-
Posts
702 -
Joined
-
Last visited
-
Days Won
20
Posts posted by 0phoi5
-
-
"'If you're not paying for the product, you are the product" - Andrew Lewis (paraphrase)
This used to be true. Now it's more like;
"'Whether you're paying for the product or not, you are still a product yourself"
- 1
-
On 4/13/2018 at 10:25 PM, AJR said:Can AirDrop be used to hack you?let's say that there is a "creative coder" (hacker) on one end of an AirDrop and an iPhone on the other could the hacker send a picture, video or file with some harmful code on it. Would this be a more modern version of bluejacking after all AirDrop does use Bluetooth? While if you have your airdrop turned off completely. But if your air drops on contacts only you would also think that you would be fine because it's not like your friends are going to try to hack you (well most people friends ours might) even on contacts only this is still a huge risk. Let me use an example out of a 100 people only 1 has airdrop on everyone his name is Bob so Bob gets hacked that not a really big deal but then Bob's phone starts airdropping to all his contacts and everyone near him with airdrop on everyone. And this same cycle happens, again and again, It's the weak link bob that got everyone infected even if they where on contacts only.
I wouldn't know specifically, however I would keep these points in mind;
- It's a wireless communication method. Wireless communication can be picked up by any appropriately created device within range.
- It uses TLS encryption, for which there are multiple known attack vectors.
- It is possible to embed malicious code in images/video, yes.
- If a device isn't completely and utterly air-gapped from the outside world, it's externally hackable. Period.
Without knowing how one would go about it, yes, it's hackable.
Most things are, it's just a case of working out how.
-
5 hours ago, Dave-ee Jones said:
As I said in another thread though - maximum throughput of 54Mbps, no 802.11n support, USB 2.0 (tbh, that probably fixes half the driver issues with the ACH), etc. etc. Very old card.
The throughput and USB 2 really isn't a problem for pentesting. I could quite happily hack with a potato and a piece of copper wire, if it gets the job done.
No 802.11n support could be a pain, I guess, but I've personally yet to come across a situation where I've needed this.
-
Probably already covered this replying to another topic, but I have 2 x AWUS036H myself and they are excellent.
The AWUS036H works out-of-the-box with Kali & Parrot and the range is fine. Using a Yagi and line-of-sight, they'll cover a 1 mile range with an OK signal acquisition. Using the default antenna they come with, you'll still get 100 meters line-of-sight, which is good for most pentest scenarios. And yes, they inject and monitor.
- 1
-
6 minutes ago, Bamse said:
So i don't have to install any drivers?
You shouldn't need to with most, if not all, Linux distros. Certainly Kali, Parrot, Raspbian, Debian and Mint all recognise the AWUS036H as soon as it's plugged in.
-
5 minutes ago, Bamse said:
Is it easier to install?
Not sure what you mean by install, sorry. What OS? I use Kali/Parrot for pentesting and both are just 'plug'n'play' with the Alfa cards.
Just plug it in and use lsusb / ifconfig to confirm it's there and it's designation (usually wlan1).
-
I stick to the AWUS036H. Can't go wrong.
-
- Wenger Gigabyte backpack
- Lenovo Thinkpad T430 (SSD, 8GB RAM, internal WiFi card can handle monitor and injection on it's own), Parrot OS and various VMs
- diskAshur iStorage HDD - 250GB
- Alfa AWUS036H plus various antennas
- A RPi with some accessories
- Spare mobile - Android Galaxy S2, rooted and with a Linux OS installed
- Various cables / USB sticks / misc.
-
Funny, I went to rob a bank a few days ago, but got arrested after security realised I was holding up some sort of router.
Small world...
This cell is comfy.
- 2
-
On 29/03/2018 at 11:59 PM, barry99705 said:
Also, psexec is your friend.
This.
Use PowerShell (Invoke-Command), SCCM, batch files, PSEXEC and Group Policy to get things done quickly, easily and remotely.
-
On 15/02/2018 at 4:14 AM, Dave-ee Jones said:
You'd be better off just using an old satellite dish, or one of these.
-
I use a T430, in fact I'm on it now. It's perfect for pentesting, if that what you need it for. Got a refurb for just over £200 ($280 ish), 250GB SSD, 8GB RAM, i5 processor. I love it.
- 1
-
12 hours ago, barry99705 said:
Whaaaaaa!!!??? That's crazy talk! Actually that's called "Which dumb ass didn't do a copy run start on the core switch" day. That day was fun, cause they didn't do it THREE years ago...
I guess they took the joke 'I'm a Linux Admin, so I get laid as often as I have to reboot' and thought they better reboot more often
-
On 29/01/2018 at 3:12 PM, Kenomouth64 said:
Well, I ended up just capturing all the wireless devices I could, using my Aircheck tool. I combined all of the devices, along with their associated information, then filtered out the devices, I knew were legitimate. Unfortunately that leaves me with 76 device to track down with my network engineer, and verify their legitimacy...
I imagine majority of them are wifi hotspots, printers, or nearby facilities equipment. Nevertheless, I will in for a long day.
Potentially not an option, but does your business do Disaster Recovery test days, or similar? When they power down all systems and then power them back up?
If so, use this to your advantage. With everything on the estate powered down, they'll be a lot less APs to look at, and you'll know the ones that have disappeared are definitely connected to your buildings power (take a reading before power down and after power down).
For future, maybe set up a dedicated PC (something little will do, like a Pi) to constantly monitor APs in the area and keep a decent log. Maybe use Kismet or airodump-ng. You can then see the APs that stick around long-term and the ones that have cropped up recently.
-
8 hours ago, PoSHMagiC0de said:
I have written a script that does this before. Remove-wmiobject does not work on it. I cannot tell you why. But this will.
Get-WMIObject -Computer $computer -Class Win32_UserProfile | where {($_.LocalPath -eq $profile)} | foreach {$_.Delete()}
You beauty.
Cheers :)
-
2 hours ago, PoSHMagiC0de said:
Add a "_" after the "$".
Get-WMIObject -Class Win32_UserProfile | where {($_.LocalPath -eq 'C:\Users\JoeBloggs')}
Thank you. Doh, silly me, couldn't see the wood for the trees
I'm now attempting to pipe this to Remove-WMIObject;
Get-WMIObject -Computer $computer -Class Win32_UserProfile | where {($_.LocalPath -eq $profile)} | Remove-WMIObject
But it get...
Remove-WMIObject :
+ ... q $profile)} | Remove-WMIObject
+ ~~~~~~~~~~~~~~~~
+ CategoryInfo : NotSpecified: (:) [Remove-WmiObject], ArgumentException
+ FullyQualifiedErrorId : System.ArgumentException,Microsoft.PowerShell.Commands.RemoveWmiObject
-
Hi all,
This works fine...
Get-WMIObject -Class Win32_UserProfile | Select -Expandproperty LocalPath
However, the following does not. What am I doing wrong with the syntax here?
Get-WMIObject -Class Win32_UserProfile | where {($.LocalPath -eq 'C:\Users\JoeBloggs')}
$.LocalPath : The term '$.LocalPath' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a
path was included, verify that the path is correct and try again.
At line:1 char:50
+ Get-WMIObject -Class Win32_UserProfile | where {($.LocalPath -eq 'C:\Users\JoeBloggs ...
+ ~~~~~~~~~~~
+ CategoryInfo : ObjectNotFound: ($.LocalPath:String) [], CommandNotFoundException
+ FullyQualifiedErrorId : CommandNotFoundException
-
https://www.aircrack-ng.org/ has everything you'll ever need.
Click 'Wiki' on the left, then scroll down to the 'Documentation' header.
-
On 05/01/2018 at 10:18 PM, PixL said:
or if my neighbour wanted to lend me his internet... :)
'lend'
-
-
On 14/01/2018 at 6:49 PM, Krayl said:
For deauth...
Technically being able to deauth devices from a network at the moment is simply a time-saving tool.
One of the best pentesting skills one can learn is patience! No need to deauth if you have patience. Besides, deauth is noisy, silently waiting is silent.
-
-
On 12/01/2018 at 6:13 PM, Cryog said:
Could someone please help me identify this graphics card? The gpu on the board is an Nvidia Gf116-200-ka-a1
It's a GTS 450. Trying to figure out exactly which one.I looked through every version of the GTS 450 from all known/reputable manufacturers of the card and could not spot one exactly the same as yours.
It's certainly a GTS 450, as the cards are almost the same in every case, except yours appears to have R22 BIOS chips; most 450's generally appear to have 3 x R33 BIOS chips, whereas the one above only appears to have the R22 BIOS chips and maybe only 2 (can't see if the one above the R22 chips is a third, as it's just black)?
If I manage to spot anything I'll let you know, but you're probably out of luck. Maybe a Chinese knock-off or such an obscure make that it'll be impossible to find easily.
-
On 03/01/2018 at 10:30 PM, Dave-ee Jones said:
Haha, that's very true. It's the same with everything really. Something's only as clean as it is relative to another ;)
That moment when you clean a spill off of the couch, then realise that spot it now the brightest
Pentesting yahoo
in Hacks & Mods
Posted
You need to speak with Yahoo's / Facebook's Customer Service department.
Do not attempt to pentest without written permission from a company, which in this case, they would not give.