Well I have made some more progress. I had made it through cloacknet to GGHB without extracting all the username password combos. I went back as you suggested and got everyones credentials. That...

I've been checking this thread from my phone and somehow missed this post earlier. So csrf is an option? That's pretty cool for this type of challenge. Also it sounds like maybe wraithmail isn't...

ok so I guess I need to use the wraithbox xss to gain access to gghb somehow? Or should I just maybe play with the gghb login screen a little more to see if I can find any vulns?

I will check out...

Thanks it's good to know I was approaching the problem the right way. I was setting my session cookie using burp but there were other problems. The cookie for the page where emails are...

I'll try to respond without any major spoilers. I have gotten to GGHB. I've identified a valid email address. Now I was trying to use XSS through a message to hijack their email session. I was...

Has anyone else tried this challenge? http://hackxor.sourceforge.net/cgi-bin/index.pl
I'm having a hell of a time with a particular part. I've spent hours and now I just want to understand the...

You could create a rainbow table for WPA cracking with all possible combinations for a given ssid. The problem is that the password can be 8 to 63 characters which would make the resulting table...

Try running this first

prepare-kernel-sources

http://www.cyberciti.biz/faq/find-out-which-service-listening-specific-port/

Does this help? http://www.cyberciti.biz/tips/linux-install-rt2870-chipset-based-usb-wireless-adapter.html

I like the idea of having a single resource with organized information like you are describing. Maybe it would make sense to add this info to the WIKI instead of a new website? Just a thought. ...

See b33fs answer. It should accomplish exactly what you are asking for.

What kind of password files?

Good luck! You won't regret it!

You do want to understand how basic scripting works (mostly python). Also I think it would be a very good idea to review some tutorials on how basic buffer overflows work like this one...

I have both MY OSCP and OSCE certifications. I thought that they were great courses and I learned a ton while really enjoying myself. I think for the price you really can't find better value...

That would make sense in my case. I often open a section, like general discussion, then open all of the thread I would like to read in new tabs. Then as I finish with each tab I close them. I...

I've been experiencing the same problem intermittently recently.

I have been doing all of my testing with v1.4

It's more than a little scary that currently there is no way to secure the wireless on these routers without completely turning it off. I haven't checked for a new firmware version yet so I suppose...

melissabubble,
Are you using the card in a vmware virtual machine? I've had nothing but trouble with the card in vmware but it has been working great for me in virtualbox.

tape,
I had alot of...

I have been using AWUS036H for all of my testing and I have been able to successfully crack the keys.

No i didn't do any MAC spoofing testing. I did read this on reavers FAQ



If I get some...

I did some experimenting with the 3 routers that I have readily available. Yes they are mine and not my neighbors so I was able to test both the default configs and other options. My test did...

Wow now that is interesting. I will have to do some testing on my own gear to see if I have any similar results.

Although this isn't directly backtrack related I thought this would probably be interesting to alot of people on this forum. There has been a tool called 'Reaver' released that takes advantage of a...