Archive for the 'Hacking' Category

Beating The (Print) System

Published
on April 13, 2008
in Hacking and School
. Comments

Heres a little thing I’ve found which I hope others can take advantage of. At college, using the printers costs you money. Its different depending on the type of paper you want. Black and white A4 is 2p a page, whilst full colour A3 is 20p a page. So every time you print, money is taken from your account and your given your printed page.

To top up the balance you simply go to a terminal, swiped your card, and then insert the money. Once your card has been swiped, it will not forget your cards details until money has been inserted. Simply swipe your card across the machine, and leave it. Wait till overs swipe there cards (nothing will happen) and insert there money.

Technically, this is stealing, but if somebody is stupid enough not to check if their card swiped, then they made a mistake and your balance is topped up.

However, there is one problem with this method. Once your top up is complete, a receipt is dispensed. This can not be stopped currently, so there is printed evidence of whose account has been topped up.

A current balance of everyones print credit account is stored on the main server, in a database. This can only be reached by the sysadmins, so there is no hole to access or update this. Unless of course you know how to perform an SQL injection

This is all I currently know about the print system, and whoever finds / creates a method for free printing will get praise showered apon them. Until then, its simply a matter of time.

We are Soooo Anti-Hax0r

Published
on February 19, 2008
in Hacking and School
. Comment

You know that contract-like document you may have to sign before using a college / universitys computer network? I’ve just fully read mine.

The College reserves the right to monitor any
data stored on its equipment or transmitted to
or from its site. Users should not attempt to
password-protect or encrypt any data as it will
be assumed to be suspect.

Hang on, theres plenty of usage for that sort of thing. Company documents, surprise parties, “personal” photos. If its encrypted, then there is no reason you should be reading it. You don’t let use have full access to your documents so why should we let you into ours?

Send or receive encrypted messages
(except for secure transactions) without
written permission from the Director
of IT.

Like above, its so the “Director” can have a perverse sense of control.

Students must not download programs without
explicit staff permission.

Yet we have full access to a copy of Microsoft C++ Studio, it says nothing about the source code. So you can’t download programs but you can access the source code to programs and compile them on the system.

Streaming of video or audio material that is not
curriculum-related is prohibited as it may slow
down Internet access for all other users of the
system.

Except the media server, and the college radio station, and iPlayer and blah blah blah.

Although these restrictions are done for “our own good”, the network is full of holes easily accessable to anyone who knows basic command line options or the Search tool. Don’t worry kids, your admins here to protect you!


Trust your sysad kids!

Creative Czechs

Published
on January 20, 2008
in Hacking and Video
. Comments

I’m a fan of creative vadalisum. Sure, any old wanker can get a can of spray paint and write “John sucks cock” on a wall. Only an artist can fake a Nuclear Bomb going off.

This little stunt was created by six Czech artists who are known as “Ztohoven”. They took video of the landscape, then added a CGI Nuclear Explosion and re-edited the footage to look authentic. Somehow, don’t ask me, they broadcast / inserted it into a Weather broadcast. It amazes me how clever this is. This seems like a great idea for mischief.

My hats off to all six of you sirs. Learn more via this BBC News article.

Digital Revenge For Dummies

Published
on December 30, 2007
in Hacking
. Comments

Got more brain than brawn, and fancy getting revenge on some arsehole whose given you more than your fair share of shit? Why not do it digitally? Were in a time when almost everyone uses the web, so use it to your advantage.

1. Buy their name.com
Simple and effective. Buy there name for a buck and a bit from somewhere like GoDaddy. Perhaps do something simple with the domain, like link it back to your site. Or perhaps set up an entire website with false information. They could have connections to the Al-Qaeda you know.

2. Fake their email
If you get an email in your inbox from a mate, do you check its header to find out if it really did come from the hotmail server? No, exactly. Although for mass email scams such as bank details, this will stand out like a cat at a dog-pound, but for a single email, it should be fine. All you need for that is a simple PHP script, like below.

$to = "ex@mple.com";
$title = "Example Title";
$content = "Example Content";
$fname = "Bob";
$femail = "bob@bob.com";
$from = "From: " + $fname + " <" + $femail + ">“;
mail($to, $title, $content, $from);

Add a bit of HTML, if you know how, and you have a re-useable form for the sending of fake-mail. Don’t forget, host it somewhere that won’t be obvious.

3. Let the spammers do the job
Just search the net for various seedy sites. Some will have a “free porn in your mailbox” signup form. A guy I know must have pissed somebody off. After searching his email in Google, up came moid.org (down at the time of writing), which contained his email address and “porn that crosses the line”.

4. Become someone on a chat room
Create an account on any major IM services and add them. Chat away, be someone your not, and start to befriend them. Then, when they have trust, start sending files. A few clean ones to start with, unless your going for the kinky angle. Once they have a bit more trust, perhaps try send something thats not clean. Be it a virus or a backdoor program. Hell, if there dumb enough, ask for remote access. P

Perhaps even get them to send you something. If you can stomach a penis picture, that could be something you can use against them. Photoshop does wonders on manipulating the size of an object in an image.

5. Be creative
Everyone has pet peeves. Something they really hate. Think about it. There are a ton of tools for anyone to use. Just stop and think for a minute. Then you may come up with one hell of an idea.

Revenge should be sweet, and although theses ideas are limited, it does start the ball rolling.

Wardog Walking

Published
on December 5, 2007
in Hacking
. Comments

Ever since I got my iPod Touch, I’ve found it to be a great internet device. It is also, a fantastic hacking device. I don’t mean full scale, internet bank fraud. I mean internet stealing, password grabbing and basic mischievous hacks. Let me explain how to do it, if it was possible.

Walk round with my Wi-Fi turned on. Looking for open networks. Then, if you find one which is open, and I prefer Netgear, You access the router. Normally 192.168.0.1. The default login (admin, password), and have full access to the router. Click on “Remote Management” and enable it. Now take down the IP address and logout. You have to logout otherwise the next step won’t work. Make a note of the routers external IP.

Head home and hope on the PC. Open up the web browser and type in the ip, and “:8080″. This is the default port for remote admin of the router. You can then login and take full access to the router. Also, if you click on “Backup My Settings”, you can download, in plain text format, the email address and password.

Just clear the logs and no one knows you’ve been there.

That is of course, if it was possible and / or legal ;)

[Update] After looking around at other potential threats, it seems that NETGEAR routers are vulnerable to this basic attack. Its possible to do the same with Linksys routers, although the backup file is stored in a .cfg file which is not readable in normal text editors. A Hex editor however is perfect and gives up its secrets.

[Update * 2] This whole process could be spead up, also without the need for remote access, with a laptop. Anything that can access a website and download files. I, personally, would get an XO-1 Laptop or Asus eeePC for this very reason.

[Update * 3] It should be noted that with Linksys routers, the router will need to reboot after allowing remote admin. Make sure you get the IP Address AFTER you have enabled Remote Administation.

[Update * 4] Found a great Flickr photo which relates to this post.