Security - Hacker Forums

Here is a list of commands that you may need in case you ever need to work on a CISCO switch. Most people use port security with these types of switches.

show run – This command will show the current configuration of the switch.
show mac add | inc 0000 - where 0000 is the last 4 characters of the mac address you are looking for. This command is used when looking to see which port a computer is configured for.
config t – this command will put you in configuration mode.
int fa0/xx – this command will put you in interface configuration mode for port xx on the switch. You need to be in “config t” configuration mode in order to use this command.
Once you are in interface configuration mode you can type various configuration commands. Typing a “no shut” here will open the port up for use. Typing a “switchport port-security maximum 100” will also help unsecure a port as well as removing the “sticky” option on the switchport lines.
(continue reading…)

Early Sunday, a video posted on the “Miley and Mandy Show” YouTube page falsely claimed she’d been killed by a drunken driver. Miley’s BFF Mandy Jiroux featured a two minute long video. Jiroux’s supposed message reads: “Hey guys, this is Mandy and I have some very sad news :( …We’re very hurt to tell everyone this, but Miley died this morning after being hit by a drunk driver. Miley told us if anything ever happened to her, then we should let her fans know before the public…R.I.P. honey, we will miss you so much.”

Jiroux tells E! News that the video is the work of “a hacker”.

Miley mus have some serious issues making good passwords.

The University of Florida’s dental computers got hacked and over 300,000 records were stolen. The IT staff at the UOF found unauthorized software installed on the dental clinics server.

Altogether, the hacked information included patient names, addresses, birth dates, Social Security numbers and, in some cases, dental procedure information dating back as far as 1990.

The FBI is helping out the University in it’s investigation. The FBI? It seems that the FBI is mostly working on hacking cases these days. The budget for the FBI’s cyber team must be huge.

Have you ever been in an airport or someplace where you can connect to a WiFi hotspot, but are required to pay for Internet access? These paid WiFi services usually base their subscriptions on the MAC address of the person paying for the service. To bypass this you need to find a MAC address that is subscribe and change your MAC address to their MAC address.

First you need to download Wireshark, a free WiFi and Ethernet sniffer tool. Using Wireshark you can sniff out active connections and get a list of active MAC addresses. After finding and writing a few MAC addresses down you need to download TMac, MAC address changing software. Use Tmac to change your MAC address and try surging the web. If the MAC address you are using has Internet service on that WiFi access point, you should be able to get right on with now issues.

After running several network scans I’ve noticed more and more computers running a VNC Server. VNC basically lets you take full control over a computer as if you were actually sitting in front of the computer. After noticing this I thought, boy it would be nice if there was a VNC Password Cracker out there, and I found one called “VNCcrack”.

VNCcrack is a fast offline password cracker for the VNC challenge/response protocol. If one can somehow observe a VNC authentication, then VNCcrack can run a dictionary attack against the exchange and attempt to find the password.

It works by scanning a pcap file (as generated by the common tcpdump tool) for VNC challenge/response exchanges, then checks against a preexisting wordlist (reading from stdin is also supported, allowing the use of John the Ripper, see the documentation in the tarball for further information). It is quite fast and can check well over a million passwords a second on a 2.4 GHz Core2 processor.

It has been tested to successfully recover the password of an exchange between a Gentoo Linux/amd64 client and a Windows XP/x86 server, both running TightVNC 1.3.9.

The phone, which runs the Android operating system, an open source platform developed in part by Google, went on sale in the US last Wednesday, and hits UK stores on Thursday.

This really doesn’t surprise me too much. Most initial release open source software has issues, as the exploits are easier to find having the source code so readily available.