Moderating Team
  • Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by chown

  1. I'm very new to the hardware/firmware side of things, and I was wondering today -- after playing with the Teensy USB development board -- about how possible it is to flash the firmware on your basic every day USB flash drive. Does anyone have experience in this area? What kind of microcontrollers do flash drives have? Because, hell, I can think of a lot of things I'd like to do with cheap programmable USB microcontrollers with built in storage... Replicating the "USB Rubber Ducky" for a start. But I guess everyone would be doing this if it were that easy.
  2. Do you know if the MAC addresses of the APs are synchronised as well? Also, I'm not sure about the Android sync, but for Chrome the data (bookmarks, settings, passwords, themes, etc) is encrypted with your password prior to being synchronised, so (ostensibly) Google does not have access to that data. However I suppose they could get access if they really wanted to, since you send them your password every time you log in to a Google service.
  4. So I have access to 5000+ Windows systems on a LAN, each of which has 200+ GB of free space. So, a petabyte. That's a fair bit of space. I'm looking for software that will combine this free space into a kind of distributed mega-harddrive, using a decentralised communication and redundant block storage to distribute and securely store the data while having it accessible from any point on the network with the right authentication... Kinda like Ceph or MooseFS, but for Windows. Any suggestions? I've had my eye out for a while, so I'm not expecting much. If I don't get any hits I'll develop the system myself (in my spare time), but it's a bit of an undertaking, so I'll need some skilled assistance if anyone is willing. Edit: The computers are owned by the organisation I work for (they're all on a Local Area Network), and I have the necessary permissions to implement this system if I deem it feasible. (i.e., I'm not pwnzz0ring grannies and usurping their hdd space.)
  5. Good idea, but if my initial request is anything to go by, I don't think such software will be forthcoming.
  6. I'm going to allow this for now as people are having a look at it, but don't touch it if you don't know what you're doing...
  7. How many of us are in Europe? I'm in Switzerland, and I could organise a get-together here, or in a more central European country if there's enough interest!
  8. If you want a cellphone jammer try DealExtreme, I got one from them for about $20 (free postage), and it works like a charm. PS, I'm in Switzerland so I don't know about your laws, but for your own good, make sure you do.
  9. You're in the wrong place. We're not here to teach you how to hack your girlfriends hotmail, nor are we rent-a-hackers... We're here to exchange and share ideas and knowledge with our peers.
  10. Wo in Deutschland bist du? Ich bin in Waldshut bleiben, während ich arbeit in der Schweiz bin. Wie ist meine Deutsch? Ich habe hier für 4 Monate jetzt gewesen :)

  11. So here's the problem: I want to route my traffic though bob, but both of our systems are XP and we're on the same network. Gateway IP: A.A.A.1/24 My IP: A.A.A.10/24 Bobs IP: A.A.A.11/24 Traffic from my IP is not routed onto the internet (except for traffic to TCP/21) and has to be sent via an HTTP proxy, so basically I want all my traffic to be transparently routed through Bob because traffic from his IP is sent straight on to the internet without second thought. Both of our systems and the gateway are on the same subnet, and Bob and I only have 1 NIC each. I only have Administrative shell access to Bobs system, so I've installed a SOCKS proxy but it's not enough since some applications don't allow you to specify a proxy (Steam), so I need something nice and low level like a static route to bounce traffic off Bob, or possibly a VPN. So does anyone have any experience routing traffic on windows boxen?
  12. If anyone's interested, I've sorted it out: You can enable routing in Windows by going into the registry (on Bobs computer) and setting this DWORD value to 1: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\IPEnableRouter Then you can route your traffic though Bob by changing the default gateway in your network settings to Bobs IP. I also created an explicit route for traffic to the old gateway (A.A.A.1) to use Bob as a gateway as a bugfix since the old gateway kept reappearing on the routing tables. route add A.A.A.1 mask A.A.A.11 metric 1 -p A.A.A.1 is the packet's destination IP is how much of the packet's destination IP must match for this route to apply (in this case all) A.A.A.11 is the gateway to use for packets matching this route 1 is the priority of this route, so if there was an identical route with a different gateway and a greater metric, this one would have priority because 1 is the lowest metric (1st priority) -p means that this route is persistent, and that it will not be flushed when windows reboots. You can also add the default gateway manually like this, but you shouldn't need to if you set the gateway in the network settings. route add mask A.A.A.11 metric 10 The mask of means that the destination IP doesn't have to match the destination specified ( at all, and therefore can be anything. For more advanced peeps, there's the netsh command which also allows you to configure routing protocols such as RIP and OSPF, and do many other things (like disabling the Windows firewall from the command line).
  13. Okay say I'm in Windows (XP) and I log into a windows share at \\another.machine\C$ Now that's all happy and I can access the files & whatnot, but what if I want to deauthenticate myself? Can I clear the local password cache without admin privs? Otherwise whenever I go back there, windows is like "hey! I know that password!" and it logs me in automatically with the cached password. The reason I want to do this, is because when I log someone else into my samba to grab a file or something, they continue to have access after I leave. =( Ideally I'd like a way to clear the cached password through script. Also, setting permissions and/or using restricted accounts is a no go.
  14. I wouldn't call most of the people here hackers (or "hackers").
  15. Outhacked by your own little sister? Just download the Offline NT Password kit, or Kon boot... or Ophcrack Live, or Locksmith, etc, etc...
  16. I am curious as to how they would do that. While there are certain laws about revealing high-risk information, most of the topics discussed here confer the responsibility to the people who choose to use the information. Are you saying that someone providing instructions on how to use a USB keylogger would be incriminating them self? That in itself wouldn't be particularly incriminating, but given additional legitimate charges or a sufficiently skilled opposition, it could be used to convince a jury that you are familiar with "bad" software for all the wrong reasons, and that therefore you are inherently a bad person, regardless of whether you're innocent: "Oh he's being charged with a hacking related offense, and it's been shown that he knows how to use bad software! He must be guilty!". Therein lies the problem with the jury system. One of the problems, anyway.
  17. That's certainly not simple
  18. What confuses me about these people is that if they can be bothered signing up to a forum to post a question, why don't they just google it? Is it that they see googling as more of a chore, or they lack the appropriate terminology or jargon knowlege? Do they prefer a direct answer to specifically their question? Maybe they don't know how to use or have never heard of Google? Maybe they do actually try googling the question, but give up because the first 3 results don't look promising? Do they have some kind of personal grudge against Google, and use Bing instead? Is their internet access being filtered or restricted? Maybe they're actually lurkers posting for the first time? Are they trying to incriminate the forum community or a specific member? Are they testing the community or a specific member? Are their questions actually profound meaningful abstractions pertaining to the meaning of life, the universe and everything?
  19. There's many reasons for destroying data to prevent it falling into the wrong hands. A recent example of this is the 4th generation iPhone which was apparently found in a bar, and subsequently had its operating system fried remotely presumably by Apple when they realised it was missing.
  20. 2600 isn't what it used to be, the article quality and informativeness has dropped too much for me to bother with it any more.
  21. You could have the IDS automatically firewall attack IPs until you can review them, or at least have automatic account lockouts and a secure password policy to mitigate brute force attempts.
  22. Okay this has been bugging me for a bit. In Windows XP SP3, using only administrative command-line access and built-in tools/commands, how can you download a file from the Internet, (without using the built-in FTP client)? At the moment I'm looking into writing a basic VBScript FTP or HTTP client... =/ Any other ideas?
  23. Huh, I didn't know XP come with a TFTP client. But the problem with that is the connection has to be proxied, and all outgoing UDP is dropped.
  24. I've just finished torrenting the shmoocon 34.47GB LM alpha_num_sym32_space tables. If anyone wants to download them direct from my server, shoot me a PM. I'm also downloading a 400 gigabyte NTLM dealy, but the torrent running a bit slow: I'm uploading at 7mB/s, and downloading at 120kB/s. People are so greedy =/ Edit: Okay, I've downloaded the the top 1000 WPA-PSK essids as well if anyone wants it.