Friday, April 29, 2011

:\

Weight is up. 250 lbs. 45 inch waist, 43 inch hipps, 13 inch forearms and 8 inch wrists. :(

22% body fat. Oh well... of to do my kettlebell workout.

Monday, April 18, 2011

it all works...?

go the laptop working, got the netbook working. Even went war driving tonight.Tomorrow, I'll convert the data to the right file to load into google earth

So current toys for war driving.
Netbook running Windows 7 / Ubuntu / Backtrack 4r2, with an encrypted 90gig share.
Alfa wireless (needs an antenna for the top of the car)
BU-353 gps dongle

Sunday, April 17, 2011

wasted day

So, I got some new toys recently. Like Thursday. One was an MP3 adapter for the car. It's kind of nice. But would be nicer if it could go just a little lower in the frequencies. I found that 87.9 seems to be a good channel to use, but the new device only goes down to 88.1. Which has a station on it.

Boo for living in one of the largest radio markets.

The other toy was a BRU-353 GPS dongle for my computer. Which I want to use with my Alfa wireless card, and laptop or netbook to go war driving. I spent most of the day trying to get the the GPS to work. It hasn't yet. I don't know if the problem is faulty hardware, or if it was because I was in my house testing. Although I had it suction cupped (comes with it) to my front room window. So hard to tell.

Although in the process I ended up breaking my laptop. I use it the most, prefer the keyboard and shape. Sure it's not a widescreen monitor but that is fine. The keyboard on the Eee PC netbook is just a little too small, and the trackpad way to sensitive.

So I broke the laptop. By installing and removing programs trying to get the GPS to work. Some how, the system got messed up and figured it didn't need some 300 odd packages related to Gnome / Desktop environment. It dropped it's network management software too.

I was happy between /var/log/dpkg.log, some awk and sed, and a little help from my netbook and usb drive I was able to recover the networking. Which led me to being able to recover the rest of the software. :)

I really thought I was going to have to go through the hell of re-installing.

And I just got done installing backtack linux 4r2 on the netbook. Triple boot, but ubuntu isn't booting so I'll have to solve that. Think it'll just be a case of fixing grub.

Life is good. My head only hurts a little. :)

Although I still need to get the GPS dongle working, and get a magnetic mount antenna for the car to war drive with.

Sunday, April 10, 2011

Hacking Dojo week 2

So this week was a little interesting in how it came about. And why I'm not posting on it until so late tonight. Monday, for class, due to issues with work, I was going to be late. I loaded up skype on my Galaxy S, to either start listening, or something, and saw that Thomas Wilhelm had bail on us last week. Worked out for me, I was 20 to 30 minutes from being somewhere I could take the class.

This Week's Class:
So the 2011-04-04 class was on Passive Informtion gathering as listed in the ISSAF. The class is canceled didn't mean that we got a free week. Instead we were told to pull the video from 3 months ago, off the site, and watch it.

The topic was searching for as much information for a target, based on scope, without touching the target's servers at all.

One of the things I caught in the video was the use of Personal Wiki's to keep track of your notes during the course of the attack. Something a little better than a text editor. I can see the point, to a point. Easier to make call outs, add images, links and other things than a text editor. So I spent some time today looking for a personal wiki. I'm trying Zim right now, but might just do a local install of media wiki. I've used Leo in the past, but that's less a wiki and more an outlining tool. (Offensive Security uses Leo for their stuff).

Some of the tools covered were remote whois and dns look up servers. How Google caches work and how they don't cache images but hit the servers for them (Google cache only copies text everything else it pulls live from the web site). How to use the Wayback Machine at archive.org, and how to search a couple of other things.

A lot of what was covered here, was in the recon chapter of Dissecting the Hack: Th3 F0rb!dd3n N3tw0rk and Hacking: The Next Generation.

Also, if anyone is interested in signing up for the class. I found out yesterday the course cost is going up by $50.00 soon, but if you get in now, you'll be locked in at the $95.00 price, until you cancel.

Wednesday, April 6, 2011

injury... :(

So on top of getting sick last week, sinus infection, I landed wrong on my hip. My bad hip. I've been limping off and on for about a week now. Thing is still sore. It's been bad enough, that I've thought about getting my cane out.

I ended up missing the 5k I was looking forward to. I'll have to see if I can get the hip back in shape enough, and work up enough to try one later this month somewhere.

Saturday, April 2, 2011

Hacking Dojo week 1.

So I signed up for the Hacking Dojo recently. At $95.00 a month for 1x a week hacking class it seemed like a good deal. I figured I'd do a running review of the class on my blog. Maybe I'll write up a fancier one later.

The Hacking Dojo has several different levels. The lowest level is actually a 2 month class, that teaches the "Basics". Things like scripting, virtual labs, etc. The others are a pay by the month class.

The Class Format:
The class meets once a week at a set time. The classes meet via Skype conference call, and a web based desktop sharing program for "screen casting".

You can join the class at anytime, as long as there is an opening. Other than the Mukyu, which is ran for 2 months and can only be joined at the start of the cycle.

The Shodan Level, the one I'm in, are designed to recycle every 3 months. Basically go through three months of classes and then if the students have kept up with the home work and labs, they can test out of the class to the next level. The Shodan level classes are designed to teach students the basic frame work of Penetration testing. The exam is just as much about the ISSAF as it is about hacking the system.

First Impressions:
So I started with the Shodan class, because I have experience with Virtual Boxes and Virtual Labs, shell scripting, and some of the other topics that were covered at that level. I can't scrape a web page yet (one of the things you're expected to already know how to do in the Shodan class), but I'm sure I'll be able to figure it out when I have to. The one thing I'm more worried about is the lack of scripting / programming I've done over the last couple of years. I can do some basics but been a long time since I've had to do any real scripting.

I kind of lucked out when I signed up. I've been saying I'm going to for a while now. I was going to start with the lower class, but said meh, go big or stay on the porch. The first week's class I was lucky. It was the Review class for the last 3 weeks. It works good as an over view class too, giving the student an idea of what is to come.

The class incorporates both a Wiki and a Forum for peer level conversations. However, probably possible for a little bit of mentoring there too. But I haven't looked into it that much yet.

Moving to the next level:
To move up to the next level, you can ask to take the test at any time. It is a 2 part test. Both parts are timed. The first part is a 48 hour written exam, that must be passed before taking the second part. It's not just a bunch of answers, but includes having to prove your work with screen shots. The second test is the Practical exam. Where you have 72 hours hack the system.

After passing, you can move up to the next level, Nidan.

Stick around, my next class is in 2 days. I'll update sometime between then and next Sunday.