In Full Disclosure Episode 11, we show you how to extract information from our WordPress SQL Database. WordPress is open source, so we were able to look up information about WordPress’s Database structure. However, what do we do if the Web application is not open source? How do we know what tables and columns to extract information from? In this VBlog, I’m going to explain how to use the Information_Schema database to extract information about a website’s tables and columns. Full Scale Video Here
Download Here

Nox and I are in Las Vegas for Defcon 17! It our first time at Defcon, and from want we’ve seen so far it going to be an amazing weekend. We’ve already heard some great speeches, and seen some pretty cool stuff. As many of you know, the attendees of Defcon get a badge with some electronics to hack and modify.
 
(Click to enlarge)

This years badge has a Freescale MC56F8006 DSP/microprocessor chip, microphone, and RGB LED. The RGB LED cycles through different colors until the microphone picks up some noise then the LED with respond to the volume and frequency of the sound. We decide to try playing different frequencies and see if the badge would reveal some easter eggs for a specific frequency. After a few minutes we figured out that the LED would blink what look to be Morse code whenever it pick up a frequency that was a power of 2 (such as 64hz,256hz,1024hz, etc.).

(Download Here)

The Morse code message turned out to be the url 0day.com/n01z. Tomorrow, I’m going to try to get a level shifter, so I can modify the firmware!

For more information on Defcon you can go here.
For more information on the Defcon 17 Badge go here.

Infinity Exists now has a new IRC server up and running! The hostname for the IRC is server.infinityexists.com, and the channel that Admins and myself will be in is #Infinity_Exists. Go check it out! Also, we will be running a vent server and a few game servers. You can go to http://server.infinityexists.com to check the stat page to see what servers are available. Also, Nox just got some new server equipment, so hopefully we will get some boxes setup for you guys to practice hacking. Keep checking the website for further updates.

For my Digital Systems Laboratory (ECE 385) at the University of Illinois I had to do a final project using a field-programmable gate array (FPGA). My partner and I designed a hardware implementation of the MD5 algorithm and used it to crack MD5 password hashes. A FPGA allows you to prototype large digital circuits by utilizing a hardware description language such as VHDL. The FPGA enabled us to create a large hardware system dedicated to cracking MD5 Passwords. The FPGA we used was the Altera DE2 Development Board with the Cyclone II chip, and we were able to fit sixteen parallel MD5 Cracking units onto the FPGA. Each unit is able to produce a MD5 hash in 68 clock cycles, and since the FPGA has a clock rate of 50 MHz this system is able to produce over 44 million hashes a minute. The MD5 hash is inputted by the user through a keyboard, and if the system finds a match, the clear text password is displayed on a VGA monitor. Full Scale Video Here
Download Here
Download FPGA MD5 Cracker Project Files

In this Vblog, I demonstrate a simple project that anyone can do with an Arduino. An Arduino is an open-source electronics prototyping platform that utilizes an AVR microcontroller and a simple I/O board. For this project, I use a python script running on my computer, which monitors ARP poisoning on the network with the use of Ettercap’s ARP Cop plugin. If ARP poisoning is detected, the script will communicate with the Arduino through the USB port, and the Arduino will turn on a LED. This way a user can be quickly informed when their network is under attack. Full Scale Video Here
Download Here

Download Arp_Cop.pde (Arduino Code)
Download Arduino_Arp_Cop.py (Python Script)

It’s been several years,… but finally Patchy and his computer are reunited at last Download Here

Now that I finally got rid of WP-Forum, I can show you guys an Email Injection flaw that existed in that forum. An Email Injection flaw occur when a form is added to a web page that submits data to an email application, and user input is not filtered properly. A malicious user can exploit the MIME format to append additional information to the message being sent. This is possible because the MIME format uses a carriage return to delimit the information in a message. Adding carriage returns to submitted form data can allow an email application to be used to send thousands of messages at once. A spammer could exploit this to send large numbers of messages anonymously. Full Scale Video Here
Download Here

Nox and I haven’t made any new Full Disclosure episodes in a while because we have been busy with school. However, we have made a few updates to the website. Infinity Exists now has a new forum! We finally got rid of the old shitty WP-Forum, and we are now using Simple:Press Forum. Also, I was able to transfer all the old threads and posts to the new forum. The new forum has several new features such as PMs, topic watching, RSS, Who’s online, and etc., so go check it out! Nox and I have decided that we could use a few moderators to help use manage the forums, and help us develop projects for Infinity Exists. Projects like creating an IRC server, and setting up hacking boxes. If you would like to become a moderator send an email to moderators@infinityexists.com. Another website update is the new Photo section. I have a lot of random pictures that I thought you guys might like, so I decided to put them on the website. Nox and I are now on summer break, so we will be releasing some new episodes soon! Download Here

This year I became the UIUC IEEE branch IT Director and a few weeks ago, at the University of Illinois’ annual Engineering Open House, the UIUC IEEE branch and I competed in the AMD Jerry Sanders Design Competition (JSDC). JSDC is a robotics competition where teams design robots to complete specific tasks. This years competition was a large scale game of tic-tac-toe. Basically, each team had to create a robot that could pick up an air-filled balloon and place it in boxes which represented tie-tac-toe squares. The robots have to complete various objectives to obtain their teams balloons. The tasks included pushing a button, hitting a switch, opening a door, and pushing down a balanced titer-toter. Once a team places their balloon into a box, it would remain under the team’s control until another team takes control by placing their balloon into it. At the end of an eight or ten minute round points would be given to teams which controlled three boxes in a round. Furthermore, teams would be awarded points for unlocking their balloons and placing them into a box. The strategy used by the majority of teams was to place as many balloons into a single box instead of trying to obtain a tic-tac-toe. The competition was a single elimination tournament where four robots competed at a time. Your place in the bracket was decided by your standings after seven round robin matches. A total of sixteen different teams from a vary of different colleges competed in the JSDC, and the IEEE team placed third in the tournament!

A friend of mine and myself videotaped all of the rounds that we completed in. Check them out!

Tournament

Demolition Round!! IEEE took 2nd!

Downloads:
Tournament
Demolition Round
Round Robin – 1st Match
Round Robin – 2nd Matchonline casino
Round Robin – 3rd Match
Round Robin – 4th Match
Round Robin – 5th Match
Round Robin – 6th Match
Round Robin – 7th Match

Photos

I decided to do a video on the Ping of Death because a lot of people just starting out in hacking have heard of it, but don’t know exactly want it is. Also, they still believe it is a useful attack today. You can go on Youtube and watch tons of videos of kids making batch files that send pings with random payload sizes; however, this is horribly incorrect. The Ping of Death basically crashes a computer by sending a ping (aka ICMP ECHO request) with a packet greater than 65,535 bytes, and the reason this causes problems is because an IP packets can only be up to 65,535 bytes long. Packets that are bigger than the maximum size are fragmented into smaller packets, which are then reassembled by the receiver. Typically, machines don’t process the packet until all fragments have been received. When the machine tries to reassemble the packet it causes an overflow in internal variables, which can lead to a system crash. Some vulnerable operating systems are Windows 95, Windows NT, Windows 3.11, MSDOS, Mac OS 7, Solaris (x86) 2.4 & 2.5, and Linux versions <= 2.0.23. Modern Operating Systems are not vulnerable to the Ping of Death! Also, in this video I explain the popular Smurf Denial of Service Attack, and I rant about Windows 95. Full Scale Video Here
Download Here

Source: http://insecure.org/sploits/ping-o-death.html