new article [April 23, 2012]I wrote a new article on my methods of keeping up on news
Keeping Up With News: An Efficient Approachkeist
New Projects [April 13, 2012]I added three new projects: recipes, protocols and papers, and perspectives.
Protocols and Papers is a collection of high quality tech papers and articles.
Protocols and Papers
Perspectives is of the same style, encompassing academic papers and theoretical writings in political economy, law, and philosophy.
Perspectiveskeist
New Project [April 8, 2012]Lately, I've been keeping up on the news and making an effort to find good, critical sources of news.
With that said, I've decided to create a new journalism project, to document some interesting stories I've come across. It is apolitical, I don't swing with the right or left. I will make an attempt to only post quality articles and research. Check it out, you may find something interesting. It also serves as a reference page for myself and others that I have discussions with.
Journalismkeist
new article - APR Detection [March 15, 2012]I wrote a new article covering an efficient method of monitoring ARP traffic with a multi-homed NMS sensor or a normal host.
APR (ARP Poison Routing) Detectionkeist
new script for AIX [March 5, 2012]new shell script, returns a process bound to a socket. There's no convenient way to do it in AIX, so this will make my life a bit easier.
listsockprockeist
wewt [January 8, 2012]Finally out. Content is nigh.
greg0
new article [December 26, 2011]I'm doing a workshop on networking scanning at a local college
here's a copy of the student worksheet
Notes on Network Scanning
keist
new article [December 24, 2011]Wrote a little article titled, "An Introduction to Auditing on AIX"
Auditing on AIX keist
script: querypwnlist [November 4, 2011]I wrote a new shell script that queries the pwnedlist.com database for usernames and passwords. It reads from a text file, one entry per line, uses wget for the POST method.
querypwnlistkeist
new script [October 24, 2011]grabs the latest PF rules from the Emerging Threats project and auto loads them, cron it, mail it, and walk away:
get-pf-et-rules.txtkeist
packet capture docs [October 3, 2011]added a collection of docs to the projects page on various aspects of packet capture: buffers, kernel structures/internals, libpcap, tuning, high speed etc. These are documents I've been going through for my hack3rcon talk.
dir listkeist
some data [September 19, 2011]web stats with awstats, sickbits.networklabs.org/graphs.html
keist
new script - aix2jtr.sh [September 18, 2011]Added a shell script to convert an AIX passwd file into the john format
keist
bad news/update [May 28, 2011]Our friend greg0 has had some trouble with the law and will remain incarcerated for some time.
We're looking for contributors. I have some articles of quality in store for this summer. In the meantime, I will probably do a few short ones as well. Hangout with us on irc:
irc.freenode.net
#sickbit
keist
hello world [May 16, 2011]kiest, you need to step your php game up so i can irc from my crappy phone
greg0
New Article [May 6, 2011]IP Options: Record Route, Strict Source Record Routes, Loose Source Record Routes
IP Options: RR, SSRR, LSRRkeist
Code Update [April 26, 2011]Updated SICKPost. New features include safer MySQL queries, cleaner code, ability to force a secure connection, and passwords are now salted. Grab a copy
here.
greg0
New Article [April 23, 2011]Inspired by my recent struggles with getting Apache 2.2 to build with support for SSL on FreeBSD and the lack of useful information I found on the interwebs, I wrote
Installing Broken Ports. Enjoy...
greg0
We Have SSL [April 22, 2011]You can now securely view SICKBit
here. Unfortunately the ports tree let me down and there were some issues with Apache and Openssl 1.0, but after about 4 hours of tinkering with it we got it working. We're using a self signed certificate so you may get a warning prompt but it's legit. Enjoy.
greg0
More Code [April 19, 2011]While working on the article about cracking passwords, keist and I had some troubles getting Medusa and Hydra working (didn't get them to work at all actually). We were trying to crack a simple webform that I wrote and we tried both GET and POST and neither worked.
Maybe we weren't using them properly but true-to-form I went ahead and wrote my own little PERL script to take care of the problem for me. A copy can be found
here.
sample output:
[greg0@Carcass ~]$ ./crackform.pl userlist passlist username password POST ERROR host.com /pathto/script.php
Trying user - pass
Trying user - 123456
Trying user - abcdefg
Trying user - opensesame
Cracked: Username = user; Password = opensesame
Remember folks, use strong passwords and if you're writing a login script think about banning after X ammount of bad passwordsgreg0
New [April 17, 2011]Understanding Passwords Part 2: Attacks by Example
is now up and readable.
keist
New [April 15, 2011]I thought our layout needed a nice updating. We've decided that we're never going to use img tags. Just fire up lynx and look at how beautiful our layouts stay =p. If you prefer the old look better, we kept that up
here. Enjoy.
greg0
New Script [April 13, 2011]Added SICKPost v1 to the code section. Enjoy.
greg0