sshsilver

Members
  • Content count

    8
  • Joined

  • Last visited

Community Reputation

0 Neutral

About sshsilver

  • Rank
    Will I break 10 posts?

Profile Information

  • Gender
    Male
  1. OK I have enormous reservations about replying to you. Anybody who uses "LOL" in a reply deserves to be hung, drawn and quartered. You don't come across as more educated/enlightened individual, laughing at someone... just a snotty teen. Also, we get that you are replying me, you don't need to mass quote everything I just said. So as for your post: This is simply one of the most retarded arguements the internet has ever seen. We're just meant to believe you? Also if we do take your word for it, your point is now somehow infallable? It's utter rubbish. Even if you are Kevin Mitnick, bringing up a post here, to simply brag about your unsourced victories, is extraordinarily childish. Surely by using Mitnick references I have proved I am not new to SE? I don't need to be patronised about this subject. I also don't need to be told that in special case it can work. So all your articles which you kindly sources were utterly unnecessary. Yes I did say it was rarely effective, and you quoting one place where it worked doesn't disarm my point. As I said, in some cases it CAN be extremely effective but in relation to CREDIT, which you mentioned, there are more failure than successes. Please by all means post another article where SE was effective and my point will still stand, as I am talking about success rate, not whether it can be successful. I do have to agree that this is more of a poor-man's scam. I had not thought how little cash you would need to pull this off, yet I am concerned how a poor man gets near the label/ package and how he could afford the numerous phone calls to the card company while he SE's? Surely 20 minutes in an internet cafe would be cheaper? Again my point about efficiency shines through. Your last post did nothing really to address the problems or solutions to data connected to delivery. You just stood on the podium and told us how aweseome you were. For shame. PS: This is not a sentence: If English is not your first language then I can understand.
  2. Ok you haven't done yourself any favours by using the words: "I try to attack another target." No one here will teach you malicious techniques. It's not how they roll. If you had said something like: "I am using brutus to check the security of my private network, and I am having issues" then people would probably be able to help... And by "help" I mean tell you: Internet Browser --> Google.com --> Search : Brutus Manual / Tutorial. PS: What book are you using which suggests Brutus by the way?
  3. I am going to have to disagree here for several reasons. Firstly I belive if you/anyone were any good at Social Engineering there are 100 easier and more efficient ways to get someone's credit details than a postal scan. Most people who work in these customer service package helplines are given very little info as well. (low pay = low amounts of responsibility.) On most company database software I have ever seen, the customer service rep doesn't even see the full credit card number either just **** **** **** 5433. So all the SE in the world, they can still only quote you, or reference, to the last 4 digits. You might as well ring the credit card company and pretend to be me. It's a stretch too far in my opinion. Secondly, I always thought of BINREV as not only a place to highlight vulnerabilites (which you have done, fair enough) but it's also about helping people cover these holes and fix any weaknesses. In the crazy event someone does work out my credit deatils from my post/pills, how would you suppose we fix it? So I thought at the bottom of your post you would have entered some ideas about how to help the companies withold more information, with out affecting the service of delivery. But we're left with just "It could happen." Well yeah.. it could.. I do entirely agree that I really do, and with Kevin Mitnick's books it really highlighted that SE could be used to do some fantastical things. But SE is just a good tool, not a magic wand. Perhaps you might be putting too much respect on to Social Engineers, I mean I know a bit about hacking but I don't try and hack my bank. I think SE is the same. Yes it has been used for scams but not as regularly or succesfully as you might think. If you're main issue was highlighting vulnarablities, what could be the solution? If it were to "big-up" SE as a tool, well, we know it can be good, but I think it is rarely as effective as people make out. Sure we all have stories but.. so what? Also you said "Poor Man's Scam" why can only poor people do this? Can only a poor man seek out and destory parcels? I'm not saying stop looking at the world with such hacking eyes. In fact I encourage everyone I meet to be more skeptical and cynical when it comes to card details. Although none of the information in your post is untrue.. I just am unsure what to do with it.
  4. Hi, only me again. Using this new information has allowed me to gain valuable insight in to BASH and I thank you again. Armed with basic navigation skills I went to roothack.org and started the "Sirens" wargame and found the first two levels very frustrating but, at the same time, strangely satisfying. I have now completed the navigation challenges and using the hints on the wargame box I am aware I need to start looking in to different types of shell. So now I am tackling restricted BASH. I did start an earlier post on RBASH but I do not feel I was clear on what I was trying to achieve. I have read that although restricted BASH does restrict users from performing certain commands, it should not be relied upon as a secure way to protect a box. Could someone help me (and by help I mean nudge me) towards a better understanding of restricted BASH vulnerabilites? Cheers. EDIT: I apologise if I should have started this as a new post in the "wargame" section of the forum.
  5. Most kind, thanks.
  6. Oh that is awesome. Thank you very much, I shall be happily tapping away for the next few days! Regards
  7. Hi I was recently using BASH on my home computer trying to explore / understand the commands. A friend had kindly pointed me to a site with 1000s of commands and explenations of their use. I was also informed that by hitting the 'tab' key twice in the shell, a long list of available commands would reveal itself. To me this was a very exciting moment! Only until I saw the sheer quantity of commands there were... It asked me "Display all 993 possibilities (y or n)" 993? Yikes! My question is, for a beginner, what commands would you focus on to improve navigation and exploration? I am trying to sift through the commands but any advice to which are more useful than others, would certainly help! Thanks for your time.
  8. Good afternoon all I have just started learning to use the shell. Could somebody please explain to me in the simplest of terms what RBASH is? Yes, I have googled it but it seems to explain in terms, only experts could understand. No good for thicko here. Much appreciated.