Linux Command Line Refernce Card – PDF Download

7 06 2007

Linux Command Line Tips – From PixelBeat will whisk you away to a really helpfull list/table of linux commands that are good to have on hand. Note: The commands with the bullet or DOT in front of them, are safe to cut and paste into your console. I made a quick PDF of the html table, so everyone can have a copy even when your not connected to the net.

DOWNLOAD: Linux_Command_Ref-Sheet.pdf

And yes, I first saw the link on Lifehacker. I wish they had more linux articles. I just made the switch myself and Lifehacker has little to offer in the way of linux. Oh well. Thanks for the info though!!

Of course all credit goes to the peeps over at for making a great ref card for us n00bs 😉

Good On Ya M8s!!

I’ll repost the table after the jump so anyone can cut and paste into their own document. Read the rest of this entry »

How To: Export Video From Your Set-Top Box To Your Mac via

5 06 2007

This hack is so simple I am humbled to stupidity in its presence.

Follow the link to see the extremely brief and easy to follow tutorial with download links!!

HERE: How To: Export Video From Your Set-Top Box To Your Mac [via]

Enjoy, you macheads you!!

On, “45 5F E1 04 22 CA 29 C4 93 3F 95 05 2B 79 2A B2”: *THE* HD Key To Rule Them All?

31 05 2007

So, this key, the one in the title, appears to be the key to rule all hd dvd keys.  Or is it?  It was actually posted may 23rd on Freedom To Tinker in a comment?!?!?  Yeah, you can use it as the key to decrypt alot of new HD discs but will it end  any need to work further on cracking AACS craptastic codes?  (Note this is the new HD key, not the one that was widely published and all fuxxored on d!gg.)

My only other source is this forum: DOOM9

Moving on, because this key was supposedly found one day after it was “put into action” by the powers that be, I’m gonna explore how the key was so rapidly extracted.

First, I’m gonna guess, just for shits and giggles.  Perhapse someone simply brute forced a prefab “wordlist” or 16 value hex number sets?  Since I refuse to go HD (either format) I have no way of really knowing if this is even plausible, cause I can’t test it out myself.  I also don’t have an XBOX 360 with the external HD-DVD drive handy to experiment with either.  So its fair to say that my first inclination is a pure shot in the dark… or is it? (see arnezami’s method of finding a Volume ID later on in the post)

Second, I’ll ask Google.  Well … so far its not an answer but it appears that someone bought this domain: …which is funny as hell cause there is no content, its just pure net real estate hilariousness.

But lets dig deeper, shall we?  Lets plug this hint “uv=00000047”, from the comment by BtCB, into Google. (pause for effect)

Okey dokey, now we are in business.  It would appear that a curios fellow who goes by the name arnezami over at DOOM9 FORUMS has some simple instructions on how to grab a Volume ID for HD-DVD.  And it follows:

Finding the Volume ID

How did I find the Volume ID?

There are essentially two ways (now). I used the USB sniffer (with the xbox 360 HD DVD) because I knew I didn’t have to bother with the (possibly obscured/wiped) memory of the software player.

  1. Download USB sniffer 1.8 then unzip and start it.
  2. Select the “USB Mass Storage Device” (I use the xbox 360 HD DVD drive) and click install.
  3. Unplug the HD DVD drive (the usb cable) and replug it again. It will be recognized by windows and the sniffer starts logging.
  4. Insert the Disc into the drive while the sniffer is.. well sniffing. Then start WinDVD and immediatly quit when the video (even the first black screen) starts. Then click ‘Close’ on the sniffer.
  5. You now have a huge log file (60+ MB or something). Open it in WinHex (pressing F7 for ascii only) and search for the ascii string (not hex search!) “00000000: 00 22 00 00” including the spaces (but excluding the quotes of course ).
  6. There was only one occurence of this in the whole file. So it has to be the Volume ID. Tata!

Btw: I used WinDVD but the above should also work for other players.

A different method (but less reliable I think) is to use WinDVD’s memdump.

  1. Open WinDVD’s memdump in WinHex
  2. Hex search (with WinHex) for 002200004000 or alternatively 0020202020200000. **
  3. There you will (usally) find the Volume ID. But I’m not sure this will always work. There may be more than one occurance. You can check if the last 16 bytes (of the 36 beginning with 0022) are random since that would have to be the MAC. If its not random you haven’t found it yet so you should go on searching until you do.


PS. Almost forgot: make sure you remove the last 16 bytes from the Volume ID log (which is the MAC) like I did in my first post. This is because in theory they might be able to track down your drive with that part… (you don’t want that). The Volume ID itself is for everybody the same (with the same movie) so that won’t reveal anything about yourself .

Seems like a plan, but if you look further you can just use these little apps posted in the same forums by a person named ape: and for Blu Ray use

But wait there’s more…

Well here is something to play with.


For me it works with WinDVD (which is the most sensitive I believe) and the Xbox 360 HD DVD. My sweet spot is a time value between 390 and 420. I usually set it at 410 which works perfectly (btw time is measured in nr of AGID retrieval attempts counted from the moment the player accesses the drive).

Just try it and play with it a bit.

Remember: this program does not use the private key. It just “watches” the drive carefully and then pretends to be the software player.

It works for HD DVD only atm.




PS. This is experimental programming. There could be bugs in it.

And that is all she wrote folks.  Yes this is the latest key to rule them all for AACS DRM craptakery and that was a little peek into how it was uncovered.  There should be HUGE applause for anrezami et all for all the hard work they did.  Just reading everything really gave me a pretty solid grasp of how AACS Encryption/DRM works.  Congrats to all the peeps at DOOM9 who worked very hard on getting all this info together.  All credit goes to them.

Of course SOMEBODY had to make some money off of all arnezami, BtCB and the rest of DOOM9’s hard work, and it looks like slysoft has borrowed arnezami and friends cracking methods to offer AnyDVD HD that will rip allmost any HD DVD or Blu Ray Disc without you having to do a damn thing.  I wonder if at least arnezami is getting a cut of the profits?  One lives in hope.

Anyhew none of this is native to linux but you can probably run most of it in WINE or convert the c++ aps to python.  Since AnyDVD doesn’t REALLY rip any HD disc then you might even consider just using the methods used by arnezami and the apps he and his friends over at DOOM9 created.

I made a little software pack for everyone so you don’t have to download everything seperately, except the slysoft app of course: HDandBDcrakingFiles.rar

Big Ups To All That Showed Big Hollywood That DRM is Useless.

Keep information free,


As it turns out you  don’t need to do a damn thing because according to

Follow the Jump to find arnezami’s sweet description of AACS encryption, if you want to understand everything that is…

Read the rest of this entry »

Tutorial: Wep Cracking At Its Best and Fastest Using Aircrack-PTW (Downloads)

17 05 2007

Source: The Register

A hanfull of hackers have the fastest attack on WEP that I’ve read of so far.

Here’s are the instructions via The Register:

 Step 1: Find the enemy (this is the test-network you created in your lab, to verify our results). You can use kismet or airodump to find it.

Step 2: Generate some traffic. To generate some traffic, use aireplay-ng in ARP injection mode. Aireplay will listen to the network until it has found an encrypted ARP packet. By reinjecting this packet again and again, you will generate a lot of traffic, and you will know that most of the traffic was ARP-traffic. For an ARP-Packet, you know the first 16 Bytes of the clertext and so the first 16 bytes of the cipherstream.

Step 3: Write this traffic to disk using airodump-ng or so. This will create a tcpdump-like capture file with the traffic.

Step 4: Launch our algorithm. You need the aircrack-ptw (by the way, aircrack-ptw has been integrated in the 0.9-dev version of aircrack-ng, which is currently in svn, but not released).

From a theoretical point of view, our algorithm is based on the following ideas. Andreas Klein, a German researcher, showed that there is a correlation in RC4 between Keybytes 1 to i-1, the keystream and the keybyte i. If the keybytes 1 to i-1 and the keystream are known, it is possible to guess the next unknown keybyte with a probability of about 1.36/256 which is a little bit higher than 1/256. We were able to show that it is also possible to guess the sum of keybytes i to i+k with a probability of more thatn 1.24/256.

In a WEP environment, the first three bytes of a packet key are always known and are called IV. Our tool tries to guess the sum of the next 1, 2, 3, … to 13 keybytes for every packet. If enough packets have been captured, the most guessed value for a sum is usually the right one. If not, the correct value is most times one of the most guessed ones.

Aircrack-ptw try to find the key, using this idea described above. If you have about 40,000 to 85,000 packets, your success probability is somewhere between 50 per cent and 95 per cent.

Sounds like fun!!

Big ups to The Register on the sweet article with the interview.  Please read the WHOLE article, the interview contains more information than the quick tutorial that I re-posted.  Reading the whole article will help you understand what this attack is really doing and how safe WEP really isn’t.

As for the attack itself, you can try to do it all in Windows using aircrack ported into cygwin.  However, I would suggest updating your BackTrack 2.0 disc or partition with the latest modules from the latest aircrack suite.

Happy Hacking!!

Top 9 Links and Videos On Lock Bumping and Bump Keys via

17 05 2007

Oh BuzzFeed you read my mind. I was just thinking about lock picking and or bumping.  I’ve practiced on my own door locks but I can’t get it to work as well as the guys in these links.


  1. Video: Action News Takes Us To The Dark Underworld Of Lock Bumping!

  2. Video: How To Make Your Own Bump Key

  3. Video: Bumping Principles – A Nice Graphic Explanation Of How It Works

  4. Video: Works On Padlocks, Too

  5. Your Bump Key Clearinghouse

  6. Video: The European Lock Bumping Expose

  7. I Guess This Means It’s Time To Get New Locks

  8. “Your Life At Risk Because Of A $1.79 Key?”

  9. A Home Security Alarm Blog (Shockingly) Says That Installing An Alarm Is Better Than Upgrading Your Locks

Wow, those really are the best 9 links I’ve seen on “Lock Bumping” or “Bump Keys”.  The really hard part is grinding down the tip and the shoulders of the key you are going to use as your bump key.  The easy part is getting the basic key cut with all settings on max or 9, depends on the key/lock that you want to bump.  Just go to whatever locksmith/keycutter nearest to you that won’t ask any questions.  Most won’t, some will laugh because they know what you are trying to do, but there is the occaisional asshole who thinks he’s friggin Judge Dread and won’t do it.  Its not illegal to posses or have bump keys cut, but it is illegal to use them on anything but your own property so stick to your own front door.  As for grinding down the shoulders and the tip of your key, a dremmel tool will do, but if you have access to something more accurate then use that instead.  Lastly you’ll need the “tomohawk” or basically a flexible plastic ruler with an eraser on the end.  That’s the part that you use to actually “bump” or hit the key while its in the lock.  My advice is to watch all the videos and read up, its not as easy as some make it out to be.

Happy Bumping!!

All credit goes to

PS: If you have a good link or tutorial on Bump Keys or Lock Bumping please post it in the comments.  I’ll add it to the list.

Rendur 2.1: A Great Tool For Learning HTML and CSS

14 05 2007

Rendurr 2.1 has implemented a novel idea in that their page “renders” itself in real time as you edit the code in their nifty little editor tool. This is a great way for people learning HTML and or CSS to see their code in action. Its a form of visual and interactive learning that could really help anyone from a beginner to a novice.

NOTE: Make sure you have JavaScript turned on or the site will not work.

Go ahead give it a try: Rendur 2.1

How To: Make Gmail Send Automated Responses To Anyone

14 05 2007

SOURCE: Ask Lifehacker: Set up a filtered response in Gmail? – Lifehacker

File this one under, “I can’t believe I didn’t think of it first“.  I could kick myself this is so simple.

Here’s the tutorial from lifehaker:

 From here on out, I’ll refer to you main Gmail account as Gmail 1 and your second as Gmail 2 (could it get more complicated?).

  1. Set up a filter in Gmail 1 that forwards messages to Gmail 2 that you want to send the auto-response to.
  2. Head over to Gmail 2 and go to the Accounts settings tab. You need to add your Gmail 1 address to your Gmail 2 account so that Gmail 2 can send messages as Gmail 1. Then set Gmail 1 as your default account in Gmail 2. This way all messages you send from Gmail 2 will still look like they’re coming from Gmail 1.
  3. Set up a Vacation responder in Gmail 2. Done!

Now when you receive a message from the sender you want to always auto-respond to, Gmail 1 will forward the message to Gmail 2, which will automatically send out your pre-defined response as though it’s coming straight from Gmail 1.

SEE!!!  Its so simple.  You set up a filter on one gmail account to autoforward emails to another account that has the vacation responder on with the message of your choice.  I still can’t believe I didn’t think of this.

Good on Ya Lifehacker, you got one up on me.