Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - lucid

Pages: 1 [2] 3 4 ... 10
Scripting Languages / [Ruby]IP logging webserver
« on: June 13, 2014, 10:19:39 pm »
Hopefully this doesn't seem like shit posting. This is something I put together this morning, and I'm looking for some more ideas on what to do with this. Fr those of you who can't make sense of simple code, what this does is listen on whatever port you tell it to and then logs all IP addresses that connect to it in a file. When the client connects it prints the client's IP address to the client. It's like a What'sMyIP server. Just fire this server up and enter the IP and port into your URL on the client. Here's the code:
Code: Ruby
  1. #!/usr/bin/env ruby
  4. require 'socket' # We need this shit
  7. # Build the socket
  8. server =[0])
  11. # Begin for exception handling
  12. begin
  14.     loop do # Keep server alive
  15. do |c| # Threaded for simultaneus connections
  17.             # Prints requests to server for debugging
  18.             request = c.gets
  19.             STDERR.puts request
  21.             # The whole point of this script
  22.             res = "Your IP address is: #{c.peeraddr[2]}\n"
  24.             # Build a proper HTTP response
  25.             # Be sure to include required whitespacing
  26.             c.print "HTTP/1.1 200 OK\r\n" +
  27.                         "Content-Type: text/plain\r\n" +
  28.                         "Content-Length: #{res.bytesize}\r\n" +
  29.                         "Connection: close\r\n"
  31.             c.print "\r\n"
  32.             c.print res # Print the actual response
  34.             # Logs connecting clients IP addresses to a file
  35.             # Saves the exact time of connection
  36.             # Appends logs
  37.   "iplog.txt", "a") do |log|
  38.                 log.puts "Connection from #{c.peeraddr[2]} logged at: #{}"
  39.             end
  41.             # Close that shit
  42.             c.close
  44.         end
  45.     end
  47. # Gets rid of ugly error messages with Ctrl-C
  48. rescue Interrupt
  49.     puts " Connection terminated"
  51. end
The only trouble I am having is that the exception for SocketError doesn't actually go into effect. It posts the actual Ruby error instead of the output I specified. Not a huge deal really, but I've done it plenty of times before successfully. I'm looking for ways to further this code.

EDIT: Almost forgot. Here's the client code if you want to try it via command-line. I just stole this from a Rubydoc website because it wasn't my focus and it's extremely simple code.
Code: Ruby
  1. #!/usr/bin/env ruby
  4. require 'socket'
  7. req = "GET / HTTP/1.0\r\n\r\n"
  8. s = ARGV[0], ARGV[1]
  9. s.print(req)
  10. res =
  11. headers, body = res.split("\r\n\r\n", 2)
  12. print body
Note: The server only works on port 1023 and above.

Hacking and Security / SSH Keys problem?
« on: June 10, 2014, 04:30:18 am »
I've been working on this stupid thing for the better part of a day. I can't seem to connect to my server if I use key authentication only. The error I'm getting is simply:
Code: [Select]
Permission denied (publickey).

Now, here's the details. I'm using a user on my client made specifically for SSH. This user's name is shell. The user on the server is also named shell. Hopefully that doesn't confuse you. Here's the server's sshd_config:
Code: [Select]
# $OpenBSD: sshd_config,v 1.93 2014/01/10 05:59:19 djm Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

AllowUsers shell
Port 12222
#AddressFamily any
#ListenAddress ::

# The default requires explicit activation of protocol 1
#Protocol 2

# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_rsa_key
#HostKey /etc/ssh/ssh_host_dsa_key
#HostKey /etc/ssh/ssh_host_ecdsa_key
#HostKey /etc/ssh/ssh_host_ed25519_key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 1024

# Ciphers and keying
#RekeyLimit default none

# Logging
# obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin no
#StrictModes yes
#MaxAuthTries 6
#MaxSessions 10

#RSAAuthentication yes
#PubkeyAuthentication yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile ~/.ssh/authorized_keys

#AuthorizedPrincipalsFile none

#AuthorizedKeysCommand none
#AuthorizedKeysCommandUser nobody

# For this to work you will also need host keys in /etc/ssh/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
PasswordAuthentication no
PermitEmptyPasswords no

# Change to no to disable s/key passwords
ChallengeResponseAuthentication no

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes
#KerberosGetAFSToken no

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCredentials yes

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes

#AllowAgentForwarding yes
#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PermitTTY yes
PrintMotd no # pam does that
#PrintLastLog yes
#TCPKeepAlive yes
#UseLogin no
UsePrivilegeSeparation sandbox # Default for new installations.
#PermitUserEnvironment no
#Compression delayed
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /run/
#MaxStartups 10:30:100
#PermitTunnel no
#ChrootDirectory none
#VersionAddendum none

# no default banner path
Banner /etc/issue

# override default of no subsystems
Subsystem sftp /usr/lib/ssh/sftp-server

# Example of overriding settings on a per-user basis
#Match User anoncvs
# X11Forwarding no
# AllowTcpForwarding no
# PermitTTY no
# ForceCommand cvs server

And the client's ssh_config:
Code: [Select]
# $OpenBSD: ssh_config,v 1.27 2013/05/16 02:00:34 dtucker Exp $

# This is the ssh client system-wide configuration file.  See
# ssh_config(5) for more information.  This file provides defaults for
# users, and the values can be changed in per-user configuration files
# or on the command line.

# Configuration data is parsed as follows:
#  1. command line options
#  2. user-specific file
#  3. system-wide file
# Any configuration value is only changed the first time it is set.
# Thus, host-specific definitions should be at the beginning of the
# configuration file, and defaults at the end.

# Site-wide defaults for some commonly used options.  For a comprehensive
# list of available options, their meanings and defaults, please see the
# ssh_config(5) man page.

# Host *
User shell
#   ForwardAgent no
#   ForwardX11 no
#   RhostsRSAAuthentication no
   PubKeyAuthentication yes
   RSAAuthentication yes
#   PasswordAuthentication no
#   HostbasedAuthentication no
#   GSSAPIAuthentication no
#   GSSAPIDelegateCredentials no
#   BatchMode no
#   CheckHostIP yes
#   AddressFamily any
#   ConnectTimeout 0
#   StrictHostKeyChecking ask
#   IdentityFile ~/.ssh/identity
   IdentityFile ~/.ssh/id_rsa
#   IdentityFile ~/.ssh/id_dsa
#   Port 22
#   Protocol 2,1
#   Cipher 3des
#   Ciphers aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc
#   MACs hmac-md5,hmac-sha1,,hmac-ripemd160
#   EscapeChar ~
#   Tunnel no
#   TunnelDevice any:any
#   PermitLocalCommand no
#   VisualHostKey no
#   ProxyCommand ssh -q -W %h:%p
#   RekeyLimit 1G 1h

Now, I've copied the client's public key to the authorized_keys file on the server using ssh-copy-id. I've also tried using scp. Makes no difference. I have both the pub and private key on the client stored in the ssh user's(shell) .ssh directory. I've tried changing the permissions of the server's authorized_keys file to everything from 644 up to 777. Makes no difference. I've also tried explicitly defining the path to the client's private key when I connect using:
Code: [Select]
ssh -i /home/shell/.ssh/id_rsa -p 12222 shell@ipaddress
Still, I get the same error. Here's some more details:

ssh -v -p 12222 shell@ipaddress
Code: [Select]
OpenSSH_6.3, OpenSSL 1.0.1g 7 Apr 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to [] port 13409.
debug1: Connection established.
debug1: identity file /home/shell/.ssh/id_rsa type 1
debug1: identity file /home/shell/.ssh/id_rsa-cert type -1
debug1: identity file /home/shell/.ssh/id_rsa type 1
debug1: identity file /home/shell/.ssh/id_rsa-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_6.3
debug1: Remote protocol version 2.0, remote software version OpenSSH_6.6.1
debug1: match: OpenSSH_6.6.1 pat OpenSSH*
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: server->client aes128-ctr none
debug1: kex: client->server aes128-ctr none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ECDSA 75:5e:41:a6:fa:f5:ac:8f:ab:23:ea:aa:ca:71:4a:65
debug1: Host '[]:13409' is known and matches the ECDSA host key.
debug1: Found key in /home/shell/.ssh/known_hosts:1
debug1: ssh_ecdsa_verify: signature correct
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_ACCEPT received
                 \\\-_..-,  \\\\\'
                  \\`-|_"    \\\\'                   
                   \\\ ,    ///|\\                   
                   _||\  _.'//////                   
                .-'///'"" |//////__                 
               /  //'.`--..////'.' ".               
     .-=-.    /_...--._""--//""._    .               
    +     \   J  ;.    "-..---..  J   \             
   /       \  |  lo)    . .     ".F    \             
  /         \ F  `.    .   .    (o:_.-=='           
 /           \F  J;"--"    :.    .'  |             
f        ;    \ J|:::  .:; ::;--"|   |         
        /      \FF::  ::::. ::;/ |   |         
      ,J.       Y:'  :::::'   /  |   |         
     /  F        .   ''_    ./   |.-""-.....---"""-.
   ,'   J.        .        .:    /,;:\\\:.          Y
  /      Into       .       ;_..-(/ |:\\\\"'         J
 /       J         .  ..  ;'       `' `'`'  .'      '
/        :/)      .: .%' The              _/       /
         `:_--,   ' ,.";'             _.='/       / 
          `:_"_'-, ///Tunnel     _..-""  /       /   
         .-'`---''-""-.___..---"""      J       /   
      .-'              ,',' |           F      /     
      ;---------------','   |          j'     /     
      |---------------|    ,'          F     /       
      |               |  ,'           j'    /       
      |_______________|,'             F____/           

debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /home/shell/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: Offering RSA public key: /home/shell/.ssh/id_rsa
debug1: Authentications that can continue: publickey
debug1: No more authentication methods to try.
Permission denied (publickey).
As you can see, that sexy lady is my banner. Try not to beat it too hard. I honestly don't see what went wrong based on the verbosity. Oh, and one more thing. I generated the key pair like so:
Code: [Select]
ssh-keygen -t rsa -b 4096 -C "$(whoami)@$(hostname)-$(date -I)"

I generated it using the ssh user. That's about all of the information I can muster. Hopefully I'm just being stupid.

EDIT: I also just tried clearing the authorized_keys file and starting over with a new public key. This time, I used ecdsa and didn't specify any size. Once again copied to the authorized_keys file on the server and double checked. Still getting the same exact problem. I also removed all lines specifying a particular user in any of the configs. Yes, I restarted the server after making changes. No dice.

This is supposed to be easy. I've done this plenty of times in the past without any trouble.

General discussion / Unmotivated
« on: May 16, 2014, 09:01:58 pm »
I think it's been about two weeks now, maybe even more. I am so unmotivated to do anything. I've barely touched a computer at all the past couple weeks. Even thinking about coding or hacking anything at all sounds completely tedious and uninteresting, and I can't figure out how to pull myself out of it. As soon as I pick up a computer to try and read something or code something or anything like that I just feel bored and depressed.

This blows. I don't want to be bored by hacking, but I am.

General discussion / Security + Certified
« on: May 14, 2014, 10:41:53 pm »
I am the above statement now. Woohoo n' shit. It was 74 questions long and the first five were the hardest ones. Had me freaked out there for a minute. After that was a breeze. Got 850 out of a possible 900, and the passing score was 750. I think that's good but I guess I don't really know.

Anyway, now I'm the best hacker in the world because a piece of paper says so. Bow to me.

Found it on the Webs / Makes me rethink choosing security as a career
« on: April 29, 2014, 01:22:24 am »
Just as the title states. I've often pondered the idea that getting a career as a security professional would make me eventually hate hacking. What about you?

Operating System / Oh my fucking god this is stupid(TRK)
« on: April 26, 2014, 05:10:34 am »
Someone please just...... tell me how to fucking install it on USB. I'm sorry, I just can't get it to work. The fucking documentation on their website is fucking wrong and doesn't fucking work for me. They tell you to do:
Code: [Select]
mount -o loop trinityrescuekitisofilename.iso /mnt
And then they tell you to start copying shit. Well guess what, it fucking mounts read only so go fuck yourself TRK website. Has anyone done this the simple way with like dd or something. I tried that once but no dice.

I'm too tired for this right now it shouldn't be this annoying to install a fucking iso on a fucking usb fuck fuck.

General discussion / It has come!
« on: April 09, 2014, 09:42:21 am »
It, in this case, is a Lenovo T420s. It's sleeker then I imagined, and so far it seems oh so perfect. Well I'll just post teh specs:

model name      : Intel(R) Core(TM) i5-2520M CPU @ 2.50GHz
MemTotal:          8 gb
HardDrive:         300 gb
Wifi:             Intel Centrino Advanced-N 6205
Pretty much all chipsets: Intel

It only cost around $400, and on the website it said it only had 4gb of RAM. I was very pleasantly surprised to find that it has double that! This thing was $200 less then my Asus which many of you have been hearing so much about, and it has double the RAM and a faster processor. Not to mention the fact that it's a Lenovo, so it's solid. I think my favorite part about it is that the network chipsets are all Intel. No fucking Realtek or Broadcom. Honestly didn't think that was possible. I checked online before placing the order, it's been confirmed that this laptop is quite linux compatible as per this link:

Sure that's just Ubuntu but it is obviously linux compatible. One thing I did observe however, is that when I fire up a live Kali usb on it(Ihaven't installed a real *nix on it yet) it frequently disconnects from the internet and then reconnects within a few seconds. I am not entirely worried about it however. I've experienced problems like this before with NetworkManager as well as wicd. So I expect that when I install Linux on it and just use netctl or wpa_supplicant to connect that it'll do just fine. I hope so at least...

It came installed with Windows 7 professional, but I intend to wipe that completely in favor of linux. No dual-boot since I already have another laptop with a dual-boot. I'm thinking Slackware since I also already have an Arch box.

EDIT: Eh, unfortunately it seems that there has been a fair few who experience the same disconnect problem with the same wifi card. Bummer, however I'm still not all that worried. Seems just about everyone is running some Debian flavor, and almost all of these people are using Wicd or NetworkManager. I hate both these utilities and don't intend on using them. I'm hoping the issue won't be there when I install Slackware and use netctl. If it does persist, there's sure to be a patch out there I can use. I won't let a little wifi trouble get in the way. This laptop is too badass.

Hardware / Which motha fuckin laptop motha fucka?
« on: March 31, 2014, 01:48:03 am »
Which one should I get:


The bottom one(HP) has better specs then the top one(Lenovo) to a non-negligible degree, but the only thing is that I hear really good things about Lenovo's hardware, and I'm so fucking sick to death of hardware issues that it would be worth it, even if the HP's CPU is faster and the hard drive is bigger. I don't know about HP really, but at least it's not a Dell right?

I don't know why websites never include the NIC chipset in the specs. I would REALLY like to know that info before buying a laptop. Seems everything in the world runs fucking Broadcom.

EDIT: Just realized every single review on the Lenovo said that the battery that came with it was either wrong, or non-existent. Fuck that noise. I don't know what the fuck they are doing over there at Newegg but they need to get their shit together. Every time I've ever ordered anything from Newegg, the order always get's sent back at least once before I get it. Sometimes twice due to stupid phone number issues. Like that matters so damn much. Plus I've heard lot's of stories pertaining to Newegg's inability to send the correct equipment, or parts of the whole package are missing.

I mean seriously, everyone else can do it just fine Newegg, what the fuck are you doing. Shit, maybe I should scrap both these and go to tigerdirect or something.

General discussion / I can haz job?
« on: March 28, 2014, 10:30:50 pm »
Many of you here have jobs working as sys admins, network admins, security analysts/researchers, etc. I am completely eluded by the process which one must go through in order to get a job in this field. Obviously I don't just walk in and grab a little application like at Burger King :P.

Of course I'm sure most of you are going to tell me that you got lucky and stumbled upon some random dude at a strip club who you then somehow started a conversation about hacking with, and he found out that you can "pwn shit real hard!" so he gave you a job.

But for those of us who aren't super lucky, I want to know how you get a job in the network/security field..... with a high emphasis on security.

Hardware / I can't do it anymore
« on: March 26, 2014, 02:31:58 am »
Ok. So as some of you know I've gone through three broken screens on this fucking Asus shit in under four years. The first time was dead pixels and it happened only a month or so after I bought the laptop. The second time was a year after I replaced the first laptop under warranty because of the broken screen. It was again, dead pixels, so I bought a new screen and replaced it myself. Then, only four months later(a few days ago) the screen started acting weird. It was flasshing black and sometimes would just stay black and I could see anything on the screen. Eventually it just comes back on it's own or I mashed the keyboard out of desperation. Eventually it went black and never came back on. So, I just got my third new screen yesterday after the second one lasted only four months. I replaced it yesterday.

Today, it started flashing again, just like the other one. I've had it for ONE FUCKING DAY and it's already going to shit. I'm sure it's only a matter of a few days before this screen breaks in the same fashion as the other one. What a waste of $55. I'm extremely sad and angry.

I don't get it. What the fuck is the problem? I doubt it has to do with my video card because I was able to plug it in to an external monitor(hdmi) just fine after the previous screen went black. Am I really just that unlucky and I bought 3 fucking duds? I've checked the connection to the screen and to the motherboard. They are both solid. I'm also pretty sure that I got the right screen. I mean, how hard could it fucking be? There's only a few criteria:

Does it fit?
Absolutely. Otherwise I wouldn't of even gotten it in in the first place.

Is 1366768, and I bought a WXGA 1366768 screen..

Duh. It has a 40 pin connector, and if I had bought the wrong one I'm sure it wouldn't have fit at all.

So what the fuck is going on. The laptop is all I have and I take good care of it. I've only had it a little under four years. So it's not like it's and old piece of shit or something. It's an Asus K53e. If I'm not buying the wrong screen, then what the fuck is the issue here? I'm getting sick to death of fucking screen issues.

Hardware / Other Reasons for Broken Lenovo Fan
« on: March 18, 2014, 01:22:26 am »
So I bought a fan for my old ass Lenovo IBM Thinkpad because the old one wasn't spinning which is obviously bad. I opened it up originally and found that when I turn it on, the fan spins for a few seconds and then slows to a halt.

Got my new fan in today, it fits perfectly. So I plug it in and start up the laptop. Sure enough, it did the same thing :(

First of all, I want to cry myself to sleep. Money is very difficult for me to come by, so it's wonderful news that I just wasted some. Second, does anyone know what the problem WOULD BE then? I didn't just buy a new fan, it came with the heatsink and everything. So unless I am literally the most unlucky mother fucker in the world(starting to seem highly possible), then why would the fan not spin, if it didn't have anything to do with the fan or heatsink?

Scripting Languages / Fucking Stupid Coding PDF's
« on: March 09, 2014, 03:31:57 am »
Let me start by saying I hate nothing more in the world then trying to learn a coding language by reading a PDF. It's slow and inefficient and I don't fucking learn anything. All they ever do is just show you a thousand examples for you to copy and see the result, which, they show you in the book. It sucks. I hate it. Goddamnit.

But, you need to learn the very basics somehow and I don't really see another way. People say that you should just start a tiny project and that's the best way to learn. Well, that doesn't exactly work if you know absolutely nothing about the language constructs and data types and whatnot. So, seems you have to learn it from a fucking book. The other thing I hate, is that there seems to be no such fucking thing as a coding book that actually teaches you the up to date language. It's always a book written in the early 2000's which is 10 versions old. Normally it's not a huge problem, but I think I might be having that problem right now. Here's an example. I'm reading the "Learning Ruby" pdf to get the very basic basics down before I start just trying to code something. Now, this little snippet:

Code: [Select]

lang = :fr

dog = case lang
  when :en: "dog"
  when :es: "perro"
  when :fr: "chien"
  else      "dog"

Is taken from the book. I tried making it my own at first but got unexpected errors, so I just copy pasted directly as a test and sure enough, it still didn't work. I get this error:

Code: [Select]
case.rb:6: syntax error, unexpected ':', expecting keyword_then or ',' or ';' or '\n'
  when :en: "dog"
case.rb:7: syntax error, unexpected keyword_when, expecting end-of-input
  when :es: "perro"
Ruby 2.1 doesn't seem to like :'s. I've gotten the same error when trying to do this:

Code: [Select]

if lang == :en: puts 'dog'
    elsif lang == :es: print 'perro'
So how the fuck am I supposed to learn a language, from a pdf, which is incorrect? It's such a fucking unfun and poor/slow learning process. Makes me hate coding.

EDIT: Oh, and as a side note, it really fucking sucks that the vast majority of resources out there for Ruby are strictly Ruby on Rails. That's it. That's the only fucking reason anyone wants to learn Ruby ever. Ruby on Rails. I wanted to learn Ruby because I wanted a fairly simple general purpose scripting language that wasn't Python. I generally dislike web dev. I just want to learn fucking Ruby.

Hacking and Security / DNS Amplification Maybe?
« on: February 25, 2014, 05:20:14 am »
Ok, so some of you have heard about my recent experience with a Nigerian 419er and how he's been unsuccessfully DDoSing me for literally days(I turned off my firewall for a second to see that he's surely still goin at it).

Then today suddenly my internet went out again. I noticed in wireshark that I was receiving absolutely nothing but outbound DNS requests to two different IP's, but many different name servers. After some basic network troubleshooting and about 1000 more DNS requests, all outbound, I started thinking that this was a DNS amplification attack. Seems there isn't much one can do about such attacks. At least, according to le interweb. I tried a couple different iptables rules to no avail. I don't understand DNS amplification as well as I should, but I guess iptables doesn't do much against this.

Anyway, after some time of almost calling it quits because I was tired and feeling stupid, I went it to my router to poke around. I noticed that in the settings I had it set to a static DNS address. All I did was switch that to get dynamically from ISP, as well as my IP address, and suddenly everything went back to normal. Does this make sense?

Hacking and Security / Free training. Does it exist?
« on: February 11, 2014, 03:16:05 am »
In light of the fact that I'm going to be building a little home lab for pentesting, I have decided I need some resources for a little guidance. Simply put, I have two requests.

The first request; Does anyone know of/have any books related to penetration testing/exploiting networks in particular that would be a good read to go along with a lab? I'm really not looking for a book that contains nothing but using various metasploit modules against a network. I'm looking for a book that is a high/professional quality resource on pentesting a network. I've searched, but all books I find pretty much involve installing Metasploitable in a VM and using metasploit(go figure).

The second request; Are there any good hands on courses that are free involving the same topic? Does that even exist? Places like edX and Coursera don't seem to have much in that regard. Something kind of like:, but instead of web pentesting it involves network pentesting. Thank you.

Hardware / IT HAS COME!
« on: February 05, 2014, 10:31:32 pm »
My computer crap! My mother's husband has some old shit that I asked for, so he sent me a big package. In it were some old cables that don't really apply anymore so.. meh, some cat 5 cables, not bad, about 4 different mice, two of which are old as fuck and the other two are nice wireless ones, but don't have the adapters so, useless. There was also a USB hub with four USB slots, awesome. Finally there was not one old Lenovo like I expected, but two! The other laptop is a compaq presario. Some details:

The first one is a Lenovo IBM thinkpad. The Lenovo has Win XP on it but I wasn't gonna keep windows on that bitch anyway so, no matter. It doesn't get past the Windows logo screen, it just hangs there for ever. However, I popped in a live Arch CD and it booted right in. AWESOME!! It works quite speedily with linux in it. Haven't actually installed Arch yet, I'm thinking about installing BSD on it instead and turning it into a router/server.

I was quite surprised about this computer. It makes not a sound whatsoever when it's running. Not only that, but I discovered that it has a whopping 2gb of RAM! Which to me seems like a lot for it's relatively old age. The only downside I'm seeing right now is that it has a Broadcom ethernet controller :/. That, and I think it has a bad CPU fan, considering that about 5 minutes after starting it up with the LiveCD the bottom of it got incredibly hot.

The other one is a quite different story. While the first one doesn't make a sound, this one sounds like an airplane taking off when it starts up. It's also running Win 98 :D. It takes about 5 minutes to get to the login screen, and I don't know the password so I haven't gotten past that as of right now. Haven't paid as much attention to that one, but there is one last detail. It has a floppy drive lol.

So, I'm not really sure what to do about the old Win 98 PC yet. The Lenovo looks promising and useful, except for the part about the probable fucked CPU fan. Have any of you ever replaced a CPU fan before? The most I've done as far as laptop repairs is fixing my laptop screen, and I imagine replacing a CPU fan would be harder.

Pages: 1 [2] 3 4 ... 10

Intern0t SoldierX SecurityOverride programisiai
Want to be here? Contact Ande, Factionwars or Kulverstukas on the forum or at IRC.