I doing some website stumbling and ran across this : http://www.spoofcard.com/
wow can this lend it self to exploitation of it has not already.
Sunday, November 14, 2010
Working on setting up a network of Honeypots for testing different variations of present malicious web activity. There will be two portions of the project one that consist of the actual honeypots and the other a reporting server which will poll from all the honeypots and report the malicious activity the honeypot caught. Also will open a donation page for anyone who would like to support the project. please refer to the new link for more details.
Friday, November 5, 2010
Recently purchased(from amazon) a Hawking Technology G adaptor to test with Kismac. Using this youtube video tutorial:
What I learned from this exercise is that the only way to crack WPA and WPA2 is via bruteforce/wordlist. I have gather some over the internet and I believe that you can produce some with Cain and Able, more details coming in the next post.
Here are some basic word list:
more from kismac: http://trac.kismac-ng.org/wiki/wordlists
Cracking WEP is much more easier specially with the HWUG1 card which can perform injection. You acn successfully retrive the key with these easy steps:
1. Select the RT73 device driver in preference, remove the airport drivers.
2. Scan/sniff the network
3. Then under preference select the channel which the SSID in interest sits on,
4. Click on reinject packets and wait until ~130,000 packets have been gathered.
5. After 130,000 or so have been gathered click on network-->crack-->Weak Scheduling Attack-->Both
6. The Key should be cracked in a matter of minutes (works for me if stuck email me)
Hope this quick guide helps, working on one for the WPA encryption.
dumb disclamer: This is not a toy dont break/crack networks that are not yours, im not responsible for anything done with this tutorial/tools