TheHackerNextDoor
-
Posts
73 -
Joined
-
Last visited
-
Days Won
2
Posts posted by TheHackerNextDoor
-
-
I like the ones with 'ananas' is their name. Seems much more inconspicuous than 'autohack/autocrack' :P
-
Well, my pineapple hasn't come yet and I am eager to develop. If anybody would create a new infusion, zip it, and send it to me, that would be great! Then I'll be able to start even sooner!
Also, the infusion needs a name. Thoughts?
-
Are you planing to deploy this in the wild? What if someone found the device. Storing the data locally could then be accessed. I would look into encrypting the data for storage as well as a secure "drop" point for the data that you want to retrieve. There are many scenarios that can play out.
My idea is that this would be as universal as possible. I will update my post with the option to store data, but not config, locally, remote MySQL, remote FTP, or remote FTPS.
-
Some concerns I would have is that using MySQL is that once a connection to the net and data is uploaded to the DB, the person that runs the network could potenetially see the DB connection as well as if you were to upload the files. Caution would have to be taken in the way you choose to store/upload your data.
I could have MySQL listen on localhost, and connect via localhost. Would that make it more secure?
-
I would agree there, since one of the domains seems down, maybe database whacked, but I have a screenshot of the old site before it went down.
No apologies needed. No one is trying to start an argument, just trying to be helpful so don't take it personally. Some of the info is probably spot on though and info easily found, like your interest in Raspberry Pi, electronics and radio controlled devices, but maybe you're running over someone else's machine, like minecraft, who knows...Votifier running? Proxmox on the host? Some info may not be true, may not even be your stuff, but your IP matches the domains reverse DNS the files are on.
I know of 2 domains already you host/hosted, a possible last name(if you used legit info when registering the site), possibly a sisters name, a friends name from school, and an email address(that is, if you managed to register the domain at age 11-13/14, which you'd probably need a parents CC or such to do, so maybe it's your fathers info we're looking at?).
Running a torrent server on port 53 to try and hide behind DNS, or is that someone else on the same IP or just file storage?
ie: Index of /Torrents Name Last modified Size Description Parent Directory - OSX-Mavericks.iso 05-Mar-2014 18:32 5.1G Pi- one hundred billion.txt 06-Mar-2014 08:35 93G pidora-18-r2c.zip 10-Mar-2014 13:12 492M raspbmc-2013-12-23.img.gz 10-Mar-2014 13:08 260M
Again, not an argument or anyone attacking you. Don't take it personally like its an attack on you, but we're only trying to help you understand that not everything you do to tunnel your traffic will protect you and has nothing to do with whether or not someone can identify you depending on what you do and say, and that not everything you do is protected just because you're on TOR or behind a tunneled connection. The above I posted may be your host's and whomever is hosting the services you registered the sites with so that may just be coincidental, but the possibility they are your files is also likely.As previously stated, I am behind Tor. They are obviously the ones running the exit node.
-
Hey Laptopdude and welcome to the forums!
I suggest adding the option to choose between bully or reaver.
The reason I suggest this is because depending on the use-case bully is much more reliable than reaver is.
Best Regards,
Sebkinne
Since you're one of the developers, are there any built-in APIs to communicate with the radios? It would be so much easier to run a command like getNetworks() and have it return an array, and something like setNetwork(string SSID, string PSK) to set it!
-
My old ham Technician's license text shows a Clark band antenna ( probably 12 feet across ) to pick up satellite transmissions from Skylab and Apollo missions.
I expect it won't be too long until SDR's get applied to decoding dish network or direct tv ( K band antennas, I believe ) ( which is illegal in the US, but legal in Canada, since the satt signal from Direct TV is illegal in Canada: that is, the signal is illegal, because Direct TV doesn't have licenses to broadcast into Canada. There is nothing illegal about decoding a direct tv stream in Canada. Many of my friends do, with full diplomatic immunity. ).
In any case, this is only speculation on my part, and the standard disclaimer of me advocating people respecting the laws in their respective jurisdictions applies.
I should also comment as I have commented elsewhere, that in the interests of safety, if you are using an outdoor antenna, don't leave it unattended and connected. Be mindful of things like lightning storms and k volts or Megavolts flying down your antenna line and into your dongle and computer. A direct hit from lightning is very impressive. I have a neighbour whose house was hit, and UPS, computer, all fried. The warranty of protection on the UPS explicitly excludes lightning strikes, any fires they may cause, etc.. So, just because you have a UPS, don't think you are protected 100% against lightning and please be careful with outdoor antennas.
And yes, by all means, have fun as well!
-Fuzzy Bunny
Thanks! I'm learning a lot on this forum!
-
Like didip said. Just was trying to point out that you need to watch what you post. The main reason i did it was for the last paragraph sentence in your first post.
Just to make a small example:
- I know you like gaming. Also hosted servers or tried to
- You have been recently looking into arduino
- Your interested in bitcoins but didn't really commit to it.
- Been using Tor a lot.
- From Canada
- First Name Stephen
This only took 10min of work. And its not even everything i found.
Okay, I do apologize for starting an argument, however some of those facts aren't true.
-
OMG just saw its a old thread.... GODDAMN can the new people stop making zombies :P
before doing anything make a full disk clone to be safe.The idea to run it virtually is your best bet for compatibility with new hardware. But you got the watch out for the hardware. Like if the server is controlling machines with a serial port or some special interface card. If that's the case then its gone be hard or not possible to make a VMSorry for bringing the thread back up. :P
-
Thanks for the help!
-
Actually, the exit node, aside from owning your own, can be sniffed, and your host, can as well if they needed to or were court ordered to hand over the server to law enforcement, which happens all the time. Unless it's something you ran from home, which just leads to your home ISP's IP, that is even worse in obfuscating your location, and even less your identity. Running one from your own domain, if someone else were to use your exit node, and do something abusive, in most cases, gives law enforcement reason to monitor and usually take over the site and watch whats going on, often making the exit node owner responsible for anything that happens on their exit node, which has happened in the past, things like child porn causing innocent people running exit nodes using the standard client from home and having their home machine being one of the exit nodes, only to be arrested when they weren't even the ones doing the viewing.
Point being, your information, personally identifiable, is easily found, and not based on whether your traffic is encrypted or not, so just because you're on your host's IP from your site, tor or not, ssh, etc, that traffic being encrypted doesn't keep anyone from figuring out who you are in most cases if you're openly speaking on a forum(s) and other sites.
Don't want to get into a debate over how "anonymous" you think you are and safe from being found or identified, but lets just say your footprint has already left a trail of bits with enough info to figure out who and where you're from, long before you joined these forums, and much of it is organized and archived around the web every time you post something.
Especially if you really are a minor, GuardMoony was trying to make the point of, "think before you post", especially if admitting to doing things possibly against the law.
Thread and topic isn't exactly going anywhere at this point either, so we can just leave it at that since the concept doesn't seem to be sinking in...
Edit: By the way, the whole concept of TOR, is so your IP is constantly changing** so using the SAME exit node, is like standing in one place at all times.
Fair enough. However, at no point did I admit to doing any illegal activities.
-
Thought this was stupid until I noticed I was supposed to click on the red dots. Yes, I hovered over them, but I got a LOT of information when I clicked! Thanks for sharing!
-
This isn't a security hole. I can almost guarantee that they won't solder the transmit/receive wires on. You wouldn't have an advantage at all. Unless you are talking about sending a high voltage jolt down the wire, in that case you might as well make an EMP.
-
Okay, so I was browsing a store website, and I found a $25 GIANT T.V. antenna. Here it is. As you can see, it has a frequency range of 47-862MHz. I am pretty new to the whole SDR thing, but I see no reason this wouldn't work. Can I point this straight up to receive from the NOAA satellite? How much is a gain of 10-13DB? What is the gain of the little tiny antenna that comes with the USB SDR?
-
Maybe I'm misunderstanding, but couldn't you use Clonezilla (http://clonezilla.org/) to copy the entire disk over to the new server and then expand the root partition after? Or do you want a fresh OS on the new server with the old software? Again, I'm having trouble understanding what you mean.
-
And that makes you anonymous how, Stephen? Surf much through your own domains shell too?
IP: 47.55.102.XXX
Hostname-Resolved: XXX.XXX.XXX.ns.bellaliant.net
Browser: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.146 Safari/537.36
Obviously, they are running the Tor exit node. HTTPS + Tor = Anonymous. The exit node can't sniff the traffic. That's what I was trying to say.
-
Coupling this with Karma, Jammer, and Autossh would be deadly!
-
Yeah. You're safe. All your packets are belong to your exit node.
/me shakes head and lols
Look up, see the https://?
-
You do know you just plead yourself as a potential criminal ?
In case it wasn't obvious, I was kidding about having some fun. I'm on Tor anyway.
-
Hey Laptopdude and welcome to the forums! I suggest adding the option to choose between bully or reaver. The reason I suggest this is because depending on the use-case bully is much more reliable than reaver is. Best Regards, Sebkinne
I've updated my post.
-
In my community, there is 1 big ISP. We'll call them ISP A. Almost everyone in my area uses them, including me. They give everyone the exact same router, just with a different password. But guess what? They all have WPS! I logged in to my router, and sure enough, there was a WPS key! Is there such thing as limiting the number of attempts on a key? If not, about 99% of my community is vulnerable to reaver. Not that I'm going to exploit that, or anything :D
Silly ISP/Community!
-
I have an idea for an infusion. I will begin writing it as soon as my WiFi Pineapple arrives, but I want to know more features I should add.
Here is what is does
-----------------------------------------
1. Scan networks
2. If open networks are found, connect
3. If no open networks are found, launch reaver/bully and begin cracking a vulnerable network
4. Once cracked, record login information and connect
5. Make sure it can connect to the internet
Configuration options
-----------------------------------------
Crack networks no matter what - Boolean
Stop once n networks are cracked or there are no vulnerable networks left(0 to disable, -1 for all) - Integer
Run commands once internet access is achieved - String array
Run infusions once internet access is achieved - String array
White-listing based on mac address - String array
Bully or Reaver - Radio buttons
Where to store data(Locally, remote FTP, remote MySQL, or remote secure FTP) - Radio buttons and a text box to enter remote parameters
What are your thoughts on using MySQL to store everything? Would it be worth it, or should I just use a few text documents?
Autossh Not Working
in Questions
Posted
I'm trying to set up AutoSSH on my new Pineapple. My ssh server is port forwarded, in fact I can see the pineapple attempts in the log file. I used the 'Transfer Public Key' button to put its key on the server. I am not sure why it is not connecting.