0phoi5
-
Posts
702 -
Joined
-
Last visited
-
Days Won
20
Everything posted by 0phoi5
-
Any ideas for a password matching a device named "Thanatos"?
0phoi5 replied to manolo12's topic in Everything Else
Clearly not your device. You're in the wrong place. Sorry, we can't assist. -
You don't. You strip away the SSL first. Intercepting HTTPS traffic without stripping away the SSL is no good, it's highly encrypted.
-
https://www.concise-courses.com/security/certifications-list/ I agree with that list. However; the best thing you can do is gain experience. Certifications certainly help, but a lot of pentesters tend to be self-taught. Any decent employer will get you to sit through an actual virtual pen test and complete the paperwork to go with it, rather than rely mainly on certifications. Having said that, anything on the list attached will help, as well as Linux RedHat courses, CompTIA networking courses and some programming/scripting skills in Python, C++, BASH, Batch/CMD, Powershell etc. You're aiming to pour 50% of your time in to setting up a lab at home and doing actual pentesting practice, 20% on courses like the above, 20% on being a Jack-Of-All-Trades (learn a little about every area of IT) and 10% on keeping up with the latest news around IT Security, hacking and related topics. My 2 cents, anyway.
-
As far as I am aware, there are no features in BackTrack that are not available in Kali, unless said features are no longer relevant or have been replaced by something better. Please advise us what you are struggling with in Kali, rather than attempting to use BackTrack.
-
I'm half-decent at PowerShell, but I don't understand what you are getting at here. Can you break down a little clearer what it is that you require the script to do? Thanks.
-
What? Is this the 90s?
-
Ground breaking stuff over here.
-
Windows Defender picking up despite ducky being empty?
0phoi5 replied to Sopyan's topic in Classic USB Rubber Ducky
From what you're saying here, I'm guessing you have firmware installed that allows the ducky to be read as a storage device as well as a HID. Windows Defender is either finding your malicious exe on the ducky, or if it's not on the ducky then it recognises the URL that the malicious exe is being downloaded from as being potentially dodgy (if you've run it once before successfully, and then it started getting picked up after this, this is probably the case). I'd set your ducky back to the original firmware and re-flash. If it still finds something malicious, try changing the URL the exe is located via. -
It looks like windows uses either EWX_SHUTDOWN (0x00000001) or EWX_REBOOT (0x00000002) on powering down the PC. https://msdn.microsoft.com/en-us/library/windows/desktop/aa376868(v=vs.85).aspx Currently trying to determine which one was run, very difficult to find a decent article on it though! I'll keep looking.
-
Thanks. I can't see that Event Viewer IDs 6005 and 6006 show much, other than 'The Event log service was started/stopped'. Doesn't give the reasons. It looks like that 'Turned On Times View' application is not downloadable here at work so I can't test, but I believe it just takes the reasons a Windows Server was shut down from an actual pop-up that user's fill in, rather than whether Shut Down or Restart was selected by users on a PC (not a server). The reason I was attempting to acquire this info is that we have a wide-spread issue that can be resolved by users Shutting Down the PC completely (not selecting restart, but selecting shut down). Some users are coming back and saying it doesn't work, so we need to determine whether it's PICNIC or whether they really did Shut Down.
-
Unfortunately the first reply was to do with telling whether the PC was powered down at all, not which option was selected to power it down out of Shut Down or Restart.
-
Thank you. Unfortunately, I can't see that guys answer is relevant to Windows 7; the reg key HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Shutdown Setting does not exist.
-
Sorry, I don't think I was clear. I need to know whether the user Shut Down the PC completely, OR if they instead rebooted the PC. I can't see anywhere in Event Viewer where it states whether the 'shutdown transition' was due to a restart or an actual shut down. This is why the Google search yielded too many results. I need to know which out of the two options the user selected to power down the PC. They either selected 'Shut Down' or they selected 'Restart', I'm looking to find out which. Thank you.
-
Hi guys, Apologies if this is a bit of a simple question, I've not come across it before and a Google search yielded a lot of irrelevant results. Is there a simple way to tell if a PC was Restarted or Shut Down on it's last power down? As in, tell if the user selected 'Restart' or selected 'Shut Down' within Windows 7? Thank you.
-
Has anyone just used https://ss64.com/pass/? You can just save a copy of the webpage locally and only have to remember one strong password. As long as you keep that password completely secured in your brain, the rest is easy.
-
You don't expect the NSA to backdoor that device on-site, do you ha
-
Completed 1 and 2 again, now playing loads of fan made missions. Would highly recommend the L'Arsene series.
-
I feel you're barking up the wrong tree trying to do this with Windows instead of Linux. Use Linux and hostapd.
-
This. Sorry, I don't believe for a moment that you aren't allowed to confiscate it. Schools are well within their rights to confiscate mobile phones, knives, and anything else them deem unsafe, inappropriate or a breach of their rules. The Rubber Ducky falls within this.
-
I use a GTX 970 from Palit; I'm mainly a gamer, rather than using it for Pentesting, but it slowly does the job for less than £300 ($400).
-
You could use Crunch to generate a wordlist, and then use HashCat with this wordlist. I believe you can pipe one directly to the other, without having to save a file in-between. I don't have much experience of Crunch to be honest. You can download it here, and some instructions are here.
-
Really? That's slow! What GPU do you use? FYI, a GTX 970 is £300 and average by today's standards. Someone with a Titan at £1000 could crack about 30% faster than the table on my other post (linked in the post above).
-
No worries. The best page to read through all of the available options for mask attacks is this. You may also find my previous post interesting.
-
For a password that is numbers only, 8 digits, I wouldn't bother. It'll crack so fast, it'd take you longer to type the mask out than the crack time without it anyway! 8^10 = 1,073,741,824 = About 6 seconds to crack for GTX 970. hashcat64 -a 3 [filename] -l ?d?d?d?d?d?d?d?d
-
TUmkcITSBvsSJmJYshXj7s1QTLo appears to be Base64. Username: P2PClient Password: MIp&bXPL Here is some info on how WSSE works. Also read Using Burp Suite to Test Web Services with WS-Security (you need nonce and timestamp as well as the above). See also this.
