Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
Get a devDuck
Rubber duck debugging has never been so cute! Get your favorite coding language devDuckBuy Now
Search - "bruteforce"
My dad found a phone a few weeks ago and asked me what he should do with it. Knowing how much it hurts to lose personal data, I said I could try to find the owner and send it back.
My first attempt was to search through the files on the SD card in order to find an identifying document (CV, bill, address...) but there were only family pictures.
My second attempt was to unlock the phone and check the information about the owner and the accounts linked to it. But for this to be possible adb has to be enabled. Good thing is that that particular brand shows an option for activating adb on the recovery menu.
But then, it's Android Oreo and I haven't found a way to lift the lock pattern. I thought I could bruteforce it over the shell (as I found there could be about 1300 possibilities for 2 to 5 point patterns), but there is the same attempt throttling as on the screen so that would take ages.
Finally, I found the owner in the most "social" way : The phone was displaying the weather for a particular place. It turns out that there are only 3K inhabitants in that city, si I thought that a big enough Facebook group might help me find the owner. So I posted a message on a 500 people FB group dedicated to this city with a selfie of the owner : someone identified her within 20 minutes.
Mission accomplished 😎44
So I recently bought my first house (yay!).
Whilst doing the initial viewings I saw the below on the backyard and thought "hey that's neat, I can leave a key in there for when I come in late and my fiancée is asleep.
Fast forward to moving in day and the previous owners hand me the keys so I ask "oh yeah, what's the code for the keysafe" and he just looks at me completely blank, so I'm just like "the box on the wall out back" and he's just like "oh! So that's what that is. No we've never had the code for that, bye."
Being a pen tester I'm just stood there dumbfounded thinking "How the hell can you have a locked box attached to your house and not want to know what is inside!"
Anyway, that brings us to now where I'm stood outside in December on a Sunday morning brute forcing my way into my own keysafe.
I wish this didn't run so many parallels with my work life 😂58
-made a password-protected zip to backup my homedir
-launch the update to Fedora 28
-oh look Jessica Jones season 2 is available on Netflix
Some hours later
-Fedora 28 boots
-copy back my backup.zip
-shit what's the password already
-proceed to bruteforce the zip
-let's go back to Netflix while it's doing the job
Some hours later
-proceed to self-fuck4
So, my raspi, that controls my home automation stopped responding to all web requests, when I got home, I noticed that the wifi dongle was not lighting up, It has worked with no problems for 3 months now, so that was really weird, I plugged in the Ethernet cable, ssh'd in and ran ifup wlan0
And BOOM consoled filled with
MESSAGE FROM SYSLOGD@RASPBERRYPI
And some odd codes, no help from Google either,
Then I checked dmesg, and there were these:
Bad relocation sym offset
Mac82011: unknown symbol
At that point I got paranoid, checked my auth.log and it was FULL of failed logins, the size was well over 1Gig, and first entry was from 2 days ago....
Then some weird shit with www-data running SU
Turns out someone got in somehow ( I'm running on nonstandard port and dynamic ip, I was supposed to disable password login today, as i had enabled it temporarily)
That made me check my wifi driver , it was modified 2 mins after they got in, had a badly made rootkit but chkrootkit didn't say anything about it.
Time to setup IDS!
Any tips for where else they might have their shit in?
Oh, also, it didn't take long to bruteforce in the zombie that got in :p
And yes, it was a compromised server that was also wiped recently, so I just emailed -rf'd IT as it had tons of victim passwords
NOBODY MESSES WITH MY MACHINE AND GETS AWAY😠9
We have a bruteforce?
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /a
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /ac
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /acc
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /acco
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /accou
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /accoun
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /account
[30.01.19 11:26]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/
[30.01.19 11:27]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/lo
[30.01.19 11:27]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/log
[30.01.19 11:27]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/logi
No only a skiddie who try very hard9
🔐How can a manufacturer(Netgear) not allow changing username of the admin user???🔥
That effectively lets anyone bruteforce the damn thing like its being grilled on a BBQ!
Yet they implement remote access router management via 8080 and alley you set up VPN server on the incapable thing.7
I tried to do a sudoku solver, but it didn't work...
I wanted it to succeed without backtracking or bruteforce, so I tried solving it in a human way.
I ended up with some if-else AI that couldn't do anything at all5
My internship is coming to an end and I think my boss is testing my limits.
So, in the beginning of this week, he assigned me a non reproducible bug that has been causing trouble to the whole team for months.
Long story short, when we edit or create a planned order from the backend, once in fifteen, a product is added to the list and "steals" the quantity from another product.
Everyone in the company has experienced this bug several times but we never got to reproduce it consistently.
After spending the whole week analyzing the 9 lines of JS code handling this feature, reading tons of docs and several libraries source code. I finally found a fix by "bruteforce testing" with selenium and exporting screenshots, error logs and snapshots of the html source.
Hmm, my new place doesn't have internet!!!!
Well, time to bruteforce into one of my neighbors wlan14
Acquaintance of mine brags that he made a "Facebook password cracker" that took less than 30 lines of code.
I take a look at it, then I realize it's brute force password cracking.
Facebook doesn't even let you do that many password attempts, not to mention that brute forcing passwords is going to take more time than the expected lifetime of the sun. (exaggeration? Maybe. But you get my point.)
Why are we still here? Just to suffer?6
A colleague just hit his computer with a C++ textbook and shouted a verse that easily would have been bleeped out on TV. All this because he could not log into Windows.
Microsoft need not worry, they seem to have fixed any loophole for such bruteforce login attempts ;-)
What's wrong with the idea of having a huge computational network like in Watch Dogs to bruteforce encryption ?
I mean suppose having 500 or more million cores , how long does it actually take to bruteforce a 256 bit key ?12
So it's required by law to chip and register your dog. I just got a puppy so I had to change the owner of the dog from the kennel to me. And the only thing I needed was my chipvalue and the registration number.
So all I have to do is scan the dog and try the registration numbers and then I can change the owner. Like wtf. And it does not even send a confirmation email. I checked by changing owner and email again.
My registration number is only in the 600K so other registered pets should be easy enough to bruteforce.
Or am I missing something?7
So, this incident happened with me around 2 years ago. I was pentesting one of my client's web application. They were new into the Financial Tech Industry, and wanted me to pentest their website as per couple of standards mentioned by them.
One of the most hilarious bug that I found was at the login page, when a user tries logging into an account and forgets the password, a Captcha image is shown where the user needs to prove that he is indeed a human and not a robot, which was fair enough to be implemented at the login screen.
But, here's the catch. When I checked the "view source" option of the web page, I saw that the alt attribute of the Captcha image file had the contents of the Captcha. Making it easy for an attacker to easily bruteforce the shit outta the login page.
You don't need hackers to hack you when your internal dev team itself is self destructive.4
My mates and I all like computers and the teachers know this. My friends mainly game and have little knowledge of programing but like to pretend they do (green text terminals, etc).
The teachers always ask what we are hacking jokingly and we usually just laugh. Today I'd had enough with the dry jokes and when one of the teachers asked "what are you hacking today" I told her the truth...
'Last night I was able to bruteforce your school login, simple password which is cute, as expected, you reused that password despite the warnings and I used that to login to your Facebook and check your private messages, I suggest getting a better password Miss'.11
FUCKING PIECE OF SHIT USB STICK. What the actual fuck how hard can it be to format a usb-stick? Excuse me?
Basically, flashed arch .iso on my usb stick. After stuff was done I want to format my usb stick again so I can put files on it. Normally thats a super easy process. I tried a shitload of things.
1) On windows: Quick format -> Windows was unable to format.
2) Went to Linux. Opened GParted. Gparted didn't detect the usb drive? Wtf. Rebooted then it showed up. Tried to delete all partitions, tried to clear the entire drive. Gparted just freezes. Ok... wtf is going on?
3) Tried to go the bruteforce way and zero out the entire drive with dd. After a few seconds dd freezes and is not doing anything anymore.
Wth is going on lol? Why can I not wipe my usb drive? Any ideas?10
Bruteforce programming about which I've already ranted earlyer and also let's implement everything in our ms access database and regularly open the DB using the Windows task skeduler.2
I decided to run the ROCKYOU password list to see if there are any patterns in md5 hashing, not sure why but I am starting to confuse myself and I need a new pair of eyes to have a look.
in advance, sorry for the shitty image, that lappy is a temporary solution.
So the very accurate and not bias numbers show that the letter "0" appears more than the rest, would there be any use in let's say ordering the wordlist with words that have the most "0" and "7" in their hash to appear at the top?
I believe I might be trying to stretch the numbers and see a pattern where there is none but its worth a shot I think.
- These numbers come from only about ~14m words
My thinking trail is that if statisticaly these hashes are more likely to appear, they are more likely to be the one I am looking for?3
Just received this really weird email. Probably spam, but why even bother when there is no link or attachment? Maybe it is encrypted... 🤔 What do you think? Anyways, the server has SSH enabled anyone care to bruteforce? :^)10
>making bruteforce MD5 collision engine in Python 2 (requires MD5 and size of original data, partial-file bruteforce coming soon)
>actually going well, in the ballpark of 8500 urandom-filled tries/sec for 10 bytes (because urandom may find it faster than a zero-to-FF fill due to in-practice files not having many 00 bytes)
>SOMEHOW manages to cut off the first 2 chars of all generated MD5 hashes
>implemented tries/sec counter at either successful collision or KeyboardInterrupt
>implemented "wasted roll" (duplicate urandom rolls) counter at either collision success or KeyboardInterrupt
>wasted roll counter is always at either 0% or 99%
>spend 2 hours fucking up a simple percentage calculation
>implement pre-bruteforce calculation of maximum try count assuming 5% wasted rolls (after a couple hours of work for one equation because factorials)
>takes longer than the bruteforce itself for 10 bytes
this has been a rollercoaster but damn it's looking decent so far. Next is trying to further speed things up using Cython! (owait no, MicroPeni$ paywalled me from Visual Studio fucking 2010)4