DingleBerries

Up to date AV doesn't alway protect the user, especially if they are into warez or pirrrrrating software. The source code of the Trogan/RAT is pretty much kept secret to the individual who made it, and when AV does pick it up they can change a few lines and it will work again. I would tell her to monitor her network traffic for anything unusual and scan for open ports.

Ive seen many a server/page owned and the admins had no clue it had happened, usually they place ads and what not there and in essence steal the page clicks. I would like to see something like this done with click jacking. Addictive Flash Game+Click Jacking=Profit

kevin rose

I think that the webcam/mic monitoring was fixed in flash 10, but there are still a few others that i see that seem interesting, and until adobe patches it and users update it seems like a fun playground.

Here is a really neat clickjacking exploit http://blogs.zdnet.com/security/?p=2005

Linux by far has some of the best desktop enhancements. So I would like to get some good examples for windows and peoples experiences with what they've tried. Here is a list of a few things i have came up with so far: Desktop Earth 360desktop Rainlendar DOOMI Shells Emerge BlackBox BBLean

i forgot i was following Opera on twitter and go that txt at 2 or 3 this morning.

im surprised i havent seen any *chans yet.. But so far i have added a few of these to my fast dial list..

Yeah, I've had those nights.. I think thats why i like it so much.. Like a surprise in a bottle..

I am a fan of heineken beer, especially the dark logger. But my all time favorite is alcoholic beverage by far is Jägermeister. I lived in italy for a few years and got to try alot of German beer, but it all seemed "heavy"? Not saying it didnt taste good.

Try cain and able.. I will have to research some tools for linux, but i know that others on this forum will have that information.

I gotcha. Sorry about the confusion.. But if you are monitoring traffic on that port you will indeed notice something fishy

I am trying to send a log.txt file to a gmail account. I tried modifying the IronGeek source but that didnt work.. Are they any ways that people know of.. I was thinking about BLAT but thats a last resort thing..

I just started using dev-C++ again but whenever i try to compile ANYTHING i get this error unrecognized command line option "-fdollar-in-identifiers" I must admit i do not know how to turn it off. The version is 4.9.9.2 Thanks in advance

They were gifts, but received and distributed under false pretenses...fraud. He was sent 1 link He manipulated the url and visited MORE links Links were meant for other people Those people did not receive there prizes ALSO Some contest state that only one prize will be given out per participant, so if you broke the "contract" then they have the right to sue. Very unlikely that they would do that..

I, personally, do not know of a ssh client/server that uses ssl..SSH and SSL are two different protocols. im sure if i googled around there is one, probably using SecureSocket, but ssl is mainly used for http traffic, instant messaging, and ftp. If its worth anyones time i wouldn't mind doing a little more research and getting back to you. LINK LINK

I heard of that earlier this year.. I believe its only against wireless cards but im not to sure, dont really want to read about. Its not the card itself but the drivers.. I know there is a Intel DOS like this in the wild. Im auctually working on a remote exploit of NIC atm but im no where near finished. When i get a few mins ill see if i can find the intel attack and post some links EDIT Here are the links. Still didnt read the original post. http://www.milw0rm.com/exploits/1772 http://www.securiteam.com/exploits/5FP0N0AO0M.html http://news.softpedia.com/news/Intel-Addre...ies-31820.shtml http://securityreason.com/securityalert/877 These are all fairly similar to what i am planning but im focusing on wired nics.

I read way to much and I am slowly running out of places to visit. What tech sites do you visit? Iron Geek Gizmodo Life Hacker Hack a Day Damn Vulnerable Linux Download Squad Mil W0rm Forensic Focus SecuriTeam Instructables Then there are my social news websites, but those are the only ones i can think of with fresh content.

Now you get Nmap or some other sec software and play around. Iron geek has a script to try and brute force windows passwords over a network, LINK. I started playing with damn vulnerable linux and i must say it is a challenged but it is worth it. There are other things as well. Say, hypothetically, you crack a department stores WEP. Now you have access to their intranet where many store documents are located.

I told myself that I would never use cain, but i broke down and downloaded it last night and it does a great job at sniffing POST passwords and what not. But a MITM attack should get you all the information that you need. What exactly is the situation, i.e. a residents, coffee shop, school? Then we might be able to give you an way to set up the attack.

Actually thats a really good idea. Since it is a high school, with under paid admins, the problems i am about to point out probably wont really matter. 1. The drastic rise in traffic on port 443. 2. If they decide to monitor traffic they will notice that port 443 isnt using SSL encryption and almost all the packets will have an incorrect TCP checksum But i highly doubt that anyone, school or work, is going to say anything..

Yeah, these are awesome.. Great work

Now that one was pretty neat, I can see a few uses with that on combined with the click jacking. Touche good sir

Iron geek has the source code up for one that emails so i guess i can tailor that around mine, and i saw a fellow hak5er write a screen shot app in c++ so if i can find that we will see what happens. Maybe i can release the source code.. but its always nice to have a ace in the hole when you need if..

Lol im surprised no on mentioned Folding@Home. But a webserver does seem like a better idea.. I also use mine for a windows virtual machine so i can run all of those shady programs. I think I might put another VM up and do what digip said and make it into a honey pot.