• Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by phr34kc0der

  1. Ok, I wasnt thinking and did a mkfs instead of a fsck (that'll teach me for not checking what my fingers do). Whats the best way to go about recovery? I dont have a similar sized HDD else i'd just try and copy what I could with the tools I've used before. Can a mkfs (ext3) be reversed? edit: well wiki says this: so I guess there is no standard way to recover from this. I'm running photorec to see what it can get back.
  2. If hacking is able to be taught fast dont you think everyone would try and learn it? Learning to hack takes time and energy and you'll never be the best unless you can learn for yourself. If you're interested specifically in web hacking then at least you've narrowed down the list of things to learn but it'll still be a massive list. Start learning HTML and then move onto scripting languages like PHP, Javascript or ASP. Learn databases and SQL and the TCP/IP protocol. Look into web servers and application servers and how to operate them. Look into Operating Systems. Learn the Linux and Windows command line. When you know all that you'll start to figure ways to break things. Web hacking basically comes down to knowing how to inject code and what code to inject. Hacking is a mindset and cant really be taught. Its a way of looking at the world and getting it to do unexpected things. This comes as much from practice as from being "that type of person". Of course if you just want to hack website you can but you'll never be "one of the best". Just another script kiddie.
  3. Xming is cool, but was pretty unstable last time I used it (about a year ago).
  4. I saw that video a while back and thought it looked way awesome. I meant to PM you and ask where I could find the source but it slipped my mind. Oh well, I'll get it when it's released.
  5. I would first start by checking out the guys name/email address on and similar search engines (pipl is good for searching for people). I would also use tineye to try and match his profile picture. Maybe he's using the same on some other site. If I found some info I would use that to try and brute force his fb and AOL passwords. To get his IP address I would set up a web server hosting an image and find some way to get him to click it. Maybe create a profile and pretend to be a hot girl and post the link on his wall. I'm not too familiar with facebook so I dont know the best way this could be achieved but we've all had spam. Try and learn from it . Does he have AIM? Again, pretend to be a hot girl (maybe bored and typed his address at random) and offer to show a pic, then send the link. After he clicks the link the web server logs would show his IP address.
  6. Hate to say this but my mp3 player doesnt support ogg so one vote for an mp3 version
  7. Why? While a lot of us here are not the target audience of the article/tutorial I applaud any effort made to pass on knowledge.
  8. Keep in mind that when using a proxy your data is being sent though a third party. Fantastic for staying hidden from the destination but any data you send/receive can be read by the proxy owner. Tor used to be OK but seems to be too slow for use now-a-days. Tor provides a secure connection between you and your destination via other users on the tor network. Again, the owner of the "exit node" can read data but not know where it came from. I think the best option may be to use a VPN. There are a few free services available but many require payment.
  9. What user are you talking about? Once aircrack gives you the key you can use use it to connect as you would any wireless network. This would of course depend on the OS being used. Unless the key changes it will work from then on. You seem to be a little confused about wifi networks (hey, no problem we all have to start somewhere ). Before hacking anything it is important to understand it first. It might be a good idea to spend a little bit of time playing with wifi, encryption modes etc before jumping in to hacking.
  10. Are you trying to get the network key or the username/password for the router? As Afterm4th said the network key is just a single password, however if you want the user/password combo for the router you need to go about it a different way.
  11. Old post I know but when I was in high school some friends and I found a neat little trick. I dont know if it'll work now but if we were to unplug the network cable the software would stop monitoring us even after the cable was plugged back in. I have no idea what software or version was used, but there you go. It worked.
  12. Although i'd avoid VB (especially VB6) it might be useful to have someone to actually help you though the tricky parts until you understand the concepts. If so then I say go for it From what I understand VB.NET is a complete overhaul from earlier versions and the .NET framework is used is C#, visual C++ and other languages as well so its useful to learn for Windows programming. The .NET framework is also useful for web based stuff if that interests you.
  13. This is good advice, but maybe not for someone who is just starting out. Once the basics are understood then switching between the best languages for a specific project is trivial. Heh, always wished I was better at design and graphics. Since most the things I create are for personal use I tend to skip the "pretty looks" phase and just use the command line. It always ends up being way more ugly and unintuitive that it should
  14. A scripting language is one which interpreted (I guess this would be the easiest description, however Java and C# are interpreted to some degree to (or at least they were, JIT compiling is being used more in Java now)). This means you write the code and another program reads it and does stuff. This is different from a compiled language as a compiled language, such as C, produces a executable program which is run natively. PHP is a scripting language. You write PHP code and the PHP interpreter goes off and reads the code and performs the actions. The advantage of scripting languages is that they can be easier to use, quicker to debug and less error prone but tend to be much slower than compiled code. Given todays computers, speed of code is less of an issue than speed of development. Java and C# rest in a weird middle ground. When a Java program is compiled it gets turned into "bytecode" which is then read by the Java Virtual Machine (the reason you need to install Java on a computer to even run Java apps). The JVM then takes the bytecode and translates it to machine code. The same thing with C#. If you're having trouble knowing where to start I would either get a book ASAP (maybe on of those "for dummies" books? I know they suck but they're pretty easy to read) or try and find some beginner tutorials online. Maybe check youtube or something and then get a book when you can. The actual language used isnt so important when starting out so just get on and do it Edit: I feel like im talking alot but not giving any actual resources. I'll try and find some good links and post them here. Edit 2: If C# is really where you want to go then check out this link for some book suggestions seems to be good for python although it is dated. The concepts are likely to be the same but the latest version of Python will be slightly different. Of course you could just install an older version of python.
  15. Java or C#, its up to you I guess. I think either choice would be OK assuming you didnt want to start with a scripting language. I cant really suggest a good book (i'm sure some others probably could but I haven't read that type of book in a long time) but i've found that one beginner programming book tend to be as good as the next. The hard thing is finding good books for the next stage. I would probably check out a local library or look on Amazon for the top recommended. Do you mean writing programs? The basic idea is to create a text document of the code, compile it, run it. An IDE is available for most languages (such as Eclipse or netbeans for Java or Visual studio for C#) which helps manage the program, files and can help with syntax errors etc. When writing smaller programs I tend to just use a text editor (for Windows I use notepad++ which supports colour coding, side-by-side view, regex search and lots more) and the command line for running the compiler. The java SDK needs to be downloaded, installed and setup to develop Java apps. I think visual studios is all that is needed for C#.
  16. Dont be afraid of being new, we were all there once and I dont think anyone on these forums will flame you for wanting to learn (besides, it's against the rules to flame in Nubie HQ). My advice on learning to program would be to decide on a language and get a good book. It's easy when you start to get as many books as possible and planning to read them all but I've found that it tends to distract. I would often change book when things got to difficult and would end up doing variables and loops over and over. IMO the language you start with isnt too important, however each has its own advantages and disadvantages. I first stated with BASIC which was great for concepts but a bit too dated now. Java was the first language I learnt enough to develop in. It's relativity easy, useful in the real world and cross platform. C is my prefered language but can be a little difficult to start with but not impossible. I would suggest not using C unless you know basic programming concepts such as loops, variables, functions etc. C is also not object orientated which may or may not affect your choice. Also, stay away from C++. Its much more than "C with classes" as a lot of novice programmers seem to think. A lot of people suggest starting with a scripting language such as Python or Ruby. I like Python (never tried Ruby) but I prefer languages with a C like syntax. YMMV. C# is (from what I understand, I have very limited experience in C#) similar to Java in terms of ease of use but has the advantage of being developed for use with the .NET framework. If you want to develop Windows apps then this is probably the way to go but be aware that C# really is a Windows language (you can run it on alternative platforms but really its for Windows) . Unless you find something awesome I would stay away from online tutorials to start with. A lot of information is either wrong, dated or not easy to understand. A good book will usually be of much higher quality.
  17. Is the wireless device up? ifconfig <interface> up
  18. Wouldnt suggest playing with work computers but I would start by stealing the SAM file and trying to brute force some password.
  19. Not even that. It can be done in the properties of the network driver (most of the time).
  20. Capturing the handshake can be tricky sometimes. What application are you using to capture? I assume airodump-ng. Before worrying too much about the more complicated stuff I would make sure that you're listening on the correct channel. It is also important that you are not too far or too near the access point and client. If you open the capture file in wireshark and filter for "eapol" you should see any handshake packets you've received which may give you a clue as to what went wrong. yup using airodump-ng do I need to configure tx-power, freq? for some reason my card wont go above 27 :S You probably wont have to change the power (which I dont think is supported by all cards anyway) but you will need to make sure you are listening on the right channel (frequency). This can be done when you put your card into monitor mode with airmon-ng start <interface> <channel> or by selecting a channel with airodump-ng -c <channel> <interface>
  21. Capturing the handshake can be tricky sometimes. What application are you using to capture? I assume airodump-ng. Before worrying too much about the more complicated stuff I would make sure that you're listening on the correct channel. It is also important that you are not too far or too near the access point and client. If you open the capture file in wireshark and filter for "eapol" you should see any handshake packets you've received which may give you a clue as to what went wrong.
  22. I just saw this and was wondering the same thing, I have been too consumed with life to bother keeping up on trends for a few years and have been just googling everything really but, what are some alternatives to just basic, day to day browsing that you guys suggest? I am aware of the typical things one can do to ensure as much general online privacy as possible should one want to put forth the effort. But I am talking just day to day browsing only, from wherever you are...home, work, library, etc...not just on some ultra-secure rig that you have tweaked out. What do you guys use? I gather you all have a pretty good idea of what's current/hot in this area. I looked around a little and have seen some alternatives but, my trust is not what is once was....and deteriorating fast. So, what's worse: the devil you know or the one you don't? Thanks to everyone who contributes and moderates on here for making this a worthwhile site, love it. Its difficult. I know there are some Google fans on this forum but I am not one of them. I am not a fan of any one company holding too much information, which is a problem because Google have the best search engine. I know how to use it, it has fantastic features and my fingers automatically type "" into the url bar. Since google changed the layout of their search engine i've been using duckduckgo. Check out their privacy policy.
  23. Look in the backtrack repo at under "wpa-wordlist". This can be either installed in backtrack with apt-get install wpa-wordlist or downloaded and extracted from the above link
  24. where do you get wordlists that have passwords like y1231u312y31gu312g :S... O.O pryit is good ??? I have nvidia geforce 6800 O.o and couldnt get the drivers to work with linux but maybe i'll try again Getting decent wordlists is difficult and luckily Backtrack provides a good WPA list. It's pretty large and needs to be installed from the repositories but can also be downloaded and extracted manually. I tried looking for the link but cant seem to find it at the moment. You can find more lists by searching but it takes a while when you first start out Some bad news: I dont think that your card is supported. If you can get a newer card you'll definitely see some improvements.
  25. With the 4-way handshake you have all the information to perform a dictionary attack. The best tool I've used for this is pryit (fastest speeeds, network support and can use a compatible graphics card). Aircrack-ng is also good but coWPAtty is by far the slowest although works well for pre-computed tables. The theory in a nutshell: During the handshake two random values (one from the AP the other from the client) are used with the ESSID, key and MAC address of client and AP to generate a MIC (Message Integrity Check) which is appended to the packets. With the handshake an attacker has access to everything except the key so we try possible keys comparing the MIC each time. If we find a MIC that matches then we have the right key. Due to the algorithm used this can be a very slow processes. The actual process is a little more complicated. The handshake is actually used to create temporal keys, group keys etc but the above is essentially correct.