Pwnd2Pwnr

I would steal candy from a criminal to know what you know, Digip... lol

I frequently make accounts VIA gmail... and everytime they ask me for verification... I am just fortunate enough to have a list of numbers which will verify me (Thank you, friends). Verify with your friend(s) first that they will receive a call. Tell them to write down the number... have them call you or text you. Gmail calls you with a code... you take that code and type it in... Bing...eerrrrp... DIng, you have a new email account (created by TOR exit node)... There is no downside as long you keep it legit... Teh means no worries :) PS.... Throw away phones do not have that type of authentication... go buy yourself a shit load of cheap phones (with cash!!!!!!!! <<<<)... register them for others so they will not connect teh dots... :D

(Can't wait to build my tower at tax time) :)

I wouldn't freak out too much. Phone numbers are EASILY spoofed; they have apps for droid that can do it... I would say if it does not exist; it was spoofed. But, it could have just been a collection agency; they do some pretty fucked up shit to get their money... I would just record the information and wait for it to happen again... got to love android API

(I DO NOT OWN A PINEAPPLE) Now, what I normally see around the forum is that you need to reflash... it makes sense... but I will state again, I do not own a pineapple... If you want, wait for someone who owns one... I would...

I remember bindshell.net... :(

What was expected to be gained by unauthorized access... I am glad that their are certain protocols that you must abide by... BTW => read the FORUM MAN PAGE

I was asking if the protocol itself was safe... and by the looks of it it is... I thought that was being transmitted during my softAP... I assumed it was sent out VIA Alfa... but I can now see what you mean. I deleted my dropbox folder and stopped the sync. Thanks (again, and again for any future insight), you guys... I just don't like the synchronization protocol popping up when I am looking at broadcast signals from mon0...

Now, to be fair; most people have never heard of TOR, namely the people in lower income districts (rampant in my neck of the woods), but I could see how unethical it may be. On the other hand; people whom value their privacy and do not know too much on the user side; it would be a fair trade off. They can browse, use the common places like google, facebook, or a few other social networks I really don't care for. I think if they value their security, they would like it and just use regular browsers for the rest... OPINION RANT Ethics don't apply to big Corp... I side with Moxie Marlinspike when it comes to gross commericalization; but that is a different story. I think the bottom line is that the ethical line is no longer this wide chasm. The other side is close enough to jump on and jump back (bad metaphor. but it is early). Our ethical standard is not used by big business; so what does that leave us... the little fish? But, yes, selling free stuff is how millionaires are made... and it is A LOT less Madoff...

Install TOR for people and charge em 20 a pop...

Well, I have worked out MY own kinks in the dhcp world (two cups of coffee and 4 ibuprofen later). I have never really had too much trust with dropbox; so I don't keep anything in it worth while; but I did find something peculiar; I think Digip has already pointed out that dropbox is easily hacked. I have my fake ap up and running; along with my wireshark and airodump. Going through the packets; I discovered a local packet which was sent out via mon0 (that is what I was sharking) and found 4 packets... no 496 time 18.461144 src 10.0.0.254 dst 10.0.0.255 protocol DB-LSP-DISC length 195 info dropbox no 497 time 18.461551 src 10.0.0.254 dst 10.0.0.255 protocol DB-LSP-DISC length 196 info dropbox no 1368 time 48.796771 src 10.0.0.254 dst 10.0.0.255 protocol DB-LSP-DISC length 195 info dropbox no 1369 time 48.497555 src 10.0.0.254 dst 10.0.0.255 protocol DB-LSP-DISC length 196 info dropbox So, this is within my local address; and I do have an active dropbox sync folder. Is this insecurity widely known about? I do believe it has all of the data I need to access my account... but that is why I ask. Any thoughts?

Thanks Digip, I am reading the man pages; sometimes I think my eyes are going to pop out of my head... ai ai ai...

yeah... I have tried sudo; even sudo su for some super root... nothing... I will give it a shot; never thought setting up dhcpd3 would be such a pain in the ass... especially when I checked syntax about a million times just to be sure there was no typos... I will get back with ya... *update* Tried the dhcpd without the 3... and now I get this lovely message: dhcpd -cf /etc/dhcp3/dhcpd.conf -pf /var/run/dhcpd/dhcpd.pid at0 drop_privileges: could not set group id: Operation not permitted Now, with sudo; sudo dhcpd -cf /etc/dhcp3/dhcpd.conf -pf /var/run/dhcpd/dhcpd.pid at0 Internet Systems Consortium DHCP Server 4.1-ESV-R4 Copyright 2004-2011 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Can't open /etc/dhcp3/dhcpd.conf: Permission denied Now, with SU: dhcpd -cf /etc/dhcp3/dhcpd.conf -pf /var/run/dhcpd/dhcpd.pid at0 Internet Systems Consortium DHCP Server 4.1-ESV-R4 Copyright 2004-2011 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Can't open /etc/dhcp3/dhcpd.conf: Permission denied Why is permission being denied? Hmmmmm...

OK... setting up a new dhcpd3 to establish an ad-hoc to airbase-ng... trivial, right? Well, I am setting it up on ubuntu, and when I get to this step dhcpd3 -cf /etc/dhcp3/dhcpd.conf -pf /var/run/dhcp3-server/dhcpd.pid at0 No command 'dhcpd3' found, did you mean: Command 'dhcpd' from package 'isc-dhcp-server' (main) Command 'dhcpd' from package 'isc-dhcp-server-ldap' (universe) Command 'dhcpcd3' from package 'dhcpcd' (universe) dhcpd3: command not found I have configured the .conf file and am assuming that since I am not a BT distro; it has issues... can anyone help..?

OK... so I have a broke router and a 2wire... both DSL (Can't get cable modems in my apartment due to contracts or some bs like that). What would you guys recommend for a configurable, open source, home router with a few bells and whistles that would be compatible with Ubuntu 12.04, and has nice security features? Have a happy Thanks Giving!

Ya there, buddy? lol

Thanks guys. I am just thrilled that my daughter can finally SEE what the hell dad has been reading and tinkering with. The employer bought the Arduino, so my daughter never had a chance to goof with it. I would do the heavy reading; she would help with sketching the programming and see the fruits of her labor... I will post pics when I get another board. PS... I have NO COOL electronics store... Radio Crap and Worst Buy are the only competitors. Most of the mom and pop stores went under... but that is the nature of the beast.

I want a Jawbreaker!

Wow... I have been busy lately and have not had a chance to check the post. I would never want to hack Hak5... that is lame. But, on the flip side... I love my incognito browsing (especially Facebook ;) , because we all know how they make their CREAM... dolla dolla bill ya'll...) Digip... so is it the bastards on the TOR attacking you so you can't kick the snot out of there box? I don't understand why folks attack websites made by people who contribute so much... alas... haters gonna hate... lol. As for proxychains... I would only want to set it up for my Metasploit and other various programs... but I just simply don't have the time lately... You guys rock!

lol

So, I am currently helping a local shop owner to setup an Arduino board which will control LEDs that will be placed around the inside of the front window pane. I picked up my daughter and went to the store to show her what we have done so far (still need some more LED strips and probably some more power). With only one 4 foot LED mounted with the strobe effect, she was amazed. I told her she can make this stuff, too, with a little learning, she can make LEDs herself. She now wants an Arduino board and some LEDs for Christmas. I think I finally found something that she loves to do and I am psyched about it. She is only 11 and wants to learn low-level programming! I am thinking about getting her a starter kit... but I think she wants to jump in with me... any suggestions? I think she might get bored of reading the manual... should I just have her watch and write with me? Regardless, MY DAUGHTER WANTS TO PROGRAM! (Tiger Woods gesture)

I got my API key and tried using it... but I think I need to pay to actually apply it to the search. I will look to BT5r3 and see if I can find it. Thanks!

I have the same issue, bass. My wonderful landlord is really "tight" when it comes to certain ISPs. I am stuck with dsl... bastards

It was probably an update... it was down for a few hours... hmmm.... anyway... I was wondering if purchasing "credits" is actually worth it's weight... I am not too interested in watching webcams (I will NEVER do that again; who knew how much a middle aged, over-weight man can masturbate... *shudders*); but I am interested in scripting with it to modify search results. Question: Does anyone here have a script up and running with shodanhq? I want to try it; but I want to know if you guys think it is worth it!

Digip needs a cape and a giant S on his chest... that is all... :)