Clik here to view.
Password Magic Numbers
LanManager passwords (“LM”) is a very old and well known password hashing function. Used way back in OS/2 Warp and MS-Net (networking for MS-DOS). It was great in it’s day, however how it worked was...
View ArticleClik here to view.
Done
Well, I finally got a working CMS type deal going on for a blog. I was going to write one but decided not to. Call it lazy or standing on the shoulders of programming gods, you choose.
View ArticleClik here to view.
Defcon Resolutions
To celebrate the close of DefCon 13 here are my… New Defcon (14) Resolutions. Get l0gic a girl to take to DefCon Get duder out to the east coast Make and print Project Mentor T-Shirts to give away and...
View ArticleClik here to view.
Brute Force Spam
Here is the source of the email I got (new hacking sytle, brute force spamming) : From - Mon Aug 01 00:51:54 2005 Received: from andylau.net (andylau-net.mr.outblaze.com [205.158.62.181]) by...
View ArticleClik here to view.
Intro to Programming (Java)
Right now I am taking a class called “Intro to Programming”. And yup! you guessed it! The first assignment is to make a Hello World program. For those who don’t know, that is the Globally accepted...
View ArticleClik here to view.
Back to the Basics
Age of Empires II - Age of Kings. That is a great game. It has something that not a lot of games have these days, which is replay value. Once you beat a game, that is it. No more fun. You know all the...
View ArticleClik here to view.
WEP
Ok, yes, again. It has been a while. But I am back. I got a new Wireless PCMCIA card (ORiNOCO a/b/g Combo Card Gold). So far it is a great card. WEP craking FTW
View ArticleClik here to view.
Gentoo enters the 21st Century
Let me be the first to welcome Gentoo into the 21st Century. Creating an Installer instead of a 40 page ‘Handbook’ was a bold and innovative move. In this bold move they have enticed new blood to this...
View ArticleClik here to view.
New "Advanced" Error system for Windows Vista
This and more Atom Smasher’s Error Message Gallery
View ArticleClik here to view.
Badfoo.net
Yes that is right, you heard it here first! BADFOO.NET is up! I’m not saying that they (he) has content up yet, except for a pic of a hacked up HP. But I have assigned a couple reporters to this story...
View ArticleClik here to view.
Transporter 2
I went to see The Transporter 2 tonight. Normally I watch movies using an ‘alternative’ method, but for action movies it is really hard to get into it without the 13 speakers blaring heart pumping...
View ArticleClik here to view.
R362 Approved
It’s a big rave across the internet , so Room362.Com is jumping on the band wagon. (So I’m about a year late, give me a break) If you want to be cool be R362 Approved!
View ArticleClik here to view.
It's a boy!
My wife and I did our first ultrasound today and IT’S A BOY!! When you decide that it is a good idea to send cash and gifts (jedi mind trick) … just email me at jd.mubix AT g m a i l DT c o m . In the...
View ArticleClik here to view.
AD Zone Transfers as a user
cross posted from: http://carnal0wnage.attackresearch.com/2013/10/ad-zone-transfers-as-user.html The tired and true method for Zone Transfers are using either nslookup: nslookup ls -d domain.com.local...
View ArticleClik here to view.
Reset AD user password with Linux
Image showing how to allow users to be able to reset user passwords Disclaimer: If you are here because you are a helpdesk person, this is a pentest blog, so it’s coming from the mindset of a...
View ArticleClik here to view.
Dynamic DNS Update Module
“Secure” DNS updates is the default in Windows, but there is an option to allow “Nonsecure” updates. I have seen this changed when non-Windows DHCP servers are used (eg Access Points), this opens a...
View ArticleClik here to view.
Security Affairs Questions
Soon after I blogged about the “Snagging Creds from Locked Machines” and it went a bit viral for a day, Pierluigi Paganini from SecurityAffairs.co asked me some great questions, that I failed to answer...
View ArticleClik here to view.
12 Hour Shifts
I have officially determined 12 hour shifts suck. Whoever invented this crazy idea needs to be shot! Oh! I’ve got an idea! Instead of 3 people per day, which allowed all three to have proper recoup...
View ArticleClik here to view.
Dump LAPS passwords with ldapsearch
If you’ve ever been pentesting an organization that had LAPS, you know that it is the best solution for randomizing local administrator passwords on the planet. (You should just be leaving them...
View ArticleClik here to view.
2017 DerbyCon Hiring List
Created the 2017 UNOFFICIAL DerbyCon Hiring List. To get on the list is even easier now! Just complete the following form: https://goo.gl/forms/vyqVHjZkxE4WhA9X2 (One small tip, first come first serve,...
View Article