vailixi

It would be nice to find a way to trick the client into logging in. Many mobile devices will log in on an access point that is familiar. But bear in mind it doesn't really need to authenticate. If the client manually hits the access by mistake that will work just fine. Then I'll just exploit the client and dump the stored passwords. That was the idea anyway.

VPN to home is always a better option for sure. Still curious. Thanks for the link. I will check that out.

Grab the source code from a first person shooter and adapt it. Maybe you can find some 3D building models to add in. There are FPS creators. Better yet make it 3D but out of Matrix code.

I've been seeing some trends in external graphics cards for gaming. Have any of you guys used PCI/PCIe expansion bays or GPU docks for cracking or mining? What has your experience been like?

Is there a newer version of mana-toolkit? Was that forked into something else? Anybody using that lately?

hypothetically create a fake access point have antenna on highest power setting so the client will log into your device as most clients will attempt to log in on the closest or highest signal death client on actually access point client logs in on your access point use arp spoofing use http code injection or maybe make the client think your package is an update own client machine steal stored wifi passwords from compromised client profit

I wrote a script to create a directory for my locally stored webpages. Once you have a bunch locally stored webpages it starts to come in handy. Or write a script that will wget all of your bookmarked pages and store them to your local machine. I wrote some scripts for reinstalling all of my software packages at some point. Haven't updated it for a long time. Generating and sorting wordlists or email lists, your address book. Post to blogger or facebook from BASH. Or better yet post to every social media site whenever you make a new blog post. Directory submission scripts. A script to view random profiles on pof so you can get a date. Or Linkedin or any site where the user account number shows and the site shows users who viewed them. Same concept as follower churn on twitter. (You can't do that anymore.) script a hack from start to finish make a photo gallery website from all of your photos a script to boost your popularity on a top site write a script that uses voice a screen reader to tell you that your are sexy or some other random comment at random time intervals.

The USB hack idea is not a bad one. If the taser has a usb charger It's a possibility that it will be plugged into a computer at some point. Maybe. But if you left a taser in a locker room and you left a flash drive, which do you think would be more likely to be plugged into a computer. IDK. People plug those cheap vapor cigarettes into USB ports on their computers. Those things are known for delivering malware. The taser things is not a bad idea as part of a hack. Hacking the police is a really bad idea though. But if you make a taser that can deliver malware please share your hack. The idea of a less lethal weapon is missed if you are upping the voltage. If you want a lethal weapon buy a gun.

I tend to agree. I just wasn't going to say it. I don't want to shoot down anyone's dreams. kek

I'll look into this. I'm not any good at phones. I got the phone fixed. I thought It is was going to be a bit more work than it was.

Yeah, I think are talking about compat wireless. https://wireless.wiki.kernel.org/welcome There's also a ton of compatability information on the aircrack-ng site. My devices have all been plug and play thus far. I haven't had to edit config files. Certainly haven't had to build a kernel. I'm satisfied with the kali 2.0 user experience.

Find a lawyer who needs d0xxing or skiptracing type work done. It's easy work. Make friends and trade services and get the legal paperwork and consultation you need. Have a really specific contract that lays out the scope of the test and what machines are in bounds. First piece of advice. Stay off the radar. Don't let anyone know when you will do the penetration test. Just do the hack and report your findings. Destroy any and all forensic evidence that ties you to the action. If they decide you did something illegal they will have a hard time making it stick without ANY forensic evidence. Use a junker refurbished computer. Use the wifi to get on the network or log in from some place public with no cameras around and laptops are pretty commonplace like a coffee shop. If a person were concerned about legal issues. Be a ninja. Treat it like a real hack.

Anybody good at this? I tried to open a VNC session via metasploit and I get this popup with a bunch of steps. I'm not sure I'm following correctly. Is the payload I want to use: windows/vncinject/bind_tcp ? Is there a good walkthrough for setting up the VNC?

Thanks for the suggestions digip. I'll have to play with this a bit more.

My brother got some ransomware on his phone. I would just encrypt and factory reset a couple of times. But I can't access anything on the phone. Any time I try to open up settings it just pops up this fake FBI thing. I need something like DBAN but for an android phone. The only other device I can see it being able to boot from is the micro sd card. But can this thing network boot. Is there a way to boot android any kind of recovery mode? I don't really phones all that good. Ok so I figured out how to boot into safe mode and factory reset the thing. But hey, are there some other nifty ways of gaining access and wiping? Like say I wanted to install ubuntu phone or kali nethunter. There always seems to be some old phones just taking up space in a drawer around here.

ALFA devices are web supported on Kali 2.0. I'll assume you have the extensions pack installed. If not download.virtualbox.org/virtualbox/5.0.2/Oracle_VM_VirtualBox_Extension_Pack-5.0.2-102096.vbox-extpack Then it should just be settings, install a USB device in the section named USB. Third tab from the bottum. Click the "+" and select the device. I'll probably have to do a virtualbox install and see where this leads. I'll get to this a little later if you haven't got things up and running by then. It should be something like the following as far as commands go. Won't do any good if you can't get the USB device to work in virtualbox none of the following will be of any value to you. ifconfig wlan0 down macchanger -r wlan0 ifconfig wlan0 up airmon-ng start wlan0 Notice the newer version of aircrack will name the monitor interface wlan0mon instead of mon0 or something like that. Though I'm kinda confused as to why. So then it's airodump-ng -w <filename> <interface> Where <interface is the monitor mode interface> If you are having signal strength issues. ifconfig wlan0 down iw reg set BO ifconfig wlan0 up iwconfig wlan0 channel 13 iwconfig wlan0 txpower 24 txpower can be up to 30 be depending on where you live there are FCC regulations and such. ifconfig wlan0 up Update: I tried getting the latest Kali build to install in Virtualbox. I'm getting some error about part of the install failing. Sorry I could not be more helpful with this.

Here's a playlist for newbies in web applications hacking.

This is a really good idea. I should get one of these things myself. My gears is either in my bag or thrown in a drawer when it's not in use. It's kinda a clusterf*@ck most of the time. Not to mention that organizer looks pretty squared away when you go on a service call.

The best way to be really anonymous online is to go to a coffee shop in another state. While you're there, buy offshore VPS hosting with some form of cryptocurrency. Don't use your regular email or give any personals about yourself on the account. Then set up your VPN or proxy servers on that. Or make friends with someone in Serbia and send them a free computer with the agreement you can use it for a proxy. Right now I don't have the network speeds to really want to use a proxy.

Totally. The fix was pretty intuitive. In the newer version of armitage, it walks you though what it needs if it's down(if up to date) with a pop-up explaining what to do if on kali 1.x or 2.0

If you didn't want to go with Pelican you could also just get something like a DeWalt toolbox from Home Depot and waterproof it. Pretty much any cheap powertool box like a box from an impact driver would probably work for this. But by the time you go ahead and waterproof the case and mod it you might as well just buy the pelican case. This 1300 starts at $49.50 http://www.pelican.com/cases_detail.php?Case=1300 That's really not to bad. I don't know if I would spend the money on a ubiquity antenna. But if you have it and you need the tax write off. They are everywhere. You just pull the guts out of the center of the dish and put your wifi antenna in there. That's a pretty good directional antenna. There are some pretty good 24dbi antennas you can get for about $49. And some boosters. I don't think I would spend $1100 when I can build it for $200-400. But if you have more money than time or if someone else is paying for it then go with the expensive goods. If you just need it to work and security isn't a major concern you can just get an old router for $5 at a thrift store then through it in a 5 gallon bucket and run an extension cord, SMA, and ethernet out of it. So really you could do it for like $100 if you wanted to go really MacGyver.

I'm getting an error about an exception occurred during a web client request. line 1 char 47.

I'm trying this Powershell thing on Windows 7. Powershell (New-Object System.Net.WebClient).DownloadFile('Url', Path) Sometimes I'm getting an error like: The file name, directoryname, or volume label syntax is incorrect. Or I get an overload error. What am I doing wrong? I've never really used powershell.

I have a AWUS036NEH. It's pretty nice and it is well supported these days. And it's a 6 mode device. I have used TP Link PCI/PCIe cards and they are pretty nice. They seem to have really good signal strength. I could always get a deauthentication on the first attempt with only one request with the TP Link wireless card. With the ALFA card it is like 5 deauths and get the capture on the first try. Not really a big difference because it's still only one command. I haven't messed with txpower, iwreg, and MTU size on the ALFA so I might not be giving you all of the goods on my evaluation. Shortly I'm sure you'll be happy with either device or both.

Hypothetically speaking. Use an SQL statement to gain access to the administrator account credentials. Log in as the forum admin and delete the post. But quite honestly if it is your post on the forum, you could probably just PM one of the mods and ask them to remove the post. Most forum mods are pretty good about stuff like that.