So You’re Sick Of Being A SKIDDIE? Let’s Hack For Real


This post below is an article written by michaeljay from HackForums, you can see the original post here.  I find it quite informative and it has quality over other similar threads.

Then what can you do about it?

Sick of just being able to push buttons and not know what you’re doing? Tired of seeing error messages in aircrack and being frozen because you have no real idea of what you’re typing? I saw a thread here from someone saying he’s sick of being a skiddie, so I figured I’d write this post up to explain how I went from being a skiddie to someone who knows his way around various protocols and techniques. Not that I consider myself a l337 hax0r, by any means. Most of the posters here would blow me away with their skill and knowledge. But I feel I’ve got some stuff to share, and my girlfriend is doing her own thing tonight, so I’m going to write this post up for you. For good or for evil. Read the rest of this entry »

Cracking SMBNT with Medusa


As I am learning more about the SMB protocol for Windows, I came across Medusa.  So first thing I did was try and hook it up with a dictionary and attack my Windows OS which is on Windows 7.  After installing it, (see here to know how), I looked at the arguments and start cracking!  I tried cracking using THC-HYDRA but I had some difficulties at first.  The commands are pretty much the same if you look at it. Read the rest of this entry »

Medusa Parallel Network Login Auditor by Foofus


Something similar to THC-HYDRA, Medusa was written by JoMo-Kun from Foofus.

Medusa is intended to be a speedy, massively parallel, modular, login brute-forcer. The goal is to support as many services which allow remote authentication as possible. The author considers following items as some of the key features of this application:

  • Thread-based parallel testing. Brute-force testing can be performed against multiple hosts, users or passwords concurrently.
  • Flexible user input. Target information (host/user/password) can be specified in a variety of ways. For example, each item can be either a single entry or a file containing multiple entries. Additionally, a combination file format allows the user to refine their target listing.
  • Modular design. Each service module exists as an independent .mod file. This means that no modifications are necessary to the core application in order to extend the supported list of services for brute-forcing. Read the rest of this entry »

Winfingerprint | Enumeration phase!


Winfingerprint is a Win32 MFC VC++ .NET based security tool that is able to Determine OS, enumerate users, groups, shares, SIDs, transports, sessions, services, service pack and hotfix level, date and time, disks, and open tcp and udp ports.

Source: http://sourceforge.net/projects/winfingerprint/

Thread.Sleep (.NET) vs Sleep Function (WinAPI)


Thread.Sleep is a sign of a poorly designed program.

by Peter Ritchie.

Thread.Sleep has it’s use: simulating lengthy operations while testing/debugging on an MTA thread.  In .NET there’s no other reason to use it.

Thread.Sleep(n) means block the current thread for at least the number of timeslices (or thread quantums) that can occur within n milliseconds.  The length of a timeslice is different on different versions/types of Windows and different processors and generally ranges from 15 to 30 milliseconds.  This means the thread is almost guaranteed to block for more than n milliseconds.  The likelihood that your thread will re-awaken exactly after n milliseconds is about as impossible as impossible can be.  So, Thread.Sleep is pointless for timing.  Read the rest of this entry »

Armitage | Beyond Metasploit


You might want to consider using Armitage as your primary arsenal apart from using Metasploit’s msfconsole or msfgui.

What Is Armitage

Armitage is a graphical cyber attack management tool for Metasploit that visualizes your targets, recommends exploits, and exposes the advanced capabilities of the framework. Read the rest of this entry »

What is Pass-The-Hash Toolkit?


The Pass-The-Hash Toolkit contains utilities to manipulate the Windows Logon Sessions mantained by the LSA (Local Security Authority) component. These tools allow you to list the current logon sessions with its corresponding NTLM credentials (e.g.: users remotely logged in thru Remote Desktop/Terminal Services), and also change in runtime the current username, domain name, and NTLM hashes (YES, PASS-THE-HASH on Windows!).

Source: http://oss.coresecurity.com/projects/pshtoolkit.htm

SAMInside

Setting up Karmetasploit in Ubuntu 10.10


This is one old post that I have never written on after saving the draf on the link that teaches how to run Karmetasploit.  Basically, what we will be doing in this post is to run the Karmetasploit module and start sniffing cookies into our database.  In this post, we will look into the commands we type until we are able to sniff cookies using Karmetasploit. Read the rest of this entry »

File Extension Spoofer (FES) by AjuL Inc


Okay, basically you want to try to run a malicious software, something nasty, on someones computer and you don’t want to send over a executable but an image!  I believe many of you have went to distance to find this solution, some even tried a shortcut option for it and compress it in a rar.  Okay here’s the tool by AjuL from ajulinc.org and it’s called File Extension Spoofer.  How great this works, I have no idea as I don’t run .NET 4.0 and above on any of my stations.  Check out how it works.

Read the rest of this entry »