mSparks

Members
  • Content count

    149
  • Joined

  • Last visited

Community Reputation

-185

About mSparks

  • Rank
    Corrupted sector

Profile Information

  • Gender
    Male
  • Country
  1. Heh, there are probably a lot of "allow any -> any" rules on IPv6 firewalls, out there And for everyone else there's tor
  2. And as an added bonus it also makes it much easier for others to install nefarious WWW servers which sit both inside your lan and outside your firewall
  3. many years I suspect. been a member on here for quite some time and this is the first I've heard of them.
  4. then perhaps this brief synopsis will help choose where to start javascript: do stuff in a webpage on the person looking at the pages computer (used a lot with html5) java: (my favorite) "heavy lifting" server side stuff php/asp:quick and dirty server side stuff on cheap web hosting c/c++/C#: installed programs on peoples computers or modules where you want calculations to complete really fast. gives you more access to things offered by the operating system, at the expense of having to care about the operating system. python: not really found a use for it, seems to be a nice "beginner" language, lot of games companies seem to use it for their games like html5 uses javascript. is about the "current state of affairs". they'll be others. my suggestion really to start, would be modding something like the doom 3 sourcecode. all the tricks in the book, and at least something to show for it.
  5. Thank you for this information. I am not a jedi-knight in the knowledge of computer internals yet, but I am working towards learning them. Lecture 03 Bits, Bytes and Data Types - School of Computer Sciencestick that in google should start you on the road. No one is anymore. back in the day when compiler bugs were common, only way to fix certain problems was to delve in the compiled code and step through to find out what went wrong. These days of java byte codes .Net and server side languages often even the coder doesnt get to see the final code.
  6. What you need is a decompiler for whatever target code you are working with. off the shelf if its a common system, or your own if you need to reverse engineer the instruction set. Then a hex editor to actually edit it. common "cracks" include modifying a jump at a certain point in the hex to run new code, or turning compare statements into no ops to prevent code going down certain branches. It's quite a "fun" personal challenge, very steep learning curve if you aren't familiar with the inner workings of computers. e.g. back in the day, I turned three or four cmps into no ops in an obscure horrible piece of software my then to be wife had to use for uni and we couldn't afford to pay for "again". that disabled it's licence check and let her finish that bit of the course, never to use it again. lots of ways to make this harder, but if you know the instruction set and you can access any raw bootloader code. all it takes is time. (old post I did't send a few days ago)
  7. that gbppr stuff is some funny shizzle. like anyone actually cares about gay politics and bomb hoaxes for anything other than shitz and gigglz. do ya think they got lemon partied one to many times?
  8. if you were a real hacker you'd be flashing those phones in the back room with your own custom images http://esec-lab.sogeti.com/post/2010/11/21/Presentation-at-Hack.lu-%3A-Reversing-the-Broacom-NetExtreme-s-firmware
  9. Yes, nyphonejacks - not a good piece of communication equipment to have, but I am intrigued by the challenge to fix this fault. Notwithstanding the poor build quality, I guessed there would be a utility to change/update the MAC address as reset doesn't probably work if the EEPROM chip that stores the MAC is corrupted. Polycom is the way to go after this I agree.Aside from that link I found saying you can change it in the management interfacea mac address is just a number, e.g. 01:23:45:67:89:ab http://en.wikipedia.org/wiki/MAC_address if this has been corrupted, for example the 8'th bit dropping to 0 instead of 1, making it 00:23:45:67:89:ab MAC address is layer 2 Hardware address @worst case@ would seem to be just have to rename a config file to bring it back up. all MAC's do is let two devices on the same wiring network (layer 2) identify each other, as long as no two devices on the same link have the same one there is no problem whatever it is (no problem if two are the same once you cross a level 3 - IP threshold for example) and you can easily see what it is by plugging it into a router which reports the MAC's of the devices on its link. ->That flash chip will hold more than just the MAC, it will also hold the program code the "network card" processor runs to manage the TCP/IP stuff. assuming it is a flash chip http://www.batronix.com/shop/electronic/eprom-programming.html (been a decade or so since I really got my hands dirty with any electronics), should be plenty of programmers around that will let you read it and write your own contents (board may even have an interface to do exactly that) More fun googling http://blog.johnath.com/2006/12/05/hacking-the-cisco-79xx-series/
  10. ->I figured out that the mac address of the device is most likely corrupted. How? Shouldn't matter what the MAC address is, as long as the router is configured to give it an IP address. a quick google gives http://www.cisco.com/c/en/us/support/docs/voice-unified-communications/unified-ip-phone-7900-series/5710-phone-reg.html/index.html#topic10
  11. what the f' were you doing giving them so much credit?
  12. Maybe I'm out in left field. yeah. they are interchangable.the problem with wep is it has a very short iv. so with enough packets you will eventually get two with the same iv. allowing you to break it. pbkdf http://en.m.wikipedia.org/wiki/PBKDF2 is passphrase based key derivation function takes your key (passphrase) and salt (iv or nonce) and generates a new key.
  13. A "pre shared key" isn't quite enough. (that programming thread: http://www.binrev.com/forums/index.php/topic/47200-ltbtbm-platform-encryption/ ) symmetric encryption is f(M,K)=C f(C,K)=M therefore if you have several ciphertext's with the same key, you can rearrange the function to derive the key (think of it as just solving a load of simultanious equations) The simplest of these are the stream ciphers, where C1 ^ C2 = K.... The work around is to share a "number used once", also called an Initialisation Vector (IV) to jigger around with the key, so no two keys are the same when two messages are encrypted.
  14. public key encryption is v. v. slowprobably no more than a MB/s or so at best probably more like a few hundred kB/s and provides no more security (in fact, a lot less, since I think they are limited to encrypting no more than the key length messages safely) than something like Rabbit/Twofish + AES, which can do 10's of MB/s As I discuss on my programming thread - you should probably also treat public keys with a level of secrecy, since there is a good chance now anyone with enough cash to invest in a large number of FPGA's and a decent GNFS can factor back to private keys. Shared Secret is the best way to go (e.g. username/password), this can be long lived if you only use it to encrypt session public keys. And lets face it, by and large, if a user account is compromised, the encryption used to keep it's messages safe on the wire is the least of your worries.
  15. 10 to 1 odds these new regs were influenced by someone on the CIA (or similar) payroll.Wouldn't want to be their family.