The last few days I’ve been helping my friend Charlie construct his Illinois State University (ISU) Beer Pong Table. The legs and supports of the table are made from his roommate Brandon’s hockey sticks, and the table top is made of plywood with a 1/8″ sheet of Acrylic on top. Our friend Tyler etched ISU’s mascot, Red Bird, into the Acrylic; it was done free-hand with a dremel (Compare his etching to image). Tyler also did the text on the table: “ISU” and ” What you call Addiction … We call Dedication”. I did the LED array and the wiring; when the LEDs are lit, the light catches the etching in the acrylic. The LED controller I made allows you to switch between the LEDs being constantly on or controlled by an audio input. However, the LEDs we used are only lit at a specific voltage, so it doesn’t work very well. Full Scale Video Here
Download Here
Pre-Amp Schematic

It has been one year since the launch of InfinityExists.com, and a lot of things have changed; there are 18 episodes of Full Disclosure and 2100 registered members on the forums. We plan to create many episodes this summer, as well as, release a new video series, Infinity Exists Underground, which is based on viewer video submissions. Also, we would like to take donations towards the purchase of a new camera to increase our production value.

Full Scale Video Here

We said we would release a Vblog on how to Dual boot Windows and Backtrack so here it is. The process is slightly different, there is not need for an extended partition because you only need four primary partitions, and we use Lilo for the boot loader. Since we aren’t installing Ubuntu we have to manually create and configure the linux swap partition. Also, we have to manually configure Lilo; however, this allows us to change the Splash image when your computer starts.
Full Scale Video Here
Download Here

Awhile ago I was asked to rewiring a company’s 66 Block, a type of punchdown block used to connect sets of wires in a telephone system, because they wanted to replace their plain old telephone service (POTS) with multiple VoIP telephone lines. I had little knowledge on the 66 Block before doing this job, so I got out my trusty Beige Box to figure out how it was wired. Here’s a short video on how to tap a 66 Block. (Watch Episode 6 if you need help making a Beige Box)

Full Scale Video Here
Download Here

This weekend was UIUC’s annual Engineer Open House, and last night there was a Singing Tesla Coil show. The Tesla coils were built by Steve Ward, a EE student at UIUC. “Steven has developed Tesla Coils with high levels of control allowing audio modulation of their lightning-like display. Interfacing the Continuum Fingerboard with this technology will generate a musically expressive and highly energetic, multi-voiced performace” (EOH Exhibit Guide).

Full Scale Video Here
Download Here

Since Infinity Exists hasn’t had time to release a new episode, I decided to revamp a two part series, Exploit Hacking and Exploit Hacking 2 - Privilege Escalation, that I made a year before Infinity Exists was created. It may be a little dated, but it provides great information on how a hacker can find an vulnerability on a remote computer and exploit it to gain remote access. Also, the video shows how a hacker can raise their privileges on the remote machine to administrator. I added text throughout the video to make it easier to understand. Furthermore, Infinity Exists plans to do a more up-to-date and more detailed series of episodes on “exploit hacking.”


Full Scale Video Here
Download Here

The Sql Injection Challenge has already been completed, so here is a video demonstration on how to find this Sql Injection flaw and exploited it to extract password hashes. In this video I use a firefox plugin ‘Data Tamper’ that can be download here

 

Full Size Video
Download Here

The Intel Pro/Wireless 3945ABG (IPW3945) is a popular wireless card that is build-in many laptops. However, the drivers included in Backtrack 2 do not allow you to do packet injection. To fix this problem you need to install the IPWRAW drivers. The easy way to do this is to use Backtrack 2 module. A module adds additional components to Backtrack 2. To add a module, you copy the .LZM file into the modules folder in the BT2 .ISO. After adding the IPWRAW module to the BT2 .ISO, boot up Backtrack and click the “IPW3945 RAW load.sh” script on the desktop to install the IPWRAW Drivers. After the drivers are installed your wireless card will be lock in monitor mode, and you will be able to do packet injection with aireplay-ng. If you want to put your wireless card in managed mode and connect to a wireless network click the “IPW3945 load.sh” script on the desktop. That script will load the default IPW3945 Drivers.

Video Demonstration

Download IPWRAW Module Here
Discuss Here

Credit:
IPWRAW package made by: -~operator~-
Module made by: Genius

Recently a local privilege escalation vulnerability was found in Cisco’s VPN Client. When Cisco VPN Client is installed, a windows service “Cisco Systems, Inc. VPN Service” is created. The service runs the binary C:\Program Files\Cisco Systems\VPN Client\cvpnd.exe as Local System. Therefore, if you replace cvpnd.exe with another executable, then that program will be ran at startup with root privileges! I fond this vulnerability interesting because it is used at my college to authenticate students when they connect to the wireless network. For that reason, almost every student with a laptop has this software installed, and students are allowed to borrow school laptops from the student center to use the wireless internet. Consequently, anyone could borrow a laptop, gain root access thought the vulnerability, and install a keylogger that sends every keystroke to the attacker’s email! Its been 5 days seen this vulnerability was discovered, and Cisco has already issued a patched version. However, how long will it take for the school to update all their computers? This is just another reason why you should be careful when using school computers!

Video Demonstration: (shows how to gain root access and change the Admin password with this vulnerability)

Discuss Here