Exploit-DB updates

Saturday, August 21, 2010

Friday, August 20, 2010

Get someones IP/System info with nothing more than a link.


Here's another useful site, this one can be used to collect a persons IP/OS/Browser/Etc with nothing more then a URL. It can also redirect to a specific site so it would be perfect to use with the other site I posted about (http://hyfbt.com)

Thus collecting even more data. You could get someones IP/OS/Browser/Etc AND also get their browsing history.

Check it out here, the source is also available so you could implement this into your own site.

Thursday, August 19, 2010

irssi, my favorite IRC Client.

Irssi is a terminal based IRC client for UNIX systems. It also supports SILC and ICB protocols via plugins. Below is a screenshot of mine (it's extremely plain)
                        
                                


Greatest features

You might be wondering what makes Irssi such an easy and comfortable client to use; Joost Vunderink wrote a summary of the most beneficial Irssi features.
  • Autologging
    Irssi will automatically log any channels, queries or special windows that you want. The logfiles will be separated per IRC network, and even log rotation is supported. Log file formats, themes and destination directories can be easily configured with the Irssi log settings.
  • Formats and themes
    Theming is a popular item in todays desktop enviroments, it's an easy yet powerful way to customize your Irssi client's look and feel. Irssi's formatting is modular which means you can just change the appearance of the objects and all items contaning that object will change into that format.
  • Perl scripting
    Perl is one of the most used programming languages around the globe and integrating Perl into applications means flexible and powerful scripting capabilities. The entire behavior and appearence of Irssi can be modified within these Perl scripts. Irssi provides a script archive with many contributed Irssi scripts which provide both useful extra features and the required assistance to make your own scripts.
  • Irssi-proxy

    This is much more than just a bouncer, Irssi-proxy is a plugin which allows to bind a port to each IRC server you are connected to. This means that instead of having to remember to identify with a password, you can just connect to the Irssi-proxy with a server password. The copy of Irssi running the proxy works just as a normal client which you can use, but you can also connect one or more clients to it to share the connections. Using Irssi as a proxy has the major advantage of Irssi's power as an IRC client. You never have to worry about losing your connection to IRC. Even if you don't want to use Issi as a client, I can strongly recommend it as a proxy because you can just connect to it with any IRC client by just connecting to the specified port instead of SSH-ing to the machine that your Irssi is running on.
 You can download irssi from here, or use the repositories.

Learning Python (Again)

Well I've got some free time on my hands so I've been playing around with python again. I made this script to listen on a specified port for connections. When someone tries to connect (a attacker using netcat/telnet or running noisy scans perhaps) it will log the time and IP/Port they connected from. This script could still use alot of improvements but it serves the purpose I intended it for. I will most likely update it at some point soon but here it is as of now. Be sure to port forward if you use a router and want to use the script outside LAN.

See what 'explicit' sites (and more) your friends have been on.

Well I came across this while checking out some forums and thought it was worth a post. http://www.haveyourfriendsbeenthere.com/

As simple as sending a link to your friend.

Keep your keystrokes secure.

I figured while I was talking about keyloggers I'd take a moment and mention 'Keyscrambler'. It encrypts the keystrokes deep in the kernal, preventing the attacker from reading them and leaving him with encrypted gibberish.

You can read more and download 'Keyscrambler'  here

Getting Login Credentials From Unencrypted Keyloggers.

Well to start off this blog I'll be writing a simple tutorial using the tool 'Bintext'. Very simple to use and this tutorial will be very basic. Start off by downloading 'Bintext' from here

Now open it up and you should see this;














As you can see it's pretty straight forward. Browse your system for the keylogger you wish to check for logins and then hit 'Go'

At this point it should look like this;













Now you can type in a variety of things to search for, the ones I've had the best results with is 'smtp', 'gmail', 'ftp', '.com'. Keep in mind it's case sensitive.

                  Congratulations you just dealt some karma.^.^ A good place to find unencrypted keyloggers is youtube, just search obvious stuff (such as steam game added) under the 'Search options->Today' search settings. Just be careful not to infect yourself on accident.