Is it OK to ask question related to pentesting here?
Daniel Richardson
yeah sure go ahead mate
Isaiah Taylor
I've been doing some pentesting to a network I'm in charge with. and I found something weird, While running pixiedust attack on pic related (TP-Link TL-WR841N), some times the pixiedust attack fails, while sometimes it works. The same goes for reaver which to my understanding is just brute-forcing the PIN. Any idea what causes it?
probably some kind of rate limiting would be my guess. as it probably guesses random pins there is some chance that it'd work before a lockout. pixie dust is a very fast attack so i doubt it's a timeout
Jeremiah Phillips
did you make sure the nib is clean and the inkwell is full?
those are the first 2 pentests you should run before seeing if your problem is intrinsic, i.e., you might be illiterate
Owen Gonzalez
>rate limiting As in WPS lockout? If that's the case, why would it work sometimes then? the same goes for pixiedust, it's not a fast attack, it's an offline attack there shouldn't be timeout, it either works or not.
Austin Allen
Any good NetFlix series about hackers/"trolls" and all that stuff?
apologies, i mistook reaver for pixie_wps i suppose due to the nature of the attack relying on weak PRNG there is invariably a chance that it'll fail on some occasions. if it works some percentage of the time i wouldn't worry about it though if you want to know more about how the tool works i'd suggest checking out the source code for yourself, which i'm sure will shine some light on the issue.
Joseph King
Done that didn't find anything. I don't suppose someone ran into similar issues?
Connor Flores
Assuming someone manged to get into my WiFi. What can he do other than leeching free Internet? Assuming piracy isn't a threat, and I'm not running a NAS or something like that?
WPS is still a thing? I thought people no longer use that?
Ryder Evans
Cyberpunk has nothing to do with cybersecurity.
Cameron Powell
Does that make sense? The intruder could, with shallow impunity, conduct malicious activity on the Internet through the WiFi network's ISP. I suppose the intruder could then offer that access to others by setting up a Tor network connection exiting through the WiFi network's Internet gateway. But that seems goofy. The WiFi intruder is local and is somewhat exposed.
Ian Peterson
Sure it does.
Ryan Johnson
If you have it blocking supplicants from communicating with eachother, it would essentially be like him ethernet connected to your router.
Michael Hill
Dear NSA,
Please stop installing "updates" on my laptop. In addition to trespassing, any CPU, memory, disk and network resources that are used by your software constitutes theft. Trespassing and theft is not cool. If you want to know more about me, arrange a contract or a research grant and I will send you regular reports on my activity and grant you limited use access to my data.
Thanks,
Have a great day and keep up the good work, fellas!
Leo Murphy
hacker LARP general?
Luke Foster
I just discovered a website to practice reverse engineering: crackmes.one There are many crackmes imported from crackmes.de but the users can add their own crackmes.
Nathan Wood
I would say Mr. Robot, but thats not on Netflix, but HBO. You can probably find it, anyway.
Leo Gutierrez
Why would someone take that risk? Most teens and retarded adults are very interested in group acceptance and status. The behavior here is a bit like a dog that kills a squirrel then brings it home and lays it at your feet. In this analogy the dog is the teen/retard and you are the peer group, the squirrel is access to the WiFi network.
Jack Wright
That's /hmg/
Jaxon Williams
is this a larp thread?
Connor Bailey
Is kali actually useful in 2018? and I'm not taking about using it as a daily driver. It seems like distro made for teenagers posing as pro-hackers. I mean whatever you can do on it you can do on debian. The only thing is that it aggregated most of the tools. Also most of the stuff don't work, because people patch things up, have common sense, and actually use SSL. The only use for it is a glorified way of getting your neighbor's wifi passsword.
It's debian with the tools already there. Still usefull, just not necessary.
Christian Scott
0 anonymity with kali
Brody Sanders
Very nice! I'll have a dig around in a bit
Aiden Ramirez
It really depends on what you're trying to use it for. In terms of a teaching/learning tool, it's great. You can ensure that all parties (in a classroom or following along solo to online teaching) are using the same tools with the same configurations.
In terms of actual use everyone is better off just installing the tools they need.
Colton Myers
He can use it as a low grade crypto miner. Sure it is slow but harness 10 million of them and we are talking.
Wyatt Bennett
explain yourself sir
Nicholas Wilson
Not him, but there's literally nothing to explain. The fact that you're asking him why a debian-based linux operating system that is nothing special other than it comes preinstalled with hacking tools doesn't hide your identity shows how much of a noob you are
Nathan Mitchell
>implying OS should take care of hidding your ID
justttttttttttt
Carson Nelson
I was saying how silly it is to question why kali doesn't hide you
Samuel Sanders
I was thinking about leaving kali and set up my own box on debian. Just a question Would I be able to use the kali repos? It would make getting all the tools faster
Jose Jackson
All kali tools are available on debian, at least to my knowledge.
Josiah Wright
Even better. Thanks!
Matthew Diaz
>debian Other than hipster memery, is there a reason to use debian over kali?
Elijah Hughes
I think kali have better WiFi drivers support, some of the non-free drivers for WiFi adapters are installed by defualt in kali, while debian you have to install it yourself.
What shit part of the world do you live in that it's night you faggot
Ryan Martin
brazil :(
Daniel Turner
parrot OS has better tool system but is ugly as sin. Check out Black Arch, all the tools and looks pretty neat. ArcheryOS is interesting but new and lacking in tool volume.
Landon Perez
>What's Europe
Gavin Myers
why should an os provide anonymity?
Robert Butler
I think they meant that you hide better in plain sight, whereas kali is a suspicious basement
Jonathan Miller
Security through obfuscation is a shit technique, and if you're doing cybersecurity work and legit pen testing what does it matter that people can see what os you're running?
Ryan Ortiz
what vpn do you guys use? my nord sub is ending and wondering if i should switch. I have good speeds with nord but would like a little more transparency from them. Im looking at mullvad and airvpn atm
My dudes I just finished reading Neromancer earlier this year should I read Count Zero or Burning Chrome next? Is the Sprawl Trilogy worth reading?
Bentley Sullivan
Read Warnings by Clarke and Eddy, then read The Difference Engine by Gibson.
Grayson Clark
How do I study for the gsec?
Lincoln Gutierrez
studying books on general infosec?
Wyatt Ortiz
Not him, but for me, I make sure to always put the cap on afrer using it. I find it to be a hassle when I go to write something down and realizing the tip is dry.
Connor Bennett
Hey Jow Forums, is this a good read? I've heard positive things about it, just want to hear from you guys!
>It seems like distro made for teenagers posing as pro-hackers. >I mean whatever you can do on it you can do on debian. >The only thing is that it aggregated most of the tools. it has always been like that, even when it was called backtrack. like, wtf are you even asking? if you don't think it's useful, then you clearly are not the target for it
>>It seems like distro made for teenagers posing as pro-hackers. now you are projecting
Julian Price
>Hey, employee user, we need you to reverse this bin >Sorry boss, I gotta set up my debian machine from scratch
Sebastian Scott
the kali/debian talk just confirmed this: you faggots are a bunch of LARPers who don't know shit about linux or pentesting, the most basic shit you should know if you are into/want to get into infosec now I'm just wondering if someone is trying to take advantage of a bunch of 15 y.o. wannabe hackers or not, and if so, why
Austin Howard
S E E T H I N G E E T H I N G
Adam Phillips
>I'm just wondering if someone is trying to take advantage of a bunch of 15 y.o. wannabe hackers or not, and if so, why
I'm wondering the same. I can't tell if all the disinformation in this thread is here because the people who post in these threads are ignorant larpers, or people intentionally being deceitful.
Cooper Reyes
There is nothing wrong with a security professional or hopeful professional using kali linux. There is nothing wrong with discussing the merits of one os over another. Calm down.
Hunter Ramirez
Learn how the WPS exploit actually works, you dumb kid. Pixie Dust has to do with the E-S1 and E-S2 nonce's entropy or randomization, sometimes they aren't random enough and sometimes they are, it's why it is an offline attack. It works or it doesn't, usually requires a few tries. Reaver or Bully in themselves just do a lazy bruteforce, which can be beaten by a timeout.
Seriously, if you have trouble with understanding this, then you already failed a major aspect of INFOsec: enumeration.
If your job doesn't revolve around the distributions purpose, then you do not need it at all. It's only useless to a layman, who has the time to rice Debian. It's great as a live environment and I've had to use it on the job a few times.
>Black Arch
Kali is already stuffed with outdated tools, Black Arch cranks it up even further. Don't use that garbage unless you want to LARP like nobody ever LARPed before.
>Security through obfuscation is a shit technique
Only if you're relying on it. It should be the cherry on top of your cake, not the entire cake itself.
That's because most people here are just stupid college kids. What did you expect, genius? Go to seclists if you're even slightly serious about any of this.
Grayson Allen
>Use Guix/NixOS >NSA can't understand how it works >None of their tools work on the different file hierarchy
Who knew it was so easy...
Mason Sullivan
kali = no anonymity + premium hacker software
just download parrotOS or build your own from scratch. Theres guides on how to do it if you look hard enough. dont even bother with arch unless you want to basically teach yourself how to become a L33T H4X0R
you're getting sloppy. you used to be first or second reply. pathetic.
Brody Sanders
He's not wrong though.
John Edwards
>That's because most people here are just stupid college kids. What did you expect, genius? Go to seclists if you're even slightly serious about any of this. >back to pleddit you know what? you are right, even the r/netsec subreddit alone is better than this fucking thread full of retards
t. 12 y.o.
Dylan Wright
partially. few cybersecurity concepts + aesthetic/art = cyberpunk
>The ZKZM-500 laser assault rifle is classified as being “non-lethal” but produces an energy beam that cannot be seen by the naked eye but can pass through windows and cause the “instant carbonisation” of human skin and tissues. Ten years ago its capabilities would have been the preserve of sci-fi films, but one laser weapons scientist said the new device is able to “burn through clothes in a split second … If the fabric is flammable, the whole person will be set on fire”.
>“The pain will be beyond endurance,” according to the researcher who had took part in the development and field testing of a prototype at the Xian Institute of Optics and Precision Mechanics at the Chinese Academy of Sciences in Shaanxi province. The 15mm calibre weapon weighs three kilos (6.6lb), about the same as an AK-47, and has a range of 800 metres, or half a mile, and could be mounted on cars, boats and planes.
>The prototype was built by ZKZM Laser, a technology company owned by the institute in Xian. A company representative confirmed that the firm is now seeking a partner that has a weapons production licence or a partner in the security or defence industry to start large-scale production at a cost of 100,000 yuan (US$15,000) a unit.
Zachary Richardson
it's futuristic and reaching in some things according to current physics and tech but if you cant see an overlap between them then i dont think you're good enough to have this argument
>As an attack is only possible by an authenticated attacker or by exploiting other vulnerabilities - such as CSRF issues or broken authentication - users are advised to use secure passwords and to mitigate against other vulnerabilities.
So dont use princess123 as your root password.
Jack Long
Here's a question I thought i'd just throw out there.
Any of you guys know any tutorials for sniffing Android Web Traffic? Trying to figure the API Url for this RESTful service and right now what i'm doing is running the APK on the Android SDK emulator and sniffing the traffic with Wireshark.
I figure that's probrably the way to do it but google isn't being helpful with information about doing this aside from people on stackoverflow going:
>Just use this random bullshit nobody's ever heard of.
Jaxon Hall
have you even tried using the random bullshit nobody's ever heard of?
Oliver Rodriguez
Yeah it's just variants of wireshark with some of them having built in filters for the TCP protocol.
The tool itself isn't actually that important my issue was that Stackoverflow just says "Use this tool" not "Use this tool in this specific way."
What i'm really asking here is if there is any material out there with a basic example that's made to be gotten so I can take what I learn from that and try to apply it to a more advanced but still very similar thing.
Jace Brown
Actually I think I just figured it out. It's what I get for not thinking through it more. What I needed to do was instead of running my APK and just looking through it with an emulator I actually needed to install a HTTPS proxy server with a phony certificate to intercept the encrypted TCP traffic.
The trouble i'm having now is that apps tend to only allow connections between trusted sources and it's detecting that my phony certificate isn't a legit one. So it auto fails before I even get past the login screen. So now what I need to do is figure out if I can either forge a valid certificate or trick the app into making connections between a trusted and untrusted party.
Yeah I was looking into different ways to trick android into thinking my cert was a legit one. I'll look into your suggestion. The only thing I could find was Adding a custom CA to the User Certificate Store and then somehow modifying the platformBuildVersionCode in the android Manifest.xml to a version of android that by default trusts user supplied CAs.
