http://www.infosec.org.uk//index.php?section=podcast New Videos Copyright 2008, http://www.infosec.org.uk/ glafkos@infosec.org.uk Contrexx® Web Content Management System http://blogs.law.harvard.edu/tech/rss http://www.infosec.org.uk//index.php?section=podcast&id=18 This video tutorial demostrates how you can use packet injection in windows. The hardware used was an Atheros Chipset Card and the drivers that of commview. Enjoy the video demostration.. Glafkos Charalambous Security Videos InfoSEC Videos Wed, 05 Dec 2007 10:14:42 +0200 http://www.infosec.org.uk//index.php?section=podcast&id=17 This video demostration using AirCrack suite to show us how easy we can send a deauthentication packet to a client so we cause him to connect again and thus giving us his WPA-PSK key. After we get they key the only thing left is to crack the key, either by bruteforcing or dictionary attack (hybrid). It would be a good way to precompute the attack using rainbow tables but you will have to build the rainbow tables based on specific SSIDs. You can see a video demostration of how simple you can get the key from WPA-PSK connected clients. Depending on the key length it will take more time to be break if you are using a bruteforce method. There are lot type of attacks nowadays. Glafkos Charalambous InfoSEC Videos Security Videos Wed, 05 Dec 2007 10:04:43 +0200 http://www.infosec.org.uk//index.php?section=podcast&id=15 This video introduces the viewer to the AirPcap USB adapter, and auditing WiFi networks with it. Irongeek.com Security Videos Tue, 23 Oct 2007 17:49:46 +0300 http://www.infosec.org.uk//index.php?section=podcast&id=14 This video introduces the viewer to the AirPcap USB adapter, and auditing WiFi networks with it. Irongeek.com Security Videos Tue, 23 Oct 2007 17:48:28 +0300 http://www.infosec.org.uk//index.php?section=podcast&id=13 As many of my viewers know, I have an interest in metadata and how it can be used in a pen-test. Thanks to PaulDotCom I found out about a tool called Metagoofil that makes it easy to search for metadata related to a domain name. Irongeek.com Security Videos Tue, 23 Oct 2007 17:39:34 +0300 http://www.infosec.org.uk//index.php?section=podcast&id=12 Metadata is data about data. Different file formats store extra data about themselves in different ways. This video will cover metadata that can be used during a forensic investigation, namely MS Word doc metadata and the metadata stored in a Jpeg's Exif data. Irongeek.com Security Videos Tue, 23 Oct 2007 17:36:11 +0300 http://www.infosec.org.uk//index.php?section=podcast&id=11 This video introduces the viewer to using a Nokia Internet Tablet as a pen-testing device Irongeek.com Security Videos Tue, 23 Oct 2007 17:34:12 +0300 http://www.infosec.org.uk//index.php?section=podcast&id=10 During 2005 Sony BMG was discovered to be including Extended Copy Protection (XPC) and MediaMax CD-3 software on music CDs. The software was automatically installed in the background onto users computers systems that used the autorun function to start running the CD. The software could hide itself from the computers process list in the same way a rootkit would. There was over 100 titles in total that included this "rootkit". Using similar techniques we are going to use the autorun feature with a USB drive to run multiple hacking tools. Irongeek.com - (Dosk3n) Security Videos Tue, 23 Oct 2007 17:32:23 +0300 http://www.infosec.org.uk//index.php?section=podcast&id=9 THC-Hydra is a remote dictionary attack tool from The Hacker’s Choice group. It’s a well made tool that supports a lot of protocols and options. The following protocols are supported: TELNET, FTP, HTTP, HTTPS, HTTP-PROXY, SMB, SMBNT, MS-SQL, MYSQL, REXEC, RSH, RLOGIN, CVS, SNMP, SMTP-AUTH, SOCKS5, VNC, POP3, IMAP, NNTP, PCNFS, ICQ, SAP/R3, LDAP2, LDAP3, Postgres, Teamspeak, Cisco auth, Cisco enable, LDAP2, Cisco AAA. Irongeek.com Security Videos Tue, 23 Oct 2007 17:27:38 +0300