• Content count

  • Joined

  • Last visited

Community Reputation

1 Neutral

About JBu92

  • Rank

Profile Information

  • Gender
  • Country
    United States
  1. So I've been looking in to the stoned bootkit (http://stoned-vienna.com) and I was wondering if having a different bootloader installed would prevent it (LILO, GRUB, whathaveyou). So my question is- if you have grub installed, and you install a bootkit like stoned, does it bypass grub and install straight to windows, or does it install to windows' loader, or does it install at all? Because if installs and has the machine boot straight to windows, that would be a dead giveaway that you had something wrong with your machine and would reinstall grub (well, I would, anyways).
  2. wireshark should capture arp. did you try ifconfig ppp0 promisc?
  3. You could run 2 of them headless, w/ a 3-monitor setup on your fastest one, and run VNC fullscreen on 2 of the monitors... but yeah KVM is the logical way to go... I think there are some software solutions but none come to mind
  4. nice, that's what I'm looking for. but since I'm running off a kde-based livecd, how would I go about installing that? (or do you know if it's built in to BT4r1?)
  5. Although I suppose since I could bridge the interfaces from within windows there's no real need to do it under BT4... so if not "how do I bridge interfaces under BT?", "how do I spoof my mac under windows?"
  6. Anyone know how to easily bridge 2 interfaces under linux? say... eth0 to wlan0... I know it's easy to do under windows, just involving a simple rightclick... specifically BT4r1. I basically want to run my laptop like an AP and monitor the traffic that comes through. Perhaps even making a subinterface which would allow me to connect to the existing wifi, yet offer myself up as an AP?
  7. it's port 23, so you could telnet in... or if you wanted to do some probing to see what software is hosting the telnet server and find published bugs in that software
  8. never mind, apparently my modem just won't let me ssh to my external from within.
  9. I'm trying to set up an SSH tunnel into my home network. I use the following network layout: WAN -> modem -> class B network -> router -> class C network I'm using Qwest's actiontec pk5000 modem, and a netgear wgr614v9 router. I've tried using port forwarding on both, but that doesn't work. Do I need to set up another server in my network to get this to work?
  10. I'm running CrunchBang on a Dell inspiron 1545 with the default wireless nic. It shows up as ethernet under linux. Running Wireshark, I can't get it to capture packets in promiscuous mode. How do I remedy this? (I'll try BT4 later (or tomorrow) and post back with results)
  11. I'd go with aliasIDs.com, I've used their stuff before n it's legit
  12. If you're looking to securely wipe your HD, you can't go wrong with DBAN
  13. So I've got BT4 up and running, but I can't figure out how to connect to my wireless network. I use WPA2. In the wireless network config dialog, when I try to connect, it says I must enable encryption. So basically the question is now- d'whaaaaa?
  14. That scanner site said that it's not a valid joomla install. How would i go about checking out his version info? He did a revamp of it this year, so I'm pretty certain that it's fairly new. Even if it's fairly new, it's still open source, meaning you can download the branch he uses, and if you know php you can find certain vulnerabilities. Perhaps XSS, LFI, RFI, or SQL injections. Also, you might try this: http://www.beenuarora.com/code/joomsq.py It's a python script written to try SQL injection attempts on a Joomla installation EDIT: Try to find if he uses any plugins that are not made specifically by the Joomla team. These plugins will be far less secure than the Joomla installation itself. He uses rokdownloads http://www.rocketwerx.com/products/rokdownloads/overview and jevents http://www.jevents.net/
  15. That scanner site said that it's not a valid joomla install. How would i go about checking out his version info? He did a revamp of it this year, so I'm pretty certain that it's fairly new.