vector
-
Posts
614 -
Joined
-
Last visited
-
Days Won
2
Posts posted by vector
-
-
Hi vector,
Nice work! I have been thinking of doing the same thing. The Thinkpads come with a WWAN antenna mounted on the side of the LCD lid. I was thinking of modding one of these to hold the antenna then mod my Comfast RTL8187L 980000G external to fit under my SSD.
does your comfast have an external antenna connection already? i like using half mini or mini pci-x cards they take up less space and its simpler too run the u.fl to rp-sma pigtails through th inside of the case. there's plenty of half minis and minis that will run at 30dBm/1000mw.
-
Hi everyone,
Does anyone know if a fractal antenna placed on the back of the LCD cover would offer better reception than regular internal wifi antenna?
Thanks
zog
it would depend on the fractal design and qualityof th3 build of course. you could do like i do with all my laptops and get a u.fl to rp-sma center-pin pigtail and drill a hole in the laptop casing andinstall it so you can add any type of external antenna you want anytime. some links to the pics.
https://www.box.com/s/qkc4ptntmhdi7nu1srfr
https://www.box.com/s/axitk5k8fv152vdcars8
i even modded my mk802 devices the same way, however those did require soldering.
https://www.box.com/s/sj3pdi0sttrqsir778q5
-
Hi everyone,
Doing a rebuild of my Lenovo X61 into a Kali Linux "Uberbook", and I am looking for recomendations for the internal NIC. I have a modified BIOS that will allow me to install any internal NIC that I want. Ccurrently I am running a Atheros Ar5B195 w/ Bluetooth 3.0, however, this card is not a "true" wifi N in that it lacks the connector for the third antenna.
Any suggestions?
Thanks
zog
are you looking for a mini or a half mini card?
-
fixed it, went to developer options and selected "adb over network"
adb tcp and adb usb are very different. it seems that the problem was you were running the script and then plugging in the victim device. enabling adb over network will have no effect at all when using the usb otg cable.
are you verifying the device is connected with the command 'adb devices' from the host device terminal?
you could however connect to the victim device over the same wlan using the 'adb connect <ipaddress of victim>' and then run the 'run.sh' script or any of the single scripts from the p2p-adb package.
-
Thanks for all that. I will be watching your blog for sure!
Since the Alfa card uses 5V, would I need a battery with a 5V output? Could you supply me with the model you use, since it works for you.
For the Y-cable, could I just get this? http://hakshop.myshopify.com/products/usb-powered-hub
The battery would be red, Alfa on black, and then phone on other side? Would it matter which female adapter I plugged it into?
EDIT: I was looking at that cable a little more. Would the Alfa card go into the mini port, and the black on top would be my tablet?
ok if youre having trouble figuring out how to even connect the usb device to your nexus then youre really gonna have trouble getting getting it to work. first of all you need an otg (on the go cable) for the nexus. you can get otg Y cables that will allow you to provide external power while still hosting a usb device.
www.ebay.com/itm/Micro-USB-Host-OTG-Cable-w-USB-Power-FAST-Same-Day-Shipping-/261215779847#vi-content
this is what you should get for your nexus7. you must make sure that its an otg cable or else your device wont work with your android.
-
So basically , I have to use this python script along with reaver? And by the way , I use BEINI OS to use Reaver , Although reaver is a discontinued project. How do i use the python script along with reaver and Is it effective ?
yes you must have reaver installed in order for wifite.py to do any WPS cracking, otherwise it will default to the aircrack-ng wpa cracking methods and will try to deauth and capture handshakes.wifite is just a script that will automate tools in reaver and aircrack-ng. check the wifite.py --help for more commands and options. wifite wont do anything that reaver cannot.
-
I use Kali as pirmary OS, and following this tutorial I can't manage nr.9 - This is the error How can I solve it?
first of all that version of compat-wireless is really old, in fact its not even called compat-wireless anymore its compat-drivers. and second of all you shouldnt need to install drivers for your ar9271 it should work plug and play. if for some reason it doesnt then get a more recent version of compat-wireless or compat-drivers and make sure you have your linux-kernel-headers installed. you need to have your kernel headers before youll be able to compile/build modules with compat-wireless.
uname -a in the terminal will tell you your kernel info then you can install the headers with apt-get or synaptic or whatever you like.
-
i just used the asterisks as a wild card for the iface number because if you have more than one going at a time the numbers will change. its funny that youre still getting mon0 when you use airmon-zc. everytime ive ever use it it always gives me a wlan0mon instea of a mon0. ive got tons of different wireless adapters/chipsets so im always messing around with different drivers and chipsets
also which card are you talking about? how could it have a prism chipset and a ralink chipset at the same time? ive never seen anythig like that. i do however have a couple of old linksys rt73 usb b/g cards. mineonly have a single chipset version and i use the rt73usb drivers with them.
Not sure what you mean by wlan*mon vs mon* but when I run zc, I get a wlan0 in managed mode, and a mon0 in monitor mode on my laptop. Mine has an internal nic, but I don't think that makes a whole lot of difference. Only time I had different names was my old rt73 linksys with the prism chipset and would come up as rausb0, when I used the different drivers pre BT4. After that, the card never worked, even when trying to blacklist the shipped drivers and installing the enhanced drivers, they would fail since it needed something from the older kernel settings not in the later versions.
-
wicd-gtk is shit but i personally like wicd-curses in the terminal. double check rfkill and make sure your alfa isnt hard or soft blocked and if it is then just unblock it. also when you issue the command ifconfig wlan0 up are you double checking that the interface is up by running ifconfig again?
also digip, remember that when using airmon-zc it starts wlan*mon not mon*, airmon-ng starts a mon*.
-
http://www.kismetwireless.net/android-pcap/
Works without rooting. I've tested this myself. I used the AWUS036H with my OTG cable.
yes i see what youre talking about. ya it will work to capture traffic but if you want to actually use aircrack-ng tools or reaver you wont be able to natively. thats where my previous post was going with that. some previous phone models with the bcm4329 and 4330 chipsets now support monitor mode and packet injection (sort of) natively in android. the guys over at bcmon.blogspot.com are doing some nice work.
-
using an external wireless adapter with an otg cable or even a native usb host port in android, wont work natively in android. your android device may be able to detect the usb adapter thats plugged in with certain apps like "usb host diagnostics" or "usb device info" but thats about as far as youll get, unless you compile the modules for your usb wireless cards chipset (in this case would be rtl8187l). then after you have built the modules, the only way for now that youll be able to do fun stuff like wifite, reaver, aircrack-ng etc, is by disabling the native wireless on your phone and chroot'ing into a linux. then from there you can insmod the modules for your usb adapter and have all the wireless hacking fun that you want. iv'e done this on my asus tf101, my hp touchpad, and a couple of different phones. for example on my asus tf101 i had to build rtl8187.ko, mac80211.ko, and eeprom_93cx6.ko. then i will just chroot into linux (any distro will do) in my case it was backtrack5.img then insmod the modules fire up wicd-curses for connecting to networks or just install reaver, aircrack-ng, wifite and bam have fun pwning.
-
if you want help with this you need to give details on exactly what youre doing and what is and is not working. which version of ubuntu are you using and which kernel? did you install the latest compat-drivers for your wireless cards chipsets? forget about madwifi drivers, that has nothing to do with your newer ralink chipsets. that is an older atheros chipset thing. how exactly are you trying to put the wireless adapters into ad-hoc (ibss) mode? are you manually configuring the settings with iw? if you have the proper drivers for your cards installed and the latest iw version you should be able to iw list in the terminal and it will list the supported interface modes and commands for your cards. you can then configure all the settings using iw.
-
wifite is still in my opinion the easiest/fastest to use wireless encryption cracking tool. it's especially nice to use when you're cracking wifi's with an android tablet or smartphone.
-
how do i list my iptables chain?
here is the command that I snarfed on earlier, please DO help me!!:
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 8080
I have not flushed my iptables yet but I wil try that next. I will flush before and after I potty.
iptables keeps track of ip addresses and MAC addresses right?when i said list your iptables chain i was referring to when you said
"2. change the iptables by issuing a really long command that i dont feel like entering here but starts with "iptables -t nat -p tcp ..."
i was trying to say you need to list what youre entering. THE WHOLE THING.
the iptables chains in the example line i listed are PREROUTING and REDIRECT
in the line you listed you arent even using any. this a problem. run iptables --help for some more info or google what iptables does. keeping track of ip addresses and mac addresses not really what iptables is for you might be thinking of arptables.
iptables provides packet filtering, network address translation NAT and other packet mangling.
arptables is used to set up, maintain, and inspect the tables of ARP rules in the kernel. so not really the same thing. oh and one more thing, when you say you edited the /proc/sys/net/ipv4/ip_forward file what kind of edit are we talking about here?
if you want help with something you need to start giving very specific details on what youre doing and what the result is. not listing kinda sorta and maybe mighta things.
-
ok you need to list your iptables chain that youre using. fisrt of all how do you expect help when you wont list exaclty what commands youre using?
also you should flush iptables before starting a new one and you should flush it when youre done.
iptables --flush
iptables --table nat --flush
iptables --delete-chain
iptables --table nat --delete-chainyou need to understand what iptables is and what it does.
youre not even listing any chains in your iptables. something like
iptables -t nat -A PREROUTING -p tcp --destination-port (whatever-port) -j REDIRECT --to-port (whatevr-port)
-
i have the similar issue.
i usually have urlsnarf working for couple of minutes and then it stops, and sslstrip takes over and only sslstrip works.
i think you cannot have both running simultaneously as sslstrip is forwarding everything to port 10000, and urlsnarf doesnt catch that
at least this was the explanation that i found on this forum a while ago.
urlsnarf should not interfere with sslstrip for a few reasons. first we gotta understand that sslstrip doesnt forward anything anywhere. The kernel forwards everything along except for traffic destined to port 80, thats why youll normally have to enable forwarding mode, because iptables is doing all the forwarding in which it redirects all the http traffic to the sslstrip $LISTEN port which could be any port you choose, in this case its 10000. sslstrip usually requires python-twisted-web module as well.
urlsnarf on the other hand doesnt listen on a port but on an interface. you can just tell it what and where to log something like urlsnarf -i <iface> | grep http > /whichever/directory/you-like/whatever.txt
-
you might want to check and see if nscd is the culprit. i dont know much of anything about the pineapple or whats loaded on it. i sorta know what it does but this may or may not help.
theres a program called nscd that caches various things.
is useful if you have a lot of users and use a network protocol to get /etc/passwd information, since nscd will cache such things as NIS and LDAP results. but it also caches DNS and can sometimes (depending on the OS) ignore DNS information like TTLs (time to live. so if you've just changed something in DNS, the system may not pick that up right away, but all your command line utilities that do direct DNS queries (nslookup, host, etc.) will see the right values.
you could force nscd to invalidate its DNS cache
you could just kill the daemon and restart it
you can also deactivate the nscd DNS cache entirely. now im not sure if this is the problem or not but its worth a look.
as far as urlsnarf goes just make your own log file where ever you want something like
urlsnarf -i <iface> | grep http > /whichever/directory/you-like/whatever.txt
also one more thing. im looking through that setup script you have linked and i dont see urlsnarf anywhere there.
-
um....... What???
-
i think you guys have some real confusion on what exactly this cable is for. first of all youre not going to use this to charge one phone with another phone. when you connect devices to your usb host port on your archos charging dock its quite a different thing than connecting your device to another device as a peripheral storage or for an ADB connection via OTG cable. theres a few things that i think youre not understanding here. first is ADB and what ADB actually is and is used for. second is the capabilities of the devices youre using and or how to use them. When you connect USB OTG Adapter to the phone it is switched into USB Host mode. Most phones and even tablets hardware is not capable of giving power to USB peripherals, so USB Y Cable or USB Hub with external power supply is required to connect USB peripherals to the phone.
now normally (assuming your kernel has support built in for OTG host mode) when you connect a usb mass storage device to your phone via OTG cable it will automatically be mounted in /sdcard/usb/ or simmilar. however it may not automount if other USB mass storage device already has automatically mounted partition. then you miay have to manually mount it by doing something like this for example.
su
mkdir /sdcard/usb1 mount -t vfat -o rw,dirsync,nosuid,nodev,noexec,uid=1000,gid=1015,dmask=0702 /dev/block/sda1 /mnt/sdcard/usb1
from the terminal emulator on the phone or via adb shell connection from another device. of course you can tell by the "su" that youre going to require root privileges.
but i digress. i think the OP mentioned a couple of archos devices 5 and 7 iirc. unless you have flashed a custom rom and or kernel its not likely that those will support OTG fucntionality, i belive those initially came with android 1.6 or 2.0/2.1 so no way that it was built in stock. but really, thats not what this cable in particular is even made for. this cable's main purpose is to run adb shell commands on a connected victim device. as i stated in my earlier post, this is being used with a custom android framework and scripts to gain access to to sensitive data on another device.
https://github.com/kosborn/p2p-adb/
you can brouse through the source and shell scripts there.
if youre not familiar with some of the android-sdk platform-tools like adb, and fastboot, or if you dont even know what kernel version or better yet even which android version your devices are running then this project and isnt something for you. time to go back to square one and first learn about the different types of usb ports and what they can and cannot do.
I still think this could be especially fun with adb over wifi connection being enabled on he victim devices.
-
you can always capture all of the data you'd like in a .cap, .pcap etc file format and look at the data at a later date with something like wireshark or commview (windows) however unless you have the encryption key you wont be able to decipher what any of it is. so yes you can "sniff" traffic in pure monitor mode but its pretty much worthless if you cant make sense of it.
-
you can add the backtrack repositories to your sources list and then youll be able to easily install most any of the backtrack tools, using apt-get or synaptic or aptitude etc. it takes about 30 sec to do.
-
Does this app work on Android 4.x?
I just got a samsung galaxy s3 and they've switched the app store to the google play store. I was unable to find an app named "network spoofer" or "network spoof" at all.
It seems like it would be just a fun thing to have.
-Batman
it really doesnt matter the android version because as an earlier post stated, this runs on a debian .img so its actually chrooting to debian and running the attacks from there. like another person said as well you might want to check out dsploit,
my fav still is this bad boy https://github.com/crazyricky/SSLStrip-for-Android this actually runs natively in android does need root but doesnt require you to download the debian.img (which takes up about 600+ megs) or chroot etc etc. ive changed some things in the code for myself for my specific needs but the posted version works just great. if anyone wants to take a look at my version and try it out ill post the code and you can give it a whirl.
this will require a rom/kernel with netfilter, and iptables. any custom rom such as cyanogenmod6+ should do just fine. if youre running a stock rooted rom then youll have to find out.
also wifikill, fing, and landroid are some other must havs for your networking snooping/hacking delight.
-
this is the cable youre referring to correct?
http://hakshop.myshopify.com/collections/accessory/products/micro-to-micro-otg
-
um ok just to clarify here, linux, and Backtrack5? Redundant statement is redundant. Backtrack5 IS linux. Alot of people say they dont recommend using backtrack5 as an installed operating system or as a main operating system.... I dont see why not, as long as youre not running around as root all the time. and sure you can just install something like ubuntu and just add the backtrack repositories if you wanted as well. the latest backtrack5 r3 and pentest distros like backbox have leaned out the amount of pentest apps installed and kept it simple with the latest and most used apps. if you want a nice complete pentest distro with a shitload of pentest apps (some are pretty redundant and kind of obsolete) to play around with and lean about then try blackbuntu. still one of my fav distros. but i mean when you really look at it backtrack, backbox, blackbuntu are all penetration distros that are really just Ubuntu with with a twist, and some extra repositories. so really the choice is up to you. good advice is to try them all either live disk or vm, and when youre ready, make the switch.
Internal mini PCI-E wifi card recommendations
in Questions
Posted
well it depends on what fits in your laptop. do you have half mini slots or are you looking to put a half mini card in a full mini slot with an adapter?