hapster

My router is a Linksys WRT320N. As for the access point, I'm not yet sure which one to get.

Hello. I've recently acquired a wireless router and plan to extend the signal of my network to other places in the vicinity. I was wondering if it was possible to do this extension using a wireless access point. If so, how should I configure both devices so that the router is the one hooked with the modem and the access point connects to the network created by the wireless router and extends the signal? *I'm using Ubuntu to configure my wireless devices. Thanks in advance.:)

nvm. lol.

My mistake... I see html now. Only it's in the line-based text data portion of a sniffed http packet. How does wireshark get this data?

I see. It also seems all sites I try to visit and sniff packets from my own machine are encrypted. I can't even see html content in plain text. Does this mean the demos done here in this show such as the pineapple router are already rendered useless? Or is it just me and my machine's settings that causes me not to see html data from the packets that I sniff from my machine.XD ?

Hello. I've been playing around with wireshark and arpspoof for some time now and I've seen some packets with cookies in them however, these cookies don't seem to be in plain text. For example, a packet contained this cookie: userinfo=a%3A8%3A%7Bs%3A8%3A%22 ... and so on... Does this mean that the cookies are encrypted? Seems like hash to me.. Can I still make use of this information?

oh that. I thought you got pissed by my question of it being client mode.XD I apologize. haha. Yeah...you're very right about that. What's even more sad is that they're mostly the big decision makers...lol Hacker culture is so twisted nowadays.:|

Come on. I was just making sure.XD Quite shallow to get pissed off on something like that.:| Patience...XD I don't consider it black hat hacking. Just exploring the possibilities.XD

So let me get this straight. "Cleint mode" means using the wireless router as your wifi adapter? :D Haha. I hear ya. I'm currently working on a system as part of my college course that involves inventory control and reporting stuff. BORING. It eats up my time to program stuff that I really want to. hehe

Yep. That's what I'm trying to do. Thanks for making it clearer. Will look up on it. Any reference you would recommend in doing such a thing? Like controlling the router through the command line would be cool. haha. Never been a hardware guy. haha. Trying though.

haha. If you want an easy language and if you're into networking, definitely go for Perl. It has all the tools you need to administer your network and quite easy to read (you could learn Perl in a day). You could even build a packet sniffer with only a few lines of code!:D Linux+Perl is a network admin's best friend and strongest weapon.XD

As tempting as it sounds, I'm more on developing my own tools. Even if people say it's like trying to reinvent the wheel, it's quite an adventure. haha. I'm working on packet sniffing, analysis and mitm stuff...all command line and in C/C++.:D I just need to get my concepts straight in terms of networking. I did try BackTrack. It's fun. But it's more fun to code and see your product work. haha. Anyway, thanks again.:D Much appreciated.

LOL. Working too much? haha. joke. Ok thanks.:D I will try it out soon in my home network.:D

Thanks for your reply. But what I meant was can I connect to the network from my laptop via ethernet by connecting it to the access point that is associated with the encrypted wireless network? Does it automatically bypass encryption since the wep/wpa/wpa2 encryption only encrypts packets for devices connecting to it wirelessly? I might have not understood your reply that much.:P For an illustration (a rather messy one): For example, this is my home network setup: Wireless router connected to modem. <-- another router turned to an access point connecting to the network <-- laptop connected to the said access point via ethernet Hope it's clear.XD What are your thoughts on this?

Hi. I was wondering if this scenario is possible: *I'm still a bit rusty when it comes to networking so bare with me if it's a stupid post... What if you have a wireless router that can be converted to an access point. You associate the access point with a network encrypted with WEP or WPA or TheNextBigEncryptionForWifi. Then you plug-in an ethernet cable at the back of your router (that you set to act as an access point) and hook the other end to your laptop. Will you be able to connect to the network the access point is associated to?

Not to start a fire or anything, but most people on the Internet aren't quite "1337" when it comes to english. They'd post stuff thinking they know it all but when "your" should be "you're" you start to think what went wrong with the education system. I'm just saying, work on your english.:D Computer people should be intelligent. Don't disappoint the public now..XD

LOL...Epic fail!!! hahaha. Good one.:P

I don't think that's possible unless you can redirect traffic to pass by you first (some man in the middle process). Other than that, you'd have to hack the server I guess?O_o

hmmm..but their login page starts with http. I may be mistaken but can I assume they're not using ssl because of this?

Not really sure. How would I know? I tried nmap-ing the server but just got http 80 and other weird ports open. I think this kind of reconnaissance is quite blind. It's like trying to gain network access with only "can connect to network but keeps being redirected to login page" as your only info..XD

I think simplest and easiest is quite subjective given the different syntax that different languages use. For me I'd say C++ over Java because I've been working with it longer. Java is technically easier than C++ but hey...there's always that language a programmer starts with and comes to love. It's like...there's no place like home... haha.

Curious, if you spoof a MAC address of another already logged in will that automatically assign the IP to you? Or will you have to do some extra hacker stuff to get that IP.

LOL. Wasn't really looking for that kind of comment but thanks anyway. Yes WEP is weak. But believe it or not, most if not all the networks here at my country are using WEP for encryption. Ignorance is never bliss. hehe

But all I see are ARP packets. How do they do that? It's probably just my sniffer but is it possible to see other tcp packets when you're connected to the network but not logged in?

Hi. I was wondering which of the following network security architectures/designs is safer for wifi hotspots (in coffee shops, malls etc...). The first design I've encountered was where you could connect without any WEP/WPA authentication to the network but everytime you'd try to browse any pages in the Internet with your web browser, you'll be redirected to a login page. In order to login, you'll have to buy coffee to be given a randomly generated username and password (I'm assuming it's random. hehe) or you could buy user name and passwords for certain time lengths. The second one simply uses WEP/WPA encryption before you can access the network. For the first design, when sniffing the network (since you're already connected and assigned an IP address, all I get are ARP packets and other weird request packets). The next question prior to which one is better would be what are the security issues that involve both designs? Well ok, we all know there are ways to crack wep/wpa, but what about the first one? Will you have to hack some database where those user name and passwords are located? I'm not that knowledgeable yet in network designs and terminologies so all these are based from experience and curiosity. :) Hope to hear from your thoughts. Thanks