General Hacking

iPhone remote hacking?

Fri, 10 May 2013 01:12:37 +0000

I've been looking for some exploits and ways to get into a unjailbroken iphone. I know theres a current cydia exploit that exists for metaploits, is there anyway to gain root access to a non jail broken iphone?

Or would it be best to actually be within the lan network to do so? I've forward most major ports to the iphone to hopefully see if theres an exploit someone currently knows for iphone.

RAIDz 4TB Box Build Thread

Wed, 08 May 2013 20:39:50 +0000

Just ordered 3x WD Green 2TB drives for a RAIDz project, so I'm going to start a build thread! I'll post pics of the hardware along with specs and progress. Right now there's a few questions to answer:

-- Which is more important, a good NIC or good SATA controller

-- Is onboard SATA 1 sufficient

-- What is the performance gain of aggregated gigabit Broadcom NICs to hosts with Intel adapters

-- Do jumbo frames pay off for having to segment the network

-- Which network sharing protocol gives the best results in a mostly-NIX environment

I'll be using surplus server hardware from Rackable Systems and FreeBSD-CURRENT for its zfs/raidz support.

TESLA BILLS ARE BACK!

Wed, 08 May 2013 16:46:22 +0000

Thanks to the efforts of one of our readers, we have obtained a stash of 100 dinar notes from Serbia. Each of these notes is a tribute to Nikola Tesla - engineer, inventor, futurist, and inspiration for hackers everywhere.

http://www.2600.com/news/view/article/12344

SPRING ISSUE OF 2600 RELEASED

Fri, 05 Apr 2013 08:25:04 +0000

It's the first Friday of Spring, which means it's time for everyone to have a copy of the Spring issue of 2600 in one form or another. There are a number of ways to make this happen:

http://www.2600.com/news/view/article/12334

VOLUME 25 OF 2600 NOW ONLINE - DRM FREE - IN KINDLE, NOOK, AND PDF FOR

Thu, 04 Apr 2013 09:03:25 +0000

The digital archive project continues. This time, we've decided to go in a different direction: backwards. Volume 25 of The Hacker Digest is comprised of material from our quarter century mark back in 2008. It's now available DRM-free for all of your electronic devices from computers to e-readers to phones.

http://www.2600.com/news/view/article/12333

Unknown password hash format

Wed, 27 Mar 2013 02:46:05 +0000

Has anyone ever seen a password hashing/encryption method that looks like these examples?

luje!svj. (suspected plaintext "indspw")
luwr!cn!!!! (suspected plaintext "crftpw")
!KV!!Y!S (this could also be "crftpw" instead)
j1b1rvn*!01! (plaintext unknown)

I'm pulling these from a hexdump, so these strings might either have extra crap at the end, or be zero-filled up to 12 bytes. In the dump they're aligned.

My money's on a modified base64, which would turn these into 8 octets. However, base64 has two punctuation characters, whereas these have three ('.', '!', and '*').

Your thoughts?

Are there any PenTesters out there?

Mon, 04 Mar 2013 15:26:26 +0000

Hi Everyone. I'm new to the forums, but I used to be subscribed to Binrev a long time ago.

I'm trying to pursue a career as a pentester. I was just wondering if anyone had any solid advice on gathering pentesting experience? I already have a home pentesting lab and I already have my Ethical Hacker certification.

I just wanted to hear what you guys think. It is frustrating because employers have such unreasable expectations when it comes to pentesting experience.

Anyone scalping THOTCON tickets?

Mon, 04 Mar 2013 10:12:07 +0000

Me and a friend would really like to go, considering Bruce Schneier is a confirmed speaker.

Sort of derped and didn't realize sales closed on the 1st.

Anyone interested in reselling two tickets?

NEED HELP WITH JAVA

Tue, 19 Feb 2013 22:00:19 +0000

I need some help with java for an android application I pay for this. if u interested contact me at ursu77777@yahoo.com.

Brute force passwd cracking, am i doing it right?

Tue, 12 Feb 2013 14:36:09 +0000

Hey, so i just created this brute force script in Python that tries to figure out a password (in this example, the password is a constant string)

It creates a list() starting with one int(), it then counts in base-n untill it figures out the password (when it has to do a carry, it just expands the list)

Basicly, i was just wondering wether this is the way it's "usually" done.

chars = list('qwertyuiopasdfghjklzxcvbnmm')

passwd = []
chars_length = len(chars) - 1
test_passwd = 'abcde'
passwd = [0]

def getPass(attempt):
    global chars
    ret = ''
    for char in attempt:
        ret += chars[char]
    return ret

while True:

    passwd[0] += 1

    i = 0
    for char in passwd:
        if char == chars_length:
            passwd[i] = -1
            try:
                passwd[i+1] += 1
            except IndexError:
                passwd.append(0)
                passwd[i+1] += 1
                print(str( len(passwd) )+'\n'+getPass(passwd)+'\n===================')
        i += 1

    if getPass(passwd) == test_passwd:
        print('\nFOUND IT!!!\ngetPass( passwd ) == "{}"\n\t=> True'.format(test_passwd))
        break

I attatched the script as a *.txt

Attached Files

passFigure.txt 1.24K 2 downloads

crawl imdb,com for trailer.mp4...

Wed, 09 Jan 2013 17:57:35 +0000

I have a orginized list of movies, I have autoated movie cover dl, actor image dl and movie description document...

I'm compile this info into a website running on localhost. The most important feature is the trailer src that I strugle to automate this download... Omdb provides verry nice trailer that I hope to download OR just use the page/scrpt source...

I can engineer a proper get request for a single download but I notice its not consistent src location...

If some one can look at page src of i a mdb trailer. I don't have java script skill to defeat there security they try to prevent this...

I'm open for ideas, iframe src could be the main page but this is sloppy and I want to isolate the vido only....

WINTER ISSUE OF 2600 RELEASED

Fri, 04 Jan 2013 11:10:00 +0000

It's the first Friday of the year and time for the Winter issue of 2600 to hit the stands and the mailboxes of subscribers worldwide. Are you kicking yourself because you're still not part of this elite group of individuals? Well, it's easy enough to subscribe and become part of the enlightened masses.

http://www.2600.com/news/view/article/12309

VOLUME TWO OF 2600 NOW ONLINE - DRM FREE - IN KINDLE, NOOK, AND PDF FO

Thu, 03 Jan 2013 09:07:44 +0000

We've gone and done it again. The next step in our digital publishing project was to go back and remaster our second year in existence. "The Hacker Digest - Volume 2" is now available for Kindles, Nooks, tablets, computers, phones, and whatever else you can read electronic data on. And it's all DRM-free.

http://www.2600.com/news/view/article/12308

Is it theoretically possible for someone to hack into service provider

Wed, 26 Dec 2012 12:03:48 +0000

I am writing a book called Electronic Gags. In this book, a fascist government is using trackers to suppress the people. They put the trackers on people's neck's like dog collars. The trackers are connected to the government's computers by GPRS. In this case, the trackers are more like subscribers and the government is like the service provider. In my story, the protagonist has to hack into the government's computers and alter some user accounts. I wanted the hacker to connect his tracker to his laptop and then hack into the government's computers. Is it theoretically possible? I realize that hacking a GPRS network is much more complex than hacking a Wifi networks.

What can I do with 50 computers...

Mon, 24 Dec 2012 03:43:14 +0000

Greetings, and Happy Festivus!

I've been given creative freedom to make suggestions/implement my ideas on the equivalent of a small business network consisting of roughly 50 laptop computers (8GB RAM each, i7 processors) running Windows 7, with VMWare Workstation 8 installed on each. The network in the end will be used for a security class, specifically ethical hacking/pentesting so I figured this would be the perfect place to get some cool ideas for what to do with all this freedom in order to benefit the class. My only stipulation is that I'm not allowed to remove Windows 7 or even dual boot (*sigh*), so any Linux installations will have to be virtual machines. So, I'm looking for out of the box ideas...got any?

My first idea:

I love showing people how easy it is to crack password hashes of out-of-date algorithms. What if I installed 50 virtual Linux boxes (All the laptops are identical, so I could set up something lightweight like Arch on one, and then just copy the image from machine to machine) and then clustered the machines via Ethernet cables to a switch? How difficult would it be to make use of the CPU's, or even better, the GPU's of each laptop in the distributed system to crack hashes? Do any password crackers have this functionality? Would there be a bottleneck if I used an old switch with 100mbps FE connections?

My second thought was, if there aren't any password crackers with distributed functionality, it would be a simple matter to write a script to divide up blocks of potential passwords, and then assign each computer work on it's own block individually with a locally installed password cracker, such as Hashcat. As an oversimplified example, say you had a 3 digit password, using a strictly numeric character set (0-9), and you had 3 computers to crack the password with. Computer 1 could process 000 through 333 while Computer 2 processed 334-666, and Computer 3 could do 667-999, and no intercommunication would be necessary. The only needed interaction would be when one of the computers actually found the password. This would essentially eliminate any network caused bottleneck. In your opinions, is this doable?

My second idea:

Everyone loves capture the flag competitions. What if I were to configure a few vulnerable servers and then give the class notice, say a week ahead of time, that next week they would be given the opportunity to split into teams, and find vulnerabilities in those servers? I could give them a jumping off point, and from there the team to find the most vulnerabilities and report them properly would win. Additionally, after the game, the students could be asked to share their procedure/methodology for finding/exploiting, and reporting a vulnerability." Does anyone have any suggestions of cool things to do with this? I'm expecting a few students with some experience using things like Backtrack/Blackbuntu, and a few others with some knowledge of vulnerability assessment, but for a majority of the class, I imagine a few hints will be necessary. The end goal is to keep everyone focused on the actual HOW, and not to promote cookbook style (read: script kiddie) thinking.

TLDR: Just reread the title.