Jump to content

murder_face

Active Members
 View Profile  See their activity

  • Posts

    97

  • Joined

  • Last visited

  • Days Won

    1

 Content Type 

Posts posted by murder_face

    403 error with wget

    in Questions

    Posted

    Tried the user agent spoof. Still no dice. Also tried the -H option which got me basically EVERYTHING other than the site I wanted. I have also tried HTTrack from the backtrack tutorials with no luck. I ran a whois on the domain and got the tech contacts email address and told them my situation. We'll see if that works, but I'm doubtful....

    403 error with wget

    in Questions

    Posted

    A friend of mine is paying someone for SEO right now and isn't very happy with the results. The price is right, but I guess you get what you pay for. I took a quick glance at the page source and there are no keywords in the the meta tags(I'm not really sure what he is paying for then) and found a redirect link in the source as well. I tried "wget --recursive blah" on the TLD and all I get is the index.html. I then tried the same thing on the subdomain that it redirects to and I get "403 forbidden". Why can I browse the page in full, but not download it?

    I'm heading over to the backtrack tutorials after this because I remember seeing something in there about downloading entire sites for phishing attacks, but will I get the same error?

    acer 5515 cpu

    in Questions

    Posted

    I have an aspire 5315. It came with 1.6Ghz celeron I upgraded it to 2Ghz celeron. To be honest it wasn't really worth the time or money. I also upgraded the RAM to 3 gigs which helped more than the cpu.

    Wifi client mapping

    in Questions

    Posted · Edited by murder_face

    This definitely looks fun. I sent them a message about buying, but like Navizon they have no prices. I imagine it won't be cheap if it's made for enterprise though.

    Basically what I want to do is take a clients probe-request and follow it. I'm taking the crash course right now, but I haven't gotten to the part that tells me if a client constantly sends requests or stops once it has connected.

    Nothing free that I've ever seen. The guys that make Ekahau Heat Mapper have one that will do it.

    http://www.ekahau.co...m/overview.html

    Wifi client mapping

    in Questions

    Posted

    I know that there are plenty of programs out there to map APs. I was wondering if anyone knows of anything that will map clients. I found one called Navizon, but it looks like I would need to buy proprietary nodes to use their service. I'm still reading and searching for other alternatives, but I was wondering if maybe someone else has already researched this and found an alternative.

    LAN tap on Cable Amplifier

    in Everything Else

    Posted

    I was actually thinking the same thing. I figured it might be a serial connection for diagnostics, I'm just wondering if there is anything else that can be done on it. I did a little bit of searching and found a few TruSpec boxes that look similar but they only have coax connections.

    Keep in mind though, RJ45 does not mean network. I can say with 99.999% confidence that the amp doesn't have an ethernet network. Don't look at radio shack, that's consumer. You need to look under professional products for in-house cable systems.

    LAN tap on Cable Amplifier

    in Everything Else

    Posted

    It sounds like something you shouldn't even be getting into.

    I imagine there would be some legal implications, or is it just because I have absolutely no clue about what the box does besides "amplify" a signal? This thing has kind of piqued my curiosity, and the only cable amplifiers I have been able to find information about are the cheesy ones that you buy from radioshack.

    LAN tap on Cable Amplifier

    in Everything Else

    Posted

    So I was having my usual coffee and a smoke outside this morning, and I saw a Timewarner tech messing with the cable amplifier pedestal this morning, and I noticed he was connecting to it with a standard RJ45. I was wondering would it be worth putting a LAN tap on this thing? I know the hak5 throwing star can't handle gigabit, and I imagine the amp would be. I was thinking of breaking out the multimeter and seeing what kind of power is supplied inside the box.

    I was also wondering what would be the best way to access remotely. I have a hardhat and teleco vest, but all of my neighbors know me. So disguise isn't really an option. Plus a man sitting in the bushes with a laptop in the middle of the night might disturb some people. I have a few old smartphones floating around, so I was thinking of putting an ssh server on one, but from what I have read microUSB to ethernet is not an option on an android phone.

    Disclaimer: The pedastal has absolutely no physical security, or labels about tampering with it....

    Taking a net+ class

    in Everything Else

    Posted

    The OSI model has always been my downfall. I couldn't remeber it right now if you paid me. I forget where, I think maybe slashdot, but there was a debate on the importance of the OSI model in general. If memory serves me(for a change) i think it was 50/50 on the importance of it....

    You should follow up Net+ with CCNA before moving on to Linux+ and Security+. CCNA will go much more in-depth with the OSI model.

    I find a lot of people seem to lack the solid foundation in understanding the OSI model and how each layer works. As a result, they're ill-equipped to speak intelligently about network architecture, efficiency, and security.

    reaver on open AP

    in Questions

    Posted

    I have a NETGEAR wnr2000v3 setup as an open AP. I ran wash and it still shows up as vulnerable to WPS brute force, but everytime I run reaver on it I get errors. Usually its a 004 with the occasional 003 and 002. I would rather not use MiTM or reset the router. Is there another way to get the admin password for the router?

    DoS from inside LAN

    in Questions

    Posted

    So. I have refreshed my IP, and changed the MAC address of my router. I haven't gone as far as reloading firmware yet, but it looks like that is my next step. I have UPnP and remote management disabled(sadly there isn't a setup for wired config only)The strange thing is when I ran a nessus scan on the router it still shows UPnP and telnet ports. I also have another port open that I don't recognize. TCP 1780 dpkeyserv. The weird thing is google says dpkeyserv "This server provides license to multiple users for using kana-kanji conversion server. jserver"

    Here is my nessus report: http://www.geek-labs.com/

    Few things I would do though, 1, change your external IP (force a new lease from the ISP by either changing the routers MAC address via MAC address cloning and then rebooting the modem, or power off the modem for about 30 minutes after releasing the lease on the router side, then restarting the modem and reaquire a new DHCP lease from the ISP) and 2, go through every configuration setting on the router. Make sure remote administration is disabled as well as configuation over wifi is disabled, Only allow it to be configured over wired, and if possible, https only, disable http, in the event someone did get on your network and try a MITM to capture the login to the router. 3, make sure services such as uPnP, SSDP and TFTP are disabled, and 4, if you have to, reload the firmware on the router, and start fresh with a new config for everything uncluding new ssid, and passwords for local administration and WPA2 logins.

    Forgot to mention, I think OpenDNS blocks DNS rebinding attacks, but don't quote me on that...

    DoS from inside LAN

    in Questions

    Posted

    Just noticed this in my router logs:

    DoS attack: IP Spoof] attack packets in last 20 sec from ip [192.168.1.173], Wednesday, Nov 07,2012 05:34:49

    I'm kind of confused as to how an outside machine can even get an IP on my router. I have MAC filtering on and static IP address for everything on my LAN. I do have port forwarding in use on my router. One port for SSH to one of my machines, and another for NESSUS. I ran nmap as soon as I saw my log and the foreign IP wasn't on the network. I am wondering if this was just a drive by on my router or a direct attack. If it is a direct attack, what would be the best way to dish out some karma?

    erase hard drive

    in Security

    Posted

    Not quite the nuke I was referring to... lol!! But, if that were equipped with a lo-jack and a power source...

    You could always gut an android, take the laptop apart and put it in the spot where the PCMCIA card goes(I have an old machine), solder the USB on the phone to the USB on the laptop for power and some kind of where's my phone software for the lojack part. Then wire up the speaker to your nuke payload, then all you have to worry about is telemarketers nuking your laptop.

    X Server on android

    in Questions

    Posted

    Has anyone tried using X Server for android? I already have an SSH server with X forwarding on one of my PCs and I can connect to it via LAN/WAN from my laptop with no problems. I just can't seem to get ConnectBot and X Server for android to work. ConnectBot works fine by itself. I know there are plenty of VNC apps out there for android, but I have A LOT of crap running on my other PC and it's only a measly P4 with a gig of ram.

×
×
  • Create New...