Dansguardian, Webmin, and Ubuntu.

So i have my Ubuntu box set up as my networks NAT router, DHCP, and DNS server. Now I have a few kids and well i cant keep an eye on them all the time and while i do log their activity online i often miss lots of things in the logs as they seem to go on for ever and it got to the point that i just stopped looking at them are started looking for a better system. A while ago i had a content proxy server running on a XP pro box that seemed to do the job but was really unreliable and stop working all together at one point, so i set out to see if i could find a linux solution. I came across Dansguardian, which from what the website said was %100 better then the ones i had found for winblows. The only down side was all the install help files i could find all had you downloading firehol and tiny proxy, but non of them had a Webmin mod. So i went in and downloaded Squid proxy using Webmin 1.4 i had to edit the mod config to point to the right dir and i was hopping to use Squid as a replacement for tiny proxy. I already have Linux Firewall set up via Webmin to do NATing so thats all good, all that was left was to apt-get dansguardian. The install whent fine. I did have to chmod a few files for install, nothing big. After install i had to edit dan's config file to point it to the address of the proxy "Squid" in the networking section of Dan's config file. Now i have full web content filtering in action so no more boobies on the web for my kids :P the next step is forcing all connections to dan with out making changes to the end user's computer.

Back at it again...

Yep im, for what should be the last time, going to work on another release of A Hackers Gadget. Im going to do a little something to the port scanner and i have a few new little ideas that should make some buz. Dont look for it any time soon however cuz there is lots i plan to put in this baby, the only real hard thing im going to be facing is how to keep the gadget compact to its not taking up all the sidebar space. Along with the reopening of the M$ gadget project im starting to look at google's web gadgets, and i may even play around with firefox addons. Thats last one however is on the far back burner if you know what i mean.

OMG, WTF!!!

So i get a call at work from cmoney telling me that she go pulled over by the cops in what ever town on her way back from taking the kids to the dentist office, she also tells me that the van which i told her on many occasions to get registered, isnt registered and thats why she got pulled over, thats not the best of it yet. I my self have been having car trouble and have no way of getting to her, the kids or the van. She then tells me that she also has no licenses so she may be going to sit for a little while and they are going to tow the van if a licensed driver isnt there in 5 minutes!! So i got out of work a hour early, missed class and by the end of the day $360 in fines from her and another $100 to get the van registered, that i had to do despite the fact that in im the van for 15 mins at the most a week and its her "car" and i work all day and have class 3 at night while shes home all day and night with the van. Ok im sure that at this point i am no longer making any sense so ill end this post here.

M0|23 pA$sword Crack1n6

First if you didnt already go download John The Ripper. Ok now HERES a passwd file i took from on of my old Ubuntu boxes, download it to the unzipped john dir. Now download THIS word list file to the same place you downloaded the passwd file to. Now open a command promt "Start->run->cmd" and goto the dir john is in and the rest of the files you downloaded above. Now type "john --wordlist=n_common.txt --rules passwd.txt" These settings should crack the password in just a few seconds. You just cracked your first DES encrypted password. John can also crack BSDI, MD5, BF, AFS, and LM hashes. You can find word lists from all over the place just ask google for one. As for more passwords to crack well i leave that up two you.

So easy even winblows can do it pt2

Another way to make winblows more hacker friendly is to have it run Python. many good hacker programs are coded in python and im sure at one point or another you have come a across a program or two you wanted but thought python = linux, and this just isnt true. Goto python.com and find the Downloads section or something close to it and find the install package for winblows. Python is %100 free and a easy setup, even a kid could do this one, just let it install using the defaults that it picks for you. I know some of you dont like hearing that but to make sure path environment variable is set correctly i suggest you do it that way. The one thing you can change is the install path of python, when you get to the "Select Destination Directory" part of the install you may want to change it to c:\py instead of c:\python25 youll know why in just a moment. Now once you have python installed and you have a py program "called run.py" you want to run just put it in the dir c:\py open a command prompt goto the dir c:\py and type "python run.py" and poof you running python programs just like in linux, just like a hacker LOL. it should look something like

c:\py> python run.py

Hackin Upnp

I have been doing lots of research dealing with upnp and php with the goal of making a nice little tool to control any upnp enabled device or program. I have been working on this for a while now and decided to put out some small samples of php code. This snippet will discover all devices and programs in a LAN using upnp. This snippet will only send out a discover packet, you will need to be running a packet sniffer to see the replies.

?php
$host = 'udp://239.255.255.250'; //upnp broadcast address
$port = "1900"; //upnp service address
$fp = @fsockopen($host, $port, $errno, $errstr); //socket to send out packet
//start of discover headers
$soap_out = "M-SEARCH * HTTP/1.1\r\n";
$soap_out .= "HOST: 239.255.255.250:1900\r\n";
$soap_out .= "ST: ssdp:all\r\n";
$soap_out .= "MAN: \"ssdp:discover\"\r\n";
$soap_out .= "MX: 3\r\n\r\n";
//end of discover headers
fputs($fp, $soap_out, strlen($soap_out)); // send request
fclose($fp);
?>