Host ID: 79
Download RITA (it’s free!) - Real Intelligence Threat Analytics - https://www.blackhillsinfosec.com/projects/rita/
HPR 40, on the 24th Feb 2008, was when a (slightly) younger Xoke debuted
Find it at https://getsharex.com/
Xoke interviews Paul Koblitz (@ph4que), Senior Security Consultant at TrustedSec focusing on physical penetration. Also in the shownotes is a template for a 'loid' which Paul discusses in the interview as his favourite tool.
David Kennedy (ReL1K) is a security ninja and penetration tester that likes to write code, break things, and develop exploits. Dave is a Chief Information Security Officer (CISO) for a Fortune 1000. Dave is on the Back|Track and Exploit-Database development team and a core member of the Social-Engineer podcast and framework. David continues to contribute to a variety of open-source projects. David had the privilege in speaking at some of the nations largest conferences on a number of occasions including BlackHat, Defcon and Shmoocon. David is the creator of the Social-Engineer Toolkit (SET), Fast-Track, modules/attacks for Metasploit, and has released a number of public exploits. David heavily co-authored the Metasploit Unleashed course available online and has a number of security related white-papers in the field of exploitation. David has a book soon to be released in June from NoStarch Press, “Metasploit: A Penetration Testers Guide”. David is one of the founders of DerbyCon, a hacker con located in Louisville, Kentucky. Lastly, David worked for three letter agencies during his U.S Marine Corp career in the intelligence field specializing in red teaming and computer forensics.
Following a discussion on Linux Outlaws, Xoke asks if there a way to set up a charity to take donations to support Linux Podcasts.
Apologies for the bad quality. I really was installing DD-WRT whilst recording, for the first time! I tried to tidy it up but it’s still fairly rough!
- Go the the DD-WRT website.
- Go to Router Database.
- Search for your Router (or one you might want to buy), in my case the Linksys WRT54GL from NewEgg (note: NOT a sponsored link and other shops are available).
- Read this stuff: http://www.dd-wrt.com/phpBB2/viewtopic.php?t=51486
- Notes: Initial flashing ‘Mini Generic’ via web interface. Give it at least 2 mins after reboot!
- Installation guide: http://www.dd-wrt.com/wiki/index.php/Installation
- Lifehacker article: http://lifehacker.com/178132/hack-attack-turn-your-60-router-into-a-600-router
- Short version:
- Plug in the router
- Install the mini-generic DD-WRT firmware
- Reboot the router if it doesn’t restart itself
- Install the full DD-WRT firmware. It should restart
- Enjoy the shininess of the new firmware!
- Reset the password and username!
The router restarts itself when you flash the firmware, which is nice. If you change the IP of the router you may have to disconnect and reconnect the network through linux to force it to update the new IP address. Don’t forget like I did!
To set up a Wii via Wi-Fi you need to set the router up as ‘Ad-Hoc’ else it doesn’t seem to show in the Wii menu. I had problems with my previous router being 192.168.1.1 and the DSL being 192.168.0.1 making me hard reset and set the details back up. Might be unrelated to this, however changing the IP to 192.168.10.1 for the router and keeping 192.168.0.1 for the DSL resolved this problem. It was pretty damn simple! At least a lot simple and faster then installing windows! Total time isn’t too long, but I’d recommend having a second router on hand (if you can) to keep internet access in case things go hairy!
Xoke gives us tips on How to handle spam
Xoke talks about installing Win7 ultimate edition in VMware
Xoke talks about wireless access points in his home
Xoke talks about spam and how to prevent it.
Xoke talks about his podcasting script that is available on xoke.org
- Script: http://xoke.org/scripts/rec/
Xoke talks about Copyright and creative commons
Stephen Fry talks about the History of Copyright
Xoke continues his programming series
xoke explains how he sets up his monitor
for x in range(1, 10): print(x) for x in range(1, 11): print(x) y = 0 for x in range(1,101): y = y + x print(y) y = 0 x = 1 while x < 101: y = y + x x = x + 1 print (y) x = 0 y = 0 z = 1 while z < 100: x = y y = z z = x + y print (z) x = 0 y = 0 z = 1 while z < 100: print (z) x = y y = z z = x + y x = 0 y = 0 z = input('What number do we start from?') i = input('And up to which number should we calculate') while z < i: print (z) x = y y = z z = x + y
print ("Hello World") print ("Hello \"World") x = 1 print (x) x = 1 x = x + 5 x = x * 7 print (x) x = 1 + 5 * 7 print (x) x = (1 + 5) * 7 print (x) # This is a comment x = (1 + 5) * 7 # print ("5") print (x) x = "Hello World" print (x) x = "Hello" y = "World" print (x+y) x = "Hello" y = "World" print (x + " " + y) sFirstName = "John" sSurname = "Smith" print ("Dear " + sFirstName + " " + sSurname) x = 13 sFirstName = "John" sSurname = "Smith" if x < 12: print ("Good Morning " + sFirstName + " " + sSurname) else: print ("Good Evening " + sFirstName + " " + sSurname) x = 11 sFirstName = "John" sSurname = "Smith" if x < 12: print ("Good Morning " + sFirstName + " " + sSurname) else: print ("Good Evening " + sFirstName + " " + sSurname) print ("When does this get printed?")
Xoke starts the Programming series giving some background on his experience as well as some programming fundamentals.
Three Prime Numbers: 2, 3 and 5. I will call them A, B and C so A=2, B=3 and C=5 Working through x as the current position, and i being the unencrypted password and j being the encrypted as an array, so i[x] is the 'current' position we get: j[x] = ((j[x-1] + i[x] + A) * B ) MOD C The password example I give is: Encrypting 123 1 (unencrypted password) + 2 (Prime A) = 3 3 * 3 (Prime B) = 9 9 MOD 5 (Prime C) = 4 4 (previous encrypted) + 2 (current unencrypted) + 2 (Prime A) = 8 8 * 3 (Prime B) = 24 24 MOD 5 (Prime C) = 4 4 (previous encrypted) + 3 (current unencrypted) + 2 (Prime A) = 9 9 * 3 (Prime C) = 27 27 MOD 5 (Prime C) = 2 So the encrypted password is 442
xoke talks about being powerless
xoke installs windows in virtual box
Xoke talks about a legaltraining ground for hackers.
Xoke talks about installing Xubuntu
* Spybot Search and Destroy
* Either AVG or Clam AV
* Rootkit Revealer
* C Cleaner
* Disk Clean (part of Windows)
* Scan Disk (part of Windows)
* Defrag (part of Windows)
Firefox Extensions (these work on Flock too)
* Tab Mix Plus
* Custom user chrome file to have tabs on the left as this laptop is widescreen.
* Secure Login
* Adblock Plus
* Download Statusbar
These I use just on Flock
* Morning Coffee
These are my 'dev' profile extensions
* Firebug - has major issues with FF3 though :(
* Web Developer
* Fire PHP
* User Agent Switcher
# PC Man
Most of these (those with a # not a *) are available in the Ubuntu repositories though or are installed by default though.
Hosts file locations
Mac: /private/etc/hosts file
Example hosts file (blocking ads):
Xoke rants about Doctor Who and talks about flock
BBC You Tube page (other non-Who stuff here also)
Various You Tube VIdeos:
Series 4 Trailer. Although the BBC have this you can't watch it outside the UK. This one you can.
Some of my favourite episodes (links to Wiki page for full story and spoilers):
The Tomb of the Cybermen
The Terror of the Autons - The Master (Roger Delgado) and some Autons!
Day of the DaleksSilver Nemesis
The Sea Devils - The Master again (and some Sea Devils)
The Three Doctors - Meet Omega, a Time Lord.
Death to the Daleks
Planet of the Spiders - Spiders, Time Lords, UNIT and more!
Genesis of the Daleks - where it all began
Revenge of the Cybermen
Pyramids of Mars
The Brain of Morbius
The Deadly Assassin - a trip to Gallifrey
The Robots of Death
The Invasion of Time - back to Gallifrey
The Key to Time - and entire season devoted to this
Destiny of the Daleks
Logopolis - the last Tom Baker episode
Castrovalva - The first Peter Davison and the Master
Four to Doomsday
Earthshock - Cybermen!
Arc of Infinity
The Five Doctors - (well actually four of them)
Resurrection of the Daleks
The Caves of Androzani - Peter Davison -> Colin Baker
Attack of the Cybermen
Revelation of the Daleks
Remembrance of the Daleks
New series are all good!
Go watch it now!
part 2 of the sys internals series with Xoke
an introduction to the sys internals suite