Jump to content


Active Members
  • Posts

  • Joined

  • Last visited

Recent Profile Visitors

1,163 profile views

CrashandDie's Achievements


Newbie (1/14)

  1. Not tested, obviously, but it should point you into the right direction: <?php // INIT CURL $ch = curl_init(); // SET URL FOR THE POST FORM LOGIN curl_setopt($ch, CURLOPT_URL, 'http://store.domaincentral.com'); // ENABLE HTTP POST curl_setopt ($ch, CURLOPT_POST, 1); // SET POST PARAMETERS : FORM VALUES FOR EACH FIELD $data = array('pid' => 74747, 'currenturl' => 'http://store.domaincentral.com', 'username' => 'myusername', 'password' => 'mypass'); curl_setopt ($ch, CURLOPT_POSTFIELDS, $data); // IMITATE CLASSIC BROWSER'S BEHAVIOUR : HANDLE COOKIES curl_setopt ($ch, CURLOPT_COOKIEJAR, 'cookie.txt'); # Setting CURLOPT_RETURNTRANSFER variable to 1 will force cURL # not to print out the results of its query. # Instead, it will return the results as a string return value # from curl_exec() instead of the usual true/false. curl_setopt ($ch, CURLOPT_RETURNTRANSFER, 1); // Various options which will enable multi-page sessions. curl_setopt($ch, CURLOPT_COOKIESESSION, TRUE); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_COOKIEFILE, "cookiefile"); curl_setopt($ch, CURLOPT_COOKIEJAR, "cookiefile"); curl_setopt($ch, CURLOPT_COOKIE, session_name() . '=' . session_id()); curl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1); // EXECUTE 1st REQUEST (FORM LOGIN) $store = curl_exec ($ch); // SET FILE TO DOWNLOAD curl_setopt($ch, CURLOPT_URL, 'http://store.domaincentral.com/servlet/WebsiteServlet?formaction=List&searchflag=false'); // You probably need to cleanse the POST data here or something. // EXECUTE 2nd REQUEST (FILE DOWNLOAD) $content = curl_exec ($ch); // CLOSE CURL curl_close ($ch); echo $content; ?>
  2. Thank you, again, for this superb sentence that doesn't make any sense ;) University: Been there, done that. And please, for a second, re-read my post, I didn't say "omg the interwebz are all u need", I just said, that books can contain as much as crap as websites, but they have an added danger, that people (just like you I might add) do not doubt their contents. Books are extremely dangerous, when written by, or placed into, the wrong hands. But considering how easily you misinterpret a simple forum post, I doubt you've come across that many books, have you? ;)
  3. Don't tell me you're really that naïve... I mean, for crying out loud... Read "Mein Kampf", read Nietsche, don't tell people to read books when you have absolutely no fucking idea what you're talking about. There are more published books out there talking about negationnism (that's holocaust denial for you) than you could fucking imagine. And what's the first thing you're gonna do before answering? Google. That's right, no open a book. Google. Don't beat to death the horse you're riding.
  4. I always love it when people tell other people off, and especially when they insult the intelligence, but fail at spelling when doing so. Go for it. If you try, and succeed, what's the worst that can happen? You're going to get detention? A letter to your mum & dad? Have fun, that's the only thing I'll say. If you manage to get through it, and the IT guy notices, good for him, but he should've created a better network, if they really want a "secure internet" (which doesn't exist, btw). Oh, and btw, port 22 (SSH) will probably be blocked. Try putting the SSH server on port 80, maybe it'll manage to go through there. The HTTP-Proxy-over-SSH is what I would consider too. I've been using it for a few years at school/work/unknown wifi networks, and never had a problem with it. Just install apache, with mod_proxy, on a home server, make mod_proxy only accept request from on the server, and make sure port 22 is accessible from the outside. When connecting, use the command "ssh user@server.foobar.org -L 8080:localhost:80" This will create a new connection, and forward port 8080 on the machine you are sitting at, to port 80 on your server. Beautiful.
  5. How about we try to find a coding challenge that is not tied to a given Operating System?
  6. Challanage? Challange? I think you'll find that's "challenge". On a second note, I don't see how "someone posts something, and then someone else, and then someone else" is a challenge. There's no challenge there, mate. Stop organising the challenges, just create one. If you have spare time, write a set of rules, and just make it happen. Be it a crackme, or coding contest. You don't have to say "someone does this, and then someone does that", because that's just bollocks. Nothing is going to come from that. The last part, is that crackme's are boring like fuck. I think nearly everyone has done crackme's, and developing them is even more boring that trying to crack them. That's going to die out soon. A good old fashioned coding contest would be perfect, but one thing that would make it interesting, is having everyone's "signature language" (my signature language is C++) in your profile, and then have *everyone* use another language than their signature language. Just to though things up a bit.
  7. There aren't any tools that can detect an essid unless the AP broadcasts it, or unless one of the clients probes and connects. You can't get that kind of information out of thin air. And anyway, no clients == no cracking under 5 minutes, so usually no point in trying. Oh, and using multiple laptops will not boost results in any way possible.
  8. $ gcc bomb.c -o bomb -Wall bomb.c: In function ‘main’: bomb.c:7: error: ‘sleepfor’ undeclared (first use in this function) bomb.c:7: error: (Each undeclared identifier is reported only once bomb.c:7: error: for each function it appears in.) bomb.c:7: warning: implicit declaration of function ‘getenv’ bomb.c:9: warning: implicit declaration of function ‘prompt’ bomb.c:10: warning: implicit declaration of function ‘gets’ bomb.c:11: warning: implicit declaration of function ‘strcmp’ bomb.c:11: error: ‘P1’ undeclared (first use in this function) bomb.c:12: warning: implicit declaration of function ‘click’ bomb.c:14: warning: implicit declaration of function ‘kaboom’ bomb.c:20: error: ‘P2’ undeclared (first use in this function) bomb.c:23: warning: implicit declaration of function ‘strlen’ bomb.c:23: warning: incompatible implicit declaration of built-in function ‘strlen’ bomb.c:31: error: ‘P3’ undeclared (first use in this function) bomb.c:38: warning: implicit declaration of function ‘fopen’ bomb.c:39: warning: implicit declaration of function ‘fizzle’ That's what your code gives... "c", and "v", as you call them, are the argument count, and the argument value. argc and argv in short. If you launch it by executing ./bomb, argc (c for you) will be = 1. If you launch it by executing "./bomb is da shit", argc will be = 4. The "v", or usually called "argv", is a pointer which points to an array of arrays of characters. In other words, it's an array of C-type strings. You can access each string by using something like: printf("%s\n", argv[0]); // in general printf("%s\n", v[0]); // for you The value of "v" is thus just an address of a memory strip. Nothing to worry about. You're not using the arguments, so you can just leave both of those out by using int main (void). Try this: #define INPUT_BUFFER 10 #include <stdio.h> #include <string.h> int main (void) { char * passwordList[] = {"first", "second", "third", "fourth"}; int i = 0; char answer[INPUT_BUFFER]; for (i = 0; i < 4; i++) { printf("Password?\n"); if (fgets(answer, INPUT_BUFFER, stdin) == NULL) printf ("Oh shit, something went wrong\n"); answer[strlen(answer) - 1] = 0; if (strcmp(passwordList[i], answer) != 0) { printf ("KABOOM !\n"); return 0; } } printf("You won!\n"); return 0; }
  9. Here's another idea: how about you make something a bit more sophisticated? Creating yet another wget clone doesn't motivate anyone. There's nothing as "quality" in downloading, either you get the bits right, or you don't. If you want to motivate people, get them to do something that will challenge their intellect. Not just send an HTTP request.
  10. You will sometimes see ”<length: ?>” as the SSID on the airodump-ng display. This means the SSID is hidden. The ”?” is normally the length of the SSID. For example, if the SSID was “test123” then it would show up as ”<length: 7>” where 7 is the number of characters. When the length is 0 or 1, it means the AP does not reveal the actual length and the real length could be any value. To obtain the hidden SSID there are a few options: Wait for a wireless client to associate with the AP. When this happens, airodump-ng will capture and display the SSID. Deauthenticate an existing wireless client to force it to associate again. The point above will apply. Use a tool like mdk3 to bruteforce the SSID. You can use Wireshark combined with one or more of these filters to review data capture files. The SSID is included within these packets for the AP. http://www.aircrack-ng.org/doku.php?id=air...en_ssids_length @ret: I think you have the more understanding of the actual problem than anyone else. @Steve8x: There's another world with other stuff than just the things you have seen.
  11. Do you want fries with that?
  12. Another question: Why the fuck would you want to roll out your own distro? I mean, you hardly understand anything about packaging, you don't know anything about Linux as a whole, and I'm guessing your kernel skills aren't very polished either. The whole point of a distribution, is to have a set of tools, utilities, kernel patches, and software, that will give that distribution a unique flavour. There are so many different distributions out there, that you are bound to find one that fits you. If you want a name for it though: YASFUD Yet Another Shitty Fucking Useless Distribution
  13. Thank you for this line which means absolutely nothing. Please do not use terms prior to understanding them ;) And for the OP, get your act together, give us real info.
  14. There's a lot of existing options. Torrentflux for instance runs atop of apache, web interface, support for rss feeds, stops at a given ratio (say, 180%), automatic queuing of new .torrent files, etc, etc
  • Create New...