Jump to content

kickarse

Dedicated Members
  • Content Count

    625
  • Joined

  • Last visited

About kickarse

  • Rank
    cubenvy
  • Birthday 07/08/1983

Contact Methods

  • AIM
    phreezegunz
  • Website URL
    http://www.wanderingit.com
  • ICQ
    0

Profile Information

  • Gender
    Male
  • Location
    Springfield, MA

Recent Profile Visitors

15,570 profile views
  1. I'm happy your cynicism hasn't changed at all Digip ;) lol... you picked that one right apart huh? It's just a proof of concept idea from what I gander. That's really all it's useful for. It might work on someone who doesn't know jack about PC's (most home users); I mean they end up "scanning" their PC for viruses with software they never paid for or installed. And yes, Konboot would be better. As for your other "questions" you might want to ask him what he planned on doing with it. I'm just a messenger.
  2. Pretty neat concept and code (link and desc below) https://github.com/AlexWebr/evilmaid_chkdsk Evil Maid CHKDSK This is s simple 512-byte MBR program that pretends to be Windows CHKDSK. It asks the user for a password, writes that password back to the media it booted from, renders that media unbootable, and reboots. Terminal capture of using it with QEMU: http://ascii.io/a/1201 Video demonstration on a Windows laptop:
  3. I wrote an AutoIT script to scan each workstation for local user accounts (admin or otherwise). I can then set the user bit like disabled, user can change pass, etc. Or I can remove each administrator account that doesn't belong. I've set it up so that I can perform this on every workstation it finds in a specific Domain OU. Perhaps you could leverage something like that?
  4. I wonder if there's a way to do some sort of passive pass through tap... so information goes in but nothing goes out using some one way gate, but still goes across the bridge without affecting the information. Sort of piggy back on the signal, but then you need something to capture it like Usbalyzer or Usbsnoop. This way you get around the HID having to install. USB Pin out - http://pinouts.ru/SerialPortsCables/usb_cable_pinout.shtml P1 - VCC - Power P2 - USB Data - P3 - USB Data + P4 - Ground It should be possible to tap with a Diode at 5v, that way we don't overdrive it, or not e
  5. What exactly are you looking to understand? The inner workings of ESX/ESXi (hypervisor)? How to setup a cluster (VM or MS?)? How the hosts talk to a SAN? It's kind of a broad subject, if you could hone in on a topic or a couple topics I'd be happy to answer some questions. And not anything against you, believe me, but I hope they aren't going to just go "here's a SAN and VMware manage it!".
  6. I've demo'd Languard (great price) but use PatchLink (very expensive) and WSUS. I find that Patchlink is very thorough but the agents sometimes go corrupt. WSUS works find but only for MS patches (although Eminentware has software that will addon to it so you can install third party software).
  7. Careful with your payload. These types of software usually send information regarding software that's been started and if you name your executable "pwnsk00l.exe" it'll be send and flagged. Something like notepad.exe would most likely be better. Just sayin'. I haven't had any experience with LanSchool and I don't know what data it sends. But these types of software usually do this.
  8. That's cool! Just write a program to insert 50,000 characters into a txt file and your good!
  9. Good software would read the file encoding and block based on that. So renaming to a txt file would do no good.
  10. It's a hard suit because while they were typing the information on a company workstation the data now resides on an off site server. This information was at one time, although not saved, on the corporate network, which in turn you own. Like Sparda said if you have some NDA policy that they signed then you can probably get a court order from the ISP.
  11. kickarse

    Pandora Hack

    The Lala.com hack is a simple one You need to start your capture to catch/filter this (could be any number, all i've found below): tcp.stream eq 4 or tcp.stream eq 6 The stream you want to reassemble is (info column) [TCP segment of a reassembled PDU] You must wait until the song finishes to reassemble. After the song is finished right click on the packet and click follow tcp stream, make sure it's raw. Save as an mp3.
  12. Their reasoning is that they deploy services and functionality that uses these ports and various ip addresses. I disagree and call bullshit. I asked them to supply a list of a few ports and ip addresses to connect to and they said they can't. I called bullshit. I asked them to supply technical references for other companies and they told me they can't and that all companies either open the ports or t1 to them. I called bullshit. There's a third option that uses port 80/443 for a connection to a Citrix presented application. The install rep tells me that it doesn't have the same functio
  13. So we have a vendor who wants us to basically open up all Ephemeral ports to about 1,300+ IP addresses on 6 subnets. How would you guys feel about that? I know that I feel pissed off that they want us to do this or buy a dedicated T1 to them to bypass this hole. They keep giving the run around that we somehow need all of this. Please chime in with your thoughts. I love to get the security/hacking communities view on this.
  14. I like the mask so nobody can see his face on the internet. Go figure it'd a be a picture Discovery would use. lol
×
×
  • Create New...