Search



Categories

News

Videos

Underground

Vblogs

Hacking Challenges

Underground – Install Backtrack 3 on USB

August 16th, 2009 by Patchy
матрациIn this Underground video, Ground Zero explains how to install Backtrack 3 onto an USB drive. He also illustrates how to make the USB device bootable and how to enable persistent changes in Backtrack. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | 9 Comments

Underground – CSRF

August 14th, 2009 by Patchy
In this Underground video, Crash Overron explains CSRF (Cross Site Request Forgery), and how it can be used to force a user’s browser into performing an undesirable action on a website. Basically, CSRF tricks a browser into requesting a web page that is design to perform a specific function such as changing user settings. Furthermore, if the page allows GET variables, an attacker can modify that user’s settings. Commonly, CSRF attacks are hidden in image html tags. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | 1 Comment

Extracting Database Information from Information_Schema

August 10th, 2009 by Patchy
In Full Disclosure Episode 11, we show you how to extract information from our WordPress SQL Database. WordPress is open source, so we were able to look up information about WordPress’s Database structure. However, what do we do if the Web application is not open source? How do we know what tables and columns to extract information from? In this VBlog, I’m going to explain how to use the Information_Schema database to extract information about a website’s tables and columns. Full Scale Video Here
Download Here

Posted in Vblog | 3 Comments

Defcon 17!

August 1st, 2009 by Patchy
Nox and I are in Las Vegas for Defcon 17! It our first time at Defcon, and from want we’ve seen so far it going to be an amazing weekend. We’ve already heard some great speeches, and seen some pretty cool stuff. As many of you know, the attendees of Defcon get a badge with some electronics to hack and modify.
 
(Click to enlarge)

This years badge has a Freescale MC56F8006 DSP/microprocessor chip, microphone, and RGB LED. The RGB LED cycles through different colors until the microphone picks up some noise then the LED with respond to the volume and frequency of the sound. We decide to try playing different frequencies and see if the badge would reveal some easter eggs for a specific frequency. After a few minutes we figured out that the LED would blink what look to be Morse code whenever it pick up a frequency that was a power of 2 (such as 64hz,256hz,1024hz, etc.).

(Download Here)

The Morse code message turned out to be the url 0day.com/n01z. Tomorrow, I’m going to try to get a level shifter, so I can modify the firmware!

For more information on Defcon you can go here.
For more information on the Defcon 17 Badge go here.

Posted in News, Vblog | 2 Comments

Java IRC Client

July 27th, 2009 by Patchy
Alright, I know some of you guys maybe unfamiliar with IRC, so the moderators and I decided to upload a Java IRC Client to Infinity Exists. All you have to do is go to InfinityExists.com/irc-client/ and you will be automatically connect to our IRC server and channel. Feel free to hop on whenever you want; myself or another admin will typically be on to chat and answer questions.

Posted in News | No Comments

Episode 24 – Bypass Hotspot’s Access Controls

July 14th, 2009 by Patchy
In this episode, we demonstrate three ways to Bypass Hotspot’s Access Controls. A large amount of public hotspots require a fee to access the internet, and in this video we explain how a person can use Session Stealing, DNS Tunneling, and Ping Tunneling to bypass that hotspot’s access controls.

Video Stream Here
Download Here

Download ptunnel.exe

Posted in Videos | 14 Comments

Infinity Exists IRC Server

July 7th, 2009 by Patchy
Infinity Exists now has a new IRC server up and running! The hostname for the IRC is server.infinityexists.com, and the channel that Admins and myself will be in is #Infinity_Exists. Go check it out! Also, we will be running a vent server and a few game servers. You can go to http://server.infinityexists.com to check the stat page to see what servers are available. Also, Nox just got some new server equipment, so hopefully we will get some boxes setup for you guys to practice hacking. Keep checking the website for further updates.

Posted in News, Vblog | 7 Comments

Underground – Alternate Data Streams

June 30th, 2009 by Patchy
Crash Overron made a video explaining Alternate Data Streams (ADS). ADS were introduced with NTFS and was essentially create to provide compatibility with Macintosh’s Hierarchical File System (HFS). ADS allows data to be forked into existing files without affecting their functionality, size, or display in a file browser. Consequently, ADS enables malicious hackers to easily hide viruses and rootkits in existing files or directories. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | 1 Comment

FPGA MD5 Cracker

June 16th, 2009 by Patchy
For my Digital Systems Laboratory (ECE 385) at the University of Illinois I had to do a final project using a field-programmable gate array (FPGA). My partner and I designed a hardware implementation of the MD5 algorithm and used it to crack MD5 password hashes. A FPGA allows you to prototype large digital circuits by utilizing a hardware description language such as VHDL. The FPGA enabled us to create a large hardware system dedicated to cracking MD5 Passwords. The FPGA we used was the Altera DE2 Development Board with the Cyclone II chip, and we were able to fit sixteen parallel MD5 Cracking units onto the FPGA. Each unit is able to produce a MD5 hash in 68 clock cycles, and since the FPGA has a clock rate of 50 MHz this system is able to produce over 44 million hashes a minute. The MD5 hash is inputted by the user through a keyboard, and if the system finds a match, the clear text password is displayed on a VGA monitor. Full Scale Video Here
Download Here
Download FPGA MD5 Cracker Project Files

Posted in Vblog | 8 Comments

Arduino ARP Cop

June 9th, 2009 by Patchy
In this Vblog, I demonstrate a simple project that anyone can do with an Arduino. An Arduino is an open-source electronics prototyping platform that utilizes an AVR microcontroller and a simple I/O board. For this project, I use a python script running on my computer, which monitors ARP poisoning on the network with the use of Ettercap’s ARP Cop plugin. If ARP poisoning is detected, the script will communicate with the Arduino through the USB port, and the Arduino will turn on a LED. This way a user can be quickly informed when their network is under attack. Full Scale Video Here
Download Here

Download Arp_Cop.pde (Arduino Code)
Download Arduino_Arp_Cop.py (Python Script)

Posted in Vblog | 2 Comments

<< Previous Entries