I LOVE portable applications! Who likes installing stuff? Today I’m checking out Cameyo, a free virtualization tool. Huzzah!

Download HD Download MP4

Making an app portable sounds hard, right? But it’s not. Using Cameyo’s free virtualization program, you can combine all of the files, DLL’s, and the registry into one single file that you can open from a USB, dropbox, or other cloud storage to be used on any computer. You don’t have to reinstall your apps again and again. Using a virtual app (which is also referred to as a portable app) also keeps your computer stable and carefree by isolating the applications from the PC. I can already see this program freeing up a lot of my valuable time.

So how does it work?

First off, download the executable file of a program that you want to download. Next, open Cameyo and click on capture installation. Cameyo will “record” the download files needed to use the program you’re installing. Follow the on screen instructions in Cameyo and at the end you’ll have one file that you can put on a USB stick and carry with you. Now to see if it’s really that easy!

The first time you run it, it’ll need to take an initial system snapshot that may take some time. Once done you can start the process.

Cameyo also works online, where you login to their website and submit your application installer and they package it for you. You click Package and after a few minutes, you’ll get an email with the packaged file ready for you to take on the go.

Thanks to Corey for sending this in. It’s so made of win! Now it’s your turn. What program or command are you using these days? Send me a note in the comments below or email us — tips@hak5.org or send me a note in the comments below.

And be sure to check out our sister show, Hak5 for more great stuff just like this.

Are we one step closer to becoming cyborgs? We’re looking at the latest in Augmented Reality Glasses. The ultimate tool for analyzing, recovering and fixing a borked box. 4G USB modems and Linux, can they play nice together? And who’s multicast datagram IP flow is making nets glow? We’ll find out! All that and more this time on Hak5!

Download HD Download MP4

The latest in Augmented Reality eyewear with Vuzix

Clark Dever of Vuzix joins us to show off their latest in augmented reality eyewear technology, including the first production see-through AR display — the STAR 1200. Find out more about their eyewear and software development kits at vuzix.com

Hiren’s BootCD to fix your PC

On the hunt for another bootable CD with lots of fun tools? Here’s one that’s always been a favorite for many. Hiren’s BootCD (HBCD) is a free bootable CD that contains a load of useful tools you can make use of in a variety of situations like analyzing, recovering and fixing your computer even if the primary operating system can not be booted. It features tools that are helpful to partition, backup, recover, and work with the BIOS/CMOS. The website says that this is for people who have problems accessing the downloadable programs that can help them fix their computer. If you have Hiren’s BootCD, you don’t have to download all those programs. You can repair issues like hard drive crashes, viruses, password recovery, and data recovery.

On the website, I started following these crazy directions where you had to download the USB Disk Storage Format program, Grub4DOS, and the newest version of the Hiren’s BootCD. After getting like halfway through, I had a duh moment and figured out since there’s an ISO in the BootCD folder, I’m just going to use UNetBootin and install the ISO onto my USB drive. So I formatted my drive into FAT, and installed the ISO on it.
Now it’s time to boot up and see if it works!

In regards to the install, I guess if you have issues trying to just stick the ISO on the flash drive you can try the How-To on Hiren’s website. They also say:
“”If you are getting GRLDR error, or if usb booting is halting with a blinking dos window, or if you are faced with similar situations, try using syslinux to boot grub4dos. To do that, download syslinux.zip, extract its contents, run ‘RunMe.bat’ inside of the extracted folder and follow its steps.”"

Although this Bootable CD is super cool and easy to use, I do have to mention that some of the tools found on here are not free to use. You have to have a license to legally use them, so you may not want to use it.

That said, I really like Hiren’s bootCD. It’s combination of tools and programs for any kind of recovery is very useful and I’ve been a fan of it for many years. Although Hiren’s is an older tool, it is updated and fixed periodically, with new versions being released all the time.
Do you like Hiren’s BootCD? Email me your take on it at feedback@hak5.org.

4G Modems and Linux playing nice together! *shocking*

Darren demonstrates the crafty hackery necessary to get a modern 4G USB modem to be recognized and initialized in Linux. Darren uses USB-ModeSwitch and Sakis3G for an all-in-one PPP connection manager to a 4G network.

It’s like 56k WinModems all over again!

If you’re into Hak5 you’ll love our new show by hosts Darren Kitchen and Shannon Morse. Check out HakTip!

Whether you’re a beginner or a pro, HakTip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems Administration, and more

And let’s not forget to mention that you can follow us on Twitter and Facebook, Subscribe to the show and get all your Hak5 goodies, including the infamous WiFi Pineapple over at HakShop.com. If you have any questions or suggestions please feel free to contact us at feedback@hak5.org.

No matter what your project is Domain.com has what you need to register, host and promote your next big idea…even if it’s ffffggggggggggggggghjk.com. Domain.com is owning the competition with cheap domain names and hassle-free service. Their easy checkout process and domain discovery system makes it easy to select the domain that’s right for you and setup your website without hassle. Domain.com will even transfer your domain from another registrar and hook you up with another year of service for under $6.50 when you use coupon code HAK5 at checkout. That’s right, our code HAK5 will score you 15% off. Don’t forget, when you think domain names, think Domain.com

If you love alternative apparel brands like Kidrobot, Hurley, and Stussy but hate wasting all your cash on them, listen up! You can score these premium brands at UP TO 80% OFF every day at JackThreads — the invite-only shopping club just for guys. They’re serving up street, skate and surfwear brands at brain-melting prices. Get instant access to their deals for free and bypass the normal wait-list to join when you head over to JackThreads.com/hak5. Start saving instantly without leaving the house.

With Netflix, the world’s largest subscription stream service, you can instantly watch thousands of TV episodes and movies on your Microsoft Xbox 360, Sony PS3, Nintendo Wii and computer for one low monthly price. No late fees. No due dates. For a limited time Hak5 viewers can get a FREE 30 day trial membership at netflix.com/hak5. Sign up now and be sure to use this URL so they know we sent you.

I’ve lost my flashdrive! And if an honest person found it I can use this script to send them a message and contact info!

Download HD Download MP4 Download WMV

I recently lost my 16 gig flash drive during my travels and have yet to find it. For all I know some random person picked it up and decided, ‘Sweet! Free flashdrive!’. Now, although this is a bummer for me, I now have a new drive and need some sort of security feature and way to claim it as my own. Luckily, the good people of ‘Daily Cup of Tech’ came up with a solution.

First they thought of just sticking a text file on the drive that says ‘Help.txt’ or ‘ImLost.txt’ but whose to say that the founder will read that? Using an AutoIT script, the creator made an auto run file that the user can click on. The Icon displays ‘Help! I’m Lost!’ and when it’s clicked on, it displays a message of your choice- whether that is your address or a reward for returning the drive, etc. If you right click on the drive in My Computer, the same thing shows up.

Because of the high interest in this code, there is now a downloadable .zip file with all you need to get started. Simply download the zip file, extract the files to the root of your flashdrive, and change the readme.txt to say whatever you want. Now, when you plug in your drive, it’ll be named ‘Help! I’m Lost!’ and have several files that can pop up and state the same thing. No matter how curious the person who found the drive is, they’ll want to know what the .txt has to say.

But what if you lost your USB drive and there was sensitive data on it? I have a tip on securing your drive as well.

Now the problem I find with my flash drives that I have on hand is none of them have any sort of security features. Sure, I could shell out lots of cash for an encrypted super drive, but why do that when I could encrypt mine for free? Enter TrueCrypt. If you haven’t played with truecrypt before, I explained how to encrypt your entire harddrive on an episode of Hak5. Those same steps can be used to encrypt a partition or a volume, even a flash drive. Encrypting your documents and important data inside a drive won’t keep people from stealing it or yourself from losing it, but at least then your data can’t be accessed without the proper password.

Ok, so I want to hear your feedback. How do you protect your flashdrive? Let me know what you think or what program you use by emailing me — tips@hak5.org or send me a note in the comments below.

And be sure to check out our sister show, Hak5 for more great stuff just like this.

This time on the show I’m checking out EaseUS’s ToDo Backup Utility.

Download HD Download MP4 Download WMV

My whole life is on my computer, and if I lost my photos to a dead hard drive or PC meltdown, I’d be at a complete loss. You can pay loads for online storage and cloud service backups, but you can also use tools to backup to your network, a server, or another hard drive. This one is called EaseUS’s ToDo Backup Utility.

This program features backup scheduling, full system backup and recovery, file and folder selection, and incremental backup- which is something I love as it only backs up when files have been changed or added since the last backup. It is supported on all newer versions of Windows.

Install this program like normal and restart your computer. After opening it for the first time, you’re greeted with some options- Backup, Recover, Schedule a Backup, or Clone. Under the Backup tab at the top you can create a disk or partition backup, file backup, or manage how backups are processed. The recover tab lets you recover files, disks, or partitions. Under Tools, you can check images of files, make a bootable USB, use tools for your hard drive like erasing and wiping data, or mount an image.

I’m going to start by backing up some files. I’ll choose File Backup, and I’ll create a new backup. Since I don’t have another hard drive plugged into this computer, I’m just going to back this folder up into my photos folder.

Wait for the backup to finish.

Once finished, you can recover all the files you’ve backed up by choosing the name of the backup. Under schedule backup, I can choose a folder, choose to back it up incrementally, and I can choose when I want it to happen. You will need your Windows UN and PW to schedule backups. If you need to cancel a backup or delete backups, go to the Backup tab under Backup Management and choose delete backup.

Now, to recover your backups, they make it really easy. Go to the recover tab, and choose File Recovery. Choose your files you want to recover, and click next. Choose the destination and the recover will begin.

I have to say, EaseUS’s ToDo Backup Tool is really easy, hence the name! It’s built a LOT better than the backup program that came with my Western Digital external hard drive, so I’m definitely replacing the built in tool with this one.”

Ok, so I want to hear your feedback. What local backup tool is your fav? Let me know what you think or what program you use by emailing me — tips@hak5.org or send me a note in the comments below.

And be sure to check out our sister show, Hak5 for more great stuff just like this.

Today we’re going over your top 5 tips, questions and software picks including performance boosters, 3d desktops and disk space analyzers for Windows.

Download HD Download MP4 Download WMV

Gabriel writes:

Hey folks. I am loving these hak tips. They are far more digestible and make me feel like less of a noob than actual hak5. I do love hak 5 too, but these tips make it awesome to do in my spare time. Anyway, I was a little confused as to how Shannon got virtual box to boot from a USB. I’ve run Virtual box on both mac and windows 7 and can’t get either to boot from a usb drive even with the guest additions. Am I missing something dumb? Plz don’t judge me!!!! Keep up the awesome work!

Booting from USB in VirtualBox is kind of a hack. Direct booting from a USB device isn’t ordinarily possible as VirtualBoxs doesn’t support USB in the BIOS. That said using the VBoxManage command you can convert a physical disk on your machine — say a USB drive — into a VMDK which VirtualBox can boot off as a hard drive. That’s all there is to it. As far as the VM is concerned it’s a Hard Drive.

The command for Windows is “”VboxManage InternalCommands CreateRawVMDK -filename filename.vmdk -RawDisk (which you can find under disk management).
VBoxManage internalcommands createrawvmdk -filename usb.vmdk -rawdisk \\.\PhysicalDrive1 where 1 is the drive number of your USB

In theory you could use this to boot a mirror image of your hard drive, but I haven’t gotten that crazy with it. Yet. Thanks for writing in.

Brit writes:

Just wanted to say how much I love the show. I was wondering if you have any ideas about running a virtual honeypot on a virtual machine? Is there any reason that it would work different then running it on it’s own machine? What about security risks since it is running through your machine?

We haven’t covered honeypots on Hak5 yet, but we totally should. I know Darren has been meaning to. He’s a fan of the tool HoneyD, which comes preinstalled in BackTack 5 under Exploitation Tools > Social Engineering Tools > HoneyPots.

Using it on a Virtual Machine for the most part wouldn’t be different than running in on its own machine. The only thing you have to watch out for is a hypervisor exploit, which is to say an exploit that lets malicious code break out of the virtual machine and attack the host. These are pretty rare but scary when they happen. If you’re really paranoid you might want to put your honeypot on a DMZ outside your normal LAN, or on another network completely. When we have crack the code challenges on Hak5 we use a dedicated cable modem line for this exact reason. Not that we don’t trust you on our office LAN. Just sayin’! Thanks Brit for writing in!

Rounding out our emails we’ve got a few software recommendations.

First Nick writes:

Love the show, just watched your system booster episode, just wanted to recommend Soluto to speed up start up time, its a brilliant program.

Next Josh wrote in to recommend DeskSpace 3D

In my opinion it’s better than Dexpot (which I tried for a while) It gives you 6 virtual desktops much like you get on a Linux OS and also has an awesomely fast and surprisingly not at all buggy 3d cube effect, very similar to what Compiz desktop effects for linux has to offer.

And finally Dids writes:

I recently came across an AWESOME harddrive free disk space reporting software, which in addition to being super sexy, is even easier to use than the other free alternatives out there. This one is called Space Sniffer.

Thanks Nick, Josh and Dids!
”

What programs or commands are rocking your world? What technologies are tickling your technolust? Hit us up — tips@hak5.org

And be sure to check out our sister show, Hak5 for more great stuff just like this.

Most guys hate shopping for clothes, but luckily now there’s JackThreads – a members-only online shopping club. Everyday JackThreads serves up the hottest brands at up to 80% off. And while JackThreads is a private club, we’ve got the hookup. Join free at JackThreads.com/hak5 and start saving instantly.

This time on the show, capturing and analyzing Bluetooth packets with the Ubertooth One, Kismet and Wireshark, Booting VirtualBox VMs from physical USB drives, bypassing Geo IP location restrictions, and tons more.

Download HD Download MP4 Download WMV

Capturing and analyzing bluetooth packets with Kismet and Wireshark

Following up with our Ubertooth One setup guide form last week, we’ll be configuring Kismet and Wireshark to process Bluetooth packets.

Again If you’re not familiar, the Ubertooth One is an open source bluetooth testing tool made by Mike Ossmann in response to the lack of good bluetooth testing devices, or the ridiculously high price tags in excess of $10,000 for commercial monitoring equipment.

So in the same sense that we have inexpensive WiFi adapters that can go into monitor or promiscuous mode, we now have the Ubertooth One.

And of course props to HarvestGardener on the BackTrack Linux forums for putting a lot of this together. Most of the Ubertooth development was done on Mac OSX but getting it going in Linux isn’t too difficult, thankfully.

wget http://www.kismetwireless.net/code/kismet-2011-03-R2.tar.gz
tar xvf kismet-2011-03-R2.tar.gz -C /usr/src/
mv /usr/src/kismet-2011-03-R2/ /usr/src/kismet
cd /usr/src/kismet
./configure

cd
cd ubertooth-r238/host/kismet/plugin-ubertooth
make && make install

vi /usr/local/etc/kismet.conf #add pcapbtbb to logtypes=

Fire up Kismet. Set your source as ubertooth and start the ubertooth plugin from Kismet > Plugins

Ok, now for the less than fun part. From here we can capture bluetooth packets but we’ll probably want something more visual to analyze them. The gold standard for packet analysis is Wireshark for IP and thankfully libbtbb can comes with source so we can use it to build a wireshark plugin.

….or, if we’re running the 32-bit version of BackTrack 5 we can download a precompiled version from HarvestGardener on the BT forums.

Just put the btbb files in /usr/local/lib/wireshark/plugins/1.4.6 and you’re off to the races

Booting VirtualBox VMs from physical USB drives

Today I am following up an episode of HakTip, Virtual Machines 101 with VirtualBox. Today we’ll be mashing up two of my new favorite tools — multiboot USB drives and Virtual machines.

A while back on HakTip we played with VirtualBox and a Linux Distro. I was able to get Ubuntu running on my Windows laptop with no problems.

And a few weeks ago on Hak5 I demonstrated how to build a Multiboot USB drive with XBoot. I love these Mutliboot USB drives as they save you money and space on your keychain, allowing you to “”burn”" multiple ISOS — you’re favorite boot CDs like Ophcrack, Clonezille or Puppy Linux — all from one drive. Check out Hak5 episode 920 for info on that.

Of course when you’re making these Multiboot USB drives there’s some trial and error in the process. And let’s be honest, rebooting is a total drag. If only we could boot a Virtual Machine off a USB drive. Well, you can’t. Not directly anyhow. But what we can do is turn a USB drive into a file — a VMDK which as we learned last week are Virtual Machine Hard Disks.

Download and install VirtualBox (version 4.0.6) if you haven’t already and hit he key combo WINDOWS KEY + R to bring up the Run dialog. Type in “”diskmgmt.msc”" and hit enter. This will pull up your Disk Management tool. This tool is built in to Windows and is generally used to format, partition, and delete parts of your hard drives, but you can also see and mess around with your USB drives as well.”
“

If you scroll down you can find your USB stick. Mine is this drive that I recently made into a YUMI multibootable drive on an episode of HakTip.

Open the command prompt by again holding WINDOWS KEY and hitting R, then type “”cmd”" (and start as an admin) and hit enter. Type in “”cd %programfiles%\oracle\virtualbox”" and press enter.

Then, type “”VBoxManage internalcommands createrawvmdk -filename %USERPROFILE%\.VirtualBox\usb.vmdk -rawdisk \\.\PhysicalDrive#”" (replace # with your USB disk number – mine is 2) and press enter.

Now that you’ve done the hard part, start up VirtualBox (as an admin) and create a new Virtual Machine. When prompted for a Virtual Hard Disk, check use existing hard disk and select usb.vmdk.

Once you have finished creating your New Virtual Machine, you’re ready to try it out!

I’ve got VirtualBox open and I’m about to try booting off my USB drive in a VirtualMachine. So I press Start and after waiting a few moments it should boot my flashdrive.

It works! I have booted my multiboot USB in VirtualBox as a vmdk. Awesome! This is a great way to get around having to restart your computer every time you want to test a USB bootable drive.”

Nibble: String commands in Bash with semi-colon

Semi colons aren’t just for C++ compile errors, ya know? In bash they can be used to string together a set of commands. For example if you wanted to start downloading an archive with wget and then extract it when the download completes you would put wget file.tar.gz ; tar zxvf file.tar.gz on the same line. Sometimes if I know a background process, like a render job, is going to take an hour to complete and I want to upload the resulting file afterwards I’ll string together sleep 3600 ; upload.sh videofile.mov. The sleep command will simply wait for the specified amount of seconds, in this case 3600 is an hour.

Want some free Hak5 swag? Submit your 4-bit tips at hak5.org/nibble

Feedback and Q&A

Mark writes: In my world, the cellular industry, we call those spaces “guard bands”. love the show keep up the good work

Thanks for the clarification Mark

Anonymous writes: I was thinking, is there a way to set up DBAN on your notebook to run on a timer? Say if you don’t login within x hours, it will run and wipe everything. Can it be done with any other nuke program?

The only thing I could think of short of rewriting the BIOS is to have a script (assuming you’re running Linux) parse /var/log/auth.log and determine whether or not to use a secure delete utility on a volume of choice. Others in IRC have pointed out that one could hide a USB drive tapped into a port inside a laptop but I’m not quite sure how you would go about automating the wipe proceedure.

I’m very interested in hearing everyone’s thoughts on this so leave your ideas in the comments below.

Delmar1992 says:
I am a German national. German sports are now available online. But, my computer knows it is in America. Is there a way of tricking the server and the computer into thinking I’m in Germany so that i can watch it? This also goes for watching Hulu in Germany. Is there a program, or a hack I need? Any suggestions are more than welcome.

A VPN or otherwise tunneling service is what you’re after. We’ve talked in great lengths about setting these up in our 7th season. If you have a friend overseas who is willing to share their Internet connection and setup a server you might be able to VPN or SSH Tunnel that way. Otherwise there are plenty of commercial services that offer just this. One of our friends is a fan of Witopia. We’ve just started playing with it here at Hak5 so we’ll give you our full review in the weeks to come.

If you’re into Hak5 you’ll love our new show by hosts Darren Kitchen and Shannon Morse. Check out HakTip!

Whether you’re a beginner or a pro, HakTip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems Administration, and more

And let’s not forget to mention that you can follow us on Twitter and Facebook, Subscribe to the show and get all your Hak5 goodies, including the infamous WiFi Pineapple over at HakShop.com. If you have any questions or suggestions please feel free to contact us at feedback@hak5.org.

T-Mobile’s great selection of tablets, laptop sticks and their new Mobile Hotspot gives you the freedom to stay connected with high-speed Internet on the go. Affordable high-speed Internet when and where you want, without overages. Mobile Broadband data plans start at $29.99 per month and current T-Mobile voice customers save an extra 20%! The G-Slate with Google® is T-Mobile’s first 4G Android tablet, and allows you to take your HD entertainment anywhere. Stay connected at blazing-fast speeds, when and where you want—no Wi-Fi needed. Immerse yourself in the entertainment you love—download apps, play games, stream video, and check your favorite websites. T-Mobile provides mobile broadband service that allows on-the-go, wireless, high-speed Internet through your choice of portable devices.

If you want to build a video site or if your website has a play button, I recommend getting a dot TV domain. A dot TV website lets you showcase your original content and create a unique site, not just another YouTube channel.
Just go to domain.com and search for the perfect dot TV domain for your new idea. Then use coupon code Hak5 at checkout to save an extra 15%.
If you need to host your dot TV website, don’t forget about Domain.com’s web hosting plans. They’re less than six bucks a month and have everything you need to build, maintain, and promote your site.
Remember – when you think domain names, think domain.com.
Got a great idea? It all starts with a great domain. domain.com

With more than 23 million members, Netflix is the world’s largest subscription service instantly streaming TV episodes and movies over the Internet. For one low monthly price, Netflix unlimited members can instantly watch TV episodes & movies streaming to their TVs and computers. With Netflix you can cancel anytime. Netflix unlimited members can instantly watch thousands of titles on a vast array of devices streaming TV episodes and movies like Microsoft’s Xbox 360, Sony’s PS3 game console and the Nintendo Wii console. Find movies you love – easily! As a Netflix unlimited member you can instantly watch as many movies as you want anytime you want for one low monthly price! You can cancel anytime. Get your FREE Trial membership. Go to netflix.com/hak5 and sign up NOW. Be sure to use this URL so that they know we sent you!”

This time on the show, an Ubertooth One Primer – Setup with BackTrack 5. Booting multiple ISOs from a single USB drive, we’ve got plenty of options. And answers to your questions on A+ certs, programming languages, network scanning and more.

Download HD Download MP4 Download WMV

Ubertooth One Primer – Setup with BackTrack 5

We’ve been asked numerous times to do a segment on getting started with the Ubertooth One, and while it’s specific to this hardware in nature the techniques involved are similar to that of many other tools.

If you’re not familiar, the Ubertooth One is an open source bluetooth testing tool made by Mike Ossmann in response to the lack of good bluetooth testing devices, or the ridiculously high price tags in excess of $10,000 for commercial monitoring equipment.

So in the same sense that we have inexpensive WiFi adapters that can go into monitor or promiscuous mode, we now have the Ubertooth One.

Now props to HarvestGardener on the BackTrack Linux forums for putting a lot of this together. Most of the Ubertooth development was done on Mac OSX but getting it going in Linux isn’t too difficult, thankfully.

So today I aim to setup dependencies and compile Ubertooth Tools in Backtrack 5 linux host machine. Currently does not work in VM — Libusb issues.

The first dependency you’ll need is pyside. It’s a PySide adds Qt bindings to Python, letting it use the cross-platform UI framework for some graphical goodness. You can download it manually from PySide.org or simply install it with apt. Unfortunately it isn’t in the default BackTrack 5 repository so you’ll need to add a personal package archive or PPA.

apt-get install python-software-properties
add-apt-repository ppa:pyside
apt-get update
apt-get install libnl-dev libusb-1.0-0-dev pyside-tools

Next we’ll need the PyUSB extension which provides USB access to Python.

wget http://downloads.sourceforge.net/project/pyusb/PyUSB%201.0/1.0.0-alpha-1/pyusb-1.0.0-a1.tar.gz
tar xvf pyusb-1.0.0-a1.tar.gz
cd pyusb-1.0.0-a1
python setup.py install

We’ll also need bluetooth baseband libraries so we can process raw bluetooth data. Thankfully libbtbb does the trick:

wget http://downloads.sourceforge.net/project/libbtbb/libbtbb.0.5.tgz
tar xvf libbtb.0.5.tgz
cd libbtbb
make
make install

Ok so we’re finally to the part where we actually get to the Ubertooth code. As of recording the latest version of Ubertooth software is release 238.

wget http://downloads.sourceforge.net/project/ubertooth/ubertooth-r238.tar.gz
tar xvf ubertooth-r238.tar.gz

This archive contains the latest firmware for both the Ubertooth One and Ubertooth Zero, the KiCad files if you’re so inclined to make your own Ubertooth, documentation and host software including a few bluetooth tools, kismet plugins and a fun little spectrum analyzer.

Since Bluetooth operates in the same 2.4 GHz ISM band as WiFi, we can actually use the Ubertooth One as a basic spectrum analyzer and see all of the WiFi signals for a given area.

python specan_ui.py

Alright, that’s a lot of info so we’re going to stop right here and pick up next time with compiling Kismet from source with the Ubertooth Plugin, capturing our first Bluetooth packets, installing the Wireshark plugin and finally analyzing the good stuff. If you haven’t already checked it out you can find the Ubertooth One at HakShop.com along with the documentation and source files if you’re crafty with the soldering iron and eager to build your own.

Boot multiple ISOs from one USB with these free tools

Having several tools on several USB’s or CD’s can be a pain in the butt, especially when you’re looking for a specific one but don’t remember which USB you put it on. To save us from this trouble, there are many applications available online that let you create one multibootable USB drive. Thus, you can store all your tools on one USB drive instead of ten. We’ve reviewed YUMI, UNetBootin, Darren’s done his MultiPass, and I’ve checked out Katana. This week, I’m checking out a couple of your user picks, XBoot, and Sardu.

The first one is XBoot. Its a light weight utility for creating multiboot USB’s OR CD’s. To use it, download the zip file from their website. Open the application and plug in your USB flashdrive. Now, you’ll need to have some ISO’s already downloaded on to your computer or you can go to File–>Download and choose some of your favorite utilities and linux distros.
Once they are done installing, drag the ISO’s into the box under the Create Multiboot USB/ISO tab. For mine, I chose Ophcrack, Clonezilla, and Puppy Linux. On the side, you can see the total size of the files added, you can remove files, look up the MD5 hash checksum in case you’re wondering if it’s the actual tool, and at the bottom you can choose to create your ISO Live CD or USB bootable flash drive. I’m choosing my FlashDrive. Double check the Selected USB drive to make sure it’s not your operating system drive. Then, this is cool, you can choose your Bootloader. I’ll stick with the recommended Syslinux, but you can also choose Grub4dos or not install one at all.
Then, when you click next, it’ll start copying all your ISO’s to your thumbdrive and create the bootloader. This may take several minutes, so just kick back and relax.

Once the USB is created, you’ll have the option to run it on QEMU to test it. You can also edit the flashdrive, by clicking the tab that says Edit Multiboot USB.

The second one is Sardu. Sardu is a program I found that was apparently made by Vikings using hieroglyphics. You simply plug in your flashdrive, click on your choices for Antivirus, Utilities, Linux Distros, and/or Windows CD’s, and choose make bootable USB. Clicking on the different utilities and linux distros will download them from their websites. You can also click ISO at the top and choose Make ISO, then click on an ISO folder to choose it for your flashdrive. I downloaded all of mine into my downloads folder, so I just navigate to the downloads folder and click OK. When done, click the cute little USB button and wait for it to finish creating the bootable USB. Once done, you can boot off your flashdrive using SuperGrubDisk. The tabs at the top enable you to check the Hash, create and defrag your USB.

Now I’m going to restart my computer and boot into Syslinux for XBoot and Grub for Sardu and try them out!
Looks like it works, and works well. The three ISO’s that I chose boot properly, and I can add more if I want!”"

So of these two, I have to say Sardu for Vikings took a bit more time for me to figure out how to get my ISO’s onto the USB and make it bootable. Turns out, I was just thinking too hard when trying to add my ISO folders! Xboot was pretty natural to figure out and it was easier to use. Xboot was my definetly my favorite.

So after googling for other multiboot creators, I found all the ones I could, but are there other ones? Do you use a tool that could make my life easier? Email me at feedback@hak5.org

Bash and Airodump-ng tips

Whether you’re trying to copy a PID from TOP or a BSSID from airodump-ng, when your terminal is constantly refreshing the task is cumbersome at best. So calm that screen with the shortcut CTRL+s. To resume simply hit CTRL+q. And specific to airodump-ng not only can you pause the screen with ‘space bar’, but there are all sorts of handy keystrokes like ‘tab’ – which lets you to scroll up and down the list of stations, ‘s’ which changes the sorting column, and my favorite, ‘m’ which marks connection groups with a colors.

Thanks to Sitwon and Bethany for sending these in and getting some complimentary hak5 swag. Submit your 4-bits at hak5.org/nibble

If you’re into Hak5 you’ll love our new show by hosts Darren Kitchen and Shannon Morse. Check out HakTip!

Whether you’re a beginner or a pro, HakTip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems Administration, and more

And let’s not forget to mention that you can follow us on Twitter and Facebook, Subscribe to the show and get all your Hak5 goodies, including the infamous WiFi Pineapple over at HakShop.com. If you have any questions or suggestions please feel free to contact us at feedback@hak5.org.

This time Hak5, Mubix joins us for more mischevious Metasploit fun. We’re stealing Windows logins with a crafty keylogger. Shannon’s hacking from a cave with the Katana USB security suite. Plus, automating file renaming in Windows, Firefox security extensions and so much more.

Download HD Download MP4 Download WMV

Hacker Headlines

Our favorite framework just got a major update. Metasploit 3.7.0 has been released and with it comes a major backend overhaul. You should notice a significant performance increase in handling multiple sessions as well as a nice little update to the SMB stack that’ll all you to perform pass-the-hash attacks against Windows Server 2008. Find out more about this and the 35-some new remote exploits at Rapid7.

Square has opted for encryption on their mobile credit card readers! Square, a successful company that enables just about anyone to be able to take payments through their iPhone, went through a bit of a tiff with Verifone, who recently said Square was basically sending out card skimmers to whoever wanted them. It sounds like Square deemed it necessary to update their hardware, and decided to make a new line of the Square credit card readers. It sounds like Square is becoming a real competitor to Verifone, and a legit one at that.

iOS 4.3.3 has arrived bringing changes to the way the controversial crowd sourced database cache, or “consolidated.db” file works. The update reduces size of the cache, no longer backs up the cache to iTunes, and deletes it when ios location services are turned off. Apple acknowledges that iPhones had been storing as much as a years worth of data even if location services were off, which they claimed as a bug. The database is still unencrypted.

This is some nice news to hear! Jeff Moss, the founder of the infamous hacker conference, Defcon in Las Vegas, has been named as ICANN (Internet Corporation for Assigned Names and Numbers)’s chief security officer. Rod Beckstrom, ICANN’s president and chief executive officer, said “I can think of no one with a greater understanding of the security threats facing Internet users and how best to defend against them than Jeff Moss. He has the in-depth insider’s knowledge that can only come from fighting in the trenches of the ongoing war against cyber-threats.”

With the PlayStation Network is still down following a massive data breach, Sony has claimed before the U.S. House Committee on Energy and Commerce that a file named ‘Anonymous’ was found during the investigation. The file contained the words “we are legion”, Kazuo Hirai, chairman of the board of directors of Sony Computer Entertainment America explained. Anonymous, who had previously conducted a large-scale distributed denial of service attack on Sony during the GeoHot case, has denied involvement.

Kerby’s JPop Group of the week

SCANDAL – Haruka

HakTip: Bulk file renaming

We got an email from Chris G, aka Macrohard in the Hak5 forums, who said:

This was the free bulk naming software I was going to try out. I have a vendor that likes to send me a large assortment of files with a lousy .extension name, and I need to work on getting them to process for a document retention system.

Bulk Rename Utility is available at bulkrenameutility.co.uk and it lets you rename several files with a click of your mouse. This free software comes in 32 or 64 bit for Windows.

After downloading and installing, choose a folder or a group of files that you want to change.

After highlighting your files, choose what you want to change. I chose to change the file name (Box 2), and change the case (Box 4) to upper case. Then, I added numbering to the end of each photo (Box 10). All of your changes can be seen under New Name in the file box at the top. Once finished, click Rename. You will get a warning telling you the files are about to be changed. Click ok after double checking and tada! All of your selected files have been fixed in seconds.

If you chose to do this during the install, you can also have a Windows Explorer Extension included when you right click a series of files.

This saves me TONS of time renaming all those photos from CES. Got a tip? We’ll share it! Tips@hak5.org.

Keylogging Windows logins with Mubix

We have the pleasure of being joined by Mubix, aka Rob Fuller, to demonstrate a crafty Metasploit script for keylogging Winlogon.exe.

Trivia!

Last weeks trivia: The UK version of this device represents 10 Pence with a 1000 Hz tone. What is the device? The Answer was: Red Box

This week’s question is: Serving the Pacific Northwest, Midwest and Rocky Mountains, this Regional Bell Operating Center has merged with neither Verizon or AT&T.

Answer at hak5.org/trivia to win some sweet swag.

The Katana USB Security Suite

Last week I demo’d the easy way to install Konboot and way back in Season 8 I had showed you Katana. Katana is a portable multi-boot security suite with all sorts of penetration testing and security applications built into one single flash drive. It has been updated a ton since way back when, so I wanted to do a quick follow up on this lovely piece of awesomesauce version 2.0.

First close down your anti virus software. It’ll freak out when you download Katana due to the tools available through the program. Download the torrent of Katana at hackfromacave.com. It’s a hefty 4 gigs big so have tons of room and an 8 gig flash drive for the install.

Extract the .rar to the root of your USB stick. Open the root of your flash drive, open the boot folder, and right click the ./bootinst.bat batch file and choose “”run as an Administrator”".

Now you have two things you can do. First, check out the Katana Toolkit on your windows machine. This application can run various tools such as KeePass and Unstopable Copier.

Second, you can boot up the Katana boot disc. Unplug your drive, and power down your computer. Plug the flash drive back in and boot from it.

If it works, and it should, you’ll see the screen I see here. Use your arrow keys to navigate up and down through the various tools. For my example, I’m going to boot into Ophcrack, a good tool for your forgetful sibling when they lost their Window’s password. It has built in rainbow tables and can figure out the password in a few seconds. So mine was ‘game’, which you just lost. Ophcrack was able to figure out my simple password with no problem, letting me back into my computer. You’ll notice in Katana you still will have the problem with 64 bit machines running Kon-Boot. If this is the case, first open the boot directory in the root of the Katana drive, then copy the files ‘vesamenu.c32′ and ‘chain.c32′ from this directory into the syslinux/kon-boot directory.

You’ll have to go through a process of choosing Kon-Boot, then boot 2nd HDD, then going back to the Katana main menu. Go back into Kon-Boot and select the next boot from HDD choice. This will enable Kon-Boot to finally work hopefully, but I was having issues with it not working correctly.

This is the general idea of how to get Kon-Boot to work as well on Iron Geek’s blog that I mentioned last week, so maybe you’ll have better luck on your machine!

I got an email from the creator, Ronin, giving me some recent tips and tricks with Katana such as:

• Using the Katana Tool Kit from a locked down Windows system
• Write blocking the Katana drive for cheap using an SD Card
• Using a live CD to avoid needing to access Password blocked BIOSs to modify the Boot Order for USB to Boot.

Katana is a very handy tool for anyone interested in learning more about security and penetration testing. It’s also a great application to have in case you ever need any of the tools available in the ToolKit. Several tools have been added since the initial release of Katana, so I definitely suggest you check out version 2.0. Check out more from Ronin at hackfromacave.com and Email me at feedback@hak5.org with your favorite security tools or bootkits.

Emails

Ben writes:

Hey Hak5 guys! Regularly at work I use Firebug and HTTPFox FireFox add-ons; do you guys recommend any other “”must-have”" security testing Firefox addons? Loving the show; keep up the great work!

Darren recommends NoScript, as well as BadPass, LastPass, Keepass, FoxyProxy and FoxTor

JasonT writes:

Hi Darren and Shannon, Kerby, the lovable cat and mascot and backbone of Hak5 is a bit of a mystery to the Hak5 viewers ( at least I think ), If you could spare a couple of Hak5 minutes, could we get Kerby’s story, Whom is Kerby’s master, his likes/dislikes etc.

Thanks. Kerby is short for Kerberos — the authentication protocol. If you go back to season 1 you’ll see a bunch of cute Kerby moments. Thanks for writing in.

Francisco writes:

Hi Hak5, I’ve been meaning to ask this question before but it goes, what kind of upload speeds do you guys get in the Hak5 Studio? And to achieve them, what kind of hardware (eg, modem, load balancer) do you have? I run several virtual servers in my house and the maximum upload speed I can get is around 100 to 150KBps. What I can do to increase the upload speeds? Thank you in advance.

In the *current* studio we’re getting about 6-7 Mbps up. 20-25 down. A lot of that is attributed to the bangin’ router we have. Darren’s a big fan of both Smoothwall and Untangle. Paul likes M0n0wall and pfsense.

Keep up with the latest on Hak5 by follow us on Twitter or Facebook. Subscribe and get your weekly technolust delivered automatically. Or show your support and grab some swag from the HakShop – including the new airport friendly WiFi Pineapple andhoodie. Finally if you’d like to suggest a topic for ask a question feel free to hit up feedback@hak5.org.

This time on the show we’re Breaking into Windows boxes with no skillz necessary using Konboot for USB, Spear-Phishing with a WiFi Pineapple, Sudo with pipes in Linux and downloading torrents anonymously

Download HD Download MP4 Download WMV

Hacker Headlines

If you’ve ever used a USB storage device and wondered how stealthy you can be with them, you’re in for a scare. Windows XP logs pretty much everything you’d want to know about that USB key in the registry each time it’s plugged in and written to.

When you plug in your USB drive, the Plug and Play manager gets notified and queries the device descriptor in the firmware for information about the device. This helps it locate a driver, which is referenced in the %SystemRoot%/inf folder by various .inf files. Once the device is identified and a driver selected, the information is dropped into HKEY_LOCAL_MACHINE\System\CurrentControlSet\Enum\USBSTOR with a format similar to Disk&Ven_###&Prod_###&Rev_### which will identify the device ID, manufacturer and more. An important number you will find here is the ParentID prefix, which I did not actually say during the segment but this is something that will appear in virtually every registry entry regarding the device.

Microsoft uses serial numbers on the devices to distinguish between devices with the same manufacturer or model. In the case that the serial number is not unique (or even not present), the PnP manager will create a unique instance ID for the device.

All of the numbers you find related to each device should be logged if you’re doing any sort of investigation or trying to track a device across computers.

If you’re trying to determine whether data was perhaps pilfered from your machine/network, you will want to look at HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\DeviceClasses, where you will find the ParentID prefix and will be able to correlate to the device. You should also see the manufacturer name here. We are looking for the Last Write time which will help in determining whether data was pilfered by giving you a timeframe as to when someone last copied data to the device. In order to do this, you’re going to right click on the entry that has the ParentID prefix and manufacturer name for the device you want, and then click Export. Change the file extension to .txt and name it anything you want, remembering where you save the file. Upon opening this file up, you will find the last write time.

There are many applications for this data, and you’ll probably never be in the registry doing it quite this way, as there are many tools, both commercial and free that will simplify all of this. This data is also used in tools/services which help track your devices, such as iHound (ihoundsoftware.com), which helps you track devices if they’re stolen.

If you have any questions feel free to contact me here and visit my website. Many thanks to Harlan Carvey, author of the 2007 book Windows Forensic Analysis (I think I might’ve errantly said 2005, sorry) for without this book I wouldn’t have known as much as I do about the windows registry.

–Chris Gerling Jr.

Season 9 continues with the results from last weekend’s Crack the Code Challenge as well as a walkthrough on how participants were able to complete the challenge using packet analysis, file reconstruction, stenagrophy and brute force. Plus encrypted USB drives with centralized management and more from the RSA 2011 conference.

Download HD Download MP4 Download WMV

Hacker Headlines

Bummed you didn’t get your hands on one of Google’s CR-48 Chrome notebooks? The alternative Instant-On OS Splashtop Linux is now available for download. Splashtop has been previously available as a pre-installed second OS on notebooks from Acer, ASUS, Dell and others. This 1.0 release makes the trim down Linux 2.6 and X11 based OS available to the public.

Samsung has made a ROM based on Android 2.3.2 Gingerbread for the i9000 that just leaked to the net. All of the changes haven’t yet been determined, and if you don’t have an i9000 model, you still have to wait for the update on your Galaxy S devices. I’m looking forward to seeing what the users can do with the ROM now that it’s available.

Sony isn’t taking recent PlayStation3 hacks lightly, as German hacker Graf Chokolo found out when authorities raided his house earlier in the week. In a post on his Hypervisor reverse engineering blog Chokolo wrote “Sony was today at my home with police and got all my stuff and accounts.” Hours later the “Hypervisor Bible” as Chokolo puts it was released. Links have been removed to comply with legal notices, but you know nothing is ever erased from the web.

The Nintendo 3DS has been out for a day in Japan… and it’s already been hacked. The Tech-On! Group has already gotten their hands on the 3DS and torn it apart to look at all the delicious insides, including the 3D display. Along with the hardware, Ayasuke2 on Youtube has already hacked the 3DS to run R4 Cards and play unauthorized Nintendo DS games.

Getting encased in carbonite isn’t exclusive to Han Solo anymore. Attendees at the Tangible, Embedded and Embodied Interactive Conference got to scan themselves in 3D with a hacked Microsoft Kinect and print the resulting STL file using a Stratasys 3D printer.

Crack the Code Challenge

Did you have what it took to compete in our Crack The Code Challenge, brought to you by GoToAssist Express? 6 Hak5 viewers did this Sunday. Mad props go to Netshroud for being the first to crack the code, as well as Jellyfish, Jon, Alex, Leo and Tristan.

A big thanks go out to all that participated, joined the live stream and chat, and of course GoToAssist Express for sponsoring our Hak5 Lab Network. We’ll have details on the next challenge on next weeks show so be sure to tune in.

Cracking the code: PCAP file recovery and stenography

Shannon demonstrates techniques for completing the Crack the Code Challenge using Network Miner and steghide.

HakTip: Command line packet captures using Tshark

Last week we were asked about command-line packet sniffers and I recommended tcpdump and ngrep for filtering. Steve Z was quick to point out TShark, the command-line counterpart to Wireshark. With rules and filtering built in, it is quickly becoming a favorite for my packet sniffing needs. For example, issuing:

tshark -R “!(udp.port==53) and udp and ip.addr==10.73.31.55″ -i eth0

will show me just UDP packets that aren’t on port 53 to or from the address specified.

What little gems are rocking your world? Hit us up, we’ll share ‘em on the show. tips@hak5.org

Encrypted USB drives with centralized management

Darren meets with Kingston and Blockmaster to talk about their new USB management security applications.

Email: USB Passthrough

Toby writes in:

Now that I’m adhering to the “Trust Your Technolust” way of life, I figure your my best chance for a quality fix… I have an issue that I would love to see how you would resolve. I work at a non-profit food producer that provides millions of servings to feeding programs world wide every year. Were running as much open source goodness as we possibly can so that we can direct as much revenue to the feeding programs as possible. I have a VM “When-doze” terminal server running a software package that requires a usb software key. I need a (cheap or free) way (hak or bypass) to overcome the lack of ability to have non-storage USB passthrough

Darren recommends USB Redirector, a product he learned about when researching Proxmox VE.

Keep up with the latest on Hak5 by following us on Twitter or Facebook. Subscribe and get your weekly technolust delivered automatically. Or show your support and grab some swag from the HakShop – including the new airport friendly WiFi Pineapple and hoodie. Finally if you’d like to suggest a topic
for ask a question feel free to hit up feedback@hak5.org.