Jump to content

Paladin

Active Members
  • Posts

    10
  • Joined

  • Last visited

Everything posted by Paladin

  1. My focus is not in stealing the password that is in plain text ala cain. My focus is in automatically recreating the website in an unsecure fashion. I know how to do it manually no prob what I am looking for is an automated fake site generator.
  2. I have played around with arp poison attacks and dns redirection and stuff and am curious if there is something out there that will allow someone to use that type of attack or jasager type attack to feed unsecure sites to people requesting said site in secure fashion. Sorry couldn't think of a nice one line way of saying it so let me try with example. Victim: types into browser http://www.gmail.com Attacker: goes to http://gmail.com gets all items Attacker: rebuilds page and serves it up to allow password to send in clear text Victim: sees same page as if you went to gmail but without the security. I know I can do this manually by saving the page and serving it up by redirecting them to my faked page but I was curious if there was an automatic jasager style way to accomplish this. This way I do not have to know what site they are going ahead of time and there is no warning of security certificates not matching there is just no security period. Any info on this would be much appreciated.
  3. Actually its not buffer overflowing its simply executing code in memory that has not been allocated for execuion. Its up to RealPlayer people to fix the problem. irfanview has the same type problem. For more info checkout Security Now a podcast on twit.tv. http://www.twit.tv/sn78
  4. Sorry about the n00b question. I actually knew about /Q but wasn't sure if this was the proper way to accomplish this. Guess I should have asked differently. But thanks for the response. avgscan is the command line version of avg and comes with avgfree. Just wasn't sure if there was a specific reason you chose it. I think I will see if I can get AVG a try since it is the free antivirus program that I choose.
  5. Another thought, Is there a reason you chose a-squared as opposed to AVG?
  6. I just realized what it going on. The prefetch line in the whitehat payload is waiting for a user input Y/N. Is there anyway to bypass this or do I need to just comment out that line since there is no window to input the Y/N in. Secondly if I do comment ou the prefetch line then it fails creating a restore point. Any idea why this might be? Never tried to create a restore point before.
  7. Well it does run the vbs scripts it just does not seem to autorun the vbe on the iso portion of the drive. So I was wondering where I could get access to the vbe source so that I could see why it won't run. Anyone know where I can get it?
  8. any idea why I might not be able to autorun this USBAntidote on my laptop? I enabled autorun and reinstalled U3 and it autoruns. But when I use Antidote it does not. If I right click on the faux cdrom and choose autorun it does nothing. If I click on the vbe script it does nothing but if I click on go.cmd it does run. Does anyone have a way to see whats in the encrypted vbe on the iso so I can see whats going on? I am really a n00b to this but could there be something on my laptop that won't run vbe's or somthing like that preventing it from autorunning? I have take no action to stop it from running. This is a Dell Lattitude D620. So anyway I would love to get a peak at the vbe and also would like to know why I can't autorun the antidote or any cutom payload. P.S. For reference I ran the hacked lpinstaller for sandisk as I have a cruzer. I then copied over the payload to the root dir of the flash drive. Pop it in and nada. I tried the lpinstaller from all the different payloads thinking that maybe the one I initially used was corrupt but nothing. Although I can reinstall U3 and it works "perfectly".
  9. Any word on the "progress thingy" BTW thanks for the info on how the files were hidden.
  10. Is there anyway to make it so that this is not hidden? I really like this antidote but everything is so hidden and I am not sure why. I would actually like some sort of progress bar myself. But if it would at least show a console window with the output I would be happy. I tried to dump the dir to my desktop but it disappeared. Revealing hidden files does not work and so I just deleted it using linux. Being so hidden makes me feel as though something underhanded is going on here. I want it to be a useful tool with progress easily seen so I know how long to leave it in and such. Any help would be much appreciated
×
×
  • Create New...