Ethical Hacker Community Forums

---------Update------------

New Video added on Aircrack-NG for Windows link: http://www.anti-hacker.info/video/Aircrack/Aircrack.html (30Mb Broadband only)

Digg it here link: http://digg.com/videos_educational/Video_on_how_to_use_AirCrack_NG_for_Windows_for_Breaking_WEP_WPA

Also added a paper on making a switch act like a hub so you can sniff all network traffic. Basically I cover how to use Cain & able to Man-In-The-Middle-Attach (MITMA) a subnet with APR Poisoning to get all the network traffic flowing thought you nic so you can sniff the whole network. Link: http://www.anti-hacker.info/papers/switchhub.pdf

***More to come soon***
---------Update------------

Air Snare Windows WiFi IDS

I have made a quick video on http://www.anti-hacker.info/video.html to show and explain how Air Snare works and I also have a link to the site for download. Air Snare is a very useful Network IDS to see who is connecting to your WiFi (or Wired) network. Other cool feature is you can use Ethereal (now wireshark) to capture the packets. Let me know if you like Air Snare and what you use it for. I have head of people in Intenet cafes using it to keep an eye out for non-customer devices. I have used it to monitor my WiFi network and watch out for APR Poisoning.
--------------------------------------------------------------------

EtherChange from www.ntsecurity.nu

I have made a quick video on http://www.anti-hacker.info/video.html to show and explain how EtherChange works. I have used EtherChange for War Driving and also advanced network sniffing. It's easy to see a MAC Address like "ba-df-ee-d0-00-00" on a packet capture than the normal MAC. I also have used EtherChange to spoof my MAC to test Public AP access security. I know a lot of people feel safe about there Access Point using Mac authentication but it is easy to crack WEP and spoof your Mac with EtherChange to get access. What do or would you do with a temporary MAC address?
------------------------------------------------------------------
Digg it here link: http://digg.com/security/Short_Video_on_X_Scan_3_3
X-Scan 3.3

I have made a quick video on http://www.anti-hacker.info/video.html to show and explain how X-Scan 3.3 works. I also wrote a paper on how to use it here http://www.anti-hacker.info/papers/Xscan.pdf. X-Scan is a general network vulnerabilities scanner for scanning network vulnerabilities for specific IP address scopes or stand-alone computers by a multi-threaded method. X-Scan features all of the Nessus attack scripts. Providing scanning for the most known vulnerabilities, the corresponding descriptions and explanations for repair are provided. At the end of the scan you have the choice of a text or html report to keep on record or present to your client. I have found X-Scan to be a nice free pen test tool.
------------------------------------------------------------------

How Cable Modems Work.

http://www.anti-hacker.info/papers/cablemodem.pdf
the paper is a high level look at DOCSIS and how cable modems work on an MSO's network. The biggest issue I found writing the paper was I keep getting to deep with technical information on DOCSIS. I am a DOCSIS Engineer by day so I feel at home with CMTS's so if anyone here has questions about how Cable Plants work let me know. BTW I will not help you uncap your modem that is just steeling bandwidth from your ISP and slows down the network for everyone.
------------------------------------------------------------------

Penetration Testing on a Switched LAN

I have written a paper on “Penetration Testing on a Switched LAN”. Please read it and let me know if you feel it covers some of the basic info on LAN PEN testing. The paper can be found here http://www.anti-hacker.info/papers/pen.pdf. I wanted to make a very basic introduction on PEN testing for newer users.
------------------------------------------------------------------

Phun With VoIP Services

After playing with different kinds of VoIP services and Providers I have found fun things you can do with VoIP. Here is a little paper I wrote on VoIP Services. http://www.anti-hacker.info/papers/voipfun.pdf read the paper and let me know what you think. I feel with the PSTN now exposed to the internet with all the different VoIP services it's only a matter of time till we hear of new kinds of Phone line hacks and soon a new kinds of VoIP Spam. Tell me what you see the future of Voice services to be like in the next few years.
------------------------------------------------------------------

LM & MD5 Hash Security & Cracking

Here is a paper I wrote on "LM & MD5 Hash Security & Cracking". http://www.anti-hacker.info/papers/LM.pdf I know it is not advanced as Chris's recent article on Rainbow Tables (http://www.ethicalhacker.net/content/view/94/24/) but I do have experience with Rainbow Tables as I and a few others started www.plain-text.info (then it was midga) about 3-4 years ago. Our little group had/has over 2 terabytes of Rainbow Tables and at the time had the first online distributed Cracking server (I think we still have the only client/server cracking system online) on the internet. Anyway please read my little paper and let me know what you think and what I might need to improve.

Thanks,

Slimjim100

good stuff, appreciate the vids and papers.

the cain one takes a bit to load though

I do like the HD option. Nice touch.

Don

Nice! Keep up the great work!

nice :D

but im having some problems...

nice videos..but I want xscan,can ny1 provide me that,it seems xfocus site is not opening..thnx in advance

Slimjim100 excellent job, i learned more with your tutorial. Keep up the great work!

-cyeudoux ;D

http://www.xfocus.org/programs/200507/X-Scan-v3.3-en.rar

SlimJim100,

cheers for sharing, always nice to get a feel how others would handle a situation compared to how I would handle, the switch-to-hub and pentesting a switched environment provided some nice insights.

Thanks for the feedback. :)

Brian Wilson
aka Slimjim100