• Content count

  • Joined

  • Last visited

Community Reputation

2 Neutral

About Ouroboros

  • Rank
    SCRiPT KiDDie

Profile Information

  • Gender
  • Location
    The Internet
  1. I use either gcc or mingw with codeblocks, I haven't run into any major problems with it.
  2. Here is a poster I did for my WEP Cracking presentation hope it helps
  3. Ive been caught up in other work as of late, I haven't given up, just the free time is a mite limited. Ran a ping sweep over the last block of the ip address, 1-24 seem to be up. 4 5 and 6 are running httpd servers, haven't gotten around to scanning the rest. My nmap_fu is not very strong atm so I'm doing some reading on that before I do much else. I'll keep you guys updated when I have information of note.
  4. A more comprehensive nmap: Not shown: 1978 filtered ports PORT STATE SERVICE VERSION 21/tcp closed ftp 22/tcp open ssh OpenSSH 4.3 (protocol 2.0) | ssh-hostkey: 1024 ce:7d:df:73:17:a1:7c:21:c9:d0:48:ed:4c:e2:a2:69 (DSA) |_ 2048 28:4b:82:32:66:99:69:b7:d8:8a:7b:b6:ac:d7:d6:8b (RSA) 25/tcp closed smtp 53/tcp open domain 80/tcp open http nginx web server 0.7.65 |_ html-title: Antivirus Soft - Powerfull PC Protection ! 443/tcp closed https 631/tcp closed ipp 53/udp open domain 67/udp open|filtered dhcps 68/udp open|filtered dhcpc 69/udp open|filtered tftp 111/udp open|filtered rpcbind 135/udp open|filtered msrpc 136/udp open|filtered profile 137/udp open|filtered netbios-ns 138/udp open|filtered netbios-dgm 139/udp open|filtered netbios-ssn 445/udp open|filtered microsoft-ds 631/udp open|filtered ipp 1433/udp open|filtered ms-sql-s 1434/udp open|filtered ms-sql-m 2049/udp open|filtered nfs Device type: general purpose Running: Linux 2.6.X OS details: Linux 2.6.9 - 2.6.27 Out of curiosity what arguments did you use?
  5. Ran Nessus on (the webserver for Antivirus Soft) came up with the following results. Operating System: Linux kernel 2.6 SSH: OpenSSH-2.0-OpenSSH_4.3 (publickey,gssapi-with-mic,password) fully patched DNS: 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 Vunerable to XSS attacks (see attached report) Vunerable to Cookie Injection attacks (don't know what that is yet) PHP v5.3.1 Which Nessus claims is vulnerable HTTP nginx/0.7.65 Directories in HTTP (/classes, /include, /css, /images, /img, /js, /template) Any suggestions as to where to go from here? My ideas are run an IP scan on the network block to look for other active machines, or try to brute force the SSH (is that possible with the public key?)
  6. Ran nmap -sS on the ip got PORT STATE SERVICE 21/tcp closed ftp 22/tcp open ssh 25/tcp closed smtp 53/tcp open domain 80/tcp open http 443/tcp closed https 631/tcp closed ipp I have to go to work, perhaps someone is interested in monkeying around with the ssh, or figuring out exactly what services are running. If not I'll see what I can come up with when I get back. Afterm4th: Maltego seems like a sick app, look forward to checking it out!
  7. Ok here it is, these folders were found in C:/Documents and Settings/[myname]/Local Settings/Application Data The aes password is 0uR0BoRO$ AntivirusSoftAES.tar.gz
  8. Ok so here's the deal.... This is the second time in 2 weeks my windows partition has been infected with scareware. The first time was with XP Antispyware, was really simple to clean (in fact my parents got the same one and I was able to walk them through cleaning it over the phone). This beastie however is playing dirty, over the course of minutes it was able to lock me out of my command prompt and task manager, and to be perfectly frank, is pissing me off to no end. This specimen is calling itself "Antivirus Soft". I have no clue where I picked it up from, I suspect a site I stumbled too (that buttons goddamn addicting btw). I feel that this form of malware is exceptionally despicable and I want to see if there is anything I can do about it. So I figure stage one of this endeavour is recon. I ran a whois on the website it directed me too (http:\\protectguru.com) and I came up with these results. Domain Name: PROTECTGURU.COM Registrar: TODAYNIC.COM, INC. Whois Server: whois.todaynic.com Referral URL: http://www.NOW.CN Name Server: NS1.PROTECTGURU.COM Name Server: NS2.PROTECTGURU.COM Status: clientTransferProhibited Updated Date: 02-mar-2010 Creation Date: 02-mar-2010 Expiration Date: 02-mar-2011 >>> Last update of whois database: Sun, 28 Mar 2010 00:58:06 UTC <<< NS1 Server Name: NS1.PROTECTGURU.COM IP Address: Registrar: TODAYNIC.COM, INC. Whois Server: whois.todaynic.com Referral URL: http://www.NOW.CN >>> Last update of whois database: Sun, 28 Mar 2010 00:58:06 UTC <<< NS2 Server Name: NS2.PROTECTGURU.COM IP Address: Registrar: TODAYNIC.COM, INC. Whois Server: whois.todaynic.com Referral URL: http://www.NOW.CN Pinging the address gave me the IPs and .lv is a Latvian domain so I think that may be where the virus originated (could also just be a misdirection) I am now trying to isolate the virus itself and analyse it in a VM with Ollydbg, if anyone is interested I can post an encrypted copy (AES-256) for others to analyse as well. If anyone is interested in helping me out with this let me know, I would appreciate the help/experience greatly. Otherwise I will just keep you guys updated on my progress (if this is not the place please let me know, I don't intend to break the forums rules about explicit hacking, however I feel that since these guys are scumbags who attacked me first my actions are justified) [edit] Isolated 2 executables, have them in a gziped tarbal encrypted with aes-256 (aescrypt), I'm going to wait for an OK from a mod to attach / link to but pm me and I can email it to you
  9. Sounds like a much better idea... I can get quite a few boxes seeding, however only at night, lets get this going!
  10. Please feel free to point out if I'm wrong with this idea, but wouldn't it be easier if rather than everyone downloading / mailing these massive tables we set up a server with 500gb to 1tb storage and load them up on there? Even if we don't have all the tables already, it shouldn't be terribly difficult to distribute the table generation from multiple computers and have them upload to the server itself. Personally I have access to 20 - 30 machines and could crank out quite a few hashes pretty quickly.... the only issue I can see arising is a bottleneck uploading to the server and hosting costs. I just think it would be nice to have a shared server so one could just query a hash and get a password, rather than have to deal with a massive downloads and deal with finding an extra 500gb to store the data. But yeah just a thought, if its something you guys are interested in I would be glad to help with the coding. (added spacing for readability)
  11. Thanks for the info! After I do some more research into Android's os and the eris' hardware I'm definatly rooting this! Thinking I might get a root level app written to switch on the gps and email its location every day... lots of fun possibilities!
  12. Possibly, I would argue that making mistakes is one of the best ways to learn. It only takes one rm -rf to know you never, ever want to do that again. But in all seriousness dude, if you pull off read/write access, just make sure to keep track of everything you change,better yet backup each file before hand!(Linux's cp command will help you there) That way if something breaks your not up shit's creek with no idea what went wrong... just swap back the files you changed! Best of luck man!
  13. If you get bored with playing with the box itself you could always pull the HD and get a sata/ide to usb cord from newegg. I had an old box with a fried motherboard and thats what I did with it... would be a shame to let 80gigs go to waste. But yeah, have fun doing whatever you do!
  14. http://vx.netlux.org is a collection of virri. Be careful if you don't know what you are doing however, you are likely to burn yourself if you run on your machine without taking precautions. I suggest running them in a Virtual Machine such as VMWare or VirtualBox. Or on a box set aside for that specific purpose. Whatever you do don't run them on someone else's machine, since that is the height of dickery.
  15. you could just run the real programs, like if you root it theres no need for a skype "app" you could just run skype Not true. Rooting allows you to take full control over the phone, treating the phone as a full computer. It allows you to tether. It gives you access to development apps that aren't shipped on stock phones. It allows you to run custom firmware. Rooting allows you to change the way Android looks. Change the theme, the bootloader, the on-screen keyboard, etc. You can also connect to an OpenVPN network if the firmware supports it. Sounds schnazzy, I have Verizon as a service provider, would I loose my cellphone/dataplan service if I upgrade and root, or is that something hardware level?