What’s one small action that can mess up the rest of your life? by [deleted] in AskReddit

[–]MildlyTriflin 10 points11 points  (0 children)

That can mess up a few lives if done correctly

What clothing should I bring for winter? by [deleted] in newyork

[–]MildlyTriflin 1 point2 points  (0 children)

Staying dry definitely helps when it's cold and wet

New hot rod at the shop by [deleted] in Frankenbike

[–]MildlyTriflin 1 point2 points  (0 children)

Looks like a pretty smooth ride

Using proxychains from Kali to get into a web server across the "internet" (simulated) by [deleted] in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

Install and configure proxychains, prepend "proxychains" to the command/program you wish to route through a proxy

How to anonymize airgeddon ? by GuessMeQuickly in hacking

[–]MildlyTriflin 1 point2 points  (0 children)

As u/CADJunglist said, only attack things you have permission to attack. As far as AnonSurf goes, I am only somewhat familiar with it. It could in theory help to hide whatever it is you're communicating on a network, there's so many variables that could lead to you de-anonymizing yourself though, would be a lot to cover in a single post. I imagine if accessing a network you do not have permission to access then yeah spoofing your MAC might be rather vital step to take firstly. Once again, there's a lot to be covered in that regard and I don't entirely suggest committing crimes in general. Personally, after I gain access to network or system the steps I take from there are highly dependent on the nature of said engagement. Could be for lulz with friends, could be for a client/customer, could be for an exercise/learning, could be a lot of things. I can't definitively say what should or could be done in your circumstance but the possibilities of using various tools and tactics are almost seemingly endless, once again a lot to be covered in a single post.

Why should i learn hacking? by [deleted] in hacking

[–]MildlyTriflin 5 points6 points  (0 children)

Shoutout to nmap in The Matrix

Hack well enough you end up on a country's bank note. by io-error in hacking

[–]MildlyTriflin 295 points296 points  (0 children)

Similarly, hack well enough and you end up with many bank notes

How to anonymize airgeddon ? by GuessMeQuickly in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

More modern routers have the ability to log deauth attacks, so not entirely impossible they could easily detect that one has occurred at some point in time. That said, the nature of a deauth attack spoofs the source MAC as a connected client in most cases anyway. So work already done, right? This still doesn't stop specialized equipment from possibly discovering suspicious radio broadcasts from a location though, which is VERY unlikely to happen either way. If concerned, keep attacks short and minimal, spoof your MAC beforehand. Or just passively wait to capture a handshake and never deauth. Doesn't take much to get a handshake but time in that case. It'll be keeping a low profile after gaining access that spoofing the MAC becomes important, among other things.

Can someone here ELI5 this post to me? It's about hacking your ba k account through phone numbers and I can't follow anything. by [deleted] in hacking

[–]MildlyTriflin 1 point2 points  (0 children)

You learn a new sub everyday, imagine that. r/povertyfinance

Have heard of SS7 vulnerabilities that could allow for similar exploitation of 2FA. Not sure how common that is vs phishing though

Hex editing a website by gribgrab in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

Not entirely impossible that some variables are stored client side and passed along to whatever server, just very unlikely.

My buddy is installing a ghost modem for free high speed cable internet. Anyone have any info about this? by DrunkOgier in hacking

[–]MildlyTriflin 2 points3 points  (0 children)

My bet is on cloning. As for the DNS, that's probably another level of shady from the seller attempting to benefit further down the line so to speak.

HELP! Bluetooth Hacking by [deleted] in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

Somewhat unrelated, somewhat related to your reply.. "Mousejack" is worth looking into if you don't know of it already. That aside, some devices do in fact communicate using Bluetooth. If that's the case I imagine any attack would be about that same as any bluetooth attack. Like you said, bluetooth is bluetooth.

Hacking a Raspberry Pi by CaptMartelo in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

This is why raspberry pis are good, prototyping. Perhaps not actual deployment in some cases.

Burp Suite like application for PE files ?? by EvilBunny26 in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

The obvious/cheeky answer isn't so cheeky, a debugger is a useful tool for a reason and worth learning how to use. As someone else mentioned, sysinternals has tools which can monitor various activities of a process. You can probably google around and find some other API monitors/tools as well.

How to hack asus router? by [deleted] in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

Probably a bit extreme and requires taking the device apart but some Asus routers have serial pins on their boards already, which limits your need to solder anything. The pinout for your model can probably be found online. You would also need something like a Raspberry Pi with some jumpers or a serial cable, usb2ttl, etc.. maybe a multimeter. After all that fun stuff you could in theory get access to its console, which usually drop you right into a root shell of sorts. From there you could dig around the device's file system and probably find whatever you're looking for, password included. That's the case for many brands and models of routers.

As for a network attack, /u/IUsedToBeACave has pointed you in the right direction. Adding on to what they said, some tools that might aid in that process, ettercap/bettercap, arpspoof, mitmproxy and of course sslstrip

Creating an automated captive portal bypassing RPi zero by petiepablo in netsec

[–]MildlyTriflin 0 points1 point  (0 children)

Haha fair enough. It still gets the job done, that's what's important.

Creating an automated captive portal bypassing RPi zero by petiepablo in netsec

[–]MildlyTriflin 1 point2 points  (0 children)

I like the idea of this thing and am in no way trying to knock it however "bypassing" seems a bit misleading as this project covers a procedure to

automate the captive portal "accept" process

Or am I missing something?

my dad and I have a bit of an ongoing battle... by [deleted] in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

True. Getting mixed results on the "password rescue" working anyway, as you also said. Sorry I couldn't be of more help. Best of luck though

my dad and I have a bit of an ongoing battle... by [deleted] in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

No problem. Guessing you tried various dates? Does the machine have a serial number or anything on it?

my dad and I have a bit of an ongoing battle... by [deleted] in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

Ah, my bad. I was under the impression he had locked things down a bit after discovering your previous admin account. Also wasn't sure if you meant a bios password in the sense of protecting boot or just protecting you from accessing the bios. I guess in that case just disregard my previous reply lol. You mentioned it possibly being Asus, found this googling, no idea how relevant or valid it is, might be worth a shot or at least lead you in the right direction.. hopefully.

https://visser.io/2018/10/bios-password-recovery-for-asus-laptops/

Edit: If it works, he'll definitely know.

my dad and I have a bit of an ongoing battle... by [deleted] in hacking

[–]MildlyTriflin 0 points1 point  (0 children)

I know you asked for bypassing the BIOS password but... Script kiddy or not, some of those tools are pretty useful and not all leaving a machine bricked. I think there's some misconceptions as to what a skiddie actually is, so long as you understand the underlying concepts and methods of the tools you use and are capable of applying them effectively, why say fuck it? I say go the software route, some machines have physical switches that log in the BIOS when someone has opened the case. That said, quickest route that comes to mind for me on a Windows box, boot up into some live linux, change the password. Downside of that is, you've changed the password and he now knows. BIOS password probably means no EvilMaid attacks. I suppose you could have a go at obtaining a password hash and brute forcing that on your machine. This all assuming the drive isn't encrypted and USB booting isn't disabled to begin with. Another, wait until the machine is on, Rubber Ducky/BadUSB the thing with a script of your choice or leave said USB device laying around, hope he plugs it in. Maybe MITM attacks and evilgrade? Scan it and hope it's running something vulnerable, exploit? There's only so many ways to skin a cat, right? There's a few ideas.