thanks everyone for the suggestions. I'm going to use xchat and xhost + to allow it to have access to the root x session when I need to use irc on my backtrack box. I want to try ssh with -X switch...

I had to do xhost + before the Su command, but it is not too secure. I wonder of there's a better way....thinking maybe ssh -x?

I can run pidgin as root, but I want to force it to run as another user other than root. So, I am logged in as root. I create a new user named "ircuser" and thought i could do a "su - ircuser...

So how are you running it as another user while logged in as root?

I cannot seem to figure out how to run my irc (using pidgin) client as a non-root user. Every time I get errors about not being able to access the display. I feel like this has to do with the fact...

yeah the 4.0 release is real nice. I really like the integration with JTR and the changes to msfpayload/msfvenom. You can now create an executable with more than one payload.....nice stuff.

There...

thanks.....I appreciate the kind words and glad it was helpful to someone else.

I have installed and been playing around with Nexpose on BT recently, and it's quite nice. Also, started utilizing the ability to scan from within msfconsole which is pretty cool too. After messing...

Last week or so I got some free time and decided to start playing around with extracting browsing history from the the index.dat files. I know there are a million and one tools out there to do this,...

This worked on my Dell.....Edit the /usr/lib/X11/xorg.conf.d/10-synaptics.conf using nano or kate and add the line: Option "MaxTapTime" "0" to first the first section. See the screen shot below.

...

I'm not sure exactly where this post should go, I would think the How-To section but I can't seem to post there, so here it lies.

I put together a blog post that details the configurations,...

did you prepare the kernel sources first? Check the BT5 How To forum, muts has a post that tells you what to do.

I also did a update-rc -f framework-postgres remove to stop that service on startup as well...I personally don't like anything running unless I start it myself.

Maybe I can help. I just installed BT5 this morning and have been poking around in the file system and came across the same issue. BT5 utilizes the newer upstart job system as well as the older...

Good point bolexx...no need not share. So here we go....

Dudeman pointed me to some real handy links that ultimately got me the answers that I need. Specifically this one:...

Just to follow up, omlet hunter was the answer.......but not with-out a lot of trial and error. I actually had to modify the omlet hunter code to start it's search at the top of the current stack...

Yep, but I don't think the bad chars isn't the problem it just gets cut off due to lack of space.

Dudeman sent me some links from the corelan site that I am reading through right now....just from...

Thanks.

pigtail, I just tried that combination with the same results.

Dudeman, I did search in memory and all I could find was 264 nops (close but no cigar) at the top of that repeating...

I am just wrapping up the PWB course and decided to practice on an SEH exploit. I took the Elecard 5.7 m3u exploit http://www.exploit-db.com/exploits/16253/ and tried recreating it under xpsp3 and...

A few Google searches later and I get what bofh28 was referring to with the differences between XP and Vista/7. @falseteeth we were talking about the domain cached credentials, I believe you were...

Isn't ntlm an implementation of md4 and lm an implementation of des? I might be confused though. Going on those assumptions I thought the articles were indicating even in xp they were hashes with...

I've heard good things about burp suite, have yet to play with it though.

Here's a link to a post about it I remember seeing some time ago:...

Thanks for the links, it was exactly what I needed. Those had some really great information about how these stored creds are encrypted/hashed. After reading through those posts I wasn't sure whether...

I have used iReports (http://jasperforge.org) in the past, part of the jasperserver and jasperreports software. I stumbled on it from using OSSIM, they use it to report from the MySQL db that they...

I have been trying to understand how the cached credentials are salted. I have seen some conflicting information, some saying its salted with just the username, some saying user and domain and yet...