Skip to main content

Open Research

Busting The Bluetooth Myth
Author(s): Max Moser
Topic: During the last year, rumours had come to my attention that apparently it is possible to transform a standard 30USD Bluetooth® dongle into a full-blown Bluetooth® sniffer. Thinking you absolutely need Hardware to be able to hop 79 channels 1600 times a second I was rather suspicious about these claims. This paper is the result of my research into this area, answering the question whether it is possible or not.

How to Grab Ressources - a Practical Guide
Author(s): Andreas Naepflin
Topic: This is a small tutorial about Reverse Engineering. This tutorial explains how to manually unpack a UPX-packed executable and manually extract a resource out of it.


Phun with Fortiguard Filters
Author(s): Satya Jith
Topic: Funny issue with Fortiguard Filters and HTTPs

OpenWRT Madness
Author(s): Mati Aharoni
Topic: Getting Metasploit to run on a Linksys Router

Netgear WG511 External Antenna Modification
Author(s): Paul Mansbridge
Topic: Adding an antenna slot to Netgear WG511 PCMCIA cards

Splunk System Logger
Author(s): William M. Hidalgo
Topic: Central logging and anlyzing with Spluk System Logger

Ethereal Wireless Filters
Author(s): William M. Hidalgo
Topic: Ethereal filters for analyzing wireless packets/networks

Kismet Primer Guide
Author(s): William M. Hidalgo
Topic: Quick and dirty shakedown of the Kismet interface and key shortcuts.

802.11b attacks on 802.11g
Author(s): William M. Hidalgo
Topic: Follow up to the aireplay injection

Void11 Rouge Access Point Counter-Offense
Author(s): William M. Hidalgo
Topic: Void11 Rouge Access Point Counter-Offense

WPA Cracking And Kismet/GPS Extras
Author(s): William M. Hidalgo && Paul Mansbridge
Topic: Cowpatty usage and some interesting notes on WPA

WEP Decryption and Physical Intrusion
Author(s): William M. Hidalgo
Topic: Decryption captured packets and physical intrusion

Aireplay injection
Author(s): William M. Hidalgo
Topic: Injection packets into a wireless LAN using aireplay

Comments

Popular posts from this blog

Test New ALFA-AWUS036H v.2 (1.000mW) VS ALFA-AWUS036H v.1 (500mW)

- Recently emerged the New ALFA-AWUS036H v.2 (1.000mW), and these are the tests. TEST WITH NETSTUMBLER 1) usb da 100mW chipset railink 2) usb da 200mW chipset railink rt73 3) intel 2200 b/g con connettore esterno rp-sma 4) Alfa-AWUS036H 500mW 5) New Alfa-AWUS036H V2 da 1.000mW

Creating A Cheap Bluetooth Sniffer

Many papers and posts on internet forums have commented on the success of turning normal everyday bluetooth USB dongles ($10), into their more powerful counterparts that allow the capturing of packets from the airwaves. These more powerful USB dongles are usually sold at a much higher price ($10,000) together with the software to drive and control these devices. The problems associated with BlueTooth sniffing You cant simply just purchase the dongle with the alternate firmware. There is next to no real opensource packet capture program for the bluetooth protocol. Hardware & Limitations Chipsets: Whats the difference? The chipset of the Bluetooth USB Dongles are very important. Broadcom chipsets are cheap hardware and are deemed unsuitable devices for this paper. But unfortunalty nowadays, every manufacturer seems to prefer putting these chips in their products compared to the more reliable Cambridge Silicon Radio (CSR) chipset. If your lucky enough to find a dongle with a CSR chips...

ALFA-­AWUS036H & ALFA-­AWUS050NH INSTALLING/UPDATING DRIVERS RTL8187, r8187, RT2800usb on UBUNTU

NOTE: For surfing Internet with ALFA-AWUS050NH on Ubuntu Jaunty with rt2870sta driver, you must use the Kernel "2.6.28-11-generic #42-Ubuntu", without change or updates the drivers modules. NOTE: The tutorial is not related to Ubuntu karmic. Driver RTL8187/Stacks-­mac80211 (ref. ALFA-­AWUS036h) ­- These drivers, for surfing Internet, are more stable than r8187, and fully compatible with Network-Manager 0.7 installed by default on Ubuntu 9.04. Network-Manager 0.7 installed by default on Ubuntu 9.04. ­- Supports all encryption without problems. (OPEN, WEP and WPA/WPA2) ­- With Compat-Wireless, the "injection" working, but for support “Fragmentation attack” (opt. -5) you need to install one patch. - The RX sensitivity and packets injection is less, related to drivers r8187. Driver r8187/Stacks-ieee80211 (ref. ALFA-AWUS036h) - This driver is recommended for use with the Suite of Aircrack-ng, but not particularly suitable for Internet connections, as less stable and disc...