Jump to content

icarus255

Active Members
  • Posts

    75
  • Joined

  • Last visited

  • Days Won

    4

Recent Profile Visitors

1,731 profile views

icarus255's Achievements

  1. Dude, why don't you live boot wifislax from CD or USB? That would surely be the simplest option.
  2. It depends dude. Not all email accounts have 2 factor auth. Try registering some valid email accounts yourself on google, hotmail, etc and try logging under different circumstances i.e. VPNs from different countries, different browsers, etc to see what triggers the additional authentication. They might even profile each user to see their patterns of use and any anomalies to those patterns might trigger the additional auth. If the loggins you got are from a list that has been distributed or sold to others who have also tried to log in to those accounts then forget about it. Those accounts would be on a watch list and you'll have a next to nothing chance of getting in. I have a friend that works in IT who said they use 20 different criteria to fingerprint individuals logging into their site. Aside from browser and OS they use things like screen resolution, local PC time, language, etc. Also, I have heard of people porting phone numbers to receive the 2FA messages but I neither condone nor recommend that.
  3. Bro, we all have money problems. Recently I started filling my car with 95 instead of 98 and I stopped going to my favourite coffee store (where the cute girl casually flirts with me every morning). I now have to resort to drinking that instant shit in the office with all the other miserable staff that work there which only serves as a reminder of how much I hate my life. Still, I wouldn't walk into BMW and in front of all the staff and customers demand to know why BMWs are so expensive when I can buy a Toyota for a quarter of the price. If Hak5 let customers decide how much they want to pay for their products then they would probably end up like that restaurant in the city that tried to do the same thing. I never actually got a chance to try any of their food because it doesn't exist anymore but you get the point 😉
  4. Just wanted to see what everyone does for CTFs these days. I like the "live" feel of the various boot2root CTFs on vulnhub and I guess there's plenty of variety albeit of various quality. I think root-me.org has a nice selection of small challenges in each of the major IT areas and I can do them at work (or without loading up VMs etc). The difficulty level exponentially increases after the first 4 or 5 challenges though so anything above 6th challenge is usually top 1% grade. It would be nice to hear some alternatives or some VMs people have found interesting/exciting.
  5. How much you need bro? I know you said you're broke and all but you sound like you're good for it. How much you need? 😉 Also tell me how much interest you want to pay because I'm kind of fresh at this whole loan shark thing too...
  6. I remember there were some codes that worked in a game that I used to play. Anyway the codes should still work because the silly developers just reuse the same codes through all the games. Let me know if these work 😉 IDKFA IDDQD
  7. OK I might just have to look into this again. I'll order some readers/writers and let you know how I go 😉
  8. It depends what software, hardware is being using in the security system/network. I looked into my own Arlo security/video system a while back and sure enough being a wifi system, it suffered from the same vulnerabilities that all wifi devices do but that's where the similarities end i.e. you can bruteforce the wpa2 password being used by the security system but joining the network doesn't mean you could see all the videos/images being transmitted by the cameras because the video traffic was encrypted by Arlo. Not all systems use encryption like this so like WPA2 said, get onto the network first and then fire up wireshark to see what is being transmitted. The other vulnerability that wifi systems are prone to is jamming so try to see if deauthing the cameras through aircrack will do anything.
  9. I looked into this a while back as well but never got motivated enough to do it or to order a card cloner. I am talking about access cards that is. Even if I was motivated enough, it's not as simple as just scanning a card and then having its digital fingerprint to use whenever you want. The cards are encrypted and I can't remember how the actual authentication works but the fact that you can't clone modern MIFARE cards suggests that the encryption is not some simple one way hash. Sure there were some MIFARE encryption vulnerabilities discovered a few years back but not sure how easy it was to exploit them. I thought this was an interesting article. The guy has no sources to back himself up or even quotes any facts but some of what he says makes sense. https://www.csoonline.com/article/3199009/why-you-dont-need-an-rfid-blocking-wallet.html Anyway let us know how you go because I'd be interested to see if there some real-world application.
  10. 0day? Dude that article was written in May 2017 after the vuln was patched in April... And what did you upload to virus total? A rar file? Where's the doc file?
  11. I would host a blog about breeding cats but I'm terrible at writing and I know nothing about cats. My other idea would be to host a darkweb marketplace like alphabay sort of thing. Shouldn't be too difficult and good for the coin 😉
  12. icarus255

    C

    Unless you bought a Ferrari on your iphone, chances are no one will even bother investigating it but don't take that as gospel.
  13. Ah please, I scan from my home all day, every day. If he can hack my computer from a scan, I'll give him 10 points. I'll even leave the pc running a little while longer. It's no different to him just picking a random IP address and giving it a go.
×
×
  • Create New...