I found this old General Radio 1001-A Signal Generator at the Mike and Key Swap, got it for $10 bucks. With the idea of making Max a radio to play with. It turned out perfect. I made all the knobs potentiometers so that it makes the needle swing all over. And the switch turns on the red light. I have future plans to add a simple audio tone generator and use the dial to adjust the tone. Additional add-on features are actually hooking the microphone into a FRS radio so he has a base station to call mommy from!
So I was stuck on an aircraft today and went to use the gogo service. The server forauth was failing http://airborne.gogoinflight.com/abp/ so that wasn't fun but didgive me a reason to see what I could do about it.
After some time messing around in the domain space I quickly noticed that a errorpage in https had a we are sorry icon from a cache provider which let me to test something
Https google ...
Works! I was able to google around read the news, ah-ha but not gmail.
On to another test ..Facebook. Interesting this time I get a advertisement kick upfrom google again and a catptcha. But then redirect to Facebook proper.
So what can you learn from this... No I didn't hack gogo I just used that for a googlehit. They are on purpose allowing access to these things as obvious with the advertisementredirect... Oh well it was a good use of an hour and for a second I felt like I hackedsomething cool.
Back to the apache dump page ...
I just spent the last 9 hours making this work, hope you like it
for the last week I have noticed that my Internet router was going nuts. I didn'treally care much about it as my www server is on a firewalled network separate fromthe rest of the crap; but today I finally was like OK enough of this. Went into theserver to see whats up.
I had over 600mb of ftp logs!
So just as a FYI, I dont name any account administrator the 1 million passwords thatyou tried there was a waste except if you want to fill my disk up with logs.
I am all for the fun of seeing how secure shit is, but my internet connection isn'tthe best and lately I have noticed that my netflix on-demand keeps showing poor connection,I dont know if you …hacker… are the cause of this but I like my moviesbetter then I like to see if Im smarter then you. So FTP is now dead to you. So aseverything is bigger in Texas I hope you can find another address to play with.
I just found a new tool on OWASP site webslayer,this tool is only w32 right now, which bites but the tool is AWESOME!
the payload generator is awesome, as well as the complex rules you can quickly defineto test a site. 31337
Im sure we all know of slurping by now but I just came across this site for windowscommand ninja skills. with that I took the time to update my slurp tool with somehacks I just didnt think about using. As well as some uses for NET that I didnt knowabout.
I have attached a copy of one of the slurp scripts I run, your milage will vary butyou should get a lots of Ideas from it if you know whats going down. (I also justfixed that my server wasnt serving up batch files)
Here is a fun thing I just ran into. Kiosk with usb port but a custom keyboard with no buttons to get into things (no start alt ctl del etc) and no explorer.exe shell so I cant "hack" this kiosk.. haha
why try the hard things to get into the device, BYOUSBK that is bring your own usbkeyboard, I like the roll up ones plug it in and have some fun haha.
here is a fun site that keeps a record of all the speedtraps, cameras, and red light cameras
you can export the data into a CVS file that you can then put into your various device(garmen, blackberry …) anything with a GPS ability. even the unidenscanners have a hack nifty…
So if you didnt know, over the holiday weekend I fell off a 15ft clif and messed up my foot real good. Well as I was sitting on the couch all weekend I wanted to make a script to convert robots.txt files that are on webservers inito a nice little clickable HTML map for reporting and pen-testing. A little bash hacking and I Have a nice little working script. so I present - I think the worlds first robots.txt to HTML page converter.
update: changed the raw code to a file as Im tired of google hits with linux commands