Hosted by Darren Kitchen and Shannon Morse. New episodes Tuesdays.
Put together by a band of IT ninjas, security professionals and hardcore gamers, Hak5 isn't your typical tech show. We take on hacking in the old-school sense, covering everything from network security, open source and forensics, to DIY modding and the homebrew scene. Then we wrap it all up with a... Read More
Got a restrictive firewall blocking sites at school or work? Evade 'em easily with your own private web proxy. Want to securely tunnel any port through an SSH session? Darren's got just the trick. Wondering how to properly use Asleap to crack MS-CHAPv2 PPTP VPN handshakes & LM Hashes? Interested in trying out neat free enterprise applications but don't feel like spending hours in a terminal? Try deploying a virtual appliance in minutes, the free and open source way.
SSH Tunneling isn't new to the show, we've done it before over DNS or in conjunction with VNC. Today we're looking at two SSH tricks for tunneling just about any traffic.
First up, ssh -D. The -D option specified a local "e;Dynamic"e; application-level port forwarding. Any connection made to the specified port goes through the tunnel as a SOCKS4 or SOCKS5 proxy. Perfect for secure web browsing as demonstrated with Firefox in this segment.
Usagessh -D 8080 user@server
Second, ssh -L. The -L option enables port forwarding. Using this option tells the SSH client to listen to traffic on a specified port and forward it along through the tunnel. The server receives this data and points it to the specified destination, whether it be on the destination network or otherwise. In our example we use the -L option to securely connect to an open IRC server.
Usagessh user@server -L local-listen-port:destination-ip:destination-port
For more SSH-fu check out the ssh man page or Linux Journal's interesting series on 101 uses of openssh.
The age old scheme for bypassing restrictive firewalls, like those that block sites at school or work, has been to use a web proxy. Of course this is followed up by the network administrator blocking all mainstream proxies. But what if you could run your own? Well, you can and it's really freaking easy. In this segment Darren demonstrates PHProxy
On episode 612 we demonstrated a tool, asleap, designed to crack MS-CHAPv2, the authentication protocol commonly found in Microsoft PPTP VPNs. The final demo was unsuccessful due to the encoding of the handshake and response sniffed by Wireshark. Viewer Sc00bz was kind enough to post a PHP script that accepts the challenge, response and username and provides you with the proper asleap command to run with the properly encoded byte sequences. Sc00bz has well documented the code, which lives now on this Hak5 forum thread. Thanks Sc00bz!
A Virtual Appliance can be though of as a software image containing a supporting stack designed to run inside a virtual machine. A quick look at vmware's virtual appliance directory shows that there are hundreds of applications that can be quickly and easily deployed. In this segment I take the Dimdim open source virtual appliance, designed for vmware, and deploy it with VirtualBox (just becasue I can).
10 days ago
Employers want social media passwords, US gets a #CPO, and #TheOnion! All that and more this time on #ThreatWire! http://t.co/SrZpicvnt6
12 days ago
#Installing #Solar panels, #Google #Chrome #extensions, and more on @Hak5! http://t.co/QppYLgZpi5
12 days ago
Legalizing #Internet eavesdropping, #LivingSocial is #hacked, and more on this weeks #ThreatWire! http://t.co/xyIxzy8kes
12 days ago
@thescribe I didn't! They were disabled and enabled throughout the segment. Each one has a different icon. - @Snubs
12 days ago
@myraitnetwork thank you!
28 days ago
#PGP #Encrypt your email, back up your #Gmail Account with #Ubuntu, text #messaging your #WiFi #Pineapple On #Hak5! http://t.co/KSZeO4GEPU
