joeypesci

I worked in the public sector for a few years. I told the networking team "You do realise the WIFI is running WEP still. The people in the flats over the road are probably having a whale of a time." They said "What do you mean? It's 128bit WEP, they won't crack that". I looked at him in shock, shook my head and walked away. Fools. A year or so later they finally installed a radius setup.

"(but what defines a bad default?)" A default that is bad :) Ba da boom! I'll get my coat :)

I guess it has it's uses then :) Also I see a lot of people using the green text on black background to look old skool. It could be wrong, but I read an article some years ago that the reason CLI's moved away from this setup was they realised it was bad for your eyes.

Thanks for the help. God darn it's a pain in the arse and so awkward. Why do people like Linux? Anyway, while searching for an answer I decided to install backtrack 4 on the eee 1000 anyway. Now in I've done the following and got to the USB. This is for anyone else with the same question. Went into the gui to do all this: startx run and Konsole session. while in root@bt:/# I typed the following: sudo fdisk -l shows a list of the plugged in devices. Mine is an 8GB stick so worked out it was the 8019mb one which is /dev/sdd1 So then did mount /dev/sdd1 /mnt/pen cd /mnt/pen ls and there you have all the files and folders on the USB drive. Fing finally. I know backtrack 4 isn't a Linux distro that is suppose to be for new people to Linux but are all Linux distros this unfriendly? Why is the command line used so much in Linux? That's going back to DOS days, I thought we'd move on from there hence GUI's were invented. Anyway, thanks for the help. With the advice above and your links I've found the answers. These links helped http://www.cyberciti.biz/tips/linux-how-to...lash-stick.html http://www.linuxforums.org/forum/redhat-fe...mory-cards.html

Thanks but neither shows me how to access the USB drive. And trying to find the answer to that on their forum is a nightmare. I've booted backtrack from the USB and can't find the command that allows me to look at the files on the USB drive. So I can install the file. This is why I hate Linux.

Don't know how anyone copes with Linux, does my head in. But experimenting. But for the life of me can't work out how to access the USB drive I have plugged into the laptop. I've booted Backtrack 4 from this USB stick yet now want access to it, to install software that is on it for Backtrack 4. I've spent an hour trying to work out how to fing get access to it. They don't make it easy do they? Or am I missing something :)

Stuck up a Youtube vid of me doing it http://www.youtube.com/watch?v=ROGjDcUdsLg And you can see there it took 17mins just to crack WEP. Set to 64bit and my ALFA was sat next to the Linksys I was cracking. But it wasn't until it hit about 20k packets that IVs appear to start racking up.

No I believe the -3 is the ARP request relay attack. -0 is the deauth. Thanks for the reply though.

I forgot I had this cable I wonder if it would work. It was used at work to connect to the switches console.

Ignore last past I've just looked further up :) oops.

Messing about in my lab with my Linksys WAP54G set to WEP 128bit. I've loaded Backtrack 4 in a VM with my Alfa sat right next to the Linksys. I do the following once I've got the BSSID etc and done airodump-ng: aireplay-ng -1 30 -h 00:11:22:33:44:55 -a 00:02:6F:33:BC:BE mon0 Then aireplay-ng -3 -h 00:11:22:33:44:55 -b 00:02:6F:33:BC:BE mon0 I get this issue Now I forgot to take the screen shot before so I've just started it again to get it. It authenticates with the AP just fine as you can see. This gets kept alive everything 30 secs (did that because it seemed to kick up the data counter really quick, I could be imaging it having that affect). Then with the -3 attack as you can see in the picture it appears to go up and up but no data is ever created for capturing. It appears to take ages, sometimes I have to wait till it gets to something like 20k packets or more before data starts running through it. Is this a signal issue or something else?

Ordered. Thanks :)

Nokia cable has finally turned up. Do you have a guide for cabling it up for the Fon+? I assume I start by chopping off the end that connects to the phone? :)

That works thanks but also wanted to fix this problem, which I now have. Found an old copy of Cain and Abel amongst my files which had WinPcap 4.02 on it. Installed that and now it's working fine.

http://maplin.co.uk/Module.aspx?ModuleNo=97700 would this fit the Alfa? I'm not sure on the connector.

Uninstalled and reinstalled Cain made no difference. Uninstalled and reinstalled all NICs and WIFI NICs made no difference. Compatibility mode, also makes no difference :(

Don't think it's possible unless the VM is of a Linux system. I think it might be then but not sure how. Do you want to just turn a VM into a physical machine? If so, I think VMware Converter can do that. I know it converts physical boxes to VM as I used it on my torrent box but can't remember if it does it the other way round as well.

Thanks. Looked through that but it doesn't tell you things like what aireplay-ng -3 -b what those -3 and -b etc mean. Although think I can find that out on the help of aireplay-ng Having an odd issue tonight cracking my own AP again. All setup the same as before yet when I send out the authen packet it refuses to authenticate and just goes on until it gives up and says that attack failed. Yet oddly it worked fine the other night. I like that attack as it then appears to make the data go up really quickly even though there is no one on my AP. EDIT- Although the MAC filter section was set to disabled I hadn't actually pressed save so it was still active even though it showed it as disabled, even after a reboot :) Took off MAC filter and cracking is working again.

It maybe cheaper to hire a small van and go on the road. If you hired a mini van you could even, possible setup inside the van. So you pick up the PC from the persons place, either take it home and repair or repair it in the van. That way, you don't have to pay rent for the store. If you then become big, you can get a store.

A few in my area that although set to WPA or WPA2 are still set with their default name. A friend of mine, in her area where she use to live knew an engineer who'd setup WIFI for local people. What he wasn't telling them was because he was setting the password for them and not suggesting they change it later, he'd use it to hop on later to surf the net for free. Naughty. It's also possible some of them are honey pots.

You obviously didn't read the first sentence then oh arrogant one. I pointed out it was illegal. And you comparing it to stealing from a store then bringing it back is the wrong idea. You could of said breaking into a store and leaving them a note at how easy it was. But yes, would be stupid. But I think the point is. Breaking into a store is a physical thing so no one is going to do it. However, a teenager sitting in their room breaking into their neighbours wifi more than likely happens. It requires no violence or physical access. So it happens. The point was to make people aware of this. I guess the note idea would be a poor one. Although no violence is involved I think the worry factor would be the issue. It would then make people worry, feel like they have been monitored. Violated if you will. In a small way, like a burglary when you're out. You don't know it's happening, you're not there, but feel violated when you get home and realise someone has been there. I guess the best course of action would be to leaflet the street. Again, this was a hypothetical question and not to be taken so seriously as you seem to have.

We all know how WEP is easy to crack and all and, in England at least, cracking someone's WIFI without their permission is now illegal. Even going on someone's unprotected WIFI is illegal unless you have consent (I could be wrong about that one as some devices just connect automatically to WIFI if it's unprotected). There was a case in 2007 in England for someone being busted. http://www.hackinthebox.org/modules.php?op...r=0&thold=0 However, this is a hypothetical question. If, in your area, you saw a lot of WIFI setups using WEP and you cracked them all. Would you then, as an ethical hacker and not knowing which house which router is in, leave well alone or, attempt to get onto a PC/laptop that was on that network and leave them an obvious note, explaining to them how insecure their WEP WIFI is and that they should change it. If possible, leaving them instructions on how to do so for their specific router? Explaining how to update to WPA or WPA2. It's an interesting question I thought. You want to help these people protect themselves, but have no way of contacting them. The other idea would be to just leaflet the whole street, explaining to them how insecure WEP is and anyone who has it setup and would like help updating, you'll offer your service at a reasonable rate :)

Thanks. I've reported it now. Whether they'll bother to take any action is anyone's guess.

Yeah was thinking that although you'd have to do it when they (the device you're spoofing) weren't on the network.

Thanks. Thought it might be the case.