digitalchameleon

Members
  • Content count

    9
  • Joined

  • Last visited

Community Reputation

-1 Noobie

About digitalchameleon

  • Rank
    Will I break 10 posts?

Profile Information

  • Gender
    Male
  • Country
    Canada
  1. Wireshark, arpspoof might be a good combo here, with the possible need for sslstrip. You can find all three on BT5rc2 (probably all backtrack distros). Another approach might be to go for XSS or the likes. Saw this not too long ago, might be good to read. www.ngssecure.com/Libraries/White_Papers/ExploitingSecurityGatewaysViaWebInterfacesWhitepaper.sflb.ashx Another tool to look into is routerpwn, but it's pretty basic. Generally, if all you want is access to the internet, there may be an easier way.
  2. I was assuming, based on what sourceforge said, that it was closed source. http://sourceforge.net/blog/anonymous-os-response/ "This project isn’t transparent with regard to what’s in it. It is critical that security-related software be completely open to peer review (i.e., by providing source code), so that risks may be assessed along with benefits. That is not available in this case, and the result is that people are taking a substantial risk in downloading and installing this distribution." Anyway I could get a copy?
  3. Has anybody had a chance to boot this up in a dry environment yet? Obviously the package is loaded with some type of trojan or malware; otherwise it would be open source. But I'm curious about what the goal is exactly, and who released this, since it wasn't anybody that normally associates with Anon. Hopefully once all this 0day rpd buzz dies down I'll be able to find time to boot it up in VMware. It's probably using steganography to export user information, just a shot in the dark.
  4. The only page I can get through XYZ-open says: Access XYZ internet. Username:_____________ Password:_____________ All packets seem to end up here, with this http server. I have seen clients access XYZ-open shortly before their MAC address appears associated with XYZ-authorized.
  5. Airodump output: ENC CIPHER AUTH ESSID OPN XYZ-open WPA2 CCMP MGT XYZ-authorized Logging onto XYZ-open directs you to a webpage asking for a username and password, which I'm assuming will then allow you access to XYZ-authorized. Can anybody provide information about how this happens exactly? I've been searching google and aircrack forums with no luck. Is this AP vulnerable to WPA handshake capture? Can the webpage passwords be sniffed form the XYZ-open network?
  6. True, but not every AP is vulnerable to WPS cracking. I have had limited success with WPA dictionary attacks. Once by brute forcing an 8 digit numeric key, but it took too long.