Adventures with Customizing and Configuring an Electric skateboard.

March 21, 2017
DYIElectric SkateboardWashington DC

So, I received an electric skateboard in the mail the other day from Paradox Longboards. While it took a VERY long time to ship from China to the US I was really surprised at how nice the Skateboard and its accessories are.

Essentially it looked like a custom E-Wheelin Skateboard. The one that I received had a bit more horsepower than the typical ones they sell. I did run into issues as the first skateboard died but Paradox Longboards replaced that with a working one and while it did take forever to receive the company did stand behind their product and honor the warranty.

OK so let’s talk about what I did with it as this was more of a hardware move then a hack.  The Penny size board was fun but I decided I needed to get a longer deck so that I could have more control. Luckily, I had a dead board to mess with and I used it as a template to deconstruct and move the working board onto a new longboard deck. I choose a 38-inch-long by 9.37 width deck that I got off eBay for under $40.

I used the top white cover where the control and battery, I will refer to this as control housing, sit as the template and drilled the holes from bottom to top of the deck, thinking ahead about using the grip tape to cover any blemishes I create.

 

I also found a neoprene type of double sided sticky tape which was also 7” Wide x 14” Long which I also used under the control housing between the skateboard deck.

So, before any work I made sure to take tons of pictures, pictures of the direction of the trucks and pictures of the directions of the wires connected to the trucks. I also took pics of the control unit since I had it opened and compared to the failed skateboard.

Moving the trucks, control unit and padding was super easy once I had the control unit predrilled holes in place. I say that prep time was so much more longer than the time it took to move the parts over to the new deck.

Once I got the hardware, control unit and trucks moved over I got creative… I decided that I would make the grip tape design on the new electric skateboard deck in the design of the Washington, DC state flag. Now people probably don’t realize that the Washington DC state flag is part of George Washington official Coat of Arms, since I am a DC guy and patriotic this design concept worked out great for me.

 

I had to use a mail order service for the grip tape as not many people used that length of tape and luckily, I found an awesome online shop called Tactics.com that includes FREE shipping with NO minimum, so I got a very long length of red grip tape and a long length of black for about 5$ each with free shipping.




Links to some sources:

http://paradoxlongboards.com/ 

http://www.tactics.com/

DuPont Circle – Abandon Subway / Streetcar line

February 5, 2017
Secret Siteurban explorationWashington DC

So I was allowed to go past the locked grate and down into the old abandon Subway / Streetcar line.

Not too many people know that under DuPont Circle in Washington, D.C. is an abandon Subway / Streetcar line. The space is kind of odd as it is so expansive and yet so empty.

The first images you see are with the platform and that area is the only area that has electricity.  I was kind of surprised on how clean it was. You would think with an abandon Subway/Streetcar line you would have a rat or two, nope none.

There are several entrances but mostly it is completely sealed up. The tunnel in its current form has no destination and no purpose. Essentially you just end up in a big circle. The ends of the line are blocked up with concrete.

So as we toured the complete line we occasionally ran into an art exhibit and it was a neat surprise as it was not featured or mentioned. You can check the pics below.

Now I will say that I believe there are two more of these older abandon lines around, I wont divulge the locations of them yet but I have seen older Subway / Streetcar line Pics showing more underground stops and they can been seen on Google earth. I have located a door of another near 14th st.

You see more info here from WashPo about the circle, good link with a map 

 




 

I will add more pics and video soon, if you do decided to steal these or screenshot, or use these pics just remember to use a simple “Pic’s courtesy of GoAttack.com”.

I shot this video with my Samsung Galaxy 6 and most of the walk was in the dark so I really didn’t have the pro lighting and camera because I really wanted to de-stress from work and just have fun while also taking shots and video on my phone. I also edited this on the Samsung Galaxy…lol Yea it has a edit app that I used so quality on this vid is not the best…lol

Updating Soon!!

February 3, 2017
Uncategorized

Hi guys, I have been so busy with a super long work deadline that I have been MIA on the hacking videos and talk. Well, I am going to change Direction for just a little bit and add some Spy/Trade-craft and urban exploring videos to my channel as well. I will still be primarily speaking on hacking but I also had mentioned in the beginning that I would also show you some interesting secret DC stuff. So stay tuned for both. One of my work deadlines is almost finished and I can get back into the videos! Thanks!

Free Burp Suite training!

November 24, 2016
Burp SuiteKali

So I was looking for new different perspectives on the Burp Suite modules and thats when I found this really great Burp Suite Medium / Beginner course that I thought I would share. This is a completely free sign up and very well laid out course with provided material. Brought to you by Geri Revay at Aether Security Lab… go check it out.

I dont know how many times I have seen Burp Suite as a recommended tool from HR headhunters so if you are breaking into the Pen/Sec world this is for you.

Free Burp corse

 

http://aetherlab.teachable.com/p/burp-suite

 




LASER – MYTHO PIC’S

March 25, 2016
Mythos-Pictures

wp-1458933300342

Quick USB console to Raspberry Pi setup.

March 19, 2016
Kali

The Setup

Setting up console in Linux for the Raspberry pi is super easy. The main idea is you have two configurations that need to meet in order for the devices to talk to each other. On the Raspberry Pi side you make a small change to a file in the boot partition and on the Linux workstation you run a command in Terminal to match the speed and location setting.

So you need to download one package on your Linux workstation. The package is called “screen” and it is simple to use and download.

On your Linux workstation

For Fedora:  sudo dnf install screen

Other versions:  sudo apt-get install screen

Once screen is installed you can test it by typing screen and look for the Terminal top bar to change.

On the Pi

On the Raspberry Pi (Or Any Pi) you need to configure the cmdline.txt

Just add:  console=ttyAMA0,115200

Run in Terminal

In Terminal:  sudo screen /dev/ttyUSB0 115200

 



 

 

The Pin Out

USB console cable would be:

  • Black cable (Ground) to pin 6
  • White cable (Transmits) to pin 8
  • Green cable (Receive) to pin 10
  • Red cable (Power) For now leave disconnected.
2016-03-20-18_22_58-Untitled-Diagram.xml-draw.io_

Click to enlarge – Pin out for USB serial to Raspberry Pi

 

 

Spy Proof Secret Email Account- ProtonMail.

March 15, 2016
emailProtonmail

Just a short preview of Protonmail. In the video you will see an example of what happens when you send an email to a non Protonmail member. I also just show some basic features of using Protonmail, You can still send non encrypted emails to others as like any other email system.



Kali Pi – MYTHO’S PIC’S

March 14, 2016
Uncategorized

foto_no_exif

How to Install Kali linux with full features on Raspberry Pi Vr. 2 – All Apps and RDP – 1 of 2

January 18, 2016
Uncategorized


Kali and the Raspberry Pi.

When the developers of Kali Linux approached porting the OS to the Raspberry Pi 2 they came up with a unique strategy of offering a base system and then creating an apt-get process to download bundled and preconfigured tool sets. Most researchers won’t fully use the Raspberry Pi as sole Kali product but researchers will use the Raspberry Pi version of Kali as an extension of their own shell, such as a remote wireless auditor. So once we download the base OS you will immediately notice how streamline and easy it is to add the Kali tools and removing them as bundles using the same method. The video is coming soon.

It should be noted here that Offensive Security Group which houses the Raspberry Pi version of Kali is an author and creator of the Kali project. Offensive Security Group also houses Metasploit, the Exploit Database, and Backtrack.  Auditor Linux – the first pen suite I ever used by people affiliated with this group.

 

Only download the image from Offensive Security Group by either the OSG home page or the Kali.org homepage. If you download from other sources you really have no idea what you are getting!!!

Get the Kali image for Raspberry PI We will be showing you here two ways to set up your Pi and both versions are correct. I am going to show you my way first and then a suggested way from the OSG blog in my next post.

My install method.

After we download the minimal image from OSG write it to ur MicroSD and place it in the Pi we then add our Wi-Fi adapter and plug HDMI to our monitor. Usually I go with headless installs but we need to log in one time visually to accept the default desktop and add your Raspberry Pi to the home Wi-Fi network, alternately of course you could just plug your Pi into your router via eth cable and access it that way but the Raspberry Pi is more reliable than say the Orange Pi so I like to do the Raspberry wirelessly.

So with our Pi up and accessible we then resize the MicroSD by running the wiggle script

If these command do not work add sudo and try again.

 

Expand the SD!

There are two ways to resize the SD card. If the wiggle script does not work try the second longer option.

First Method:

After resize is complete it will ask you to press enter to reboot, please do. Only run once!

wget https://raw.github.com/dweeber/rpiwiggle/master/rpi-wiggle

chmod +x rpi-wiggle

sudo ./rpi-wiggle

Or try this method to download Rasp-config to expand the SD:

Second Method:

wget http://archive.raspberrypi.org/debian/pool/main/r/raspi-config/raspi-config_20150706_all.deb

wget http://http.us.debian.org/debian/pool/main/l/lua5.1/lua5.1_5.1.5-7.1_armhf.deb

wget http://http.us.debian.org/debian/pool/main/t/triggerhappy/triggerhappy_0.3.4-2_armhf.deb

dpkg -i triggerhappy_0.3.4-2_armhf.deb

dpkg -i lua5.1_5.1.5-7.1_armhf.deb

dpkg -i raspi-config_20150706_all.deb

raspi-config

 

Continue…

After reboot and resize we log back in, using ssh.   

ssh –l root 192.168.x.x

We then update:

apt-get update

We then upgrade:

apt-get upgrade

 




 

 

Get Remote!

Install xrdp so you can RDP from Linux or a Windows box or even your Phone into your Pi:

apt-get install xrdp

Start the xrdp:

service xrdp start

In other versions of Linux xrdp will automatically start on reboot but on Kali you may have to force it to autostart when loaded by running this command to append xrdp to autostart:

sudo update-rc.d xrdp enable  – info about update-rc.d

 

Beef it up!

Now we have access to our Raspberry Pi running a slim version of Kali and we need to beef it up with some useful tools. First we add wireless security suite and the we will follow it up with RTL-SDR.

Please browse over to Kali Metapackages for more detail of all packages you can add.

So we already have the base system and this project I had envisioned using my Pi as remote WiFi hacking tool so I will start with the WiFi hacking metapackage.

apt-get install kali-linux-wireless 

This will take some time to install, also note the GB size of each package. As you can see the more you add the larger the space it takes up.

Next I would like to add PWTools for a side project, I will go ahead and add it after the wireless metapackage completes.

apt-get install kali-linux-pwtools

After both installs are complete you just need to add your secondary WiFi card, promiscuous mode, and you are ready to extend your shell.

 

Now it’s incredibly important that I let you know if you decide to go with a full install it may take over several hours. I did manage to install the full and it took over 3 hrs, It took 40 min alone to download the packages and the a few hours to unpack and install them and after the install the OS was kind of funky.

 

Uninstall Kali metapackages.

You can also uninstall packages in this method. Say you just want the wireless auditing metapackage but you have decided not to use the PWTools  metapackage. Well all you have to do is uninstall that metapackage group something like this:

apt-get remove kali-linux-pwtools or apt-get purge kali-linux-pwtools

 

STILL IN USE – MYTHO’S PIC’S

January 16, 2016
Mythos-Pictures

tumblr_nljnofytgf1uqwem1o1_1280

Atlantic Research Interview 40B

Kali Linux Metapackages – Getting the missing tools properly.

January 16, 2016
Kali

Kali Linux ARM images.

When the developers of Kali Linux approached porting the OS to the Raspberry Pi 2 they came up with a unique strategy of offering a base system and then creating an apt-get process to download bundled and preconfigured tool sets. Most researchers won’t fully use the Raspberry Pi as sole Kali product but researchers will use the Raspberry Pi version of Kali as an extension of their own shell, such as a remote wireless auditor. So once we download the base OS you will immediately notice how streamline and easy it is to add the Kali tools and removing them as bundles using the same method.

What are Metapackages!

As mentioned in our quick video, Metapackages are repository packages of tools packed together, with the same kind or likeness, for easy installation. These Metapackages can be used not just for the Raspberry Pi but most ARM or Slim versions of Kali Linux, also another trick you can do is add the Kali Linux distro repository links to say another Debian based Linux and add the same packages, like adding wireless hacks to Ubuntu, it can be done but that requires a bit of Linux skill and more time to explain. Anyway…  on to our Raspberry Pi example.

New installations of Kali OS Images on ARM chipsets will only have the basic top 10 Kali tools installed. You should research and configure your new installation to add the Metapackages of attack tools you will be using. Not all tools will be available but most of them are there. Tools that are not available are only missing due to the compatibility of the tool and the ARM chipset architecture. The installation is SUPER easy by using the apt-get method. For instance the command to install all wireless hacking tools is just:

apt-get install kali-linux-wireless

Links to Metapackages 

Please check out all the Kali Metapackages:

Kali Metapackages – Link includes basic name and installation size in GB.

Kali Metapackages detailed description – Basic name and detailed package content.

So you have to calculate the base image size with the add on Metapackages. In my case the uncompressed Kali image was just over 3GB and the wireless hacking tools Metapackage was 6.6GB thus totaling just under 10GB. So you will want a nice big MicroSD card to store your various Metapackages on Kali.

Special Kali Metapackages

apt-get install kali-linux-full – 9 GB

apt-get install kali-linux-all – 15GB

There are full and All versions of Metapackages, if you want to strip and slim down your Kali system and then reinstall you can. This is helpful in some instances where you want to refresh a Kali desktop environment (Yes, these same Metapackages can be installed on Kali desktop :-))

Now it’s incredibly important that I let you know if you decide to go with a full install it may take over several hours. I did manage to install the full and it took over 3 hrs, It took 40 min alone to download the packages and the a few hours to unpack and install them and after the install the OS was kind of funky.

 




 

Uninstall Kali Metapackages.

You can also uninstall packages in this method. Say you just want the wireless auditing Metapackage but you have decided not to use the SDR-RTL Metapackage. Well all you have to do is uninstall that Metapackage group something like this:

apt-get remove kali-linux-sdr or apt-get purge kali-linux-sdr 

Coming up next!

Please tune in to our YouTube channel series on installing the Kali Linux OS on the Raspberry Pi. We understand that there are many tutorials out there in the hacking community but we feel we can bring a simple common sense approach to installing. Subscribe to our channel and like our vids!

Next Tutorial

Check out this tutorial (video in the works.) How to install Kali Vr 2 for Raspberry Pi with all tools.

Also once we complete the installation series we will dive into tool tutorials with what is used in Kali OS. We will also give examples using the Raspberry Pi in real world situations.

Thanks!

-Mytho

 

Net neutrality – MYTHO’S PIC’S

January 15, 2016
Mythos-Pictures

wp-1452843615235

Found this on my walk one day. – Georgetown –  Washington, DC.

OSOYOO / KeDei 3.5 inch TFTLCD touch screen for RASPBERRY PI – Including Drivers for download.

January 13, 2016
Kali

wp-1452661601662-e1452661948709

This is my Raspberry Pi connected to the  OSOYOO / KeDei 3.5 display I picked up for like $10. They sell these on eBay and Amazon. After installing it I quickly questioned the need for this as a display. Unless you have it just pipe some notifications to the display. Holding it in hand I think I will never use something this small as a full-blown monitor..

I had envisioned mine as running as just status and visual alerts…Like, Say I’m running Kali and I just want to peak at what it is doing while it’s in my bag at the local coffee shop.

Buyer Beware: It’s hard to find drivers for this LCD Manufacture. If you plan on purchasing one go bigger and look for a display that can run Notro’s LCD driver fbtft scripts.

It’s running here with what the sellers are calling a “driver” but the driver they pass around is really is a complete raspberry image which to me… kind of blows. So I went on a quest to find all the drivers and I had the hardest time searching the web  but I did eventually find them on a Chinese manufactures site. Hopefully we can all benefit from this find. I will link them here and you can download them from our GoAttack Mega Account.

So in the future I will have some Raspberry Pi images with the LCD / TFTLCD drivers set but until then Here are the links to the drivers.

OSOYOO / KeDei 3.5 inch Drivers:

 




 

Resource Blogs that are very helpful with this display:

 

Some additional pic’s of the LCD

  wp-1452661729086wp-1452661641119-e1452661939858wp-1452720359766wp-1452661667606-e1452661929370

Fear and Google. xvala – Mytho’s Pic’s

January 12, 2016
Mythos-Pictures
0 Comment

wp-1452649454968

XVALA – In 2014, he made headlines for claiming he would use leaked nude photos of celebrities Jennifer Lawrence and Kate Upton in an exhibit in St. Petersburg, Florida as part of his “Fear Google” campaign.

The Hackers Way to set up a OrangePi without keyboard or monitor. AKA easy Headless install.

January 4, 2016
Uncategorized

Originally this was going to be titled the Newbies guide to installing an Orange Pi… But I ran into issues recreating the install. The tutorial starts below the vid.

The concept I wanted to show was that with just a laptop running Linux, a home wireless router and the Orange PI we could easily set up a OrangePi without a monitor and keyboard. The problem is when I tried to test and recreate this same scenario multiple times with my same equipment it failed 2 out of 10 times. So this will not be a definitive guide but a helpful setup strategy.

It’s easy to say the OrangePi hardware is very unreliable. Also if I attached any USB WiFi card right away for some reason it would make the on board NIC inaccessible. The OrangePi also was very picky on which USB ports worked. I suspect a power issue on the USB ports but I did have a steady working port… I just had to trial and error to find it.

So for my new installs I just did not place any USB device in the OrangePi until I was ready and after applied full updates and upgrades and the RDP package was installed.

It should also be noted that if the SD card is not written properly, on windows machines because of the extraction this is typical, it will not boot! In fact it will look DOA or broken. The Pi’s do not have a BIOS so the software that is loaded into the boot partition runs the commands that normally would be found in a computer BIOS… So if no lights come on or it looks dead in most cases you will find that the card was not written properly and the Pi can not see the BOIS setting.

If the SD card is not the proper speed it will not boot! So make sure you properly extract the image if you are on windows and make sure you have a fast card.

 

Make sure you watch the YouTube vid first.

 

 




 

So with that in mind Lets begin.

This tutorial will need:
A computer with Linux.
A home router / WiFi access point.
Ethernet cable.
Orange Pi with Micro SD card.

Download Packages:
Angry IP scanner.

My suggestion would be Fedora 23 Linux. You can download a bootable working image from the site.

You will need to download the OrangePI image. I am using Ubuntu Vivid Mate.

First we need to verify which model of OrangePI we are using. Download the proper image for your Orange PI version, in my case it is OrangePI PC ver 1.2

After downloading then transferring the image to the MicroUSB using the Linux Image restore tool we will insert it into our OrangePI. By Using the builtin disk restore tool in Fedora it makes this process much easier and the image does not need to be extracted, Linux will do it all for you.

Fedora > Disk > Write image to disk

We will then connect the OrangePI straight to our wi-fi router by using an Ethernet cable.

We will then search for the OrangePI on our home network by using IP scanner such as Angry IP Scanner.

Once found on our network we will connect to the OrangePI by using SSH in Linux Terminal. Open up terminal and type the following”

ssh -l orangepi 192.168.X.X

The -l (lowercase L) is the main login username, in this case orangepi

The user name is orangepi and Password is orangepi.

We accept the security token granted to us by initiating the SSH and enter our password: orangepi

We should be in, orangepi@OrangePI will appear at the top of your terminal, we are now an extension of your OrangePi!!!

 

You must sudo all commands!

 

The order is specific. Resize, update first, add xrdp & then upgrade

Resize the partition to use the extra space

sudo fs_resize

sudo reboot

 

We then update the system.

sudo apt-get update

 

in the vid it goes very fast but you need to install the RDP package onto the Orangepi. This is so we can RDP from windows or Linux box.

sudo apt-get install xrdp

 

Now these OS’s are tricky and you may actually have to run these commands a few times for it to start.

After you have installed xrdp and have the system updated then we need to upgrade the OS.

sudo apt-get upgrade

 

From here we can reboot the system.

Next we can RDP into the OrangePi still using the Router Ethernet connection.

We have now set up the OrangePi to be used by both SSH and RDP. At this point you should be able to try to install the WiFi adapter, this will probably need more research.

You can use lsusb to list the devices in any USB port.

lsusb – list usb port devices

ifconfig – list network connections seen by the OS. Hint.. If your new connection is not listed here then its not seen.

 

 

Final thoughts.

I did not try this with the OrangePi version of Android.

First the images seem to not be consistent in design which also affects the hardware, depending on OS version USB or Ethernet ports may not be available.

I also ran into issues after installing the OS and my first boot if I had attached a USB WiFi adapter.

So in conclusion I was not able to make a concrete way of starting Orange PI for beginners BUT I have developed a way of approaching your first install, this method worked 8 out of 10 times.

The OrangePI may not be reliable as a Pi PC but you can still get it up and working to run some small projects. I have mine set up as a web server running Damn Vulnerable Web Application which is a pen test site where you can practice hacking

Also this is my first YouTube vid made from screen recording software so please be kind! hopefully in the future I will have more experience on making such vids. I am sure there are errors here as i threw this together quickly, sorry ?




AMAZING WORLD WE LIVE IN. – MYTHO’S PIC’S

January 2, 2016
Mythos-Pictures

wp-1452258113314My local Bubble Tea Shop’s WiFi password ?

ALLOW ME TO INTRODUCE MYSELF I GO BY THE NAME MYTHO.

January 1, 2016
Uncategorized

I’ve been around a very long time. I retired that hacking name in 1998 and now will resurrect it again for this site.

Mytho, when I was a teen, meant to me a combination of Math, Mythology & Methods.

It’s a new year and a few nights ago I had a dream in which I launched a more immersive types of tutorials. My future post will hopefully be about computer hacking, Spy Trade-craft & hardware hacking such as Pi’s. I currently use the Orange Pi, The Raspberry Pi and the Arduino.

I had my first server and website as a teen in 1995 after receiving a large settlement, was very expensive back in those days and lots of people didn’t even know what a server was and how to obtain a domain name back then. Since then have hacked around, although hacking times back then were much easier now we have Intrusion detection devices and more advance firewalls to deal with.

My first IT position was in Washington DC and I have been here ever since working in some of the most secret areas.

So lets start vanilla, My first few tutorials will be about hardware hacking the Orange Pi because newbies say they can’t get the Orange Pi to work or they can’t fully use them and I agree.

-Mytho