/hackg/ - Hacking General

Worst case scenario you put aircrack on it and start sending deauthentification packets left right and center for shits and giggles.

There's an apartment complex down the road filled with off campus college students. Half of the routers are either not pass protected or WEP. Managed to disconnect some kid from xbox live with the phone so far. Could see the xbox and tv through the window.

The place I currently stay at has around 25 fucking people using the same network. The internet is shit. Lucky me the neighbours have a WEP encrypted Wi-Fi. Took around 10 min to get the pass. Feels good... Every now and then I capture some packets for shits and giggles, filter for HTTP, maybe look for POST requests. Good way to kill some time in the evenings.

Ever find anything interesting like porn or sketchy stuff?

Sadly, it's mostly boring shit. News articles, random shopping websites, trivial stuff really. Although I kind of know the political and fashion prefferences of half the people around without talking to them once. So there's that. The funniest thing I managed to do some time ago is sniff the router username / pass. They were playing loud music late at night. So I deauthentificated the laptop running spotify (amongs other devices). For a minute or two it was quiet, that's about when I stoped sending the deauth packets and starting sniffing for the lols. And lo and behold, the guy logged into his router's admin panel to troubleshoot. The login was a http post. I facepalmed.
I didn't follow up on that. I still have the credentials but I haven't really fucked around yet.

But yeah, really dissapointed because of the lack of porn and sketchy stuff around. Boring people.

Although I've got myself 2 raspberry pis. Have Arch running on them, maybe I can get them to be 24/7 sniffers. While I'm at work or smth. So I can come home and just look at the goodies while having dinner.

I think this hacking/security general might be pretty cool. Much better than all the GPU bullshit plaguing Sup Forums.

What packet sniffer do you use?

Gore threads would be preferable to Sup Forumstard transplants.

The GPU threads are seriously getting out of hand.

How much time do you people put into learning crypto and related stuff? Do any of you make money out of it, bug bounties and stuff? How good are you at math?

Atm Wireshark, since I'm doing it rarely, and mostly for fun. Wireshark is easy as fuck to set up and runs nicely pretty much out of the box, perfect for something quick.
I'f I'll decide to automate it on the raspberry, then most likely something like tcpdump or whataever. Still need to look into what is out there. Would be pretty excited to trie some new tools out.

If*, try*
Ahh fuck it, why do I even bother.

somebody made a /gpug/ the other day but the Sup Forumstards refused to take their shit there

Don't you mean /gcg/ which is failing as a containment general and mods are actually deleting.

You should consider building your own using the scapy module for python or similiar. It takes longer but you learn more abourlt packet analysis in the process. Its a neat project if nothing else.

i got the zeus - translation if anyone's interested.

>zeus - translation
What?

I think he means he reverse engineered the zeus malware.

I got an A on my engineering differential calculus

Well in that case, user should dump it.

Zeus botnet translated. It's the 2009 version though. I know fuck all about programming. I asked some bloke on the dark net and he told me to start programming with APL, but I made the switch to linux and I can't load the right key board font even though terminal brings up apl fairly easily. Then some other bloke said to try A+ instead because it accepts the ASCII stuff and the European layout. But every A+ is about emacs and cancer. I kid you not, no A+ tutorials worth mentioning. They told me APL and A+ allows you to try cooler shit because you're allowed to do more stuff. Then they told me to move onto C but only after I got A+ or APL. I tell them that the zeus translation is in c++, c and php for the command and control bits, and that i'd need a copy of windows server 2010. Not server, the windows thing you use to write c++, the thing that has c#. I have mono of course but fuck if i know how to use it.

Wish I did, i'm a noob. Just got this from a Russian thingy some time ago, that's all. I'm an idiot trying to learn.

How much math is involved in cryptography?

Where do i dump it. It's a folder so how do i dump it?

you know you have to be 18 to be here right

picture of me war driving lads

don't worry I still use 7 proxies when I hax the gibson, it's the last line of defense

>tfw taking a computer security and network security class for my last semester of CS major at uni.
What am I in for?

This would make a good new pasta

github.com/Visgean/Zeus

listen you, if you can think of any good places to dump it let me know, i have to go for a bit, say an hour or so and i'll be back, kay/

yeah i know right. think of a good place to drop the file and i'll drop it soon as i get back, give me an hour, tops.

I doubt people here actually operate botnets. They wouldnt be wasting their time on Sup Forums

Memorizing security protocols

>github.com/Visgean/Zeus

so if i were to write code and compile it, would it say bin and configs and geobase and stuff? i know geobase is for the virus to find out where in the world it is, but if i were to compile raw code that's raw syntax would i get different folders like that, and how does one compile that stuff and where to i go for the code that made those folders?

i thought i had to go out apparently i don't have to anymore.

I remember reading that the Russians could tailor make a botnet for you or modify one for you and charge you around 485 bucks and charge you 82 a month. You'll have to pay in bitcoins of course. If your copy of windows dies, that is if you get any update or anything that changes it, you can kiss your bot and your money good bye. the bot self deletes and they cancel your account, you'll have to open another.

Damn. How do you connect securely to botnet anyway? You can't just use paid VPNs (you can get banned) or proxies (easy to trace)

The botnet has control servers, you can easily connect to those

I inject chaos into my veins!

...

cool, what compound is that?

Death

oh

Why did I find this hilarious?

Hail

how do i hack the gibson?

waht is taht blu stuf

Hi, Ev.

So these threads are going to be mainly about SQLi and "how do I Crack my neighbors wifi, he's using WPA"

>how do I Crack my neighbors wifi, he's using WPA
How do I do this?

Buy a raspberry pi

and what then?

Then kill yourself, and leave it to someone who's not a helpless piece of shit that can't into Google.

>helpless
I did this all on my own

▶
▶
▶

am I worthy enough now?

Tzeentch is best chaos god. He would be very pleased with this general, causing change and making schemes.

c# is to programming what iphones are to smartphones.

I knew some fat faggot from irc that had a 9k deep botnet. He would cycle them in and out of irc channels to crash their server.

Gotta start somewhere my nigger.

Here's something that doesn't get asked often from what i've seen:

MAC address 'leakage', if that's the term for it.

sudo macchanger wlanx -r yadda yadda, but since the address always reverts back to the default after the device fails to connect to an AP, does the same happen in monitor mode when jizzing packets all over the place during scans and replay?

Is there any way to test this and more importantly is there a more permanent solution to MAC spoofing?

I doxxed whitehouse.org location. What next? Where are google servers located?

Not necessarily. Don't argue that dotnet isn't comfy as fuck. C# is a really fun language to program in as well. Drop the hipster bullshit for a second and just enjoy it

it's convenient, but doing web stuff really isn't my thing.

c++ can be frustrating as fuck sometimes but the effort is worth it.

>CTRL + F
>install gentoo
>0 out of 0

It's like none of you even want to be hackers

I haxed a ccTLD once... could have done so much, but in the end, I just let them be.
it was fun.
otoh, perhaps doing some retarded shit could have landed me a job...

but zeus is open source

>CTRL + F
>install Kali
>0 out of 0

It's like none of you even want to be hackers

Relevant for this thread
ghostbin.com/paste/zf6af/raw

>a really long list of programs
>in protest against systemd
>relevant to the hacking general
I don't get it. does this make sense at all?

If you can't program in APL, Coq, or FORTH, and don't understand Lambda Calculus, you're not a hacker. Period.

I know is big but browse a little, just the part of pentesting is good enough.

If all the tools and exploits are already written by someone else, by definition every pentester is a Script Kiddie right?

Not exactly, but I like were you are going.

What do you mean not exactly?

There is an original developer behind the tools.

Ah yes, now that I have my icons set I am ready to hack!

I might be wrong, but I think it'd be dangerous to be using an operating system with backdoors and traceability if you're trying to do something illegal like cracking. Becoming familiar with free software tools is a necessity if you not only want to become more proficient, but also avoid getting caught. See these:

But I don't know anything about any of this.

shit I got stuck on the ROT 13 Bandit level

recommend dark net forums.

i cant gete into hell forums

This is a joke right?
....
>not being able to rot13

I mean clearly I can just do it manually but I want to figure out the commands

I never said I was good @ komputor. Thanks to this game I learned about sort, base64, uniq and others so far

who here got a botnet? might try throw some php shells on some vunreable sites and build one up a bit

encrypt your traffic so attacker doesn't have a MAC, but that doesn't work for long.

If you are legit worried about it Radius server and rotate passwords.

the idea is that you have to be smart enough to evade IDS and recognize how the tool is crashing. Half the tools are shit (just because the landscape is all over the place and not because of the author) and need tweaks to get running. The other thing recognizing an error message may give you the hint for the next attack vector

nu

Learned about SQL injection recently.

Really fascinating subject, and probably the only form of hacking that a business user could pull off

Why would you want to? Hell is a honeypot, it got shut down and feds brought it back online so they can keep an eye on the skids.

IMO c# is java done right. JIT compilation > VM.

You'll make a great CISSP one day kid. baka

Probably not the best idea to disclose your identity like that, especially around here.

where should I start? footprinting?

>blackhats

stay in school, kids

Try spoofing it directly with ifconfig. I've encountered that same macchanger issue. With ifconfig it should stay changed.

That moment when you sniff your first http login request. Got super hyped, only to find out it's some fucking spanish football related thing (like fantasy league or whatever that's called).
comunio.es/
Username: mariusli
Password: 12345
What a fucking retarded password...
The website is useless though, no info of any way, not even an associated email...

Sorry the stupid question, but, how do I save this thread for future uses? (I'm quite new to boards)

>open all images on the thread
>right click on wherever the fuck u want but not images
>click save
there you go