Search



Categories

News

Videos

Underground

Vblogs

Hacking Challenges

Underground – Install Backtrack 3 on USB

August 16th, 2009 by Patchy
матрациIn this Underground video, Ground Zero explains how to install Backtrack 3 onto an USB drive. He also illustrates how to make the USB device bootable and how to enable persistent changes in Backtrack. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | 9 Comments

Underground – CSRF

August 14th, 2009 by Patchy
In this Underground video, Crash Overron explains CSRF (Cross Site Request Forgery), and how it can be used to force a user’s browser into performing an undesirable action on a website. Basically, CSRF tricks a browser into requesting a web page that is design to perform a specific function such as changing user settings. Furthermore, if the page allows GET variables, an attacker can modify that user’s settings. Commonly, CSRF attacks are hidden in image html tags. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | 1 Comment

Underground – Alternate Data Streams

June 30th, 2009 by Patchy
Crash Overron made a video explaining Alternate Data Streams (ADS). ADS were introduced with NTFS and was essentially create to provide compatibility with Macintosh’s Hierarchical File System (HFS). ADS allows data to be forked into existing files without affecting their functionality, size, or display in a file browser. Consequently, ADS enables malicious hackers to easily hide viruses and rootkits in existing files or directories. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | 1 Comment

Underground – Local File Inclusion

May 27th, 2009 by Patchy
Ground Zero’s Underground Video demonstrates how to use Local File Inclusion (LFI). LFI is an attack where a user is able manipulate the file that is include on a web page. An attacker can use LFI to view files on a web server, or in special cases, run arbitrary code on the web server. Ground Zero shows how to use LFI to create a PHP shell and gain full access to a website. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | No Comments

Underground – Windows Privilege Escalation

May 26th, 2009 by Patchy
In this Underground Video, Crash Overron explains a simple way to escalate privileges in Windows XP. A standard user in XP can use the “at” command to schedule a program to run at a specific time. That program will be executed with SYSTEM privileges. Crash uses the “at” command to open a command prompt, and then uses it to reopen Explorer with SYSTEM privileges. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | 4 Comments

Underground – Bluetooth Hacking

February 26th, 2009 by Patchy
In this Underground Video, Strome explains several bluetooth attacks used against mobile phones. He demonstrates the Bluebug attack which exploits a security loophole on cell phones allowing the attacker to take full control of the device. The Bluebug attack enables an attacker to initiate calls, read & send SMS messages, read & edit the phone book, and change settings. Furthermore, Strome shows another popular bluetooth attack called Bluesnarfing a.k.a. the OBEX Push Attack. Bluesnarfing allows an attacker to extract, create, and delete files on the mobile device.

Note: These bluetooth attacks only work on a hand full of cell phones. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | 22 Comments

Underground – VMWare

December 14th, 2008 by Patchy
In this Underground video Awali, explains how to manually create Virtual Machines that can be used by the free VMWare Player. Also, Awali explains some of VMWare’s basic functions and features. In the past year, VMWare has make VMWare Server free for personal use; therefore, you no longer need to manually create the .VMX Virtual Machine file. However, it is still usefully to know how VMWare works and to understand how the .VMX file is structured so that you can troubleshoot and fixes problems when they occur. Full Scale Video Here
Download Here

VMWare Server
VMWare Player
Awali’s VMX File

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | 6 Comments

Underground – Fix Google Mail Enumerator

December 4th, 2008 by Patchy
In Backtrack 3 there is a Python script, goog-mail.py, which enumerates email addresses of a specific domain name through Google.  However, since the program has been released, Google has modified the way results are displayed.  In this Underground video, Overide explains how to fix the Python script, so that email addresses can be harvested.  Also, he explains the process that he took to find the source of the error. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | No Comments

Underground – Home Made Lock Picks

November 22nd, 2008 by Patchy
In this Underground video, Crash explains how to make some very simple lock picks utilizing house hold items. He shows how to convert a bobby pin into a short hook pick, and a paper clip or pen clip into a tension wrench. Check out Crash’s YouTube page to watch him pick locks with his home made lock picks. Full Scale Video Here
Download Here

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | No Comments

Underground – Downfalls of Anti-Virus Software Part 2

November 7th, 2008 by Patchy
In the second part of Overide’s Underground Video, he explains how to encode an executable so that it is not detected by most Anti-Virus Software. Overide expands the NetCat executable to allow him to add a few extra lines of code which will encode/decode the program. He encodes the executable by XORing (Exclusive OR) each instruction with a specific value. Once encoded, NetCat’s Assembly code does not make any sense; therefore, it is difficult for Anti-Virus Software to identify the executable as a threat. Whenever the encoded NetCat program is executed, the Instructions are first decoded with the exact same code that Overide used to encode the program. This is possible because when you XOR data with a specific value, you can retrieve the original data by XORing the encode data with the same value. After the Instructions are decoded NetCat will run normally. Full Scale Video Here
Download Here

NetCat
LordPE
OllyDbg

If you would like to submit a video to Infinity Exists Underground send an email describing your video to underground@infinityexists.com

Posted in Underground | 2 Comments

<< Previous Entries