tekio

Binrev Financier
  • Content count

    1,525
  • Joined

  • Last visited

  • Days Won

    80

Everything posted by tekio

  1. "Well, Sherif Mills is either having an Obama-care insured opium dream, or something is eating folks at the Souix City General Hospital." Bobby Singer - Supernatural

  2. 1- You have sweet hardware. 2- Have you tried rainbow tables for MD5? I have a set of tables that work really well, they only go up to 9 characters like you managed to crack, but still. I believe the tables are alpha-numeric. 1) thank you. I'm probably a little older than most in here, and have a career. So, I buy some toys since I work my ass off (albeit from home mostly) 6 days a week and am on call 24/7. 2) Yes, I do. I have a set of 9char alpha with a space and they are huge... I've got quite a few tables... Earlier their was a topic in here about Rainbow table trading. It motivated me to stock up on them.
  3. I was under the assumption ascii was encoded with 8bits per character, and one left over for parity checking when the standard was defined??? Everything I've read says it's 7 bits with one left for parity/error checking, and revised using 8 bits for more characters. Is that not correct? EDIT: I think when a file is saved it is converted to a decimal ascii code. But in memory it is binary. Again, I'm not too sire though...
  4. Went to the store and was very happy to see they now offer 12packs of white Mtn. Dew! :D

  5. decoded ascii:
  6. tekio thinks it's cool that iPhone errors are in the 3rd person: *iPhone needs to cool down before you can use it".

  7. I'd totally be down with that if it could cook, too!
  8. Even with hardware acceleration, WPA/WPA2 is a bitch for bruteforcing. When was the last time anyone in here has brute-forced something over 9 chars (even with CUDA/ATI STREAM acceleration? I've cracked a 9 char MD5 hash once. It was all alpha and MD5 w/o a salt is nothing compared to WPA/WPA2 keys. Hardware acceleration on consumer products, like video cards, is best used for mangling wordlists for WPA/WPA2. I've been able to crack a few WPA keys. I usually use this method and systems with the following hardware/software: Machine 1: Windows 7 64-bit Q9550 Quad core oc'd to 3.7Ghz x2 Radeon 5850's 8GB DDR3 Elcomsoft Wireless Security Auditor (Supports ATI STREAM Acceleration as well as CUDA) Elcomsoft Distributed Cracking Tool (CUDA and ATI STREAM Support) Machine 2 iMac: Mac OSX 3.2 Ghz Core2 Duo 8GB DDR3 Aircrack-ng and jtr (john the ripper using a custom ruleset I made just for cracking WPA) CUPP = a tool written in Python to make custom password lists Machine 3 Windows 7: Core i7 @ 4.2Ghz x2 Asus GTX 460's 8GB DDR3 Elcomsoft Wireless Security Auditor Elcomsoft Distributed Cracking Tool (cuda and STREAM support) 1) Use huge wordlist of dictionary words 2) Brute for 10 numerics 3) Max out rules on Elcomsoft Wireless Security Auditor with small wordlist 4) small wordlist with custom jtr rules 5) Medium wordlist with minimal rules on Elcmsoft WiFi Security Auditor 6) Medium wordlist with custom jtr rules 7) 1337 speak and other custom dicts not covered in Elcomsoft or jtr rulesets 8) Collect information on target and use CUPP to create some custom word lists 9) Forget about computers for a while, because at this point, with advanced rules, and huge dictionaries, all systems are busy for a few days. 10) After a day or two of nothing on larger lists with large rule sets, I usually just stop. This kinda stress puts a lot of wear on systems. EDIT: I also make a custom list, using passwords pro, of every phone number with the local area code.
  9. wonders why Jehovah witnesses usually come knockin at the most inconvenient of times. Yes! 8:30 am is very inconvenient!

    1. phaedrus

      phaedrus

      Any time is inconvenient. I suggest telling them you have a sexual fetish involving copies of watchtower, and your so glad they called as your last copy had to be burnt for medical reasons...

    2. tekio

      tekio

      I've got a plan! I'm gonna make sure the Mormons show up at the same time... Then see who takes the first sucker punch when I tell 'em, "I'll join whoever wins in a fist fight!".

  10. GAWD! I hope they don't get too fancy with car batteries! They're simple, and work flawlessly when properly maintained. Sooner or later, someone will want to put an IPv6 address, remote access, and firmware on them.
  11. My new gaming rig has a Biostar MoBo that can be controlled remotely by my iphone! I can see this feature being exploited BIG-TIME in the not so distant future. I'm not yet sure if it is just Itunes that can be controlled, tho. I've not had time to check it out... But anything "remote" is just begging for trouble, IMO.
  12. In any case it is a clever hack. I mean if I had never read that and got infected, it'd drive me bonkers trying to figure it out. I'd never have thought firmware in a battery, of all places.
  13. That's the same exploit. I thought it said brick the battery, not logic/MoBo? I'd be willing to bet with the password and the know how, the old firmware could be restored. So i don't even the the battery would technically be bricked. IDK, I'm sure all the firmware and mini-microprocessor on the battery somehow are meant to extend the batteries life. BUT, for the prices these things are going for it's more logical, keeping it simple, so we could buy a few batteries for the same price. Thus getting more power for our money.... End rant....... oh... screwing the process up, while playing with the firmware was bricking the batteries. I still couldn't find anything about the logic board..
  14. Cool! I was just curious about it.
  15. Could you post a link? I tried google, but couldn't find anything. OP: As for the exploit listed, Apple barfed on this one (again). A default password to get "full access mode" to the battery, and it's firmware? Not a good decision on Apple's part. IDK much about the exploit. From what I could find, it's very vague at best. I'm almost sure one would need physical access, to exploit the posted exploitable chip/battery/firmware. edit: scratch that last comment.... It can be done remotly. BUT, the firmware, from what I've read, resides on the battery. So take the battery out, and run from AC. Problem solved. For that hack anyway. DAMN, no wonder batteries are so fricken pricey! People putting firmware and shit on them.... edit2: oh.. one cannot easily take the battery out of a MacBook anymore...
  16. If you have Android get WiFo Fum. I got it for my iphone before apple banned it from the crAPP store. If your phone has gps it will plot all the wifi networks on Google Maps, then email them to ya. Simple, clean, and effective. IMO. P.S. it can still be purchased from a jailbroken iPhone from Cydia.
  17. Very first o/s I ever used was Workbench on my Amiga a3000.
  18. Idk no much about the attackers, and not enough time to research them. I only see two problems: 1) when I type www.Facebook.com... It probably goes to a different server than when even my neighbor down the street does. Most high volume web sites use distributed servers for load balancing and to fend off pesky ddos attacks. 2) they've lost the element of surprise. If I know about this and it is a serious threat, so does Facebook. Like II said, I know nothing of the attackers skill set, but would love to see Facebook get universly dos'd for a few hours...
  19. Just got back from a dinner date with a cute Juniper Tech gal. I acted like I didn't know about computers @ first.. Hb explaining juniper stuff: ... It uses the FreeBSD kernel. Me: kernel, WTF? Hb: the heart of a computer o/s Me: is bsd s monolithic or m.k. architecture? Hb: micro kernel Me: bullshit Hb: *smiles at me* wanna get drinks after? Me: ok, but just don't hit on me. Hb:............ :)

    1. tekio

      tekio

      What kinds of shit, din??

      Set up a a pof or okcupid. I'll help ya out....

    2. phaedrus

      phaedrus

      backdoors, theres always backdoors if you can get physical access...

    3. tekio

      tekio

      ^----- If she gawks after you use finger to gather personal info, she'll probably mount...

    4. Show next comments  66 more
  20. I'd recommend using a router that supports ddwrt, another third party firmware with advanced features. I'm not too farmiar with the routers you are looking at. Both tomato, and ddwrt firmware sites have a great listing of supported devices. Both ddwrt and tomato firmware offer client side isolation. But that is not needed if the network is secured with wpa. Also, for roaming use wds. It will distribute the wireless network among multie ap's. Roaming between ap's will be done automigically by the client. Edit: Sorry if my response was a bit sketchy. I don't know what the objectives for the wireless setup are. Just wanted to point out wds, and third party firmware might be something worth looking into.
  21. Finally got the chance to see Limitless. I want some!

  22. Being that it "decodes", and "reverses" MD5; i'm quite interested in disassembling and researching the original poster.
  23. Southern Comfort, Front row seats to soundgarden, are awesome till the morning..... This is gonna suck when I wake up!

  24. The php manual lists all the predefined $SERVER[] variables. A lot are dependent on the web-server running, but from my experience, both apache and IIS support all of them. http://www.php.net/manual/en/reserved.variables.server.php