DingleBerries

Think passive network tap only instead of using physical(eth) port you are taking it in via wifi. I love the idea, but i still need a place for it to dump my packets until i can come and take them away.

Step 1. Find some bot source code. Step 2. Mod source code to point to your server, IRC/Web/ICQ. Step 3. Make sure bot is contacting home. Step 4. Bind that to another program. Step 5. ???? Step 6. Profit The principal around bots is not complicated, the inner workings and source is what makes them interesting. After you get your hands on some sauce then you can start with all the complicated things, keylogger, inform other bots, crypt traffic. Play with this: Simple IRC bot http://www.osix.net/modules/article/?id=780 Mod the code in order to execute system function when a command is sent via irc. You can also build in other classes and what not. Im not going to go into spreading your bots because that is illegal and should be self explanatory.

Im in tennessee but i dont have a place for you to stay, or id let you board for a bit. There are some hotels in nashville, only problem is the price and transportation. Ill see if i cant get you a bus schedule. Plus traffic isnt fun down there.

If he has physical access and a bruteforcer it shouldn't take more than a min or two to break the password, unless its a shit router then you are just going to ddos it.

I can understand them not wanting to have a live test done one their network if they do no have any production/test boxes. Some companies just cannot afford that, although it is a good practice to have backup/production/main. Darkcode has a milw0rm script for going threw vulns. but I find securityfocus.com to be better and easier to use.

Be on the look out for a new payload with some interesting features ;)

The only problem is where I put it. If i do not have wifi access there, external, then I cant stream it to a vpn. Saving logs to a physical media will allow me to dump them when im near by, via a held held, or to get them via ftp/scp. All in all this is really awesome. A network tap but transmitting the data wirelessly... Beyond words.

I HATE reading books on computers. Dont know what it is, but when I read a book I want to be able to sit in a comfortable place, dog ear pages, highlight stuff. I can do that on a computer but its just different. Paper is key.

I have a router brute forcer for lynksys but should also work on netgear. PM me if you are interested.

Now if only there was a way to add a sd card to the device and have it log packets there, then come back and retrieve the packets and reset the memory. Maybe when the fon2 comes out we can see this.

With out seeing what it looks like its hard to say, you may be able to fix the mbr. No offence but it doesnt seem like you know what you are doing so its hard to walk you threw step by step, especailly since there is google. You can try shrinking the windows partition and installing ubutu on a new partition and seeing if it picks it up and then reboot and use grub to boot back into windows OR ubuntu. Other than that just format it, not of value is lost.

PM sent

I dont think this was the word I was looking for... http://www.google.com/search?q=define%3Apr...lient=firefox-a

BBC has some great lawyers and they more then know the law, but Section 7 of the Computer Misuse Act 1990 is about territorial scope. In subsection sub subsection 1B it says that the law still applies if they are a party in England or Wales and it describes how. It says that they may become a party via an agent, what type of agent is made clear but to me I think of the agent here being the internet and alas herein lays the problem. With that logic it can be said that if I exploited a computer in the UK I fall under this law, extradition is possible but it is more likely I will be heard in a US court. The act itself took place in the UK, the zombies may not have been in that area but the law "should" still apply. I think at the bare minimum this should be heard in court so that there will be some type of precedent to base future conclusion off of.

http://theinvisiblethings.blogspot.com/200...iscoveries.html Her previous work on/with Blue Pill was amazing in itself but this goes deeper, SMM deeper. The code is planned to be release tomorrow, March 19, 2009. Cool thing about this is that the only way to detect it is to dump the firmware and disassemble it. Looking forward to the paper and hopefully a patch SOON as this has been an issue since 2005(in the article).

Reading over the Computer Misuse Act 1990, not sure if that's the newest version there are a few things that although may seem morally right are against the law. Here is the url I am using: http://www.opsi.gov.uk/acts/acts1990/UKpga_19900018_en_1.htm To fulling understand that you have to also read article 4. You would have to prove that BBC had the intent "to impair the operation of any computer" it doesn't seem like they did that. Although they changed the wall paper that did not impair any operation of the computer, using the resources, bandwith/cpu/ect, may have though. Article 6 of section 3 is also interesting; This article seems to back up the claim that modifying the wallpaper is not a criminal act. I thought I read somewhere that they did remove the bot from the computer. If this was a mission critical system, life support/power plants/ect, and removing the bot had some ill effect on the computer, it was hooked into the kernel, and it was unable to boot then it may be a criminal offence. Article 17 deals with interpretation of this bill, don't know what they call it in the UK. Section 7 article 2 says that if the "program" out puts any data whether by having it displayed or in any other manner is illegal. Droping down to article 4, For the purposes of subsection (2)(d), describes what exactly is meant by this; Now I get back into the wall paper subject. Article 7 says "A modification of the contents of any computer takes place if[sic]" subsection b, "any program or data held in the computer concerned is altered or erased". How do we know that this is illegal? Article 8 It would seem that what they did was illegal. I cannot find more information about ddos laws in the UK but from what this says all of what they did was illegal... using resources, changing wall papers, sanitisation of the zombie. Its up to the court to decide really, this is a hard bill to understand.

Erm, no. There is alot of grey area here. The resources do not just belong to the infected computer, but also to the ISP. Now this isnt the case here but with a large/powerful enough bot, say a corporate network, you run the risk of over running the servers at the ISP. Depending on what the damage is, how long others had to go without internet, then the ISP may decide to track you down. Seeing as they only used 60 or so bots to attack this site then it probally did not do any harm. Also you are causing a local dos on the bot computer because you are using there resources to do the attack, but you already covered that. I dont want to argue about it, the Police And Justice Act 2006 says that if you do this with just the "the requisite intent" or "the requisite knowledge" of impairing the operation of a computer, prevent/hinder access to any program or data held on a computer or to impair and operation on a computer then you can be punished by 2 years in prison. I cant help but think of it all the way from the bot to the isp to the target, all of the systems are being impaired but that is just how I look at it. I do not live in the UK so I am just going off of what Ive read and what people have told me.

From what I understand about windows is that it only recognises the first partition on a thumb drive, so nope wont work.

GParted in linux works fine for me

Even the act of DDOSing alone was illegal, even if they had proper authority from the owner of the server... but really who is going to do anything? I am a bit upset that there has been no legal action taken.

Have you tried booting GParted yet? From there you can erase the partitions and start a new... Dont use third party tools in windows if you dont have to. Microsoft has done a great job making sure things work... i.e. their defrager. Next time just install Vista(if you want that to be the fastest OS) and then Ubuntu... or move Vista to the middle and Linus in front with a swap file.. Ubuntu will auto detect windows and work accordingly.

I dont know much about the other projects, alot of the tools are picked up by AV so I tend not to use them... but I am sure there is a way around it. It may also be your PC that auto opens mounted devices. About your sd card reader... I dont know lol. Are you trying to dump the firmware?

Can you take a few pictures of it? Just so if we happen to stumble upon something we can compare?\

U3 Launch pad is correct. Antivirus will pick up tools already flagged as hacker tools or the like, however it cannot delete them, only stop them from running. Best to pick up some type of coding language so you can make your own. Python is great and Im sad I didnt learn it first, still not a very good coder but I get by. Other than that just think of something you want to do and as long as autorun is enabled you can pwn your heart out.

$119.40 1 year of hosting AND one domain registration - $110.16 777 promo $9.24