Jump to content

NoExecute

Active Members
  • Content Count

    41
  • Joined

  • Last visited

  • Days Won

    2

About NoExecute

  • Rank
    Hak5 Fan +

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Well, if you're going after a whole network, i would think about something like Packet Squirrel, placed right around the router. But, another option is to build a small implant box, based on Odroid C2, with a USB ethernet adapter for using two eth interfaces. It have a lot more power and usecases than a packet squirrel. So, if you're looking for options according to price, the Odroid or something like it, is your best bet. Shark Jack could be an option, but i don't see it as an option to attack a whole network. Maybe for running a quick NMap scan for recon work, and port scans, but f
  2. NoExecute

    HackRF

    As pointed out, the HackRF doesn't come with software, it's basically a radio reciever / transmitter in a box, so you'll need software to control it, and what software depends on what you want to do with it. Are you just out to listen to FM radio, tracking airplanes, or hacking alarmsystems, or making your own pirate radio station ? The HackRF can be used for it all :) So, what operating system are you using ?, Windows, Linux or Mac ? If linux, a good place to start is https://github.com/mossmann/hackrf/wiki/Getting-Started-with-HackRF-and-GNU-Radio If it's for hacking / protoco
  3. Well, I'm thinking that it would be hard to implement in something as small as a charger. But, built into a powerstrip, sure. Something like gumstix embedded boards can do that, or raspberry PI Zero W. There's even a Kali image for Zero W, to make it easy to build. The microphone bug, is something else. You "could" find schematics for small RF bugs, or buy them, they are pretty cheap to make. For recieving and recording, use a phone, or use private out-of-band frequencies on a HackRF. The trouble is, that this is illegal to do. Most countries outlaw transmitting on out-of-band f
  4. Hey there :) Well, first off. There's no need to lower the firewall, or turn on everything :) You see, DHCP, provides your machines on the inside with an address, BUT the modem / router have an external address. You cant access the internal addresses directly. So for connecting from the outside, you need to figure out what the external address is (whatismyip.com) can do that for you. When you have the external address, you need a server or two / or remote desktop / SSH enabled. When it comes to exploits, it's another matter. standard exploits / shells connect attacker --> target,
  5. Hmm.. Since you're working on a fresh Windows 10, sure you're not just getting caught by Antivirus ? It's pretty normal that it will stop you, unless you do something to avoid it. A lot on what used to work in Metasploit are getting caught these days, so you're up for some interesting research work, to get it to work :)
  6. As Digininja allready said, run along kid, we can't help you 🙂 Seriously though. You say it's a remote system, not in your possession ?, do you have written consent to attack it, can we see it ? If not, you're comiting a crime, stop it, right now, and go do something else, something more constructive for society. Try helping out at the local homeless shelter for a while, donate to the homeless ?
  7. Okish, let's try this. If you run a whois against 85.17.135.243, you should get this inetnum: 85.17.135.192 - 85.17.135.255 netname: LEASEWEB descr: LeaseWeb Netherlands B.V. Note inetnum so Leaseweb own's all IP's in the range 85.17.135.192 - 85.17.135.255 SO, they can, and did assign an IP of 85.17.135.243 to webservice.be. (That's a webservice. SO, they can use namebased Apache virtual hosting, to host multiple sites on that single IP) since you find 110,995 ports open, it's maybe a primary mail server used for namebased virtual hosting, and 14
  8. There would be a mail server running on the primary server. Confirm that with a portscan against the primary server. Like in your listings, there "could" be a mailserver on altgroupltd.com. In the case of mdmconsultancy, it's called mail, and a separate domain name called mail, so the FQDN is, have the mail.domain.com. Remember domains are read from right to left, with the country as place / value one (toplevel), place two (primary domain), and three (subdomain/ hostname), and four --> x being subdomains / hostname. And for which company provides the services ?, who owns the IP a
  9. Stop stealing other peoples work :) You can see if you can figure out what base-theme they used, and base your own design on that. The same for plugins, and the like, but plain downloading everything, throw it on a new server doesn't make it your content, and yes, it is theft, and copyright infringement. You can buy base-themes and use for a starting point in your own design, some allow that. So, going that route would be the right route, everything else is plain wrong. Be creative on your own :) And yes, it can take a lot of time designing a website, that's half the fun :) If i
  10. https://192-168-1-1ip.mobi/default-router-passwords-list/ Something like this ?
  11. In /etc/NetworkManager/NetworkManager.conf [main] plugins=keyfile [keyfile] unmanaged-devices=mac:YOUR:MAC:HERE #To do it by name of the interface [keyfile] umanaged-devices=interface-name:ethx If your machine is using new names for interfaces (eg NOT ethx), you can get it back like so : Edit /etc/default/grub GRUB_CMDLINE_LINUX="" Change to GRUB_CMDLINE_LINUX"net.ifnames=0 biosdevname=0 " Run "update-grub" and reboot, your interface names should be wlanx, ethx format. Remember Kali is based on Debian, so a lot of the tutorials for Debia
  12. I can understand that concern, thats a tough place to be 😞 The problem with the Ducky is that's it's basically just a keyboard that you can program, it's not "A Silver Bullet". If he hasn't gotten s standard user password, how can he use the system ? As long as you keep the admin / root password, there's no harm in that. What i mean with VPN, is that you get the machine to connect back to you, then you SSH into the machine, read the log files / control the firewall, job done. If it can only go online through VPN, and you control the VPN, then you control what he can access.. Not
  13. Hmm.. Maybe a little faith and trust can go a long way ? How old is he ?. Since you're saying teenager, i guess between 13-19 ? If my parents installed spyware on my machine, when I were that age, I would have had a fit ! Maybe it's simply just an idea to talk to him about what's okay, and what's not okay, and let him know he can talk to you if he needs it. No matter how clever solution you come up with, there's a chance he'll find it, and turn it off.. If you have the admin password / root, something like a vpn that connects home, and let you remote admin it, og, a script that
  14. Thanks, but that's not really what i'm looking for 🙂 Right now, i'm working on psychological strategies of phishers and the effects they got on the reciever, and that requires samples 🙂 /Kent
  15. Yep, you read that right 🙂 I'm asking for the community's help. Right now i'm looking for phishing email samples regarding to covid-19 scams. I've captured a few, but not anything real solid to build an article case on, so if anyone having any, could you please forward them to me ? Any phishing links, i'm interested in too 🙂 Yes, i do know, and accept I'm opening up a can of worms here, so any thoughts or suggestions and ideas are more than welcome 🙂 Email, kent@labet.dk /Kent
×
×
  • Create New...