Skip to main content

Posts

Showing posts from September, 2008

Destruction Mode Charon 2 GUI

Last year we told about not so well know tool called MDK, as part of the “Cracking WEP key - Acces Point with pree-shared key (PSK” concept. Alot of time has passed by since then and now we have well workiong stable version even with GUI extension Charon. It was not much of a deal in Fall 2007, but the situation has changed. The autor has also decidedd to eneble the Destruction Mode in the menu. The extension is written in Java and is very stable. If you have not encountered the MDK tool before, it is a proof-of-concept tool from the authors of the PTW implementation in aircrack-ng (Darmstadt Lab). It tses 8 concepts of attacking wireless networks. b - Beacon Flood Mode sends beacon frames and confuses the client by creating fake APs. This is able to make AP scanning applications and devices unusable a - Authentication DoS mode sends auth frames to all APs in range. This results in freezinig or restarting devices p - Basic probing a ESSID Bruteforce mode sends probe requests to APs and...

Packet Injection wifi Intel 4965 AGN

Finally there exists a way how to solve packet injection with driver for wifi card Intel WiFi Link 4965AGN – operating system Linux. The one modified is the original driver iwlwifi (included for example in distribution Backtrack Linux). Be aware that the packet injection is functional but still it is an experimental thing (develop version). Besides the complicated compilation and occasional unstability so far (September 2008) the aireplay-ng attack -9 (t.j test injection) does not work on 100%. Tutorial for packet injection Intel Pro Wireless 4965AGN (iwl4965) What do you need: - kernel 2.6.25 or higher*, - kernel sources, - compat-wireless-2.6 packet, - aircrack-ng (=””> RC1), - basic development tools (make, gcc, …), - injection patche for driver. Be aware that the instruction is for generic Linux. Your distribution, mainly in case of advanced packet administration (Debian, Ubuntu, etc.), can include required packets in source (then you don’t have to compile it manually from so...

Sucking Data off of Cell Phones

There is a new electronic capture device that has been developed primarily for law enforcement, surveillance, and intelligence operations that is also available to the public. It is called the Cellular Seizure Investigation Stick, or CSI Stick as a clever acronym. It is manufactured by a company called Paraben, and is a self-contained module about the size of a BIC lighter. It plugs directly into most Motorola and Samsung cell phones to capture all data that they contain. More phones will be added to the list, including many from Nokia, RIM, LG and others, in the next generation, to be released shortly.

Counter measurements of FTE against copying their Bluetooth sniffer

FTE is finally reacting on the fact that you can easily copy their Comprobes firmware to other, regular Bluetooth USB dongles. First, with their new hardware they released earlier this year, also the structure of the firmware has changed. Therefore the newer firmware wont work out of the box the good old way. Second they seem to have changed their licensing policy. You have to register your software (with your license key) of FTE4BTonline. And, that’s the funny thing, seems that you also have to ‘de-register’ your software online. Means: when you want to install your software somewhere else, de-install it on the other PC and ‘de-register’ it online. Then install it on the other PC. source: http://www.evilgenius.de/