• Content count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About deadc0de

  • Rank
    SUP3R 31337 P1MP
  • Birthday 05/09/1988

Profile Information

  • Interests
    Programming<br />Security<br />Encryption
  • Location

Contact Methods

  • Website URL
  • ICQ
  1. anything...but most likely if you get a .doc file from your co-workers or whatever they aren't viruses. A virus copies itself to other documents. Whether they know it or not, they could be sending you an infected file. Don't forget that a virus can also generate bogus infected documents or infect legit documents and send them to everyone in the address book. Don't automatically trust people you know, don't trust any attachments ever and be specially wary of anything containing executable code (such as .exes and .docs). Trojans often connect out instead of waiting for incoming connections. Your NAT router won't help you there. A software application-level firewall will though. A NAT router will protect against worms that exploit vulnerable services running on your system but does nothing against other types of malware. Dirty dirty reverse shells. Many a firewall has been brought to it's knees thanks to those. Windows can actually be incredibly secure as long as you don't have downs and run the right software (IDS', Daily AV/malware scans, spyware scans, firewalls -hardware based).
  2. <--edit by droops -->
  3. WinPcap is driver based so a thumb drive is out of the question for the most part. Unless you hand some super complicated on-demand bootloader or something. If you don't have any other options I'd recommend setting up an SSH tunnel and SOCKS proxy system. You can probably use PuTTY among other tools to do this with relative ease. However overkill for this scenario, I think you'll thank me later when you're browsing firewall/proxyless. On the second link pay specific attention to the comments people leave.
  4. It's linking you to your hardware. Where they can't *immediately* do anything to catch/identify you they can cross reference your IP at the time of the crime, to the MAC address registered at their router and have themselves a criminal as deadwax said. Not that I promote nefarious activity at a coffee shop, at least take the proper precautions to remain anonymous. You can never be too paranoid when hiding in plain sight. I would think it would be very difficult to find the person. Suppose they do find out where the connection came from (the open wifi network). How would they know which person to trace it back to? This is assuming it takes them many "man hours and resources" to find where the connection originated. They would have to rely on cameras. And if the person is sitting in a car outside the building where the wireless network is located, and out of camera's view, they will probably never find them. If they really want to catch someone, they had better do it in real time while the person is still connected to the wireless network. They would know by hardware identification. They couldn't catch you doing the crime you committed earlier, but in terms of man power and resources all they would have to do is set up a packet sniffer right in the middle of the coffee shop and have another guy watching the WiFi points logs and then when they see that same MAC address pop up they know it's you and detain you for questioning. After they they'll probably have gotten a warrant to go through and they'll be able to confirm it was you by examining your hardware and charge you appropriately. It's not a very difficult task tracing anyone at any point on the internet.
  5. Sounds more like just being a hacker trying to terrorize something. The definition of skiddie is too loose, they could also be "black hat". Also, chaining ellipses is cool.
  6. 92% of statistics are made up. 43% of people know that. Ruby's concurrency support is pathetic compared to other languages (Erlang, Limbo, Mozart/Oz, Alice, etc). The implementation choices are inherently flawed for dealing with large-scale concurrent programs. They're really not something to brag about. What does Python's forced indentation have to do with dynamic typing? It's a choice the designers made to try to enforce readable programs, one that most good programmers would enforce naturally. So wait, you'd write a large scale, multi-threaded program in a interpreted language? Once again, that was a plus for me. I've never even heard of half the languages you listed, because they obviously aren't popular enough for me to even care. Ruby is new to the scene once again, and it's still being worked on to be faster, and better. Go back to my last sentence. Use the right tool for the job. Larger scale projects should use a language like C. The rest of it I won't even address because you're flamebaiting.
  7. Right... C is very portable, just look at NetBSD. It's only a matter of writing portable code. If the framework provides interfaces for this, there should be no problems. I don't think they didn't choose C 'cause of portability issues. You didn't even argue any valid points here. First off what was the development time-line for NetBSD, and how long did it take to port it across frameworks and architectures? Yes C is completely portable. But is it quick and easy to say, port a large Windows or Linux development project across platforms or even architectures? No. Not at all. Even at the simplest level you need 2 different compilers, and whole entire new set of libraries (ex. Can't use winsock2.h in Linux can you!) Secondly, and I quote "The C/C++ programming languages were also deeply considered but in the end it was obvious that attempting to deploy a portable and usable framework in a non-interpreted language was something that would not be feasible. Furthermore the development time-line for this language selection would most likely be much longer". Why don't you read before talking next time? The Ruby STL is quite large. You don't know it until you try it. Read some books on it before shit-talking it. As for python, line indentation that is REQUIRED for a script or program to work correctly is not natural to alot of people (even this is covered in the developers guide for metasploit), and is really annoying when you fuck it up. Just read the developers manual. They have a section called "Why Ruby?" that is there to explain to people like you why they did it.
  8. Previously it was PERL. 70% of all hacking-based software or scripts were written in PERL. Now it's up against Python and Ruby. Ruby wins with me because: -------------------------------- - Pure OOP - Cross platform multi-threading, and threading (yes, believe it) - Interpreted (meaning it's 100% cross platform) - Easier to read than PERL - More dynamically typed, unlike python with it's required indentation (which is terrible, but others can argue it's good) - RoR is incredibly easy to use, and efficient - Much like the creator Matz I was (and still am) a C++ programmer. Going to Ruby was easier than going to python. - Strong exception handling - PERL-like Regex - Fairly large STL I don't like that Ruby is a tad slower (However, on a decent system this speed difference is not noticeable at all). I also don't like how it doesn't have an extensive repository of modules like PERL does. However it still dominates in my eyes. In fact, metasploit was rewritten from PERL to Ruby (C was considered but tossed, because anyone trying to make a 100% portable framework would be 100000x harder to do in anything but an interpreted language, and unlike alot of people like to think harder doesn't always mean better). It is 10 years old, but only recently left Japan and went international. So people are just starting to really get building with it. I'm even bold enough to say that it will be the new PERL. The best way to go is C++ and an interpreted language. I really only use C for lower-level programming (and believe it or not, ruby can go lower than most interpreted languages) and some very rare occasions where C might be more productive to use. Follow the "Use the best tool for the job doctrine".
  9. It's not as much a program as hacked firmware. The standard WRT54G firmware doesn't let you do that iirc, but I know there's a certain set of hacked firmware that will. Google for it, I'm sure you'll find it. EDIT: Mikhail has got the right idea
  10. It's a shame what the world has come to. Paranoia about your significant other is pretty much the norm, trading passwords for a false sense of security. It happens more than one wants to admit. If there's a business catering to a nation of insecure teenagers, why not jump on the bandwagon and make a little cash?
  11. The notice can be seen in the 3rd page of search results while googleing "celebrity wallpapers" (or you can just go here <a href="" target="_blank"></a>) In it the notice they have a link to the specific notice from the company that requested the removal of the content (Perfect10) <a href="" target="_blank"></a> I've been an avid google user for years and have not seen anything like this. However the notice on dates back to 2005. So was google slow to add these dmca notices or am I just blind and ignorant? They've been adding them over time. I don't think it's anything we need to worry about. The links are still supplied, just in a hard to find form. 10 bucks says they're doing it just to make the RIAA and other alphabet soup agencies happy.
  12. You're a tool to the media and nothing more. If you knew anything other than how to google you know there are hats to hackers, and the people you defined are considered black-hats, or crackers. How about researching on sites run by hackers huh? Aren't you arrogant. Who said exploiting isn't hacking? An exploit can be found and knowledge can be gained from it. Therefore it is still hacking. Way to go. You're no better than the guy I just flamed. Who said metasploit framework is a skiddie tool? Sure it's nice for skiddies. But it's useful for ITs and developers too. Why don't you go back to school kid. To answer the OP's question. We don't help scrubs hack their boxes because that's basically handing them a tool to revenge, passing blame to us if they get caught. In other words liability is a factor here too. It's also not the "hacker way" to just hand someone an answer to a problem. Helping, is not always answering. Deep down hacking is a culture, and beyond that a way of life. It's not just some geek breaking into peoples boxes. Believe it or not there has been research showing there is a "hacker personality". That website does a good job at explaining some of the facets.
  13. Wrong. Through reverse engineering and careful assembly analysis one can tell traces of other languages. VB has a different assembly coding style (with different conventions) than C++ or anything else. For example. You can tell C by it's massive library calls and obscure functions. C is the hardest to identify, VB being the easiest. I'd do a short example on how to tell but I only have C programs on here, and without a easy to disassemble VB program I don't have anything to compare it to. Detailed ASM forensics takes time. But yes, you can determine what language something is written in. Maybe I'll make a tutorial on language identification later on. It can be done. But it's far from simple. Viewing the code is realistically possible, but far from probable. The code at best can be reconstructed with basic names, but the exact code mimicked word for word? No. You lose all code specifics during the linking and assembling phases. Warez are created through careful analysis of the underlying ASM. It's no laughing matter. It takes time and deep understanding of your operating system.
  14. Since we're being blunt and stupid. You're bad.
  15. If you're not totally comfortable with the languages you're using why are you doing such complex projects?