murder_face

I remember using when the dreamcast came out you would have to use a multi session disc. Maybe try looking up "dreamcast backup disc"

I have been on quite a few "entry-level" interviews lately, and it seems that every company big or small mainly works with Windows. I know the general consensus in most circles is that "Windows blows". So where are all of the big bad linux boxes, and if my future is windows then how do I transistion back from linux?(I kept trying to use linux commands)

Is that the Honey Badger guy's voice?

Well, I swapped all of the offending files with ones from packetstorm and I don't get the errors messages anymore. I haven't had a chance to see if new files from packetstorm work yet though.

I just ran diff on vcms_upload against the exploit at packetstorm, and the two files were indeed different. Should I try the same on the rest of the files and replace them if they are different?

I guess I'm a glutton for punishment. I have always felt that I learn more doing things the hard way having problems and then fixing the problems.

I have been trying to get metasploit up and running properly and have been running into a lot of errors along the way. This is the issue that I am trying to fix right now: [-] WARNING! The following modules could not be loaded! [-] /opt/metasploit-framework/modules/exploits/linux/http/vcms_upload.rb: NameError uninitialized constant Msf::Exploit::PhpEXE [-] /opt/metasploit-framework/modules/exploits/multi/http/mobilecartly_upload_exec.rb: LoadError cannot load such file -- lib/msf/core/payload/php.rb [-] /opt/metasploit-framework/modules/exploits/multi/http/sflog_upload_exec.rb: LoadError cannot load such file -- lib/msf/core/payload/php.rb [-] /opt/metasploit-framework/modules/exploits/multi/http/auxilium_upload_exec.rb: NameError uninitialized constant Msf::Exploit::PhpEXE [-] /opt/metasploit-framework/modules/exploits/unix/webapp/projectpier_upload_exec.rb: LoadError cannot load such file -- lib/msf/core/payload/php.rb I have tried "sudo gem install {***.rb}, but the only one that was found was php If it matters, I am running Ubuntu 10.10 and installed metasploit from svn

Would this work if i set up an ad-hoc connection on a non priviledged account on my main PC? I have noticed a station named "WPATubez" on my airodump scans lately. My only problem is that I don't have a spare router. I have searched "WPATubez" and found a post talking about a sealed rubbermaid container on the roof of a BestBuy and an AP named WPATubez. Which leads me to believe that there is a pineapple or something near.

I don't mean to hijack your thread Pwnd, but you got me wondering so I decided to look at some of the traffic in my area. I know who de:ad:00:00:be:ef belongs to, but the 5th station from the bottom(a8:16:b2:e0:c4:35) has me a little curious....

Awesome. Thank you. So I'm guessing that the 'set PROMPT %L' is kind of pointless to use if I am switching between different networks and interfaces constantly?

I have been hunting on google for awhile and can't seem to find an answer. Before I type 'sudo msfconsole' I disable my wired ethernet, and connect to the network I want via my wireless. I use %L in my .rc script and my prompt shows the network that I am expecting. I then reconnect my wired connection. After that metasploit falls back to the wired network but still shows the IP for the wireless. Is there some way that I can force metasploit to only use my wireless connection?

Sorry, I'm pretty new to writing any kind of program/code whatsoever. The code I have been posting is more of a jumping off point. Once I figured out how to make it run in a browser, I planned on trying to figure out how to make it standalone or just run it through a lightweight browser. I guess click fraud is what I was going for. I have been trying to learn a little bit of programming and didn't really have a jumping off point, so I thought something like this would be a good place to start

So from what I have read I javascript can't work with files on my computer. Would adding some PHP (I'm still looking for the right function) to import a list work? Also, instead of having the page of the clicked link visited is there something like /dev/null that would still register as a valid site visit? And last but not least, how do I deal with the cookie generated by the visit? <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Random Link</title> <script type="text/javascript"><!-- var links = new Array(); <?php $RandomList = array(); // Leave this line as is. // Edit next lines for the file locations to be inserted randomly. $RandomList[] = "https://secure.fanboy.co.nz/fanboy-adblock.txt"; // Leave next line as is. readfile($_SERVER['DOCUMENT_ROOT'].$RandomList[rand(0,count($RandomList)-1)]); ?> function getRandomLink() { var randomNum = Math.floor(Math.random()*links.length); window.location = links[randomNum]; } //--></script> </head> <body> <form name="" action=""> <input type="button" value="Go to random link!" onclick="getRandomLink()" /> </form> </body> </html>

I don't know much about programming, but I found this little snippet and it looks like it might have potential. What I am wanting to do is to substitue the links for say an AdBlock plus list, and rather than clicking a button maybe have the program visit a new link every 5 seconds. The other thing I would like to do is instead of running in a browser is to have it run as a screensaver(kind of like SETI). I figure if enough people would jump on the bandwagon it would pretty much put an end to "data mining". Since the advertisers wouldn't be able to tell which visits were legitimate. The other thing that I was considering is maybe having a centralized server that would coordinate the visits so that everyone who is running the program is visiting the same site at the same time. Studid question, but would that still be considered a DDoS? I'm not really sure about the legality or feasability of any of this. <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1" /> <title>Random Link</title> <script type="text/javascript"><!-- var links = new Array(); links[0]="http://www.google.com"; links[1]="http://www.msn.com"; links[2]="http://www.yahoo.com"; links[3]="http://www.ebay.com"; links[4]="http://www.cnn.com"; function getRandomLink() { var randomNum = Math.floor(Math.random()*links.length); window.location = links[randomNum]; } //--></script> </head> <body> <form name="" action=""> <input type="button" value="Go to random link!" onclick="getRandomLink()" /> </form> </body> </html>

I was clicking straight from hak5.org. The problem only lasted for about 3 minutes, and the download never even started. I just found it kind of weird. I remember every once in awhile I would go to my online banking page and firefox would want to download the .php file. I was just wondering if it was something like that. I imagine an admin would be able to look at the logs around the time I posted and see what it was all about.

Just clicked the hak5 store and now I am downloading 8kKC60s.bin.part

GOOGLE http://hackaday.com/2011/02/18/hard-drive-password-recovery/

Can someone explain to me why I wouldn't want to embed something simpler in my code like python to do the math?

Bought the domain awhile back and I haven't done anything with it. Does anyone want to trade for a pineapple? If not, I'm looking to give it to someone that will actually do something with it. I have like 9 months of hosting left through iPage as well, but I'm not sure if I can transfer the hosting.

When I first saw the title I thought it was going to be some kind of sonar like in the batman movie, needless to say this is pretty cool. Not very effective if the phone stays in a pocket/purse though. What really interests me is if they have found a way to force a trojan onto an andoid.

Thanks digip! I woke up this morning ready to get all stalker on them this morning and you did it all for me. The PDF thing is exactly what I was planning on doing back to them. I figured that they wouldn't hesitate to open something that they thought their fishing attempt worked on. I called them a few times from different numbers. The first time the call sounded pretty official until I asked him a question he couldn't answer, then I was hung up on. I called back from another number and messed with him for a little bit until I was hung up on again. Then my wife wanted to get in on the fun so she called them and a lady answered, but she didn't answer as the company. All she said was "hello". So yeah they blew it and I figure I have someone to practice a few things on when I need a break from reading

I got an email from a company that I never applied to, and they want some pretty personal information. I was wondering if anyone has ever heard of them. I plan to do some poking and prodding of my own, but here is the email and header that I got from them: header: From administration Wed Oct 3 17:42:57 2012 X-Apparently-To: m_otto714@yahoo.com via 98.136.183.40; Wed, 03 Oct 2012 17:43:06 -0700 Return-Path: <admin@office-techs.net> Received-SPF: none (domain of office-techs.net does not designate permitted sender hosts) cnQgb2YgYSBncm93aW5nIHRlY2ggY29tbXVuaXR5IHRoYXQgaGFzIGFjY2Vz cyB0byBmaWVsZCBzZXJ2aWNlIG9wcG9ydHVuaXRpZXMgYXJvdW5kIHRoZSBj b3VudHJ5LiBZb3UgY29tcGxldGVkIHRoZSBmaXJzdCBwYXJ0IG9mIHRoZSBy ZWdpc3RyYXRpb24gYW5kIG5vdyB5b3UgbmVlZCB0byBnaXZlIHVzIHRoZSBm b2xsb3dpbmcgaW5mb3JtYXRpb24gdG8gY29tcGxldGUgeW91cgEwAQEBAQNt dWx0aXBhcnQvcmVsYXRlZAMDMTACA211bHRpcGFydC9hbHRlcm5hdGl2ZQMD NwIDdGV4dC9wbGFpbgMDMAIDdGV4dC9odG1sAwM2AmltYWdlMDAxLmpwZwNp bWFnZS9qcGVnAwMzAmJsYW5rX3c5LnBkZgNhcHBsaWNhdGlvbi9wZGYDAzAC RW1wbG95ZWUgRGlyZWN0IERlcG9zaXQgRW5yb2xsbWVudCBGb3JtLnBkZgNh cHBsaWNhdGlvbi9wZGYDAzA- X-YMailISG: gXw58J4WLDt0jfK8JE.zV6DhtevU.ThPakVSBlEZcDDFb7_C 96TI5Hh9tTCpReyqp4hQ._gP4AVGwFcqYCfJv.szdqxBNdtR7wZjO6T3bbmC JmDuKeUDShm139CmER0eh_lqwv4qr2xwQXX4_YO5endF.XmE8Wh.L7XQMa3l qg8HLXp506j9bcsgDje5azSRCa6_KivEyZ4BvRGCpmXFY2xYUNweftNmWuw1 9JysfXP4fD4V6if7r1G3IiXicVFvFseKfXtXpL97sLfVJaNSc6gc8wQA4d0M QWEtxgiOUvm92TXFWor3KM1wDgDZFeanKX15GRwuiL80NLo90unqORBSktBv SvCrE2nYfDNqMPs1sRPT9fb0TKV_EO019JZ1ePTsFmWE2owEXdcLjQVx6ePe nStdLNh5AHJ7Kz0whfDCcwWXGuXWaBPmzK6zmLVOO89AHzK0c1rQfqDBV4UE Tbb3C8sN9jcwOpl2mWNLUPgnKfjAz8.HDqWSc.zFoixwU.L7ZeRoMzNoh9fl HyJvPdclE1OxGJDJFML6JNZsHVBjKa0g0P18BFIeLz81xnRhiKQqiQ499qNd pHtDmph3AdBk1Nq_8kCqq2ihBJrKe5nbddMhwqfIUDog1q.LcofL5UiKk_8P LbzBnqCbBu4N.txrgR_1P3QV.Sg5TMAO6XK_c2a0A8N2ZtkGL0WjfinRctqw 05j6UWLM.K64Oqt5CI6K3np3G5HspOnwGs_BCN5NMjhrmv.ChHFjKLx2Qb6D AcBHuLkWI5tng_0.L5RnMI.mlNr6CuMcLfKJxPs7JUrIPgvl4Bm.wTFCkCei wmRs5QoveENB2qVBF9GADvkDQsuCBnaXh.OqMZfxgMSh5iXFrP1NoujqIamU Gld4TkR9TMEyptjW32Ksd39GBcVbJkr9fUDTNbyZsdebNnf2K1pvgUT1mPIe wK9F6aXoH6uEZzQn6TEa4CjG6JbjeWD2DnNLPApQxiEPR.U4WnEX.ZQuKpaB o1tT_zIEqji9xJzts0QQI82SU_5khePUKDF5o.oi_ziALXv7oaEQZUszMVjM cGsVfbZ0SQgkB03mHqsnCgNjhXX5zsgeFhrC3jr_f9oC082Mu55MwWZv20wN M9SNlPw2Mei2.wnsQj_y6VtBebCCiLaftALpizVv7eejwkVcN6rwnT68kE7x uKVaekvWBrFvfUYVmdrqlGwCq0YqXv5M_1o4JE_TJ5aui1jsN9c6Cn6M0KJW __fBXasyyOzPxtyNVinsC0qEsLs_bi9IufJK7YC3BGOD3SOLPoAyD4Uxwq5e cNKd5G0Jow-- X-Originating-IP: [173.201.192.104] Authentication-Results: mta1033.mail.ac4.yahoo.com from=office-techs.net; domainkeys=neutral (no sig); from=office-techs.net; dkim=neutral (no sig) Received: from 127.0.0.1 (EHLO p3plsmtpa06-03.prod.phx3.secureserver.net) (173.201.192.104) by mta1033.mail.ac4.yahoo.com with SMTP; Wed, 03 Oct 2012 17:43:06 -0700 Received: from BrianKHatcher ([174.26.168.64]) by p3plsmtpa06-03.prod.phx3.secureserver.net with id 6oiy1k00F1Pi1ri01oizwb; Wed, 03 Oct 2012 17:43:04 -0700 From: "administration" <admin@office-techs.net> To: <m_otto714@yahoo.com> Subject: Welcome To Office Techs Date: Wed, 3 Oct 2012 17:42:57 -0700 Message-ID: <006d01cda1c9$332ce0d0$9986a270$@office-techs.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_NextPart_000_006E_01CDA18E.86CE08D0" X-Mailer: Microsoft Outlook 14.0 Thread-Index: Ac2hyTK12yTgOYlcSXKi1jKriuWAbA== Content-Language: en-us Content-Length: 416574 email: Welcome to Office Techs! You are now part of a growing tech community that has access to field service opportunities around the country. You completed the first part of the registration and now you need to give us the following information to complete your profile. To stream line service delivery Office Techs uses Work market to dispatch and track work assignments. You will receive an email shortly from Work Market to complete your service profile please provide the following. 1. Picture headshot of yourself this is for the security of our clients . 2. Cell number and cell phone provider name (ie sprint, tmobile etc). 3. Any certifications you may have and the certification numbers . 4. Your skills and tools . In addition to completing your profile we will need you to provide the following information to office techs for payroll processing. W9( attached to this email) this is your contractor payroll information please fill it out and attach it to your reply email. Direct Deposit form (also attached to this email). Direct deposit is not mandatory but will speed up the payroll process. Please Feel free to contact us if you have any further information Office Techs Administration: 623-974-4115 . Thank You Office Techs Administration Team Toll Free: 1-877-202-1176 Local : 623-974-4115 Email: admin@office-techs.net

Has anyone ever tried one of these? I have more free time on my hands than I know what to do with lately, and I figured I would try something productive.

On a more realistic note, have you looked into an Asterisk server?

I had an annoying telemarketer that would call me constantly even after I pressed "2" to remove myself from their list. One day I decided to have some fun with them. So I pressed "1" to talk to a representative. At first, I let them think that I was intrested in their crappy vehicle warranty that they wanted to sell to me, then out of nowhere I changed gears on the guy and got hostile. Instead of hanging up on me, the guy got hostile back and basically wanted to fight me and ended up giving me the name and address of the company he worked for and wanted me to meet him in the parking lot. Which happened to be in a city right next to me not Colorado like my CID said. Back then I didn't really care about repurcussions so I drove down one Saturday, put on my hardhat, snazzy yellow vest, and my tool bags. "hacked" the lock to their electrical room which also contained the punch down block to their phone system and put about 50 flashing christmas lights on their system(I remembered reading somewhere that it would wreak havoc on the lines). Part of me wanted to get nastier and chop up an extension cord and splice in 120v to the phone system. I just wish I could have seen the look on the phone company guys face...... I know that you are in a similar situation as me in the legal sense, and I would never do this now or recommend any else do this. All I am suggesting is to have some fun with the guys do a little recon and maybe post whatever you can find out for other people to have fun with.