7MS #593: Hacking Billy Madison - Part 3
7 Minute Security15 Okt 2023

7MS #593: Hacking Billy Madison - Part 3

Hey friends, today my Paul and I kept trying to hack the VulnHub machine based on the movie Billy Madison (see part 1 and 2). In our journey we learned some good stuff:

  • Port knocking is awesome using utilities like knock:
/opt/knock/knock 10.0.7.124 1466 67 1469 1514 1981 1986
  • Sending emails via command line is made (fairly) easy with swaks:
swaks --to eric@madisonhotels.com --from vvaughn@polyfector.edu --server 192.168.110.105:2525 --body "My kid will be a soccer player" --header "Subject: My kid will be a soccer player"

You could also use telnet and do this command by command - see this article from Black Hills Information Security for more info.

  • Hyda works good for spraying FTP creds:
hydra -l user -P passlist.txt ftp://192.168.0.1
  • Check out my quick cheat sheet about bettercap (see episode #522) for some syntax on extracting WPA handshake data from cap files:
# ...it looks like the new standard hash type might be m22000 per this article (https://hashcat.net/forum/thread-10253.html). In that case, here's what I did on the pcap itself to get it ready for hashcat: sudo /usr/bin/hcxpcapngtool -o readytocrack.hc22000 wifi-handshakes.pcap # Then crack with hashcat! sudo /path/to/hashcat -m22000 readytocrack.hc2000 wordlist.txt

Avsnitt(682)

7MS #18: Wireless Security 101 (audio)

7MS #18: Wireless Security 101 (audio)

In this episode I talk about some wireless security basics that we’re not seeing when out on assessments. Download: 7MS #18: Wireless Security 101 (audio) Show notes: WEP encryption is very, very bad. It’s easy to crack. Don’t use it. Wifite will demonstrate how easy it is to crack WEP. Stronger encryption such as WPA/WPA2…

22 Juni 20147min

7MS #17: How to Pass the Certified Ethical Hacker Exam (audio)

7MS #17: How to Pass the Certified Ethical Hacker Exam (audio)

In this episode I share my experience with EC-Council’s Certified Ethical Hacker training and exam. Download: 7MS #17: How to Pass the Certified Ethical Hacker Exam (audio) Show notes: Here’s info on the CEH training and test outline. I took my CEH training through UFairfax with instructor Leo Dregier. See this post I wrote that…

14 Juni 20147min

7MS #16: PwnPad Initial Impressions – part 2! (audio)

7MS #16: PwnPad Initial Impressions – part 2! (audio)

In this episode I talk about my first-hand experience using the PwnPad for wireless pentesting. Download: 7MS #16: PwnPad Initial Impressions – Part 2 Show notes: In a nutshell: PwnPad is a great tool to simplify/automate some wireless recon and/or hacking! PwnieExpress has a great write-up on mapping APs w/GPS coordinates using Google Earth here:…

31 Maj 20147min

7MS #15: PwnPad Initial Impressions (audio)

7MS #15: PwnPad Initial Impressions (audio)

In this episode I talk about my initial impressions of using the PwnPad for wireless pentesting. Download: 7MS #15: PwnPad Initial Impressions Show notes: Carrying around a Nexus 7 instead of a bulky laptop to do wireless pentesting sure is nice! PwnPad scripts/automates much of the “busy work” to capture WPA handshakes.

24 Maj 20146min

7MS #14: H8 4 Win8 (audio)

7MS #14: H8 4 Win8 (audio)

In this episode I talk about two (sort of) security related tips that I’ve learned by using Windows 8 wrong. Download: 7MS #14: H8 4 Win8 (audio) Show notes: Windows Defender doesn’t seem to auto-update on Win 8 unless you have updates set to auto download/install. I found a nifty script you can add as…

10 Maj 20146min

7MS #13: How to Get Pwned by HP (audio)

7MS #13: How to Get Pwned by HP (audio)

In this episode I talk about how I had to sent my HP laptop in for repair and, to my surprise, it (allegedly) came back with a bonus: malware! Download: 7MS #13: How to Get Pwned by HP (audio) Show notes: My takeaways/recommendations from this experience: See a pic of my FortiClient picking up on…

3 Maj 20147min

7MS #12: Why My Domains Have Gan to Gandi (audio)

7MS #12: Why My Domains Have Gan to Gandi (audio)

In this episode I talk about an account takeover article that freaked me out, and why it changed a few things about how I handle my important online accounts. Download: 7MS #12: Why My Domains Have Gan to Gandi (audio) Show notes: This episode is all about this article (https://medium.com/cyber-security/24eb09e026dd) in which a Twitter user…

28 Apr 20147min

7MS #11: Overtraining your iPhone Touch ID (video)

7MS #11: Overtraining your iPhone Touch ID (video)

In this episode I totally throw my subscribers for a loop and do a VIDEO podcast about overtraining your Touch ID on your iPhone. Download: 7MS #11: Overtraining your iPhone Touch ID (video) Show notes: I first read about this from Steve Gibson of GRC at https://www.grc.com/sn/sn-440.htm. But I was listening to the audio-only version…

12 Apr 20143min

Populärt inom Politik & nyheter

p3-krim
flashback-forever
svd-dokumentara-berattelser-2
rss-viva-fotboll
olyckan-inifran
rss-vad-fan-hande
svenska-fall
aftonbladet-daily
rss-sanning-konsekvens
fordomspodden
motiv
krimmagasinet
blenda-2
rss-krimstad
dagens-eko
rss-frandfors-horna
spar
rss-expressen-dok
spotlight
svd-nyhetsartiklar