Jump to content
Hak5 Forums


Active Members
  • Content count

  • Joined

  • Last visited

  • Days Won


About vailixi

  • Rank
    Hak5 Pirate

Recent Profile Visitors

2,419 profile views
  1. I want to automate an SSH login. I was looking at sshpass or expect. But I haven't been able to find a working example of either. Anyboy use either of these? Also something of note. I don't know the hostname of the remote machine yet. I'm trying to get that in an automated way as well. I've tried raceroute, smbclient, nslookup, host, arp, and finger. Expect needs to expect user@host before it can send any commands over SSH but I don't know the hostname at this point.
  2. No dawg. why would you think I'm trolling?
  3. That's pretty much exactly what I wanted to do.
  4. So I want to audit a few SSH servers. I want to save the output of THC-Hydra to a file then use the out of the file as variables in the next step of auditing. Trying to automate this this as much as possible. hydra syntax: hydra -o /root/Desktop/cracked.txt -l donkeypuncher -P /root/Desktop/thepassword.txt -s 22 ssh I want to use the output from the saved text file for the next step. I can get this a number of ways. this is simple. cat /root/Desktop/cracked.txt | tail -1 I get this output here:: [22][ssh] host: login: donkeypuncher password: fistingtiffany I want to pretty much save the host, user, and password variables so I can use them in my script in the next couple of steps. How do I go about this?
  5. ALFA is a good all around wireless device. I have the AWUS036NEH and it has never failed me when doing actually wireless hacking. I was using TP-Link and PCIe cards. They work fine for running deauths.
  6. I need web hosting. I've tried ordering from the some of the major hosting companies lately. I've had two of payment gateways just repeatedly fail. Just looses my payment information or my account information. or it doesn't like my credit card or paypal doesn't work. I'm really sick of it. So I'm looking for a smaller business to host me. Where I can send you an email with my account details and you send me back a login and the nameserver I can point my domains to. Preferably you accept PayPal. And Go!
  7. So you have a lock system that runs on 176khz. What kind of device would be used to capture RFID card information. Basically you swipe the card in from of the reader and it lets you in the door. I don't know a lot about access control systems and I'm kinda curious. Is there much security on these things or are they a lot like a garage door opener? I curious about auditing them and I also curious about things you can do to make them more secure. Any thoughts?
  8. Is there a way to get verbose errors whilst debugging javascript? I had written an application in C++ and I'm porting it to javascript the only thing is javascript doesn't like some of the strings and just wants to throw an error. I looked up how to remove non-English characters a bunch of different ways. Not really sure what I'm doing wrong. It just says SyntaxError: missing ; before statement It links the line and thats all well and good but it's a string array with about 14,000 strings and where that missing ; is supposed to be I'm really not sure. Is there an IDE for javascript that will give me better error messages or some bash-fu I can run on the javascript files to remove the array elements that are not compatible? Also is there a maximum array size in javascript?
  9. i wrote this kinda random inappropriate but probably funny emo band name generator. There's not much code to it really. It might be a good example for a newb coder for creating random numbers and using them to access items from an array but other than that it serves no purpose. Just for fun. Looking up the names and such was most of the work. I hope it makes you laugh. git clone https://github.com/vailixi/Emo_Band_Name_Generator cd Emo_Band_Name_Generator g++ -o names.o -c names.cpp && g++ -o names names.o to run ./names
  10. I was just uploading files to drive and I was a little annoyed that my entire upload stopped to ask if I wanted to overwrite a duplicate file. The fact that firefox knows it's a duplicate file makes this a trivial point in programming. Since it knows the file is duplicate it should know what files are already on the server. If the file you are uploading is duplicate it should wait until the end to ask what you want to do with the file and upload the unique files first that way the entire download isn't stalled until you manually click the dialogue box asking if you want to overwrite the file or skip it. Just skip the file until the end of the upload. If you don't click the dialogue box within X seconds it just defaults to only uploading the unique files. I should code this option into a browser object and make it work just as an example. I'm just not really sure where to look for conditional http request. Anybody know of an arcane network programming book that covers topics like this? Better yet is there an implementation of this already somewhere that I can borrow code base from? Anyway what do you guys thing about this idea?
  11. Collecting probe requests

    I was reading though this post on the old backtrack forum: http://www.backtrack-linux.org/forums/showthread.php?t=25343 There's some useful BASH there that will output the stations #/bin/bash wlaninterface=eth1 outputprefix=output sleeptime=30s maxclients=20 rm $outputfileprefix*.csv &> /dev/null airodump-ng -w $outputprefix --output-format csv $wlaninterface &> /dev/null & sleep $sleeptime kill $! grep -aA $maxclients 'MAC' `ls $outputprefix*.csv` \ | grep "$1" \ | sed -e '/Station/d' -e 's/,//' \ | awk '{print $1}' > list_of_station cat list_of_station You can just use something like sed to replace the : with - and cut the second half of the mac off then loop the csv file clients and output the oui from /var/lib/ieee-data/oui.txt for each client I'd write the whole function but I gotta go to work. Hope this helps. It's a little simple than all of the code that was up there.
  12. Collecting probe requests

    I don't know if this had been covered. It's early in the morning and I'm always fully attentive until I've had coffee. There are 14 channels on wifi. Not sure which are used. Usually only 1-11 are used. But you can set your router differently. Not legal in all juristictions. airodump-ng has a --manufacturer option that will create it's own column in the csv file you can grep out the station MAC and manufacturer from the OUI list you'll need to run airodump-ng-oui-update
  13. captive portal template

    @Mother I'm just going to say this one thing. When you talk about hacking you might replace the word "victim" with "target". Target seems the more appropriate and professional sounding.
  14. Actually yeah. You could probably create a list of emails with just the most common first names and last names and just create the emails like bob.holmes, bobholmes, or holmes.bob then append the domain at the end. Like the top 100 email providers like mail.ru, gmail.com, yahoo.com, etc. Then see if there is an email account associated with it. Or you could just create the email list and write a script to run searches on Google and Pipl for accounts. Then you could pretty much create an internet phone book of virtually everyone who uses those email services and has a common name. Like a d0xxing engine. That would be kinda cool. Really doesn't sound that hard to do either.
  15. Faceboo users also have to accept the invite. So it would be like any kind of grey hat internet marketing campaign with success rates measured in percentages. So it's like dynamite fishing. Rather dynamite phishing. I know facebook only lets you have a maximum of 5000 friends per account and there is a maximum number of contacts you can have in gmail. The account used to add all of the friends may or may not get reported.