• Content count

  • Joined

  • Last visited

Everything posted by alienbinary

  1. That would be a good beginner's challenge. This was one of my first projects, I may still have the program laying around... I have a couple laying around that I used for an engine on my old DES brute forcer. One generates random strings with a max length of 12 chars if I remember correctly. Another generates strings of exactly the desired length and composition (a-z,0-9,A-Z) and yet another does it, as has been suggested, sequentially. Since this was all in perl and took a negligible amount of time to throw together variations, I just ran different versions of the keyblock generators in tandem in the code, so the wordlist was generated on the fly using one of the three potential variations mentioned, and would continue to chew away at the ciphertext, prompting you to continue every 15,000 strings or so.
  2. If I was desperate/crazy enough to steal gas, I'd much rather steal it from Shell (who announced $27.6bn profit for 2007) or other gas company, than from people's cars off the street. Usually, the older the car the easier it is to steal gas. So some poor guy who's filled his aging car with $60 of gas can hardly afford to fuel another's habit too. Come the end of the month, if someone siphoned my car I'd be screwed - no work, no shopping, nothing. Stop stealing my gas Tao! This is a common problem in ethics when it comes to any aspect of hacking. In many ways, or at least in some demented way in my head, this makes a great parallel to some of the issues faced by people who like to get out from the computer lab and into the city for some exploration. I have definitely had a girlfriend or two hook her arm underneath mine with force because I was veering in the direction of an unlocked kiosk that some employee had neglected to re-secure. Although all I wanted to do in these situations was poke around and maybe take some pictures with my camphone, the ethical dillemma didn't occur to me until later: if I was seen on camera exploiting even the most benign of security holes, that employee could lose their job. Were they to expect that they had someone with a superior understanding of their systems hanging around in their stores looking for an opportunity to gain access? Not really. These people are underpaid and unfortunately, if I might make a sweeping broad generalization, undereducated. They're not being so much lazy as they just lack the foresight to see the implications. I, on the other hand, can see from over a decade of self education from internet newsgroups, zines and community just how much of an opportunity this is for a hacker. But perhaps, just perhaps, the implications of exploiting the physical security vulnerabilities in regards to the person whose simple mistake it might have been may elude me. It is that nagging girlfriend or overcautious best friend (also known as noob) who can sometimes save us from our overzealous selves. Man, I missed this place. Intelligent discourse isn't exactly... rampant on the internet these days.
  3. this is such a tremendous shock to me. microsoft supporting an oppressive, overarching, constantly voyeuristic society? No way.
  4. Well, didn't Johns Hopkins announce sometime last year that they had cracked the Mobil Speedpass? All the gas stations around here have some sort of RFID reader to make getting gas easier. Personally, I say good for them. I have trouble shedding a tear for some fat cat oil exec and the station is probably insured.
  5. I actually had someone try something like that today. What do you make of this? A new comment on the post #3 "Welcome to the new site" is waiting for your approval Author : Bill836790185+ACc-,,+ACc-+ACc-,+ACc-,+ACc-2008-06-04 13:58:42+ACc-,+ACc-2008-06-04 13:58:42+ACc-,+ACc-+ACc-,+ACc-0+ACc-,+ACc-lynx+ACc-,+ACc-comment+ACc-,+ACc-0+ACc-,+ACc-0+ACc-),(+ACc-0+ACc-, +ACc-+ACc-, + (IP: , Comment: <strong>None</strong> I'm not even sure what the little prick was trying to do. They did successfully post more characters than the script was set to allow, but it didn't "overflow" because it just gets sendmail'd to my gmail. Any thoughts?
  6. I use this at work: The limitation is 2MB. Or, of course, get a mac, print to pdf.
  7. so against my better judgement, I've been browsing 4chan a lot lately. I admit it, I'm a bit of an addict. Regardless, on /b/, someone posts the following url: I didn't actually realize that there was a seperate "british" version of youtube, but then again, I'm not huge into the video networking sites. Regardless, I paste the URL into a new tab in firefox and I get this message: "This video is not available in your country." Double-ewe tee eff. So either this was another anti-scientology video by anonymous that somehow got flagged out of the United States or it was something so bad that it needed to be restricted to an area code. Well, I really believe that regardless of the country you're in, you should have access to all information on this great internet, and this made me pretty mad. The chances of something meaningful being posted on 4chan were slim, but it was a matter of principle. So if you ever run into this, you're probably thinking "I could just use a proxy." You could, but a lot of proxies strip out important code that would make youtubes video sharing engine run, many web based proxies disable javascript and we all know that proxies can make accessing any file slow as dirt. Besides, using proxies is old hat. Time for new tricks. So I searched google for "online flv converter" and after checking out 3 of the top sites, most of which were unable to resolve the UK url (don't ask me why), I stumbled across a 4th, Enter the URL in, the converter facilitates a transfer of the raw FLV to your desktop. rename the file from "get_video" to "get_video.flv" and open in your video player of choice. The screenshot attached is VLC, because it has a built in FLV viewer and I didn't have to convert it. So what was the video, after all of that? The intro the fresh prince of bel-air. Yup, the MPAA had it's hands in this regional censorship after all. Enjoy.
  8. die in a fire. an hero yourself. do a barrel roll. I laughed my ass off at that.
  9. This is the first I've heard of IP Stenography, but Steno usually refers to, as you (McGrew) have mentioned, the insertion of bits of data into the "white space" in imagery. It's most notorious claim to fame was when the CIA claimed that terror cells were using child porn newsgroups to spread information, more specifically, that they were using the boards, posting mages with encoded information under the impression that if any arrests were made, they wouldn't discover the actual purpose of the ring anyway. The validity of this claim is widely disputed. If you're looking to integrate stegonography into IP addresses, you have only a small amount of space to work with. You might consider packet fragmentation. A single permutation per address, all sent, you could get a sentence out in about 10 characters, with 10 addresses, all in the same subnet, same originator. The data would be parsed when all the packets had reached the destination. This is a total stab in the dark, but it's an interesting idea. The original reason for this post though was to clarily that steganography is the art of hiding in media, this would be obfuscation. You do have the potential to piggy back on data, which I suppose could be seen as evolved stego. I should watch the talk and see what I think.
  10. I've noticed an interesting bleeding of windows to linux and vice verse. When O'Reilly press released Knoppix Hacks, they included a modified distribution of Knoppix (three nine, I think) that had a built in windows virus scanner and windows registry editor. While conceptually, this is great, and it is, the computer builds a ramdisk, downloads the virus defs from a web server, plops them into the ramdisk, and scans the hard drive without having to boot into windows. Pretty neat. However, this does lead to some interesting points about how similar SOME open source code is to proprietary code, as well as how much access the software has to the hardware. Make sure your virtual machine does not have certain ports open, don't let it know the location of your NIC, keep it away from devices it can use to transfer itself. This is speculation, but if you can use a virtual machine to scan for infections, edit the registry and use wine to run an os within an os, it's not out of the realm of possibility that a windows binary could execute instructions to an OS neutral device, such as a network card. Before I make even less sense (I'm REALLY tired), I would make an outlandish (on these boards) suggestion, if you're afraid of using the wrong virus, you could actually use some skiddy warez and make your own if you don't feel comfy writing your own mmc from scratch. If you design the payload yourself and the means of delivery as well, you know what to block off, and your lecture should go well. Kinda wierd how that could work, actually... - alienbinary
  11. Government jobs come with a variety of perks, but it's kind of important to figure out what level of involvement or committment you're willing to take. However, a LOT of jobs at entry level will offer you at least partial tuition. In healthcare, which is where I'm working (as one of my jobs) for now, I could presumably take courses on a wide vareity of subjects and get partial tuition if they were outside the scope of what I'm doing, OR, full tuition depending on the course. In research, certain departments will pay for certification in a really wide number of subjects. If I could prove that it would help me to learn another languague to assist in recruitment, they would pay for it. Basically, what I'm driving at is that the USG isn't the only agency to give those sort of extra perks and they should be dealbreakers.
  12. oh how I miss my apple II. both of them. well, one was a IIgs, but that's neither here nor there. :rock: eff tee double-ewe. considering the amazing amounts of boards that ran off apple IIs during the 80s, I would totally consider setting up a dial-in BBS like we haven't had in.. a billion years. it would be really rewarding to see, and if you still reminisce about those days, it might be a lot of fun. one of the most noteable Apple ][ boards: the metal shop BBS, host to phrack magazine. if all else fails though, holy sh*t, install terrapin, the geometric/mathematic logo-esque program that totally rocked my world when I was a little kid. a link to a Terrapin LOGO programming page alienbinary
  13. your best bet is a can opener version of knoppix released by o'reilly associates with the book "Knoppix Hacks." While it's essentially just v 3.9 or something around there, it was designed to be shoved into broken pieces of sh*t and make them work. Also, as strange as this sounds, you might consider trying an old version of windows, installing it, then running the ubuntu disc after the install process. Sometimes OEM computers have trouble with an alt operating system taking hold and you need a fat32 or ntfs partition to install over. Don't worry, a good linux or beastie install over that will wash the bad taste out of your mouth. - alienb
  14. yeah, amen to the stickers and other schwag. Ubuntu gives out stickers... hint hint.
  15. Just a heads up, if anyone is still looking around for more free distros and software from sun, I was doing some reading on webmonkey and saw the link to the same form. They've added a free request for Solaris Express Developer Edition. I'm not a huge programmer, nor have I even had time to play around thoroughly with my solaris OS DVD, but I ordered the new one anyway. I'll keep you all posted on whether it actually gets here. alienbinary
  16. I think ultimately this just boils down to: some moron is always trying to "reinvent the wheel." almost all of the internet's major problems in my opinion stem from user error. If they want to improve the internet, or "build a better one", then they need sysadmins with baseball bats and samurai swords ready to take on anyone who even thinks about running unpatched explorer.
  17. Here's something to help you get started. alienbinary
  18. I have to say though, I still haven't recieved mine yet. It's been about, I dunno. A long time. I'm not gonna complain either though. Free is free. alienbinary
  19. My suggestion: any of the usb based linux distros. see if you can find one similar to knoppix' auditor edition.
  20. dude, those aren't the clearest pics, but yeah, boston's got a lot of RFID going on lately. is one of those a cross-section of the chip?
  21. I was browsing darwinports/opendarwin when I came across a series of downloads of "hexley" the DarwinOS/OSX mascot. This got me thinking about the best mascots out there. I'm sure there are a lot more out there, add your comments here. Feel free to add posts of pictures of obscure mascots, I'd like to see what else is out there. alienbinary
  22. A lot of indy publications list area by area frequency finds. Search ebay for your area and see if anything shows up. I was extremely surprised to find that some guy was selling old crystals for a bearcat scanner I found in my girlfriend's grandmother's basement which I brought back from the technologically dead. If your scanner is digital, you might consider connecting a voice recorder to it, setting it to monitor frequencies, and setting the voice recorder to voice activated. Leave this running for a while and you'll get an idea of what sort of freqs you can find.
  23. I used to work for a radio station, and one thing that was drilled into me was that the FCC very clearly cut up the FM band to be exact. If you want to mod an FM radio to pick up other signals, you will have to change the way it actually modulates the waveforms. This is essentially an overhaul of the whole radio. I would recommend looking at: AM radios = amplitude modulation FM radios = frequency modulation SW = shortwave band WB = world band understand that these all work on slightly different principles. It isn't completely out of the realm of reason, however, to make the tuner more precise, to pick up very specific frequencies. You might try something as simple as adding an extra oscillator between the tuner and the antenna. alienbinary
  24. I was actually going to recommend the book by bunny too. good call. It's not restricted to consoles, it provides some basic understanding tuts on electronics, what each component does, and how some basic mods work. As silly as it may be and sort of pointless, I would look into the hockey puck ibook mouse hack that made them light up using an LED. Also, I would recommend doing a little asking around from your friends for disposable or old junk parts. This is because no matter how good you are, you're going to make mistakes. Don't be discouraged by them. I once took apart a pretty nice machine to mod the case, speakers and whatnot, only to find that I had used the wrong spraypaint. It happens. What was worse, was that I did it on a computer at work. Dumpster diving is a good place to start, and actually, wierdly enough, I got my best start learning basic phone phreaking mods. Remember that box plans are not only designed to help you build the mods, but they tell you where to get the parts, what they do, why you do the mods, and how to do it all step by step. You want to get a kit of screwdrivers that's extremely extensive. This doesn't however, mean expensive. A lot of computer companies make proprietary screws, which makes taking apart simple cases into an epic battle to avoid threading the screws. If you would like to learn the machine, take them apart. Try to avoid hammers, which I resigned to often in my early hardware modding days. My personal method of keeping track of the different components is actually to use shot glasses, each assigned for a different component. These are remarkably inexpensive and easy to use. It's easy to confuse parts. Also, lighting is very important. Invest in a maglite. Actually, this is a very good opportunity for you. Mini mags recently became the subject of open modification to switch from standard mag issue bulbs to LEDs. You can get the kits at any good outdoors store. Even though it may be frustrating to do something so simple, you will bolster your confidence using a tool that you've modded yourself. Good luck, and I hope this helps.
  25. For what it's worth, I direct ALL questions about AIM to my buddy Nemisis, as he spent a ridiculous amount of time mapping, redesigning and exploring AIM and other IM clients. his website is