Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won



About kdodge

  • Rank
    Hak5 Zombie

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Quick analysis of the site https://www.virustotal.com/#/url/45bf060ebed37ce4b2bc2063bbc389d0403f1e24ab230987e904aa96283beef1/details HTTP Response Final URL https://filma247.com/ Serving IP address Status code 200 Body length 36.79 KB Body SHA-256 1b4409f7bc7ab21a1805402ebe764d755cc4ac56aeda187b96e20b8aa4ffce2a Headers cache-control: no-store, no-cache, must-revalidate cf-ray: 4b36fd7ecf259d97-ORD connection: keep-alive content-encoding: br content-type: text/html; charset=UTF-8 date: Wed, 06 Mar 2019 20:13:26 GMT expect-ct: max-age=7776000, enforce expires: Thu, 19 Nov 1981 08:52:00 GMT pragma: no-cache server: cloudflare set-cookie: __cfduid=d4420e706b2102195ff88a484f55edb6f1551903206; expires=Thu, 05-Mar-20 20:13:26 GMT; path=/; domain=.filma247.com; HttpOnly; Secure, ci_session=ffe3ead63af47cb953cdf59d27df027a150385f4; expires=Wed, 06-Mar-2019 22:13:26 GMT; Max-Age=7200; path=/; HttpOnly strict-transport-security: max-age=31536000 transfer-encoding: chunked x-content-type-options: nosniff x-frame-options: sameorigin x-powered-by: PHP/7.3.3 x-xss-protection: 1; mode=block You can block a single IP address with an iptables rule: sudo iptables -C INPUT -s -j DROP 2> /dev/null || sudo iptables -I INPUT 1 -s -j DROP should do it.
  2. Can you post your ducky script? Just a wild guess, but are you quacking "explorer.exe" somewhere in the script?
  3. Using a webcrawler, lay down a smokescreen. Send so much random traffic to his sniffer that it fills his harddrive. That's just for starters, lol. https://github.com/slacker69/QtSmokescreen
  4. I know it's possible in firmware, be prepared to do some reading. Something about reading the status of LED 3 state iirc.
  5. the rubber ducky can do anything a standard keyboard can do. First, figure out what you want to do an the standard computer keyboard, then we can figure out the way to program the ducky.
  6. If you can run a c script #if defined(__linux) || defined(__linux__) || defined(linux) #include <unistd.h> #elif defined(_WIN32) || defined(WIN32) || defined(WINDOWS) #include <windows.h> #endif #include <stdio.h> #include <time.h> int main(int argc, char *argv){ time_t t; do{ t = time(NULL); #if defined(__linux) || defined(__linux__) || defined(linux) sleep(1); #elif defined(_WIN32) || defined(WIN32) || defined(WINDOWS) Sleep(1000); #endif }while (t < 0x5c4c02e3); // <-- this is the timestamp of when youo want it to run printf("0x%lx\n", t); //replace this with what you want to run return 0; }
  7. just taking a wild guess here, you might be able to use a BashBunny(tm) in Attack HID mode, using "crunch" to generate an exhaustive keyspace for all the possible pin combinations. I don't personally own one, but I'm guessing that is how it could be used, theoretically.
  8. date -u --date='2018-01-23 12:34:56 GMT' +%s 1516710896 and the reverse: date -u --date='1970-01-01 00:00:00 GMT +1516710896 seconds' Tue Jan 23 12:34:56 UTC 2018
  9. Yeah, that is totally correct, i missed that, the passwordspace should be 36^5, not 5^36
  10. Nvidia GTX 1080Ti == 576000 hash/s 24 hours / 1 day 60 minutes / 1 hour 60 seconds / 1 minute 5**36 hashs (5**36 hashs)*(1second/576000 hashs)*(1 minute/60 seconds)*(1 hour/60 minutes)*(1 day/24 hours) $ echo '(5^36)*(1/576000)*(1/60)*(1/60)*(1/24)' | bc -l 292404418008271 days (5**36 hashs)*(1second/576000 hashs)*(1 minute/60 seconds)*(1 hour/60 minutes)*(1 day/24 hours)*(1year/365days) $ echo '(5^36)*(1/576000)*(1/60)*(1/60)*(1/24)*(1/365)' | bc -l 801107994543 years (5**36 hashs)*(1second/576000 hashs)*(1 minute/60 seconds)*(1 hour/60 minutes)*(1 day/24 hours)*(1year/365days)*(1age of the known universe/13.7 billion years) echo '(5^36)*(1/576000)*(1/60)*(1/60)*(1/24)*(1/365)*(1/13700000000)' | bc -l 58.475 times the age of the known universe
  11. kdodge

    Bash Script

    try ... read -p 'Hexstring: ' varname hex2string "$varname" echo the function hex2string does not add a newline character after it finishes, echo will print a newline character afterwards
  12. What is the temperature? Does it feel hot? you can try $ sensors if the program is installed, it will tell you how hot the cpu is. if it's over heating it can act like its running 100%. worth a try anyway
  13. I don't exactly know what you are trying to test this up against, but in order to do math with number in BASH you have to use $(( $num1 - $num2 )) . maybe try this: # Compare expiry date with today's date if "$todaysdate" -ge "$(("$enddate_formatted" - "$graceperiod_days"))" then echo "$todaysdate is greater than $enddate_formatted. SSL certificate has expired!" elif "$todaysdate" -lt "$(("$enddate_formatted" - "$graceperiod_days"))" then echo "$todaysdate is before $enddate_formatted. Everything is OK!" else echo "ERROR"; fi
  14. I believe that systemd is used in kali: you might be able to run it as a service like this $ cat /lib/systemd/system/netcat.service [Unit] Description=Run a netcat session After=network.target [Service] Type=simple User=kaliuser WorkingDirectory=/home/kaliuser ExecStart=/bin/netcat 443 -w 10 Restart=on-failure [Install] WantedBy=multi-user.target $ sudo systemctl enable netcat.service
  • Create New...