#!/zitstif.no-ip.org/

Things I’ve taken note of over the past months:

1.) Finding ‘too much information’ (even when it’s public information) on a company can scare HR people, go figure.

2.) Linksys routers that are compatible with DD-WRT or the like, are great for being used as pivot points in networks. For example, if you’re able to to gain access to a router that is DD-WRT compatible and you can get SSH up and running on it, you’ve opened up a lot of opportunities.

One opportunity would include scanning the internet network using proxychains and nmap over an SSH tunnel. You could also use proxychains and nikto to scan web servers that are in the associated network with the DD-WRT compatible router.

You can also setup a private second WLAN network on the DD-WRT compatible router to have a sense of secure access to the network you’re penetrating. Using DD-WRT as a penetration tester, really opens up your possibilities.

3.) http://ipq.co rocks, ‘nough said. 🙂

4.) Being able to boot up a live Linux distro on a victim machine, use bhive, samdump2 (like this tutorial http://www.irongeek.com/i.php?page=security/localsamcrack2), to extract password hashes and then do ‘Pass the hash attacks’ via metasploit (like shown here: http://securitytube.net/Metasploit-Megaprimer-Part-16-(Pass-the-Hash-Attack)-video.aspx) is incredibly cool.

5.) The Nmap scripting engine rocks: http://securitytube.net/Mastering-the-Nmap-Scripting-Engine-(Blackhat-2010)-video.aspx

6.) Did you know you could install Nmap silently on a Windows machine? (Yes, it will also install winpcap.)
nmap-5.35DC1-setup.exe /S

7.) Other cool apps to install ‘silently’ using msiexec on Windows machines:  (msiexec /i appname.msi /q)
http://www.python.org/download/releases/2.5/
http://www.activestate.com/activeperl/downloads

8.) The concepts of SSH reverse connections and port forwarding make me elated: http://www.securitytube.net/Hacking-through-the-Windows-Firewall-using-Metasploit-video.aspx

More to come as usual…

If there are any of you out there on the internet who are regularly reading my website, you may have noticed I haven’t updated in a while and this has been due to the fact that I’ve been busy with work and other aspects of life.

I still have projects in mind that I’m working on that I’d like to post but I haven’t made the time for them.

Without further ado, here are some links to videos of this years premier Blackhat 2010 Las Vegas security conference:

http://www.securitytube.net/Wardriving-the-Smart-Grid-(Blackhat-2010)-video.aspx

http://www.securitytube.net/SCADA-and-ICS-for-Security-Experts-(Blackhat-2010)-video.aspx

http://www.securitytube.net/Offensive-Python-for-Web-Hackers-(Blackhat)-video.aspx

http://www.securitytube.net/Jackpotting-Automated-Teller-Machines-Redux-(Blackhat-2010)-video.aspx

http://media.blackhat.com/bh-us-10/video/Keynote2/BlackHat-USA-2010-Keynote-Hayden.m4v

After having some down time, which started on May 29th, I scrambled around to find a quick solution to the problem.

The problem came to light after noticing a few nights prior to May 29th, that my web server was not responding correctly and I could not log into it what so ever.

So, ergo I had to actually get on my server (physically) and noticed a bunch of read errors, and the first thought that came to mind was “Bad hard drive!”.

With that in mind, I backed up my server contents as needed and booted my server off of a usb drive which contained a live Linux distro and used:

python -m SimpleHTTPServer 80

to host a simple page displaying what had happened.

At a later time I then realized that I had a spare 10 GB hard drive in my basement and that is what the server is currently running on. Hopefully it lasts for quite some time…

My goal with my server is to: top out the specs for it (max out the memory, and hard drive capacity) and have some virtual hosts on it.

For those of you who are fans (I sincerely doubt there are any, but I can hope!), zitstif.no-ip.org is back up!