Your Access Point being sniff?

As I wondering just how easy someone could break into your protected WEP Access Point(dont use WEP), so i google more in order to look for other application that is fun to play with. And suddenly I stop at one page called WifiZoo.

What is it ?

Well - WifiZoo is tools to gather Wifi information from AP to client details. It could gather all the information about the bssid and eesid also the client connected to it. So to be simple, WifiZoo is quite similar to Airodump-ng. It could gather all sort of information and turn it into .cap files.

Right now, some of the folks on BackTrack currently developing the current wifizoo to intergrate with aircrack and working as info gathering. It'll be a great combination if this tools come in bundle with aircrack.

Capabillitites

Well this WifiZoo could well integrate with kismet to do channel hopping. Default wifizoo can't do channel hop but could easily do the hopping with kismet helps:

• run kismet
• run wifizoo
• wait - it'll work

It can also do channelhop, channelvelocity, channeldwell, defaultchannels and sourcechannels. You just have to edit configuration in kismet.

Requirements

• It need python
• It need scrappy
• and kismet if you want to do channel hopping.

So it's not secure anymore to use wireless connection to do online banking or even chat with your friends about any personal issue cause you will never know who's listening to your conversation.
Maybe next morning, you'll read your own conversation on the net as soon as you woke up.

Update: Numbers Combination Creator

I did make a post about my script to generate numbers combination depends on user input to set the number of digits a few weeks ago. And I was thinking to make it more clean and user friendly after received a comments from "Pak Leman".

So here is the update of the scripts. The script will asked user to input the digits of combination to generate. And will asked user to give the output filename. So no more "sh script 8 > huhu.txt" . To run the script just run "sh script" and it will ask you all the details using script.

So here is the full codes of the script, and also pictures of the output:

#!/bin/sh
echo "Please give the digits for combinations[8-63]: \c"
read digit
echo "Please type the output file name: \c"
read OUTFILE

FINISH=`expr "10^"$digit"" | bc -l`

if [ $digit -lt 8 -o $digit -gt 64 ]
then
clear
echo "The digit you specify is ' $digit '. "
echo "Please enter a valid digit [8-63]: \c"
read digit
else
break
fi

COUNT="-1"
while [ $COUNT != `expr $FINISH - 1` ] ; do
COUNT=`expr $COUNT + 1`
printf "%+"$digit"s\n" $COUNT | sed s^\ ^0^g >> $OUTFILE
done

So any opinion on how to improve the script are most welcome. Somehow the script still allow digits more than 63. Still looking forward to repair this script. Any thought or advise are welcome. Please drop some comments.

How to setup Edimax 7318USg

After do some research and lurking on every forum on the net, finally I come to one page which is I think the most suitable answer for those who have Edimax 7318USg card to make it able to do injection using "aireplay-ng".

Here is the solution:

• first install a new beta version of aircrack-ng from this site. [ Aircrack 1.0 beta 2 ]
• I assume you know how to compile the aircrack-ng from source since you are attempting to do the crack, if not then just delete the aircrack-ng source and go to google to read more on linux basic skills ~:P
• Then remove the current rt2500 or rt73 driver on your machine.
• Then install the adequate driver. [ rt73 adequate driver ]
  
• And this time i assume you do know how to install a driver. (extract, make, make install, modprobe)
  
• put the card in monitor mode by using "airmon-ng start [interface]"
• and play the aircracks

Suppose you are good to go with some packets capturing and injection. But if somehow you lost and cant figure out on how to remove the current driver, here is the way to cleanly remove old driver(cause sometime, default driver do interfere with the driver you install to inject):

• airdriver-ng remove 25
• airdriver-ng remove 31
• this will remove the current rt2500 and rt73 driver from your system.

So I hope this will make your card fully compatible with injection procedure. But there is some note to take.

Note:

• "aireplay-ng -1" wont work before you do "aireplay-ng -9"
• run aireplay-ng -9 -a [BSSID] -B rausb0 to get the valid rate for rausb0. When get the rate set it to your rausb0 by using "iwconfig rausb0 rate yMB" where 'y' is the rate receive earlier on aireplay.

This tutorial is especially dedicated to one of friends 'srand' on irc. Please give the result if you tried this method on your rausb0 card. I would like to know the result if any error occurs.

Patch for iwl4965 testing version

Hello, for those who like to test the aircrack, kismet or any other wifi cracking application need to turun card into monitor mode. As far as I know, iwl4965 is a new chip set from intel, and no patch yet on the net to enable iwl4965 to do packets injection.

So I google aroudn and found out, that there is someone able to do injections using iwl4965 wifi cards and luckily he share the patch for others to give it a try. For those who is interested on playing with Wireless AP, then you can download the patch for iwl4965 from patch iwl4965.

To apply the patch, just do "patch -i [patch filename]" and patch it on kernel source. After that, you need to recompile the modules and copy the new module into your current module directory in order the new patch to work.

more over, if you need some information on the patch, please read the forum discussion about iwl4965 injection here.