Kippo

Posted: October 10, 2010 in InfoSec
2

I have been running Kippo for a couple of months now…

I will skip the configuration and setup since it has been covered extremely well by multiple blogs(I have included links at the bottom).

Back in the day(late mid-late 90s for me at least)  people were brute force ssh scanning guess what…they still are…

The majority of people scanning are using the same basic kit.  The brute forcing kits consist of a few variants of shell scripts used to launch the attack however the core components  pscan(written in the 90′s) and ssh brute force never change

Examples of shell scripts/pscan/ssh brute force

#!/bin/bash
#
# by lizard
#

if [ $# != 1 ]; then
echo ” usage: $0 <b class>”
exit;
fi

rm -rf scan.log

echo “# Scanãm $1 pe port 22″
echo -e “33[1;36m===    -=PaTroNu Private Scanner=-    ===”
echo -e “33[1;37m ==         #Private shit#            ==”
echo -e “33[1;36m  =      -Don’t share this!-          =”
echo
echo
sleep 1
././pscan2 $1 22
echo “–==: Hai sa vedem .. :==–”
./sshd 100
echo “Cam atat …hai, next”
sleep 10

Read the rest of this entry »

Lockpicking…Locksport…Getting started.

Posted: October 2, 2010 in Locksport
1

I know there are 1000′s of lockpicking sites and guides online just wanted to throw out my personal thoughts and things that helped me.  It’s also been a great way to break away from the computer or work and put my focus on something else.

The first set of picks I got were custom made by Legion303

In addition to those I picked up a couple of mass produced sets and a custom set by Lockpicknewbie(on the right in the pic below)…Since picks are fairly cheap compared to other hobbies it was a worthwhile expense.

Originally I picked up a Master lock #3 and #5 great beginner locks because they’re fairly simple to open.  Schuyler Towne makes reference to this during his interview with Exotic Liability being able to open simple locks should help keep you motivated and not get you discouraged when you’re first starting out.

Another useful tip that a lot of articles make mention of but had to learn for myself is the amount of tension it takes with a tension wrench to open a lock.   EXTREMELY little my first week of lock picking I ended up bending a tension wrench but live and learn.  I ended up watching a number of videos on youtube trying to determine the amount of tension required however it was very hard to gauge from videos.  The best tip I have is your finger applying tension is watch your skin color is your finger is turning white your most likely applying to much pressure.

One of the first things you will notice when picking masterlocks is how easily rakes like the bogata and snake rake open these locks then you start noticing how many places use these locks in your travels around town.

Raking is cool for quickly opening  a lock however single pin picking once you have a basic understanding and a feel for it is a lot more consistent and is main skill for all lockpicking.

A couple of the sites I frequent and a good place to get started

The Open Organistation Of Lockpickers – http://toool.us/

Locksport International – http://locksport.com/

Locksmitharmy – http://www.locksmitharmy.com/

wizwazzles youtube channel – http://www.youtube.com/user/wizwazzle

Schuyler Towne Lockpick kickstarter project – http://www.kickstarter.com/projects/schuyler/lockpicks-by-open-locksport

Lockpicking101 forum – http://www.lockpicking101.com/

Deviant Ollams site – http://deviating.net/lockpicking/

Deviant also has a book “Practical Lock Picking: A Physical Penetration Tester’s Training Guide” a must have

I will continue to add my experiences with various locks and techniques along with anything that might be helpful to someone starting out.

J

Hello world!

Posted: September 29, 2010 in Misc
0

Just getting this thing rolling hopefully I was be adding some what useful and insight full info.