where's well ... there's crane, they say ...
crane style is about drawing teachings as water from many wells ...
many schools, many methods to be joined together ...
truth is what joins not separates ...
it's part of 'Many-Aspected Spiritual Way' ... including 'Mahakala Aspect' of Buddhism.
'Mahakala Aspect' is 'Protecting Aspect', from a certain perspective at least.
why 4th kyu in Crane Style, an important aspect of Martial Arts style i am developing, more or less ... ?
because of the strength of Weapons involved, at least ...
perhaps a valid reason for 4th kyu, from certain perspective, at least ...
'Gas Gun' & 'Knife', for now ... at least ...
ideas used: 'Kokutsu-Kiba Aiki-Tsuki Knife Gun' ...
Kokutsu is a Rooster, male Chicken, or something like that ...
Kiba is Rider ... a Rider can 'Ride Long', it implies endurance during fight ...
Aiki is 'Balance of Energy' ...
Tsuki is 'Push' or 'Strike', punches or kicks included ...
Knife is Knife, important tool of Mahakala, cuts away all that hinders, mostly it's Ego ...
'Gas Gun' is nonlethal weapon potentially, but shooting in mouth or eyes can be deadly, i think ...
'Ammo Conservation' is important part of this Style.
because of many wells, many waters, one is never too loyal to any of the schools ... like a man-whore, a pimp, a rooster waving ass, a crane, perhaps ...
for more, click, if You need or must or wish, etc ... : 'Martial Arts, Tactics & Combat Psychology by neomahakala108'.
(perhaps will be continued ...).
Sunday, February 22, 2015
Monday, February 16, 2015
2nd kyu a hack.
i think i did advance to 2nd kyu rank in hacking.
---
Simplest form of hack that takes over computer would include:
- nmap port scanning,
- service protocols understanding (HTTP, SMTP, ...),
- brute force / dictionary / similar attacks on username/password combination (via protocol),
- buffer overflow attack or similar,
- it can be done wirelessly after penetrating network that is easy to do, from technical point of view (there can be authentication of a client using access point, more or less advanced).
----
in Karate rank system i'd give myself about 4th dan in programming & about 2nd kyu in hacking, currently.
in many Martial Arts, 2nd kyu belt is Brown as Earth. Brown belts are practical, can beat quite a opponent, but to Mastery there's long way still.
1st dan is a famous Black Belt, True Mastery of Basics... for there are higher levels of Mastery, up to 10th Dan.
my ambitions in programming, hacking & writing secure applications are highest as possible.
this does not exclude nanotechnology highest ambitions.
to advance to 1st kyu in hacking, i need to:
- Read SSL & TLS book of Eric Rescorla,
- Understand at least most basic of service communication protocols (there are few, including HTTP & SMTP).
i am thinking so far about Telnet, HTTP, SMTP, IRC, Kerberos, SMB, Facebook, Google Plus, deviantART, Skype, LinkedIn, BitTorrent, Pinterest, perhaps more.
more advanced protocols often, if not always, consist of simpler protocols such as FTP or Telnet, i think.
to advance to 1st dan in hacking i need much more, including many scripts/programs made by myself, but also
'a proper combat practice'.
----
i'll try to reach 1st kyu in hacking in next 2 years.
SSL/TLS plus as many of protocols & as deeply as i can, rest can be finished later.
then i'll try to reach 1st dan in hacking in 4 years after, totally in about 6 years from now - at beginning of year 2021.
---
Simplest form of hack that takes over computer would include:
- nmap port scanning,
- service protocols understanding (HTTP, SMTP, ...),
- brute force / dictionary / similar attacks on username/password combination (via protocol),
- buffer overflow attack or similar,
- it can be done wirelessly after penetrating network that is easy to do, from technical point of view (there can be authentication of a client using access point, more or less advanced).
----
in Karate rank system i'd give myself about 4th dan in programming & about 2nd kyu in hacking, currently.
in many Martial Arts, 2nd kyu belt is Brown as Earth. Brown belts are practical, can beat quite a opponent, but to Mastery there's long way still.
1st dan is a famous Black Belt, True Mastery of Basics... for there are higher levels of Mastery, up to 10th Dan.
my ambitions in programming, hacking & writing secure applications are highest as possible.
this does not exclude nanotechnology highest ambitions.
to advance to 1st kyu in hacking, i need to:
- Read SSL & TLS book of Eric Rescorla,
- Understand at least most basic of service communication protocols (there are few, including HTTP & SMTP).
i am thinking so far about Telnet, HTTP, SMTP, IRC, Kerberos, SMB, Facebook, Google Plus, deviantART, Skype, LinkedIn, BitTorrent, Pinterest, perhaps more.
more advanced protocols often, if not always, consist of simpler protocols such as FTP or Telnet, i think.
to advance to 1st dan in hacking i need much more, including many scripts/programs made by myself, but also
'a proper combat practice'.
----
i'll try to reach 1st kyu in hacking in next 2 years.
SSL/TLS plus as many of protocols & as deeply as i can, rest can be finished later.
then i'll try to reach 1st dan in hacking in 4 years after, totally in about 6 years from now - at beginning of year 2021.
Sunday, February 15, 2015
Mage's Arete.
in 'Mage: The Ascension' game there's the trait called 'Arete'.
it describes how well someone understands 'Universal Truth', 'Truth of Reality', how 'Enlightened' she or he is.
for Mages, Arete changes in rank from 1 to 10 & imposes a limit on how meaningful & powerful Magicks they can use.
at this moment in my life, i think i would be 'Dreamy'.
i think there are many kinds of Enlightenment however, more or less True.
i have some clues about how Magic & Magick work & why, so if someone asks me to 'conjure money' i won't be impressed at all - professional work is more efficient at that, usually.
i think i understand words: 'Truth until Paradox', at least somehow.
for more about Magick, please read Aleister Crowley's Books & seek Thelema.
i also have a distance, am critical, am not sarcastic very mostly toward this 'Model of Reality', or perhaps even 'World'.
it describes how well someone understands 'Universal Truth', 'Truth of Reality', how 'Enlightened' she or he is.
for Mages, Arete changes in rank from 1 to 10 & imposes a limit on how meaningful & powerful Magicks they can use.
| Arete Rank | Description |
| 0 | Superficial |
| 1 | Ignorant |
| 2 | Unenlightened |
| 3 | Dreamy |
| 4 | Quixotic |
| 5 | Discerning |
| 6 | Understanding |
| 7 | Perspicacious |
| 8 | Wise |
| 9 | Visionary |
| 10 | Enlightened |
at this moment in my life, i think i would be 'Dreamy'.
i think there are many kinds of Enlightenment however, more or less True.
i have some clues about how Magic & Magick work & why, so if someone asks me to 'conjure money' i won't be impressed at all - professional work is more efficient at that, usually.
i think i understand words: 'Truth until Paradox', at least somehow.
for more about Magick, please read Aleister Crowley's Books & seek Thelema.
i also have a distance, am critical, am not sarcastic very mostly toward this 'Model of Reality', or perhaps even 'World'.
Thursday, February 12, 2015
Altruism & Labour Union Organization.
(post under construction, to be edited as neccessary or needed).
in blog author's opinion:
What is a Labour Union?
a Trade Union is an organization of workers who have come together to achieve common goals such as protecting the integrity of its trade, achieving higher pay and benefits such as health care and retirement, increasing the number of employees an employer assigns to complete the work, safety standards, and better working conditions.
a Labour Union is organization that works as well, not only criticizes firm they work in. this includes minimalism in consumption, self-critic & independence, a mix of a Trade Union & a Company that shares.
Why Altruism?
it's not only about individual & egoistic self-interrests.
you don't believe this?
please understand that it's easier to persuade others to join common cause, rather than imposing egoistic
self-interrests on others.
Labour Unions should affect Society, Work & Law; this can be reached with proper amount of involved people & with proper skillful methods.
How to Organize?
organizing is:
- recruiting new members to a Labour Union,
- increasing efficiency with which workers can affect employers - in & beyond one company,
efficiency in & beyond one company includes:
- organizing Self-Organization of Employees, including organizing Poorly Represented Employees,
- organizing Collective Democracy,
- increasing Reach of Collective Labour Agreement - beyond one Firm, also on Society & Law,
- organizing Employees in new Economic Sectors.
in blog author's opinion:
What is a Labour Union?
a Trade Union is an organization of workers who have come together to achieve common goals such as protecting the integrity of its trade, achieving higher pay and benefits such as health care and retirement, increasing the number of employees an employer assigns to complete the work, safety standards, and better working conditions.
a Labour Union is organization that works as well, not only criticizes firm they work in. this includes minimalism in consumption, self-critic & independence, a mix of a Trade Union & a Company that shares.
Why Altruism?
it's not only about individual & egoistic self-interrests.
you don't believe this?
please understand that it's easier to persuade others to join common cause, rather than imposing egoistic
self-interrests on others.
Labour Unions should affect Society, Work & Law; this can be reached with proper amount of involved people & with proper skillful methods.
How to Organize?
organizing is:
- recruiting new members to a Labour Union,
- increasing efficiency with which workers can affect employers - in & beyond one company,
efficiency in & beyond one company includes:
- organizing Self-Organization of Employees, including organizing Poorly Represented Employees,
- organizing Collective Democracy,
- increasing Reach of Collective Labour Agreement - beyond one Firm, also on Society & Law,
- organizing Employees in new Economic Sectors.
Wednesday, February 11, 2015
Paradox.
In Mage: The Ascension, Paradox is Force of Reality Defending against Changes that Mages bring... as far as i remember, but this can be elaborated with more Precise wording.
In TAROT Mage is Symbol of Individuality, Struggle against Odds. Magical Strength supports them in their possible Victories.
for more details about the TAROT Mage, click: The Magician Card.
Mage: The Ascension.
There's a Storytelling Game of Modern Magick,
Mage: The Ascension.
if Magick is Real, if Spell Casting works properly, i am a Virtual Adept.
if not, it's still a truth - it's an Artful Metaphor at least.
... see also, if You wish or need, ... : Mage's Reality Model, Three Arts Way.
Mage: The Ascension.
if Magick is Real, if Spell Casting works properly, i am a Virtual Adept.
if not, it's still a truth - it's an Artful Metaphor at least.
... see also, if You wish or need, ... : Mage's Reality Model, Three Arts Way.
Saturday, February 7, 2015
TL-WN722N.
TL-WN722N network card with it's 4 dBi antenna.
TP-Link's TL-WN722N network card can go into 'monitor mode', which is useful for hacking.
initial testing confirmed that it can enter monitor mode with ease with a Kali Linux / EEE PC 904 HD computer system.
this network card works fine with a linux machine,
windows 8.1 support is poor however:
- device driver had to be downloaded & installed manually,
- couldn't connect to WEP - protected network using Windows 8.1 as of yet (with Linux this works fine),
- didn't check with WPA / WPA2 standards yet.
it comes with a detachable omnidirectional 4 dBi high gain antenna of it's own.
it has RP-SMA antenna jack which is useful for extending distance, by connecting more powerful external antenna.
it has USB port that means it can be connected to laptop or similar, externally.
will this setup work with Paco (Asus EEE 904 HD) for long-distance wireless hacking?
we shall see soon, perhaps.
Paco + TL-WN722N + omni-directional 12 dBi WiFi antenna.
Kali Linux + airodump-ng wireless packet sniffer.
in theory i could check for terrorist communications that way, but i respect people's law for privacy - so this has to be done properly, i am not ready.
but i can prepare & respond to orders if need arises.
they never know if/when they are overheard.
potentially it's also a WiFi locator (a radiolocator subtype), as in wisee Project.
it can sense electromagnetic fields around people & visualize with proper software that i don't have.
... or recognize motions & gestures even.
see also, if You wish: Wireless Network Cards with Linux.
Thursday, February 5, 2015
Disconnecting Wireless.
Devices that are connected to a wireless access point can be disconnected against the users' will.
This is called 'Denial of Service' (DoS) attack.
Methods include:
- Radio Frequency Jamming.
any high power radio-frequency electromagnetic wave emitter has capability to interfere with 802.11 standard networks (WiFi).
- CSMA/CA jamming.
anyone using a device with properly modified hardware driver software can interfere with 802.11 standard networks (WiFi).
CSMA/CA stands for Carrier Sense Multiple Access with Collision Avoidance, a protocol for wireless physical medium access that allows for 'collisionless' communication between many wireless network devices.
this protocol uses idea of a communication channel, different devices attempt to use different channels to avoid collisions in communication.
CSMA/CA jamming method is about sending noise data on multiple communication channels, basicly blocking each of the communication channels, making the devices that would use them otherwise wait for as long as the noise data is in the air.
- Deauthentication attack.
this attack is about sending signal to a wireless access point's client that deauthenticates user, making him/her go through authentication/authorization procedures again, reinitializing a wireless connection.
sending deauthentication signals constantly blocks user from using wireless network.
there's tool called aireplay-ng, part of aircrack-ng tool suite, that allows for this type of attack, but there are also other means.
command is as follows:
> aireplay-ng -0 0 -a 54-E6-FC-CC-2E-70 -c FF:FF:FF:FF:FF:FF mon0
where:
-0 : attack type.
0 means deauthentication attack.
0 : number of repeats of an attack.
here, 0 means infinity.
-a 54-E6-FC-CC-2E-70 : access point's LAN MAC address.
there are at least two MAC addressess for access point: LAN & WAN MAC address.
we've attacked using one of access point's LAN MAC addresses.
-c FF:FF:FF:FF:FF:FF : target of an attack's MAC address.
FF:FF:FF:FF:FF:FF is special address, broadcast address that applies to all clients of our network.
mon0 : our network's card interface, choose the one that is in monitor mode.
sometimes we have to add additional parameter of: '--ignore-negative-one', when the network interface's channel can't be determined.
access point's & attacked device's MAC addresses can be read using airodump-ng tool.
command is as follows:
> airodump-ng mon0
where:
mon0 : our network's card interface,
choose the one that is in monitor mode (see: 'Hacking Wireless' post for details).
BSSID field is access point's MAC address.
STATION field is client device's MAC address.
they can be read from lower part of airodump-ng's output.
This is called 'Denial of Service' (DoS) attack.
Methods include:
- Radio Frequency Jamming.
any high power radio-frequency electromagnetic wave emitter has capability to interfere with 802.11 standard networks (WiFi).
- CSMA/CA jamming.
anyone using a device with properly modified hardware driver software can interfere with 802.11 standard networks (WiFi).
CSMA/CA stands for Carrier Sense Multiple Access with Collision Avoidance, a protocol for wireless physical medium access that allows for 'collisionless' communication between many wireless network devices.
this protocol uses idea of a communication channel, different devices attempt to use different channels to avoid collisions in communication.
CSMA/CA jamming method is about sending noise data on multiple communication channels, basicly blocking each of the communication channels, making the devices that would use them otherwise wait for as long as the noise data is in the air.
- Deauthentication attack.
this attack is about sending signal to a wireless access point's client that deauthenticates user, making him/her go through authentication/authorization procedures again, reinitializing a wireless connection.
sending deauthentication signals constantly blocks user from using wireless network.
there's tool called aireplay-ng, part of aircrack-ng tool suite, that allows for this type of attack, but there are also other means.
command is as follows:
> aireplay-ng -0 0 -a 54-E6-FC-CC-2E-70 -c FF:FF:FF:FF:FF:FF mon0
where:
-0 : attack type.
0 means deauthentication attack.
0 : number of repeats of an attack.
here, 0 means infinity.
-a 54-E6-FC-CC-2E-70 : access point's LAN MAC address.
there are at least two MAC addressess for access point: LAN & WAN MAC address.
we've attacked using one of access point's LAN MAC addresses.
-c FF:FF:FF:FF:FF:FF : target of an attack's MAC address.
FF:FF:FF:FF:FF:FF is special address, broadcast address that applies to all clients of our network.
mon0 : our network's card interface, choose the one that is in monitor mode.
sometimes we have to add additional parameter of: '--ignore-negative-one', when the network interface's channel can't be determined.
access point's & attacked device's MAC addresses can be read using airodump-ng tool.
command is as follows:
> airodump-ng mon0
where:
mon0 : our network's card interface,
choose the one that is in monitor mode (see: 'Hacking Wireless' post for details).
BSSID field is access point's MAC address.
STATION field is client device's MAC address.
they can be read from lower part of airodump-ng's output.
Wednesday, February 4, 2015
Hacking Wireless.
how to crack password in a wireless router?
(of a network, not router's).
using aircrack-ng tool suite, for example.
we need also a computer with wireless network card that can go into 'monitor mode'.
this tutorial shows how, with kali linux pc (Paco):
first we turn on network card's monitor mode.
then we start 'sniffing' for data with airodump-ng tool.
we have to provide a dictionary file, either script-generated or downloaded.
if we want to use letter/digit/word/syllable combinations or something similar, we have to prepare dictionary properly, for example with a script.
this time i've provided modest three-word dictionary by typing it in Linux's vi editor.
i didn't see a Linux version without this editor as of yet.
then we can use aircrack-ng command to attack password.
command below attacks password protected by WPA standard, using dictionary method.
for more, reader should consult linux man pages or a proper course, perhaps more.
data 'sniffed' can be also decrypted with airdecap-ng tool, for example.
see also, if You wish: Wireless Network Cards with Linux.
(of a network, not router's).
using aircrack-ng tool suite, for example.
we need also a computer with wireless network card that can go into 'monitor mode'.
this tutorial shows how, with kali linux pc (Paco):
first we turn on network card's monitor mode.
then we start 'sniffing' for data with airodump-ng tool.
we have to provide a dictionary file, either script-generated or downloaded.
if we want to use letter/digit/word/syllable combinations or something similar, we have to prepare dictionary properly, for example with a script.
this time i've provided modest three-word dictionary by typing it in Linux's vi editor.
i didn't see a Linux version without this editor as of yet.
then we can use aircrack-ng command to attack password.
command below attacks password protected by WPA standard, using dictionary method.
for more, reader should consult linux man pages or a proper course, perhaps more.
data 'sniffed' can be also decrypted with airdecap-ng tool, for example.
see also, if You wish: Wireless Network Cards with Linux.
Tuesday, February 3, 2015
Ancient China's Intelligence Methods against Al-Qaida.
'... even in ancient times China had developed and documented an understanding of intelligence needs & practices for military and diplomatic activities. At that time, information requirements were relatively simple: enemy unit size, weaponry, location, and morale; bibliographical information on enemy commanders; terrain features; and the intentions of neutral and allied forces. In addition, the Tso-Chuan* describes intelligence operations employed not only to collect information but also to deceive the opposition and deny them militarily significiant information...'
* Tso-Chuan: 'Tradition of Tso', one of ancient Chinese battle narratives of the Eastern Chou period (ca. 770-403 B.C.).
-- Quoted, with small edit, from 'Chinese Intelligence Operations' by Nicholas Eftimiades.
How can an independent person with access to the Internet & books use that information to help to protect people against Al-Qaida?
- by preparing a short documents about certain people / roles in Al-Qaida's structure, with quotes & referenced sources,
- perhaps more.
* Tso-Chuan: 'Tradition of Tso', one of ancient Chinese battle narratives of the Eastern Chou period (ca. 770-403 B.C.).
-- Quoted, with small edit, from 'Chinese Intelligence Operations' by Nicholas Eftimiades.
How can an independent person with access to the Internet & books use that information to help to protect people against Al-Qaida?
- by preparing a short documents about certain people / roles in Al-Qaida's structure, with quotes & referenced sources,
- perhaps more.
Subscribe to:
Posts (Atom)