background preloader

Hacking Techniques in Wireless Networks

Hacking Techniques in Wireless Networks
Prabhaker Mateti Department of Computer Science and EngineeringWright State UniversityDayton, Ohio 45435-0001 This article is scheduled to appear in “The Handbook of Information Security”, Hossein Bidgoli (Editor-in-Chief), John Wiley & Sons, Inc., 2005. 1. Introduction. 2 2. 2.1 Stations and Access Points. 3 2.2 Channels. 4 2.4 Infrastructure and Ad Hoc Modes. 4 2.5 Frames. 4 2.6 Authentication. 5 2.7 Association. 6 3. 3.1 Passive Scanning. 7 3.2 Detection of SSID.. 8 3.3 Collecting the MAC Addresses. 8 3.4 Collecting the Frames for Cracking WEP. 8 3.5 Detection of the Sniffers. 9 4. 4.1 MAC Address Spoofing. 10 4.2 IP spoofing. 10 4.3 Frame Spoofing. 11 5. 5.1 Detection of SSID.. 12 5.2 Detection of APs and stations. 12 5.3 Detection of Probing. 12 6. 6.1 Configuration. 12 6.2 Defeating MAC Filtering. 13 6.3 Rogue AP. 13 6.4 Trojan AP. 13 6.5 Equipment Flaws. 13 7. 7.1 Jamming the Air Waves. 14 7.2 Flooding with Associations. 14 7.3 Forged Dissociation. 14 7.4 Forged Deauthentication. 15 7.5 Power Saving. 15 8.

64 Things Every Geek Should Know - The term ‘geek’, once used to label a circus freak, has morphed in meaning over the years. What was once an unusual profession transferred into a word indicating social awkwardness. As time has gone on, the word has yet again morphed to indicate a new type of individual: someone who is obsessive over one (or more) particular subjects, whether it be science, photography, electronics, computers, media, or any other field. A geek is one who isn’t satisfied knowing only the surface facts, but instead has a visceral desire to learn everything possible about a particular subject. A techie geek is usually one who knows a little about everything, and is thus the person family and friends turn to whenever they have a question. 1. USB – Universal Serial Bus GPU – Graphics Processing Unit CPU – Central Processing Unit SATA – Serial ATA HTML – Hyper-text Markup Language HTTP – Hypertext Transfer Protocol FTP – File Transfer Protocol P2P – Person to Person data sharing 2. 3. Here’s what one looks like: 4.

Hacking Wi-Fi Password (with good intentions) Using Ubuntu Linux Hacking Wi-Fi Password Using Ubuntu Linux - I know a lot of you out there would love to know how to hack or crack Wi-Fi passwords from coffee shops or just about any place with managed or secured network. Note: We do not encourage hacking on Wi-Fi networks without permission. Do it only for testing or for securing your own network. I've already featured several hacking software (and more hacking tools) before, and some of which can help you crack Wi-Fi passwords be it WEP or WPA protected. This time, I'm going to share with you some of my favorite wireless tools that can be used to hack Wi-Fi password using Ubuntu or any other Linux distribution: Aircrack-ngAircrack-ng (a fork of aircrack) is my main tool for cracking Wi-Fi passwords. Kismet Kismet is a really good network detector, packet sniffer, and intrusion detection system for 802.11 wireless LANs. SWScannerSWScanner is specifically designed to make the whole wardriving process a lot easier. Happy WiFi hacking.

Upside-Down-Ternet My neighbours are stealing my wireless internet access. I could encrypt it or alternately I could have fun. I'm starting here by splitting the network into two parts, the trusted half and the untrusted half. /etc/dhcpd.conf IPtables is Fun! Suddenly everything is kittens! /sbin/iptables -A PREROUTING -s -p tcp -j DNAT --to-destination For the uninitiated, this redirects all traffic to kittenwar. For more fun, we set iptables to forward everything to a transparent squid proxy running on port 80 on the machine. /sbin/iptables -A PREROUTING -s -p tcp -m tcp --dport 80 -j DNAT --to-destination That machine runs squid with a trivial redirector that downloads images, uses mogrify to turn them upside down and serves them out of its local webserver. The redirection script Then the internet looks like this! And if you replace flip with -blur 4 you get the blurry-net I made xkcd - how cool is that ?

How to Encrypt Your Internet Traffic This is the coolest trick I learned while working at Blinkx. At the time, our management really hated when we go on any type of instant messaging applications. I also suspected that our messenger conversations and other internet activities were being monitored. Open an SSH Tunnel to a Remote Machine There are a couple ways you can do this (one through Putty and one through Cygwin). Download and install Cygwin. That’s it! There are two ways to get this done. If you want to pay to do it the easy way, you can use programs like ProxyCap to handle all of your traffic routing. Configuring Firefox to Use Your Tunnel Go to Tools > Options > Advanced (button) > Network (tab) > Connection > SettingsConfigure your Proxy settings like the image below: Click “OK” and you are set! Testing Firefox Proxy In the web browser, check that your IP is different from before you tunneled your traffic by using cmyip. Configuring AIM to Use Your Tunnel Open AIM connection preferencesSet the Proxy settings Conclusion

Turn Your Home Router Into a Super-Powered Router with DD-WRT Wireless is everywhere and routers are the force that makes it happen, so why not supercharge yours to take proper advantage of it? DD-WRT will let you boost your router’s range, add features, and more. DD-WRT has a ton of features—more than we can cover in this guide, which is focused on helping you get your router upgraded. What Is DD-WRT? Here’s our router. DD-WRT is an open-source alternative firmware for routers. Router Support Turning your home router into an almost professional-level tool is a great project that has one major caveat: support. For our purposes, the important spec to consider is NVROM, or ROM. Preparation The most important thing in any project is research. DISCLAIMER: Changing your router’s firmware can result in unintentional consequences, such as “bricking.” As mentioned above, start with the Supported Devices page to see if you’ve got a DD-WRT-friendly router. The friendly forum gave us some useful info for our particular model. The Process

Kill the Password: Why a String of Characters Can't Protect Us Anymore You have a secret that can ruin your life. It’s not a well-kept secret, either. Just a simple string of characters—maybe six of them if you’re careless, 16 if you’re cautious—that can reveal everything about you. Your email. Your bank account. No matter how complex, no matter how unique, your passwords can no longer protect you. Look around. This summer, hackers destroyed my entire digital life in the span of an hour. The age of the password is over. Since that awful day, I’ve devoted myself to researching the world of online security. First thing I do? This summer I learned how to get into, well, everything. The common weakness in these hacks is the password. Passwords are as old as civilization. In 413 BC, at the height of the Peloponnesian War, the Athenian general Demosthenes landed in Sicily with 5,000 soldiers to assist in the attack on Syracusae. The first computers to use passwords were likely those in MIT’s Compatible Time-Sharing System, developed in 1961. Apple: OK.