Jump to content

r00tusr

Active Members
  • Posts

    11
  • Joined

  • Last visited

Everything posted by r00tusr

  1. Bump. Anyone else going since this thread started? My flight out is early Thursday morning. I would also like to get a beer with some folks. Anyone want to setup a time and place?
  2. 802.11w is suppose to be the answer to blocking deauth attacks. You need a wireless access point that has 802.11w support (or setup a open-wrt access point with 802.11w support). Then you need a wireless adapter on your workstation that also supports 802.11w with an driver/operating system that supports 802.11w (Windows 8/ Linux kernel compiled for 802.11w). 802.11w provides protection against deauthentication and disassociation frames. It uses a pair of one time keys between the client and access point. This allows the client to determine if the deauth that is sent is legit (coming from the access point) or not. I do not have this setup or working myself. I am planning on getting something setup in the near future to play around with.
  3. That's great! Thanks for the additional options!
  4. Hello Everyone. I am not sure if this is the appropriate forum to post a howto in, so if it isn't please let me know, and I will re-post. After mailvelope turned out to be pretty buggy, and watching mubix display stored private keys, I decided I wanted to go a different route to send encrypted email. I have a ubuntu vps I use frequently, and wanted to find a command line mail client that would allow me to send encrypted mail via pgp. After some web searches I found a few howto's setting up gmail, mutt and pgp. The howto's are fairly old, but I did a hak5 forum search for pgp, and didn't see any other howto's. The two that where most helpful are http://jrom.net/gmail-in-mutt and http://lifehacker.com/5574557/how-to-use-the-fast-and-powerful-mutt-email-client-with-gmail . I thought I would take a stab at writing my own how to for anyone else interested in this setup. Feel free to ask questions. I ended up installing performing this setup twice. Once on my ubuntu vps server, and another time on my xubuntu laptop. 1. To start off we will want to grab the mutt package r00tusr@cloudbox# sudo apt-get install mutt (If you are setting up postfix for the first time, you will be prompted for what type of mail configuration you want, choose: local only) 2. Now create the directories that will be used by the mutt client (used for storing headers, bodies, and certs) r00tusr@cloudbox# mkdir -p ~/.mutt/cache/headers r00tusr@cloudbox# mkdir ~/.mutt/cache/bodies r00tusr@cloudbox# touch ~/.mutt/certificates 3. Then we setup the main configuration file to be used with mutt. (The lifehacker link has links to sample config files. It also explains that uk users need some different configuration file settings. When I looked at the different two of the variables use Google Mail, instead of GMail). We also need change the permissions of the config to 700 because the file stores sensitive account information. If you do not specify passwords in this file, it will still work, but you will be prompted each time you make a connection to the server. r00tusr@cloudbox# touch ~/.muttrc r00tusr@cloudbox# chmod 700 ~/.muttrc r00tusr@cloudbox# vi ~/.muttrc (Copy and Edit the config below, and save them to your ~/.muttrc file) # Config create with examples from: # http://lifehacker.com/5574557/how-to-use-the-fast-and-powerful-mutt-email-client-with-gmail # http://jrom.net/gmail-in-mutt #Your Gmail account details set imap_user = "EMAILADDRESS@gmail.com" set imap_pass = "PASSWORD" EMAILADDRESS@smtp.gmail.com:587/" set smtp_pass = "PASSWORD" set from = "EMAILADDRESS@gmail.com" set realname = "Name" # Setup your favorite editor to write email bodies set editor = "nano" # Basic config, you can leave this as is set spoolfile = "+INBOX" set imap_check_subscribed set hostname = gmail.com set mail_check = 120 set timeout = 300 set imap_keepalive = 300 set postponed = "+[GMail]/Drafts" set record = "+[GMail]/Sent Mail" set header_cache=~/.mutt/cache/headers set message_cachedir=~/.mutt/cache/bodies set certificate_file=~/.mutt/certificates set move = no set include set sort = 'threads' set sort_aux = 'reverse-last-date-received' set auto_tag = yes ignore "Authentication-Results:" ignore "DomainKey-Signature:" ignore "DKIM-Signature:" hdr_order Date From To Cc alternative_order text/plain text/html * auto_view text/html bind editor <Tab> complete-query bind editor ^T complete bind editor <space> noop # Gmail-style keyboard shortcuts macro index,pager y "<enter-command>unset trash\n <delete-message>" "Gmail archive message" macro index,pager gi "<change-folder>=INBOX<enter>" "Go to inbox" macro index,pager ga "<change-folder>=[Gmail]/All Mail<enter>" "Go to all mail" macro index,pager gs "<change-folder>=[Gmail]/Starred<enter>" "Go to starred messages" macro index,pager gd "<change-folder>=[Gmail]/Drafts<enter>" "Go to drafts" #Setup mail client to use PGP source ~/.mutt/gpg.rc 4. Now we need to create the gpg.rc file that is referenced in the last line of the config file above. This file is what allows mutt to integrate with pgp. We will copy the example file that comes with the mutt package, and make no changes. r00tusr@cloudbox# cp /usr/share/doc/mutt/examples/gpg.rc ~/.mutt/gpg.rc 5. Now we will generate our pgp keys. First our private key. (You can use the defaults or read up more on the options. Be sure to choose a strong password) r00tusr@cloudbox# gpg --gen-key Then our public key. (You can upload this key to one of the key servers or place it on an external facing link for people to access. It will be saved in the .gnupg directory as pubkey.txt) r00tusr@cloudbox# gpg --armor --output pubkey.txt --export 'r00tusr' 6. Now we have successfully configured mutt, we can add our email recipients public key into our key ring so mutt can see it. Copy your email recipients public key and save it as text file. I used r00tusr.txt as an example. import the key file you created with the following command r00tusr@cloudbox# gpg --no-verbose --import r00tusr.txt 7. Lets launch mutt and send out first encrypted email. Launch mutt email client r00tusr@cloudbox# mutt To send a message type the letter m enter an email: recipients_email@server.com enter a subject: Test encrypted email enter a email body: Encrypted email message!! (This is actually using nano as an editor so used ctrl+x and save file to exit) Next to encrypt the message type the letter p You will be asked to: PGP (e)ncrypt, (s)ign, sign (a)s, (b)oth, or ©lear? Type the letter e to encrypt (You will be prompted to choose a public key in the ring, choose the emai public key you imported above) Next type the letter y to send the message This should successfully send an encrypted email message. When you read an encrypted message you will be asked for the pass phrase you created with your privates key in step 5. Cheers! :D
  5. Thanks for the replies. Interesting info.
  6. I am wondering if anyone saw this story on the nightly news last night. I read an article a few years ago about relaying a key fab signal to a car using antennas, which takes a lot of leg work. This isn't a new concept, but the surveillance video they showed of these thieves looked like the built a device that could unlock common vehicle types. I am interested to see if the media is giving them too much credit (using previously discovered vulnerabilities) and they needed a fill story or if someone really created a new device.
  7. I have the AWUS036NHA and I bought it from newegg. It was $29.00. I am running vmware on xubuntu using Kali in a virtual machine, and have had no issues so far.
  8. My name is Nick (r00tusr). I have been on the board for a few months lurking, and felt it was time to say hello. I have been interested in all computers things since a young age. I have always been one of those people who see's something, and has to know how it works. Favourite OS: slackware/xubuntu Nationality: US Sex: Male Age: 28 Race: White American Height: 5ft 11in Status: Married Build: Average Favorite band: City and Colour Favorite book: The Cuckoo's Egg Other Hobbies: Motorcycles, Guitars, Guns Occupation: Systems Engineer and College Instructor
  9. You could download virtualbox on ubuntu, and run Kali off an .iso image. Then you can setup your virtual network adapter properly to communicate with your host network, or create your own virtual play ground. IMO I feel like you are going to run into lots of dependency issues that you do not need to waste you time with if you are a newbie to linux.
  10. Create share directory: root@bt:~# pwd /root root@bt:~# mkdir sharedir root@bt:~# cd sharedir/ root@bt:~/sharedir# pwd /root/sharedir root@bt:~/sharedir# (This is an example, you would not want to grant give root an smb password, this is the only account on my bt box. You would want to create a share user, and give that user a smb password.) Create samba password for user root: root@bt:~/sharedir# smbpasswd -a root New SMB password: Retype new SMB password: Added user root. root@bt:~/sharedir# Setup samba: root@bt:~/sharedir# vi /etc/samba/smb.conf (Use the netlogon portion as a template, and uncomment it. Add the following settings) [sharedir] comment = r00tusr's share path = /root/sharedir writeable = yes valid users = root Restart samba service root@bt:~/sharedir# service smbd restart smbd start/running, process 1404 root@bt:~/sharedir# Connect to samba share ( I run xubuntu with bt in vmware) Windows: (username : root , password is what you set with smbpasswd) Computer -> Map network drive Pick drive letter: Folder: \\BACKTRACKVM-IP\sharedir (checkoff connect using different credentials, provide credentials) Linux: (username : root , password is what you set with smbpasswd) create mount point: user@xunbuntu:/$ mkdir /mnt/sharedir mount: user@xunbuntu:/$ sudo smbmount //BACKTRACKVM-IP/sharedir /mnt/sharedir unmount: user@xunbuntu:/$ sudo umount /mnt/sharedir
×
×
  • Create New...