Higher Hacks

New Haks cometh...

2006-09-24T10:21:00.000Z

After almost 10 months of hack-less-ness (i think that's a word) we're back. Apologies to all ~~if Any readers~~ that missed us, we don't plan on going way this time round.

So here's what you can look forward too,

Downtime is in full effect; upload torrent files, and download files, remotely over http!, using some PHP, and everyones favourite bit-torrent client Azuerus, and Apache web server, completely cross platform (Linux, osx, windows).

Impress the flat mates; Turn your mobile phone in to a remote for your computer using open source software.

Plus much much more, including a site redesign, web 1.0 just isn't what it used be. Now if you excuse me, i think ER S13E01 is about ~~Down~~ done.

Remember we just show you how do it, the rest is your problem.

High and dry with no content to spy...

2006-05-06T09:06:00.000Z

Higher Hak's is not dead, just asleep...

In reality i actually left university, after 3 months. I was doing law(yes the hacker was training to be suit), however i felt that this was somewhat, out of character. To cut a long story short, i'll be returning to university this september, doing CS this time around, equiped with a mash-up of C++, XHTML, CSS, Javascript, and XML skill. I got big plans in the pipeline, hopefully so new content, and a slightly more refined site, blue-haxor is great and all, but where are the nifty corners, and the lightbox!

If you excuse me, i got to fill out some more forms, University isn't all fun and games...

High Res/Def Broadcatching

2006-02-22T01:24:00.000Z

Right, if your here from digg welcome. Tomorrow i'll hand code some sweet rss2.0 feeds for the following vidcasts

Diggnation large xvid torrent & direct
1up show large quicktime and wmv
pure pwnage
mariposaHD 720p
In digital large mpeg 4 and xvid

Plus any others that you put down in the comments, Bear in mind that i'll be doing this manually so forgive me if the links don't always update right away.

Oh by the way i'm hosting the feeds on a third party site(freeservers in fact) so if they go down blame the cheap account.

Brief FAQ

Why are you doing this?
Because i hate the notion of stealling content, and since there is all this free stuff out there.

How are you coding the feeds?
Using a program called feed spring, and some xml knowledge

What do you do in RL?
Nothing, i'm a Law dropout, who's working to go back to uni to do internet application development.

Lay the feeds on me folks.

Saving your PC, one Hard drive at a time

2006-02-13T11:01:00.000Z

So the l33t geeks at your institution have set up a kick ass file sharing system. There is like two terrabytes of content just waiting to copied, compressed and digested. But for some weird reason every time you open up your "media grabber" your PC slows to a crawl and your hard drive makes a grinding noise.
Welcome to what I and a lot of other folks like to call a "Network". Due to the higher bandwidth of this "network" in comparison to the internet, p2p pushes your PC's hard drive read speeds to the limits, to understand this better lets look at some figures.

The average sustained HDD read speed is about 30-40MB/s(Megabytes per second) in ideal conditions,
The theoretical maximum of a 10/100 network is about 12 MB/s, but in reality it's more like 10 MB/s.
Now these HDD read speeds are testing your drive doing one thing at a time, so either reading or writing, Hard disk are studious devices.
However with P2P you get to do both, at the same time. And if you got more than a few people downloading off you you can see where the numbers start to look bad. Drives just want you to have fun, so they bust their chops to get the data out as fast as possible, ~~mamma Maxtor always told them to do their best, if you don't Seagate will eat you!~~ Sure some NCQ(Native command queuing) might be helpful, but to those of us without RAID 5 setups or Nforce 4 chipsets those are wishful thoughts, so how do you stop this freak of tech.
What I'm going to do is limit the maximum speed that programs can request data over the network, meaning that my hard disk only needs to go as fast as the slowest component which is the artificial bottleneck that I'm going to create. So instead of 5 MB/s upload speeds (which is ridiculously fast) we have 200 KB/s which is a lot more heathly for your 7200 RPM rotating patters.
Sadly I haven't come across a open source solution (incase you didn't know we like Open source stuff), but I did find a program that does the job. It's called Netlimiter. It allows you to control the about of network bandwidth allowed to each program, on each network interface. It's got a nice easy to use interface, and is extremely stable. Plus it's completely transparent to the other programs on your PC( oh yeah this is PC only, so as usual Mac and nix users will have to look else where).
.
All you have to do is select what program you want to limit and input the numbers in the respective boxes. Up rate is the one you want to use to stop the effect we discussed happening. To get a decent rate use this simple formula,

ideal uprate x no. Of maximum users = total up bandwidth

So if I want my fellow sharers to have 100KB/s up and I have 4 slots open for uploads, then my total bandwidth is 400KB/s. In reality I keep mine at exactly 1 Mbit and have 5 slots open. So people get 200 KB/s (minimum) from me which is on par with a 2 Megabit broadband connection.
Well I hope this hack was successful, and helped you alleviate boredom for a few more minutes. Till the next Higher Hack, I bid you a farewell.

Press Release: We have not been contacted by any government agencies

2006-02-13T10:54:00.000Z

That's right folks, it's the first post of 2006. My Christmas break was a little longer that thought. Anyways I have more time this year, better tools, and more knowledge, which for you means cooler hacks that will make your ~~piracy~~ legal attempts to get free content even easier. With that Higher Hacks welcomes a new year, and even more content. Welcome

Merry haking Christmas

2005-12-07T13:20:00.000Z

Higher hacks is on Christmas break. We will be back in the new year with more hacks, cool tips, and ~~even bigger Non-RIAA permitted media libraries~~ even cooler ways to help you complete your degree.

So remember folks, stay safe, enjoy turkey, do some work, and don't get too wasted.

Higher Haks wishes everyone a Merry Christmas, and happy 2006

Higher Haks 4 06

The dog ate my homework, honest...

2005-11-15T14:55:00.000Z

So you worked tirelessly, night and day for the last ~~24 hours~~ week on your assignment. You go to put in your USB key (or floppy if you like retro) so you can print your work, but you can’t find it. After a bout of swearing you come to the conclusion that you’re screwed.
Well if you had read this first, everything would be fine. As a fan of Palm OS PDA’s (I’m on my third), I was introduced to a lovely program called Avvenu. This thing is a life safer, and best of all it’s completely free (well for 10 years at least).
So what does this weirdly spelt program do. Basically it maps your entire computer, every Hard Drive, and Optical Drive. So if your work happens to be on a CD sitting in your drive, you can still get it! Plus it allows you to upload virtually any file, to your computer, and place it in any folder. And last but not least, it does all of this over the HTTP, meaning that even if you have a proxy server you can still use it.
Now we’ve told you hold to do complex things like hiding your bit-torrent traffic, but this is the easiest thing you’ll setup this week.

Go here, and click the big green “Download” button.
Once it’s done downloading, install the program, and follow the instructions.
You’ll need to sign up for a new account, as seen here, remember that it’s completely free.If you are in fact behind a proxy server don’t forget to look out for the “Corporate Proxy Firewall” tick box, so you can enter your proxy details.
Now that’s done you can shift your browser over too “share.avvenu.com” and login just to test it out. Now from any computer connected to the internet in all the world (ok, maybe not China), and as long as your computer is on, connected to the net, and Avvenu is running, you can access all your files. Here’s a quick tip, change your bios settings so that your computer restarts after a loss of power, so that way it will reboot, if the power is lost, ensuring you can still get your work.As you can see Avvenu uses a secure “HTTPS” connection, to your computer. Plus you can see the Civilization 3 CD in my drive, (Haven’t had time to drop the cash on Civ 4 ^_^). As it goes though a third party server, download speeds aren’t jaw dropping, I got roughly 30Kbps on a 4 Mbit connection, so it’s not Bit-torrent, but it will save your skin. And yes that is TWIT you see down there.
Now remember I said, I like PDA’s, check this outIt works on all PDA’s with online capabilities, and mobile phone web browsers too, so you can get your work anytime, (given that you have a way to get it off the device).
So hopefully you’ll never not have access to your work ever again (At least for the next ten years). Now if you’ll excuse me I got an essay to finish. Damn, anyone seen my diskette?

Bit Torrent Safety 101

2005-11-07T19:14:00.000Z

Bit-Torrent is a strange creature, it is unlike most other peer-to-peer file-sharing applications in that when you want to download something, you must first download a file containing a descriptor for it first. These files are called .torrents.
A .torrent file tells your Bit-Torrent client where to look for the data you seek; it contains information about the file’s tracker, size, contents, and also holds unique numbers called checksums that help determine whether or not the file has downloaded correctly. Most commonly, .torrent files are found through websites called trackers (or indexes if they aren’t running a tracker of their own).

The MPAA and RIAA have been hot on the tails of Bit-torrent users for months now, and patrolling of tracker sites and campus networks for illegal activity is becoming more and more commonplace. Upon finishing this article, you will know everything you need to know in order to make Azureus, a popular cross-platform client, fairly safe from the campus network authority. This article assumes you have already installed Azureus, and have downloaded a .torrent file before.
The most important thing to remember about security is that you don’t have to be the most sneaky, you just need to be more sneaky than most of those around you. The majority of people who used to file-share before coming to college still do, and most of them do it without even realizing that they should be careful about what they are doing. Something worth noting is that even if you follow this guide, you still could get caught. These are just those methods which I have employed and have thus-far found to be working well. Ultimately you will want to stay away from hollywood blockbusters and mainstream music, and depending on your level of paranoia, it is likely a good idea to stay away from just-released and very popular computer or console games.

The first thing you will want to do in an attempt to hide your Bit-Torrent traffic is something that you might need to do just to get it to work in the first place. It involves changing the default port used by the client to communicate with the tracker. Azureus defaults to 6881, but many campuses employ port blocking in an attempt to halt P2P activity.
The following screenshots were taken on a Mac run Azureus. Only cosmetic differences change from platform to platform, so you will be able to use this guide for any platform that Azureus supports.

Enter the ‘Options’ of and change the Incoming TCP Listen Port. Stay away from ports used by other file-sharing services. I have found that using a fairly random port number tends to work well

Next you will want to head over to the Azureus site and download a plugin called SafePeer. SafePeer downloads a list of IP addresses from the Peer-Guardian database and then attempts to block communication to any IP that is in on the list. Download safepeer and then drop the .jar file and any other files contained in the archive into your Azureus plugins folder.

For Mac OS X: /Users//Library/Application Support/Azureus/plugins/safepeer/
For Windows: C:\Documents and Settings\\Application Data\Azureus\plugins\safepeer (Remember that the Application Data folder may be hidden, so you may have to enable 'Show hidden files and folders' under Tools > Folder Options > View > Show Hidden Files and Folders in your explorer window)
For Linux: /home//.Azureus/plugins/safepeer

On the IP Filters page, you can look at and edit which IP ranges are blocked by Azureus. This list is populated by safepeer automatically.

Don’t be selfish, share

2005-11-01T23:30:00.000Z

Music, Movies, and Warez, Three things that the modern student loves. Normally these non-DMCA materials are supplied via Bit-torrent or if you consider yourself highly skilled, via an FTP or News net server. However this can be sightly daunting for the less advanced among us. Solution, search for open shares.
Now there are two ways too do this, the “l33t” way and the Script kiddy way. I started off with the former, but settled into the latter when I realized how ridiculously easy it was. Either which way your going to need some tools.

First decide, are you a “Script Kiddy” or a “l33t haxor”?

Script Kiddy tools	L33t tools
MerX network Scanner(Windows only)	Nmap(OSX, Linux &Windows)
	Terminal experience
	Preferably a Linux Distro

Now that we got the tools out of the way, lets spilt the article

The Script Kiddy way

Download and install MerX network scanner, always remember, (anything we tell you to get, scan it for viruses first, it never hurts.)

Discover what your computers IP address, there a couple of ways to do this, easiest is to go to Start > Run, and type in “ipconfig”. It should look something like this.
192.168.1.145

The highlighted section of this is your subnet. Now depending on your network setup, your subnet, may or may not contain all the computers on your campus network. Now to make things “quick” we’ll start with scanning your subnet, as the total number of computers on it is limited to 64,770 (255 x 254).

Open MerX, and look at the bottom pane, you should see a tab labeled “share – scanner”. I would advise that you search 254 addresses at a time; you can scan the whole network, however this takes more time. Depending on your Subnet you should scan from the xxx.xxx.xxx.1 to xxx.xxx.xxx.254. Select “smb”, and hit “start scan”. Then go find something to do for a few minutes.

4. When you return, the program should present you with a list of “Samba file shares” if it found any at all. Now many of these will be people that have enabled printer sharing, so their shares only contain print drivers, however luckily MerX lists the number of shared files, but that’s not the best part. Goto the “filesearch” tab. Select the files you want to search for and hit search.

If everything worked, this is what you should see. Simply right click on the files and hit Download, Navigate to the Download tab on the top pane and click “start download” to begin you transfer. Thanks to the fact that this isn’t over the internet expect your media to arrive on your desktop in a few minutes, depending on the volume of network traffic. The program supports download pausing, and multiple downloads, so enjoy.

Tips:-

Don’t forget to save your list of scanned addresses, with the File > Save option; This will save you having to scan them again.

To find other shares simply change the 2nd (xxx.yyy.xxx.xxx.)and 3rd (xxx.xxx.yyy.xxx)numbers of the IP address to gain access to more files

Remember that it only scans PC’s that are on at the time of scanning, so make sure you try the same ranges of IP at different times of the day

Lastly unless your IP is generated dynamically, it would be advisable to manually change your IP address when you do this. It won’t completely cover your tracks, but in case someone’s firewall alerts them to your presence it should at least slow them down from being able to track your DMCA breaking behind, down

The L33T way

So if you think your good enough, there is another way, it’s a lot more in depth, and will help a bit when it comes to the finer operations. For the purposes of this section I’m going to assume you know a little something about Unix based systems. Only the L33t use Linux, unless you actually like Linspire… Personally if your not sure which distro to use, I would highly recommend a Debian based distro, Ubuntu 5.10 being my favorite

Go and fetch yourself a copy of Nmap, download it, Apt-Get it, whatever, just get it

Based on your IP address, work out your subnet. Normally the last three sets of numbers. If you IP is 192.168.1.145, then you subnet would be 192.168.1.1 to 192.168.255.254. Now we don’t want to go crazy, scans take time, so scan in groups of 254 addresses

Open a Terminal (unless you stuck with windows) and type “nmap” it should return a list of instructions of how to use this wonderful piece of technology

Now there are a few commands that you could use.

nmap -sP : Ping Scan
nmap -sS : Steath scan (A scan without pinging first)
nmap -sV : Version scan (looks for program versions, on listening ports)
nmap -O : Finger printing (Discovers what OS is on target machine.
nmap –help : this will show you all the other comands availible.

I recommend using the command “nmap –sP” at first, because it's faster and won't try to scan IP's that don't exist. However bare in mind, that these commands don't have to be used individually. Eg. “nmap -sP -O 192.168.1.1”
Either which way, expect to wait for a while. So walk away from your computer and twiddle your thumbs for a few minutes, (depending on the number of addresses this could easily take half an hour).

When you return, you should a nice list of IP’s that looks something like this, depending on what commands you entered.

(Apologies for the messy blackout's but IP's and hosts must be protected, sort of...)
Here’s the fun part, now you get to go though the list and try identify which PC’s will be most likely to have open shares, FTP servers, DC++ host’s etc. based on which ports they have open and what OS they are running. To discover what programs use what ports just google “port #” + port “ or use the “-sV” option as show here.

Finally either use the GUI or a terminal to mount and browse the share, enjoy.

In my Experience, Mac/Apple users are a waste of time(for this method), the fact that they have a mac, means they can afford not to pirate stuff, It’s the digital divide; plus they tend to not be accessible. Linux users are normally quite advanced, and will normally only have a share OSS software, not that there is anything wrong with that, but it’s not Lost now it is? That leaves one group…

Now why have I told you to do this, why didn’t I tell you to go and get something like “SMBspy”. Because Nmap will not only tell you what ports are open, but what OS each pc is running. Cool, for a couple of reasons. One if you so wish, you can try and discover exploits to gain access to various features on the “target” system. Such as a VNC server, or a HTTP server etc. Learning to do things yourself, or writing bash scripts to do it for you, are part of being a hacker, downloading MerX and double clicking aren’t, so in case you missed that, MerX isn’t the solution to everything.
And in case you were wondering, unless the person you accessed/hacked has a software firewall like Zone Alarm, they will never know that you accessed their computer (there are more advanced ways to discover your intrusion, but basically that statement holds true).
Hopefully you can now enjoy the fine array of non-pornographic media you were able to obtain. And remember if you can do it, that means someone else can, the amount of times I’ve come across people that have shared their entire C:/ drive with Read & write access is frightening, I even left a message saying “Hacked” on one guys Desktop instructing him to get a firewall, and turn off “file and print sharing”, he didn’t listen, please do.

Veritech

We launch tomorrow

2005-11-01T15:16:00.000Z

Higher Hack's goes officially l33t haxor tomorrow November 2. We had planned to go live today, however it's Digg.com first birthday today. So happy birthday digg, and we'll hack the net tomorrow.

Don't forget to return, or subscribe on the RSS feed.

Cya tomorrow folks

2005-10-22T23:01:00.000Z

Welcome to Higher hacks. A blog devoted to helping University and College students around the world get the most out of the school, college, University and even work based IT environments.

Anyone can submit a higher hack, all you have to do is send as an email describing the hack to us, what it does, and roughly how it works, and what's required. Chances are if it hasn't been posted all ready we'll post it up for the rest of the readers to enjoy and tinker with.

Plus we are looking for writers! This is no paid pig neither does it involve that much work, it's for the sheer joy of hacking, and pissing off system admins. So if you think you've got the L33t technical skills, along with the literary skills drop us a line. As long as you can write in English, your eligible. Applicants will need to write a brief paragraph or two describing there technical skills and experience.

Remember that we're aren't responsible for anything you decide to do, based on what you may or may not have seen here, so please use your own discretion when undertaking higher hacks.