Download HD Download MP4 Download XviD Download WMV

Airport WiFi Challenge – Jasager and Deauths

Once again my travels take me to a wonderful and target rich environment — the airport.

And while I typically don’t take on challenges, this one tickled my technolust. I was asked how many clients I could harness with a WiFi Pineapple during a typical hour long layover at the airport. I figured this was a great opportunity to test out Airdrop-ng.

Your Ultra Software Picks

In a follow-up from episode 703, Shannon counts down your Ultra software picks, including:

• Total Commander
• JkDefrag
• Ultimate Boot CD
• Super Anti-Spyware
• Process Explorer

Download HD Download MP4 Download XviD Download WMV

Malware Analysis Sandbox

CWSandbox is an automated malware analysis sandbox. It works by running suspected malware samples in a simulated Windows OS. So as opposed to trying to break into the malware code to see what it does, we simply run it in a live environment. That way we can monitor all the network traffic that the malware generates. All of the processes that are created, the DLLs that are loaded, any changes to the Windows registry and even what it’s doing to the file system.

This is achieved by using a technique called API hooking. That basically means that when the malware calls the Windows application programmers’ interface to say something like “connect to this IP address” or “modify this file” it’s actually going to CWSandbox’s monitoring software, which logs the action and goes ahead and makes the change.

It’s kind of like an operating system man-in-the-middle. For malware.
So once a suspected malware sample is run through the tool you get a computer generated report of what the executable is actually doing. And this can be fed into anti-virus and intrusion detection systems to monitor for similar behavior.

PC Remote Control over Twitter

While there is no denying the power of running your own SSH, VNC server at home for remote access, wouldn’t it be nice if you could simply text message your computer something simple like “Hey, what’s your external IP address” or “Send me a screenshot” or “Go download this file”

And if Robin Wood has taught us anything with KreiosC2 – commanding your computer, or even a large botnet for that matter, over social networks is quite possible.

But now it’s time for something a lot more user friendly. This week Snubs investigates TweetMyPC

Matt goes on to explain that in the vSphere product by VMware you can use the APIs to write, basically, a software based switch to compliment your existing deployments. Check out the Cisco Nexus 1000V. It’s a software implementation of a Cisco Nexus switch. I’d love to get my hands on it but at nearly $1000/year I’ll find something open source. Speaking of which, we’ve been meaning to play with a Cisco virtual network application but are in need of an ISO. If you’re privy to an open source alternative or can help out drop us a line.

Download HD Download MP4 Download XviD Download WMV

—
Title: Virtual Routers?
Time: 3:20
Keywords: virtual router, virtual machine, vm, virtualization, vmware, virtualbox, cisco, nexus, nexus switch, cisco nexus, nexus 1000v, nexus 1000

Joe Switch writes in to ask what the deal is with Virtual Routers and other such untangable networks. Matt has the answer. The way I understand it your more high end (read: expensive) Cisco and Juniper routers have virtual routers built in — much like you might have a virtual interface like eth0:1 in Linux — to manage VLANS, IP subnets and such.

Matt goes on to explain that in the vSphere product by VMware you can use the APIs to write, basically, a software based switch to compliment your existing deployments. Check out the Cisco Nexus 1000V. It’s a software implementation of a Cisco Nexus switch. I’d love to get my hands on it but at nearly $1000/year I’ll find something open source. Speaking of which, we’ve been meaning to play with a Cisco virtual network application but are in need of an ISO. If you’re privy to an open source alternative or can help out drop us a line.

Make your own Nintendo DS Games for free!

If it begins with a #include and ends in a semi-colon our friend Jason Appelbaum is all over it. This week he’s in studio covering a subject near and dear to our hearts — Nintendo DS Homebrew.

Let’s face it, the Nintendo DS is a happy little platform full of hacking potential. And with a well established homebrew community it’s the perfect device to start your next weekend project with. Jason takes you from Homebrew 101, including carts and roms, to getting the Dev tools and building your first Hello World app.

For more see JasonAppelbaum.com or email jason@hak5.org

Mac tunneling the free and easy way

Paul can’t hide behind the camera forever, and this week we’re pleased to have him break down the free and easy way to SSH Tunnel on a mac. After Hak5 viewer Lavi wrote in about SSHTunnel 1.6 Paul was happy to check out the program. Thanks for sending in your freeware picks!

SSH Tunneling the cross-platform way with Python and PHP

Another great bit of feedback from the SSH Tunneling segment in episode 614 was from Jan-Marten in The Netherlands. His Hak5 inspired cross-platform Python and PHP scripts, available from his blog johmanx.com allow you to easily configure and save SSH tunneling options. Awesome code Jan-Marteen, thanks for sending it in!

Of course if you have feedback for the show, code you’d like to send by, tips on legally acquiring a cisco IOS, freeware you want to let us know about, questions, or criticisms just write us: feedback@hak5.org

And don’t forget to check out the Hak5 Store for our holiday sale on all new Hak5 T-Shirts, hacked gadgets, pineapples, monkeys and more.

Download HD Download MP4 Download XviD Download WMV

First look at Google Chromium OS

Last week the news was a buzz about Google’s Chrome OS, and while we typically don’t cover tech news on the show I freaked out in my usual open source, cloud lovin’ Linux-y sorta way. So this week we’re taking a first look at Chromium OS — the FOSS project that Chrome is built on.

–Darren Kitchen

Google Voice SMS Scripting with Java and J-Bomb

Google voice is a powerful multi-use tool that could be used as a free SMS aggregator, that could be leveraged for anything you could come up that would fit into 140 charters, like a text based adventure game or a sms bbs. There are several different libraries that people have developed to take full advantage of Google voice’s features: Java Libary, PHP Libary, or for those who just want the raw unofficial API. The sky is the limit with this, the code that was showed is up on the forums, so head over there and get those idea up there.

–Jason Appelbaum

PS: Doesn’t J-Bomb sound like some sort of netbeans module?

Unlocking Linux on the Zipit Z2, a $50 hacktop

The Zipit Z2 is an inexpensive wireless handheld instant messaging device by Zipit Wireless. It sports WiFi, a color 320×240 display, backlit keyboard and similar CPU and memory to that of a last-gen smart phone.

It’s also a prime candidate for some hacking. In this segment we’ll unlock the device and install Debian, X, and Pidgin. The Z2 also has potential for emulators, video streaming and more.

Rather than repeat what has already been well documented we’ll link to these helpful Zipit Z2 hacking resources:

• Hunter David’s blog – A bunch of well documented ZipIt hacks, many with videos
• The Zipit Wireless Yahoo Group
• Quantum Lime’s step by step Zipit Z2 Debian guide