The Edge of I-Hacked

Since we have received a lot of mail on what tools were being used in the Defcon Video, I decided to show off some toys from our friends at http://www.defensedevices.com/.
Now please keep in mind you should check with local laws before attempting to buy any of the tools that we are going to
show you in this article.

The first tool is the Southord Jackknife Lock Pick Set.

The handle is made out of light weight fiberglass/polymer.
It conceals four picks, one key extractor and a tension tool.

(more…)

from zcentric.com

So I idle a lot and help out on a IRC channel called #linux-noob on Efnet when someone asked if they could grab all the mp3’s from Puscifer. Me being a giant Maynard fan myself I decided to do it. So here are the steps I took to get the music.

From what I know the two tracks he has released.. He released for free. There is some live Tool and A Perfect Circle tracks there also that are pretty good so I took on the challenge.
So I use Linux but the way I figured out where the mp3s are you could do the similar thing in windows. So my first thought was to run a command called strings on the flash file. So I downloaded the file the following way

wget http://store.puscifer.com/puscifer.swf

Then I ran strings on the swf file

strings puscifer.swf

That basically returned nothing.. It wasn’t like running strings on a compiled C/C file.. it got a ton of data like this

——–

Then in the /var/log/httpd/access.log I saw the following

127.0.0.1 - - [30/Oct/2006:16:03:19 -0500] “GET /music/playlist9.xspf HTTP/1.1″ 404 344 “-” “Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0″ 127.0.0.1 - - [30/Oct/2006:16:03:19 -0500] “GET /puscifer1.flv HTTP/1.1″ 404 337 “-” “Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1) Gecko/20061010 Firefox/2.0″

BINGO! I got the playlist file. So then I removed the store.puscifer.com in my hosts file and then restarted firefox again and hit the following URL

http://store.puscifer.com/music/playlist9.xspf

There it is.. a XML file with paths to mp3 files.

I am pretty sure you can do this to almost any flash file that doesn’t embed the music in the flash file itself. I’d like to hear of any other sites people may find that you could do this to

simply print the barcode and take it into your local walmart and ask an associate (in electronics) to scan it with the telzon, they can then tell you how many they will get, how many they have, and how many are in their warehouse.

from InfoWorld | News

Hackers have published code that could let an attacker disable the Windows Firewall on certain Windows XP machines.
The code, which was posted on the Internet early Sunday morning, could be used to disable the Windows Firewall on a fully patched Windows XP PC that was running Windows’ Internet Connection Service (ICS). This service allows Windows users to essentially turn their PC into a router and share their Internet connection with other computers on the local area network (LAN.) It is typically used by home and small-business users.

The attacker could send a malicious data packet to another PC using ICS that would cause the service to terminate. Because this service is connected to the Windows firewall, this packet would also cause the firewall to stop working, said Tyler Reguly, a research engineer at nCircle Network Security Inc., who has blogged about the issue.

“Once the firewall is down, where’s your line of defense?” he said Monday, in an interview.

More Info on the attack: Microsoft ICS DoS FAQ

Happy Halloween from I-Hacked.com! Check out the following site for some things to keep you busy today!

from searchenginejournal.com

Top 13 Halloween Sites, Searches and Destinations
In celebration of Halloween and trick-or-treaters everywhere, I’ve put together a list of the top 13 online destinations, search engines and services I’ve found over the past week which specialize in the October holiday.

Since this blog centers on the world of search engines, we lean towards the offerings of the search world and Halloween oriented portals, along with a few surprises and interesting sites.

from Zunerama

Two weeks from tomorrow, Zune will be released in the US. So where’s the ad campaign from Microsoft?

Zune is a hot enough topic in the blogosphere - igniting its share of strident exchanges and flame-throwing between Zune zealots and iPod lovers.

But out there in the real world, Zune remains virtually unknown. From my informal surveys of university students, teenagers, retail clerks, friends, and relatives: most have simply not heard of Zune. Others have only the vaguest of inklings about what it is.

These are the people who are working now on their holiday shopping lists. These consumers will make or break Zune, casting its destiny as either a fringe offering or a mainstream consumer product.

from globeandmail.com:

SAN JOSE, CALIF. — Seagate Technology LLC hopes its new security system for the hard drive will become the most formidable barrier between computer data and thieves.

The world’s largest hard drive maker says its DriveTrust Technology, to be announced Monday, automatically encrypts every bit of data stored on the hard drive and requires users to have a key, or password, before being able to access the disk drive.

Technology that protects the hard drive — the computer’s storehouse of data — differs from most security products launched in the past several years. Such products typically put firewalls around computer networks, encrypt data files or defend the operating system from invasions.

Protecting the hard drive itself offers another layer of protection and might stop thieves from purloining confidential information from lost or stolen laptops. Errant notebook computers have cost government agencies and corporations millions of dollars and put sensitive data — including customer credit cards or social security numbers — on the street, possibly in criminal hands.

from PSP-Hq.Com -

Welcome to the first version of PSP Installer Deluxe (PSPID).

Following in the footsteps of my Xbox utilities Auto-Installer Deluxe (AID) and Softmod Installer Deluxe (SID), this package contains the most used and most up-to-date homebrew software there is to offer for this console.

As always, it’s recommended that you take a look at the Documentation for the application or emulator you wish to use, it may have some important information on it’s usage that you need to know.

from bit-tech.net

A Microsoft spokesman from the Licensing Dept told bit-tech that this would not be the case. He told us that Windows Vista will not require a system re-activation unless the hard drive and one other component is changed. This means that enthusiasts will be able to swap CPUs, memory and graphics cards out without any worry about having to re-activate with MS, either on the internet or by phone.

Should you change the hard drive and another piece of hardware - for example for a major upgrade such as a motherboard change that requires a re-installation - Microsoft will allow you to re-activate up to 10 times. You will not, however, be able to have more than one machine activated concurrently.

Should you wish to activate more than 10 times, you could be busted, or Microsoft could choose to let you activate again at its discretion.

For hardcore system enthusiasts, keeping a ghosted, activated copy of Vista with no drivers could be a good way of being able to swap around components and machines with the minimum amount of hassle.

from Haklabs

WGA is a pain in the butt for many of us. Even if we have a legal copy of windows it just makes us do things we don’t want to. So here is a solution for all you WGA haters out there :

1. Download Orca (mirror) and install it.
2. Open WindowsDefender.msi with Orca
3. Go to the “CustomAction” table on the left
4. Right-click on the “CHECK_WGA” action and select “Drop Row”

5. Now got to “Dialog” table on the left
6. Look for the dialog “CheckWGA”, change the Attribute from 2 to 0
7. File > Save (DO NOT use Save As…)
8. Close Orca and run the installer.