Dr^ZigMan

Agents of the Revolution
  • Content count

    1,204
  • Joined

  • Last visited

Everything posted by Dr^ZigMan

  1. Heh you guys are a trip A copy of the baby's information -Dr^ZigMan
  2. It's been said but it's worth mentioning again, this applies not only to a "hacking" related crime but to anytime your faced with a breach of the rule of law. Let's all say this together guys... "I refuse to answer any questions without representation from a lawyer" Short, sweet, and impossible to argue with. As soon as you say that they can't question you any further. Be clear, and repeat it if they keep trying to ask you questions. "I refuse to answer any questions without represenation from a lawyer." Right along with this goes "No, I do not give you consent to do (whatever it is they want to do)" Yell it outloud if your in a public place, draw attention to yourself, the more people that are watching the better your chances of getting a fair shake. -Dr^ZigMan
  3. Sounds like a good time for a shamless plug... As long as your installing a new operating system, might be time to ditch windows in favor of Linux... -Dr^ZigMan
  4. For anyone else who runs into similar difficulty deleting a file, a great program by the name of "Killbox" will delete selected files during start up. I've used it on many a virus infected machine. -Dr^ZigMan
  5. One of the biggest uses for phreaking as far as "organized crime" went was actually loops. Bookies would sit on one side and wait for someone to call the other side. It's more or less untraceable! Of course add to this the gold box, aka diverter box, which would allow outgoing calls to any number without a trace, just had to be sure to remove the box after some time so that no one created the link between the incoming of the first line and the outgoing of the second. -Dr^ZigMan
  6. I was just curious about this, and heard it somewhere but don't recall... I heard that a method used by a lot of people to create "new identities" is by going to a grave yard and looking for newborn's graves or other very young people who had yet to get a social secruity number. The person seeking a new identity would then get a copy of the baby and apply for a social secrurity card. Since one had never been applied for it wouldn't be an issue. The only problem I could see with this is why doesn't the Social Security Administration know that the birth certificate is of someone who is, how should I say this, "Living impaired..." Anyone ever work in that agency and have any insight? -Dr^ZigMan
  7. I think it's appropriate for me to start off with something like, Hacking isn't about breaking into computer systems just to get people's passwords. As a matter of fact, it requires far too much work for such meanial things. But I digress, I've always believed that information should be free and shared with all that seek it. I'm not going to tell you anything step by step (honestly because without doing what I'm going to tell you I have no idea the specifics of this or any other sytem) but I'll give you a few leads and you can start from there. In BinRev's First ever issue Stank wrote a great article on what's called "Footprinting a system" This is your first step my young friend. You need to find out as much as you can about whatever system it is your looking into (of course you have fun permission to do anything like this in writting from the system operator). Start out with the server it's self. What is it running? An http server, ftp server, mail, does it allow telnet etc etc. Then find out what versions of what software it's running. Is it a linux box? Windows Server? What versions? Are they patched? etc etc... Good sites to get started with this are www.netcraft.com and any other site that does DNS lookup or will find you whois information etc etc. You'll probably want to run a portscan of your machine to see if it has any open ports, and find out the version of the service behind them. My favorite port scanner is nmap, but there are so many out there it's hard to count! Just becareful and read about first how a port scanner works before you go off using it from your house. While not "technically" illegal in the US, it'll probably show up in the System Admin's logs. A little bit of reading and this won't be a problem I believe it was said in "The Art Of War" That you must know thy enemy. Next, you need to learn more about your specific task. The invision board system. How does it work? Where does it store it's passwords? Are they encrypted or plain text? What encryption do they use? Are they Shadowed, made with salt, or some other form of doube hashing? These are all very important questions. Gaining access to the system is worthless if you don't know what your after. And this is just the start! I'd get your hands on a version of the software and test it out yourself. Play with it, see what you can make it do. Hacking isn't about glamerous 3D gibsons flying through cyber space with a hot chicks, it's a lot of research, reading, and learning. I hope this gets you started, if you have any questions, specific ones other then "How do I hack this or that" feel free to post them! This is how the community works we all try to help each other Best of luck in your reading and research... -Dr^ZigMan
  8. I found this great list of proxies, all of them seem to be working (and no I didn't check ALL of them) http://www.proxyblind.org/list.shtml -Dr^ZigMan
  9. The reason I didn't just copy and paste the proxy was because they are updated daily... -Dr^ZigMan
  10. Here's a link off of whoppix's site under demos that demonstrates the webmitm attack... Instead of using webmitm you can use the dsniff tool msgsnarf. It's a movie so I hope it's really easy to go along with and easy to understand http://whoppix.hackingdefined.com/Whoppix-ssl-mitm.html Good luck -Dr^ZigMan
  11. Hey, I'm understand people who leave things on default are just asking for it, but it's not an invitation. Just wanted to make sure you didn't think you weren't breaking a law just because something was still on default. That being said, why not shoot of an email and tell them about it? Maybe they'll be thankful? -Dr^ZigMan
  12. Linux and WYSIWYG? Sounds like an oxymoron... But in anycase, it's because of programs like Adobe Golive, and Premier that I have my laptop set up as dual boot. If your intent on using those programs you could always use VMWare to have a "virtual" computer where you could use those windows programs without having to muck around too much. -Dr^ZigMan
  13. Count me in, and shame on you Lunar for not including me heh -Dr^ZigMan (Tery Chicken here I come!)
  14. Also, Radioshack (You've got questions we've got blank stares) sells a kit. It's actually kinda cool, includes all the parts, a board, and a casing. Soldiering is required. Of course you could use your own casing if you'd like. I think it would be a great place to start. Build one from a kit to get an idea of how it works, then you could piece together your own. -Dr^ZigMan
  15. I'm sure a bunch of people already know this, but I had to find it out the hardway. Turns out if your adding users to your machine to use proftpd they have to have a true shell. I was setting mine up as /bin/false, but then they couldn't log in. The question is, could this be a security concern? What would stop someone from logging in remotely with ssh or rlogin and using their FTP account? Anyway to stop that from happing?
  16. It's offical now... cfh is the man Thanks for pointing out my inability to RTFM! -Dr^ZigMan
  17. There's a guy on ebay who sells the orinoco gold and an antenna for about $50. He ships fast and it's a quality product. www.wardrivingworld.com Happy wardriving! -Dr^ZigMan
  18. Not for nothing... But rather then "mailbombing" the phisher, why not just report him? Or even better, get with your ISP about it, let them track him down. I'm really not trying to sound "high and mighty" but, fooling around with this guy is a waste of your time, and potentially a lot more trouble then it's worth. -Dr^ZigMan
  19. Just confirmed all my info, me and Lunar are going to DEFCON! Nice, I'm so excited See ya all there... -Dr^ZigMan
  20. Lemme try to clear something up for you guys, I think your missing something about what makes an internal IP address internal and your global IP address global. Your internal ipaddress be it 192.168.1.1 or 10.0.0.4 that is the IP address you are know by, by your router. All this is, is to identify each computer on the small network to be able to talk to the router, and for the router to send the right packets to the right computer, via each unique IP address. The outside world never sees these numbers. They mean nothing. You might have an internal IP of 10.0.0.4 and I myself might have one as well, but the important thing is that our global IP address are different. That is how we are know to the internet. When you open the port command your instructing the ftp server to open a connection to a global IP address. The local one means nothing to the FTP server it's simply looking for a computer in the world. For the port command to work in this manor the other computer must be running an FTP server. That FTP server talks with the router on it's network telling it that hey, I'm listing in for FTP connections, I'm a server hit me up if you get any port commands or anything.(grossly simplfied) I hope that helps out a little. I think knowing what the internal IP address is for really should help clear things up. Sorry for rambling... -Dr^ZigMan
  21. I can't take credit for this one, we found it on the bells' mind conference last night, so kudos to whoever found it (800) 573-4547 "All elevator all the time!" -Dr^ZigMan
  22. Here's a quick question for anyone that has VOIP... Can you just dial zero to get an operator? If so, that could have been the solution, call the operator, scream histerically, "OH MY GOD, MY BABY!" and bam! Instant emergency services... -Dr^ZigMan
  23. Credit to iswm, hope I'm not stepping on your toes my friend, good find! -Dr^ZigMan