Shameful plug here guys.
I've compiled the sources earlier this morning into deb packages for those that want to play with it without building from source (building from source will confuse the system and you might not get updates).
Both i386 and amd64 versions working on BT5 r2 here. http://www.phillips321.co.uk/2012/05/22/creating-a-debian-package-from-source-checkinstall/
Thankgod someone here understands the arty of wifi cracking.
But from the looks of things this guy is a douchbag, if he is dumb enough to get caught i also guess he was dumb enough to use a replay attack in order to gather enough IVs. I guess he was also dump enough to connect to the network with his hardware MAC address rather than a cloned address from the target network. I guess his hostname was also something dumb like "BarrysLaptop".
For those out there wishing to do this take precaution!
Use bootable usb stick for all hacking (and quickly swallow if feds show up)
When sniffing for WEP IVs or WPA handshake do so without inbjectng traffic
Change mac address to one that target network is already using
Change hostname to match targets machine
If using backtrack then ensure HTTP get requests match that of the targets machine: if target use Internet explorer and all your requests come from Firefox on a linux host it's pretty obvious is was spoofed.
ALL IN ALL DONT DO IT! If you have a problem with the neighbour just speak to him like a normal human being over a cold can of beer
Ummm, WEP requires enough IVs to crack, either through sniffing the network and capturing IVs (slowly) or by using a replay attack against the router in order to massively speed up the IV collection process.
WPA on the otherhand can be performed offline once the 4 way handshake as been captured.... (Which can be optained by waiting for a valid client to connect or by de-authing the clients and then capturing the handshake once they reconnect)
And boom there it is, if you don't need it why is it running?
More cpu cycles consumed.
More memory consumed
If a remote code execution vulnerability is released for that version of telnet then wham.... .....these are the reason that you would not be considered a good admin!
I'm a pentester and the lead maintainer of a pentest Linux distro based on gnome: gnacktrack.co.uk........
Yet i also train in MMA daily and although what the Americans would term as a Rookie, i am yet to loose at the standard i'm fighting. I would say i'm both a geek and cool.
That was the first thing i thought... ....a glider type fixed wing with solar panels on the topside could use thermals and solar for none stop "droning"
You lost me pretty early on, i think after the 2 words "I work". What is this "work" thing you are on about?
Fair play though, this would take a considerable amount of effort and time and i doubt anyone in the open source world would benefit from this unfortunately, please correct me if i'm wrong and provide an example of how an ATC system could be used 'at home'
+1. This would make the game more realistic but with the amount of aiming we do how would our left eye lid cope with the closing opening all the time!!!
And is anyone going to take a step by step walk through the above to explain it to people who can't (obviously me or i'd be doing it myself for others.)
The wonderful thing about his product though, is that he can keep selling it even after he has sold it.
He doesn't have 1.5 million accounts to sell once, he has 1.5 million accounts to sell over and over and over. He may only be able to get $50k for the lot, but he can sell them all a dozen times. Depending on if they catch him or not, and how effective they are at getting people to change their passwords (the only way to make the accounts worthless), this guy could make half a million dollars or more pretty easily.
Not if I'm the first to buy them and change the passwords on the accounts....
Slashdot Mirror
'The Naked Prey' old film but is on netflix. Pretty good and some good documentary sections. (Elephants getting shot is a bit graphic!)
Nice, I noticed it myself :-)
Good luck with 127.0.0.1, I've heard it can be difficult to both attack that box and defend your own at the same time!
So here's the commited metasploit module: ubisoft_uplay_cmd_exec.rb And the POC working in a video This is now fixed in version 2.0.4 (recently released and auto updates uplay)
There's such thing as great coders and also such thing as great developers, but rarely, if ever, the both together.
Shameful plug here guys.
I've compiled the sources earlier this morning into deb packages for those that want to play with it without building from source (building from source will confuse the system and you might not get updates). Both i386 and amd64 versions working on BT5 r2 here. http://www.phillips321.co.uk/2012/05/22/creating-a-debian-package-from-source-checkinstall/
Yeah but everyone buys the nice guy a pint in the bar afterwards! Lose the battle but win the war ;-)
I thought you were going somewhere else with this:
....the rest was devoted to sleep!
"maybe six hours of work if you really stretched things".....
But from the looks of things this guy is a douchbag, if he is dumb enough to get caught i also guess he was dumb enough to use a replay attack in order to gather enough IVs. I guess he was also dump enough to connect to the network with his hardware MAC address rather than a cloned address from the target network. I guess his hostname was also something dumb like "BarrysLaptop".
For those out there wishing to do this take precaution!
Ummm, WEP requires enough IVs to crack, either through sniffing the network and capturing IVs (slowly) or by using a replay attack against the router in order to massively speed up the IV collection process.
WPA on the otherhand can be performed offline once the 4 way handshake as been captured.... (Which can be optained by waiting for a valid client to connect or by de-authing the clients and then capturing the handshake once they reconnect)
WAIT... before you do anything just think of the possibilities.....
If this is your boss then surely blackmail is the way forward! (unless he's a cool boss = congratulate him and join him next time)
meh, just noticed my bad spelling :-(
** You're = your
Your a tard! Mod parent down please!
MultiUSER is when you require more than one user
MultiTASK is when you wish to carry out more than one process.
And boom there it is, if you don't need it why is it running?
.....these are the reason that you would not be considered a good admin!
More cpu cycles consumed.
More memory consumed
If a remote code execution vulnerability is released for that version of telnet then wham....
Agreed!
I'm a pentester and the lead maintainer of a pentest Linux distro based on gnome: gnacktrack.co.uk........
Yet i also train in MMA daily and although what the Americans would term as a Rookie, i am yet to loose at the standard i'm fighting. I would say i'm both a geek and cool.
That was the first thing i thought...
....a glider type fixed wing with solar panels on the topside could use thermals and solar for none stop "droning"
so how about hackers innovate themselves a new term.
You mean like something cool like Penetration Testers???
Go figure i just checked and this is already taken for something....
You forgot to mention that the dog taking a shit is an extra add-on........Flash!
You could change identities whenever you please.
Finally my dream of becoming a 10year old choir boy is getting ever closer :-)
You lost me pretty early on, i think after the 2 words "I work". What is this "work" thing you are on about? Fair play though, this would take a considerable amount of effort and time and i doubt anyone in the open source world would benefit from this unfortunately, please correct me if i'm wrong and provide an example of how an ATC system could be used 'at home'
+1. This would make the game more realistic but with the amount of aiming we do how would our left eye lid cope with the closing opening all the time!!!
And is anyone going to take a step by step walk through the above to explain it to people who can't (obviously me or i'd be doing it myself for others.)
The wonderful thing about his product though, is that he can keep selling it even after he has sold it.
He doesn't have 1.5 million accounts to sell once, he has 1.5 million accounts to sell over and over and over. He may only be able to get $50k for the lot, but he can sell them all a dozen times. Depending on if they catch him or not, and how effective they are at getting people to change their passwords (the only way to make the accounts worthless), this guy could make half a million dollars or more pretty easily.
Not if I'm the first to buy them and change the passwords on the accounts....
For those that wish for the debian build they can get it from here
+1 to this guy, well said. Now where's my fleshlight?
I bet they do give a shit when they try using a hammer to fit a 1366 pin into a 1156 socket!