Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - noob

Pages: [1] 2 3 ... 11
1
Beginner's Corner / Re: How do i secure my VPS for maximum protection?
« on: January 16, 2016, 04:11:54 am »
Allow what you need block everything else:
-A INPUT -s 66.66.66/32 -j ACCEPT
-A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
-A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A INPUT -p udp -j DROP
-A INPUT -p tcp --syn -j DROP

2
Hacking and Security / Re: FAKE AP - trouble with dns
« on: December 08, 2014, 05:21:56 am »

You can try to add:
iptables -t nat -A PREROUTING -p udp --destination-port 53 -j REDIRECT --to-port 5353

and dont forget to run dns server on port 5353

3
Hacking and Security / Re: Access files from a lan server via internet
« on: October 12, 2014, 11:40:38 pm »
http://superuser.com/questions/544393/samba-access-shares-from-internet
http://superuser.com/questions/409222/use-windows-smb-to-share-folder-over-the-internet

4
Hacking and Security / Re: Fake up ipv6 AAAA records with dnschef in kali linux
« on: February 17, 2014, 12:59:10 am »
Quote from: proxx on February 16, 2014, 09:07:19 pm
That is just epic, you know what kid , get yourself a pc , some windows and forget about everything you think you know on the subject.
That or .. I dunno just ^
Can you make a tut on install kali ?

The author of the tool is was kind enough to tell me where is my proble.

Now im hijacking all requests,webmtm handle requests and sending to burpsuit witch run in
transparent mode handling HTTP and HTTPS,and there i do some injections attacks...

Installing Kali?
When you decide to do that just do  PXE boot i will be there for you 'kid'.

5
Operating System / Re: Kali Install Bug
« on: February 16, 2014, 04:33:17 am »
Check if  sha1sum of downloaded image matching to original.

6
Hacking and Security / Re: Free training. Does it exist?
« on: February 16, 2014, 01:20:35 am »
http://opensecuritytraining.info/Training.html

7
Hacking and Security / Fake up ipv6 AAAA records with dnschef in kali linux
« on: February 16, 2014, 01:13:18 am »
i have proble to fake up AAAA records with dnschef,

If i run:
#dnschef --fakeip 127.0.0.1 --fakeipv6 ::1 -q
 i got error: no such option --fakeipv6

I aslo tried --6 and --ipv6 flags
Still no succes.

Dnschef works fine when i fake up A records.

Im usinf Kali 1.0.6 x64.
Anyone messing around with dnschef and know how to do this?

8
Hacking and Security / Re: Free training. Does it exist?
« on: February 12, 2014, 12:45:04 am »
Quote from: vezzy on February 11, 2014, 08:36:45 pm
Several recommendations:

*Participate in wargames like SmashTheStack and CTFs like Stripe. Also try out Matasano's cryptographic challenges, they'll teach you a lot about complex cryptanalysis.

*A very good, and I cannot stress this enough, book on penetration testing and information security is The Art of Software Security Assessment: Identifying and Preventing Vulnerabilities. It's a long tome (around 1200 pages), but it's an excellent read. Highly recommended. I'm not sure if it's on EZ. If not, tell me and I'll gladly upload it.

*Download some VMs from VulnHub or the like.

*Try out some open-source vulnerable web applications like WebGoat and RailsGoat. OWASP has plenty, look them up.

*OpenSecurityTraining.info has some great courses.

Can you upload this book pls?

9
Found it on the Webs / Re: Shodan
« on: January 26, 2014, 07:24:15 pm »
Its a grate if you willing to pay for full service,but as free service its not so bright,you better scan by yourself.

10
Operating System / Re: Windows 7 Secure setup
« on: January 25, 2014, 02:47:00 am »
This guy put a nice effort to describe how to harden windows 7 machine:
Code: [Select]
http://hardenwindows7forsecurity.com/Harden%20Windows%207%20Home%20Premium%2064bit%20-%20Standalone.html

11
Hacking and Security / 23-year-old Stack overflow vulnerability discovered in X11 Server
« on: January 09, 2014, 06:30:30 pm »
http://lists.x.org/archives/xorg-announce/2014-January/002389.html

12
Hacking and Security / Re: failed to connect FAKEAP
« on: January 09, 2014, 03:38:38 pm »
I got sam problem long time ago,i was so frustraded becose i done it all right and still has same problem,sometimes its work sometimes did not.
So you must run backtrack from live CD or hard drive,this kind of attack cant always work in vmware,i see other people on internet confirming same problem! ;)

13
Hacking and Security / Re: Yagi antenna + session hijacking
« on: January 01, 2014, 11:18:55 pm »
You wana steal a cookie from more then 10 meteres,thats seems inposible!You better do it till they sleep from close distance.

14
Hacking and Security / Re: Post your Lab 2013
« on: December 18, 2013, 11:46:37 pm »
Dude you have 2 routers and 2 PCs, its not even close to REAL infrastructure,so YOU will not learn nothing diffrent from us who use vmware.
And you can only dream about REAL infrastructure in your home,so if you wana learn how REAL network work go for MCSE or RHCE certificate,find a job and stop this pointless arguing.

15
Hacking and Security / Re: Post your Lab 2013
« on: December 16, 2013, 01:28:45 pm »
 
Quote
I was just thinking that as far as practicality is concerned, if you are looking to gain valuable knowledge in hacking a real network, then you should have some practice hacking real network devices.

Alote of real networks use Hyper-V and Vmware,the future is cloud  computing.
You can also downoad firewall virtual apliance like Vyatta and Untagle.
So from hacking perspective there is no any adventage of real pentesting lab from virtual,only if
you planning to do debugging on thous devices.


Pages: [1] 2 3 ... 11