dc414 HashDB opening.

Here is another goody from dc414. HashDB is our MD5/SHA256/SHA384/SHA512/NTLM/LM cracker 🙂 The hash counts are totally user driven, that is the database only gets bigger if you help make it that way. Aside from the options given on the site to add to the database, every query made using ENCOSH gets added to the database. So do your part and help make it bigger!! Enjoy!!!1

dc414 night out and other news

Join me and the rest of the bunch at Dave & Busters at 5pm on February 19th for some food, drinks, and fun! Come pimping your dc414 shirt for a chance to win $10 in free game play!! I hope to see everyone there!!

D&B addr:
2201 North Mayfair Road
Wauwatosa, WI 53226

In other news I have completed the Badge Program spread sheet, so now you can track yours and other peoples status in the program. So if you haven’t started on your badge yet, get to it now!

dc414’s badge program project.

The badge program project is a little game for hackers, crackers, and phreaks. The goal is to facilitate learning in a fun and interesting way. Each badge has a list of achievements you must obtain to be eligible to get the badge. Some achievements will be as easy as clicking a like button for FB, another might be as hard as having to try and social engineer a password out of a random person. Every time you get a badge you also get a mystery prize!!

The badges them selves are still under development so expect future posts about them as we finish them up. For a list of the badges and their achievements go here. So get started and get your 1337 badge now!

BarCamp – Post Conference Report

DC414 got a lot of exposure at BarCamp.  We were the only peeps that setup in “the commons” where most everyone would pass through while entering the building.  This was also the area that lightning talks, introductions, and closing events took place.

Wall of Sheep
The wall was a great success for the most part.  Initially, we had to manually sniff and enter sheep onto the wall.  This was becoming a pain in the ass.  We finally got it automated by taking a log from ettercap and piping it into a ruby script which would post to simple webservice.  The source can be found here.  In the afternoon we started getting flooded with fake logins to gmail.com from a user on the network.  Some nerd had scripted this to create chaos upon us!  Unfortunately, we were tapped onto the network at such a point were we would not see local IPs for the source of traffic.  I lol’d and set dw5304 on the hunt to track the user down.  We knew he was using ruby as that’s what the user-agent string was.  dw5304 quickly found him and we all had a laugh.  The scripter gave a lightning talk on his mischief later in the evening.  We’d like to expand on the current scripts and tweak our filters to automate even more types of insecure communications.

The overall atmosphere was very, very hacker friendly.  I had fun listening in to Klaiviel, Vlad, and darkwind troll some unfortunate hotel workers on their radios.  We also did a bit of urban exploration in Bucketwork’s basement … with a 1w laser 😉  Klaiviel did an awesome job presenting on lock picking/etc.  It was funny how Klaiviel showed up with like 5x as many locks and equipment as the guy who was hosting the lockpicking session.  There is safe at Bucketworks that they need assistance opening … Klaiviel did a bunch of research and came to the conclusion that he will need to brute force it.  I’m hoping dc414 can come together and make this happen.  dw5304 dropped a lot of knowledge to people coming by our setup.  Much thanks to all the equipment and dedication he brought to BarCamp.

Some very smart folks were creeping around and while I personally did not see many presentations, I still learned a lot.  We gave out a ton of stickers, flyers, window clings (thanks cmoney and Anarchy).  With that we should see new peeps start showing up to meetings.

September’s meeting was great!!

The last meeting was awesome as always! My SQLi presentation went well and i even got to do a little demo of iPillage, i took my IR Copy toy but didnt really get to play with it. dw5304, wowed all showing his remote boot system hes working on that needs only a NIC, and gave a little tut on surface soldering! It doesn’t stop there, Klaiviel schooled us all a little in HAM radio, how to track someone with it and how to get your message across the world! He also did a little lock pick demo and GAVE EVERYONE A FREE LOCK! Thanks bro! 🙂 I only took a few pictures this week and here they are.

Everyone got a free dc414 sticker for showing up as well as “Things to know if the FBI show up” cards from DEFCON19 and UCLA. We also got to use our new free junk give away random picker, thanks to ngharo for coding that up, and gave away a few LAN taps, and as always our free junk! Congrats go to Meg again for winning The NORTON Essentials for Mac or more of the crap i don’t want anymore 😛

Meg showing off her free dc414 junk

Introducing ENCOSH

dc414 is happy to bring you ENCOSH, a online encoding and hashing app. You just feed ENCOSH a string and it will hash it using MD4, MD5, SHA1, SHA256, SHA384, SHA512, LM, NTLM and encodes it using Base64, ROT13, HEX, URL, RawURL then spits them all out for you. I had used it as a personal tool for a long time and got lots of use out of it for sql injections and what not so im sure someone else will as well, so enjoy 🙂

Thanks ngharo

Mr. ngharo just finished up a big long over due server upgrade for dc414! The online tools are down yet but i should be able to get them back online within the next few days, and now that we are on debian expect many more to come 🙂 So if anyone sees ngharo be sure to thank him for his hard work!