Article Archive for December 2009
On this episode of Hak5 Darren joins Jenn Cutter in Toronto to talk IP Spoofing, Tethering Terms of Service, World of Goo mods, Linux Drive Encryption, 13″ Ultralight notebooks and more.
Proof that Hak5 can be produced under heavy medication, Darren & Shannon go over some nifty tips for tethering your Droid in Ubuntu without root access, generating themes for popular CMS like Wordpress or Joomla, and more.
While still early in it’s development stages, Google’s upcoming Chrome OS is a neat OS to play with — especially on a netbook. While the Virtual Machine images floating around are nice for a glimpse, if you really want to immerse yourself in the Chrome OS experience it’s best to boot it from the metal. This can be achieved by “burning” this Chromium OS image to 3GB or greater USB or SD media. Here’s a torrent.
Read more
It was only a matter of time before we put Doom on The Zipit Z2. The recently unlocked linux-based wireless device is a prime candidate for fragging, what with it’s QVGA color display, WiFi and all. After unlocking, installing Doom is simply a matter or launching Fluxbox with startx and downloading PrBoom, a cross-platform Doom Source Port, with apt-get install prboom. The trick in launching PrBoom from /usr/games/ is to add the -width 320 -height 240 parameters. While PrBoom comes included with Freedoom, a free and open source Doom compatible IWAD, you may provide your own doom or Doom2-iwad parameter.
As expected the Motorola Droid has been rooted. That is to say there’s a hack that’ll unlock SU, or super user privileges on the phone. The hack is essentially su bundled in an unsigned update that can be run from the SD card. The unlocking process, which has changed since introduction, is outlined at this AllDroid.org forum thread.
Read more
Hacking the Motorola Droid: Root Access! A Linux Doom source port on the Zipit, Booting and installing Chrome OS from USB, your Wordpress picks and much more.
Darren demonstrates a little man-in-the-middle attack using SSLStrip, an epic tool for removing that pesky encryption from your victims browsing session. Go from secure site to clear-text passwords in one simple step.
Read more
After much request we’ve dedicated an episode to every hackers favorite framework, Metasploit. Room362.com’s very own Rob Fuller (aka Mubix) joins us in studio to show us the basics of exploiting and the power of auxiliary modules.
Darren demonstrates cracking Microsoft VPN tunnels using the MS-CHAPv2 authentication protocol using Joshua Wright’s tool ASLEAP and talks about the theory behind the attack.
Read more
A Virtual Appliance can be though of as a software image containing a supporting stack designed to run inside a virtual machine. A quick look at vmware’s virtual appliance directory shows that there are hundreds of applications that can be quickly and easily deployed. In this segment I take the Dimdim open source virtual appliance, designed for vmware, and deploy it with VirtualBox (just becasue I can).
The age old scheme for bypassing restrictive firewalls, like those that block sites at school or work, has been to use a web proxy. Of course this is followed up by the network administrator blocking all mainstream proxies. But what if you could run your own? Well, you can and it’s really freaking easy. In this segment Darren demonstrates PHProxy
Read more
Never again have your curious Google searching or social networking adventures be thwarted by your school or office firewall. Darren show off free and easy ways to bypass the filters using SSH or your own homegrown web proxy.
Read more
