|
[ announce ] hackattack!
update: new version, everything fixed now:o
You have probably seen the YAMAS MITM ARP spoof script that was recently announced. While an interesting idea, it was not written with the N900 in mind. Thus, it had numerous points that needed addressed before it could be considered ready for N900. Greetz! Thanks to comax for writing the thing. Unhuman for hosting, alerting us to it. Torpedo48 for testing, development. Here I present a more N900 friendly version. This is better than the original because: it has far fewer dependencies is more compatible with a stock N900 it shutsdown ethercap nicely without barfing on the routers ARP table. http://i54.tinypic.com/feqxpi.png REQUIREMENTS: iptables nmap iproute python-twisted-web python-openssl python-scapy libpcap0.8 libpcre3 sslstrip*see below ettercap*see below *Installation guide for ettercap, sslstrip and many other tools can be found at: http://pcsci3nce.info/?p=9 Refer to unhumans original post and blog for more details. Script here: link Installer! navigate to the directory you want to put the script in then run: Code:
wget http://pastebin.com/raw.php?i=mBc1tKuL -O ./yamas_n900.sh && chmod +x ./yamas_n900.sh |
Re: [ announce ] hackattack!
Update: If you are bothered about wifite using /tmp/ on rootfs to store temporary data, run this command AFTER you have installed everything:
Code:
sudo sed -i "s/(prefix='wifite')/(prefix='wifite',dir='\/opt\/tmp')/g" /opt/wifi_mon/wifite.py; sudo if [ ! -d "/opt/tmp" ]; then mkdir /opt/tmp; fiFurther to the MITM script above I present another shameless hijacking of somone else's work: They called it wifite.py... http://i54.tinypic.com/2qv8ljm.png I call it wepon! This is a mildly altered copy of wifite.py with some accompanying scripts to hold the whole lot together. Why should I care? You should care because this is a FULLY automated WEP cracking solution. No more spazzing about with any arsecrack. Simply type into the terminal (as root) wepon, then after some minutes some WEP keys will appear on the screen for all the WEP networks around you. While it is possible to attack WPA networks with wifite I have disabled it for obvious reasons. If you are the kind of person who carries several GB of rainbow tables around on his phone then by all means re-enable it. It was disabled to speed up attack time. Dependencies? also install: iw macchanger aircrack 1.1 Operation The first script runs the original 'load.sh' as written by lxp. It then puts your wifi into injection mode, then runs wifite.py wifite.py is a work of artistic scripting beauty, more details can be found here. Installation copy this script to '/usr/bin/wepon' and chmod +x it Code:
#!/bin/shcopy this script to '/usr/bin/wepoff' and chmod +x it Code:
#!/bin/shcopy this archive to '/opt/wifi_mon/' and decompress it: alternative here. decompress with: Code:
tar xzvf wifi.tgzFinal note When you are done testing pens run the 'wepoff' script. This unloads the wifi injection modules, puts wifi back into normal mode and sets the device to european channels (this simply means up to wifi channel 13 is available). Massive thanks to lxp for creating these injection drivers. If you have not donated him at least a measly $1 for his hard work to write them you are a total gonad. Only for learning purposes, legal blah blah blah blah |
Re: [ announce ] hackattack!
Nice was about to write also a tutorial for karam for his thread about wifite;py but you did it already. I have just the original script running and I have no problems at all. But your modified script made me wonder how does it turn monitor mode on?
Why don't you use the mon0 interface spawned by airmon? Since Mentalist Traceur updated iw it doesn't conflict with aircrack anymore and thus airmon works. IMO must easier as you can still browse the web with wlan0 ;) |
Re: [ announce ] hackattack!
the i like most about these apps is the legal blah blah blah
cause i bet event those who wrote the app used it for evil |
Re: [ announce ] hackattack!
Quote:
|
Re: [ announce ] hackattack!
Some .deb package on the near horizont??
Thanks for the work. |
Re: [ announce ] hackattack!
Or just change these ifconfig lines to airmon-ng start wlan0 ;) Personal I never had problems using wifite.py when putting into monitor mode, I don't use it a lot though but if you say its a bit ropey this would probably a better solution than letting wifite.py do the job.
edit: Forgot to say I like the way you disabled WPA-Attack as you won't come any further with WPA on a phone, except the handshake capture :P WEP is doing great on the N900 :D |
Re: [ announce ] hackattack!
I'll test it as soon as I can; BTW could you correct the typo I accidentally wrote in the checking of opt/tmp (line 16 - does not EXIST)? Thanks ;)
|
Re: [ announce ] hackattack!
Ok, used the script once and it worked pretty bad, something got screwed up since our last version.
1 - Log is saved in root, despite the script telling the user it has been saved in opt/tmp, and vice versa (passwords are saved in opt/tmp, but the script says they are in /root); I'm fixing this in minutes; 2 - Websites are not shown in real time parsing, what happened??? 3 - Ettercap is not properly closed, and after the closing of the script victims are not re-arped so the user has to manually enter "q" in ettercap for resetting the network. EDIT: first point should be fixed now, check this out: LINK REMOVED TO AVOID CONFUSION I'm trying it right now... |
Re: [ announce ] hackattack!
hi
sorry i just me or there in not link for wepon and wepoff? |
| All times are GMT. The time now is 05:05. |
vBulletin® Version 3.8.8