Hacking Weaker Games

On our new website we’re going to be covering hacking the latest games that are unable to stand up to penetration from our reverse engineering skills. Which games are you most interested in getting cheats for? Let us know below, and we will consider supporting them with our first cheat releases! We hope you are all enjoying your summer and looking forward to the big PC game releases this fall.

Ninja Security “Samurai Skills” Course

I recently had the honor to take the full Ninja Security Course for hacking. This was a huge effort on their part. The course is jam packed with instructional videos and slides!

I spend most of my hacking time behind the wheel of Aircrack-ng, so mostly all of this material was completely new to me. I learned more from the videos than I could have from any book. My brain seems to function much better when I am seeing hands on, how things actually work, so this course was perfect for me.

The above is a screenshot of the course, used without permission. In this section I was taught how to evade an IPS while performing advanced SQL injection attacks. A lot of what I do involves Coldfusion applications communicating to Oracle databases at my job. I can tell you, that any webapp or application programmer, specialist, or even security analyst can seriously benefit from this set of videos alone.

If you browse to the page that offers the course, you will see: http://ninja-sec.com/index.php/samurai-skills/ that the price has recently changed since my last post about this course! It’s now cheaper! $750USD They have added all new videos and PDF files, AND you get a FREE subscription to hakin9 magazine, which isn’t cheap ($180USD+) and probably my personal favorite hacking magazine. They are also offering a full year’s worth of support and updates. This is a huge value. Updates means, updated tools and we all know that tools in infosec are constantly changing.

Even if you are new to the subject, this course would be perfect. It offers much more than all of the others and a complete, solid understanding of how real world penetration testing actually works. I am a huge fan of the Metasploit Project. The recent book published by David Kennedy on the subject was amazing to say the least. For some reason, I simply couldn’t find the time to actually dive straight into the project and test it as much as I could have. This course from Ninja Security teaches you, hands on from scratch how Metasploit is used on a professional level and gave me this missed opportunity.

I highly recommend this course to anyone looking to learn IT Security or advance their skill to the Samurai Level.

WEAKERTH4N BLUE GHOST

Download

Download ISO and MD5 At HaxRadio!
http://pub.pcheaven.eu/ Thanks Mad! 😀
Please note that this is only in BETA testing and not a final release. If you see any bugs, let us know so I can fix them in the next release!

FAQ

Development Details

Please note: This version of Linux is geared towards NVIDIA based systems. It will still work out of the box without, but for best results (CUDA, Aircrack-NG-CUDA, Pyrit, Moscrack, VLC) test this live DVD on an NVIDIA-based system.

    • WT4 BLUE GHOST updates.

 

    • Kernel 3.7 dropped for no wireless-compat support (yet) and several wifi driver issues with kernel modules.
    • Kernel 3.7 recompiled with AUFS and compat-wireless
    • DKMS and NDISWRAPPER don’t play well together, NDISWRAPPER dropped.
    • LORCON and it’s dependent applications may be dropped, as most are old. re-added
    • Kernel 3.6 with compat-wireless and patched wifi drivers seems like most likely candidate.
    • Kernel 3.7 STABLE with compat-wireless and patched wifi drivers seems like most likely candidate.
    • NVIDIA Driver: 310.32 (please see compatibility list)
    • CUDA development kit available in Live DVD.
    • Kernel headers + image + sauce are all .deb files and will be hosted here.
    • Kernel: wt-blueghost-0.5 built from 3.7.X Stable
    • GPU: Nouveau drivers dropped in lieu of CUDA, support for NVIDIA Hybrid graphics netbooks in Kernel for switching.
    • New OS features I coded: ACPI support for laptops, more OSD information(s), new WNL package manager, faster startup time with manual services, fixed hostname bug,
    • Airstop-ng – to stop all services for specified device
    • New Tools added: Moscrack,
    • NDISWRAPPER recompiled and playing nicely, Added driver for BCM based N3100 NETGEAR (call for wifi drivers) modprobe
    • Edimax support dropped for ancient driver fail
    • New laptop ACPI features – system will now suspend when lid closed and wake when opened (tested on several machines)
      • GPSD decided to change my BU353 into SiRF mode and RO

 

      • Removed aptitudes 2.95gpsd and tried compiling gpsd
      • GPSCTL will not change the device to NMEA ? (Failing and reporting that it is 4800 Baud SiRF)
      • Horrible compilation documentation for gpsd 3.x – wtf is scons? (had to copy libs into /usr/lib/ precompilation.)

SOLVED

      • Used Windows – SiRFDemo application and chose “Initialize data Source” from the Action menu, then Synchronize Protocol and Baud Rate (which set the baud rate wrong, but I saw the Debug View window display data. Then I chose “Swicth to NMEA Mode” and chose 4800 Baud. – Which “unbricked” the device.
      • compiled 3.2 from here

      • tar vxzf gpsd-3.2.tar.gz

  • cd gpsd-3.2/
  • apt-get install chrpath python-gps scons
  • mkdir /usr/lib2/ && cp lib* /usr/lib2/
  • LD_LIBRARY_CONFIG=$LD_LIBRARY_CONFIG:/usr/lib2
  • scons && scons install

  • Created custom icons for wbar dock (See new screenshots above)
  • Created shortcuts in the dock for WARCARRIER and On-Screen-Display of GPS
  • WARCARRER development slowly moving out of alpha
  • Tested kernel for live system on several hardware mixtures, all worked well, NVIDIA based and not NVIDIA based

03.13.2013 BETA 2

  • Added x-hunter(Google), x-hunter(Bing),ARP-OPT tools from Lucas, thank you Lucas!
  • Stopped inetd from telnet port SSH
  • Fixed dpkg database issue
  • Added a few more exploits for Android OS

03.14.2013 BETA 2

  • Added Raspberry Pi, PLC and more SCADA hardware hacking tools
  • Completely rebuilt the dpkg database from scratch (the stuff nightmares are made from)
  • Tested Fern-Wifi-cracker – removed from BETA
  • rebuilt the “vulnerable” server data
  • Dist-upgrade via DEBIAN
  • Added Hashcat GUI and tools into the menu

03.16.2013

  • Listened to Built to Spill
  • Recompiled the kernel (Blue Ghost v1.5 – built from 3.8.X), kernel headers, sources – and made deb packages of each
  • Hacked and compiled FreeRADIUS Wireless Pwnage Edition – added!
  • Hostapd hacked and added!
  • Coded start up scripts for both and a new SoftAPs submenu to the FluxBox menu
  • Recompiled NVIDA drivers and patched compat-wireless
  • Resolved (most) of the dpkg DB issues
  • Added even more ACPI support
  • Mapped function keys for FluxBox and laptops!
  • changed console font and resolution

WEAKERTHAN 3.6

Version 3.6 BETA

Reviews

WEAKERTH4N is one of the awesome pentesting distros I have ever tried. It’s still in its BETA release but the developer has done a good job for this project that some cool pentesting tools included in this distro. It is built from Debian Squeeze and uses Fluxbox as it Desktop environment. You can install this live pentesting distro using Custom Remastersys Installer. It has a lot of wireless tools unlike BackTrack 5.It has the old Android Hacking features.

~Nu11By73 via SoldierX.com

…just released backtrack 5 and i noticed they dont have much wireless tools as they had in backtrack 4…as i said before weaknet is still always on top of every os out there, hope ur still working on ur fine project because its worth it.

~Censored

WEAKERTH4N is one of the awesome pentesting distros I have ever tried. It’s still in its BETA release but the developer has done a good job for this project that some cool pentesting tools included in this distro. It is built from Debian Squeeze and uses Fluxbox as it Desktop environment. You can install this live pentesting distro using Custom Remastersys Installer. It has a lot of wireless tools unlike BackTrack 5.It has the old Android Hacking features.

~Hackforums.net via rootcon.org

 

This is still BETA, so if you see something out of the ordinary, or not working, or missing, feel free to email me!

Installing the ISO onto your HDD

Simply follow the installer!

Fluxbox

new to Fluxbox? Check out the awesome Wiki! http://fluxbox-wiki.org/index.php?title=Fluxbox-wiki

Changes since last release
Built from Debian Squeeze, NOT Ubuntu
Added so many tools and libraries that the ISO is now a DVD Size: ~ 1.4GB
Kernel: 2.6.35-weakerthan-3.6+
Drivers updated and patched
Added Armitage and out-of-the-box support with PostGRESQL
Updated tools
On Screen Display (OSD && low CPU) calls for application progress and battery monitor
Fixed many BUGs
You can install the OS using the Custom Remastersys Installer
Debian + Airbase-NG and custom WPA-Phishing attack for EAP Phishing
Better proxy suport
JAVA Full JRE for running JAVA based *nix applications right form the Live DVD (suggestion from censored.)
Enhanced Firefox for Penetration testers, including Pentest Bookmarks
Calibre, Acrobat, and more reading software
Better Nautilus Integration and File associations
Much better scripts for DHCP, and Networking Utilities
Aircrack-NG Updater with custom OSD
Intel Wireless N devices and Monitor Mode
Fully working and patched RTL8187 (better support)
Out of the Box NVIDIA Drivers (260.x.x), CUDA libraries, and smarter checking scripts (for those who don’t have NVIDIA, with multiple xorg.conf files)
Updated and tested Pyrit Scripts for CUDA (Out of the Box CUDA+Pyrit Batch server, right from live DVD!)
Added installer cleanup scripts to remove my enhancements for running as a live DVD
Wireless Spectrum Analysis Software (Ubiquity AirView and WiSpy) Weblog post showing Ubiquity AirView
Wireless Support
These are the radios I have working and tested fully for WT3.6 (if your’s is not here you may need some extra configuration to get them injecting / installed. Most of them should work out of the box, no problem, even if not show in picture below, thanks to the great work my BETA testers did!:

WT3.6 FAQ’s

What’s the login passwd for root?

Same as always: weaknet This passwd is used for everything including services, so if you perform a hard disk installation, you may want to change them!

How do I get my BCM433224 Working with WT3.6

This driver should be working out of the box, if you are still having issues (missing in iwconfig command) try re-installing the firmware / modules by following this guide here.

Airmon-ng locks up when I use it!

The Intel Centrino N series adapters have a problem with VAP’s and iw. You can still use monitor mode and inject just fine, you simply have to use “iwconfig wlan0 mode monitor” beforehand. Check the video posted above!

How do I update Metasploit???

Directly from the Desktop menu! Right click anywhere on the Desktop menu and navigate to Pentest->Exploiting->Metasploit Framework->Update Framework – and make sure you have an internet connection!

How do change the screen resolution?

Follow this guide to changing your desktop resolution, if you are not using intel or NVIDIA graphics cards. You may need to install the specific driver for your machine!