Show Posts

1

Mobile Hacking / Re: Reinstall iPhone 4s OS?

« on: February 06, 2013, 04:28:51 am »

Put the device in DFU mode and then connect it to iTunes. iTunes will detect is as a device that needs to be restored and will restore you back to factory settings.

2

Hacking and Security / Re: Pen Test: Finding the db server

« on: October 01, 2012, 04:41:50 am »

hmm, okay. I didn't realize that login information would definitely be on the web server. I'll take a closer look. I saw a NoSQL db, but i don't think it was running. Hmm maybe I need to take another look at that. Thanks guys. I'll post here again if I have an update.

3

Hacking and Security / Pen Test: Finding the db server

« on: October 01, 2012, 04:02:29 am »

Hey guys,

So I've been working on this penetration test, and I'm pretty new at this. I currently have root access to the web server and am looking for the database where all the user's info would be stored. However, after searching for awhile, I can't seem to find any such database. I'm pretty sure that the database might be somewhere else on the internal network, but I'm not sure entirely how to find it.

If I run an

Code: [Select]

netstat -nap I can see some connections to what appear to be local ips but I'm not sure. Anyone done this before and have an idea where to look?

Thanks!

4

Mobile Hacking / Re: 5.0 Jailbreak Help

« on: August 11, 2012, 03:03:06 pm »

you most certainly can. redsn0w is my tool of choice as well. As far as I know, you can jailbreak every iOS device right now...except I'm not sure if you can do an untethered jailbreak of 5.1 yet. Might be able to.

5

Android / Re: Hacking with Android

« on: August 11, 2012, 02:36:38 pm »

Quote

Rooting is not really like jailbreaking... AFAIK jailbreaking an iCrap device allows you to install apps from non-itunes sites and whatnot. And rooting for android allows you have superuser permissions so you can use/access restricted resources and stuff.So no, both are very different.

Ehhh...I'd argue that since you could download ssh or a terminal app and gain root on an iOS device they are similar. Jailbreaking also let's you use System "permissions" (for lack of a better term) that Android let's you use out of the box.

6

Anonymity and Privacy / Re: using proxy with Netflix

« on: August 10, 2012, 02:23:43 pm »

I tried a VPN too, still didn't work =/

7

Anonymity and Privacy / using proxy with Netflix

« on: August 09, 2012, 01:19:45 am »

So I was in Canada the past few days and I went onto Netflix to find that they have the whole 1st season of Community on Netflix in Canada. So I just got back to the states, and I thought maybe I could try using a proxy to trick Netflix to thinking I was in Canada, and it sort of worked (the browse page shows Community and other options) but when I go to play a video it gives me an error. Trying to figure out how I can get around this. Anyone have any ideas? Such a great show!!

8

Hacking and Security / Re: Hacking Apache Tomcat question

« on: August 09, 2012, 01:05:22 am »

Thanks Ande, sorry I was away so I didn't respond.

With zero research, my understanding is Metasploitable is basically a virtual machine I think that is vulnerable to a bunch of exploits using Metasploit. It's basically for teaching the framework.

I see what you're saying about the admin not revealing the admin page. The exploit that I'm using does a simple dictionary attack on the login page. So I guess it could be blocked if I don't have access to that page. I tried a few other exploits, nothing seemed to get through though. Could be right, a fully patched system.

9

Hacking and Security / Hacking Apache Tomcat question

« on: August 03, 2012, 11:46:40 pm »

So I'll preface this stating that I'm quiet a n00b at this, so I apologize in advance for a potentially stupid question.

Anyway, I have an ip address and ran nmap and found that it is running Apache Tomcat/Coyote JSP Engine 1.1 on one of its ports. However, I'm under the impression that if i put the ip address and the port Tomcat is running in in my browser (i.e. x.x.x.x:x) I should see the Apache Tomcat page and configurations. At least this is what happens in tutorials of people using Metasploitable. However, I have found no such page and it just downloads some bin file to my computer (which is kinda sketchy to begin with, but I know the host isn't malicious). I've also had no luck exploiting apache tomcat with metasploit, so I'm under the impression that these two problems are related.

Could it have something to do with the fact that the server is under a firewall. The port is open, but I don't know if this could still affect this somehow.

Thanks!

10

General discussion / Re: Bureaucratic Bullshit = Lost lives

« on: July 05, 2012, 09:03:55 pm »

LOL "just try and call 9-1-1 or something..." I get liability and shit, but I can't believe they fired him over that.

11

Hardware / Re: Making a Computer Useless

« on: July 04, 2012, 01:43:52 am »

LOL, well if you're just trying to make the computer "unusable", rather than destroy it, you could overwrite the BIOS which would make the computer unusable. Hard drive should still be intact though, but the computer itself is pretty much toast.

12

Other / Re: Where to get IDA Pro or other Decompiler?

« on: July 03, 2012, 09:05:51 pm »

I'm in the same position haha
Thanks for the links guys.

Is IDA Pro really the best/only way to go? Is there any cheaper/free decompilers that are in the same ballpark?

13