March meeting madness!

Posted on by
2

March’s meeting was filled with all sorts of shenanigans. dw5304 started things off with a little demo of Windows Server 8 and some of its improved features and functions.

Ngharo kept the OS ball rolling by going over some Linux 101 and while he was showing us how grep can be used to find wanted data in Apache logs Castor pulled a little prank on Ngharo and left a message in the logs for him 😛 Every one got a big laugh out of it. Ngharo also has promised to give a new Linux demo every meeting!

Then I stepped in and gave a demo on how to use temp XSS attacks to gain access to user accounts on web sites, the target in this case was Daily Motion using a known vector. It was complete with a explanation of the attack string, the payload, how to use it, and how to fix it. I gave the room the opportunity to hack my Daily Motion account, using the cookie stolen during my demo which turned out to be a bad idea, Ngharo thought it was cute to replace my profile picture with the index picture from lemonparty2 😐 Yeah, ok I loled hard at that one 🙂

Then The Professor showed us how to use “The Social Engineering Tool Kit” to phish n00bs and pwn their passwords! He gave us a step by step of how to copy a website, how to access the phish page, and what happens when its used. Then we all talked about how to know when your being phished. It was a great first demo from The Professor.

A big congrats to The Professor for winning the dc414 Free Junk Giveaway “pic below”, Enjoy your new Launchpad 🙂 Here are some other pictures from the awesome Cmoney.

The big winner:

SIDE NOTE:
The next morning with a slight hangover I open my email and find this from Daily Motion:
Hello anarchyang31,

The avatar of your Dailymotion account “anarchyang31” has been deleted due to non respect of the General Terms Of Use (inappropriate content).
In any event, we ask that you observe those conditions. You can review them by clicking here: http://www.dailymotion.com/legal/terms

After 5 deleted avatars, you will no longer be able to change it and it will be replaced with a default avatar.

You can upload a new avatar by clicking here: http://www.dailymotion.com/profile/avatar

Best regards,


The Dailymotion Team

LMAO thanx Ngharo. Ok thats it, later.

Rdp 6.2.8250 for windows 7

Posted on by
5

So i went looking for a way to use the new rdp 6.2 in windows 7 and was unable to find an installer on microsoft website so i decieded to see if i could copy the files and get rdp to work. After several tries i was finaly able to get it to work :).

I included the files below.

rdp6-win7

on a vaild windows 8 machine:

create a new folder for files someone usb drive is a good palce,
inside this new folder make a folder called en-us and wbem

inside wbem create a folder called en-US (its important u have US captilized)

open Driveroot:\system32\

copy mstsc.exe,mstscav.dll in to the new folder on the usb

copy mstsc.exe.mui and mstscax.dll.mui from Driveroot:\system32\en-us to new folder\en-us

copy mstsc.mof and mstscax.mof from driveroot:\system32\wbem\ to new folder\wbem\

copy mstsc.mfl and mstscax.mof from driveroot:\system32\wbem\en-US\ to new folder\wbem\en-US

 

and u should be good to go.

 

dc414 night out and other news

Posted on by
Reply

Join me and the rest of the bunch at Dave & Busters at 5pm on February 19th for some food, drinks, and fun! Come pimping your dc414 shirt for a chance to win $10 in free game play!! I hope to see everyone there!!

D&B addr:
2201 North Mayfair Road
Wauwatosa, WI 53226

In other news I have completed the Badge Program spread sheet, so now you can track yours and other peoples status in the program. So if you haven’t started on your badge yet, get to it now!

dc414 meeting lulz – 2.3.12

Posted on by
1

February’s meeting was another one for the books. We had a full blown G+ hangout setup complete with a projector and a hand cam. A big thanks to bneu for providing the cam and darkwind for the capture device. I started the night off by making few big announcements about me and ngharo speaking at THOTCON and how dc414 was picked by OpenDNS as a awesome user group “more on this later”. Then dw5304 informed us of Bucketworks network and finanical situation and I’m proud to say dc414 stepped up right away. bneu is making a huge network equipment donation to Bucketworks, all dc414 donations for the night went to Bucketworks, and dc414 is going to put together a fundraiser for Bucketworks. More on all this later.

I started the presentations off with a big fail on cracking wep “ikr” I felt like a total n00b. I can do it I swear, lol. I did redeem my self by owning a VM system on a PBX by using a 0day I have “No I will not be giving out details on this, other then to those at the meeting and I will never do it again. Its mine!” I didn’t stop there, to further redeem my self I gave a little demo on fimap and opened up a shell on a live compromised server 🙂 The fun wasn’t over yet. Vladimir gave us the 101 on Cat5 cable and a step by step to making your own cables. Then Vladimir and Darkwind had a cable making race and Darkwind smoked Vladimir bad! Thats not all, dw5304 replaced the back light on an old laptop, something I didn’t even know you could do. He took the screen apart and explain each step, then Vladimir schooled us on just how LCD’s and such work. Thank you every one for your hard work!

Thanks to cmoney we have tons of great pictures from our last meeting here. Congrats go out to the free dc414 junk give a way winners, Dan, Darkwind, and to Joel for winning the free THOTCON ticket.

Here is Dan and his new palm one mobile keyboard:

Darkwind and his ALFA 802.11n usb card:

Here is Joel after winning the THOTCON ticket:

Ok thats it, peace out.

Modding a Linksys NAS200 to stay cool.

Posted on by
1

I got the Linksys NAS200 a while back to hold all my music, movies, and TV shows. For a while it worked great and I really liked being able to do streaming and shit from it but I soon found out that the HDDs I had inside the unit where getting supper hot, even to the point that you couldn’t hold them. I of course had a to lose a HDD before I figured that out 🙁 I was just a little upset about this so I opened the unit up to find this weak little fan inside that as hard as it tried it just could not keep the drives cool. Then I decided to beef up the cooling system a little by adding another fan to the mix.

So I found 5v PC fan “for the cooling”, a hot iron “to cut/melt a hole for the fan”, a soldering iron and some solder, a screw driver, and hot glue. Now I would like to say I got it all right the first time around, but I can’t. Now the unit it self runs off of 5v so all I had to do was solder it to the board somewhere. My first attempt was a failure. I tried to solder the new fan to the same terminals that the little weak fan was using. While it did power the fan and work, the unit would eventualy stop responding. I figured the fan was drawing to much power to low in the chain. So I opened’er back up and moved the new fan to the start of the chain, I connected it right where the power comes into the unit. The unit it self runs on 5v and the Linksys power supply that came with it only gives out 5v so no worries there. Then all I had to do was put it all back together, hot glue the fan in place to suck the hot air out and turn it on.

My mod works great and it keeps my HDD’s nice and cool now 🙂 The only down side is it makes a little more noise now and I have to unplug the power from the unit to turn the fan off 😛 And now for some pictures.

Here is the hole I made with some info, the stock fan is on the other side of the unit:

Here is the main board:

Another view of the board:

Here is the end result:

Another view of the end game:

K thats it, peace.