http://www.computereverything.net/ff_files.7z

.7z file can be extracted with freeware utility 7-zip available on Sourceforge.  No password required.

7zip MD5 = 1D9833AF0B13FAF09F6AC389E60F0038

ffxivsetup.exe MD5 = C805C29C73B80CCB9B3711B6075A9D8D

Enjoy!!!

Level 1: “XK Servers”

The facts:

website: www.xkservers.web

company name: algoEX

Well this isn’t quite enough information for us to complete the mission so what happens when we scan www.xkservers.web ?

Open ports found… 6204 used for webmail.  What happens when we point our browser to www.xkservers.web:6204

We get a banner saying that our username has been reset to 01CompanyName

Now that’s what was difficult for me.  I did not realize that algoEX was in fact the company name.  Anyways its now safe to assume the username is 01algoEX.

What happens when we run this username in the Crack against the webmail URL?  BOOM we get a password. PWND! (p.s. PWND! is not the password).

Now if we login to the main website with the username 01algoEX we get the address of the victims FTP site which is: ftp.01algoex.xkservers.web.  Login to the FTP and download the algorhythm and you win level 1.

Level 2: “F8datastreams”

The facts:

website: www.f8stream.web

upload website: www.upload.f8stream.web

username: admin

This ones even easier than the first, go to the Crack and run the admin username against the upload URL.  BOOM… PWND!

login to the upload site as admin and enable FTP then Scan the server… looks like FTP’s running on its default port 21.  Put in your newly discovered password and upload your virus!

Level 3- “Delta adworks”

Facts:

Victim’s email: gary@deltaadworks.web

Website: www.deltaadworks.web

If we visit the website we dont get any useful info, so lets scan the server… And it appears port 6945 is open for Database Management.  Lets point our browser to www.deltaadworks.web:6945 and see what fact we pick up next…

username: adminuser

once again lets Crack this username against the URL (www.deltaadworks.web:6945).  There’s our password.  Lets go ahead and login to see what else we can get access to… Lookie Webmail database is down, better restart that and get connected!  I wont ruin the final steps of this game for you but you get the point.

If you’ve enjoyed this tutorial or have any questions please feel free to post feedback!

Several weeks ago I had some spare time after being called to jury duty which turned out to be canceled. Instead of twiddling my thumbs for a few hours I decided to check out netbooks. I wandered into Micro Center and looked at several brand machines including Asus, HP, Acer and MSI. When looking at specs I ideally wanted a quality brand netbook with 2 GB RAM, an SSD hard drive and Wifi card that supported promiscuous mode and packet injection. Unfortunately Micro Center did not offer ANY netbooks with 2 GB RAM or SSD hard drive, those I would have to pay extra for. I decided to keep my money on the upgrades but notcied that Asus (my first netbook brand name choice) had a machine with an 802.11 N card (1005HA-VU1X-BK). I did some quick research to see if anyone was successful with a BackTrack installation on this machine, the vertict looked good and the price was the same as NewEgg so I decided what the heck and bought it.

After leaving the store I eagerly opened the surprisingly small package, popped in the battery and proceeded to the nearest Wi-Fi Enabled coffee shop to plug in and begin tinkering. The box came preinstalled with Windows XP and booted right up no problem. All the drivers worked perfectly out of the box and system had very minimal bloatware. The machine has a 160GB hard drive split evenly into two user partitions. I trimmed down a few services, preinstalled applications and performance settings to achieve maximum performance from the rather mediocre Intel Atom processor and was cruising the net at very acceptable speeds. I installed my standard Windows security packages including: NMap, Cain, WireShark, Nessus, NetStumbler, 7zip, SRWare Iron, etc and have had very decent performance.

After a day of XP I decided it was time to start my BackTrack installation. Some easy googling pulled up two excellent articles:

http://forums.remote-exploit.org/backtrack-4-working-hardware/24386-howto-backtrack-4-pre-final-asus-eee-pc-1005ha-3 .html

http://forums.remote-exploit.org/bt3beta-working-hardware/10225-bt3-eeepc-7.html

Here’s my installation summary:

1) Download the latest BackTrack4 iso (pre-final).

2) Download UNetbootin and create a bootable usb.

3) Boot the from USB to BackTrack4 (spam the escape key while PC is powering up to get to boot menu).

4) Login as root, startx

5) Run the install.sh script on the desktop.

6) After setting up the basics you will need to configure your partitions. WARNING: (Pretty sure) the default setup will overwrite your XP installation. I clicked manual then deleted my non-xp partition, then with the free space created a 1024 MB partition for Swap and used the rest of the space as Linux ext3 system space and let the installer rip.

7) After the install completed I rebooted and removed my USB device. Here’s where things got a little tricky for me. Ubuntu by default does not enable the root account. I wasted much time running BackTrack as a user trying to sudo everything. This proved to be a waste of time for me so I finally did a “sudo passwd root” and rebooted logging in as root everytime there after.

Enabling and testing certain features

A) Wifi: /etc/init.d/wicd start This worked off the bat enabling my Atheros wifi card (ath9k driver). I could then use Wicd Network Manager (gui) to input my WPA2 settings and connect automatically (authenticates very quickly!).

B) LAN: /etc/init.d/networking start This did NOT work out of the box for me and took quite a bit of finesse to get going. I had to download a modified driver for my card (will post link later).

C) aireplay-ng: First few times I tried running this from KDE it crashed my system, stdout said Injection Sucessful but seconds later my whole system would lock up. After some googling I installed and fiddled with linux wirelss compat drivers and still got the same results. I uninstalled the drivers and tried again from the command line before starting any networking services and sure enough it worked. THEN it started to work magically under KDE.

9) Final Grade: A (9/10)

I give this machine a 9 out of 10 for quality, performance and overall satisfaction. My only major issue is that the Touchpad and Keyboard will stop responding randomly on occasion (under both OS’s). I will be giving Asus a call to try to resolve this one but my suspicion tells me that this may be a hardware issue. The other question that lingers in my mind is Hard Disk security. In the bios you are able to set a Hard Drive lock password which for obvious reasons is a very useful tool. What i’d like to know is just how secure is this, Who if anyone can easily unlock this drive and for what purpose? If anyone has any wisdom to share please make a post! Also please feel free to post any questions you may have as this BackTrack installation was a bit tricky.

Good luck!