• Content count

  • Joined

  • Last visited

Community Reputation

0 Neutral

About SynAck666

  • Rank
    DDP Fan club member
  • Birthday 07/26/1974

Profile Information

  • Interests
  • Location

Contact Methods

  • Website URL
  • ICQ
  1. if you already have traffic coming to your pc on say port 80, and you want to simply redirect it to another pc on another port for example 8080, you could simply set up a redirector using netcat. nc -L -p 80 | nc 8080
  2. I've recently got hold of a IPAQ 514 with WM6 installed. I've been looking around the web but i'm yet to find many decent tools such as a port scanner etc.. I have installed WiFiFoFum which is similar to Netstumbler and probably similar to Ministumbler and it works very well but the other tools i would like to try are for other platforms such as PalmOS. Any ideas for tools for WM6 that may be useful in a wireless pentesting scenario? Many thanks. SynAck
  3. Just to let anyone who is interested know, i found a program. The command-line version of Autoruns called Autorunsc. it's available on Regards SynAck
  4. I'm currently preparing a blog entry on Malware Hunting and one of the things i want to include is a method of listing services and the path to the executable that starts the service on Windows PC's. I know Autoruns from SysInternals will do this but i was hoping to be able to do this without the GUI so i can script it. Is anyone aware of a program that can do this from the command-line? Regards SynAck
  5. If you have physical access you could use a tool such as the one the linked website to reset/amend the password on certain accounts.
  6. CEH

    i found that reading books such as CounterHack Reloaded and Pentesters Open Source Toolkit and really trying to understand the concepts, methodologies and tools in depth gave me more than what i learned on the CEH, and setting up a home lab to test on is a must. I also found that by volunteering for everything and anything security related at work gets people to know that your interested and gets you exposure to the field. It worked for me. The biggest problem is if your in an organisation where people don't take security seriously is getting buy in from the top down. Good luck with the interview.
  7. CEH

    I attended the 5 day boot camp for the CEH in feb and sat the exam and passed on the final day. In my opinion the course was not worth the money spent and i don't believe it's a cert employers would take seriously due to the title. The content was poor and was basically "here's a tool to scan networks, it's called Nmap. Here's another tool it's called.............etc...." You only have to look at the course content on the website to realise that you won't be going into depth on anything. If i could do the same again i would look at the SANS courses. What you learn on the CEH was okay and fun and it might start you off, but it's not gonna make you a pentester without a lot more work.
  8. ok, try this. 1. copy calc.exe into the directory your in, my examples will assume H:\ 2 run "echo test >testfile.txt" 3. run "start testfile.txt". This should open the file you just created in notepad or your text file editor of choice. 4. run "type calc.exe > H:\testfile.txt:calculator.exe" This puts calc.exe into the ADS of testfile.txt 5. run "del calc.exe" this deletes the calc.exe that you copied in step 1. 5. run "start H:\testfile.txt:calculator.exe" this will start calc.exe from he ADS. The full path is important to start the file. by looking at the file size before and after the calc.exe is added into the ADS you will notice that no there is no change to the file size. by running "start testfile.txt" you will only see the original file, this can be added to or amended without affecting the ADS. If the file is copied to a partition that is not NTFS or a USB device that is not NTFS it will lose the file in the ADS. Tools such as LADS.EXE and SFIND.EXE from the Forensic Toolkit (foundstone) will both discover files hidden in ADS. Hope this helps SynAck666
  9. What the script is showing you is the commands to use an alternate data stream (ADS) to do this you need to be on an NTFS partition. type example.exe > readme.txt;example.exe this command prints example.exe to stdout but then redirects it to the the alternate data stream of readme.txt erase example.exe This command just gets rid of example.exe start C:\users\mike\readme.txt;example.exe And this command is used to start example.exe from where it is now located. Bear in mind that when running a directory listing after putting the file into the ADS you will not see an increase in the file size of the original file. Below is a link to a good article on this subject.
  10. A while back i came across a perl script that could use google to mine email addresses of a particular domain and list them out into a file. it worked like: it would then go out and fetch all the email addresses from google for the domain name, which is similar to what Bidiblah does i guess. I thought it was also a sensepost script but now i'm starting to think maybe not as i've looked on the site and cannot find it. Does anyone know of the script or know of a way to do this with Lynx maybe. Regards SynAck666
  11. I've seen a video tutorial on the data carving and other uses for dd before at the site below. Although there are tools that will do the data carving for you, using a tool such as dd really gives you an understanding of what is going on behind the scenes I find.
  12. I'm creating a new blog entry on disk imaging using dd and i was curious as to if anyone has any particularly inventive uses for dd for anything other than imaging? Regards SynAck666
  13. my user account is listed in the local admin group. I would think that gives me full admin rights. no? It should do, but you never know with Vista. I would still open up a prompt as Administrator and give it a go. Unfortunately i have never used Nmap on windows, only on Linux. sl (which i think stands for scanline) from Foundstone is a scanner i like to use on that platform. or if i use a scanner with a gui i like SuperScan
  14. Could this be a permissions thing? i know i had an issue in vista and wireshark and it rquired me to run it as Administrator.
  15. i found binrev a while back from hearing it mentioned on Podcasts. The Pauldotcom one i think.