Ftb
-
Posts
34 -
Joined
-
Last visited
Posts posted by Ftb
-
-
Also, be sure to consider the video adapter if you plan on doing any hashing. An NVIDIA card may be a smart option.
-
Sounds a bit like FireEye.
-
That would be a good idea and have the remote machine email or text the result.
Maybe ftp the captured handshake to the remote machine, and have it set up to check a folder regularly and automatically hash what ever is in there and send the results?
-
Would it be possible to automate a process in an infusion to capture a WPA handshake and send it to the Amazon cloud server to get hashed by hashcat or pyrit?
https://aws.amazon.com/marketplace/pp/B00FYCDDTE
I imagine you'd have to have the AMI preconfigured, but for working in the field it would be a great tool I'd think.
Just thinking out loud.
Have a good day,
FTB
-
I wonder if this could be used in an evil portal application to remove the legal concerns of MITM attacks? Put a nice little disclaimer stating all traffic is monitored and recorded and encryption methods broken?
As you stated, people won't read the disclaimer, few people do.
-
http://www.theguardian.com/technology/2014/sep/29/londoners-wi-fi-security-herod-clause
Londoners give up eldest children in public Wi-Fi security horror showF-Secure’s ‘Herod clause’ experiment aims to show the dangers of insecure public hotspot connections
-
I had an issue with WLAN 2 after the recent upgrade, but not to the extent you're having. Upon using wlan 2 connect in client mode to my router, it would work then stop routing. I would just have to use one of the installed radios to connect successfully in client mode. It may be the USB adapter I'm using, it is a no name Alfa clone. When I have a chance i'll use the Hak5 adapter and give it another try.
So no routing at all when wlan 2 is even siting idle? What type of adapter is it?
-
You could run a linux box with two wifi adapters and emulate a pineapple. Load similar software to what the pineapple runs, don't have links handy, at work right now. It won't be nearly as discrete or portable as a pineapple though.
-
Coudln't you just use a pineapple and DNSspoof to redirect the site to on of your liking?
-
Good advice above from Cooper. Also, many people change their major through out their time in college. Maybe try the general Computer Science major at first and see which aspects of it you truly enjoy and specialize from there?
-
Sorry I can't help more, a bit of a novice myself; but here is a video that may give some insight:
Good luck!
-
PineAP is like the next generation of Karma, it uses new tools to overcome some of the security features some manufacturers have developed. There is a video on it from Seb and Darren explaining it. They'll do a much better job than myself.
-
Are you using the Karma infusion or the pine AP infusion? I believe it only works via Pine AP now.
-
Short, slightly sarcastic answer is the biggest mistake is hosting your own website at home.
Longer answer, you have to consider:
Keeping the box fully patched
The application is usually the weakest link so is that fully secure
The server must be fully segmented from your home network otherwise a compromise would give an attacker full run of your home
Does your ISP allow hosting? Some don't on residential contracts
Do you have a static IP or will you be using a dynamic IP service
Whats your bandwidth allowance and will people using the site affect you using the internet
Is the cost in electricity and time maintaining it lower than just paying a small amount of money to a hosting company? If you want to do that have a look at http://cloudatcost.com/ for very cheap servers *
Why are you doing it? To learn, to save money on commercial hosting or for something else?
Sure there are other things to consider but that is what comes off the top of my head.
* discount codes:
20% off all servers AqUVYbUXag
50% off all big dog (whatever that is) 7E9YRUzEZy
That's a great deal, I put in your email address for the referral, you should get a free server.
Thanks,
Bill
-
This one goes way back to '96 when I had my first help desk job for an ISP. The lady was using 3.11 and couldn't get her trumpet dialer to open. So I told her to move the mouse over the icon and double click, she said nothing happened, we did this a few more times, same result. I asked her to describe the icon, to make sure he had the right one, she replied " I can't see it right now, the mouse is in the way". I asked her what she meant, she then said ' I have my mouse up on the monitor over the icon and can't see it". yes, she was holding the mouse to the screen trying to click it......
-
Course summary:
"Thank you for signing up for A System View of Communications: From Signals to Packets (Part 1).
You are about to have first-hand experience building a communication system! We will guide you through the entire communication chain from a single source to a single destination. Along the way, we will introduce the effects of the communication channel, the evaluation of communication system performance, the importance of communication protocols, the use of equivalent representations and models, and the analysis and amelioration of the effects of noise within the communication system."
https://www.edx.org/course/hkustx/hkustx-elec1200-1x-system-view-1786#.VBhUZvldWCk
-
Hi guys,
I'm getting a 404 and generic wordpress screen when I bring up hak5.org. I imagine you know this, but just in case...
Hope all is well,
Bill
-
Holy crap! I haven't seen that crow since I was a little kid! My step-dad did ECM in the AF.
Awesome, I was in ECM/EW for 12 years. I was in the AOC for awhile too. Great field, I learned a lot.
-
Great quality, great Linux support. That's my reasoning at least.
The quality is there, I still have a fully functioning 366Mhz (IBM) laptop running w2k, I believe IBM/Lenovo were also one of the first big manufacturers to start funding support for linux.
-
I wonder if a sensitive spectrum analyzer could pick up something similar?
-
http://thehackernews.com/2014/08/stealing-encryption-keys-just-by.html
Thought someone might enjoy this.
-
I believe NVIDIA has better linux support, there are ATI drivers available, but just don't perform as well.
-
But here's the kicker: We're not actually stripping ssl. You asked for a non-ssl website and you got it. We just make it resemble an ssl website.
Good point, but the end user would still think they had encryption and therefore privacy. I'd be interested to see how a court would look at that, not that I'm encouraging anyone to get caught :)
If technology can stay one step ahead of the laws, there is always a gray area. I think in general though, most passive roles the pineapple can play are legal.
-
Just by going off my memories from classes, using SSL might imply a "reasonable expectation of privacy". So stripping SSL may be a violation, at least it would be a 4th Amendment violation if the government did this.
SDR Trackable?
in SDR - Software Defined Radio
Posted
I think they are detecting the output of the oscillator on the radar detector. I'm not sure if an SDR would put off such a signal; maybe if you had two you could use one as a spectrum analyzer while the other receives the signal in question and look for any data?