For the notion of tradition I need to say that "all the information for educational purpose".
To make use of that trick, you should able to connect to the LAN but cannot connect to internet since it is waiting to fill a authentication form that is not free to fill(generally, if it is free don't mass your mind).
We follow the process as, first look the LAN for other hosts' IP addresses. Find a good looking IP (luckily connected to internet already.). Then retrieve the MAC address of that IP by using ARP protocol. Set your MAC address to retrieved one. Check whether you can surf. If you can't, try another victim IP. Continue reading Simple hack to connect an authentication needed internet. (like in Starbucks)
See the current MAC values
erogol@erogol-G50V ~ $ ifconfig -a | grep Ethernet
eth0 Link encap:Ethernet HWaddr 00:22:15:3a:36:93
wlan0 Link encap:Ethernet HWaddr 00:15:af:dd:94:91
Stop running of the card
<pre ">erogol@erogol-G50V ~ $sudo ifconfig eth0 down
Change the MAC address
erogol@erogol-G50V ~ $ sudo ifconfig hw ether 00:22:15:3a:36:83
Start the card running again
erogol@erogol-G50V ~ $ sudo ifconfig eth0 up
That's all. You might see the new MAC address for check.
Why I need to change the MAC address. Continue reading Changing MAC address of your network cards on Linux
I posted little while before " Firefox add-ons for your secure internet" and now I found more add-ons I think you might see useful as the before ones.
Collision shows you the web sites that follow your internet movement on a Continue reading More Firefox Add-ons for Secure Internet
Albeit internet is a one of the most influential data resource with smiling face, it is also a whirlpool that tries to catch all your data from your computer to benefit some companies, hackers and others. Thus it is really a big need to keep your computer and the browser with secure setup as a gate to the cyberworld. For this aim, I try to point some extensions to your Firefox browser. Some will stop the hackers and some will stop the companies watching your private data for having more money sourcing by you. Continue reading Firefox add-ons for your secure internet
On that mission you have a web site that has admin access to a email list and you want to acquire that access. On the explanation of the mission there are some key words.
...they used was 10 years out of date and the new password seems to be a 'message digest'... I think it could be something like a so-called hash value. I think you could somehow reverse engineer it or brute force it... Continue reading Hackthisisite realistic mission 5 - cracking hash
What I learn from HTS today is Directory Traversal Attack (DTA). You might learn from Wikipedia. As a summary DTA is a way of accessing the locations that are not intended to be available to plain user, by using input fields of the website. Generally flaw that makes open to DTA is low sanitizing and input validation of applications.
These are the steps to complete the mission.
- Open the hacked index of the web site and open the source of the index see the bottom comment of the hackers. It means we have original index file as oldindex.html
- Type to ...3/oldindex.html
- Open the source and copy all the source of the page.
- Go to "Submit Poetry" page of the site.
- Type ../index.html as name and paste all the copied content to content part of the form.
- submit. That's all 🙂