ways around internet filters and timeouts etc, usually just to play stupid games online at all hours, was a computer hobbyist and most of my spare time was gaming or football practice throughout highschool, where i was starting the process to become a cop,by taking a program for highschool students to get started, and hated it, about the same time i was working as a tech aide for my highschool, as well as taking my first structured computer classes. i was really starting to love computers and see that what i wanted to be able to do with them wasn't only in the realm of some geniuses, the people i had looked up to when it came to computers i quickly learned didn't know much more then your standard user, i started reading insane amounts into the subject, dedicating my free time away from gaming into it. Then, one day while working as a tech aide i had finished everything that really needed doing and was just poking around on a standard student account, i found that students had access to some parts of the network they really shouldn't. suffice to say access to full student information including ssns among other things.
from that day on i was hooked on security, i was always interested before, and a majority of my reading was in the field but that was the moment i knew what i wanted to do with my life.
i obtained an associates in computer and network security about a year and a half ago, currently progressing to bachelors studying ethical hacking, networking, some digital forensics but i haven't taken much in that yet, and some cryptography, again not something i have had much experience in yet. also in the progress of learning c++, i have taken a class on it already and coded some things outside of it,and have some vbasic/php/html from highschool, as well as currently learning more about sql.
i hope to obtain a full time position after bachelors and continue on to masters, and hopefully doctorates by 27~
-
http://www.donationc...p?topic=26516.0
perhaps i could make use of winsendkeys
edit:
currently fine tuning winsendkeys to do what i need to get it to do
-
inject.bin is the file that the new duckys use.
is there any way for me to execute the script via web, or even store the command locally and execute it without the ducky, there must be... hopefully
-
I'm pretty sure I've read somewhere you can't actually enable ICS on windows from the command line. At least not with any of the programs/commands that come with windows.
that is the problem i have been having, there are ways to "enable" the service, but actual configuration doesn't seem possible, which is why i hope to explore the icf/ics api to hopefully make the process more script able, but currently i think the script is rather straight forward, but i want this to eventually be something worthy of being added as the windows quick connect script.
also to dark, i will definitely experiment with the bridging my understanding is it does not by itself enable internet connection on extra devices, and either way ics needs to be enable to truly share it out, then again, seeing as the pineapple is a router, it should be filtering all traffic thru a single connection.
after looking into the guide closer my mind is fighting itself it looks like bridging only connects two networks, it doesn't allow network 1 to utalize the bandwidth or public ip of interface two, and without being able to use the public internet facing ip it shouldnt supply the clients on the pineapple access to the internet from the computer, in any case i will try it in morning, just got home for work, and thanks for all the input thus far.
and worst comes to worse i will find a way to force it to work :)
wait a second... i know there is a website that uses usb rubber ducky commands, is it possible to load that website, and or virtualize the same software to execute keyboard commands to configure the wireless network adapter???
off to work i go!
http://www.iducke.com/Encoder/IDE would be the website and i can generate a specific url, now to look at duckyscripting and figure out the commands i need to configure this all correctly
edit ****** removing non used code
rubber ducky commands after launching ncpa.cpl
edit, had to account for a few things, example selecting adapter, down as much as possible to select local even if you run vmware etc.
-
ip address or password username?
http://www.techspot....r-ip-addresses/
-
nothing too special, i have a wired linux router hooked up to a desktop in living room, and broadcasting wifi, i have a throw away laptop running linux receiving that signal, and sharing it out via a second router, not broadcasting an ssid for my personal network, which is anywhere up to two more laptops, two desktops, a 360 and a pineapple, usually just a desktop.
-
This might be helpful for you.
http://technet.micro...877(WS.10).aspx
i have looked into net sh for quite awhile hoping to find some more functionality.
the third link should indeed be helpful, unfortunately my c++ is not amazing, but i can get by, will make it a project for a day im not working. hopefully these three links will allow me to piece together the puzzle, and possibly leave us with a script to even let users declare their own interfaces (lan/wlan)
http://msdn.microsof...d815252(v=vs.85).aspx
http://msdn.microsof...a364726(v=vs.85).aspx
http://msdn.microsof...a364730(v=vs.85).aspx
and of course the last step in full automation is going to take 90% of the time yet again :D
Small Job Offer: Wifi Security and Video Creation
in Security
Posted
i will take a look at a few clients this weekend and go from there. i havent played since full tilt got shut down so time to see whats popular nowa days.