• Content count

  • Joined

  • Last visited

Community Reputation

5 Neutral

About schippstrich

  • Rank
    SUPR3M3 31337 Mack Daddy P1MP

Profile Information

  • Gender Male
  • Interests Music, Technology, Food
  • Country United States
  • Location USA

Contact Methods

  • ICQ 0
  1. Stoned Bootkit

    Stoned installs to the MBR which is where GRUB is *usually* located. I'm sure it will overwrite GRUB, but not positive. As of now it's is a Windows only bootkit, so I don't think it's going to live side by side in the MBR with GRUB.
  2. PhreakNIC & Hack3rcon

    Is anyone going to be attending PhreakNIC next week and/or Hack3rcon the week after?
  3. Eureka! Wifi security idea.

    So are you planning on making this a project? or just sharing a thought. Just curious...
  4. Nmap

    While on that topic, I've been looking for a quieter scanner lately, Nmap is too easy to detect on my test machine, do you have any suggestions for a better port scanner? I tried Unicornscan, it's output is easy enough to read but I haven't checked to see how "subtle" it is yet. I don't think it is possible for a "scanner" to be quite. Your best best is to do individual probes over a period of time for the best chance of not being noticed. Hping is great. You can do some stuff to help in Nmap as well(-f(less true nowadays), --scan-flags, -n, -PN, --data-length) but the main point being do not "scan", just send a probe here and there. There are some intricate details between a SYN segment from a SYN scan and TCP scan in nmap(
  5. VPNs and Universities

    The SecurityNow podcast has a decent introduction series to VPN's( Episodes #14-#19). They talk about a few of the most popular clients and a brief "how they work". I've used OpenVPN and Dynamic SSH Tunneling and they work well.
  6. Eureka! Wifi security idea.

    If someone is listening, they could grab the two keys out of the air and put them together.
  7. CUDA rtgen

    Check out oclhashcat for using GPU's. It's very very fast. The Defcon cracking competition was won with hashcat. oclhashcat uses the OpenCL framework. It's the fastest tool out there now. When you can brute at 9 billion strings a second, there becomes no need for rainbow tables.
  8. questions about NTLM hashes and Cain
  9. View on Encryption,Decryption for security purposes

    My main reason for using full-disk encryption is if in an unfortunate turn of events my laptop becomes stolen. Hopefully, it won't be on either.
  10. Interface bridging

    As suggested above, brctl is in the bridge-utils package. I'm going to make a bridge interface called br0 brctl addbr br0 I will now add each interface to the bridge. brctl addif br0 eth0 brctl addif br0 wlan0 If I were to use tcpdump -i br0 I would see traffic from both eth0 and wlan0.
  11. Need help with bruteforcing of admin password (Linksys WRT110).

    You could run a wordlist against the devices HTTP server. You can use hydra by THC. It will be something along the lines of: hydra -l userwordlist.txt -p passwordlist.txt -m / http-get-form
  12. View on Encryption,Decryption for security purposes

    MindSet: Seal knows this, look at the above quote. If you own his box via the latest Windows 0-day, full-disk encryption is not going to help. Your disk will have already been decrypted if you booted in Windows. The data is now yours. In his eyes, it's not worth it. I use full-disk encryption. I also use GPG when dealing with emails and files that I deem sensitive.
  13. RAR file password

    I suggest Google as well. I personally wouldn't pay for it, but PureHate from the BackTrack team runs this: I haven't used this but you can try it:
  14. browser redirection with MITM
  15. HDD Protection

    There is a fundamental difference in the encryption designs between TrueCrypt and PGP (Open Source = GPG). TrueCrypt relies on Symmetric Cryptography and PGP relies on Asymmetric Cryptography. Fundamentals: