vailixi

Cooper, so if my filesizes are even multiples of pagesize and block size that would be more optimal? 4k, 8k, 16k, or 64k filesize? I agree. Rainbow tables are awesome. I'm just working on something new. Also is there an easy way to port a rainbow table to a text file or database?

So I came up with a fun way to look up hashes. This is what I came up with. You can write the hash / plaintext pairs to individual files named for the hash but without a .txt file extension. So the file looks something like this. 7dff371b14986821e1778231479afdf93e698fa0 donkeypuncher And the filename is something like this: 7dff371b14986821e1778231479afdf93e698fa0 Here's a simple script that does this with sha1 hashes. This could pretty much be any hash type. #!/bin/bash cat all.txt | while read line do echo $line | openssl sha1 |sed -e "s/(stdin)= //g" > temp1.txt echo $line > temp2.txt cat temp1.txt temp2.txt > temp3.txt donkey=$(head -n 1 temp3.txt) cat temp3.txt > "${donkey}" rm temp1.txt temp2.txt temp3.txt done So basically you read through the wordlist and create a plaintext hash pair file for every plaintext in the list. An easy result. cd into the directory where you stored your hashes and cat out the hash. That simple almost zero lookup time because you're just calling a file. Cooler still is you can upload them to a web server and you or anyone else can lookup hashes in a web browser. Just type in the address. yoursite/hashtype/hash If you get a hit it's your plainext/hash pair. If it's not in your dictionary you get a 404 error. Or for extra added awesomeness you can create an HTML file for each with propper titles, tags, etc. Make a site map and pretty soon people will be able to lookup your hashes on Google. The cool thing here is you don't have to cat sort sed nawk grep split or generate new tables when you add words. You just more your new text hash pair files into the directory where you have them stored. You can skip or overwrite the existing and store the new files with little hassle. As an added bonus all of your friends can use your lookup files. The main problem I'm running into is hosting. I'm looking for cheap host that will let me pretty much store unlimitted files. If you are interested in working on something like this hit me up.

I don't really plan to use deauthentication. I'm going for something a little more covert. If the client is out of antenna range of the AP and my AP is within range the client will attemp to authenticate if it is set up to automatically authenticate to known access points. Once again I just want them to authenticate to the AP so I have the WPA key. I'm not doing MITM or exploitation beyond that. At least for the time being. Also I'm getting some errors with tshark about wireshark permissions. Anybody know how to fix that?

Does Pineapple do this already? I'm looking for an easy way to get the BSSID, ESSID, Channel, encyrption, cypher, auth, etc. Just the info I need to create a rogue access point. The end game here is to create a scripted way of capturing the access point information and creating a rouge access point on the fly. So you could walk around a given place and create a clone of each access point and test wireless client security settings in mass. Basically check any of the clients to see if the connect automatically box is unchecked. That or obviously you could use it to get a lot of WPA keys quickly if provided the clients and access points are within the scope of a given test network. Obviously you could filter the MAC addresses or MAC prefixes to make sure. I was looking for an easy way to get an ESSID list from a capture file. Open up the pcap in wireshark and convert it to plain text then mess around with some bash. Sorry in advance for my grep statement. I suck at regular expressions. grep -hiro "\b[S|s]\+[S|s]\+[I|i]\+[D|d]\+[=]\+.\{2,37\}\\b" handshakes.txt | sort -i | uniq -u | sed -e "s/SSID=//g" > essidlist.txt

If you use an ALFA dongle and you have installed drivers on recent version of Kali please post your command line history segments that are relevant and any comments. If you have never installed backports or the ALFA drivers on anything don't bother responding. I can't get any of these packages to install on Kali Linux 1.1.0a 64 bit. 2011_0719_RT3070_RT3370_RT5370_RT5372_Linux_STA_V2.5.0.3_DPO won't build backports-3.10.17-1 won't build DPO_RT5572_LinuxSTA_2.6.1.3_20121022 won't build I'm not sure if I need to install some other dependencies. Sorrry for not posting error messages.

Another tool for the pentest arsenal. Seems like there is a new hack tool or script every day.

What should I set the timeout at?

This is what I did. I tried a bunch of different proxies. I really can't see why this didn't work.

Cooper is there a way to automatically cache IPs of most major sites and store them in a local DNS cache, or to import a large DNS cache into my local machine so as to query DNS from remote computers as little as possible? Also thank you for your input on clauseable deniablity. Not that I'm doing anything wrong. But Marxists everywhere.

How do I set up proxychains without using TOR. I found a few tutorials and did what they said. But when I run proxychains application it just doesn't connect or times out. How do I fix this?

If I don't want my ISP or anyone else for that matter to know what websites I'm looking at, can I store all of the IPs on my machine so I don't have to make DNS requests whenever I'm looking up a site? I'm not sure where is the best place to start. How do I set up a local DNS server? What is the recommened software for this? How do I set up DNS proxies? Where's the configuration file typically located on a Linux machine? And what are the steps I need to take to set this up? Also how do I test my anonymity?

Very nice answer! PAM modules is what I wanted. That is easy.

I thought of a cool random project. I wanted to disable root unless a specific usb device or multiple devices are plugged in. Better still a device with a specific serial number and some files containing passwords or keys. I had read that there are some udevs files you can edit and edit usb.c parameters. Is there a preferred way to go about this? Or maybe a .conf file that can be edited to make this happen? Basically I want to lock out all devices except usb keys with certain serial numbers then block root access or any login unless the usb key is plugged in. Is there an easy way to go about this? Is this easy to bipass?

A friend of mine runs a port dock. It's open at night but there's nobody there. He called me and had me look up information on some burglary suspects on two occasions. I came up with the idea of running a machine in monitor mode that would save all of the client MAC addresses to a text file? Hence a log of all of the telephones that had been in the area within a given time frame. This place gets broke into so much it could be like "bait car" or one of those reality shows. Anyhow just want to montitor clients and log MAC addresses to a text file. Any of you guys done this? I'm not sure if I can use listen in conjunction with airodump or something like that. Any help would be awesome. OK edit here: Kinda slipped my mind on the --write option. airodump-ng -w clients mon0 Then read the csv output if you want to get a list. Not a super pretty display but all of the information is there. Are there some more ways to interact with this output.

I saw switchblade and hacksaw on one of the older shows and it looked like a fun project. I tried looking in the wiki and the page is no longer active. I was wonder if there was still some good documentation on USB hacks like this for a regular USB key that is not a keyboard emulator. That or for CDROMs. It's really the silent autoexecution part I'm interested in. Thanks in advance for any help. Sorry if this post seems kinda unrelated as it pertains to non-keyboard emulating usb keys.

This became very informative. Thanks guys.

Say I want to send a text file to a friend over the internet. I want to encrypt the file so nobody can read it without the key. What type of program should I use to encrypt single files? What if I want to use multiple layers of encryption? Anybody have some ideas?

You're definately right on the storage. I'm going to figure out another way to do this.

Gives me a better understanding of what is going on. You seem to have a pretty good understanding of this stuff. So hypothetically. I have about a 120GB worth of wordlists. I want to create all of my various hash types and store them in a array of drives. What kind of file should a guy use for lookup tables? Basically I want to be able to create a block of memory for each entry that is the same size so I can use some kind of exponential function against the hash to calculate the memory location of the corresponding plaintext value. In short say you have an 8 character wordlist and a corresponding hash value that is say 32 characters. All of them are alphaloweruppernumeric so it's like (62^8) + (62^32) different addresses. If I generate my entire list of hashes for the entire space and compare them to my list of plain text and hash pairs and insert the plain text value for each hash that has a corresponding value within the wordlist. I can accurately calculate the memory location of the hash and string pair and get a match. I'm pretty sure that would be about the fastest way to get a match. It would be faster than reading through a bunch of files and running comparison operators on every entry. What types of files would be good for storing this kind of stuff?

This script is epic. Definately going to link to your Google code page.

Great script. I like it. I might add a function to randomize the order of the proxies and the times each is used within a given 24 hour period so the hits look more like unique visitors. Maybe running a random integer against the total line count to read and set a radom proxy or loading all of the proxies into an array and using something like a shuffle function change up the order kinda like you did with the referrer ('Referer', random.choice(referer))] I'm not up on Python but here's something like what I'm talking about. Adding sleep for a random amout of time between page hits is also not a bad idea. time.sleep(r) Having a bunch of hits from a long list of IPs in the same order every day is going to be a dead giveaway that it's bot traffic. But nonetheless good idea.

I have a pretty good idea how to write out hash/string pairs in from a wordlist or with nested loops in C++. I'm fine with saving this stuff to a text file because I've been loading the stuff into MySQL tables so I can search for them easily. But I was curious about how one goes about creating rainbow tables. I want to write my own lookup tables mostly for a better understanding of how they work but l also want to customize the way the program looks up a hash. Can I just convert a delimitted text file to .rt or .rtc? Basically I have figured out how to write out texts and hash but I want to take it a little further with a way to put them into a lookup table and index the memory locations into a hierarchical structure kinda like you would do with hyperlinks on a web site. So for example my hash is something like ZzaFDGwfhi423i9E7xz81a... it will start searching at ZzFD... instead of searching through the entire table starting at AAAA or whatever. Also do table lookups already do this. I would think someone else has already thought of something like this an implemented it. It seems like using the memory locations for certain strings as starting points would cut the search time exponentially. I really don't know that much about lookup tables to begin know what the best way of going about this. Can anybody point me in the way of some suggested reading on the subject? Here's some simplified examples of what I've been doing. //Simple example that converts a wordlist from plaintext to plaintext and hash pair tab delimited. #include <string> #include <sstream> #include <iostream> #include <cctype> #include <fstream> #include "md5.h" using namespace std; int main () { string line; ifstream infile ("/path/file.txt"); if (infile.is_open()) { while ( getline (infile,line) ) cout << line << char(9) << md5(line) << endl; infile.close(); } else cout << "Unable to open file"; return 0; } Might be wrong I just grabbed a bunch of stuff and copy pasted from some of my source without including a lot. //Simple version of a string generator that uses nested loops to run through and echo out strings in order like brute force. #include <iostream> using namespace std; int d = 0; int main() { for (int a = 97; a <= 122; a++) { for (int b = 97; b <= 122; b++) { for (int c = 97; c <= 122; c++) { for (int d = 97; d <= 122; d++) { //only does four characters if you want more make more loops. cout << char(a) << char(b) << char(c) << char(d) << endl; } } } } return 0; }

Forgive me for sucking at Visual BASIC syntax. I've done some of this stuff in QB64 and Visual BASIC 2010 but it's more than a year ago. I switched over to Linux completely and learned C++ after my last experience with windows and loosing 500gb of downloads. But hopefully this give you some ideas so you can at least start looking things up on Google or YouTube. Pretty much you want to use a fileReader. fileReader.ReadLine() this is probably what you want to use but basically loop through the file where file != eof Line by line then run the comparison operator. If textbox1.text ==myword then IDK make the label show the word that matches Optionally since the wordlist is so small you can store the words in a string rather than looping through the wordlist. But open file dialogues in VB aren't difficult. If you want to make a whole bunch of words just use nested for loops to go through integer values in the range you want and output the ascii value using the a char variable. Like this maybe DIM a as integer for a = 97 to 122 print char(a) or is it char$(a) next a or is it just next nested loops is the same just for a = 88 to 127 for b = 88 to 127 for c = 88 to 127 print char©;char( B);char(a) Not sure on syntax it's been a long time might be char©&&char( B)&&char(a) or something like that you'll have to mess around with it Dump the variables into a single string comparison operator output something if string == keyword or run something like write all of the outputs to a list next next next If you are going to run a hashing function against the output you'll have to do a variable dump first. Basically you need to concat all of the chars into a single string variable. but you can print "keyword" &&char(a)&&whatever Of course there's a lot of other cool string manipulations you can do in Visual BASIC I'm just not sure what they are. Also check out some tools aleady available like john, hashcat, burpsuit, and crunch have some function similar to what you are talking about. But most of the good linux programs are written in C.

Does changing MTU size effect the efficacy of deauthentication attacks or anything else? I noticed there is some code related to MTU size the aircrack suite source code. There's also a linux command to change MTU size. I don't really understand what MTU size is and what it does. But someone had told me MTU size effect deauthentications. Suggested reading?

I want to learn more about hacking. I have heard about free hacker spaces. But whenever I look those up on Google I find a nice long list of broken links. Are there still any legal hacker spaces open?