Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - Cypherwight

Pages: [1]
1
Tutorials / Re: Lock picking
« on: September 07, 2012, 05:34:16 pm »
Lol, yeah. Stupid question.  ;D I'll work on a set of guides and try to get some up soon. Have a busy weekend ahead of me but I will see if I can get some introductory guides up this week.

2
Tutorials / Re: Lock picking
« on: September 06, 2012, 08:28:37 pm »
Sorry if I'm necroing a bit but I have a few tips on this.

1) Be gentle on the tension wrench. It's easy to over torque especially when you are first getting started.

2) There is a difference between a rake and a pick. Using a rake is a good way to "prime" the pins, but in cheaper locks can pop it in less than ten seconds.

3) As Wolf stated, using an electric pick is way too loud to be practical. Unless the place you are trying to get into is VERY remote it is best to avoid using an electric pick.

4) Bump keys are a good way to jam a lock and doing this often leaves behind evidence (damaged pins) that prove the lock was brute forced. The idea is to get in and out without being noticed.

5) If you are getting past physical security of any kind or hacking a computer on-site it is best to have someone you can trust with your life watching out for you. It's easy to get ambushed by security while you are concentrating on a challenging task, having a wingman watching for you and communicating via encrypted shortwave radios nearly eliminates this risk. Word to the wise though, two is a party three is a crowd. The more people you have the more likely you are to get noticed. I never work on-site with more than two other people.

6) Lock up after yourself! On your way out lock everything back, picking works both ways and if the door is locked when they come back they likely won't notice that their computer has been compromised (if you covered your tracks).

7) Learn and understand military/law enforcement raiding tactics and adapt them to what you are doing. Preparation is everything, spend weeks preparing for a two hour on-site and you likely won't get caught. Rushing in blind will get you busted.

Any-who, just a few tips for on-site hacking; hope this helps someone. Probably best not to try it under real world conditions unless you really know what you are doing though.

Sources: Military training, security consultant work, common sense.

Addendum: If you guys are interested I could do a series of physical security penetration testing tutorials. It's an interesting subject for study and there are definitely parallels to computer security pentesting. Just a thought, let me know if there is an interest.

3
Operating System / Re: Partitioning trouble...
« on: September 06, 2012, 05:19:46 pm »
Running in a VMWare workstation is taxing, you can't get full functionality unless you REALLY work at it. Back when I first got into using Linux I tried the whole VMWare setup and after two months of struggling to get it to work right I just started over with a dualboot.

Now I have a dualboot on my netbook, a dedicated install on my laptop, and an install to a 16GB flash drive with persistence set up (for use on my tower or on-site work). Really the best thing you can do (if you can afford it) is to have a dedicated machine for Linux while you learn. That way you can look up fixes on your other computer if you get stuck. Since Linux can run on almost any system it shouldn't be too hard to find a really cheap laptop to put it on (I got mine for free, just had to replace the HD).

Use UNetbootin to install from an ISO to a USB drive, then you can install to any machine you want or just set up persistence (through the UNetbootin interface during setup) and use it on any machine without needing to ever have a permanent install. Hope you get it figured out. Let me know if you need any help.

4
Found it on the Webs / Re: Pirate Box (self-contained mobile communication and file sharing device)
« on: September 06, 2012, 05:01:18 pm »
I have a friend that has been looking for something like this for a long time. Thanks for the heads up, maybe now I can get him to stop screwing around with cheap fake "AES" text encryption programs and get serious about secure communications. I was getting tired of having to look up an obscure entry in a thousand page code book lol.

Pages: [1]