Archive for May, 2008

For all of you who enjoy reading and learning at the same time.  I would like to announce that leetupload.com’s  Gordon Johnson is putting the finishing touches on his brand spanking new book titled – “No Root for You: A Series of Tutorials, Rants and Raves, and Other Random Nuances” which I’m sure after looking over the Table of Contents you’ll be thrilled to find some extensive and interesting topics that cover some or all of our favorite vices in the computer security field. A more direct description for the book comes from Gordon himself stating “The book is about network auditing, consisting of a step-by-step tutorial guide explaining how one would go about auditing, securing, and learning why certain exploits work.”  That’s tasty. 

This book is feature length at 382 pages covering more than 36 topics ranging from spoofing, spoon-fed information series, miscelaneous exploitation techniques rants and raves, operating system hacking, hardware modification and more…thats pretty impressive if you ask me, and to be honest, I’m looking forward to adding this manifest of knowledge to one of my shelves. Here is the actual back cover summary -

As I have noticed over the years, direct spoon-fed information on anything that involves network auditing or anything of the sort has been rather scarce these days. This is why my book has spawned in such a form that resolves this issue. The idea is to prove that such tasks may be explained in an articulate manner, while still maintaining a proper rapport with the individual. People tend to speak in lofty tongue when they have a superiority complex. I negate this completely by drawing back the verbal curtain and cut straight to the point. This is done by speaking in layman’s terms while still maintaining proper terminology when absolutely necessary, and explain such thoughts in metaphor to explain the idea in a more descriptive form. As you may have guessed, this is a network auditor’s quick reference bible. Not only does it contain step by step illustrated tutorials, but an explanation in regards to why each exploitation or what have you works, and how to defend against such attacks. Be prepared, one might also discover a few rants and raves, as well as a few other random nuances therein.

The book should be released soon sometime between mid to late June so if your looking to obtain a copy you should keep yourself updated at leetupload.com where you can also learn more about the book – or here, because I will post about it’s availability as soon as it’s release.  Congrats on your new book Gordon, we can’t wait to see it.

You can install Ventrilo under Wine very easily in Ubuntu Linux 8.04.  I did it and got it working in well under an hour.  Here is how you can accomplish such a feat. so you can join your friends on a Vent server whilst gaming or whatever else you may use Ventrilo for.

First : Make sure you have the newest version of Wine setup and installed.

Second : Download Ventrilo for Windows (Here) and install it under Wine.

Third : Now Vent at default requires the use of an audio codec called GSM 6.10, and from my own experience this codec/driver is not included in WINE right of the bat, so youll have to get the file msgsm32.acm (here) and place this file in your system directory under Windows in WINE (you may also try putting it in system32 which is fine, i actually put in both spots to be sure).

Forth : goto the Windows directory (should be /home/.wine/drive_c/windows) and open the file named system.ini and place this line in it under the drivers32 section (for organization sake)

MSACM.msgsm610=msgsm32.acm

ok now you may not have to, but I restarted my computer

Voila! You should now have Vent working, now you may get some errors, but they shouldnt hinder your use to voice chat, as well I have found out and it may only be on my computer and not others but Overlays wouldnt work, but i think it was hardware issue, youll just have to try it out yourself! I hope this helps any of you having trouble with getting this working, also make sure to keep an eye out, the guys who develop Vent are working on a Linux client! Enjoy.

Hello I don’t know how many of you are familiar with scapy (see http://www.secdev.org/projects/scapy/) There is a windows port which Zack Payton Dirk Loss and others had done

Today I am bringing WifiZoo to Windows using the Scapy Windows Port.

What is Wifizoo you ask? Taken from their website here is a description.

WifiZoo is a tool to gather wifi information passively. I wanted to do something wifi-related somewhat helpful in wifi pentesting and I did this to have fun after I discovered ‘Ferret’ from Errata Security. I know neither Ferret or WifiZoo do anything spectacular, but I thought that the idea was fun/useful anyways.

I basically wanted something that I could run, by itself, to get info from open wifi networks (and possibly encrypted ones in the future, at least with WEP ) without joining any network, and covering all wifi channels, and this is what I came up with so far. Its written in python, I can modify it easily, and it fulfills a not-very-ambitious purpose. Kudos to scapy for doing pretty much all the packet parsing for me (scapy is great).

Ok now onto the source Imagery and links

The source was pretty straight forward to change I won’t explain my secrets

but here it is running on eth0

import thing here is to “cd” to the directory where wifizoo.py is located this is important for viewing the wifizoo web interface as I found out ( at least on my system it would not dipslay unless running from the same directory )

Like I said this is still beta and working out the bugs so I won’t post the source today

here is the web interface

Ok I will explain what I have changed in the source so far to make this work

appHandlers.py
- import curses.ascii
+ #import curses.ascii

wifiglobals.py
- import curses.ascii
+ #import curses.ascii

- if curses.ascii.isctrl(c):
+ #if curses.ascii.isctrl(c):

+ if ord(c) >= 0 and ord(c) <=31:

wifizoo.py
- import curses.ascii
+ #import curses.ascii

also changing conf.eth = “auth0s” # or whatever to your intreface

anyway thats not to exciting and its not 100 % yet we will see if it succeeds

Cheers

Maboroshi

Provided that recently we have been having some problems with the Public IRC channel we have decided to move it to irc.suck-o.com #flyninja

For some reason there are members and people whose ISP has been banning irc.pseud0.net for whatever reasons, and some server issue recently kind of messed things up, so thats our reason for the change (it used to be the private channel at suck-o, we’ll just make it open now)

So stop in grab a soda and relax, chat a bit and share whatever ideas you may have, get involved in some projects or simply ask a question and see what kind of response you get! See you there!

So, I was browsing Barnes and Noble’s computer security section, and I saw what looked to be a Manga. Well, it turned out it was in the right section. It was Hackerteen: Internet Blackout (Volume 1). It is a start of a series that explains how to get into serious computer knowledge for teens that “spend most of their time on social networking sites or playing games” but know nothing about how the internet truly works.  Well, there are site links in this graphik novel from explaining everything from opensource, to DNS, to explaining how open standards would have saved more lives on the Titanic. And this is an interesting read.  Hackteen itself is a Portuguese program that allows for online education of Teens on internet through a “belt system” (as in martial arts).   It does cost money, and isn’t available in English right now, but soon will be. Anyway, look for Hackerteen:Internet Blackout on Amazon or your favorite bookseller.

I’m sure everyone that uses Linux knows that wireless is a pure pain in the ass.  Well, I’ve been trying to get my AR5007EG to work with Ubuntu Gutsy ever since I installed Linux on my Acer Aspire lappy.  I tried everything… ndiswrapper, USB wireless cards that were unsatisfactory for large downloads or long periods of time.  It was seriously turning my primary boot of Gibbon into a de facto secondary boot.  Well, I downloaded Heron and started bothering people at Best Buy and Circuit City about installing another wireless card (I don’t like messing with laptops, even though I am a hardware geek).  They told me that it was a pain in the backside, but that I’d have to do it myself.  So much for Geek Squad.

Well, I finally found the perfect website for getting my Atheros Piece of S#*$ wireless adapter to work with Heron perfectly (long periods of time, long downloads). Maybe it will work for some of you.  http://www.ubuntugeek.com/atheros-5007eg-with-madwifi-on-i386-platform.html This is great.  It worked perfectly the first time around and ended some of the manual configuration of my USB linksys wireless card.  Linux, wireless nightmare that it is, doesn’t have to be plugged in all the time. And it saved my laptop from becoming a desktop or my Linux boot from being deserted.

Thats right Flyninja.net will soon be loaded with a music player that will play random songs from a playlist when the page loads.  If you have some certain songs you’d wish to hear when your browsing the site, hit me back with your requests.  As well the player will also host audio chatter from myself and other members that will be listed amongst some of the songs.

I’m working on more T-Shirts everyone, as of yet Flyninja gear shop is not up yet as you can see, however if your one of the many who wants one of these cool shirts, shoot me an email and we can set it up so you can get one. We currently have XL, L, M sized white T’s with either of the designs I’ve previously displayed on the site.  We will also offer womens sizes So get your orders in :p- All proceeds goto the site, its developments and its projects.

Thats it on updates at the moment, Stay Tuned for more and dont forget to vote for us at Progenic and Darkmindz!