contoh kasusnya ketika saya hendak mengupload data-data yang akan saya masukkan, lalu dari file-file tersebut menjadi sebuah website, karena dari awal koneksi ke Cpanel ataupun FTP saya rasa sangat lambat, file-file website tersebut saya kompres menjadi file .zip yang nantinya dapat di ekstrak dalam server yang saya sewa, namun ternyata hal ini juga sangat menghambat. Berkali-kali saya coba mengupload file-file tersebut dengan berbagai cara, namun tetap saja tidak bisa.

Akhirnya saya menghubungi pihak Costumer service yang cukup ramah, namun karena mereka juga manusia, dapat merasakan jenuhnya ditanyai pertanyaan yang mungkin bagi mereka tidak berarti, namun dari pihak user dapat sangat berarti, akhirnya pihak CS menawari saya untuk pindah dari IIX ke US (downgrade package karena paket IIX server sepertinya lebih mahal dari paket US server), dengan obrolan dan masukan yang saya dapat, awalnya saya bingung juga, karena tentunya dengan website yang nantinya akan berbahasa indonesia, pangsa pasar juga berbahasa indonesia, target pembaca juga berbahasa indonesia, jika saya pindah ke server lain, bagi saya akan lebih mudah mengaksesnya, namun akan lebih sulit untuk pangsa pasar karna server berada di luar Indonesia.

TO BE CONTINUED

Kaget banget ngliatnya waktu saya lihat ada puluhan comments yang masih pending, walaupun sudah saya approve semua pending comments yang menumpuk itu, namun mungkin belum semuanya yang saya jawab, oleh karena itu saya meminta maaf kepada para blog walkers dikarenakan masa cuti saya di dalam blog ini ataupun di tempat lainnya.

Sudah lama saya gk posting, mungkin banyak kesalahan dalam penempatan kata-kata karena pengaruh bahasa lain yang saya pelajari, konsonan kata yang benar terbalik dengan bahasa Indonesia.

saya rasa cukup sekian dulu, Wassalam

Ok, back to the case yach dari yang saya lihat dengan pencarian tentang friendster dan beberapa forum yang saya ikuti di dunia ini, yang menarik bagi saya sewaktu melihat fake url address friendster.com, yaitu friendster.co.nr.

Banyak blogger yang merekap atau memposting ulang tutorial hacking friendster ID yang ditujukan ke fake url address tersebut, ada yang meminta maaf dan ada juga yang cuek aja (mungkin artikel pertama tidak ada permintaan maaf dari si pembuat artikel/tutorial pertama, jadi usaha copas blogger lainnya tidak menyertakan juga permintaan maaf dari pembuat tutorial (analisa kasus) pertama.

Jika dilihat, blogger menganalisa tanpa membubuhkan file jahat yang digunakan untuk memproses pengambilan cookies, melainkan hanya menerangkan cara redirect url saja dan analisanya dikembalikan kembali ke hasil yang eksekusi file untuk memberitahukan id (email) dan password user friendster.

Yang jelas, dalam prakteknya, korban mungkin tidak mengetahui bahwa halaman telah di redirect ke website lain karena kesamaan halaman depan login tersebut, tampilan dari friendster fake address ini sama, dan hanya me redirect ulang ke halaman depan (klo gak salah ke halaman depan, atau ke profil awal friendster.com/user.php) setelah korban memasukkan username (email) dan password.

Bisa jadi pengiriman data berupa id dan password berada dalam bentuk penulisan di file .txt ataupun ke dalam database atau email pelaku.

Solusi untuk pencegahan dari masalah ini adalah dengan mewaspadai setiap comment yang masuk, jika dirasa ada comment yang masuk dan aneh, segera ganti password anda, lalu safe mode friendster anda dan lihat pada halaman comment dimana kira2 yang menjalankan script untuk mengeksekusi kejahatan (dalam hal deface, mungkin saja ada pelaku yang menggunakan format swf ataupun javascript untuk mendeface atau redirect url, untuk menonaktifkan javascript atau mungkin swf dengan cara men safe mode friendster anda)

Kasus lainnya adalah keteledoran dari user (user friendster di warnet) itu sendiri yang kurang memahami fitur browser ( save password to browser), biasanya browser sekarang mempunyai fitur Save Password, digunakan untuk memudahkan pemakai browser, seperti IE (Internet Explorer), Mozilla FireFox, Opera, dll. Jadi si pemakai tidak perlu repot-repot untuk mengetik ulang ketika login pada situs tertentu yang id + passwordnya yang telah di save.

Saya sendiri menemukan lebih dari 10 id + password waktu itu di sebuah warnet yang letaknya dekat dari kost yang saya tinggali, dan beberapa saya temukan di kota lain, kadang sich usil dikit saya tinggali message di bagian halaman friendster id orang tersebut bahwa friendster yang dimilikinya telah diketahui passwordnya dan memberi warning untuk mengganti password dari username yang saya temukan

Kadang juga saya iseng upload gambar logo “Hacked by ……….” lalu meninggalkan pesan yang sama di user friendster tersebut..

Kadang klo korban lumayan ya di add dech tapi ttp aja gw jailin tuch cewek abis teledor sekedar ngasih tau klo dia udah teledor aja n dibuat pelajaran buat dia, biar di kedepannya mungkin dia bisa lebih cermat melihat apa yang sebenarnya dia lakukan sehingga dapat menghilangkan suatu yang dia kerjakan (login friendster, isi comment, baca comment, baca bulletin, isi bulletin, minta comment (biasanya kata yang seringkali dipake “kok cuma ngeview sich? Isi comment donk” )

Saya sendiri alhamdulillah tidak pernah terkena serangan seperti di atas

Hanya saja beberapa kali diberi id + password teman saya (akrab) untuk mengecek friendsternya yang di deface orang lain (cewek yang deface ) dilihat2 emang cewek ini jago n aktif di forum-forum atau komunitas underground (underground versi cyberspace), serangan juga ditujukan pada comment, bukan redirect, melainkan langsung menjalankan deface (sebenarnya menutupi 100% halaman sebenarnya, seperti hack multiply), seperti di atas (sebenarnya saya lupa safe mode ), saya masuk ke halaman comment user yang terkena serangan, saya lihat comment akhir, dan terlihat dengan jelas pelaku menaruh script deface ke korban (teman saya), gak pake lama n kesuwen DELETE gak lupa juga alamat pelaku saya save dan saya beritahukan ke teman saya siapa pelaku yang deface teman saya (modyar :p )

Tapi gak tau dech kelanjutannya kmana tuch, kopdar kali ya ngedate juga kali

Yang penting, kita ambil pelajaran dari ini semua, jangan gugup apalagi gegabah, juga jangan lupa pesan pecinta internet : “Internet itu bukan friendster.com aja, banyak yang masih bisa digali didalamnya, banyak terdapat ilmu-ilmu disana, bahkan di negara maju mungkin pesen pizza aja dah online via internet so, friendster.com bukan yang utama dari segalanya yang ada di internet, tapi dari friendster.com ilmu juga bisa didapat, tapi bukan hanya yang berarti bukan segalanya “

Sekian.

NB : mohon maaf jika ada yang tersinggung, mohon koreksi seadanya dari pihak yang berwenang saya bukanlah apa, saya belajar dari apa yang ada dan baru saja. Saya bukanlah seperti yang anda kira, jangan biasakan juga diri anda untuk hanya mengira-ngira sesuatu tanpa adanya analisa (umum). Dan cobalah ketahui apa yang belum anda ketahui, awal yang terpenting mungkin adalah yang sekitar anda, dan yang tidak awal berarti yang bukan di sekitar anda

CMIIW

	ALPS Pointing Device Driver	ALPS	Windows XP	6.0.305.6
	9/17/2007	BIOS Update (Windows Installation)	Toshiba	Windows XP	5.20
	7/12/2007	CDDVD Acoustic Silencer	Toshiba	Windows XP	1.00.008
	10/22/2008	Chicony Camera Assistant Software	Chicony	Windows XP	6.2.238.1217/1.7.209.0807L
	7/12/2007	Display Driver	Intel	Windows XP	6.14.10.4497
	7/16/2007	Essential Driver Pack	Toshiba	Windows XP	NA
	7/12/2007	Fn-esse	Toshiba	Windows XP	1.0.0.1806C
	7/12/2007	Installation Instructions	Toshiba	Windows XP	NA
	7/12/2007	Intel Chipset Utility	Intel	Windows XP	7.1.0.1014
	7/12/2007	Modem Driver	Toshiba	Windows XP	SM2177ALD04
	7/12/2007	Network Driver	Realtek	Windows XP	5.664.205.2007
	7/12/2007	Sound Driver	Realtek	Windows XP	5.10.0.5433
	8/14/2007	Texas Instruments FlashMedia Driver	TI	Windows XP	2.0.0.7
	7/12/2007	Toshiba Accessibility	Toshiba	Windows XP	0.49.2.1C
	8/14/2007	Toshiba Assist	Toshiba	Windows XP	1.03.00upd3
	8/26/2008	Toshiba Configfree	Toshiba	Windows XP	5.90.09
	7/12/2007	Toshiba Controls	Toshiba	Windows XP	0.49.2.2C
	9/20/2007	Toshiba Disc Creator	Toshiba	Windows XP, Vista™	2.0.0.8
	7/12/2007	Toshiba HotKey Utility	Toshiba	Windows XP	0.49.2.1C
	7/12/2007	Toshiba HWSetup	Toshiba	Windows XP	0.49.2.1C
	8/14/2007	Toshiba PC Diagnostics	Toshiba	Windows XP	3.2.4
	7/12/2007	Toshiba Power Saver	Toshiba	Windows XP	0.49.2.1C
	7/12/2007	Toshiba SD Memory Utilities	Toshiba	Windows XP	1.8.1.1
	7/12/2007	Toshiba Supervisor Password	Toshiba	Windows XP	0.49.2.1C
	7/12/2007	Toshiba TouchPad On Off	Toshiba	Windows XP	0.49.2.1C
	7/12/2007	Toshiba Zooming Utility	Toshiba	Windows XP	0.49.2.1C
	5/22/2007	User’s Manual	Toshiba	Windows XP, Vista™	NA
	8/14/2007	Wireless Network Client	Intel	Windows XP	11.1.0.0.4
	7/12/2007	Wireless Network Driver	Atheros	Windows XP	5.3.0.35
	8/14/2007	Wireless Network Driver	Intel	Windows XP	11.1.1.100

sumber drivers : www.toshiba.ca

dalam kasus wordpress dlm subdomain ini (mamatto.wordpress.com) Komentar-komentar menumpuk pada laman postingan saya, dan saya tidak mampu untuk memoderasinya karena saya tidak dapat mengakses halaman admin tanpa menggunakan proxy yang sedemikian beratnya dalam load data.

Cpanel tidak dapat di akses. Entah mengapa halaman Cpanel tidak dapat diakses dari negara ini, yang saya rasakan di negri kecintaan saya, negri dimana saya tinggal sebelumnya, sangatlah mudah untuk mengakses halaman Cpanel. Tetapi sekarang sungguh sangat mengecewakan.

Pemblokiran situs-situs yang memang mengandung unsur SARA saya tidak peduli, mau diblokir, atau dihack sekalian format harddisk server sekalian ga’ masalah, tapi ya mosok buat ngelola website aja ga’ boleh….??

Kembali menilik perkembangan wordpress saat ini, dimana user wordpress.com ini terdiri dari berbagai elemen-elemen yang berbeda. Terhadap pemblokiran administrasi subdomain wordpress.com (hosting wordpress mandiri tidak di blok, hanya administrasi dalam wordpress.com saja yang di blokir oleh pemerintah Iran) saya rasa ada sisi baik dan buruknya.

Dari dalam ataupun luar negara Iran ini terdapat musuh-musuh yang tidak terlihat (cyberspace) hal ini dikarenakan kebebasan dalam berkata-kata pada dunia yang satu ini (cyberspace) dalam mengungkapkan sebuah fakta ataupun fiksi yang di nyata-nyatakan walaupun sebenarnya tidak nyata, sangatlah gampang dalam dunia ini, pengakuan sejumlah identitas dalam dunia ini sudah bukan hal yang asing lagi, kejahatan-kejahatan yang dilakukan penggunanya, phishing, carding, cracking, etc.

dalam membuat posting ini sebenarnya saya sendiri belum merujuk ke kawan saya yang mengelola sejumlah situs disini, tetapi setau saya, jika tidak digunakan proxy, halaman administrasi tidak dapat dibuka (Cpanel, WP Admin wordpress.com)

Proxy, entah berapa banyak situs penyedia proxy gratis yang diblock oleh pemerintah Iran, hal ini dapat difahami karena penggunaan proxy juga rentan akan kecurangan empunya proxy untuk mengambil kepentingan pribadi (dapat berupa data-data pengguna proxy, termasuk username dan password seseorang) alhasil, record dalam proxy sangat menguntungkan untung ber curang ria didalamnya.

Entah sampai kapan saya tidak bisa mengakses situs-situs yang saya kelola ini.

Saya pribadi meminta maaf sebesar-besarnya kepada blogger yang telah bersedia mengunjungi halaman coretan-coretan keyboard saya ini dan memberikan komentar padanya, tetapi saya sendiri tidak dapat memoderasi komentar-komentar para blogger yang telah sedia mengunjungi blog saya ini.

mungkin nanti saya akan pindah hosting pribadi http://www.mamatto.co.cc atau tempat lainnya yang pada halaman administrasinya tidak diblokir disini, agar nantinya saya dapat berinteraksi kembali dengan pengunjung yang telah bersedia datang ke blog saya ini.

Bersambung.

Wslm

rasanya banyak pengguna internet saat ini yang sangat dirugikan, adalagi yang menyebut blogger=hacker aneh rasanya, kalo menurut saya hacker yang melirik blogging, berarti hacker tersebut berfikiran luas untuk akhirnya hosting blog di beberapa penyedia jasa hosting blog.

pemblokiran situs diawali dengan di blocknya beberapa perusahaan internet besar seperti youtube, multiply, rapidshare, dan myspace.

dalam hal ini dapat dilihat sebab musabab pemblokiran ke empat situs tersebut,
diantaranya terdapat situs “Social Network” multiply, dan myspace yang jelas2 social network, youtube pun saya kira adalah situs social network, selain kegunaannya untuk share video, dll.

baru-baru ini saya mencoba mengakses blog saya yang di perusahaan milik google (blogger/blogspot) tapi g’ bisa alias di block huh!! mau sampe mana lagi sich sepak terjang pemblokir ini !!! sampe harus pake proxy segala buat buka situs yang di block !!

TO BE CONTINUED (mau browsing dulu )

ehm.. trus di forum astalavista.ms

dpt dilihat di http://boardreader.com/s/Brutus.html

I NEED BRUTUS AND TUTORIAL 2 months, 2 weeks ago (2008-01-25 08:52:00) by ahmad_doank hy aLL I NEED BRUTUS AND TUTORIAL iT tooL foR haCK iD iN aPPLicatioN oF mig33 iN mobiLE. pLeaSE otHeR rEpLy my reQuEST Source: Astalavista.MS Forum Forum: Software Request Thread: Show this thread (2 posts) Size: 411 bytes Links: Domain info Customize:

tapi topic di forum astalavista.ms ini sudah tidak ada, entah bagaimana sampai dapet pesan “The topic or post you requested does not exist”

dasar emang pencarian selalu berpijak sama mbah google jadi ya gitu nemuinnya

entah bagaimana, tutorial ttg brute force id mig33 menggunakan brutus ini telah mereka (yang reposting) terapkan atau belum, karena banyak sekali complain dari user yang tidak dapat menggunakan software dari hoobie ini.

metode apa yang dipakai untuk brute force id mig33?

hasil dari scanning port ip range mig33(dot)com menggunakan portscanner :

koneksi default mig33 adalah menggunakan gateway.mig33.com atau dgn ip 66.151.149.102 dengan port 25 (SMTP)

dalam list itu sebenarnya masih banyak ip mig33 yang tidak tercantumkan maklum cupu

bersambung aja ah….. TO BE CONTINUED

What does Brutus do?

In simple terms, Brutus is an online or remote password cracker. More specifically it is a remote interactive authentication agent. Brutus is used to recover valid access tokens (usually a username and password) for a given target system. Examples of a supported target system might be an FTP server, a password protected web page, a router console a POP3 server etc. It is used primarily in two contexts :

• To obtain the valid access tokens for a particular user on a particular target.
• To obtain any valid access tokens on a particular target where only target penetration is required.

What is a target?

Well that depends on you. As far as Brutus is concerned a target is a remote system and possibly a remote user on a remote system, there is more. To engage any given target we require an attack method, generally we only perform one type of remote attack – that is we attempt to positivley authenticate with the target by using a number of access token combinations. A target may provide no available attack methods, it may provide one or it may provide several.

What is an attack method?

In the context of Brutus, it is a service provided by the target that allows a remote client to authenticate against the target using client supplied credentials. For instance a UNIX server sat on a network somewhere may be offering Telnet and FTP services to remote users. Both telnet and FTP require the remote user to authenticate themselves before access is granted. For both these services the required credentials are usually a username and a password, therefore we have two available attack methods : FTP or Telnet. Some target systems will provide no opportunity for attack (at least not a remote authentication attack), perhaps they offer no remote services, perhaps they only offer anonymnous remote services (that require no authentication) or perhaps they offer authenticated remote services but use mechanisms to prevent authentication attacks such as account lockout or one time passwords of some sort.

Which attack method is best?

Again, that depends on some factors which may include :

• Is the target service available to any remote system? (Yes is good)
• Does the target service require a single token (e.g. just a password) or multiple tokens (e.g. Username & password & domain?) (Single tends to be easier)
• Does the target service feature account lockouts or large delays before returning the result of the authentication attempt? (Yes is bad)
• Does the target service allow us to maintain a persistant connection? (Yes is good)
• Is the service supported by Brutus, if not can it be defined? (Yes is essential)
• Will a positive authentication against the service actually be useful for the overall objective? (Yes helps)

Basically, the fastest most reliable attack method is always the one to choose if you have a choice. Generally trouble free methods include HTTP (Basic Auth) which is pretty fast, does not include lockouts or authentication delays – however the results may not be much use as often HTTP (Basic Auth) account information is separate from system account databases. The fastest remote service I have found to date is NetBus! Not only is it incredibly quick to authenticate against but a successful password aquisition will yield extreme target penetration.

I still don’t get it, what does it do?

Find some service where you need to enter your username and password to gain access, type in a username and password and see what happens, then do it again, and again, and again, and again until you gain access and are positivley authenticated or until you get bored. Pretty straightforward really.

What the hell are you on about?

Ah, it’s a game of two halves….

Whatever, can i get pr0n with it?

Probably…

I don’t need this Brutus junk

You know where the recycle bin is.

Are you some sort of assh0le?

Yes, why? You want to make something of it sunshine?

Brutus functionality – a brief tour around the application

The Main Brutus Window

This is the screen that is displayed when you first start Brutus. You will see the screen is divided into sections detailed below :

• Menu Bar – Here you can load/save sessions and services, you can also access the word list tools screen.
• Targetting Information – Here you can select the address of the target system and the target system type (a.k.a. attack method.)
• Connection Options – Here you can select the maximum number of simultaneous connections to make to the target system, be careful here – more is not necessarily better. You can also specify the TCP port number of the target system, the connection timeout (in seconds) and any SOCKS proxy that you may wish to use.
• Type Specific Options – This section will change depending on what type of service is currently selected (see Targetting Information section.) Usually the ‘Define Sequence’ button allows you to tweak the authentication sequence, there are also other options.
• Authentication Options – Here you can choose to use a username and password or just a password. You may choose a single, specified username or a user list file. With respect to the password component, you can choose a word list file, a combo (username & password) list file or brute force passwords (in which case you can specify the keyspace that you wish to try.)
• Positive Authentication Results – A list of any positive authentication results that have been obtained.
• Log Window & Status Indicators – The log window displays any messages that Brutus thinks you should know about. Underneath the log window you will see a progress bar indicator which unsuprisingly indicates the progress of the attack. To the immediate right of the progress bar you will see a number of greyed out error indicators, these will flash red when an error of the stated type occurs. For example if the ‘reject’ indicator is red it means that the target is rejecting connections, either because it is not listening on the specified target port or because Brutus is hitting the target with more simultaneous connections than the target can handle. In general, other than the ‘Quick Kill’ indicator, it is better that these indicators do not flash.

Wordlist Generation/Tools Window

This screen is available by clicking on ‘Wordlist Generation’ under the ‘Tools’ menu on the main screen. The following actions are available to you from the ‘action’ drop down list :

• Convert List (LF > CRLF) – This is very handy for converting UNIX style text files to DOS style textfiles. In many word lists that you may find the line break is indicated using a single LF character as opposed to the DOS standard CRLF character pair.
• Only Word Length – This will copy the input file to the output file removing any words that do not fit the specifed word length parameters.
• Remove Duplicates – This will remove all duplicate entries from the word list (a common side effect of running permutations on a word list) – THIS IS DISABLED IN BRUTUS AET2!!
• Permutations – This will copy the input file to the output file running a set of permutations on each word as it is copied, typically turning one word into around 50+ variants (remember that when you’re sat scratching your head whilst trying to permutate a 50Mb word file.)
• Create New List – This will take any seed words you provide and create a new word list from scratch after applying the selected permutations.
• Create New List for User – As above however, this will create a combo-list where both the username and the password are specified on each line. The username and any seed words you specify will be used to create the list.
• Create New List for Users – As above however, this is for multiple users. Instead of specifying a single username, the input file will be a standard user list file.

As of Brutus AET2 these routines have not been optimised however they aren’t too slow either.

Proxy Definition Window

This screen is available from the ‘Define’ button in the connection options section from the main window.

It speaks for itself, basically 3 SOCKS versions are supported, optional proxy authentication is supported. HTTP proxies are pretty straightforward and will be added at some point soon.

HTML Form Authentication Definition Window

This screen is available from the ‘Define Sequence’ button in the HTTP (Form) options section from the main window. Here you can define the form structure to Brutus of any given HTML form. This will include the various form fields, any cookies to be submitted in requests, the HTTP referer field to send (if any) and of course the authentication response strings that Brutus uses to determine the outcome of an authentication attempt. As with other authentication types there are two response strings available; none, either or both of which may indicate positive or negative authentication results.

At the top of this screen is an edit box labelled ‘Target Form’ and a button marked ‘Learn form settings’, you may enter the URL of the target HTML form in here and Brutus will attempt to fetch and interpret the form.

HTML Form Viewer Window

This screen is available from the ‘Learn form settings’ button on the HTML Form Authentication Definition Window. If Brutus can successfully read forms of the fetched HTML page (no frames, please direct Brutus at the individual framsets!) then each form will be interpreted and the relevant fields for each form will be displayed. Any cookies received during the request will also be logged here. Simply mark the relevant user and password fields of the form (i.e. the fields that correspond to the username and password editboxes on the HTML form) and hit ‘Accept.’ You can edit these values once returned to the previous window.

Authentication Sequence Definition Window

This screen is available from the ‘Define Sequence’ button in the Type options (except where the type is an HTML Form in which case the HTML Form Authentication Definition Window is displayed, or where the type is HTTP Basic in which case this button will be inaccessible.) This window is core to designing new authentication types for use with Brutus. Brutus handles each authentication attempt as a series of stages, as each stage is completed the authentication attempt is progressed until either a positive or negative aithentication result is returned at which point Brutus can either disconnect and retry or loop back to some stage within the authentication sequence. It is possible to view the authentication sequence by hitting the ‘View’ button which may make things clearer.

Brute Force Generation Window

Again, this window is self explanatory. It is used for defining the keyspace range that Brutus will use to generate passwords whilst in Brute force mode. Either choose one of the predefined ranges or define your own keyspace using the ‘Custom range’ option. Note the order of the characters can be important, by default they are arranged in order of letter frequency within written English. Guess what the min. length and max. length parameters mean? Don’t get carried away with brute forcing, for an example try selecting ‘Full Keyspace’ with 14 characters maximum length and then engage the target with Brutus. You will see that Brutus has calculated a total of 6,158,335,059,490,089,995 attempts! Check the estimated completion time in the bottom right of the main screen – yes by the time it’s finished insects will rule the Earth (apparently it will be the Bees although my money is on the Ants.)

Using Brutus – very briefly

Brutus CAN work very well, very fast if used correctly. Brutus CAN also sit there doing very little, it CAN sit there APPEARING to do lots whilst actually doing nothing. It’s all in the authentication sequence, you have to get it right and it is not very forgiving. I intend to change this by providing enhanced protocol learning functions and incorporating a ‘trace mode’ which will permit viewing and debugging of network exchanges between Brutus and the target. What I have found very useful is to use a network sniffer (personally I use NetMon) to monitor the TCP traffic generated by Brutus and the target, this provides an invaluable insight into what the application protocol is actually doing, in many ways I think it is actually better than just reading the RFC for a given service. Another useful tool is telnet or netcat, use it to manually authenticate with the target and see for your own eyes what that swine target is trying to tell your pal and mine, Brutus.

Brutus does very weak target verification before starting, in fact all it does is connect to the target on the specified port, thats all. It is a good idea to manually check your target before you spend three days trying to bruteforce and anonymous FTP server. Also, I’ve said it before and I’ll say it again – use positive responses in your authentication response strings if you can, you are far less likely to get false positives. However the trade-off is that Brutus is less likely to detect an error in the respose from the server (i.e. lockout).

Even if your authentication sequence is perfect Brutus AET2 is a test release with very little testing (thats why it’s a test release.) If it won’t seem to do what you want and you don’t know why, drop me a copy of the BAD file and I can perhaps check it out (no promises though.)

The GUI in Brutus AET2 was never meant to support what it is currently supporting, I had only ever intended to use this as a test container. Consequently you may notice where I have SQUEEZED stuff to fit into a small space, you also may notice GUI state inconsistancies. Watch out for them and let me know if you find any

It almost goes without saying that Brutus is ONLY for use in situations where the target system administrator/custodian has AUTHORISED the action. Many target systems will log authentication failures and consequently will log any attempted engagement with Brutus.

Enjoy

www.hoobie.net/brutus

brutus@hoobie.net

Smiley images and the text used to produce them*:

icon	text	text	full text	icon	full text
	: )	: -)	: smile :		: lol :
	: D		: grin :		: oops  :
	: (		: sad :		: cry :
	: o	: -o	: eek :		: evil :
	8 O	8 -O	: shock :		: twisted :
	: ?	: -?	: ??? :		: roll :
	8 )	8 -)	: cool  :		: ! :
	: x	: -x	: mad :		: ? :
	: P	: -P	: razz :		: idea :
	: |	: -|	: neutral :		: arrow :
	; )	; -)	: wink :		: mrgreen :

* In some instances, multiple text options are available to display the same smiley.

stick the code, don’t use space in emoticon code.

full of this article can be viewed at http://codex.wordpress.org/Using_Smilies

About the mobile chat applications
Mig33 is a chat tool that you can install on any phone that will allow you to message other Mig33 users anywhere in the world. All you need to become part of the network is to have a GPRS enabled mobile phone and a quick setup of the application to your cell phone.

Mxit is the alternative application that has swept South Africa by storm. Most Mxit users are more at ease with this application as they have been using it for a longer period of time. But it has its disadvantages for use. For one the creator of Mxit regulates the varied rooms and charges for you to interact in the Chat rooms. It even has its own currency called Moola’s that allow you to send a set amount of messages in a Chat room. After you have exhausted your funds, its time for you to buy more Moola’s.

Usability of the applications
Mig33 is more savvy in its approach to design and user end usage. You just got to be fast on the draw in the chatrooms to get your say in the chat room. In a matter of seconds the topic can change amongst the users and your point of say can be seen as old news.

Mxit is slower in approach and the chat rooms are very boring. I understand the creators logical approach to limit users to their geographic location for all intents and purposes of interaction and filtered marketing strategies but its still not the way to go. Note to Mxit: Remember there is freedom of speech and the masses will find a way to override it.

Mig33 is more flexible. How you might ask? It’s the choice of the users to create rooms by their choice of topic and intent. You may create rooms for your own pleasure and entertainment for your mates and also interact in other rooms. The slick and nifty design of the Graphic User interface is also wicked.

How much does it cost?
Mig33 is actually free believe it or not. All that you get charged for is the browsing time you spend on having your GPRS connection enabled.

Mxit, however is not free. Here you are charged for each message you send on the application for a mere 2 cents per message. And then also its your GPRS cost as well.

Safety and privacy
Privacy is one thing we all want to maintain if we are a mxit or mig33 user. But there is the dumb lot of people that just never learn. So I went off in the direction of hacking.

I hooked up with a just one person that has hacked hundreds of Mxit accounts and even did a few right in front of me. Mxit is more vulnerable to hacking than Mig33. For one to hack Mxit accounts its simple you either get to know one person and chain react a series of interesting questions to them and eventually get to their pin for Mxit.

Then the technology side has a few cracker tools to punch in a Mxit users nickname and it will process a new password for that Mxit users account without them knowing.

The algorithm for verification of the user is not that secure from what I could see when this kid did it for me. Yes I say KID as this desi boy is just 18 years old.

He (lets call him Warlock) admitted that Mxit is easier than Mig33. For hacking Mig33 he has yet to accomplish this. Right now Warlock has decided to stick with knocking out Mxit accounts and more so he does it from his phone. No fancy laptop or desktop.

Exploring the persona of the individuals in these chat rooms
The average mxit person is open to psychologically changing their style of communication to other Mxit users. There are some of those that are in the rooms that are totally geekified but go thru a make over to become the HotStud as their nickname (in internet speak the word for nickname is Handle). The same for the real life bikini babe to christen herself as SuperWoman. Its for some, an escape from reality to mould a new identity. For others, it’s a chat tool to keep in touch with friends and meet new friends for purposes that may vary.

Mig33 on the other is more aggressive, for the South African user it’s a new tool to them still. And there are many Mxit users that are slowly being converted from Mxit to Mig33.

The urban Jungle of Chat
For the urban metrosexual, ubersexual, hottie babe it’s a tool to meet friends, find a date and a host of other activities and intents. Some we shall not speak of mind you.

The office worker gets hooked too
For the average Joe Soap that uses a pc, they have become hooked on other chat applications that allow them to interact with friends, family and co-workers. Some of the more popular applications are MSN, Yahoo, Google Chat, AIM etc. so with that in focus it seemed a like a pretty good idea to stay online as much as possible so it was possible for Mxit and Mig33 to integrate the flexibility of allowing Joe Soap to sign in with his chat accounts. Both Mxit and Mig33 allow you to sign on your MSN accounts to their chat applications so even when you away from your PC you may still have access to chatting to their friends, family and co-workers. A plus and a bargain, to always be online.

Emoticons
What are these you may ask. Well they are a series input combinations that will allow text to convert to images for example to show a smiley face you would punch in on your phone : ) this would convert to the smiley face. There are many varied types.

Now that we have introduced you to the mobile chat world, here give it a try to see what we are talking about, what everyone is doing out in the World Wide Web of Mobile

For Mxit
Just go to www.mxit.co.za/wap from your phone, select your make and model and download.For more information on Mxit click here http://forum.mxit.co.za/

For Mig33 http://www.mig33.com

grabbed from N/A
View This Poll