4/11/2014: Initial release.
This last week there has been an encryption flaw identified inside the Open SSL protocol that is used in many popular websites today that can affect you. See the excerpt below from the main heartbleed.com website:
The Heartbleed Bug is a serious vulnerability in the popular OpenSSL cryptographic software library. This weakness allows stealing the information protected, under normal conditions, by the SSL/TLS encryption used to secure the Internet. SSL/TLS provides communication security and privacy over the Internet for applications such as web, email, instant messaging (IM) and some virtual private networks (VPNs).
The Heartbleed bug allows anyone on the Internet to read the memory of the systems protected by the vulnerable versions of the OpenSSL software. This compromises the secret keys used to identify the service providers and to encrypt the traffic, the names and passwords of the users and the actual content. This allows attackers to eavesdrop on communications, steal data directly from the services and users and to impersonate services and users.
So what are some example sites? Well, this is what I’m going to be doing this weekend, changing passwords for a lot of my accounts at sites like:
and a few more.
Thankfully, banking websites or sites like amazon or ebay were not compromised. To learn more about the bug, and other sites that have or have not patched their servers, see the links below.
I am advising anyone who reads this article to change your passwords as soon as possible. You do not want to be part of identity theft or worse. It will become a living nightmare.
Note: This tutorial shows networking steps for Windows XP and Windows 7. Why no Vista love? Because Windows 7 is better, and I ask you to consider ditching Vista for 7. Thank you. – Versatile
3-15-10: Initial release. Expect revisions all year round guaranteed.
8-9-10: Added more information/clarifications to the router method.
6-24-12: Fixed video links.
10-6-12: Fixed video tutorial links.
The Playstation 2 (Fat or Slim) is a great console to have fun with. In fact, did you know that if you have a FAT PS2 (With the ethernet adapter), or a Slim PS2, that you can share PS2 games stored on the PC hard drive through the SMB network, and have the PS2 recognize it through Ethernet?
Sorry, did I lose you? Let me paint an easier picture to understand:
1) You rip a PS2 game to your computer’s hard drive.
2) You setup the appropriate network information and share the correct PS2 folder that has your PS2 game data.
3) You boot the Playstation 2 console, and load homebrew program OpenPS2Loader.
4) OpenPS2Loader will start the network connection and it will automatically see your shared game folder on the PC. You select a game, and play!
Foreword: Before you jump to conclusions, this post is not about how to exploit steam to get free games. I was browsing youtube and found this video, which is obviously a scam. Being that this is Exploit week, why not take a break from writing exploits, and have fun with real life exploiters instead for a day?
If you think this is evil, then you are correct. If you think this is hilarious, great. If you think I shouldn’t do this, then screw off. I’m doing it anyway. It’s time for us to fight back! ~ Versatile
6-25-09: Initial release.
Being that this week is Exploitation week, I wanted to find a new exploit to talk about. Going to Youtube, I found this video, and I could not resist. Below is the video. The fun comes afterwards:
Here comes the fun part:
If you watched the video, steps three and four are very interesting. The screenshots are below:
Should I try it out? See what happens? Yes, why not! I am so ready to chew this guy apart!!!
See my Email below:
Well, what really sucked is that the email address in the video was totally messed up of course, so I did some guesswork and I found an email that worked.
So above is my email message. I sent it off and I did not get a bounce back, so I assumed the email is good. There are two things that can happen here:
1) The person has spoofed an email so he will get what I just sent above
2) This is an official Valve email address. I searched google but nothing came up so lets see if it is an official email. If it is, let’s see what Valve has to say. If not and it is the exploiter’s email, I am going to respond back and forth and mess with his mind. Expect updated pictures on this post as time goes on!
Share this Post