Officially I’m out of the hacking cracking phreaking scene but here are some of the tools I use to toy with.


First and foremost, never expose yourself by attempting breakins when you can merely rely on the intelligence (or lack of) normal everyday users. It’s far easier to get what you need from a secretary thats freaking out because an executive is calling her with his urgent problem...I think my favorite T-shirt pretty much sums it up-

Dsniff and ethereal are probably the most common tools I once used after the target has been identified. Dsniff is a collection of tools for network auditing and penetration testing. dsniff, filesnarf, mailsnarf, msgsnarf, urlsnarf, and webspy passively monitor a network for interesting data (passwords, e-mail, files, etc.). arpspoof, dnsspoof, and macof facilitate the interception of network traffic normally unavailable to an attacker (e.g, due to layer-2 switching). sshmitm and webmitm implement active monkey-in-the-middle attacks against redirected SSH and HTTPS sessions by exploiting weak bindings in ad-hoc PKI.
Ethereal is a pretty decent free sniffer with a great deal of filters and options. Ettercap works pretty well to for sniffing SSL passwords...  Just for prooof of concept, here how easy it is- granted the user has to accept the bogus formed cert..


More later when I get time...


[Home] [My Work] [Dish Hack] [Linux] [Firewall] [Netware] [TCP/IP] [Hack] [NSA] [Files] [Pix] [Hardware] [Switch Traf] [Magic] [Night Sky] [Weather] [Freq Scan] [IDS] [Rush] [.] [Prophet] [Entropia] [Electronics] [LHC] [Instinct] [Instinct Fix] [NAS] [iPhone]




Click for Bloomington, Illinois Forecast