digininja
-
Posts
4,005 -
Joined
-
Last visited
-
Days Won
210
Posts posted by digininja
-
-
Any decent router/modem would not have the admin interface listening on the WAN side so default creds or not, they would not be able to access it to do any damage.
If you can get on to it in some way then yes, you could potentially install stuff and do damage, but that assumes it is vulnerable to an attack, there is an exploit available, and that there is something interesting that can be done after exploitation.
-
1
-
-
First, it should not be possible to connect to a router from the outside, the admin interface should be locked down to internal only.
If you aren't doing anything to do with the internet then there is no traffic to sniff. If all you are doing is writing a document in word then there is no network traffic generated.
If setup correctly, HTTPS covers all the connection, from first visiting the site, through logging in, and all your surfing. All of it would be encrypted and not visible. This assumes the site is setup correctly though.
-
Yes and no.
I'm going to assume web traffic here as it is easier to start with.
If a remote user gets access to your router then you have a lot of problems. Depending on the router the may be able to redirect traffic through things like DNS attacks and so your traffic to site X would go to their site rather than the real one so they would see the traffic.
But, if you are using HTTPS and it is set up correctly with HSTS or you don't accept invalid certificate warnings, then all they would probably be able to see is encrypted traffic which isn't much good to them.
The is a lot more to it than that but there is your starting point.
-
Show the output of an nmap of the box.
-
When you say "on location" do you mean on a different site? Can you connect to the windows share on the machine from yours?
-
It is exactly as the error message says, it can't reach the port xx.xxx.xx.x:445.
Assuming you are attacking your own machines, are you running one the has SMB enabled and if accessible from where you are?
-
On 4/17/2019 at 1:43 PM, psydT0ne said:
These forums are attracting more and more of this bullshit.
Admins should be shit canning these members accounts.
IMHO.
We remove all bad posts that are made and block accounts that are obviously spam as soon as we spot them or they are reported.
If you want to help, get reporting.
-
1
-
1
-
-
I don't know, but I wouldn't use Cain, it is ancient and no where near as efficient as any of the modern crackers. I also don't think it uses the GPU so your effort may be in vain anyway.
I'd go with Hashcat or John and if you want to use the GPU just do a live boot.
-
Contact the Hak5 shop but I doubt there is anything they can do to help. You should have checked the process before getting in to it.
-
1
-
-
Have a look through the forums and see what others are discussing.
I'm sure you understand the difference between legal and illegal acts, have a think about what you are posting, if it is asking about illegal stuff - like hacking someone elses server - then don't post it.
-
No, it is because you were asking for illegal things. Hacking Russian game servers is illegal and we don't allow questions about that here.
-
On 3/29/2019 at 7:59 PM, ToxicPhoenix said:
I'm looking for other forums, that are about hacking/modding etc...
I need other forums because there is someone called "digininja" that annoys me. Every time i write something he warns me... I don't even know what for (not detailed enough.
You keep asking for people to do illegal things for you on online games, I've explained this in at least a couple of PMs and in the warnings.
If you don't like our policy of not allowing illegal stuff on this forum, feel free to go elsewhere.
-
Whatever you are asking for it's probably illegal and not something we would help with on these forums.
-
Not an appropriate question for this forum.
-
1
-
-
They are supposed to be unique so you don't get replacements, you just get new tags, disable the old ones and enable the new ones.
-
1
-
-
Depends if you are looking at high or low frequency. The high frequency are the MIFARE style with encryption and stuff like that, the low frequency are the basic ones such as the ones used in stock control that only hand over a number.
It isn't a good idea to use the low frequency in badge systems but they often are because they are a lot cheaper.
-
Again, from memory, the number printed on the card is the number it sends over. The assumption is security through obscurity, an attacker would have to see a number and then create a card.
The other attack I've seen here is where a company buys a large amount of cards, much more than they need. They enter the full range into the badge system but then try to recoup some cash by selling some of the remaining cards. If you can get one of those, your number is already in the system.
-
It has been ages since I worked on RFID but from memory, low frequency cards often just contain short serial numbers and what is printed on the card is what it sends to the reader.
High frequency are smarter, for example MIFARE cards.
-
-
You don't install Tor, it is a service you talk to add a proxy, any application that understands HTTP proxies can use it.
If you've got deep packet inspection then I'd keep monitoring it and note what you are doing when it is detected, see if you can spot what apps are running.
I'd also run malware detection as malware often uses Tor to hide its C&C channel endpoint.
-
1
-
-
A couple of comments on this...
Don't disable things you aren't using, remove them. If they are disabled the files are still on disk and vulnerabilities still potentially exposed.
Rather than setting temp directories at 777, make them owned by the web server user and keep them at 755. This prevents them from being written to by other users, for example the mysql user.
-
You said your MD had set you this project, now it is because of a family member, all very odd.
All the things you mention use some type of RF, they may use Wifi, they may use bespoke. Give us exact examples of what you are looking at and what you want help with.
-
I've got a tool for that
-
1
-
-
You are missing a quote at the end of the lhost line breaking the rest of the script.
joomla
in Security
Posted
Why?
What version?