Jump to content

Search the Community

Showing results for tags 'Aircrack'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Talk
    • Everything Else
    • Gaming
    • Questions
    • Business and Enterprise IT
    • Security
    • Hacks & Mods
    • Applications & Coding
    • Trading Post
  • Hak5 Gear
    • Hak5 Cloud C²
    • New USB Rubber Ducky
    • WiFi Pineapple
    • Bash Bunny
    • Key Croc
    • Packet Squirrel
    • Shark Jack
    • Signal Owl
    • LAN Turtle
    • Screen Crab
    • Plunder Bug
    • WiFi Coconut
  • O.MG (Mischief Gadgets)
    • O.MG Cable
    • O.MG DemonSeed EDU
  • Legacy Devices
    • Classic USB Rubber Ducky
    • WiFi Pineapple TETRA
    • WiFi Pineapple NANO
    • WiFi Pineapple Mark V
    • WiFi Pineapple Mark IV
    • Pineapple Modules
    • WiFi Pineapples Mark I, II, III
  • Hak5 Shows
  • Community
    • Forums and Wiki
    • #Hak5
  • Projects
    • SDR - Software Defined Radio
    • Community Projects
    • Interceptor
    • USB Hacks
    • USB Multipass
    • Pandora Timeshifting

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


AIM


MSN


Website URL


ICQ


Yahoo


Jabber


Skype


Location


Interests

Found 15 results

  1. Hi all, Does anyone know for definite whether the Ralink RT3070L chipset supports packet injection, for use with aircrack-ng? It's the chipset present in the ALFA AWUS036NH (The one with the green-tinge). Correction - That Alfa uses the RT3070, but I'm looking at the RT3070L chipset. I appear to be finding conflicting information across the web, or only finding results for the RT3070, not the L version. The aircrack-ng site doesn't appear to list the chipset. The last poster here seems to hint that it works fine. The RT3070 is listed here as good for wardriving, but it doesn't mention the RT3070L. Etc. Just need a definitive answer before I buy something that uses the RT3070L chipset and end up disappointed. Thank you.
  2. I started dabbing with Aircrack-ng and was wondering if there were any PDF guides with all the available methods of using the module. I searched around but nothing notable to my liking. Anyone have anything good?
  3. Hello people, I was recently doing some work with those VEX Robotics wireless control robots and I had some ideas about packet sniffing attacks, replay attacks, man in the middle attacks, and de-authentication attacks. The robots use the Vex cortex, which has a wireless adapter through a USB port, it says that is is 2.4 GHz, and another USB wireless adapter is plunged into a controller, like a joystick. My school did a competition with these robots, and it ended last week, now we are doing another thing just as a school, they said we were doing battle bots. When I did some research I hadn't seen anybody do anything like this and I though I would look into it. When I was doing research I found that, the robots don't use any encryption it is end to end, the controllers or create there own network an access point that the robot connects to, the network it creates is hidden it does not broadcast its SSID and has to be pared with the cortex, they are 2.4 GHz, they all have independent channels or mac addresses (many can operate at the same time without interference). The first thing I though of would be a deauth attack, where I would send out deauth frames to disconnect their robot from the controller from the cortex leaving their robot powerless, I was tinging I could do this with Aircrack-ng, put my wireless card into monitor mode with airmon-ng, find the mac address and channel of the robot with airodump-ng, deauth with aireplay-ng. The next attack I though of was if I could intercept packets from the remote to the cortex and either replay them to keep doing an operation or send in my own by finding out what commands correlated to what packets and injecting them while impersonating the robot. I have not done much with packet sniffing/replay/injection if anybody knows anything on how I could do that? or if anybody has done anything with these robots? or if you have any ideas on wireless attacks? I am all ears and I would love help and suggestions, this seems like a really cool project. I would love to hear your thoughts, thank you
  4. Hi, ive recently bought a Gl-Mt300a, running openwrt(OEM). I've installed aircrack-ng and it is running just fine. One thing I've noticed is while running aircrack is that the MT300A appears to be advertising a hidden SSID using WEP. My question is... is this a quirk to openwrt running aircrack or is this a hidden back door?
  5. I am having some trouble with the Alfa AWUS036NH. When connected to a raspberry pi 3 with kali 2017.1 it will not capture handshakes as well as not showing associated clients. The adapter can find APs but that is all. airmon-ng is showing the adapter running driver rt2800usb. I have tried "airmon-ng check kill" prior to monitor mode with no luck. Also have tried "apt-get install firmware-misc-nonfree" which is supposed to help with rt2800usb issues on a rt3070 chip. I have tried using the adapter on a full install kali x64 2017.1 machine install and all appears to be working plug and play. I have searched the raspberry pi, kali, and aircrack forums but have yet to find anything with a working solution. (most threads were dead before solution was posted) Any help with this issue is greatly appreciated!
  6. Been playing with Site Survey module and pop over on SSH and run aircrack-ng <capfile> -J <hccap> And it seems to run OK. But over on the hashcat rig (3.20 Ubuntu server 16.04.1) fails with a incorrect epol length. Copying the cap file over the the hashcat rig and using AC (v 1.2 beta 3) there works perfectly. The Nano's AC version is 1.2 rc2 (my kali box is 1.2 rc3, which also works)
  7. So yesterday it occured to me that I've never actually cracked a WEP network. I've heard that it's extremely easy, so I figured I'd give it a try. From what I was reading I seen you needed clients connected, and they needed to be active. I took an old router with DDWRT on it and dropped it to WEP encryption and added three clients and booted up a Kali live cd. Step one: I put my card into monitor mode. (It's the ALFA NEH from the Hak5 store) Step Two: I ran airodump to start capturing the packets. "Airodump-ng -c 1 -w WEP --essid Fallen wlan1mon" (And I also tried everything again using BSSIDs, but no difference.) Step Three: Wait for IVs. Step Four: Speed up the process. A.K.A. Where the problem starts. The first step was to run aireplay-ng -1 0, I believe this is some sort of fake authentication. I got the message "Sending authorization request" over and over. One had (ACK) beside it, the rest said (OPEN). Next I needed to run aireplay-ng -3, which was supposed to look for or create ARP packets I believe. Unfortunately, It was showing that it was reading tons of packets, but never found a single ARP request. Considering by this time I only had about 200 IVs, I figured I was doing something wrong. So I decided to use automated tools to see if it worked. My first try was my beloved Wifite. "wifite -c 1 -wep -e Fallen" It gets all the way to the actual attack. Here it tries about seven different types of attacks (Chop-Chop, Fake Authentication, Ect) All of them fail, and by the time it's done I have about 19 IVs. Just for the heck of it I also tried to use the Fern-wifi-cracker, which wasn't any different. Thinking maybe it was either y laptop or the card causing the issue, I tried the same steps on my NANO. I used wlan1, and then also tried the NEH again. Can anyone tell me what I'm doing wrong here? Thanks. If you need any more information just let me know.
  8. Ok so I'm kind of sad right now. I figured the Nano would have been like the original, with the ability to get modules and everything. I had no idea they would have to be rewritten. Anyways, I guess my question is: are modules that were available for MKIV going to be available eventually for the Nano? I've seen Evil Portal so far, but (no offense to the dev) I'm not really looking for that. I would love to see reaver and aircrack-type modules. I was so excited to be able to use reaver. I'm a big fan of pen testing (but i am still new to the area). I love working in Linux (i just started using Kali, but I've been using Mint previously). Another quick question too about my nano being connected on my laptop. I use a Bootable USB drive to run Kali. Not sure if that matters, but i finally got it to where i can have my wifi connected to my computer and my computer connected to my nano, but my computer doesn't seem to want to share my connection to the nano. I've done as much research as i could from these forums and have tried multiple IP combinations. My home connection to my wifi router is the generic 192.168.1.1. And the default for the pineapple I'm assuming is 172.16.42.42. But is that the pineapple IP or it's gateway? There's a couple 172.16.x.x IPs I've seen now and one is .42 and one is .1 so does the nano have a gateway? Or is it my ethernet port that is the gateway? Also, the default in wp6.sh for my computer's IP (Host IP) is a 172.16.x.x....why? I'm running a 192.168.x.x network on my router. Is that just the way pineapple sees me cuz of the gateway? My port for the direct connection usb connection is eth1 i believe. But there's also an eth0, which i have no idea why i have a virtual ethernet port. Probably has to do with me being on a USB-run Kali. But the default when i run wp6.sh is eth1. But when i change it to eth0 it stalls on me and nothing happens. So I've tried a bunch of different combinations between IP addresses and eth ports. At least i know my wireless port is wlan0 lol (Also i just thought about this, i do have a USB hub which connects up to 4 USB 3.0 connections, and i am running both the pineapple and Kali through that hub, which leads to the same usb port on my laptop. ..hmmm maybe that's a problem. ..) Anyways, sorry for the long read, i would just appreciate any help i can get. It works fine when i tether into my phone though. No problems there....just a drag i can't run reaver :'(
  9. I've implemented a mark V+airodump to sniff the wifi enabled devices inside a big room. I'm using the information gathered to calculate the # of people inside this room at any given time. (I analyze and dump to a db the csv files generated by airodump) My problem comes from the fact that airodump csv files sometimes do not reflect correctly the first time and last time a probe has been transmitted by a device, also they just show the last transmitted power detected of each device (you can't see how the power fluctuates with the time). Besides this issues, the csv files also include the information of nearby access points + devices detected and when you have a large number of devices or access points, processing this csv file is a little bit resource intensive. I'd like to know if there's any other tool where I can get the information of the sniffed probes in the same format used by Meraki's routers (they provide an api where you can get the info of the probes detected by the router and dump it directly to a db without any ETL process). They follow the next format: { "deviceID":"UUIDofTheAP",<-you can define it using an external cfg file "mac":"mac address of the device detected", "timestamp":"timestamp when the probe was transmitted", "pwr":"transmitted power detected", "ssid":"name of the ssid the device was looking for" <-if present } Having this info directly posted to a server using POST would be great, otherwise just having a plain text file with the json would resolve my problems. I've been looking in the scapy documentation but I don't know if is possible to develop something using python+scapy to get the probes in the way I need them. Any guidence would be really appreciated.
  10. Hi all, I am working on a project that spoofs the geolocation of devices by faking MAC addresses from another place through wifi signals (somewhat similar to this). I have a Raspberry B+, connected to an Alfa AWUS036NH running in monitor mode, connected through ETHERNET with an MBP sharing Internet connection. I am currently able to use Aircrack + mdk3 to create multiple (encrypted) AP within a list of fake MAC addresses, using: sudo mdk3 wlan0mon b -v LIST.txt -g -t And this works perfectly. However I also want, at the same time, to use the same wireless adapter to create an AP (with a hand-assigned MAC address) that shares the internet connection the Raspberry shares via ethernet. Thus, both as a router, and as a "fake AP generator". Is this possible? If not, any ideas of what would be the best workaround? I am doing this for test purposes. The spoofing did not work well only faking unconnectable signals, but my theory is that by also creating an actual access point with a fake mac address, the setup will work better. Thanks in advance. LG.
  11. Hey guys, I'm new to the hacking scene, been doing small tests like using metasploit, imbedding meterpreter sessions and ssh'ing into machines for fun. But I've recently focused on Wi-Fi hacking, and been having alot of fun with it. But however, I've come across this one hash that does not want to go down. No matter how many wordlists I throw at it, not matter how many different combination rules I throw at it, this hash REFUSES to bite the bullet and just give in. So, like any responsible penetration tester, I've decided to turn to the group's forum that got me interested in hacking in the first place. If anyone wants to try their hand at cracking it, I can send it via Skype, just ask for my contact info. Thanks!
  12. Does anybody have any helpful information regarding capturing a password attempt to access my own wifi network? So this is before the user even logs onto my network, I want the ability to see what passwords the user is trying. I am thinking about hacking an open source router which I may need for this to work? If anyone has any information regarding this that would be very helpful, I have wireshark but the question is specifically about the initial password attempt to access the wifi network. Thanks!
  13. Hey guys! I present you, Automator!, A module that automates attacks such as Deauthing and Karma, and more on the way! It asks you for a few options on each attacks then commences the attack. Features : -Automated attacks -Install packages that are needed -Add and Edit profiles for attacks -Blackout Attacks - Disable all LEDs, enable stealth mode and select an attack! Coming soon : -Edit back-end scripts to suit your needs -Add community attacks/automations to the module -Auto-detect wifi cards -Reaver Automation Sneak peak :
  14. After watching a couple videos of using the aircrack-ng suite covered in both Ubuntu 12.04 and BackTrack 5R3, I was intrigued to try this on my own network. I have installed the most recent application and got to work. First Terminal: airmon-ng start wlan0 airodump-ng mon0 airdump-ng "My Network" --write file (started capturing) Second Terminal: aireplay-ng -0 3 -c -a mon0 (error occurs here) Waiting for beacon frame (BSSID) on channel -1 mon0 is on channel -1, but the AP uses channel 11 I've tried to look up solutions, and one was to patch the compat-wireless driver. I did so, and still get this result. I've read that I need to start both airmon-ng and airodump-ng with specific channel associations, 11. I do this and still nothing. While I am airodumping, the terminal lines running state my channel is fixed to -1. CH 11 ][ fixed channel mon0: -1 I like to use Ubuntu for this rather than BT5R3 because its a little better in my opinion, but I get the exact same issue using it. Either way, if there is some solution, it would be much appreciated. Asus K53E Intel i5 Processor 8GB Ram, 500GB HDD AR9485 Wireless Network Adapter Ubuntu 12.04 & Windows 8
  15. You should hit update inside your WIFI-CRACKER or use the source below that has also been updated... UPDATE 3 : v1.2.3 is up and running with a couple fixes here and there since 2012... UPDATE : This is the new WIFI-CRACKER v1.2 where many things have been fixed and a few added. New functions include a updater and a packet sniffing menu. Same download link as before and you won't ever need to physically use it ever again ;) . Since this is my favorite IT show and because it inspired me to learn about wifi and write this script , I've decided that I will first post my WIFI-CRACKER script on those forums. WIFI-CRACKER is a Script that automated the hacking of wifi networks. It's completely created by me, in fact I made it today. It's a proof of concept and was created for educational purposes (since I was learning about wifi). I am planning to make it much more than cracking your neighbor's WIFI because honestly that's would be too easy for anyone on here. Currently, I want to add some more cracking options to the script as well as a DAuth menu. I'd appreciate if anyone wants to contribute on this project. Features : Mac spoofing with macchanger Target scouting with airodump-ng Cracking WEP and WPA/2 (with aircrack-ng and reaver) Debugging menu for fixing bugs Lots of small stuff to make the script as good as it can be Packet sniffing menu with tshark and wireshark *NEW* Updater function *NEW* Resume previous WPA hacking session *NEW* Fixed check_internet() Download link : Download Here Source code *UPDATED* :
×
×
  • Create New...