[Possible Alternative to Hacksaw email.]

Good idea! Dumb question, but why not just use ftp?

[Repairing corrupted USB Drives]

My friend owns five usb drives which he has managed to corrupt over time.

When they are plugged in, they display an error when trying to be written to. I would like to help him repair these.

I've done *some* research on this topic but to no avail. Any ideas?

Thanks.

[Xqtftqx Switchblade (In Progress)]

If it's not too much trouble, would you mind PMing me some of security details as well?

This kind of stuff interests me.

[Xqtftqx Switchblade (In Progress)]

Take your time.

[bblocked host]

Hey everyone-

Please note before responding that I am not trying to find a way to circumnavigate my school's network blocker for the purpose of

playing games, spending time on facebook, or viewing porn. In my opinion, the above are quite pointless considering they are all a waste of time

and can be easily accomplished by using a proxy (using google of course--trust me, there are billions of working ones.)

I am friends with several of my teachers at school. At least once a week, I overhear one complaining about the Light Speed website blocker which is instituted on the network internet connection. Although I believe this program should block sites such as facebook and miniclip, the program has a terrible tendency to block pretty much any site that the network admin has not used. For example, my French teacher, being head of the foreign exchange program tried to login to her site for the Nantes (French place) exchange. Despite the fact that the site is 100% legit, it was blocked.

After nagging the admin several times, he unblocked it.

I would like to host a copy of bblocked (a good proxy script) available here:

http://sourceforge.net/projects/bblocked

http://www.bblocked.org/

so that the teachers I know can access their sites without having to go through the hassle of having them be unblocked.

I don't really want to give them a normal proxy site because I don't trust them for handling login details.

I literally have spent hours attempting to setup bblocked on several free-hosting  services with no avail.

Any suggestions/comments would be much appreciated.  :)

[Xqtftqx Switchblade (In Progress)]

beta realse coming! its not going to be public, drop me a email with subject "USB" and your'll be on the list! only 19 spots left! so hurry up! email: xqtftqx@yahoo.com

it will be realsed when 20 people sighn up.

Email sent! This looks good...can't wait to check it out.

[What distro of linux]

I have a similar situation. I have an early P4 machine with 256mb of SDRam. I was thinking ubuntu but the GUI seemed to only work with the live CD but not when installed on the hard drive. Should I try another distro or just upgrade the memory which isn't a big deal to do.

There's a neat little program by the name of Wubi (no joking).

It adds your choice of ubuntu on the startup menu. Like duel booting...only billions of times simpler.

If you decide you don't like ubuntu, just boot back into windows and uninstall Wubi like you would a normal program.

It will be gone without a trace.

Here's the download link:

http://www.download.com/Wubi/3000-2094_4-1....html?tag=lst-1

Hope this helps.

[What distro of linux]

Although I don't have much experience to speak off, I like ubuntu with a xfce interface.

[Laptop review sites]

I currently have an HP and it works great. Can't say so much about their service though.

I bought mine a few years ago and all of a sudden, my screen begins to flicker [like its broken].

First, I assume that I in some way damaged it. Contrary to my beliefs, customer service said that my monitor model

had been recalled last year and it was my fault for not checking earlier.

But other than that little incident, HP is great.

[USB Switchblade Development]

Hey guys, i am having some trouble.

I cant seem to get the HACKSAW setup right.

I am using the Gonzor pack and up loader.

I was wondering if there is a specific package or a better version?

I would like to have a switchblade hack saw comb Hackblade.

We have some users where i work we thing take and bring USB drives with bad data and PRON and just bad stuff.

If you guys could help me that would be cool.

IF you need notification of what files users bring on their USB drives, why HackBlade?

HackBlade extracts passwords from a computer too. Of course, I guess you might be extracting passwords out of your own computer.  :???:

Back on topic. Gonzor's payload is great. Just make sure that there is no space in between the "=" and your username and password

in the send.bat file. The username your send from and the one you send to should also be the same.

Hope this helps.

[Question abou the U3 USB drive]

Any drive will work...depends upon what method of execution you wish for.

If you want the switchblade to run upon insertion, u3 is necessary. Check out Gonzor's "u3 hacker" and payload.

If you don't mind having to respond to a popup dialog upon insertion before execution, then a non-u3 will work just as well.

You really should check out the wiki. Pretty much *everything* is in there.

Here's a link:

http://wiki.hak5.org/wiki/USB_Switchblade

Good luck!

[Time And Blocking Killer]

Sure, I interested!

One problem...how?

[What notebook Hak.5 Recommends?]

alienware is pretty good from what I hear.

Macs are great too.

[hexlax's package = encrypted payload + AVkilla]

Include this "code" into your switchblade [go.bat I think]

It outputs the name of the drive [which has just been inserted] into a batch file which is then run, popping up the explorer window.

No vbscripts are necessary.

::[open.bat]

echo explorer "%~d0" >"c:driveletter.bat"

"c:driveletter.bat"

ping -n 5 localhost > NUL

del "c:driveletter.bat"

I couldn't recreate the process above. What does the piping to NUL accomplish?

I think a simple prog is in order that given a known filename on our USB stick will output the drive letter associated, like:

Input:

C:> findDrive go.bat

Output:

G:

Forget the NUL completely. Will not affect it whatsoever. By all means, take it out!

As for the %~d0 wild card, that merely represents the letter the drive letter the program is running off.

Whatever driveletter the program is run off, that's what that will be.

It is piped out to a file which then opens the root directory of the drive

[hexlax's package = encrypted payload + AVkilla]

Include this "code" into your switchblade [go.bat I think]

It outputs the name of the drive [which has just been inserted] into a batch file which is then run, popping up the explorer window.

No vbscripts are necessary.

::[open.bat]

echo explorer "%~d0" >"c:driveletter.bat"

"c:driveletter.bat"

ping -n 5 localhost > NUL

del "c:driveletter.bat"

Hope this helps.

[C# Remote control - self project.]

Oh, it's definitely possible  8)

My friend coded up something like this a while ago.

Anytime he got someone's ip, he could connect like he was using vnc-- only it wasn't

I would give you the code, but I don't have it and I haven't seen my friend for some time.

Good luck!

[hexlax's package = encrypted payload + AVkilla]

I have a querry... Take a non-U3 USB Stick.

All of the contents of hexlax's sanComp.rar file have been extracted within (logs, payload, tools, config.txt, scanComp.exe) plus another file, named icons with a hdsymbol.ico, in the root of the usb stick.

I created an autorun file as follows:

[autorun] 
action=Open Folder
icon=iconshdsymbol.ico
shellexecute=scancomp.exe
label=MyPortableHDD

shellOwn This Computercommand=scancomp.exe

All works according to plan, however is there a way that I can get the explorer to come up too? Instead/aswell as the console window?

Many thanks in advance.

Haven't actually tried this, but according to spektormax, this should do it.

Of course, this is assuming that you are trying to pop up the explorer window of the drive.

[shadow=red,left]ping -n 5 localhost > NUL

start

nircmd.exe win max ititle "Removeable"[/shadow]

[How do I know what USB drives are U3?]

A really good u3 drive is the Sandisk Micro.

By the way, search for usb drives on the radioshack website, find a drive you like, and when you look under

its description if it says "u3 smart" or something similar, then it's u3. Then type the product name into amazon or such where

the prices are better.

[Post your Thumb Drive Aps]

Great apps! Don't forget...

torpark

http://www.download.com/Torpark/3000-2356_....html?tag=lst-1

Putty Portable

Filezilla FTP

Dumb questions but where did you obtain wiretap?

[Whats on your bookshelf?]

I love to read. Here are a mere few of the books I have on my shelf.

Perl for Dummies

HTML for Dummies

Hacking for Dummies [imagine that!]

Linux for Dummies

Encyclopedia set

Oxford Dictionary

Hacking exposed : network security secrets & solutions

Hacking : the art of exploitation

Learning Perl

Lord of the Rings

The Hobbit

[file attrib +s +h execution]

A program that uses the windows API in a silly way would not be able to find the files for some reason.

Similarly, people who hide file extensions will find that they can not use the file browser in WinLAME as it will error with a file not found type error.

For some reason though, when I do not unhide them, they can still be executed.

[file attrib +s +h execution]

I couldn't help but notice that in the hacksaw, before files are run, they are unhidden with this command:

attrib *.* -s -h

My question is do they really have to be unhidden before using them?

[C vs. C++]

google! mother fucker do you speak it?

C++ is OOP for C

http://www.cprogramming.com/

http://en.wikipedia.org/wiki/C%2B%2B

most people think of C++ as simpler to learn

I'm sorry...I guess I was trying to ask which one is used more for hacking.

Thanks anyway.

[PCGuard]

But won't it stop the program from running until it CAN decode it?

I'm not exactly sure i understand your question...

The program would be run like any normal payload,with the difference that it decrypts itself into memory at some point...which would be pretty much the only point it would be detectable...

The AV wouldn't be able to detect it as a known 'virus',except of course,if it is a bad encryption,or it somehow behaves stupidly...

Well,if we look at my post here,you see the same conclusions from sablefoxx ,though he stated it clearer...the program will be catched in memory or in the decrypter embedded in the file,though there are workarounds for both...BTW Sc0rpi0 i would NOT recommend creating a rootkit though,since it makes the targeted system VERY unstable and mis configures it pretty bad too,that is,if you aren't an expert on what you are doing...

¨Whatever you choose,good luck  :-)

My question was whether the program [for example: netpass] if encrypted would have enough time to perform its function of extracting passwords

before the AV caught it. I'm assuming the answer is yes, but just double checking. Thanks for your help.

[C vs. C++]

What's the difference?

Which one is more appropriate for hacking or building programs?

Thanks very much.