trevelyn

Members
  • Content count

    125
  • Joined

  • Last visited

Everything posted by trevelyn

  1. edit the rc file? like ~/.cshrc just put at the end: bash to have a more modern shell. I had a shell on a BSD machine that kept giving me csh and that's what I did. Then you'd have to type exit twice. I talked to the administrator about it and now I'm a proud user of zsh. Yeah! Fucking shell party! LOL! who types "exit" when they leave a shell?? CTRL+D FTG!
  2. Which Wintermute does cool Wii/DS hacking? Cos i want your autograph <3
  3. Yeah seriously, that host sucks.
  4. i felt shitty all day about that post, then i read that he IS alive! http://www.offensive-security.com/blog/offsec/offensive-security-exploit-archive/ That seriously must be intense to be that successful StankDawg, if you ever need any more help, you can scream at me. I'll try to help.
  5. http://bl4cksecurity.blogspot.com/2009/11/str0ke-milworms-funeral-is-this-friday.html i don't think i was ready to read that this morning. wholy shit. :( rest in peace str0ke <333333333333333333 i hope his family is okay.
  6. If i were to start over I would have just explored more than read. I read a lot and simply forgot most of it since it dealt with a lot of acronyms and the like. By exploring, I mean calling a LOT of numbers and just finding cool things. If you do it right and fully absorb yourself in what you have a passion for you will learn most of the technical stuff along the way. I don't think there is an eBook about Phreaking, unless it is very dated. You can also learn by simulation.. like the Project MF community. They used Linux to simulate old phone technology that allowed you to "phreak" from your home phone line with blue-boxes, like back in the tim of old. You can also do some phreaking right from your Nintendo DS (if you have one) by learning about payphone phreaking http://weaknetlabs.com/code/DS/payphoneds - I would also spend more time listening to the Phone Trips here: ftp://ftp.wideweb.com/GroupBell/ They are good quality and the narrator tells you exactly how the old phone system worked along the way. For newer stuff, i recommend maybe reading O'reilly books on VoIP or Asterisk (the software PBX (answering machine / switching system)). Maybe even learn more about the languages used while designing those applications so you can hack them even further. Try finding local hacker-spaces in your area too, or 2600 meetings where you can mingle and talk with people who are also into phreaking. That's where I'd start.
  7. hey buddy, To install the theme, simply click on the menu at the top on "System" then click "Appearance." Now a new window will open up and you can drag your new theme file into that window and it will install by itself. If you get an error, it could be that the theme was packed twice (I have seen that happen before). To get transparent windows, you need to click the extras tab in the appearance windows and choose it. You may need to install the video driver for your particular system to use extra effects. open a terminal and type sudo lspci and look for the exact model of your video adapter there. If it's NVIDIA you can install nvidia drivers right from their website, or by allowing restricted drivers to install, or add the multiverse in your apt repositories. open up a terminal and type sudo nano /etc/apt/sources.list and remove any pound signs you may have there at the beginning of the lines. Then run: apt-get update while you are connected to the internet. Then you can run: apt-cache search <string> where "<string>" is the word "nvidia" or "ati" etc. I have never used an ATI card before so, I am not sure how to install drivers for them. You can get cool transparent effects in terminal by editting your "profile" and clicking the "background" tab and then choosing solid color and "enable transparency" I think.. I am doing this from memory. Hope that helps a bit. Compiz is awesome, absolutely awesome, and there are tutorial on the Ubuntu forums on exactly how to install it and get it working etc: https://help.ubuntu.com/community/CompositeManager/CompizFusion If you have any further questions, i might suggest you ask them on their own forums, they are quite knowledgeable about the topic you seek! ~Trev
  8. This one i keep close to my heart <3333333333333 I swear i could listen to that song anytime to calm me down... http://www.youtube.com/watch?v=95j-Vr7sZec You guys ever hear that one? I have a nice AAC version that was online on their site (before it became a 404) if anyone wants it. ~Trev
  9. Yes, I deal with foreign people who say "rooting" so I just figured she must have been foreign.. I absolutely LOVE her voice, and hearing all of those words like that in a single song makes my heart warm.
  10. LMFAO okay, so do they know what a barcode scanner even does?? it reads input from lines, like 7bits each er something right? Im talking about the traditional barcodes.. whatever. it takes in the lines which are translated by the scanner into ASCII and sent out through the USB cable to the system with a trailing newline. you can go to the WASP website and make a free barcode out of any words you want to, thus using pieces of paper with printed barcodes [use a printer at a library] and a $70 scanner for a keyboard. Is that why you said that? cos neither of them said to do that? Uhh thanks, but I think we know what barcodes are. That wasn't directed to you at all.. can you not read as well? You quoted me and wrote a reply beneath, that generally signifies a direct response I thought that you were tacitly implying that they [others in posts with barcodes as avatars] were missing an obvious solution [that was in their avatars]. See how I say "so do 'they' know what a barcode" and "Is that why you said that? cos neither of them said to do that?" It wasn't directed towards you at all - your comment could have been taken in a different way, that's all.
  11. 'There have been a lot of good updates lately with security based applications (Nikto, Metasploit, Kismet, etc), i am quite stoked!! thanks for the heads up!
  12. That's AWESOME!! I love the poster and the way you got it is incredible - i loled at your plight though. you should frame it. i waltzed into a hotel here in pittsburgh not mentioning names, and started going into rooms and such and ended up in a conference room that had just let out of meeting i guess, papers and pencils and cups where still there, and I found this on a huge pad in the front of the room: and i took it and just walked out of the building, no one said a word to me except the guy who help the door open when i left the building! I framed it, just cos of my troubles. You should too!
  13. Ndiswrapper? awe man, Ndiswrapper is lame with BT4. BT4 is an awesome distro for wireless hacking! BCM can now inject but you need to patch and recompile te kernel, which i think Off-Sec actually did. You should run lspci and get the actual information of the Atheros card. and use modprobe -l to list the driver modules available. then install it with modprobe as well. Finding out stuff in manpages ias just discouraging to people new to Linux so i never refer them to it, if you do a simple Google search you can find out more about Linux and Wireless (but you said you figured it out already). ~trev
  14. all you would need to do is determine what information that they use to verify that you are an instructor, and social engineer them into giving you an account... You could try brute force stuff too, like i saw in the first second of being there that the server responded with a unique error page saying "directory listing denied" when it actually hit a directory on the server and not when it was a 404. Try some web tools like Nikto if you really DO have permission to test their security.
  15. Hi Silence! Hey Trevelyn, I think I remember hearing about you PLA Radio a few years back. In fact, I think I still have some of you music on my iPod... unless that's a different Trevelyn? No that's me, I have made a lot more on my website by now.. I like your blog <3
  16. assuming this is residential, if you have linux do: ifconfig | grep inet or with windows click on start->Run and type: cmd /k ipconfig and get your ip address. It will be in the format like like numbers0.numbers1.numbers2.numbers3 open your browser and type in the same IP from the above command changing "numbers3" to "1" You will be asked for a login. If you don't know it and you have consent to use the network and change the routers settings you may want to check a list of default passwords on the CIRT website, (http://cirt.net/passwords) or maybe just reset the router by using the reset switch on the bottom of it. Once logged in look for port forwarding or applications/gaming and change the settings to forward the port to your IP address. /spoonfeeding
  17. Hi Silence!
  18. LMFAO okay, so do they know what a barcode scanner even does?? it reads input from lines, like 7bits each er something right? Im talking about the traditional barcodes.. whatever. it takes in the lines which are translated by the scanner into ASCII and sent out through the USB cable to the system with a trailing newline. you can go to the WASP website and make a free barcode out of any words you want to, thus using pieces of paper with printed barcodes [use a printer at a library] and a $70 scanner for a keyboard. Is that why you said that? cos neither of them said to do that? Uhh thanks, but I think we know what barcodes are. That wasn't directed to you at all.. can you not read as well?
  19. He/She doesn't mention encryption at all, why would you all jump to that conclusion? If there is no encryption at all, you can skip all of those steps and simply use WiFiZoo http://community.corest.com/~hochoa/wifizoo/index.html That my friend Hernan made, it sniffs cookies then creates a local proxy to set those cookies into your browser and use them. IF there is encryption, it would be illegal for you to break it without their consent. IF you can crack it with Aircrack-NG, it would be illegal for you to get their Hotmail passwd without their consent. IF there is WPA, you will need a LOOOONG word list to test with. and you will need a WiFi card that has a drive which is patched for injection. http://www.aircrack-ng.org/doku.php?id=compatibility_drivers (Which must have just changed yesterday... wow completely different layout) Once your driver is right you will need to deauthenticate a wireless client using the AP. (Or theoretically you could just wait until he/she logs off an on again). And you capture a "handshake" in a "pcap" file. Which is a binary file, do not "cat" that file! heh Then you use aircrack-ng and the word list. If you have WPA2 or - you can use CowPatty versions 4.0+ to do the same procedure practically. If you have WPA2 Enterprise, with say a RADIUS server, you will have to just resort to Social engineering. Or be very artistic with Email Address lists and hash tables... Once on the network, you can MITM (Man IN The Middle) the target by using Tools that come with the Dsniff Suite. (or Ettercap of course) With Dsniff though, you just use: (enable packet forwarding on your 443,80 ports) Arpspoof, DNSspoof, WebMITM (creates fake certificate), and fragrouter. Then you can use Wireshark to sniff a "cap" file. Once you have the cap file you can use the "fake" certificate from webmitm you made before (hopefully they accepted it), and decrypt the cap file using ssldump. The Phishing thing works too, just change what the action will be once the person clicks login, to run, say a PHP script that takes the input into a file and redirects them to the site setting (hopefully) their already set cookie (seamlessly attaching them to a session). I implemented that in WeakNet Linux in "Web Hacking Portal." You can use it, but I don;t have a Hotmail Phisher, only Gmail, FaceBook, PhotoBucket, and MySPace. I believe one of the guys from Secure-State ReL1k? is implementing a Phisher soon that uses that cool stacked iframes method. (I Think Hackin9 magazine called it "Click Jacking" (Haven't read that article in ages) Very Cool - Almost INSANE. I'd recommend reading into that. Other than Phishing and packet manipulation and shit like that, I'd say go the route of Metasploit Framework to exploit services (most likely SMB or some streaming media thing) on the targets machine. FastTrack is amazing for this as you dont have to do much, but using FastTrack makes you miss out on a lot of cool stuff. Meterpreter can allow you to do stuff like upload files to the targets machine, run those files, take screenshots / etc without the target knowing (usually). It port scans the target machine then, matches all open ports against an almost-Microsoft-Like-Jet-like driven SQL server PostgreSQL database that has each exploit matched to each open port. Awesome Idea, I think, as I am a HUGE SQL freak maniac.. Love it! I don't know why all those other newbskates posting before me tried to teach you anything, but if you're tryin to impress a chick by showing her Email, you might as well just make a fake html page that looks like Gmail and just say it's hers. - save you a lot of time reading and actually learning... EDIT:: oh yeah, all of these methods are quite NOISY to any good System Administrator.. but if your target is someone who only checks their email all day long, i suppose he/she won't know. AND SERIOUSLY, YOU NEED PERMISSION. THIS IS SERIOUS STUFF.
  20. is WeakNet Labs.

  21. LOL yeah, i want to code a file manager that threads and keeps copying file sin the bg when it hits an error. Windows Explorher fucking dies like someone shot it in the head, sometimes for no reason. unstoppable copier doesnt die, it just keeps going and says "there was a read error on file..." It's a sure thing to have that when doing HUGE data migrations on shitty windows computers.
  22. House music r0x my life too, but nothing compares to /good/ Drum and Bass!

  23. actually, mostly all of the programs on my 64bit SPARC are in 32bit userland. I just use the 64 cos that's all there is for SPARC! It is quite strange, but so are computers in general.
  24. unstoppable copier by RoadKil MalwareBytes ComboFix CureIt! TrojanHunter U3 Removal tool undelete utilities from RoadKil the 35MB DELL Diagnostics ISO Password blankers/changers for SAM files PuTTY links to updates links to Combofix/CureIt updates WinSock reset utility for XP TweakUI / Windows Power toys / power shell I have to use a USB flash drive to fix Windows machines everyday, those are just some of the tools I use a lot. The Unstoppable Copier is the best thing ever.
  25. Solaris is more POSIX-compliant than Linux. Was the code in question using just the standard C libraries? Yeah that makes sense, I have used Solaris for Years. I just put OpenSolaris on my Dell Latitude d620 (just for testing to see their laptop/driver progress) and absolutely every pieceo f hardrware worked but my shitty internal BCM43xx wifu card (NDIS wrapper worked fine temporarily). I ended up replacing the card with an Atheros card, but the NVidia drivers loaded automajically, sound, ethernet, sleep/suspend/hibernate worked, compiz was sexy as hell with Gnome, etc. OpenSolaris kicks so much ass because those developers have their shit together. If you need good Multimedia for OpenSolaris, try the pkg's that BlastWave has to offer - XMMS, VLC, etc. http://www.blastwave.org/ Hope that helps and I am seriously amazed by the progress OpenSolaris has made on modern hardware.