Cool, Didn't know that existed. I added it like you said.

One thing that causes issues with the brute force idea is if the hidden network is WPA, aireplay-ng fakeauth can not always associate to it even if you specify the correct ESSID. Oddly enough, It...

Cool idea, I went ahead and added on a couple other things I though may be useful to this concept.

One thing you will need for mine to work is fully install airdrop-ng, follow the README in the...

Yes it is not on the wiki page but I am not sure when the last time that was updated, it could be in beta stages still I really don't know.

All I know is that I have none of the issues you...

Just to clarify some of the fixes and my methods, as well as answer some questions.

Gnome power manager: I removed gnome power manager via preferences > startup applications, then simply added ...

This is a backtrack 5 forum.

Yes, it is running as a single boot OS on the hard drive with full disk lvm2/luks encryption (Which required an extended/logical partitioning system to work).

Although if you choose to go this...

In my Macbook pro running a broadcom chipset internally, I can confirm working injection on the internal card, which has never worked previously. My findings will likely work on other Intel based...

Personally I think its just easier to compile it from source, but whatever floats your boat.

I posted a chromium browser workaround in the Fixes forum for those looking for it.

I read a few posts about people trying to get chrome working on BackTrack 5, I solved this a couple days after the release and figured I would share.

I was not able to get it working with the...

Yup, Confirmed it with one I had laying around. Its nice and much more inconspicuous then a big 'ol Alfa card.

Thanks for the info!

Just wanted to give an example here, While YoMoZ's is easier to implement, it did not work on my system as I run as a seperate, non unique root user and disabled the normal root account. Mainly...

After redo'ing the entire encryption with the extended and logical partitions as you suggested, rather then the primary, it appears to work. I am not sure why would would matter as I only have 3...

Sorry for double post, But appears that the issue is when halting the system period, any form of full shutdown causes the next boot to fail to detect the disk. Could this possibly be an issue with...

I had alot better luck just going to http://www.nvidia.com/page/drivers.html
logging out of the X server, then running the bin file.

Appears to be a bug booting up with full disk encryption via cryptsetup luks/lvm2, it is speratic and inconsistent bug making it hard to troubleshoot. Mabye some of you guys have a better idea whats...

Thanks for the fix, It seemed at least in my case that running twin X-servers via Nvidia-settings seems to catch nautilus in a loop. Enabling Xinerama seemed to stop it, although its not how I want...

Very good series. Assuming you know your way around exploit dev a bit. I also found them useful, not many videos regarding more advanced subjects like this. Thanks a lot.

Delete this post.

Cool idea, although I would think any SSH client could accomplish it?

This isnt really a tutorial, but if your good and google around you may figure it out.

Droid 1 running Dsniff suite in a...

It is already inside the apache virtual hosts file which is generated inside the script. It is automatically enabled.

Ah sorry, havn't looked through this script in a pretty long time.

It could be an issue with DNSspoof or iptables, but this script is pretty well safe-coded now so I doubt its script-side.

Probably because its trying to direct to a non root URL such as "/newreply.php?p=192541&noquote=1" which does not exist on the apache server. I had the same problem with my script, and although I...

More information would probably help. Did you use the driver from the nvidia website or the repos?

I'v personally had no problems out my 3 nvidia cards in BT just by throwing the driver from the...

Have you considered trying to upload another payload via php session, maybe with the payload backdoored to a legitimate windows executable? Or using some other encoding type to bypass the AV and...