Hacking Europe

Shmoocon 2010

fatal-error — Thu, 11 Feb 2010 16:55:10 +0000

So I was Shmoocon 2010 … it was pretty fun. Got snowed in by the worst DC snowstorm in 100 years ( global warming my ass ) and got to spend some time with some cool people.

My favorite talk was VMware guest stealing. However Ron over at skullsecurity.org has already released a NMap script for detecting this. http://www.skullsecurity.org/blog/?p=436

Check it out!

Wireless Cracking

fatal-error — Fri, 11 Dec 2009 03:33:36 +0000

So I got my hands on a Alfa Wireless-N 500mW and decided to play around with some wireless foo … I’m impressed with the new Alfa. It’s got built-in support Backtrack and it’s capable of monitor mode and packet injection.

Also I wanted to share this really simple clean guide on airodump-ng, aireplay-ng, and aircrack-ng.

http://ryanunderdown.com/linux/cracking-wep-using-backtrack.php

He makes cracking wireless so simple I think my mom could do it. ( She recently asked me if she should place a CD in the tray shiny side up or down! )

BarCrawl v1 Released!

fatal-error — Mon, 09 Nov 2009 23:33:32 +0000

I’m sure there are a billion ways to do this better but in the mean time, here it is. BarCrawl, the pastebin crawler/dumper!

Feel free to send me your thoughts or improvements.

barcrawlv1.py

keep hacking!

str0ke is not dead!

fatal-error — Wed, 04 Nov 2009 17:40:52 +0000

http://twitter.com/str0ke

He appears to be tweeting so … I think thats the last time I’m going to http://bl4cksecurity.blogspot.com

Is str0ke dead?

fatal-error — Wed, 04 Nov 2009 14:41:53 +0000

http://bl4cksecurity.blogspot.com/2009/11/str0ke-milworms-funeral-is-this-friday.html Is reporting that str0ke from milw0rm has passed away. Although it would explain his absence, I think we need to see some more official sources.

Radio Show Results and Milworm Worries

fatal-error — Wed, 04 Nov 2009 02:18:01 +0000

So I was recently on PaulDotCom’s Episode 173 and it was a good experience. I was a little nervous the first part, then got interrupted by Security Justice and did a bit better when I was talking about BarCrawl. In anycase I’m still working on BarCrawl and I’ll release it soon in the next week or so.

However on a different note, have you seen the updates on Milworm … or the lack there of? The last exploit was posted in September.

keep hacking

Internet Radio and Pastebin

fatal-error — Fri, 23 Oct 2009 00:44:33 +0000

So we’ve all heard about the pastebin Hotmail password leak … This might come as a surprise to some, but people have been using pastebin for all sorts of craziness. My friends over at Pastebinfail.com have been documenting some of the more wilder posts. Everything from base64 encoded jpegs of owl’s to botnet command and control. I’ve been toying with a python script that crawls pastebin’s Recent Posts and pops out various posts of interests. Right now it’s pretty basic, but I need it to send the data in various mediums. Using gmail was pretty stupid on my part. Google temporarily banned my account for sending myself more then 700 messages in the 24 hr. limit. But in anycase after it gets a little bit more mature I’ll release it.

I’m also scheduled to go on the PaulDotCom Podcast on the 29th of this month. I’m sure pastebin will come up.

anyways, keep hacking

ftp

Information Gathering Tools

fatal-error — Thu, 15 Oct 2009 03:02:51 +0000

Information Gathering seems to really be at the front of the list from recent talks and conferences. So I guess everyone has their own way or method when it comes to pen-testing. But I would almost guarantee that information gathering is one of the first things you do. There are a ton of tools out there starting to automate this, link relevant data together and in general make this task faster and more fruitful. Chris Gate’s talk at BruCon is pretty solid and has a great over view of open source tools.

Pick a mirror and his talk is labeled “Open-Source-Information-Gathering_Chris-Gates.ogg”
Brucon Videos
And the presentation is at
Brucon Presentations

Some of my personal favorites:
Robtex.com
And
Serversniff.net

Anyways I’m still toying with the site and trying to figure out what my goals are. But for now, keep hacking

Blurb

fatal-error — Tue, 13 Oct 2009 01:50:09 +0000

Well, my trip through Europe is long over. I’ve had to come back to the US, graduate and figure out what to do with my life. I got a pretty solid job in the security field. I’m almost where I thought I would end up. The only gotcha’s is that thing called student loan debt. In any case I think I’m going to leave the site up as long as I can afford to. Perhaps I will post various security related news, tools, etc. I know the market is pretty flooded but, over the few months I’ve won two CTF’s and I think my personal views might be fresh to the industry. We will see.

Until I feel the need, keep hacking.

Chicago Apartments

fatal-error — Sat, 02 Aug 2008 03:02:20 +0000

I hate looking for apartments. There is always that dream loft apartment just out of my price range. I’m going to go thrifty this time tho, I’m going to move in with some old roommates that I can stand and know pretty well. I gotta run for now, another few days of work and then DefCon! Woot!