June 15th, 2009 -- Posted in Podcasts, e-life, technology |
Kon-Boot
Kon-Boot is an prototype piece of software which allows to change contents of a linux kernel (and now Windows kernel also!!!) on the fly (while booting). In the current compilation state it allows to log into a linux system as ‘root’ user without typing the correct password or to elevate privileges from current user to root. For Windows systems it allows to enter any password protected profile without any knowledge of the password. It was acctually started as silly project of mine, which was born from my never-ending memory problems 
Secondly it was mainly created for Ubuntu, later i have made few add-ons to cover some other linux distributions. Finally, please consider this is my first linux project so far Entire Kon-Boot was written in pure x86 assembly, using old grandpa-geezer TASM 4.0.
So basically, Kon-Boot enables you to log into any Windows or Linux password protected computer without knowing the password or anything about it.
The tech behind it? Kon-Boot basically latches onto parts of the memory and starts patching parts of the kernel (the Brain!), mainly the parts that have to do with the log-on auth and security. These patches let you logon without a password. Then, the bootkit does it so quickly that it leaves no footprints behind after you leave.
DUDE!
To do this:
Go to the website above and download Kon-Boot, open the zip file, and burn the .iso to a disc. I use ImgBurner because it is fast, easy, and FREE.
Shut down the computer you intend to get on to. When booting up, if it isn’t already set to boot from CD (or flashdrive, or whatever Kon-Boot is on), go into the BIOS and set it. You should see the Kon-Boot splash screen for a few seconds, then the username/password screen will appear with the main username already set if they have it saved. If not you need to know the username ahead of time. Press enter or type in some random characters (it doesn’t really matter) and press enter. You’re in!
Now party, snoop around, and get that file you wanted. Get your flashdrive or CD out, then shut the computer back off like usual.
Protecting yourself:
Password protect your BIOS!
True Crypt your entire harddrive!
May 8th, 2009 -- Posted in Podcasts, e-life, technology |
Want to bypass those nasty restrictions imposed by your corporate or university firewalls? Darren has just the trick with Internet Redirection. Ever wanted to hide secret data inside a photo? Shannon’s show us a neat steganography app. Plus Matt answers your virtualization questions!
continue reading »
April 30th, 2009 -- Posted in Podcasts, e-life, technology |
Darren shows off some nifty tricks for Netcat and a targeted brute force attack dictionary generator. Matt continues his series on Virtualization with redundancy and Shannon pimps the blog with her Wordpress plugin picks. Plus the results of our Monkey Contest, the Code Challenge and this weeks easter egg hunt 
continue reading »
March 28th, 2009 -- Posted in Podcasts, technology |
In this episode Shannon hacks the Wii and shares her favorite homebrew with us. Matt connects 3CX to the PSTN and Darren sets up a network monkey client in Linux.
continue reading »
March 11th, 2009 -- Posted in Podcasts |
Enjoy!
continue reading »
December 11th, 2008 -- Posted in Podcasts, technology |
Download it here!
Shannon takes the spotlight and opens the show. Darren threatens to vote her off the hakhouse. We postponed the open sourcing of the missile launcher due to finals. Thanks Jason Appelbaum. Our friend Mubix has a great article on Multi-Boot Security Live CDs that makes last weeks pick, UNetbootin even more amazing.
Our next LAN Party will be Half-Life 2 Deathmatch on Saturday, December 13 at game.hak5.org. Prepare to get smack in the face with a flying toilet! Check out all the details at our brand spankin’ new Hak5 LAN Site (with leetness by Squarespace)
Public Key Encryption
In this segment we show you how to setup public key authentication between a windows and a linux host. There are many different software packages through which to accomplish this but we used openssh and putty.
Requirements:
Linux machine or VM running OpenSSH (most distros have it in their repository, or you can find it here: http://www.openssh.com/portable.html
Windows machine with putty software (download the whole package) http://www.openssh.com/portable.html
Installing openssh on linux is relatively straightforward. Refer to their site for details. Once that’s setup, we generated a key using the command “ssh-keygen” and specified the filenames. You can customize the keys you generate as you wish, but we went with the defaults. After entering a passphrase twice, you’ll have a public and private key file, with the public having the extension .pub. The private key file stays on the server but we copy the public key over to our windows machine and convert it into putty format using Putty Generator. After you have the key, you can either pass it with scp using scp -i (pscp in our example since we’re using putty’s scp executable), or you can use the putty ssh client in order to pass the key instead of just a password to authenticate to the server. This makes an easy two-factor authentication mechanism.
–Chris
Driver Backup
After installing a fresh copy of your Windows OS of choice, the biggest headache for most of us is the arduous task of trying to locate drivers for all of our different components. So this post is all about making your reinstall a little less troublesome.
HereĂs a list of some of the better driver backup utilities!
DriverBackup2 is a lightweight driver-backup tool. The application is portable with a caveat: youĂll need administrative privileges for full use. You can opt to backup one or all of your drivers, the backed up files are dumped into a tree structure based on driver name. DriverBackup2 also allows you to restore and delete unnecessary drivers. If you ever hunted for obscure drivers online, when installing legacy or obscure hardware for instance, DriverBackup2 will save you the hassle of searching them out again.
Double Driver lists all the hardware drivers installed on your system and creates backups of both the actual drivers and lists of the driver names. While handy with any computer, Double Driver really shines if you have a computer that came with pre-installed drivers that are hard if not impossible to come by. With a few clicks youĂll have those archaic laptop drivers backed up and ready to put back to work after a fresh install.
DriverMax allows you to easily reinstall all your Windows drivers. No more searching for rare drivers on discs or on the web or inserting one installation CD after the other. Simply export all your drivers (or just the ones that work ok) to a folder or a compressed file. After reinstalling Windows all drivers can be back in place in less than 5 minutes.
DriverView is a helpful upgrade from looking through devices individually in the Device Manager, but the real value here is in the list generation. Create an HTML-formatted backup list for your future troubleshooting needs or export to text to show friends or forum members just whatĂs gone wrong. While it doesnĂt actually backup drivers, if youĂre still into doing things the old fashion way, DriverView is a great choice!
Now that weĂve got all of the corporate slogans and descriptions out of the way, my personal favorite is the first link weĂve talked about here. The interface is the least cluttered, and the process really couldnĂt be any easier. For those of you who are looking to deploy driver backups in an automated fashion, thereĂs a built in commandline builder! Like I said, IĂve personally used it and really does make life alot easier after a reinstall.
So check it out and if you have any questions, remember: matt@hak5.org – Revision3 Forum or Hak5 Forum
–Matt
Congrats to Mesartwell who correctly answered last week’s trivia. Answer: “Tom is king” and “Jules sucks”. Grab yourself a copy of the Doom alphas
“Hackers Are People Too”
Ashley Schwartau joins us via skype to talk about her documentary Hackers Are People Too
–Darren
Music Organizers
I have thousands of songs on my computer and some of them are missing titles, artists, etc. So when I hop on iTunes to download my feed of podcasts (like Hak5!), I use TuneUp Media to clean up some of my music.
TuneUpMedia
TuneUp Media has the ability to find your songs basically by listening to them, and tell you the information for each one. You simply drag your song over to the clean up bar on the right, and TuneUp finds your songs info in a few seconds. It even gives you a choice of album art you can use.
I like TuneUp simply because IĂm really organizational. There are a few bugs thoughĂ– Firstly, once you download TuneUp, you donĂt have the option to close it while in iTunes (unless this has changed recently). Second, there are two versions – free and not free. With the free version, you only have 500 songs to clean up. In the payed version- you can clean up as much as you want.
TagScanner
The second one is TagScanner. Tagscanner is good for someone who doesnĂt like iTunes. In tagscanner, you can not only clean up the names and artists on your music, but you can also fix up the ID3 tags for each song, down to lyrics and album art. You can also export your music into a .txt or excel spreadsheet, which is pretty neat.
–Shannon
2
Questions
Skybar Baron writes I have a computer from my school and was wondering if there was a way to wipe everything but like Microsoft Office and the OS?
Darren recommends Sdelete.
Until next week we welcome your feedback and remind you to Trust your Technolust
November 6th, 2008 -- Posted in Podcasts |
Download it here! http://revision3.com/hak5/Phreaknic
The gang heads to Phreaknic in Nashville Tennessee and in Hak5 tradition brings you a sampling including interviews with Russell Butturini about his U3 Incident Response Tool, Adrian Crenchaw, aka Irongeek, about Keyloggers and other embedded hacking, Daniel Hooper about Software Defined Radio and GNU Radio, Eighty of Dual Core, Droops from Hacker Media, and more. Yeehaw!
Russell Butturini shows us the U3 Incident Response Payload for the USB switchblade. Code and tutorial on the forums.
Adrian Crenchaw, aka Irongeek talks about Hardware Keyloggers and other geeky bits.
Daniel Hooper explains Software Defined Radio, GNU Radio, and the universal software radio peripheral.
Plus talks with Nerdcore star Eighty of Dual Core and Droops from Hacker Media and Hacker Public Radio.
October 22nd, 2008 -- Posted in Podcasts |
Hak5 ep 408 – Building Packets
Chris Gerling breaks down IP and TCP headers with Wireshark and building blocks. Shannon Morse shows us DosBox, a free IBM PC DOS emulator. Christine Bourquin talks about Alice, a teaching programming language for beginners. Darren Kitchen summarizes his experience at Day-Con and answers some questions about Fon batteries.
Chris Gerling dives into the structure of IP and TCP headers in part two of his three part series on packet sniffing. He covers everything from source ports to checksums and everything in between offering insight into TCP packets in plain English. Then in part three he covers basic Wireshark usage and advanced techniques. Read more on packet sniffing on his blog at ChrisGerling.com
Shannon Morse shares with us DosBox, the free and open source IBM PC emulator that allows you to break out those old floppies and play your DOS games once again. While we wait for DNF, anyone for a Duke Nukem 3D deathmatch?
Christine Bourquin demos Alice, an innovative 3D programming language that makes it easy to teach programming using a simple drag-and-drop interface. Perfect for the next generation of computer scientists.
Darren Kitchen brings us his review of Day-Con with photos courtesy of the security twits. He also talks about Jasager batteries both big and small.
And on a production note: We’ve switched over from a standard-def composite based video mixing solution to a high-def HDMI based system. We’re not ready to release the full 720p quite yet as we’re ironing out (read: developing on the fly) the post production process but in the mean time we’ve got damn good looking 480p and we’re looking for your feedback. Thanks a million to everyone who has donated and helped make this happen!
On my segment, I chatted with ya’ll about Dosbox. The first time we shot the segment, we had such bad audio quality that I had to go back and shoot the segment again late into the night… /sigh. Such things happen when you work on a show.
Dosbox is a totally nifty creation that emulates an IBM pc compatible computer running MSDOS. Although dosbox is basically intended to run old school video games from the late 80’s and early 90’s, it can take on other tasks.
One of the key features about Dosbox is it’s ability to run peer-to-peer and internet/intranet video games. It simulates an entire modem, so you and your friends can play those old TCP/IP or IPX network multiplayer games easily with each other.
You can also take simple photos of your gameplay or video footage which is created with the ease of the click of a button. Hit CTRL+F5 for your photo, or CTRL+ALT+F5 to begin a video then again to end it. This makes for easy tutorial building, as well as nice video clips to share. The video is recorded into a folder called captures.
I found lots of good information about Dosbox at this wiki: http://en.wikipedia.org/wiki/DOSBox, as well as their main site: http://www.dosbox.com/. Here, you can find a HUGE list of games that are supported by Dosbox as well as FAQ’s, their own wiki, and forums.
Oh, and did I mention it’s open source and free? Yup
June 24th, 2008 -- Posted in Games, technology |
I played a really fun game the other night that I’d like to share because it’s a little addicting in that fun team player way 
Synergy co-op Mode gives us an amazingly fun mod called Synergy. You can use this mod for Half-Life 2, ep. 1, and ep. 2. To install it, you basically have to have the Half-Life games, with the SDK Source installed. You then run the synergy installation and it’s all set! Synergy mod even shows up as an independent game in X-fire. It’s pretty cool 
There’s a few kinks I found while playing the game with 2 other people. There are a few places where the game skips (just a few puzzles, the end of a level, etc..). Another thing is the Half-Life games were obviously made for one player mode, and when you have multiplayer- it gets a little easy.
But it’s frackin TOTALLY RAD to run into a level with a team and take it out in minutes~!! omg! Play it!! It’s really fun to go through the Half-Life games on multiplayer!!!
