Jump to content


Active Members
  • Content Count

  • Joined

  • Last visited

  • Days Won



About icarus255

  • Rank
    Hak5 Fan ++

Recent Profile Visitors

502 profile views
  1. Dude, why don't you live boot wifislax from CD or USB? That would surely be the simplest option.
  2. It depends dude. Not all email accounts have 2 factor auth. Try registering some valid email accounts yourself on google, hotmail, etc and try logging under different circumstances i.e. VPNs from different countries, different browsers, etc to see what triggers the additional authentication. They might even profile each user to see their patterns of use and any anomalies to those patterns might trigger the additional auth. If the loggins you got are from a list that has been distributed or sold to others who have also tried to log in to those accounts then forget about it. Those accounts would be on a watch list and you'll have a next to nothing chance of getting in. I have a friend that works in IT who said they use 20 different criteria to fingerprint individuals logging into their site. Aside from browser and OS they use things like screen resolution, local PC time, language, etc. Also, I have heard of people porting phone numbers to receive the 2FA messages but I neither condone nor recommend that.
  3. Bro, we all have money problems. Recently I started filling my car with 95 instead of 98 and I stopped going to my favourite coffee store (where the cute girl casually flirts with me every morning). I now have to resort to drinking that instant shit in the office with all the other miserable staff that work there which only serves as a reminder of how much I hate my life. Still, I wouldn't walk into BMW and in front of all the staff and customers demand to know why BMWs are so expensive when I can buy a Toyota for a quarter of the price. If Hak5 let customers decide how much they want to pay for their products then they would probably end up like that restaurant in the city that tried to do the same thing. I never actually got a chance to try any of their food because it doesn't exist anymore but you get the point 😉
  4. I don't really know much about encoding audio and audio formats but it sounds pretty interesting so I'll check it out this weekend. There are some practical limitations though. At 0.15KB/s you aren't going to be ex-filtrating much but it's a sneaky way to exfil once you encode the data. What will this overcome? If you can execute the loader then you can execute the main bin or did I miss something? Yea you can call it the SneakyKitten 😉 Nah I'm jk. I was only asking what the sneaky kitten bins were because there was no description on github. Anyway SqueakyKitten has a better ring to it.
  5. Just wanted to see what everyone does for CTFs these days. I like the "live" feel of the various boot2root CTFs on vulnhub and I guess there's plenty of variety albeit of various quality. I think root-me.org has a nice selection of small challenges in each of the major IT areas and I can do them at work (or without loading up VMs etc). The difficulty level exponentially increases after the first 4 or 5 challenges though so anything above 6th challenge is usually top 1% grade. It would be nice to hear some alternatives or some VMs people have found interesting/exciting.
  6. Pretty sweet idea dude. I like it but do you have some instructions or a readme file for noobs like myself to follow? What are those squeaky kitten binaries? I would rather compile from source if you get what I'm saying 😉
  7. How much you need bro? I know you said you're broke and all but you sound like you're good for it. How much you need? 😉 Also tell me how much interest you want to pay because I'm kind of fresh at this whole loan shark thing too...
  8. I remember there were some codes that worked in a game that I used to play. Anyway the codes should still work because the silly developers just reuse the same codes through all the games. Let me know if these work 😉 IDKFA IDDQD
  9. OK I might just have to look into this again. I'll order some readers/writers and let you know how I go 😉
  10. This is not just an old people thing. A lot of ISPs (at least here in Australia anyway) use phone numbers as default wifi passes for the 3G and 4G modems (and many others). And yes I agree, this is a great way to start your brute forcing. You don't need to pipe this through crunch though. You can use hashcat's mask generator 😉 hash64.bin -a 3 -m 2500 TelstraA84A9F.hccapx 253?d?d?d?d?d?d?d (this will generate 7 random numbers following "253" which presumably you know). A lot of the netgear modem/routers use a combination of adjective+noun+XXX (where xxx is 3 random digits) e.g. "luckybanana437". I had a list specific to netgear's factory passes somewhere so let me know if you want me to find it and I will upload it somewhere. Netgear Arlo base stations used this for their camera systems as well 😄 10 random hex chars is another favourite default pass but that can become unmanageable unless you have multiple GPUs or some really neat rules to minimise the cracking time. I guess it's worth mentioning that rockyou.txt gets a few hits every once in a while as well. Most people never change their default passes so bottom line: doing a bit of research at the start will save you a LOT of brute forcing time down the track 😉
  11. It depends what software, hardware is being using in the security system/network. I looked into my own Arlo security/video system a while back and sure enough being a wifi system, it suffered from the same vulnerabilities that all wifi devices do but that's where the similarities end i.e. you can bruteforce the wpa2 password being used by the security system but joining the network doesn't mean you could see all the videos/images being transmitted by the cameras because the video traffic was encrypted by Arlo. Not all systems use encryption like this so like WPA2 said, get onto the network first and then fire up wireshark to see what is being transmitted. The other vulnerability that wifi systems are prone to is jamming so try to see if deauthing the cameras through aircrack will do anything.
  12. I looked into this a while back as well but never got motivated enough to do it or to order a card cloner. I am talking about access cards that is. Even if I was motivated enough, it's not as simple as just scanning a card and then having its digital fingerprint to use whenever you want. The cards are encrypted and I can't remember how the actual authentication works but the fact that you can't clone modern MIFARE cards suggests that the encryption is not some simple one way hash. Sure there were some MIFARE encryption vulnerabilities discovered a few years back but not sure how easy it was to exploit them. I thought this was an interesting article. The guy has no sources to back himself up or even quotes any facts but some of what he says makes sense. https://www.csoonline.com/article/3199009/why-you-dont-need-an-rfid-blocking-wallet.html Anyway let us know how you go because I'd be interested to see if there some real-world application.
  13. 0day? Dude that article was written in May 2017 after the vuln was patched in April... And what did you upload to virus total? A rar file? Where's the doc file?
  14. I would host a blog about breeding cats but I'm terrible at writing and I know nothing about cats. My other idea would be to host a darkweb marketplace like alphabay sort of thing. Shouldn't be too difficult and good for the coin 😉
  • Create New...