• Content count

  • Joined

  • Last visited

  • Days Won


Everything posted by phr34kc0der

  1. I thought i'd go into a bit more detail about the IV. The IV is a 3 byte value (24 bit) that is used with the key to generate a unique keystream when encrypting packets. The keystream is XORed with the plaintext packet to provide the encrypted one. As the key is known by the client and access point the IV is generated by the sender and prepended to the encrypted packet as plaintext. When received the IV is stripped, added to the key and used to generate the same keystream as used for encryption. An XOR operation is preformed to get the plaintext packet. One of the problems with WEP is that it contains "weak IVs". These are IVs which provide a byte of the key. The basic idea is, due to problems with then encryption implementation, a weak IV can be used guess what the first byte of the key may be. With enough guesses the value with the most votes (so to speak) is likely to the the correct byte. The IV+first byte is then used to find the next byte and so on until the whole key is found.
  2. w00t
  3. The writer puts curious techies in the same group as script kiddies, attackers, and criminals. Wrong. I kinda agree with the statement. I dont think "curious techies" are being put in the same group as script kiddies or attackers, the author is just saying that the motives for attacks are changing. Maybe it could have been worded a bit better.
  4. I cant recommend any specific antennas as I dont have too much experience in that area (although i'm sure someone on these forums or maybe the IRC channel does) but you'll probably want to get a parabolic dish type antenna, although 5 km may be a little far.
  5. I had no idea about that. Thats kinda cool. How does it know when a client connects? Does it watch arp packets or something? If I were to ever break into a neighbours wifi I would spend a day or so being really careful, just looking at their traffic. I would also check the router for default settings. Chances are if they left a default password and no port forwarding they probably dont know how to check their access point logs. I would also keep in mind that it could be a honey pot (set a couple up myself, never caught anything though ) Often wondered about this myself. Entering a system unauthorised (I believe) is against the law so maybe only the act of connecting would be illegal. OTOH trying to break (or in this case brute force) the key could be some kind of illegal activity.
  6. Wedding eh? Contgrats!

    How soon is soon?

  7. is there any way they will come to know , if i am cracking any body else, just for knowledge perpose i like to know. Thanks Yes. Most DSL/Cable modems/WiFi routers have activity lights. Although I would guess most people don't monitor them. I dont. It's in a different room. If you're only capturing the handshake passively then no one will know. If you're attacking the AP actively then it could be possible for someone to find out but unless your unlucky I dont think it's something to worry about.
  8. I'm not sure I totally agree. There are groups (albeit smaller and less powerful than the ones you mention) that would find this technology beneficial. Scientific calculations come to mind. You mention that embedded chip companies would not go for it but many of the big companies are active in the development of OpenCL. NVIDIA, Apple, AMD, IBM, Intel,ARM, Broadcom....the list goes on. In fact, it was Apple who first put the initial proposal to the Khronos group (specialise in open standards). I'm not implying that it'll be as used as other technologies but a standard, usable by everyone; think OpenGL. DirectX may be the industry standard but OpenGL is still available and way more open. There may be applications taking advantage of vendor specific optimisations but OpenCL will provide a trade off between specific optimisations and portability which may be what makes it more accepted. As for automatic programming, why? OpenCL (and im not just describing something i'd like to see, all new macs have OpenCL support and AMD and NVIDIA have released implementations) uses JIT compilation to optimise for its specific environment, so the same code can be run on a multicore CPU or the GPU (or any other supported device). The device is specified at run time so the most suitable device for the task is selected.
  9. Just though I would add that an statistical attack on WEP is not always possible. After the weakness in WEP was found a temporary solution was to get the access point to not use weak IVs. Although I'm not aware of any consumer access points employing that method, it is something to be aware of.
  10. No problem (although remember it's illegal to break into other peoples networks). You could always look into buying an antenna if you need to improve the signal
  11. Firstly, assuming the program is legit, then welcome to the forums. I dont think many people on the forum will use your tool, but hey, coding is coding so write whatever you want. Secondly, I think it would be more beneficial to release the source code. I dont program in VB but it would allow us to be sure the code is clean, as well as seeing how it works, what it does and possibly helping to improve it.
  12. The handshake is generated when a client connects to the access point, so in order to get the handshake you need to be capturing when that happens. There are two ways this can happen; passively and actively. With the passive attack you just wait until a client connects. Assuming it's your own network this can be done easily by getting a second computer and connecting to the wifi (you could also try with the same machine BT is on but a second machine would be more reliable). The active attack works by deauthenticating a connected client which will cause it to reconnect, creating a handshake for you to use. The command for a deauth attack is: aireplay-ng -0 <count> -a <essid> -c <client mac> <interface> where <count> is the number of packets to send, essid and client mac can be found using airodump and the interface is obviously the interface in monitor mode. If your still having trouble capturing the handshake it may be because you are too far or too close to the AP/Client. You need to be close enough to capture the packets sent from the AP and client during the handshake but being too close can cause a certain amount of noise, possibly corrupting the packets your receive. If you open the capture file in wireshake and filter for "eapol" (read up on 802.1X if you want to know more) you should see the handshake, or possibly parts of it.
  13. I think airodump adds sequential numbers to the end of the capture files. type "ls" to see the files in the directory and see whats there. It should be "wpa.cap-01.cap" as airodump adds the ".cap" anyway Good luck
  14. I dont really get what you're saying. I'm not suggesting that the architecture will change, i'm saying that the same code will be able run (almost) without change on any supported device. I could see specific companies not liking this but if it becomes ubiquitous enough they'll have to support it or die.
  15. then we'll just have to wait till some 3rd party makes aticuda A bit off topic but give it a few years and OpenCL will be whats it's all about. It'll use any OpenCL device for calculations (including any OpenCL GPUs such as NVIDIA or ATI, as well as processors and accelerators such as cell processors or FPGAs). You'll write the code once and it'll take advantage of any processing hardware you have.
  16. It doesn't work like that.
  17. If I understand correctly then wpalist.txt is on a usb disk. If thats the case you need to mount the drive first mount /dev/sdb1 /mnt or something like that. You may need to change sdb1 to something else. If you do "mount /dev/sd" and hit tab a few times it'll show you the possible options. Either find the right one or try them all till you get it. If you want to umount do: umount /dev/sdb1 If done correctly your USB drive will be available at /mnt. Assuming the dictionary file is in the root of the drive you can specify it with aircrack-ng -w /mnt/wpalist.txt -b 0a:00:00:00:00:00 wpa.cap On a slightly unrelated note, i've found that pyrit is faster than aircrack-ng and with a bit of work it can use the GPU for added processing power.
  18. I think johnnymanson meant sharing a drive over the network. An alternative may be to make an image of the CD and mount it on your netbook.
  19. Wow, this is so wrong. In my experience (and thats all I can speak about) Linux has been way easier to get hardware working. Of course it depends on what disto is being used but the desktop versions of Linux (Ubuntu et al) have amazing hardware support. With old hardware in windows I have to find out the chipset of the device (either take it out the machine or install some 3d party software) look online, possibly sign up to a driver site, download an (insanely large) installer, install, reboot and hope it works. Then I need to find software to actually use the device. Unless i'm trying to do things the hard way (e.g. gentoo) I can turn the machine on, search the repositories for software and it works. I'm sure there are exceptions but I havent come across them myself. I think more than anything people have become used to the Windows way of doing things. It's hard to get used to the idea of synaptic the first time round when most users are used to installing from a CD or searching the web for software. Also it's important to remember that a lot of the problems with device drivers is the hardware vendors. They dont support alternative OSs as much as they should. Luckily it is starting to change (I was pretty amazed when my motherboard came with Linux drivers). As for Linux being easier to do illegal activities. That's just BS. I think what you mean to say is that Linux gives the user more control over what their machine does.
  20. Why wouldn't a hacker run Windows? Isn't it the most popular OS to date? Isn't it another opportunity to learn? Hacking isn't about following the rest of the sheep and hating Microsoft. Hacking is about learning. In fact, I would not consider someone who ignores Windows simply because it's popular to hate a hacker. The only people I know who completely shun Windows are Mac users. By the way, it's incumbent upon anyone bashing Windows to offer a sensible reason as to why they hate it. I'll go first: I hate windows because it comes free with every cheap computer I buy. Too pedestrian. That means anyone in the world can have it. Not at all exclusive enough for me. haha. i hate windows cause the shell is case insensitive, doesnt handle arrays, system allows anyone to modify important files, and is closed source. btw, macs rule ^^ I hate Windows because it is owned by Microsoft and I hate Microsoft because of their business practices. I hate Apple for much the same reason.
  21. Man, I really wish I knew what you were saying.
  22. Those specs should be ok, especially if you want to do a hard drive install but if you can, try and get more RAM. A lot of tools in backtrack are command line so you can save resources by not running X or running something a little more lightweight (I think it might come with fluxbox, or maybe that was a previous version).
  23. Maybe something like this is what you're looking for. I've not used it myself but I've come across it once or twice. I dont think you'll (easily) find a free domain name and hosting. Domain names are pretty cheap and, depending on the site, worth the money. It's about image. If you're hosting your self you could also look into
  24. I've never used 11 so I cant compare the two but I have no real issues with Fedora 12. I do prefer it to Ubuntu. It feels faster and (IMO) looks slightly nicer. I have had some problems installing the binary nvidia drivers but its not really much of an issue at the moment.
  25. What is wrong with the distros you're choosing? I'm using fedora ATM and think it's fantastic (switched from Ubuntu). The best thing about Linux is that you can customise it as much as you need. Dont like the Window manager? Change it! Kernel too bulky? Recompile it! If you list some things you dont like then i'm sure we'll be able to find some alternatives.