Gregor

Members
  • Content count

    107
  • Joined

  • Last visited

Community Reputation

0 Neutral

About Gregor

  • Rank
    elite
  1. Maybe that's why it was free
  2. As AVs pick up netcat (and, I assume, socat and cryptcat), how about details about how to make them not trigger the AV - but still work as they're supposed to .
  3. I'm not sure if gpdisable.exe might help. Another thing you could try (assuming that cmd.exe and regedit.exe have been disabled) are hex-edited versions of these executables. There are instructions about how to do that. If you can access cmd and regedit on the local PC when connected to the domain, that might give you a start in undoing the restrictions. Of course, there might be a user agreement in place which expressly forbids users playing around with the network ... expulsion from school, termination of employment etc., so you might want to tread very carefully! Post back woth your progress - I'll be interested to know what you did and how you got along. As a matter of interest, how did you breach the server security?
  4. Make sure you read the questions carefully. There is/are usually 1 or 2 options which are obviously incorrect but the remainder *may* just be right, depending upon how the question is worded. I remember a number of questions being convoluted and in the negative.
  5. I must have seen many hundreds of positive comments about your videos, so you must be doing something right. Keep on doing what you are doing, until you decide you are able to improve upon it. As a matter of interest, my understanding of Ironkey is also that the destruct feature destroys the whole unit, not just the file(s) that are trying to be accessed. I can quite understand why you don't want to trash it, even though it may be a freebie!
  6. As this is audio, it wouldn't show the T wave. As you quite correctly say, the T wave would show on the ekg, which would allow assessment of it's amplitude and duration. It relates to myocardial repolarisation. The two elements on the screen are the "lubb" and the "dubb". They relate to closure of the mitral (aka bicuspid) and tricuspid valves and the aortic and pulmonary valves. Uneven flow or leaked back-flow through these valves result in a murmer.
  7. Isn't that the whole idea behind asymmetric encryption? A public key is created and is handed out to the world and his dog. This is used to secure an incoming message and then only you, who has the relevant private key, can read it. If you want to send a secure message back to your pal, you use his public key (which he's handed out freely) and only he can access it, using his private key. That's the way that I understand it.
  8. Thank you. I got a tip from elsewhere about a utility which converts an executable (binary) to hex which can be put into a batch file. I'll do some further research.
  9. I came across an enormous batch file recently which had hex numbers >> into a file (test.ext). At the end of the batch file, test.ext was put through debug.exe to recreate an original executable. The question I have is how was the original executable broken down into the hex characters to start the process? I don't think it was as simple opening the .exe into a hex editor and extracting the data. The interest for me was that the initial batch file didn't trigger my anti-virus but the final executable did (as it should do!).
  10. No - Wireshark used to be called Ethereal (it's a packet sniffer/analyser) and it's different from Ettercap.
  11. As you've had at least one PM requesting details and, presumably, you've had to type them in, how about copy/paste the information into a post so we can all see the details?
  12. I'm surprised that your settings would allow 255.255.253.0. The default mask for a private class C network (192.168.x.y) is 255.255.255.0. A subnetmask of: 20 bits is 255.255.240.0 and allows 4096 hosts per subnet 21 bits is 255.255.248.0 and allows 2048 hosts per subnet 22 bits is 255.255.252.0 and allows 1024 hosts per subnet 23 bits is 255.255.254.0 and allows 512 hosts per subnet 24 bits is 255.255.255.0 and allows 256 hosts per subnet I think that the technique of reducing the value of the third octet in the mask is supernetting, but I'm not sure how it works.
  13. I'm just thinking out aloud: ... How about using gpdisable and/or a hex edited version of cmd.exe and/or regedit.exe to modify the registry? Couldn't the HKLM/.... /run area of the registry be changed to run a file at startup? Wait for an admin to log in locally - maybe in response to a BSOD or error. Perhaps a core OS file problem had arisen or corrupted accidentally or intentially. A linux live CD would allow this. When the Admin logs in, the file in HKLM/ ... /run does it's "thing". Of course, if the Admin response is simply to re-image the PC rather than try to fix it, then this wouldn't work. As I said, I'm just thinking out aloud and don't know if this approach might help.
  14. I intended to do the same as the OP. Here's my plan. I don't know if it's acceptable: 1. Install and activate then apply Windows Updates. 2. Remove the HD and take an image (I'll use Ghost). 3. Restore the image as needed. 4. I've looked into creating a bootable recovery CD to restore the OS to as it was on day 1. This would be easier than removing the HD and restoring via Ghost.
  15. I'm about half way through my CCNA and am about to order some routers from the site that you mentioned. I've seen others who rent out their racks and that may be something in which I'll be interested in due course. Do you have any tips about doing this? I guess I'd have to hand out the IP address to the user but what about preventing the user accessing it again - can the incoming traffic be filtered by originating IP address? What if he uses a proxy? ... so many questions!! I'll probably wait until I've completed my CCNA before I try to recover some of the hard-earned cash that I'm spending on this course!