Anarchy's hideaway

Invision Power Board 0-day

2010-05-25T08:16:00.000-07:00

IPB is open to right-to-left unicode injection which allows you to obfuscate file names, links, and more. That's not all, because you can inject RTLO while registering you can copy any user name you like! Go to any IPBoard and try to register "& #82 38;nimdA" w/o the quotes and spaces, you will see when you login it displays you as Admin! Now you can go on the forums and run wild as the Admin or any other user you like. No you don't get admin privs. or anything and if anyone looks close at a "spoofed" account its not to hard to spot, but its good for a few lulz and im sure you can get more then one n00b to dl a payload you posted as admin >:) Ok thats all i got, laters.

Plunderoid is here!

2010-05-23T14:28:00.001-07:00

Plunderoid is a Plunder app for Android! Search and download plundered files right from your phone!!!

DOWNLOAD: http://www.plunder.com/Plunderoid-download-3cfa96bbde.htm
Report bugs here: http://shortcode.freeforums.org/plunderoid-f7.html

Hacker's Hideaway is dead :(

2010-05-23T09:28:00.000-07:00

Well HH is dead which sucks all on its own but due to one fucked up person, Raze, i cant get any of my shit off the servers HH was hosted on :( Yeah i kept backups but it wasnt nightly nor automated so i lost a lot of shit. i could have had time to get everything off the server but Raze, who was paying for the server, some how forgot to tell me he had stopped paying so i got ripped off like $50 on top of losing everything else!! See it was a Germen hosting company that hosted HH and Raze lived close by and he set everything up, i sent him $100 to pay for everything. So i figure he used about 25-50 dollars of it and i guess ran off with the rest :( Anyway blogger is my hangout once again.

Dansguardian, Webmin, and Ubuntu.

2008-03-19T08:14:00.000-07:00

So i have my Ubuntu box set up as my networks NAT router, DHCP, and DNS server. Now I have a few kids and well i cant keep an eye on them all the time and while i do log their activity online i often miss lots of things in the logs as they seem to go on for ever and it got to the point that i just stopped looking at them are started looking for a better system. A while ago i had a content proxy server running on a XP pro box that seemed to do the job but was really unreliable and stop working all together at one point, so i set out to see if i could find a linux solution. I came across Dansguardian, which from what the website said was %100 better then the ones i had found for winblows. The only down side was all the install help files i could find all had you downloading firehol and tiny proxy, but non of them had a Webmin mod. So i went in and downloaded Squid proxy using Webmin 1.4 i had to edit the mod config to point to the right dir and i was hopping to use Squid as a replacement for tiny proxy. I already have Linux Firewall set up via Webmin to do NATing so thats all good, all that was left was to apt-get dansguardian. The install whent fine. I did have to chmod a few files for install, nothing big. After install i had to edit dan's config file to point it to the address of the proxy "Squid" in the networking section of Dan's config file. Now i have full web content filtering in action so no more boobies on the web for my kids :P the next step is forcing all connections to dan with out making changes to the end user's computer.

Back at it again...

2008-03-14T12:42:00.000-07:00

Yep im, for what should be the last time, going to work on another release of A Hackers Gadget. Im going to do a little something to the port scanner and i have a few new little ideas that should make some buz. Dont look for it any time soon however cuz there is lots i plan to put in this baby, the only real hard thing im going to be facing is how to keep the gadget compact to its not taking up all the sidebar space. Along with the reopening of the M$ gadget project im starting to look at google's web gadgets, and i may even play around with firefox addons. Thats last one however is on the far back burner if you know what i mean.

OMG, WTF!!!

2008-03-12T12:39:00.000-07:00

So i get a call at work from cmoney telling me that she go pulled over by the cops in what ever town on her way back from taking the kids to the dentist office, she also tells me that the van which i told her on many occasions to get registered, isnt registered and thats why she got pulled over, thats not the best of it yet. I my self have been having car trouble and have no way of getting to her, the kids or the van. She then tells me that she also has no licenses so she may be going to sit for a little while and they are going to tow the van if a licensed driver isnt there in 5 minutes!! So i got out of work a hour early, missed class and by the end of the day $360 in fines from her and another $100 to get the van registered, that i had to do despite the fact that in im the van for 15 mins at the most a week and its her "car" and i work all day and have class 3 at night while shes home all day and night with the van. Ok im sure that at this point i am no longer making any sense so ill end this post here.

M0|23 pA$sword Crack1n6

2008-03-08T21:20:00.000-08:00

First if you didnt already go download John The Ripper. Ok now HERES a passwd file i took from on of my old Ubuntu boxes, download it to the unzipped john dir. Now download THIS word list file to the same place you downloaded the passwd file to. Now open a command promt "Start->run->cmd" and goto the dir john is in and the rest of the files you downloaded above. Now type "john --wordlist=n_common.txt --rules passwd.txt" These settings should crack the password in just a few seconds. You just cracked your first DES encrypted password. John can also crack BSDI, MD5, BF, AFS, and LM hashes. You can find word lists from all over the place just ask google for one. As for more passwords to crack well i leave that up two you.

So easy even winblows can do it pt2

2008-03-05T19:24:00.000-08:00

Another way to make winblows more hacker friendly is to have it run Python. many good hacker programs are coded in python and im sure at one point or another you have come a across a program or two you wanted but thought python = linux, and this just isnt true. Goto python.com and find the Downloads section or something close to it and find the install package for winblows. Python is %100 free and a easy setup, even a kid could do this one, just let it install using the defaults that it picks for you. I know some of you dont like hearing that but to make sure path environment variable is set correctly i suggest you do it that way. The one thing you can change is the install path of python, when you get to the "Select Destination Directory" part of the install you may want to change it to c:\py instead of c:\python25 youll know why in just a moment. Now once you have python installed and you have a py program "called run.py" you want to run just put it in the dir c:\py open a command prompt goto the dir c:\py and type "python run.py" and poof you running python programs just like in linux, just like a hacker LOL. it should look something like

c:\py> python run.py

Hackin Upnp

2008-03-01T11:07:00.000-08:00

I have been doing lots of research dealing with upnp and php with the goal of making a nice little tool to control any upnp enabled device or program. I have been working on this for a while now and decided to put out some small samples of php code. This snippet will discover all devices and programs in a LAN using upnp. This snippet will only send out a discover packet, you will need to be running a packet sniffer to see the replies.

?php
$host = 'udp://239.255.255.250'; //upnp broadcast address
$port = "1900"; //upnp service address
$fp = @fsockopen($host, $port, $errno, $errstr); //socket to send out packet
//start of discover headers
$soap_out = "M-SEARCH * HTTP/1.1\r\n";
$soap_out .= "HOST: 239.255.255.250:1900\r\n";
$soap_out .= "ST: ssdp:all\r\n";
$soap_out .= "MAN: \"ssdp:discover\"\r\n";
$soap_out .= "MX: 3\r\n\r\n";
//end of discover headers
fputs($fp, $soap_out, strlen($soap_out)); // send request
fclose($fp);
?>

Goolag buzz

2008-02-26T19:53:00.011-08:00

is all over the place, and i have no idea why. All this thing does is scan using dorks, WOW! The person that made it even put all that fancy crap in it cuz they knew it was nothing to get worked up about, but like everything that cDc puts out ppl had high expectations for this release so that had to make up with the pretty iface and some talking bitch. Dont get me wrong i have lots of love for cDc and the ground breaking work that have done in the past but im just not feeling them on this one. I have seen dork scanners that run faster and use less resources then Goolag, but because this is a cDc release it got top story on many sites. I am sure however that cDc's next release will make up for this.

Mythbuntu, Linksys NAS200 hack

2008-02-23T18:10:00.000-08:00

Well ok its not really a hack but more of a work around. I just got a Linksys NAS200 with 2 500gb sata hdds, and i wanted to mount one of the HDDs to my mythbuntu box but for some odd reason you cant mount shares that have spaces in the names. So you make a new folder in PUBLIC DISK # called public. Make sure all the stuff you want to mount is in that share, then make a new share dir using the NAS Admin web interface called disk# and point it to /Disk 1/public make sure you set the access privs you want for the share. I used the PUBLIC DISK dir in this example because its the one i use to share all files to all clients on the network with and you dont need a p/w to access. If you dont have the Linksys NAS200 im sure you have no idea what im talking about but if you do then i hope this can help you out if your trying to mount the NAS200 shares

So easy even winblows can do it

2008-02-21T12:56:00.000-08:00

One way to make your windows box a little more hacker friendly is to have it run perl, many good hacker programs are coded in perl and im sure at one point or another you have come a across a program or two you wanted but thought perl = linux, and this just isnt true. Goto Activestate and find the Downloads section or something close to it and find the package called Activeperl. Active perl is %100 free and a easy setup, even a kid could do this one, just let it install using the defaults that pick for you. I know some of you dont like hearing that but to make sure path environment variable is set correctly i suggest you do it that way. Now once you have Activeperl installed and you have a perl program "lets call it run.pl" you want to run just open a command prompt goto the dir of the perl program and type "perl run.pl" and poof you running perl programs just like in linux, just like a hacker LOL. it should look something like

c:\download>perl run.pl

AHG2 hit 200!!!

2008-02-19T09:21:00.000-08:00

A Hackers Gadget 2.0 reached 200 downloaded the other day!!! Im happy to see so many people are getting a use of my hard work, now i just need you guys to start clicking the ads in it, vote for me and maybe donate a few pennies via paypal. Thank you all for you support.

A Hackers Gadget 2

2008-02-10T17:36:00.000-08:00

A Hackers Gadget 2 is done and ready for download. AHG2 comes packed with many new functions which include a Mail bomber called Mail p00per, local WiFi info button that displays all your wifi/ipv4/ipv6 information. You can keep up on the latest hacker news around the world with the hacker news button scripting provided by Pen and NewToolkit.com. Another new function is the random password generator to give you fast strong reliable passwords with just a few clicks and one key stroke. AHG's most popular function, the HTTP forager, now has Tor network support!!! Main gadget graphix done by ming5 of mingming5.com. Be sure to open the settings window.

::DOWNLOAD::

Useful Linux commands

2008-02-08T16:43:00.000-08:00

This is in no way a complete list of Linux commands, but beginners should find this list very helpful, I would recommend doing a info or man on any of the commands from this list that you use to get a better understanding of what it can do. If you have anything you think should be in this list feel free to email me.

ls :: list files in dir

ls -a :: list all files + hidden in dir

df :: shows free disk space

pwd :: tells you what dir you are in

find [FILE]:: Search for file

ps :: lists running programs and PID

cat [FILE] :: Read a text file

kill [PID] :: Kill the program with what ever PID you input

[FILE] | grep [WORD]:: Searches a file for a string or word

less [FILE] :: to read files that have more then one or two pages.

pico [FILE] :: text editor

rm -rf [DIR] :: deletes dir and all contents

tail [FILE] :: allows you to see the last few lines of a file w/o opening any programs like pico or cat

tar -zxvf [FILE].tar.gz :: untars a .tar.gz file

ifconfig :: shows network info like IP and such

ncftp :: nice FTP client

wget :: Use this to download files over protocols other then FTP

last :: shows a list of last logged in users

shutdown now :: puts the box in maintenance mode

shutdown -r now :: restarts the box

uptime :: shows you how long the system has been running

chmod [MOD] [FILE] :: change file privs

/usr/bin/gpasswd -a [USER] [GROUP] :: assigns USER to GROUP

chown [USER]:[GROUP] [FILE] :: change owner ship of file by user or group

groups [USER] :: shows what groups USER belongs to

su :: become root until exit

su- :: become root till exit and read root's environment settings

usermod -G [GROUP1],[GROUP2] [USER] :: Assign groups to a user

p@$sw0rd Crack1n6

2008-02-03T19:05:00.000-08:00

Cracking passwords is one attack vector that can work %100 with time being the only restraint. If trying to crack a pw on a well prepared system/app you may very well die before you ever see even one success, still it can be done. We will look at two kinds of password cracking, they are very vague so this is in no way will cover all there is to know about cracking passwords. I encourage you to ask google about cracking passwords, password crackers and brute force. In fact I suggest you use google to expand your knowledge of all the other topics that are covered here and ones to come. Ok anyway, so the “two kinds” of cracking we are going to look at are cracking of some kind of encryption protected key that we have access to. Such as liunx's passwd file or winblows SAM file. The other is cracking some kind of network service, device, or web cracking such as a forum login. The first is the kind of cracking I would call the easiest and fastest of the two. Something they both have in common is they both involve the same basic method or idea. They both use a word list known as a dictionary attack or brute force attack. Cracking something like the linux passwd file that isnt shadowed “ask google” you would use a program like Jack The Ripper that takes a word from your word list or string from the BF function “that comes as part of most crackers” encrypts it and see if it matches the encrypted key it does this until it finds a match. So now you would then have to make up your mind, to use word lists or to brute force. The main advantage of using word lists is that most ppl use human readable password making words lists more practical over using a brute force that may break the same password but could take days to finely get to that right combo of letters where as a word list could do it in just a few hours if you get really luck even after using just a few word lists. You can find word lists that cover every subject you could think of from words in Moby Dick to first and last names most common to the US or where ever. A good brute force program will have a built in function that generates the keys on demand some rip offs have you make a list that has stings with every possible combo of letters and what not then run it with the cracker. While it works kinda like a brute force it really is a dictionary attack. Now to attack a network service, device, or web cracking such as a forum login you will still be using a word list or a BF method but the encryption step is replaced with a connection to the server trying the user name and password the cracker program gets from the word list or BF function. Now that we are trying to “crack” a password from a remote location it can get really tricky, most places have all kinds of countermeasures to password crackers. Some places only allow so many attempts per some length of time for each account or IP. Others use CAPTCHAs after so many failed attempts then lock the accounts for a length of time. Thats the two main cracking types and the two basic methods used by both. Hope this helps.

Nice job ass

2008-01-27T20:00:00.000-08:00

It would seem some d!ck in the ass bitch going by name Az3ar "hacked" the HackBloc forums today i guess in some attempt boost his e-ego. I dont know any of the admins there really or any of the regs, i been looking mostly not really a poster there but still there was lots of good info and one hell of a good zine. I dont really know any of the details behind the attack but i hope they will explain what went down, i know ill be keeping a close eye on them for a while. This may even be the making of a hacker war?? LOL dont say it i can hear what your thinking.

Never thought i would live to see...

2008-01-25T20:51:00.000-08:00

27 years old. Yes its my birthday today so of course it had to be a shitty cold snowy day. Needless to say i cant wait for this day to get over with...

sh!t its sping already

2008-01-21T19:00:00.000-08:00

Well its spring semester anyway so that means work on the hacking 101 section may tapper off a bit as well as my posts. Work on AHG2 may suffer a little as well but i still plan an releasing it soon. Other then obtaining more information one good thing about all this is i have access to the online course software which i have already found a few interesting things about, come back soon im sure ill be talking about this more in the future

Think Thin - The skinny on thin clients p2

2008-01-15T20:02:00.000-08:00

::Intro::
In this installment of the series we will be looking at ways to exploit a thin client based network and ways to exploit the thin client unit it self.

NOTE: If you didn’t read part one of this series I suggest you do so or you will be lost!!
Read it @ here

::FTP::
Ok here we are going to see where the thin client is getting the configuration file from. To do this we have to disconnect it from the network by removing the network cable from the back of the client. Then press and hold the power button so it turns off, then turn it back on. Right click on the desk top and select Network Manager, look to the bottom of the window that pops up. Here we should see the address to the FTP server and the home directory for that thin client. Now hoping that one of the apps your thin client is running is a web browser, connect to the FTP server and see if there are any other configuration files available. If there is great lets see what they got. Again remove the network cable from the back of the client, and power the unit down and back on again. Right click the desk top and go to Network Manager. Now at the bottom of the Network Manager window we once again see our FTP server and our home directory. Just replace our home directory with one of the others we found on the FTP server. Plug the network cable back in and get access to the apps linked to that user.

NOTE: Thin clients by default connect to FTP using anonymous login and more often then not the admin would rather setup a anonymous account on the FTP server then put usernames and passwords in all his/her thin clients.

::Pwn::
Ok we are on our clients using an app, now remember we are really connected to the server using RDP or ICA protocol. So when we send commands while using the app in the apps window it is processed by the server. Try hitting “Ctrl + Alt + Delete” and see if you get that windows pop up with buttons on it for logging off and stuff. Look for “Task Manager” If you have access to that we are up for a gold mine! Once in Task Manager hit the “ New Task…” button and start any program you want off the server!!!! That’s not all, on top of that you get dumped to the desk top of the account the client is logged on as on the server!!!! If your really lucky it will be an admin account.

::Apps::
If one of the apps you have access to is a web browser then there are lots and lots of fun things you can do. In the address bar try putting c:\ and it should dump you to the c drive of the server. See if you can access sites out side of the networks intranet. If you have shitty luck and don’t have a web browser see if you can get to anything from on the server. An app might have a “Open file” option or a search option. If you look around the apps you have access to you most likely will be able to break out of the shell and up to a higher level. If not try to make the app you do have access to error, that might dump you somewhere with better access.

::Theories::
Now that we know how to get access to the Network Manager menu and can change where the configuration file comes from, lets take it a step up. If you managed to get access to the FTP server and downloaded one of the config files to the thin client server then emailed it to your self. Then edit it, setup a FTP server with anonymous access with your edited config file. Now set the thin client up to get the config file from your FTP server and poof the thin client is using your config file!!

Why do we need to get a config file from the FTP server to edit?
The config file holds user names and passwords in plan text that are needed to gain access to the network so we can connect to the apps.

NOTE: This theory has never been tested; I got as far as needing a FTP server with anonymous access that runs on port 21 “My ISP blocks port 21 :*(“. I was however able to get access to the FTP server, download a config file and send it to my gmail account from no access at all!! This theory could very well work but until it has been tested it stays a theoy.

Here is the config file I downloaded:
SIGNON=0
AUTOLOAD=1
PRIVILEGE=None
INACTIVE=60
CONNECT=ICA \
Description="Jacrux - Jackson" \
Icon=default \
Username=jdcuser \
Password=jtest \
Domainname=office \
Browserip=192.168.1.102,192.168.1.88 \
Application="JACRUX - JACRUX" \
Autoconnect=yes \
Fullscreen=1

Here is the edited version:
SIGNON=0
AUTOLOAD=1
PRIVILEGE=High ==NOTE== I changed the priv level to high.
INACTIVE=60
CONNECT=ICA \
Description=" JACRUX pwned by Anarchy " \
Icon=default \
Username=jdcuser \
Password=jtest \
Domainname=office \
Browserip=192.168.1.102,192.168.1.88 \
Application="JACRUX pwned by Anarchy" \
Autoconnect=yes \
Fullscreen=1

Keep in mind this is the info in the .ini “configuration” file. This should give you admin access to the thin client and maybe the server.

::That’s all folks::
That’s all I have for you on this topic, feel free to email me about it. Please help me out and click the adds thanxs

Think Thin: The skinny on thin clients part 2
By: Anarchy Angel
anarchy[dot]ang31 [at] gmail
http://aahideaway.blogspot.com

Sp00fin 3Ma1l

2008-01-13T19:25:00.000-08:00

I made this because I couldnt find anything worth adding to the Hacking 101 section on this subject so here we go. Follow the steps below.

First you need a SMTP server, Try searching your ISPs subnet for port 25 “The defualt SMTP port”. If you dont already have a port scanner google one.

Once you have a SMTP server, if your using XP “In vista you have to open a command prompt”, goto the start button then run and in run type:
telnet smtp.ip.addess.here 25
Hit enter, once the window opens you should see some kind of 220 message, thats good. Now type:
MAIL FROM: any@email.address
You should get a 250 ok message, if you get some other message saying something about helo or hello type:
HELO
then mail from. Now set the target address by typing:
RCPT TO: target@f00.com
If you get some error try another SMTP server.
Hit enter then type: DATA and hit enter again, now start typing your message. At end of message hit enter, then type a “.” by it self w/o the “” and hit enter again. You should get a 250 email sent message. You can test this best by sending a email to your self.

More on spoofing HERE

Site update

2008-01-12T21:01:00.000-08:00

Well i didnt do any work on the gadget today, again i just didnt have it in me i did how ever start a new section for the site called hacking 101 to help out a friend of mine and i hope some other ppl can some use from it as you can tell it not done by a long shot but its a good start. I also added a full "as full as i could find" TCP/UDP port list and the deamons that run on them "for the most part".

Blah!

2008-01-11T19:06:00.000-08:00

I was going to work on AHG today but i just dont feel like it, its been a long week at work and things on the home front haven't really been all that great so i just dont have it in me to any thing ATM i did do some good reading on the other hand @ GNUCITIZIN about UPnP hacking that was really a fresh look at a really misunderstood and overlooked attack vector.

AHG dev update

2008-01-09T08:57:00.000-08:00

AHG development is going well, some new functions and the old ones remade with a little more power. The next rev should have some nice eye popping graphixs pending on how my graphixs bitch helps out or not. And i might be putting out a DC414 edition which will come with a few more options you cant get from the current RC. So come back soon to see what we been up too!

Hell yeah!!

2008-01-02T14:42:00.000-08:00

A Hackers Gadget beta 1 reached 100 downloads today!!! Some of you may know i have already started work on AHG 2 and already reached a deal with NewsToolkit.com and Pen of NTk to use a feed from NTk crafted just for the AHG gadget!!

Santa sucks!

2007-12-29T20:54:00.000-08:00

or so my little girl thought. She just now got around to opening her "Magic Spin Art" toy from xmas only to find it didnt work. She got all upset i mean water works and everything and saying Santa something something i couldnt really make out. cmoney said we will get a new one but that didnt make her feel any better plus we didnt have the box nor the receipt anymore so i looked at it for a min. and said i can open it up and see if i can fix it. as you could imagine it was a very easy set up just the bat. case red going to a on/off switch that went to a motor and black from bat case to motor. as it turned out the red wire was not connected right and a good part of it was going past the connector and touching the motor which was shorting the connection. so i just bent the wire back and poof it works. Then while putting it back together the fucking red wire broke off the switch!! So i just stripped off both ends of the red wire bypassing the switch so the only way to turn it off is taking out the bat. I plan on getting a new switch but for now it works. She gave me a big old kiss and everything is good now, Santa is no longer on her shit list. I also started work on the next rev. of AHG.

Crazy, crazy

2007-12-28T16:07:00.000-08:00

Its been a nice fast short week at work but for the last to days the network has been on the fritz fucking with the phone system and everything, man it was bad. Well i finely got it tracked down to our 3 month old Linksys 40port? switch. One of the ports was jabbering to the network and just killing out networks bandwidth so we went to office max and got some crappy dlink as a short term fix. Not sure what they picked for the replacement. I made this post only cuz i have never seen this before where the switch was the one jabbering like it was. It was a major bitch tracking it down.

A merry christmas message ...

2007-12-24T16:20:00.000-08:00

follow the link below for a nice holiday message from me "AA" and Warner Bros.

click here

w00t w00t

2007-12-22T17:15:00.000-08:00

HTTP Request Forager v1.1 made 100 downloads today!! Im hoping AHG will make that soon as well. I know with your help it can be done!!

JaFUN

2007-12-21T18:25:00.000-08:00

I just started playing around with javascript, i guess its about time really. I made a little user info box at the bottom of the nav but im still working on the ip part as you can tell it doesnt work :( If you can help out drop me a line.

A Hackers Gadget beta 1 is ready

2007-12-16T16:53:00.000-08:00

I made a little Vista gadget that has the HTTP request forager i made builtin to it as well as a port scanner i made but never put out. I hope to be making some updates to this soon. For now however you can DL it, try it and tell me what you think.

::DOWNLOAD::

They never learn

2007-12-10T08:01:00.000-08:00

I saw a news posting on SecurityFocus that pissed me off to no end. Short is this company Autonomy is trying to sue a security firm for posting a exploit to the web that has already been fixed, i guess to uphold their sense of integrity perhaps or security thou obscurity. So in other words they want snoopy security firms to keep their mouths closed about their findings so....Maybe we should just stop telling them about our findings and start showing them like crackers have been going for years.

...crap

2007-12-07T09:40:00.000-08:00

Got a new attack in the dbase, sorry i havnt been making many updates but i only have internet at work. my home connection is out for now and i have no idea when ill be getting it back :*(

HTTP Request Forager v1.1

2007-11-28T17:25:00.000-08:00

Heres a script I made to forage HTTP requests for pen-testing

Download

Useful Things

2007-11-26T07:58:00.000-08:00

Posted the sites first "Useful Things" plunder. a JavaScript Shell, very "Useful" thing for pen-testing XSS holes.

Think Thin

2007-11-14T18:49:00.000-08:00

Think Thin
The skinny on thin clients
Part 1

::Intro::
In this installment of the series we will be looking at the What, Why, How, of thin clients. I made this in a two part series because this is a fairly new piece of network device technology that is popping up in our libraries, Internet Cafes, and production floors or offices all over the world. I just feel an in-depth look at thin clients and thin client technology is needed.

::What is a thin client::
In a thin client environment, clients act as terminals providing access to application and data on the servers. Rather than holding data individually on each node, applications are instead held centrally with users accessing them across the network. This way most of the data handling and processing is done on the server side.

A thin client may process only keyboard input and screen output, leaving all application processing to the server. This dedicated main server provides applications and other resources to a large number of terminals. The terminals often have just enough intelligence to operate the mouse, keyboard, monitor, and Ethernet. A thin client generally does not have a hard drive, or any other kind of drive for that matter.

Many of the latest developments at IBM *www.ibm.com* and WYSE *www.wyse.com* operate with Windows XPe, Windows CE, or embedded Linux. They have integrated Wireless, embedded network testing tools *ping and trace* and Internet Explorer or Net Scape for the linux clients, printer ports, USB 2.0, FireFox and a small amount and free ROM space to upload programs that can be accessed directly from the thin client.

::Why are so many people using thin clients::
The use of thin clients are first and for most because it can reduce annual total cost of ownership by $1000 per device per year or more in harsh environments!! This of course has IT maintenance time and replacement costs figured in, in fact a large portion of that cost reduction comes from less IT cost to maintain the network and the nodes/devices with in. Nice easy upgrading, and easy deployment of security policies, these are due to the fact that every thing is done on the server for the most part. In some situations a admin is on site maybe 10% of the time if that.

Another unique quality of the thin client is its super small foot print. About the size of a cable modem, the thin client can go places a typical desk top can not like smaller places and makes it much more mobile and less cumbersome.

::How does all this work?::
A preconfigured unit when first turned on with network access will go to the FTP server specified in the network config panel, then download the following files: a global user file usually called wlx.ini, a single user file username.ini *this file is always kept in the sub dir of /ini, that is if the global file is in c:/thin then the single user file is in c:/thin/ini and generally supersede the identically named global parameters, * and a add on files *these are kept in the addon sub dir*. These files must be created and maintained in plain text. If the thin client cant find the wlx.ini file it default to wnos.ini. DHCP can also be used to direct the thin client to the FTP server.

Users have three privilege levels of access to thin client resources:
High (default) - No restrictions.
Low - This is the level assigned to a typical user and is the thin client default.
None – The System Setup selection on the desktop menu is disabled. The Connection Manager is available, however, the user cannot create a new connection or edit an existing connection.
These privileges are in effect before login and governs access to system facilities even when the login dialog box is displayed.

The Login:
Guest – No password and no access
Stand-alone User - Makes operation of the thin client possible when user profiles or
PNLite apps are not available.
PNLite-Only User - This is similar to a Stand-alone User except that apps published by PNLite services are available (the IP address of a PNLite server is entered into the ICA Network Setup dialog box).

Ok now that the thin client has everything it needs to work you will see icons on your thin clients desk top, the icons act like short cuts to the app you want to use from the server, such as a web browser. After you click on the icons, you then will be logged on to the network and given access to the app the icon points to, as you red earlier the config for the icons are sent in the ini files the thin client gets from the FTP server. Now while its connect to the network and using the server app its operates over the net work using Microsoft’s RDP or Citrix’s version of RDP, so even if all you seem to have access to is a web browser, underneath you could have access to everything on the server that is hosting the app you are using.

That’s it for now, the next installment will be about hacking the thin client network to shreds.

Think Thin: The skinny on thin clients part 1
By: Anarchy Angel
anarchy.ang31@gmail.com
Thanx to: ibm.com, wyse.com, and google.

Party time you gouls

2007-11-03T19:56:00.000-07:00

My brother had a Halloween party at his house today. It was a great time, my kids really enjoyed it. Great food + great beer = great time :) I want to thank Dave and Mary for doing such a great job with the decor and setting up the kids games with prizes at the last minute, you guys did a hell of a job.

Tor, tor, tor...

2007-10-31T17:55:00.000-07:00

I now have two Tor servers up and running. One at home here on mah cable and one at work on a T1!! :) What ya think bout that??

NMAPbat

2007-10-27T20:15:00.000-07:00

DOWNLOAD

Name: NMAPbat
By: Anarchy Angel
URL: aahideaway.blogpost.com
EMail: anarchy[DOT]ang31 [AT] gmail [DOT] com

This comes with NMAP v3

Scan types:
sS - TCP SYN stealth scan
sT - TCP connect() scan
sU - UDP scan
sP - ping scan
sF, sX, sN - Stealth FIN, Xmas, or Null scans

You can also Set a range from port 1 to whatever you want

Sample: c:/nmapbat 192.168.0.1 sS 80
That sting will scan target 192.168.0.1 using a TCP
SYN stealth scan port 1 to 80

Defualt port range is 1-31337

I got sick of having to input these commands and anti-IDS settings while pen-testing the comps at work. You can use NMAPbat to get the most out of NMAP and its awsome abilities.

DOWNLOAD

OMG!! part 2

2007-10-26T20:55:00.000-07:00

So I got it fixed kinda. It turns out I had to download usbstor.inf to c:/windows/inf directory. Only now i have to go to device manager remove my thumb drive and make shista look for new hardware. . . GOD I hate M$.

R.I.P. Jade

2007-10-22T19:02:00.000-07:00

My little Jade got killed today as she ran across the street in front of my house. I have had her as a pet for almost 6 years now, she was still just a baby. She loved the out doors, and hunting mice, rabbits, and birds. She also enjoyed picking on Cody "our dog" and sleeping in his bed and my chair. She leaves behind her brothers Kory, Joey, Jobe, and Cody. One Sister Kaylayn, and two loving parents, Christina, and Adam. She will be greatly missed by those she loved and those who loved her.

OMG!!

2007-10-17T17:36:00.000-07:00

Holy shit Vista is pissing me off!!!!! For the life of me i cant get flash drives to work in the POS, from what i have been reading from M$ forums lots of ppl are feeling the same woes i am. I have tried every thing i can think of and everything in the forums. I fear i will be w/o my trusty flash drives until M$ gets around to making a fix for it :o(

Inboxdollar$$

2007-10-15T19:04:00.000-07:00

Got mah first check from inboxdollars.com today :o)!!!!!!! it only cost about 6 dollars for a offer to get 28 bucks from them. You can do surveys, read emails, get cash back for shopping online @ stores they are affiliated with and they have tons of stores to pick from so you can get anything you want get cash back and in some cases they have deals running so you get money off as well. You can also play games and get paid for it, and tons of great free and cash offers. If your a first time user you also get a 5 dollar sign up bonus. If you want to get paid for doing as little as possible and start with inboxdollars click the link below.

Ubuntu saves the day!

2007-10-11T18:12:00.000-07:00

Ok so i told you about the new laptop for work and the issues with Vista, well when i got to work this morning me and mah boss talked about it and decided to give that laptop another try since the hardware as so bad ass and dual boot it with ubuntu which worked great! it got done around 5 so i didnt get the wifi working in ubuntu just yet and is was going to do it tonight but i had to go to mah kids open house at school and mah other kids PT conferences so mah night was all spent. I did find a nice little video on youtube on how to install Vista in about 2 min.

see the install vid here

Ima go to the Microsoft and take a Vista

2007-10-10T19:02:00.000-07:00

So at work today we went and got me a new acer loptop! Its nice, AMD 64 x2, one gig RAM, and Vista. Well we get it back to the office and i get to work on setting up some network devises and what do ya know, Vista takes a crap!!!!! I mean i cant even get this manure to boot at this point so i reinstall and what do you know i get a blue screen of death WHILE IM INSTALLING!!! So i start all over, reinstall worked great this time. Only i cant use the built in wifi and the screen rolls when it comes out of hibernation :*( imma take this bitch back.

PBX junk

2007-10-09T13:36:00.000-07:00

We have a PBX server at work which consists of Ubuntu with Asterisk and FreePBX. As for now the box isnt exposed to the Internet so that side of the security we have covered, the physical security is our biggest issue. I mean we dont want someone waiting in our lobby unattended to unplug the phone and hook up his laptop and have access to our network. Now while we do have a firewall between the voice and data network we took it a step further by using MAC filtering on both the firewall and on the PBX server it self. We also put PWs on the extensions to prevent someone from routing calls that way.

Samba Madness

2007-10-08T15:48:00.001-07:00

We are setting up a new network at work to go along with the new office we are moving to, they want to have access to file shares on the main intranet server which is running ubuntu server with webmin and they dont want to have to use any IDs & PWs. So I set it up to allow all access from anyone using webmin. The down side is this also opens 139 to the net. So I "for now" am going to just block the port at the firewall. I want to set some security in Samba it self but cant seem to find anything that doesnt force the user to input IDs & PWs. Using the firewall is a nice little fix that isnt to messy but any idas are welcome.

Firsties!!!1

2007-10-07T14:32:00.000-07:00

With my first post I give you Asterisk/FreePBX default feature codes and the config files they come from.
As well as a link for install help for FreePBX on many platforms

Install help link [HERE] - lots of ppl use these so they can be a great place to look for passwords, or getting help installing FreePBX

Default feature codes:
extensions.conf
*411 — Directory
*78 — Do Not Disturb activate
*79 — Do Not Disturb deactivate
*98 — Check voicemail (enter extension)
*98nnn — Check voicemail (extension nnn)
*97 — Check voicemail (for calling extension)
*70 — Call Waiting activate
*71 — Call Waiting deactivate
*72 — Call Forward activate
*73 — Call Forward deactivate
*90 — Call Forward on Busy activate
*91 — Call Forward on Busy deactivate
*69 — Call trace
*11 — Log in (not used for fixed devices)
*12 — Log out (not used for fixed devices)
888 — Barge-In (unconfirmed)
8nnn — Meet-Me conferencing (nnn = 1 to 4-digit extension number)
*77 — Record announcement
*99 — Playback announcement
7777 — Simulate incoming voice call
666 — Simulate incoming fax call (unconfirmed, please update wiki)
*43 — Echo test

extensions_custom.conf
*60 — Time
*61 — Weather
*62 — Wakeup call
*65 — Playback extension
300 3nn 91npanxxxxxx — Set speed dial nn to 9-1-NPA-NXX-XXXX
3nn — Dial speed dial entry nn
*3nn — Listen to / dial speed dial entry nn

features.conf
#70 — Call Parking (Will park call on ext#71-79 and announce)