Axino.net » security

hackthissite.org basic 7 :: calendar is it!

Arxleol — Wed, 01 Jul 2009 00:38:27 +0000

Here our dear administrator Sam started using linux and made small script to display calendars. Let’s try inserting something in the view box. If you enter some number you will get calendar for the year. If you leave field blank you will receive calendar for the following month. Now thing you should now about bash is that you can separate commands by semi-column after that you should use some command to list files in the directory which is ls. So you can now formulate your input as following:

;ls

Now you should have obtained something similar to the following output:

         July 2009
Mon Tue Wed Thu Fri Sat Sun
          1   2   3   4   5
  6   7   8   9  10  11  12
 13  14  15  16  17  18  19
 20  21  22  23  24  25  26
 27  28  29  30  31

.
..
level7.php
cal.pl

index.php
k1kh31b1n55h.php
perl5.8.9.core

You see here some files, and as in the introduction of mission file is obscurely named as k1kh31b1n55h.php and what should we do now is to copy this into URL and open to receive password. Your URL should be something like this: http://www.hackthissite.org/missions/basic/7/k1kh31b1n55h.php

After you open this URL you will receive password: 077a79c1
For further reading I suggest if you would like to learn more about bash commands go here.Similar Posts:

hackthissite.org basic 6 :: encryption system

Arxleol — Fri, 26 Jun 2009 18:38:59 +0000

In the following mission we will try to decrypt Sam’s password. We have obtained encrypted password and encrypter therefore therefore we ought to have all we need to decrypt the string obtained.

Mission begins with the following introduction:

An encryption system has been set up, which uses an unknown algorithm to change the text given. Requirements: Persistence, some general cryptography knowledge.

Here is string I got for mission:

8g6f;k>m

Now we have to figure out encryption algorithm. So let’s begin checking encryption. When I enter empty string I get “ so I decided to enter aaa and then I obtained abc. This got me on right track. So I tried to enter 111 and I obtained 123 this is enough to figure that algorithm works in following way using ASCII table to increase character for the position it is on.

Let me explain, if a is on second place we get b if a is on third position we get c and so on. The same is with numbers.

So let’s decrypt string above:

8f4c7f8f

I hope this helps.Similar Posts:

Kaminsky bug

Arxleol — Mon, 01 Jun 2009 19:57:06 +0000

If you haven’t heared about Kaminsky but yet here you go.

Here is nice explanation video. Also you can perform checks whether your servers or domains are in fact secure. As you can see this domain is not safe

But do some reading about it, it is interesting bug in the DNS system though known for some time it was not exploited or there was no one able to exploit it. However constant increase in CPU and bandwidth have made it possible.Similar Posts:

Keylogger in C# :: Hooking and unhooking keyboard hook

Arxleol — Thu, 07 May 2009 11:49:36 +0000

Now I take that you did in fact checked my introduction to this topic of keylogger. If you did then you may procede if you did not then I woudl suggest that you back there make some reading and understanding. Now I will discuss simple ways to connect to hook that is hooking and unhooking our keyboard hook.

So what’s this all about. I take that you have made aplication in C# already it should be windows form application preferablty since that way we will be on the same road during this learnign process.

If you have form you should place some button on the forum and double click it. This will open you function that will be called when your button is clicked. Now we need to add some chunk of code that will initiate and destroy hook when not needed.

First, of all to easy our procudere we will be using two buttons start and stop.

This is the code that start button should contain:

Hook.CreateHook(KeyReaderr);
 
button2.Enabled = true;
button1.Enabled = false;

You see we are calling function in the class hook created in the previous post. And as parameter we have to input name of method that will be used in the process of detecting pressed keys.

The last two lines of code are in fact just to disable and enable buttons so that when we have hook already initiated there may not be initiated another hook.

            Hook.DestroyHook();
            button2.Enabled = false;
            button1.Enabled = true;

Destroying hook is even easier now we just call method in Hook class, that will do job for us. And as said before now switch enabled buttons.

Now you should have working project that is form and two buttons that when pressed will hook and unhook us. However, before you procede you should have method for reading keys this will be discussed in the next post. But here is definition of that method:

public void KeyReaderr(IntPtr wParam, IntPtr lParam)

As you can notice it is delagating our keyhandler from the introduction.

Good luck Similar Posts:

Bypassing BIOS password

Arxleol — Sun, 03 May 2009 21:07:11 +0000

: Image via Wikipedia

If you don’t want to read me rumbling just click read more and continue from there.

Well, if you work with computers on daily basis you will find yourself often in trouble. And sooner or later you’ll find yourself in never-lands of Internet searching for some solution trick idea how to solve your simple problem. Now I work as sysadmin in small company and as things are usual I got computer to reinstall operating system there well to install XP but computer is well protected and so on and I don’t have BIOS password. I was

Almost pulling my hairs already and one friend that studies with me says just pull out battery and it should reset to default settings.

So in essence it is easy to enter BIOS even if its protected with password. You have to open your computer check on the motherboard and find small battery there pull this battery out and wait few minutes and it should then be at default settings. SO you will not require password anymore.
Now problem that might occur with this is that when you do this you effectively leave notice to someone else if s/he protected that computer. There is even bigger problem in case that your computer is under guarantee period in which you may not open your computer case since this will void guarantee.

Another problem that will arise if you have laptop since first of all it is hard to open laptop and when you do succeed in opening that small box. You might find out that battery is soldered onto the motherboard making this task even more difficult.

And the last problem that many of the newer motherboards do not have in fact BIOS password stored in manner that requires continues supply of power. So even if you manage to pull out battery password will stay in affect, but maybe then CMOS chip will return to its initial state and if you needed just to install windows it should work for you

Similar Posts: