My dad found a phone a few weeks ago and asked me what he should do with it. Knowing how much it hurts to lose personal data, I said I could try to find the owner and send it back.

My first attempt was to search through the files on the SD card in order to find an identifying document (CV, bill, address...) but there were only family pictures.

My second attempt was to unlock the phone and check the information about the owner and the accounts linked to it. But for this to be possible adb has to be enabled. Good thing is that that particular brand shows an option for activating adb on the recovery menu.

But then, it's Android Oreo and I haven't found a way to lift the lock pattern. I thought I could bruteforce it over the shell (as I found there could be about 1300 possibilities for 2 to 5 point patterns), but there is the same attempt throttling as on the screen so that would take ages.

Finally, I found the owner in the most "social" way : The phone was displaying the weather for a particular place. It turns out that there are only 3K inhabitants in that city, si I thought that a big enough Facebook group might help me find the owner. So I posted a message on a 500 people FB group dedicated to this city with a selfie of the owner : someone identified her within 20 minutes.

Mission accomplished 😎

Bruteforce IRL

So I recently bought my first house (yay!).

Whilst doing the initial viewings I saw the below on the backyard and thought "hey that's neat, I can leave a key in there for when I come in late and my fiancée is asleep.

Fast forward to moving in day and the previous owners hand me the keys so I ask "oh yeah, what's the code for the keysafe" and he just looks at me completely blank, so I'm just like "the box on the wall out back" and he's just like "oh! So that's what that is. No we've never had the code for that, bye."

Being a pen tester I'm just stood there dumbfounded thinking "How the hell can you have a locked box attached to your house and not want to know what is inside!"

Anyway, that brings us to now where I'm stood outside in December on a Sunday morning brute forcing my way into my own keysafe.

I wish this didn't run so many parallels with my work life 😂

-made a password-protected zip to backup my homedir
-launch the update to Fedora 28
-oh look Jessica Jones season 2 is available on Netflix

...

Some hours later

-Fedora 28 boots
-copy back my backup.zip
-shit what's the password already
-proceed to bruteforce the zip
-let's go back to Netflix while it's doing the job

...

Some hours later

-password: test
-proceed to self-fuck

Fucking bruteforce man. Was supposed to go sleep when got few messages from my gameserver players that their accounts have been hacked.

Checked their logs, all of their accounts have been accessed from Russia. Told them to change their passwords and they told me their previous passwords which were easy af to guess.

Digged deeper and found hundreds of thousands failed logins in the last few hours and all of them from different ips.

Since I cant modify gamefiles on client side, the solution for now was to disable in-game registration and force player registration through the website form with captcha and also where each players login name gets appended with a random suffix chosen by player from a random list..

Fuck you bruteforce scriptkiddies, good luck guessing accounts now. At least I can sleep now.

I'm glad someone is having fun.

We have a bruteforce?

[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /a
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /ac
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /acc
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /acco
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /accou
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /accoun
[30.01.19 11:25]🧠 WARNING (EXTERNAL IP): Not Found: /account
[30.01.19 11:26]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/
[30.01.19 11:27]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/lo
[30.01.19 11:27]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/log
[30.01.19 11:27]🧠 WARNING (EXTERNAL IP): Not Found: /accounts/logi

No only a skiddie who try very hard

🔐How can a manufacturer(Netgear) not allow changing username of the admin user???🔥

That effectively lets anyone bruteforce the damn thing like its being grilled on a BBQ!

Yet they implement remote access router management via 8080 and alley you set up VPN server on the incapable thing.

I tried to do a sudoku solver, but it didn't work...

I wanted it to succeed without backtracking or bruteforce, so I tried solving it in a human way.

I ended up with some if-else AI that couldn't do anything at all

My internship is coming to an end and I think my boss is testing my limits.

So, in the beginning of this week, he assigned me a non reproducible bug that has been causing trouble to the whole team for months.

Long story short, when we edit or create a planned order from the backend, once in fifteen, a product is added to the list and "steals" the quantity from another product.
Everyone in the company has experienced this bug several times but we never got to reproduce it consistently.

After spending the whole week analyzing the 9 lines of JS code handling this feature, reading tons of docs and several libraries source code. I finally found a fix by "bruteforce testing" with selenium and exporting screenshots, error logs and snapshots of the html source.

This has been intense but was worth the effort, first, I fix a really annoying bug and second, I learned a lot of things and improved my understanding of Javascript.

FUCK YEAH!
I just managed to bruteforce my GPG key's password :D :D
I fucking love Python!

Security lifehacks 101

Why pay for password managers? Just use one secure password for every service you use! Password managers are really designed for fools who don’t know that you can just use one password for every service and who are ready to pay for that shit.

The best practice is to use your name starting with a capital letter + your main credit card number + CVC code from the back of that card as your go-to password. It’s long and hard to bruteforce and you can remember everything that way! You just need to remember that one password and you’ll always remember your payment info! No need for apple’s bad Apple Pay which is not so secure after all like everything else that Apple offers.

I just installed nginx on a new server, just to find out we have visitors waiting patiently at the door. I guess they must have tried all possible route to get inside an empty room. 😏

See logs hits on 404 files...

Acquaintance of mine brags that he made a "Facebook password cracker" that took less than 30 lines of code.

I take a look at it, then I realize it's brute force password cracking.

Oh dear.

Facebook doesn't even let you do that many password attempts, not to mention that brute forcing passwords is going to take more time than the expected lifetime of the sun. (exaggeration? Maybe. But you get my point.)

Why are we still here? Just to suffer?

A colleague just hit his computer with a C++ textbook and shouted a verse that easily would have been bleeped out on TV. All this because he could not log into Windows.
Microsoft need not worry, they seem to have fixed any loophole for such bruteforce login attempts ;-)

Bruteforce lol

So it's required by law to chip and register your dog. I just got a puppy so I had to change the owner of the dog from the kennel to me. And the only thing I needed was my chipvalue and the registration number.

So all I have to do is scan the dog and try the registration numbers and then I can change the owner. Like wtf. And it does not even send a confirmation email. I checked by changing owner and email again.

My registration number is only in the 600K so other registered pets should be easy enough to bruteforce.

Or am I missing something?

So, this incident happened with me around 2 years ago. I was pentesting one of my client's web application. They were new into the Financial Tech Industry, and wanted me to pentest their website as per couple of standards mentioned by them.

One of the most hilarious bug that I found was at the login page, when a user tries logging into an account and forgets the password, a Captcha image is shown where the user needs to prove that he is indeed a human and not a robot, which was fair enough to be implemented at the login screen.

But, here's the catch. When I checked the "view source" option of the web page, I saw that the alt attribute of the Captcha image file had the contents of the Captcha. Making it easy for an attacker to easily bruteforce the shit outta the login page.

You don't need hackers to hack you when your internal dev team itself is self destructive.

Riddle:

Alice and bob want to communicate a secret message, lets say it is an integer.
We will call this msg0.
You are Chuck, an interloper trying to spy on them and decode the message.

For keys, alice chooses a random integer w, another for x, and another for y. she also calculates a fourth variable, x+y = z
Bob follows the same procedure.

Suppose the numbers are too large to bruteforce.

Their exchange looks like this.
At step 1, alice calculates the following:

msg1 = alice.z+alice.w+msg0
she sends this message over the internet to bob.
the value of msg1 is 20838

then for our second step of the process, bob calculates msg2 = bob.z+bob.w+msg1
msg2 equals 32521
he then sends msg2 to alice, and again, you intercept and observe.

at step three, alice recieves bob's message, and calculates the following: msg3 = msg2-(alice.x+alice.w+msg0)
msg3 equals 19249. Alice sends this to bob.

bob calculates msg4 = msg3-(bob.x+bob.w)
msg4 equals 11000.
he sends msg4 to alice

at this stage, alice calculates ms5.
msg5 = (msg4-(alice.y)+msg0.
alice sends this to bob.

bob recieves this final message and calculates
the sixth and final message, which is the original hidden msg0 alice wanted to send:
msg6 = msg5-bob.y

What is the secret message?
I'll give anyone who solves it without bruteforcing, a free cookie.

What's wrong with the idea of having a huge computational network like in Watch Dogs to bruteforce encryption ?
I mean suppose having 500 or more million cores , how long does it actually take to bruteforce a 256 bit key ?

Bruteforce programming about which I've already ranted earlyer and also let's implement everything in our ms access database and regularly open the DB using the Windows task skeduler.

I decided to run the ROCKYOU password list to see if there are any patterns in md5 hashing, not sure why but I am starting to confuse myself and I need a new pair of eyes to have a look.

in advance, sorry for the shitty image, that lappy is a temporary solution.

So the very accurate and not bias numbers show that the letter "0" appears more than the rest, would there be any use in let's say ordering the wordlist with words that have the most "0" and "7" in their hash to appear at the top?

I believe I might be trying to stretch the numbers and see a pattern where there is none but its worth a shot I think.

Note:
- These numbers come from only about ~14m words

My thinking trail is that if statisticaly these hashes are more likely to appear, they are more likely to be the one I am looking for?

FUCKING PIECE OF SHIT USB STICK. What the actual fuck how hard can it be to format a usb-stick? Excuse me?

Basically, flashed arch .iso on my usb stick. After stuff was done I want to format my usb stick again so I can put files on it. Normally thats a super easy process. I tried a shitload of things.

1) On windows: Quick format -> Windows was unable to format.
2) Went to Linux. Opened GParted. Gparted didn't detect the usb drive? Wtf. Rebooted then it showed up. Tried to delete all partitions, tried to clear the entire drive. Gparted just freezes. Ok... wtf is going on?
3) Tried to go the bruteforce way and zero out the entire drive with dd. After a few seconds dd freezes and is not doing anything anymore.

Wth is going on lol? Why can I not wipe my usb drive? Any ideas?

Just received this really weird email. Probably spam, but why even bother when there is no link or attachment? Maybe it is encrypted... 🤔 What do you think? Anyways, the server has SSH enabled anyone care to bruteforce? :^)

Hacking a account using Bruteforce is easier than creating a sitemap generator script

>making bruteforce MD5 collision engine in Python 2 (requires MD5 and size of original data, partial-file bruteforce coming soon)
>actually going well, in the ballpark of 8500 urandom-filled tries/sec for 10 bytes (because urandom may find it faster than a zero-to-FF fill due to in-practice files not having many 00 bytes)
>never resolves
>SOMEHOW manages to cut off the first 2 chars of all generated MD5 hashes
>fuck, fixed
>implemented tries/sec counter at either successful collision or KeyboardInterrupt
>implemented "wasted roll" (duplicate urandom rolls) counter at either collision success or KeyboardInterrupt
>...wait
>wasted roll counter is always at either 0% or 99%
>spend 2 hours fucking up a simple percentage calculation
>finally fixed
>implement pre-bruteforce calculation of maximum try count assuming 5% wasted rolls (after a couple hours of work for one equation because factorials)
>takes longer than the bruteforce itself for 10 bytes

this has been a rollercoaster but damn it's looking decent so far. Next is trying to further speed things up using Cython! (owait no, MicroPeni$ paywalled me from Visual Studio fucking 2010)

spooky