Jump to content

The Power Company

Active Members
  • Posts

    78
  • Joined

  • Last visited

  • Days Won

    2

Everything posted by The Power Company

  1. Generally speaking, power surges will just outright kill either a device or a port. I've melted many devices by accidentally plugging in a power cable of too high voltage. You are lucky that your ports come back to life after you zap them, but I wouldn't recommend trying to use something like this for any practical application. If you google USB killer, there are videos of people using special devices to short-circuit many devices. It seems your robot isn't powerful enough to actually kill your stuff, but I wouldn't risk it
  2. I guess I should post here now that I've been here for a little while. Favorite game: entire Dark Souls series Favorite OS: Despite its flaws, I really do like Windows for daily use. I use Kali a lot, but Peppermint Linux is the only Linux that matters Favorite console: Nintendo Switch Nationality: half Cuban, half European, born and raised in America Favourite band: Nine Inch Nails or Gorillaz Other hobbies: amateur HAM radio operator, wardriver, climbing/hiking/biking Occupation: definitely not a FED Other random facts: I am Fluent in English and Spanish, can read Japanese, Russian, and a bit of Chinese. Last summer my friends and I spend two months hiking across the diameter of Spain, from Pamplona to Fistera, and it seems that all the WiFi in the entire country is insecure for the most part. It's like all the data packets collectively get drunk and tend to just stumble into your house by mistake The Pokemon Go fad was great because I could wardrive all over the place and if anyone questioned what I was doing I could just say Pokemon Go, even though there were WiFi radios poking out of my bags, and it was suddenly socially acceptable! I unironically plan to replace my legs with bionic prosthetics the moment they begin to fail me. Possibly my arms as well, not as sure about those though. I'm gonna keep running till the day I die, baby. Maybe I can even program them to automatically walk my corpse to the grave, that would be fun.
  3. Prepare yourselves for my ultimate desktop specs: Pentium III 20GB storage on two 10-gb hard disks unlabeled graphics card with exactly one VGA output brand-new floppy drive, moderately used cd drive as well just upgraded to 384MB of RAM with a third 128MB stick I found sitting around Passive air cooling that sounds like an Asic Miner Windows '98 not one, but two USB ports!
  4. Alrighty, so I had this exact same question a couple weeks ago and it comes up often, so here is my answer: I have an Alfa AWUS036ACH, it is not plug-and-play with Kali. You can get it to work if you know how to manually configure and build drivers, but it is not straightforward. Literally just a couple hours ago, I got one of my friends with more technical knowledge to configure it for me, and I copied down the commands he used to configure it and may try making it into a script soon. I also have a TPlink TL-WN722N, which isn't dual-band, but looks similar to the one in the picture in the link you provide, and was the most popular interface for this task for a long time. However, the newest versions (V2 and higher) do not support monitor mode and packet injection. So this one is a no-go. What I would recommend if you are getting started is an Alfa AWUS036NHA. It has great driver support and range, is relatively inexpensive, is plug-and-play with everything I've tried, and Is just downright neat. I know it doesn't have two antennas, which may be a real turn-off, but dual-band actually isn't very helpful while you are still learning. If you know what you are doing, then you can buy expensive wifi equipment and have it do whatever you want. But there is little reason to spend a lot of money and end up not using the interface because it is difficult to configure. Is there any specific reason you prefer dual-band?
  5. Think about it in terms of the library itself: the various resources are all free and available for public use, but there are limits to what you can do with them. If you try to steal the books, bring a marker and scribble over the pages, burn them etc, you still can face penalties. The bathrooms are free to use but if you bring a wrench and unscrew all the plumbing, dump all the unused toilet paper into the toilets and clog them, install hidden cameras under the toilet seats to take pictures of people's balls, or shit on the floor, you can still face penalties. I am not versed in the computer laws of every country but in the US at least, just because something is available for you to use does NOT make it yours to tamper with, even if you think you are doing a service to the owner by proving it is vulnerable.
  6. The answer would be no. The Rubber Ducky is essentially just a keyboard that types out whatever program it to. The USB port is simply for keystrokes; the ducky doesn't actually have a way to transfer files from the sd card and back. That is why Mimikatz uses a server (setup outside of the ducky) to store its look. You don't even technically install mimikatz on the ducky, it just types in the necessary inputs to reach the server. The Bash Bunny, on the other hand, can bring its own exploits and store its own loot onboard.
  7. A lot of the out-of-stock items were taken down from the store page recently, hopefully that means they have a bunch at least some new items coming out soon. I have the Tactical EDC Shoulder Bag, and although it looks like the bag pictured is a bit larger, mine is very similar in appearance. I feel like a smaller form-factor bag is better in a lot of scenarios.
  8. My favorite is DNSdumpster, a free recon tool for public domains. It has links to a bunch of other free tools as well. For example, if you enter hak5.org into the search bar, each ip address has a link to get http headers, do an online nmap scan, trace the path, etc. This can be very helpful for bug bounties, as it can give you an idea of how websites are set up.
  9. At the base level, there is no danger in browsing the deep web or dark web (even to websites that claim to be run by hackers) as long as you don't download any files. If you plan on downloading files and running software then running a Linux virtual machine or a live OS is safer, since most malware is written for Windows. If you want to learn how to "hack", there are better places to start then random forums on the deep web. I'd start with, say, random forums on the clear web (such as this one, the Kali forums, etc). Maybe read a book or two.
  10. Keep in mind that your ISP and potentially others monitoring your network can detect VPN traffic and/or traffic going into the Tor network. They simply cannot trace what you are doing when you are in there. Using a live OS such as tails can prevent them from, say, remotely installing a keylogger or screencap software, since changes between sessions are not saved. If you do use a permanent installation, be sure to keep everything updated to the latest versions to prevent getting Equifaxed (old vulnerabilities biting your ass).
  11. Perhaps there could be some sort of system where file integrity is verified through a blockchain sort of decentralized ledger. However, blockchain has largely fallen victim to "cool new buzzword technology must be applied to everything" syndrome. Just because something new is potentially game-changing doesn't mean it will change every other game as well. Really, the best application of blockchain is as a digital currency or token. Almost all blockchain-based technology that has been introduced is either an actual currency or simply takes an existing process and incorporates some token-based algorithm, as if this will magically make the process better. And in some respects, it may be better. But in my opinion, blockchain is a "just because you can doesn't mean you should" technology. Blockchain has its place, but information security is probably not it.
  12. This sounds a lot like its coming from either some random kid in his bedroom watching anime or a good ol' FBI honeypot, but I do love quizzes! I don't do PMs though, so I guess I'll put my answers here. I'll pass on the edgy hacker society though. Q1. What is the most effective way to cover your tracks when attacking a machine (before shell access) Don't attack the machine in the first place and find something better to do Q2. Name an effective program to embed shell code in a program Extremely vague, what kind of program? What kind of shell? Q3. What recent Windows SMB exploit must be manually installed in Metasploit as of 2/11/18? Microsoft Bob Q4. What is the most effective tool to gain a Wifi Password without Brute Force? Social Engineering Q5. What are popular tools to aid in a Social Engineering Attack? Bringing Jayson Street with you Q6. What Deep Web sites are you present on? Include links to account pages. Yeah, as if intentionally identifying one's presence within an anonymous network isn't the dumbest idea ever. Q7. How many years of experience do you have? Time is a flawed human construct Q8. What programming Languages are you proficient in? Mostly just googling hacker buzzwords on the internet and pretending I know what I'm doing in the Hak5 forums Q9. Have you successfully pwned any machines/databases? Elaborate Again, as if self-incrimination is ever a good idea. This is the kind of stuff you shouldn't tell your best friend, let alone strangers on the internet. Q10. How much knowledge do you have in Social Engineering? Social Engineering isn't about knowledge. It's mostly just educated lying. Q11.What do you contribute to society ? I change my bedsheets occasionally. Q12.How would you describe yourself? That's not for me to decide. Q13.Would you be willing to die to achieve your goals? My only goal is to live forever (or at least until the inevitable heat-death of the universe), so no. Q14.Why do suffering and tragedy exist ? We can't appreciate the good times without the bad times. Q15.Do criminals deserve to die? No thanks.
  13. There is a limit to how many posts new accounts can make per day, if your friend simply cannot post then he may have just hit his limit.
  14. Compensating much? I have that interface and I don't see any reason why that wouldn't work, if you don't mind playing around with drivers.
  15. I read through it, there's lots of useful information there for beginners. It doesn't go into details about the specific tools Kali has, but everything you could want to know about the OS itself is there. As a matter of principal, I cannot recommend buying anything that can be obtained legally for free, unless you really like paper books (which is understandable). The first chapter is also a bit fluffy, but I still recommend reading it. Although the tools themselves are what makes Kali most appealing to many people, understanding the underlying ecosystem can help you fix all sorts of problems you may encounter later.
  16. I got one of those, it sadly requires a bit of driver shenanigans to get it working with Kali properly. It's range is freaking amazing though, so it's worth it. If you want something that is plug-and-play with basically everything, I recommend this one.
  17. Besides toying with old physical devices, I enjoy setting up small armies of tiny virtual machines, putting them in an enclosed network, and attacking each other. When I was in high school I got into hacking by rooting my old android phone and installing custom ROMs so I could get infinite gold in games for free. Also a great way to get introduced into malware infected APKs!
  18. I really hope this launch goes well, I've always loved space exploration since I was a wee bab! Live stream is here in case you didn't know. Launches in under an hour.
  19. I generally just use my actual phone for such tasks. Having a WiFi pineapple plugged in doesn't make your phone more vulnerable to attack, and smartphones tend to be quite secure on their own in their first place (assuming you keep the software updated, as one should). In this respect, a burner phone may be less ideal if it is old enough that it no longer supports the latest updates. I have a couple extra phones that I use for things like Wigle wardriving, but they are just my previous cell phones. I have found that my daily phone is better suited for most tasks, and unless your use case involves a high chance of losing the device, security is not an issue.
  20. I second this, the stickers are the most important part of any engagement! (also usb-wifi adapters and uberteeth but mostly stickers).
  21. Ok real talk, I've seriously considered buying an antenna like these before, how much better are they compared to shorter ones? Is it something worth having beyond its comic relief?
  22. Hey all, Recently a great tragedy has befallen me. My cheapo USB hub, which had both of my USB wifi adapters capable of monitor mode in it, power surged and literally melted both of them. Now my room smells like melted silicon and all the packets are escaping! I had one of the sweet adapters from the now sold-out Hak5 store and one of the tp-link ones from the now sold-out Pwnie-Express store. While I would love to just buy more of what I had already, it is currently not possible. So what are some of your favorite adapters, and where can I get myself one?
  23. Are you trying to open it from the 'recent' tab in the program? That wont' be able to open the file if you have moved it, but you just have to open it directly from the file explorer. But if the file is corrupted, you can try the steps here: https://support.office.com/en-us/article/Repair-a-corrupted-workbook-153A45F4-6CAB-44B1-93CA-801DDCD4EA53
×
×
  • Create New...