Vote for us in Top 100 Security Sites
|
|
|
Written by hevnsnt
|
|
Thursday, 23 July 2009 |
People go crazy for free stuff. When you shoot it at them they love it even more.
After a couple trips to the local "Home Improvement Store" you too can build this DIY Compressed Air T-shirt Cannon and launch t-shirts, hot dogs, or really any else you can fit it the 3" wide barrel at your friends and neighbors.
Or take it with you the next time you go to "The Big Game" and shoot the T-Shirts BACK at the cheerleaders! Now that's Team Spirit! (Don't blame me if you spend the entire game in the Police station explaining exactly what your intentions where)
Features of this model:
- Interchangeable Barrels!
- Multi-Sources for compressed air (CO2 or Bike Pump)
- Lots of safety features! (Multiple ball valves, and a safety release valve)
Oh, yeah please be responsible -- dont hurt anyone
 |
|
Last Updated ( Saturday, 25 July 2009 )
|
|
Read more...
|
|
|
Written by Larry "haxorthematrix" Pesce
|
|
Tuesday, 07 July 2009 |
 The guys at PaulDotCom Security Weekly have this thing for wireless of all kinds. Wireless cards, cables, antennas, 802.11, RFID...the list goes on. Always on the lookout for something neat and useful they found the Asus EEE line of netbooks. They are small, usually feature Atheros wireless cards, and have a huge modding community. The small form factor is also something that works well for wireless assessments, whether covert or sanctioned. The size is conducive to easy transport in a small space or as a second laptop while traveling.
To those aims, the Asus 4G Surf (amongst others in the EEE family) works well, however the small internal wireless antennas don't offer much flexibility or range. We need to take some cues from the EEE modding community and extend the hardware to support a better antenna. So, here's how to add an external RP-TNC antenna connector to the Asus EEE 4G Surf. |
|
Last Updated ( Tuesday, 07 July 2009 )
|
|
Read more...
|
|
|
Written by Donny Hubener
|
|
Friday, 03 July 2009 |
 This paper is written to introduce you to the design and theory of how a Structured Exception Handler (SEH) exploit can be written to target a Windows host. We use the buffer overflow vulnerability in the ESF EasyChat Server software as a detailed example of this exploit type.
While the paper attempts to cover the topics for those new to writing exploits, it still makes some assumptions about the reader's related experience. For instance, the paper does not go into detail about how to write assembly code and how it is used for shellcode as the exploit payload. It also does not talk about the difference between hexadecimal and decimal number systems which is required to understand many of the numeric values used throughout the document. Here is a list of topics you should be familiar with before continuing to read this paper:
➢ Hexadecimal number system
➢ Basic understanding of how Assembly language is used
➢ Basic understanding of Assembly Opcode Mnemomics
➢ Understanding of memory pointers
➢ General idea of memory registers and their use
➢ Some experience with writing program functions of any language
Likewise there are some requirements that you will need should you want to complete the exercise. I highly suggest that you finish the exercise, as this will solidify a lot of the concepts that are discussed. You will need: ➢ A WindowsXP SP1 machine (Virtual Machine is Ok) (Victim)
➢ Ollydbg installed on XP SP1 box
➢ OllySSEH Ollydbg Plugin installed on XP SP1 box
➢ ESF EasyChat Server 2.2 (Free)
➢ Another machine with Python installed. (can be any os) (Attacker)
One of the most important concepts to understand when writing functional exploits is that they are the result of a software bug. If all programs were perfectly written such that there were no flaws, there would be no vulnerabilities to exploit. In many cases, an attacker may be able to cause a program to crash due to insufficient error checking within the program. Causing the program to crash would be considered a Denial of Service (DOS) attack. However, causing a DOS condition in a program does not mean it can be fully exploited, but it does indicate that it could be possible. While there are several different types of attack vectors available to create a fully functional exploit, there are many cases where the conditions of the program or environment do not provide a viable exploit using any of the known vectors. This article is written with the assumption that an SEH attack vector is possible in the target software, and it is important to understand that this vector may not always be present in other vulnerable software.
Before we get started, take note that we will be mostly discussing the operation of two different software routines that are running simultaneously. One routine will be the vulnerable software program and it's supporting function libraries that we are attempting to corrupt. For us, this first routine will be the EasyChat server software. The second routine is the Windows system exception dispatcher which constantly runs waiting for an error condition to occur. The dispatcher routine attempts to handle any exceptions (errors) that may occur in the first routine (EasyChat). As we go through this paper, try to keep these two routines separate in your mind.
|
|
Last Updated ( Tuesday, 07 July 2009 )
|
|
Read more...
|
|
|
Written by hevnsnt
|
|
Thursday, 02 April 2009 |
hevnsnt & Surbo will be joining the PaulDotCom.com guys for their weekly security podcast TONIGHT 4/2/2009. Please join us while we discuss some of the more interesting past articles, and who knows maybe we will give some insight in some upcoming projects!
You can join in on the IRC channel during the stream - we can take live comments and discussion from the channel! Find us on IRC at irc.freenode.net #pauldotcom.
When active, the live stream(s) can be found at:
Ustream: PaulDotCom UStream Channel
Icecast: PaulDotCom Radio |
|
Last Updated ( Thursday, 02 April 2009 )
|
|
|
Written by hevnsnt
|
|
Monday, 16 March 2009 |
|
So its Saturday afternoon and you have nothing to do. As you glance around your room you spot a half full beer, a webcam, and that linux box that you have been wondering what you were going to do with. Seriously, why did you buy that piece of crap webcam anyway? A quick google search reveals that you might have a hard time even getting that thing working in XP, let alone your preferred OS of choice, OSX. =)
Ok, I know what to do. First dont drink that beer.. Its old. Throw it away and clean up your room a little bit. Then go get another beer -- and lets try to finish this one Nancy. As you sit back and nurse your new beer you notice that your Asus EEE with BackTrack4 is in a somewhat different place than you left it. Instead of simply plotting your revenge on who ever you feel deserves the blame, lets try catching them next time red-handed.
The following will walk you through setting up a video-surveillance system that will detect motion, enable your webcam, take pictures of the intruder, and upload the pics online and notify your cell phone via an twitter SMS message.
|
|
Last Updated ( Friday, 03 July 2009 )
|
|
Read more...
|
|
|
Written by hevnsnt
|
|
Monday, 09 February 2009 |
BackTrack4 has been released.
Before you download it, why dont you consider purchasing a Raffle Ticket from the Kansas City HackerSpace (CCCKC). You will have a pretty good chance at winning a brand-new MACBOOK! (Only selling 200 tickets!!!)
Seriously, help them out -- they need $$ for chairs, and tools to fill up their hackerspace in a CAVE.
Ok, so..... did you buy one? Good, You can download BackTrack4 here.
Make sure to check the Back|Track blog to see if there is any updated installation/Usage notes before using!
To make a bootable USB drive, install and use unetbootin.
This will make your thumbdrive bootable -- then simply just boot off of that.
You can use the steps outlined in the "Installing Backtrack3 on an EEE PC" to install this to your HDD if you want to.
UPDATE: From the Back|Track Blog:
We've set up a quick install guide for BT4, as there is no official GUI installer yet (we're working on it).
Remember to look here for basic commands / tips and tricks for getting up and running with BT4.
Oh.. Also took some Shmoocon Party Pics! |
|
Last Updated ( Tuesday, 10 February 2009 )
|
|
|
Written by hevnsnt
|
|
Wednesday, 04 February 2009 |
 Washington D.C. please prepare. Hide your roadsigns, secure your wifi, and protect your traffic lights. I-hacked is coming to town for ShmooCon 2009. @hevnsnt and @surbo will arriving Thursday afternoon, so hit us up if you want to meet up and/or go grab some drinks. Thursday: Arrive and hang out.
Friday:
Come hang out with your favorite podcasters, and listen to a live show. It sounds like @mubix has a great lineup this year, and some WICKED PRIZES. I will be representing the CCCKC (Kansas City's Hackerspace) during the HacDC party. I will be demonstrating the Labywiinth built by Jestin & Vince, and will have some cool laser toys to play with. (Bring your own laser!) I will also be selling CCCKC Needs Rent Raffle Tickets (win an MacBook for $25) there. PLEASE help support KC's hackerspace and buy one. The first 10 people who buy one from me (locally at shmoocon) will get a free I-hacked tshirt! =) Your $25 donation goes to a really good cause, and could win you a brand new Aluminum MacBook. woot! Saturday:
To old friends, I look forward to seeing you again! --New friends, come find us, we should be pretty easy to find and we will know where all the partys are at! =) |
|
Last Updated ( Thursday, 05 February 2009 )
|
|
| | << Start < Prev 1 2 3 4 5 6 7 8 9 10 Next > End >>
| | Results 9 - 16 of 207 |
|
|
2006 I-Hacked T-Shirts |
I-Hacked T-Shirts Have been released, Now with 3 versions! Check them out here 
|
|
