hack
Aircrack-ng
Aircrack-ng is a set of tools for auditing wireless networks. These tools can recover 802.11 WEP and WPA-PSK keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools.
Last year i walked you through installing the Aircrack-ng suite on Ubuntu Linux.
We will be installing and using just part of the Aircrack-ng suite, airmon-ng. This will allow us to put our wireless card into "Monitor" mode.
Wicrawl
Wicrawl is a simple wi-fi (802.11x) Access Point auditor with a simple and flexible plugin architecture. The plugins allow us to find out useful information about an AP so we don’t have to manually check each access point. Plugins are implemented for existing common tools, and new plugins can be written in any language. Wicrawl is able to use multiple cards, and eventually will be able to use multiple computers.
The goal is to automate the tedious task of scanning wi-fi access points for interesting information. This can be a useful tool for penetration testers looking to “crawl” through massive numbers of APs looking for interesting data. Plugins will be everything from DHCP and nmap to aircrack or hooks to move a motorized directional antenna around.
The guys over at Midnight Research Labs stopped development back in 2007. Being a bit out-dated, it wouldn't compile on the latest Ubuntu without a couple tweeks. I replaced the entire source code in the Aircrack-ng plugin folder with the latest SVN (as of this post). I also had to add a header file to the discovery folder to help it compile.
I went ahead and tared up my folder with all of these edits so you can easily compile it on the latest Ubuntu Linux (9.10 as of this post).
In this video tuorial, i walk you through installing Aircrack-ng as well as Wicrawl.
SSL Strip
This tool provides a demonstration of the HTTPS stripping attacks that was presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial.
In this article i will walk you through installing SSLstrip along with ettercap and perform a MITM attack.
Teh haps'
Thu, 09/02/2010 - 12:53
Tim tweeted "RT @To_Japan Anniversary campaign: just RT & win a FREE TICKET to Japan! http://bit.ly/IACE40EN #IACE40th" 12:53pm#
Tim listened to Easy Star All-Stars – Lucy In The Sky With Diamonds 1:35am#- Tim listened to Easy Star All-Stars – With a Little Help from My Fr 1:32am#
- Tim listened to Easy Star All-Stars – Sgt. Pepper's Lonely Hearts C 1:26am#
- Tim listened to Gorillaz – Pirate Jet 1:18am#
Mon, 08/30/2010 - 17:17
- Tim listened to Atmosphere – Wild Wild Horses 5:17pm#
- Tim listened to Atmosphere – Free or Dead 5:12pm#
- Tim tweeted "Listening to Burningman via Black Rock Cities official radio station, BMIR 94.5 - http://bmir.org/" 4:48pm#
- Tim listened to Atmosphere – Cats van Bags 4:43pm#
- Tim listened to Atmosphere – Sound Is Vibration 4:39pm#