Archive for the ‘Hacks’ Category

In another high profile attack the Anti-Sec movement has made it officially clear that their presence shall not go unnoticed. Imageshack one of the most used and popular image hosting sites has been hacked by members of the anti-sec movement.

From what I understand the members involved in this attack did not exact their usual punishment by rm’ing everything. Instead they decided to replace images hosted by Imageshack with their own message.

I would like to just state that from a lot of the public comments and arguments about Anti-sec it seems that there are at least a couple clear things. These are not just some script kiddies out to screw shit up. Think about it. Clear manifesto’s, high profile attacks, superb outputs with ‘wholly shit’ executions. If anyone thinks this is a bunch of 15 year old kids thinking they are cool, your a fucking moron. Mainly this goes for some of those fucks on Digg. Don’t be so naive.

To start there are some prerequisites you need to download in order to do this effectively.  Download Stackless Python 2.5.2


http://www.stackless.com


Download win32 by Mark hammond

http://python.net/crew/mhammond/


Should then work  by running python NetworkOSwatching.py from command line.  In order to run this from Binary
please make sure you have Windows Vista with SP1 Some problems have been reported running on XP SP2.
If you would like to compile a binary for XP that would be appreciated to

This is a server written in Python

[1] Connect via Putty on target computer using Raw connection port 8888. Example “127.0.0.1″ 8888 Raw
[2] After successful connection enter command “START” With out the quotes
[3] Watch for recursive file system changes

This app uses stackless for threads


Here is a binary and source download…

http://www.techshinobi.com/NetworkOSWatching.zip


To change top level directory modify

path_to_watch = “C:\\”

to anything you choose

example

path_to_watch = os.getcwd()

The Source

Read the rest of this entry »

I’ve been playing with Microsoft Silverlight and would like to share how to use it. First what is Microsoft Silverlight?

Microsoft Silverlight is a programmable web browser plugin that enables features such as animation, vector graphics and audio-video playback that characterizes rich Internet applications

Currently in Version 2 and Version 3 is in Beta. Version 2 brought with it the use of the Dynamic Language Runtime environment or DLR this allows for languages using .net to implement Silverlight Applications Such as C# VB.net Iron Python and Iron Ruby. To explain it better you can now use Python in your browser!

Silverlight uses XAML an XML based language developed by microsoft for use with silverlight

Extensible Application Markup Language, or XAML (pronounced “zammel”), is an XML-based markup language developed by Microsoft

Alright now that we know what Silverlight is we can start to use it. The examples I will be developing will be for IronPython 2.01

Read the rest of this entry »

All is fair in love and war – as it would seem.

The so called ‘Security Expert’ or ‘Hacker’ known as Glafkos Charalambous AKA nowayout / nowayin was targeted by the anti-sec group who orchestrated the Astalavista takedown recently.  Want to see it?

http://pastebin.com/m592e1f1c

The anti-sec movement ‘in relation’ to these attacks is spurred by the notions that full disclosure is not good, and that the ligaments holding the real undergound for the last 10 years are being sliced.  The so called whitehats are only motivated by monetary gain as well as notariety by disclosing exploit.

I think I’ll root for the home team.

Keep em coming anti-sec

So during my regular spree of surfing through sites that make my stomach boil, you know the regular speechless shite you can only find within the depths of cyberspace…I came back around the surface to find some very spectacular ASCII and text…

Astalavista(http://www.astalavista.com) has been hacked…

I was mystified after trudging through the page of lovely commands, the black text amongst the white background…

No tears shed here…

heres the full monty =Astalavista.com hacked pastebin

ok i know that that doesnt include the whole file, if you want it, i can send it to you, just until i figure out wtf why i cant add a .txt to my friggin / stoopid technology sometimes….

heres a full tastey pastey – http://pastebin.me/4a28bd2e05340

I was going through some papers laying around my desk and I found a diagram I scribbled up while I was building my USB HDD box

I looked all over the Internet to find a simple diagram just like this but came up empty handed… I found a diagram from Wikipedia which listed the wiring configuration in numerical form, not color coded which I needed. I ended up having to resort to trial and error, systematically hooking up each wire until my computer recognized my device, which isn’t a very good technique to use with some home brew applications because it could end with damaged equipment.

So here it is, the only known (to me) copy of a USB-B Wiring Diagram in existance on the Internet. Brought to you FIRST by Flyninja.net.  Yes, it’s kinda crappy, but it’s the best looking MSPaint graphic made from Sharpie on Post-it note that 2 minutes can offer.

(If you need a USB-A Diagram, you’re screwed)

Disclaimer:  Don’t copy Dreamcast games that you don’t already own, you’ll go to pound-me-in-the-ass prison if you get busted.

I recently discovered that you can download, burn, and play Sega Dreamcast games without ANY hardware modification.  I guess there was a huge vulnerability in it’s copy protection, to which code-junkies everywhere not only copied games, but made homebrew games and software such as Linux ports and emulators.

After I exclaim this fact, I usually get the response “Yeah, I’ve known that since it came out.”, but nobody I know personally has ever attempted using any of it.

In order to copy games that you already own, you will need a bunch of extra hardware and software, which is unnecessary due to the fact that just about every Sega Dreamcast game in existance has already been leaked to the net in a disc image format.  Original Dreamcast games are coded on a “GD-ROM” (Giga-Disc), and through some clever engineering from off-the-shelf parts, Sega was able to get 1.2 GB off ordinary CD-ROMs through using almost double density techniques… or something.  Groups who had all the fancy hardware to copy the games had to also somehow compress some of the data in order to allow the Dreamcast games to fit on a 700MB CD-R, I think they pretty much just compressed some of the audio and videos but I could be wrong…

There are TONS of YouTube videos and personal websites that go over in great detail on how to copy Dreamcast games, but it’s actually very simple.

Things you’ll need:

-Alcohol 120% Virtual Drive Software

-Padus DiscJuggler Burning Software

-Downloaded Disc Image (I’ve always seen them as *.cdi files but I’ve heard there’s some in .nrg format…)

-Blank CD-R

Note:  Lots of the disc images out there for Dreamcast games are archived in funky .rar files where it’ll be an archive full of archives. All you need to do if you get one of these is open the top archive file and extract the .cdi inside of  it… that’s it.

Step 1: Load the .cdi file into a virtual drive using Alcohol 120%

Step 2: Copy the virtual disc with ‘copy disc on the fly’ using DiscJuggler with the RAW read/write option toggled in the ‘advanced’ tab.  DON’T have it test or verify your compilation, it won’t know what it’s doing and end up wasting a blank CD.

Step 3: Wait for a long time while it burns your game and then test it with a Dreamcast.

I’ve gotten a hold of rotten images that don’t work no matter what, even after using that cdifix.exe utility. So if you get a hold of one of those, don’t try and muscle a working burn with it, you’ll just waste your discs.

There’s tons of different stuff out there that you can burn and run on the Dreamcast, here’s just a few:

-Bleemcast! is a Playstation emulator for the Dreamcast, which is only compatible with certain games, but it renders the games with better resolution than the Playstation could.  You download them and burn it together on one disc (no disc swapping required)

-Nester NES on the Dreamcast, which works pretty well.

-There’s an SNES emulator called DreamSNES but it sucks ass because it’s based off of SNES9X, which a 200MHZ PC cannot handle well, let alone a 200MHZ Sega Dreamcast.  Needless to say, don’t expect to play your games at fullspeed with DreamSNES… better yet, just skip playing with that one, it’s just headaches and heartache.

-There is also LinuxDC, which is pretty self-descriptive…  I haven’t tested it yet, but I probably will at some point.  (If you’ve played with Linux on the Dreamcast, feel free to comment about your experience)

So there you have it, new ways of playing with the ancient Sega Dreamcast.  I think toying around with the Dreamcast could be a good warm-up for those who want to port Linux to their PS3, but have no idea what they’re doing and don’t want to fuck-up their equipment.

Sweet Dreams.

Sources:

http://www.megagames.com/dc/dc_backup_faq.shtml

http://en.wikipedia.org/wiki/Dreamcast

http://en.wikipedia.org/wiki/GD-ROM

..and tons of useless YouTube Videos

Hello I don’t know how many of you are familiar with scapy (see http://www.secdev.org/projects/scapy/) There is a windows port which Zack Payton Dirk Loss and others had done

Today I am bringing WifiZoo to Windows using the Scapy Windows Port.

What is Wifizoo you ask? Taken from their website here is a description.

WifiZoo is a tool to gather wifi information passively. I wanted to do something wifi-related somewhat helpful in wifi pentesting and I did this to have fun after I discovered ‘Ferret’ from Errata Security. I know neither Ferret or WifiZoo do anything spectacular, but I thought that the idea was fun/useful anyways.

I basically wanted something that I could run, by itself, to get info from open wifi networks (and possibly encrypted ones in the future, at least with WEP ) without joining any network, and covering all wifi channels, and this is what I came up with so far. Its written in python, I can modify it easily, and it fulfills a not-very-ambitious purpose. Kudos to scapy for doing pretty much all the packet parsing for me (scapy is great).

Ok now onto the source Imagery and links

The source was pretty straight forward to change I won’t explain my secrets

but here it is running on eth0

import thing here is to “cd” to the directory where wifizoo.py is located this is important for viewing the wifizoo web interface as I found out ( at least on my system it would not dipslay unless running from the same directory )

Like I said this is still beta and working out the bugs so I won’t post the source today

here is the web interface

Ok I will explain what I have changed in the source so far to make this work

appHandlers.py
- import curses.ascii
+ #import curses.ascii

wifiglobals.py
- import curses.ascii
+ #import curses.ascii

- if curses.ascii.isctrl(c):
+ #if curses.ascii.isctrl(c):

+ if ord(c) >= 0 and ord(c) <=31:

wifizoo.py
- import curses.ascii
+ #import curses.ascii

also changing conf.eth = “auth0s” # or whatever to your intreface

anyway thats not to exciting and its not 100 % yet we will see if it succeeds

Cheers

Maboroshi