Security through Insecurity

Tips & Tricks

WPA Wireless Hacking

by Josh Houston on Mar.11, 2010, under Hacking, Security, Tips & Tricks, Uncategorized, Wireless

In this Video Tutorial, I show you how to crack a wireless network secured with WPA encryption. Although it may sound hard, it is actually quite easier than you may think. I also have provided a Written tutorial for you to save, and the video is also available for download. The following are links to an outside website (mediafire) providing hosting for the videos. Video

  1. Type in “airmon-ng” to see wireless adaptors on your computer.
  2. You should see a listing come up. Mine showed wlan0. Yours may be different, such a rausb0.
    Type in “airmon-ng start wlan0” to start your wireless device. Replace the “wlan0” with whatever yours showed to be. This will create a new “virtual” device, and will show the name. The name for mine was “mon0
  3. Open a new terminal window, and type “airodump mon0” again, replacing “mon0” with your new virtual devices name.
    You will begin to see a listing of different APs (access points). Find the one you want and press Control + C. Pressing Control + C will cancel the current program running in terminal. The name of the networks found is under the ESSID column. You may not see anything there, which is fine, some of them are invisible. Home.net is the name of my network, which is the ESSID.
  4. This is what I typed after that, “airodump-ng -c 6 -w Home.netWPA –output-format ivs mon0” This is all real easy stuff, so I’ll just explain it to you right quick. airodump-ng is a program which will capture the WPA handshake, which we will need in order to use a dictionary attack on. Here goes!
    • Type “airodump-ng
    • Add a space and type “–channel 6″ replacing the number 6 with the number of the channel of your Network (although 6 is VERY common, so don’t be surprised if that is it)
    • Add a space and type “-w Home.netWPA replacing Home.netWPA with the name of your network, or something you can remember.
    • Add a space and type “–output-format ivs”. This will tell airodump-ng to save our file in the ivs format, which we will use later for cracking.
    • The “mon0″ at the end, simply defines which device to use.
  5. Open a New Terminal Window. In it, type “aireplay-ng -0 1 -e Home.net mon0″

    • aireplay-ng is the tool that is going to allow us to perform the deauthentication attack, which will be needed in order to successfully crack the password.
    • The “-0 1″ flag tells the program to perform the deauthenication attack on a station, rather than all clients, which can really slow down progress.
    • The “-e Home.net” tells which address to attack. The -e stands for essid which is the address of your network. So you will have to replace Home.net with the address of your network (the one that I recommended you write down or copy earlier).
    • The “mon0″ at the end, again just defines which device to use.
  6. In our airodump-ng window, if you have not already, press Control + C, and type: “aircrack-ng -w list.lst Home.netWPA-01.ivs″.
    This is our last step in our attack, cracking the password against our Dictionary list, here goes:

    • aircrack-ng is going to allow us to take the WPA captured passphrase, and will use our ESSID along with every entry in our Dictionary list, to try and “guess” the password.
    • The “-w list.lst” tells aircrack-ng which dictionary file to use. If you are using Backtrack 4, then you can just place the dictionary list on your desktop, and replace list.lst with your file name.
    • And lastly, “Home.netWPA-01.ivs” instructs aircrack-ng to attempt to crack this file.
    • If all goes well, the password was in your password list, and you now have the password to your network! Congratulations! Now…. Go make a password that isn’t in a dictionary….
  7. E-mail me about donating to keep this blog up. :)

26 Comments more...

Timely Troubles

by Josh Houston on Aug.14, 2009, under Technology, Tips & Tricks

About 2 months ago, I decided to try out a RC version of Windows 7, but it would not support my SATA drive for an odd reason.  So, i rebooted into the BIOS, then proceeded to change my SATA mode to Compatible, which did not help. So, in my last attempt, i activated TPM in the BIOS, and the strangest thing happened; As soon as I switched form Disabled to Enabled, the computer shutdown, without my even saving the changes. I tried restarting…. but to no avail, ever. My BIOS is somehow fried now in my laptop, and whenever I try to boot, it doesn’t even show the POST.

So, in desperation, I called up ASUS, and they said it was something they had never seen before, and surely wasn’t something that was supposed to happen. Luckily, they have excellent customer support, didn’t charge me for the phone call, and are going to have the laptop shipped to them, replace the bad parts, and ship it back to me, all without me paying a cent. I must give them props for that, I have never, ever had such good support, They put be through no loops of forwarding to another department or anything, they just took care of me. Now I just actaully have to ship the thing with the RMA printout they gave..

This is why, as you may imagine, that I have had no updates in a good time. Luckily the hard drive is still good, and I got everything off of it, but I still do not have my recording software, or any of my tools. I’d like to apologize for not posting this sooner, but when Real Life gets down to it, so do I. Rest assured, there will be plenty more updates and youtube videos very soon.

Thanks,

Josh Houston~

2 Comments more...

Control your Computer from your Cell Phone for FREE

by Josh Houston on Apr.06, 2009, under Tips & Tricks, Windows

EDIT: This method will no longer work soon due to the kwiry service closing down. More information here. This will go into affect on On April 23, 2009.

You heard the forecast this morning, but totally forgot to turnoff your computer this morning; You’re on vacation, and need to get your computer running a backup, just in case. But in both scenarios, you don’t have access to your computer. In this video, I show you how to setup a solution, that will allow you to run any predetermined command, with a simple Text message.

You’ll need Microsoft Office, or just Microsoft Outlook (any version will do), and a working internet connection. In this tutorial, we will be using gmail.com for a free email account, and although you can use your own, I like to keep my texts and emails seperate. And we will be using a free service, at kwiry.com that allows you to send text messages to them, and they send it to you as an email.

  1. Goto gmail.com to sign up for a free email account, and copy down the new email you have.
  2. Goto kwiry.com and sign up with your new e-mail address.
  3. Open up Microsoft Outlook and create a new account.
    1. If this isn’t your first time to setup an account, you can click on “Tools” and then “Accounts” to set up a new account.
  4. On the First page, fill in “Your Name:”, “E-mail Address:”, “Password:”, and “Retype Password”, and then click the box at the bottom that says “Manually configure serer settings or additional server types”
  5. Click “Next”
    1. Leave the “Account Type” unchanged. It should be POP3. If not, change it to that.
    2. Set “Incoming mail server:” to “pop.gmail.com”
    3. Set “Outgoing mail server (SMTP):” to “smtp.gmail.com”
    4. Set “User Name:” to your user name that you chose for your e-mail account.
    5. Click “More Settings”
      1. Click “Advanced”
      2. Change the Port on “Incoming server (POP3):” from “110″ to “995″ and click the check box that says “This server requires an encrypted connection (SSL)”
      3. Click “Outgoing Server”
      4. Check the box that says  “My outgoing server (SMTP) requires authentication” and choose “Use same settings as my incoming mail server” if it is not already checked.
      5. Click “OK” and test the settings by clicking on “Test Account Settings …”
      6. If all is well, click “Next” followed by “Finish”
  6. Return to your Desktop
  7. Open up My Computer
  8. Open up “Local Disk (C:)” — may be different for you.
  9. Create a folder called “commands” and open it.
  10. Right-Click and create a new text document called “shutdown.bat” and click Yes when it asks about the extension change. Now open the document.
  11. Right Click on the newly created shutdown.bat and click “Edit”
  12. Type in “shutdown.exe -s -t 5″ and Press Ctrl + S to automatically save the file.
  13. Open Outlook back up and click on Tools followed by Rules and Alerts…
  14. Click “New Rule…”
  15. Near the bottom, under “Start from a blank rule”, click “Check messages when they arrive”
  16. Check the box that says “with specific words in the subject” followed by clicking on Specific Words in the bottom of the window.
  17. Add the subject title, which was “your kwiry – Shutdown” and click “Add”, followed by “OK”
  18. Click “Next”
  19. Check the box that says “start application followed by clicking on application in the bottom of the window.
  20. Browse to your shutdown.bat, it should be in this order: My Computer, Local Disk (C:), commands. You may have to Click Files of type: near the bottom and choose All Files (*.*)
  21. Click Finished, followed by Apply

Send yourself a message to kwiry that says shutdown

Now watch the magic!

Questions? Comments?

Video Requests?

6 Comments :, , , , , , more...

Looking for something?

Use the form below to search the site:

Still not finding what you're looking for? Drop a comment on a post or contact us so we can take care of it!

Visit our friends!

A few highly recommended friends...

    Archives

    All entries, chronologically...