PHX2600

Meeting tonight starting at 6pm! See the Meeting Info page for more info.

Password Cracking on UNIX

Posted by, maxwell on August 30, 2010 at 9:44 pm

Introduction

This article describes the basics of cracking user passwords stored in the /etc/passwd and /etc/shadow directories. The passwd directory stores information regarding groups, uids, usernames, and passwords, in the following format:

misty:x:501:501::/home/misty:/bin/bash

where x is the password. This article will use John the Ripper to crack user passwords and display them as plain text.

Note: The methods described in the following text were performed on Red Hat Enterprise Linux 5 Server Edition. Although that shouldn’t matter and this information should be accurate in any UNIX environment, if something is not working and you use Ubuntu, that may be the problem. However, if you are using Ubuntu, you have much more serious problems than we can solve here.

Installing John the Ripper

The first step is to download John the Ripper (http://www.openwall.com/john/g/john-1.7.6.tar.gz) and install it. To install extract everything to your home directory (or whatever directory you want, but I use /root/) and go into the src directory. Enter the command “make” and then enter the command “make clean generic”. Now go into the “run” directory and test out the program through the following commands:

cd ../run
./john --test

Running John the Ripper

Now that you have successfully installed john the ripper (if you haven’t, try using “john” instead of “./john”) it is time to use it to crack user passwords on your UNIX system. Type the following commands into your terminal to give the program the information it needs to begin brute forcing password hashes (by the way I highly recommend adding more words to the file password.lst in the run directory, since this is the wordlist we will be using to try and crack passwords with):

./john password.lst
./unshadow /etc/passwd /etc/shadow > /tmp/crack.password.db

check the file /tmp/crack.password.db and see where the x used to be, and the string now there instead of that x is the password. If it still isnt showing the password, use the following command:

./john /tmp/crack.password.db

Be warned that that process takes forever, but once it’s finally done, check ./john –show and you should be able to see each password that was cracked along with the corresponding username.

Congrats! You’ve just cracked the passwords of the users on your UNIX system!

Tags: John the Ripper, Password Cracking

Articles, Cracking, Save our Site Contest | 1 Comment

The Joys of Rooting Your Android Phone Part 2

Posted by, HalfSight on August 1, 2010 at 1:44 pm

Recently I got a new Motorola Droid X. This article will be more information than actual hacking or modding. Google bought the Android OS in 2005 and it has had a rocky path to success. Often being compared with the iPhone, the Android operating system offers one main difference, openness. Programmed in Java and run on a Linux kernel, Android offers a lot to the phone community. Although Android’s success has been through openness, as other big manufacturers get their fingers in the jar we are seeing some things being locked down and controlled a bit more. The newest Moto Droid X is a prime example of corporate control. This phone has a locked bootloader will continue to be locked until the encrypted technology can be hacked through. On the original G1, Google’s flagship Android phone, you were able to change the bootloader to different versions with relative ease.This process puts you in danger if bricking your phone if you are inexperienced, so if you are thinking about flashing a new bootloader, do your research.

Continue reading “The Joys of Rooting Your Android Phone Part 2” »

Tags: Android, Droid X, HalfSight, Motorola, SoS Entry

Articles, Save our Site Contest | 1 Comment

The Joys of Rooting Your Android Phone

Posted by, HalfSight on July 26, 2010 at 5:59 pm

I get a lot of people asking me exactly why I root my phone. My general response to this inquiry is why don’t you root your phone? Once someone has achieved the initial root exploit, rooting is pretty easy. There are guides every where on the net for rooting your android phone. The most popular group for rooting are the teams over at XDA Developers (http://www.xda-developers.com/). There are many other rooting websites popping up all over the Internet, XDA is simply the largest and has the most content. You can also do a search for your phone model on Google and you will receive hits to www.theunlockr.com for many excellent guides on gaining root access. If you have a Moto Droid feel free to check out www.Droidforums.net for the latest guides to rooting your phone.

Continue reading “The Joys of Rooting Your Android Phone” »

Tags: Android, Cyanogen, HalfSight, Rooting, SoS Entry, XDA

Articles, Save our Site Contest | No Comments

Kool Numberz: The Quickest Way to Cool!

Posted by, dual_parallel on July 24, 2010 at 6:41 pm

Fascinated by phreaking? Want to taste the excitement of telephonic exploration, but just don’t have the time? Well, this article is for you! With this simple method, you’ll fly through the phone lines, finding the coolest numbers before you can say “toll fraud!”

This article details the items you need to scan and how and where to scan to find the coolest numbers, quick. Let’s begin with the few free things you need to start impressing friends and family with cool numbers right away! Let’s go!

First, you need toll access. You likely have a cell phone or a VoIP line, and if you’re lucky you big spender you, you have a land line with toll access. You will be making “long distance” calls within the NANPA, most likely the US and Canada. Next you need internet access. Yes, you need to access the online to get the infos on the juiciest exchanges. You will need a text editor or word processor. Notepad++ on Windows or nano on Linux are examples. Mac is not supported for cool stuff.

Continue reading “Kool Numberz: The Quickest Way to Cool!” »

Tags: Dual_Parallel, Phreaking, scanning, SoS Entry, telephonic exploration

Articles, Save our Site Contest | 4 Comments

Citizen Journalism (A Media Hacking Primer)

Posted by, Terrordrone on July 24, 2010 at 11:19 am

Does Glenn Beck or Kieth Olberman speak for you? Me neither (if they do just stop reading now as this article may induce vomiting, head ache and uncontrollable rage.) Now I’m not here to put anyone down both of the above men and their brethren on cable news networks and local news are very good at their jobs. Unfortunately the main focus of the job is not reporting news, it’s selling a product. Commercial news sources are a business and businesses exist to turn a profit. Commercial news does this with sponsors be it television, radio, Internet or print. There in lies the problem the businesses can’t afford to upset the sponsors. So ideas such as ethics, integrity and honor fall aside for profit. Citizen journalism also known as “public”, “participatory”, “democratic”, “guerrilla” or “street journalism” has no sponsor, no editors, no corporate overlords to appease.

Citizen journalism is not a modern phenomena in fact we can trace it back to the earliest forms of communication. Throughout history powerful and often corrupt organizations have done everything within their power to spin public opinion to view facts and ideas to suit themselves. Most fortunate for us, people and groups stood up against churches, governments and the such in power to spread other truths and ideas. Benjamin Franklin had “Poor Richard’s Almanac” and Martin Luther had “95 Theses”. In the modern era technology has given us much better tools in our arsenal.

Continue reading “Citizen Journalism (A Media Hacking Primer)” »

Tags: citizen journalism, guerrilla journalism, media hacking, public journalism, SoS Entry, TerrorDrone

Articles, Save our Site Contest | No Comments

Save our Site Contest

Posted by, PHLAK on July 22, 2010 at 2:05 pm

Ladies and gentleman of the Phoenix hacker community, we need your help! Over the years, the PHX2600 has been a thriving community with dozens of bright minded individuals, each with a unique set of ideas and skills and a desire to share their knowledge with their fellow hackers. There would be meeting after meeting with presentation after presentation. Hackers helping hackers (and interested sheeple as well) learn and expand their knowledge.

That brings us to today. As of late it seems the PHX2600 forum/blog seems to have quieted down a considerable amount and, at times, feels empty and forgotten. The meetings are still going on and, for the most part, are of a reasonable size and bring lots of good information and occasionally presentations, but the bulk of our community discussions seemed to always come from the site. In an effort to reinvigorate some contribution to our site and potentially drive more traffic to it, I’d like to announce the Save our Site Contest.

Contest Overview

As a participant, write an article on a topic of your choice that is in some way relevant to the PHX2600 (hacking, modding, phreaking, etc..). These articles will be published via our blog after review and voted upon by our members at the end of the competition. The article with the most number of votes at the end of the competition will be awarded a $30 credit to our swag store (http://www.cafepress.com/phx2600) paid for by me. If anyone else would like to contribute to the winners pool, we may be able to have a second and third prize as well (please contact me if interested in contributing).

Continue reading “Save our Site Contest” »

Tags: competition

Anouncement, Projects | 1 Comment

Strange Radio Goes Off-line

Posted by, Terrordrone on June 16, 2010 at 1:14 pm

The call sign UBV 76 out of
Russia on the short wave frequency 4625 kHz is pretty well known among the radio community and it has apparently gone off-line. No one really knows what it was used if anything at all. Since around 1982 it has been transmitting and buzzing tone 25 times a minute 24 hours a day.As heard here.
To even add to the strange transmission 3 times during the 25 plus years voice transmission has been heard in Russian one translates to this “75-59-75-59. 39-52-53-58. 5-5-2-5. Konstantin-1-9-0-9-0-8-9-8-Tatiana-Oksana-Anna-Elena-Pavel-Schuka. Konstantin 8-4. 9-7-5-5-9-Tatiana. Anna Larisa Uliyana-9-4-1-4-3-4-8.”
Wikipedia has a good article about this stations here.
I have heard from other radio nerds that the have received the buzz tones again from this station but I have not been able to again if any other radios geeks out there do manage to get it please try to record it and let me know.

Tags: HAM, Hardware, Radio, UVB 76, Weird

News | 2 Comments

Forum Maintenance @ 1268096400

Posted by, PHLAK on March 5, 2010 at 8:45 am

We have a scheduled maintenance to upgrade the forums on Monday March 8th at 7pm. Please expect approximately one hour of down time. The blog will not be down at this time.

Tags: Forum, Scheduled Maintenance, Upgrade

Anouncement, Maintenance | No Comments

Aether Tap (BOM)

Posted by, Penguin on February 25, 2010 at 10:23 am

Forgot to post this earlier so here it is.

I found a Mouser part number for everything except the reset switch I’m using which is just a simple SMD pushbutton.

I have a project set up for this on Mouser, if anyone else has an account there and would like me to share the project let me know.

Part	Value	Package	Mouser Part #

C1-10	0.1uF	0805	80-C0805C104M5R
C11-14	27pF	0805	140-CC501N270J-RC
C15-18	10uF	1206	74-293D106X96R3A2TE3
IC1	ENC28J60	SO28W	579-ENC28J60-I/SO
IC2	PIC24FJ64GA002	SO28W	579-PIC24FJ64GA002SO
IC3	LM317D2TG	D2PACK	863-LM317D2TG
ICSP	ICSP Header	1X6 Pin Header	538-22-28-8062
JP1-4	IO Header	1X3 Pin Header	517-2314-6111TG
JP5	Power Header	1X2 Pin Header	517-2314-6111TG
L1	60Ohm	0805	81-BLM21BB600SN1D
LED1-4	Green	0805	645-598-8170-107F
Q1	32Khz	MM20SS	695-CM200C-327KF-U
Q2	25Mhz	HC49UP	815-ABLS-25-B2
R1-2	2K0	0805	292-2.0K-RC
R3-7	390	0805	71-CRCW0805-390
R8	240	0805	71-CRCW0805-240
R9-12	49.9	0805	71-CRCW0805-49.9
RJ1	Ethernet Jack	RJ45	673-J1006F21
S1	PushButton	SMD	On Hand
SD1	SD Card Slot	MICROSD	517-2908-05WB-MG

Tags: Aether Tap, bom

Networking, Projects | No Comments

Aether Tap (Toaster Oven Reflow)

Posted by, Penguin on February 24, 2010 at 11:23 am

Most of the passive components for this project are 0805 surface mount devices measuring 2.0 mm × 1.25 mm, anyone who has dealt with surface mount devices knows that they can be a real pain to solder, especially if you don’t have a variable temp iron with a small diameter tip, So for this project I decided to forgo that mess and purchase a slightly used toaster oven from a second hand store, unfortunately it is missing a knob but besides that its in pretty good shape.

The basic process goes something like this:
1) Tin all your pads.
2) Apply flux to your tinned pads.
3) Stick the components where they go using tweezers / forceps using the flux as a sort of tacky glue.
4) Heat the entire board until the solder “re-flows” and binds the components to the board.
5)Immediately remove the board from the oven to prevent heat damage.

The key to toaster oven reflow is the temperature, basically you want to get to 180-190 Degrees Celsius without getting any higher than ~210 Degrees Celsius. At 180 Celsius most solder will begin to melt, by 190 it will all have become liquid, By 210 Many components will begin to burn, By 230 the entire board and copper substrate will begin to burn.

In the photo’s below you can see the toaster oven I used as well as a multimeter connected to a thermocouple device for monitoring the temperature inside the toaster oven. There are also a couple images of the final board minus some headers attached to a pic-kit 3 for programming.