-
Posts
4,005 -
Joined
-
Last visited
-
Days Won
210
Posts posted by digininja
-
-
Why are you doing this?
arpspoof -i wlan0 -t 192.168.1.1 -r 192.168.1.1
That will spoof 192.168.1.1 to itself because of the -t and to itself again because of the -r
-
It's always fun if you have the time and cash but I know how little password cracking I need to so really can't justify a noisy physical box.
Ophcrack still usually gets me enough despite being way from state of the art. Beyond that the GPU in my laptop does Hashcat well enough for the of other hash type.
-
Just throwing this out there as another option, my GPU rig is in Amazon. Costs peanuts to run and doesn't depreciate.
-
We'd be happy to have you. You'd get to meet Cooper as well as he does our AV.
-
For anyone in the UK who fancies a trip to Sheffield in July, I've just finished updating the SteelCon website with all our ticket and CFP information.
-
"any thoughts?"
Yes, ask them if it worked well and if it was easy to set up. If it was, check if it's compatible with your rig, if it is then you've found a card that will work. Log the specs and the price.
Repeat the process with other recommendations from people with working cards then when you've got a few to compare, buy the best you can afford.
What I'm trying to do is to save you from buying something that is recommended by people who don't really know what they are talking about or who don't have up to date knowledge of what is out there. Get to the Hashcat forums and ask on there, you'll get a much better set of replies from people who are actually using this kit.
-
No. It is ones that support the features required by the tools that are to be used. I don't know what the definition of a "Professional GPU" is but if it isn't supported by the cracking tool or the OS or the motherboard then it isn't going to be any use.
Check the tool you want to use and then go to its site or forum and see what they recommend. That may be an amazing gaming GPU, it may be a dirt cheap "Professional" GPU that no one has ever heard of, it may be a pair of two cheap ones that do better than one single one.
-
6 minutes ago, haze1434 said:
Also, I disagree. Modern gaming means that the graphics cards designed for this have to complete a lot of mathematical computations every second. Which is exactly what you want in a password cracking rig as well.
I know this is way out of date but have a look at this thread from the Hashcat forum, it describes an Nvidia card which is better for gaming but is worse than the AMD equivalent for password cracking.
https://hashcat.net/forum/thread-2181.html
The same still holds true today, both types of cards are designed to do the same things but they do them in different ways, some work better for games, some for cracking.
-
Again, no. Being good a gaming is not necessarily being good at password cracking. They can be the same thing but not always and you don't want to spend a fortune on a card that doesn't work.
Go to the Hashcat site and check their lists.
-
Don't know, haven't read any security books for a long time.
-
If you want to understand how exploits actually work then for a lot of them you'll need to learn to at least read different languages. Get yourself comfortable with Ruby and Python then go to exploit-db and pick some to play with. Most will have a link to the write up on how they were found and what they do. If you can read the source you should be able to start to understand what they are actually doing.
If you have some cash to spend, look at the courses on SecurityTube, they do all sorts of good stuff.
-
Google "metasploitable walkthrough" and you'll get lots of help with it.
-
Depends on the situation, I'm on a test at the moment where I popped a box and managed to pull the local SAM. I brute forced that to get the password for an account that was reused across the network. This is a test being done quietly with only a couple of people in the security team aware it is going on, going to them to ask for the password isn't in the spirit of the test so I have to get it myself.
Don't mix offline and online brute forcing, a lock out policy has no affect on offline brute forcing using GPUs and GPUs don't help with going for an OWA login.
-
You just have to be careful about support. Advice swings between nvidia and AMD and some devices aren't supported or don't work as well as expected.
Not always the highest priced or highest gaming spec is best.
-
Have a look at the Hashcat site, they regularly do reviews of what GPUs are working best with their app. You are also more likely to get a good answer asking in their forums.
-
With a lot of hacking you could probably do it on the command line in bash but I'd do a ruby or python script to wrap it all. That can tail the file and parse anything you want out of it.
If you want to use bash, look at cut, that will let you break the line down into bits which you can then reuse. Or sed might be better, you could use that to do match and replace to build a whole new command.
-
Please don't ask for information on acts that would be illegal in most, if not all, areas.
-
Tidy it up then publish it and drop links on some of the crypto and bug bounty forums, you'll probably get some feedback from there.
-
Depends on the threat model, for secure comms I'll trust something like WhatsApp or Signal that has had a lot of peer reviews and is trusted by people I trust.
If you are sure about your systems then open the source up, let it be peer reviewed, that is the only way to get complete trust.
-
I'll happily hold my hand up and say that I'm no where near smart enough to build an app that I would recommend anyone uses to transmit or store sensitive information. To do that well takes a lot of work by people who know the field inside out.
If you want to get the tinfoil hat out over monitoring of existing tools, how do we know that you aren't the CIA trying to get us to use your tool that has build in backdoors? Sometimes the most innocuous of errors, an = rather than == can make a huge difference.
-
What would the advantage of your app be over WhatsApp or Signal?
Developing solutions that include crypto is hard, those two apps have had a lot of work put into them and a lot of public scrutiny.
-
Tell us more about the app, who is it aimed at? What is its use case? What are you trying to achieve with it?
Are you potential users likely to be targeted by the CIA?
-
Put the effort in and persist, you'll speed up soon enough.
-
Basically ARP packets (not packages) are layer two and so don't leave their network segment. If it is a bridge, then it would probably be considered a flat network, everything on the same subnet, and so ARP packets would traverse all across it. If it is routing (acting as a NAT device) then packets would not traverse it.
To work out if it is bridging or not, probably the easiest way is to look at the other devices on the network with you. If they are all wireless except the AP, then you are probably on a wifi subnet and so the AP is a router, if there are wired devices as well then it might be a flat network.
You can also traceroute out of the network and look at the hops. If it goes from your internal IP to an external then it is likely a flat network, if there are multiple internal IPs before the external then there is some routing going on.
Lots of possibly and likely there as there are always exceptions, you just have to learn to spot them.
Arp Spoofing turned Dos?
in Security
Posted
You should never run a command without understanding what it is doing. Look at the man page for arpspoof and it will explain what the flags mean and what the IP addresses are representing.