Malicious people don’t target big and corporate wireless networks only. If you have a Wi-Fi network at home or in a small office, your network might be attractive also. Malicious people might consider using unprotected and weak protected networks as hubs for malicious and illegal activities. By using an unprotected or weak protected wireless network, they can attack credit cards systems and netbanks from your wireless network and then all the illegal activities seems to originate from your IP address and your home or small office.
Therefore, all wireless networks should be protected with encryption.
Minimum Protection
Use WPA or WPA2 encryption (not WEP encryption, it is proven to be unsecure and weak)
If your wireless network devices do not support WPA or WPA2, then use WEP with minimum 128 Bit, enable mac address filtering (available in most SOHO routers), and use VPN-based encryption whenever it is possible.
THC-Hydra – the best parallized login hacker: for Samba, FTP, POP3, IMAP, Telnet, HTTP Auth, LDAP, NNTP, MySQL, VNC, ICQ, Socks5, PCNFS, Cisco and more.
Download THC-Hydra, extract and compile
wget http://freeworld.thc.org/releases/hydra-5.4-src.tar.gz
tar zxvf hydra-5.4-src.tar.gz
cd hydra-5.4-src
./configure --disable-xhydra --prefix=~/bin
make
make install
Hydra v5.4 [http://www.thc.org] (c) 2009 by van Hauser / THC
Syntax: hydra [[[-l LOGIN|-L FILE] [-p PASS|-P FILE]] | [-C FILE]] [-e ns]
[-o FILE] [-t TASKS] [-M FILE [-T TASKS]] [-w TIME] [-f] [-s PORT] [-S] [-vV]
server service [OPT]
Options:
-R restore a previous aborted/crashed session
-S connect via SSL
-s PORT if the service is on a different default port, define it here
-l LOGIN or -L FILE login with LOGIN name, or load several logins from FILE
-p PASS or -P FILE try password PASS, or load several passwords from FILE
-e ns additional checks, "n" for null password, "s" try login as pass
-C FILE colon seperated "login:pass" format, instead of -L/-P options
-M FILE server list for parallel attacks, -T TASKS sets max tasks per host
-o FILE write found login/password pairs to FILE instead of stdout
-f exit after the first found login/password pair (per host if -M)
-t TASKS run TASKS number of connects in parallel (default: 16)
-w TIME defines the max wait time in seconds for responses (default: 30)
-v / -V verbose mode / show login+pass combination for each attempt
server the target server (use either this OR the -M option)
service the service to crack. Supported protocols: [telnet ftp pop3 imap smb
smbnt http https http-proxy cisco cisco-enable ldap mssql mysql nntp vnc rexec
socks5 snmp cvs icq pcnfs sapr3 ssh2 smtp-auth]
OPT some service modules need special input (see README!)
Use HYDRA_PROXY_HTTP/HYDRA_PROXY_CONNECT and HYDRA_PROXY_AUTH env for a proxy.
Hydra is a tool to guess/crack valid login/password pairs - use allowed only for
legal purposes! If used commercially, name and web address must be mentioned in
the report. You can always find the newest version at http://www.thc.org
Carwhisperer is a new tool, which allows people equipped with a Linux Laptop and a directional antenna to inject audio to, and record audio from bypassing cars that have an unconnected Bluetooth handsfree unit running. Since many manufacturers use a standard passkey which often is the only authentication that is needed to connect.
This tool allows to interact with other drivers when travelling or maybe used in order to talk to that pushy Audi driver right behind you . It also allows to eavesdrop conversations in the inside of the car by accessing the microphone.
Installation Guidelines
Install libbluetooth-dev
sudo aptitude install libbluetooth-dev
Download Carwhisperer, untar and compile carwhisperer
wget http://trifinite.org/Downloads/carwhisperer-0.2.tar.gz
tar zxvf carwhisperer-0.2.tar.gz
cd carwhisperer-0.2
make
Download simple passkey agent
A simple passkey agent is needed, a passkey agent, which is written to automatically return pin code 0000 to all bluetooth pin requests.
First, let me remind you that Windows security is very bad in relation to password storage, so it is very easy to recover, crack / hack your own windows administrator password. (remember that you should only crack our own accounts and not other users’ accounts without having the necessary permissions).
The tool we are going to use is called Ophcrack, which is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms.
How to perform the actual password crack / recovery / hack
When Ophcrack finishes booting (it take a while, so be patient), you’ll see a list of all of the accounts available in your Windows installation. Click on Launch to initialize the cracking process.
As Ophcrack starts working, you’ll see several strange letter combinations appearing in the LMpasswd1 and LMpasswd2 fields.
I’m really impressed by the ease and speed that Ophcrack delivers. I managed to crack / hack / recover my Windows admin password in just 30 minutes, even though I used a password generator to generate a “secure” 8 letter alphanumeric password
From time to time someone sends me password protected Microsoft Excel (xls-files) spreadsheets. Getting xls files is in it self is bothersome, but that’s the way the world of IT is today, but hopefully more and more home and business users discover the OpenOffice productivity suite in the future. But getting password protected xls-files is just incredibly annoying – first of all it tells you that the person that just sent you the spreadsheet doesn’t have a clue on security matters, since protection techniques of that type is of no real use. They are simply too easy to crack, but again – why at all protect a document…
Howto Crack And Get Rid Of The “Password Protection” / “Recover” The Spreadsheet on Ubuntu
In order to perform the crack / recovery, we are going to use a small utility called xlcrack, xlcrack recovers lost or forgotten passwords from XLS files such as those created by Microsoft Excel. Some newer XLS files are not suitable for password recovery using this software.
Install libgsf-1
sudo aptitude install libgsf-1-dev
Download and compile xlcrack
wget http://freshmeat.net/urls/1d5772c1c5bea2854e1d04b29f1f772a
tar zxvf xlcrack-1.2.tar.gz
cd xlcrack-1.2
make
Carwhisperer is a new tool, which allows people equipped with a Linux Laptop and a directional antenna to inject audio to, and record audio from bypassing cars that have an unconnected Bluetooth handsfree unit running. Since many manufacturers use a standard passkey which often is the only authentication that is needed to connect.
This tool allows to interact with other drivers when travelling or maybe used in order to talk to that pushy Audi driver right behind you . It also allows to eavesdrop conversations in the inside of the car by accessing the microphone.
Installation Guidelines
Install libbluetooth-dev
sudo aptitude install libbluetooth-dev
Download Carwhisperer, untar and compile carwhisperer
wget http://trifinite.org/Downloads/carwhisperer-0.2.tar.gz
tar zxvf carwhisperer-0.2.tar.gz
cd carwhisperer-0.2
make
Download simple passkey agent
A simple passkey agent is needed, a passkey agent, which is written to automatically return pin code 0000 to all bluetooth pin requests.
This video shows Aircrack running on an iPod Touch/iPhone.
Getting the actual network data capture to the iPhone / iPod is not shown and thereby the capture of the needed IVs isn’t possible, but according to the author of the video, capturing of IVs will be available soon. The video thereby just shows that it is possible to crack the WEP IVs with an iPod Touch or iPhone using pre-captured IVs. It will the interesting to see the next step
This guide explains how to jailbreak your iPhone 3GS with Redsn0w on Windows. The guide assumes that your iPhone 3GS is updated to firmware version 3.0.
It is required that you have iTunes 8.2 not higher, not lower, in order to let the iPhone 3GS jailbreak properly the first time.
Get Redsn0w
Redsn0w is only available as bittorrent download. You can download using this torrent (usually really fast).
Download the firmware 3.0 for iPhone 3GS
The 3.0.0 (3GS) version of the iPhone firmware is available at the apple website: iPhone2,1_3.0_7A341_Restore.ipsw (recommended to be downloaded using the FireFox browser as it does not try to extract the file automatically in the download process).
Create a folder on your desktop and call it “mksnow”. Extract the downloaded firmware software in the folder and move Redsn0w into the folder too.
Launch Redsn0w
Double click on the Redsn0w program.
Click the “Browse” button.
Navigate to the firmware restore file we downloaded and put in the “mksnow” folder and click “Open”.
Click the “Next” button.
Select “Cydia” and “Icy” and click “Next”.
Switch off your phone and disconnect the USB connector on the bottom. When it is completely off, hold home button and plug in again while holding the home button.
Redsn0w will now jailbreak your iPhone and it will finally report that it is finished. Wait a while for a lot of text the iPhone screen and all the progress bars to complete. When the phone boots and starts up with the apple and lock screen, then the process is donw and your iPhone 3GS is jailbroken.
Continue if necessary to unlock it using ultrasn0w.”
. It also allows to eavesdrop conversations in the inside of the car by accessing the microphone.
