Active Topics
-
The N900 is now 15 years old! (9)
to Nokia N900 by Arno_11 - 14 hrs, 17 mins ago -
Sailfish OS for the Motorola Moto G7 Power (XT1955-5) - (ocean) (4)
to SailfishOS by Maemish - 6 days, 2 hrs ago - more...
szopin |
2012-01-24
, 11:22
|
|
Posts: 2,076 |
Thanked: 3,268 times |
Joined on Feb 2011
|
#1161
|
Originally Posted by StefanL
The now-ancient version I posted in that thread got me 2sec per attempt and router cracked in 4h 10m, not sure if more recent ones improve that, or I was lucky to test on very poor router (also you might luck and get first 4 digits in 100th try, or unlucky and on 9999th, same for second half). Will check today at home with newer version.
| The Following 5 Users Say Thank You to szopin For This Useful Post: | ||
 |
|
2012-01-25
, 03:11
|
|
Posts: 5,028 |
Thanked: 8,613 times |
Joined on Mar 2011
|
#1162
|
Originally Posted by StefanL
cracking WPS PIN in 2 hours is unrealistic. It is, and should be, exercise of many hours/days - well, it may sound harsh at the beginning, but considering this or never (try cracking properly set-up wpa2-psk) it's great method of attack.
My initial testing showed it would be an excercise of days, which is not really all that attractive; most people, I am guessing, will want to see results within a two hour timespan.
Anyway, I was able to crack wpa2-psk network with WPS enabled, by just leaving device on attack mode for two nights. Which is great, when we think about wpa, let alone wpa2.
/Estel
__________________
N900's aluminum backcover / body replacement
-
N900's HDMI-Out
-
Camera cover MOD
-
Measure battery's real capacity on-device
-
TrueCrypt 7.1 | ereswap | bnf
-
Hardware's mods research is costly. To support my work, please consider donating. Thank You!
N900's aluminum backcover / body replacement
-
N900's HDMI-Out
-
Camera cover MOD
-
Measure battery's real capacity on-device
-
TrueCrypt 7.1 | ereswap | bnf
-
Hardware's mods research is costly. To support my work, please consider donating. Thank You!
| The Following User Says Thank You to Estel For This Useful Post: | ||
 |
|
2012-01-25
, 17:25
|
|
Posts: 298 |
Thanked: 341 times |
Joined on Aug 2010
@ This world :)
|
#1163
|
Originally Posted by Estel
I am more of a fly-by kind of guy
cracking WPS PIN in 2 hours is unrealistic. It is, and should be, exercise of many hours/days - well, it may sound harsh at the beginning, but considering this or never (try cracking properly set-up wpa2-psk) it's great method of attack.
Anyway, I was able to crack wpa2-psk network with WPS enabled, by just leaving device on attack mode for two nights. Which is great, when we think about wpa, let alone wpa2.
/Estel
.
__________________
My phone evolution: Nokia 7610 (RIP), N82 (RIP), BB9000 (RIP), N900, BB9760 (RIP), N8, BB9900, N9 64GB
Working
: Python Gorillas (Maemo5) 
Faircrack0.50 Update (Maemo5) 
Not so much
: WPScrack (Maemo5)
My phone evolution: Nokia 7610 (RIP), N82 (RIP), BB9000 (RIP), N900, BB9760 (RIP), N8, BB9900, N9 64GB
Working
: Python Gorillas (Maemo5) Faircrack0.50 Update (Maemo5) Not so much
: WPScrack (Maemo5)
 |
|
2012-01-30
, 18:09
|
|
Posts: 45 |
Thanked: 12 times |
Joined on Jan 2012
|
#1164
|
I have a problem when installing
this example
/usr/share/icons/hicolor/48x48/hildon/
/bin/sh: /usr/share/icons/hicolor/48x48/hildon/: Permission denied
/home/user/MyDocs/FAS #
/home/user/MyDocs/FAS #
/home/user/MyDocs/FAS # sh /home/user/MyDocs/FAS/launch.sh
Maemo applications must be run with the run-standalone.sh script!
QGtkStyle was unable to detect the current GTK+ theme.
Segmentation fault
/home/user/MyDocs
please help and love of the solution thanks
this example
/usr/share/icons/hicolor/48x48/hildon/
/bin/sh: /usr/share/icons/hicolor/48x48/hildon/: Permission denied
/home/user/MyDocs/FAS #
/home/user/MyDocs/FAS #
/home/user/MyDocs/FAS # sh /home/user/MyDocs/FAS/launch.sh
Maemo applications must be run with the run-standalone.sh script!
QGtkStyle was unable to detect the current GTK+ theme.
Segmentation fault
/home/user/MyDocs
please help and love of the solution thanks
|
|
2012-01-30
, 18:51
|
|
Posts: 529 |
Thanked: 194 times |
Joined on Aug 2010
@ UK
|
#1165
|
This will fix problem for you
http://talk.maemo.org/showpost.php?p...3&postcount=69
http://talk.maemo.org/showpost.php?p...3&postcount=69
Originally Posted by midcex
I have a problem when installing
this example
/usr/share/icons/hicolor/48x48/hildon/
/bin/sh: /usr/share/icons/hicolor/48x48/hildon/: Permission denied
/home/user/MyDocs/FAS #
/home/user/MyDocs/FAS #
/home/user/MyDocs/FAS # sh /home/user/MyDocs/FAS/launch.sh
Maemo applications must be run with the run-standalone.sh script!
QGtkStyle was unable to detect the current GTK+ theme.
Segmentation fault
/home/user/MyDocs
please help and love of the solution thanks
__________________
| The Following User Says Thank You to stevomanu For This Useful Post: | ||
|
|
2012-02-09
, 20:20
|
|
Posts: 298 |
Thanked: 341 times |
Joined on Aug 2010
@ This world :)
|
#1166
|
Latest update V 0.48 is attached below. In summary; this update has some more ui tweaks, provides extended WEP decrypt options, provides use/management of replay*.cap files, adds injection driver checks/compatibility. Details as follows:
1) Program performs check of OS compatability with injection driver (ie. OS needs to be newer than KP46), and checks for already loaded injection driver before loading and finally activates the correct button (ie. load / unload injection button depending on loaded status of injection drivers).
2) Program now allows management of replay*.cap files as per Estel's request.
3) Extended WEP cracking options to provide UI access to most of the aircrack-ng WEP cracking command line options:
- individual korek attacks aircrack-ng -k n (n= 1 to 17);
- WEP dictionary attack;
- aircrack native characters only brute force attack aircrack-ng -c command line option;
- aircrack native hex numbers brute force attack aircrack-ng -t command line option; and
- John brute force attack (same as for WPA).
4) Minor UI update disables injection buttons for WPA APs since they don't seem to do anything for WPA encrypted APs.
5) Minor UI update scanning for networks provides a message to that effect (ie. Scanning for networks ...).
Install version 0.3 from post no 1. in this thread (or any other working version), then apply my update. As per usual, make a back-up copy of the files to be replaced (Main.py, FAS.py, getinfo.sh, scan.sh, getmacmanaged.sh, getmacmonitor.sh, wepcaplist.sh, wpacaplist.sh, keylist.sh), copy the archive to the FAS directory on your N900 and extract within xterm in the FAS directory.
Enjoy
Last edited by StefanL; 2012-02-25 at 13:49. Reason: Update info
1) Program performs check of OS compatability with injection driver (ie. OS needs to be newer than KP46), and checks for already loaded injection driver before loading and finally activates the correct button (ie. load / unload injection button depending on loaded status of injection drivers).
2) Program now allows management of replay*.cap files as per Estel's request.
3) Extended WEP cracking options to provide UI access to most of the aircrack-ng WEP cracking command line options:
- individual korek attacks aircrack-ng -k n (n= 1 to 17);
- WEP dictionary attack;
- aircrack native characters only brute force attack aircrack-ng -c command line option;
- aircrack native hex numbers brute force attack aircrack-ng -t command line option; and
- John brute force attack (same as for WPA).
4) Minor UI update disables injection buttons for WPA APs since they don't seem to do anything for WPA encrypted APs.
5) Minor UI update scanning for networks provides a message to that effect (ie. Scanning for networks ...).
Install version 0.3 from post no 1. in this thread (or any other working version), then apply my update. As per usual, make a back-up copy of the files to be replaced (Main.py, FAS.py, getinfo.sh, scan.sh, getmacmanaged.sh, getmacmonitor.sh, wepcaplist.sh, wpacaplist.sh, keylist.sh), copy the archive to the FAS directory on your N900 and extract within xterm in the FAS directory.
Code:
tar -xzvf faircrack0.48.tar.gz
__________________
My phone evolution: Nokia 7610 (RIP), N82 (RIP), BB9000 (RIP), N900, BB9760 (RIP), N8, BB9900, N9 64GB
Working: Python Gorillas (Maemo5) Faircrack0.50 Update (Maemo5)
Not so much: WPScrack (Maemo5)
My phone evolution: Nokia 7610 (RIP), N82 (RIP), BB9000 (RIP), N900, BB9760 (RIP), N8, BB9900, N9 64GB
Working
: Python Gorillas (Maemo5) Faircrack0.50 Update (Maemo5) Not so much
: WPScrack (Maemo5)
Last edited by StefanL; 2012-02-25 at 13:49. Reason: Update info
|
|
2012-02-10
, 05:25
|
|
Posts: 298 |
Thanked: 341 times |
Joined on Aug 2010
@ This world :)
|
#1168
|
Originally Posted by g0r
Thanks for the feed-back, will look into it and post fix asap.
@StefanL
the delete button does not work to delete .cap files in wep section
Great improvement, thank you.
Edit 1: Can you provide some more details (ie. AP name with spaces or other funny characters, etc.); on my set-up it is working fine.
__________________
My phone evolution: Nokia 7610 (RIP), N82 (RIP), BB9000 (RIP), N900, BB9760 (RIP), N8, BB9900, N9 64GB
Working: Python Gorillas (Maemo5) Faircrack0.50 Update (Maemo5)
Not so much: WPScrack (Maemo5)
My phone evolution: Nokia 7610 (RIP), N82 (RIP), BB9000 (RIP), N900, BB9760 (RIP), N8, BB9900, N9 64GB
Working
: Python Gorillas (Maemo5) Faircrack0.50 Update (Maemo5) Not so much
: WPScrack (Maemo5)
Last edited by StefanL; 2012-02-10 at 17:11.
 |
|
2012-02-18
, 20:56
|
|
Posts: 84 |
Thanked: 22 times |
Joined on Nov 2011
@ Italy
|
#1169
|
I think I'm having the same problem: the cap files are not deleted when I click "Delete Cap".
I tried with my router, whose ESSID contains spaces, if it can be useful.
EDIT: replay*.cap files can be deleted. So, maybe the problem is in spaces. (???)
Then, I have a question: I tried with ARP Request Attack and I got no packets, then I tried with Interactive Inijection, used the first packet proposed and got a lot of packets! So, Interactive Inijection is "better"?
I made many attempts with several routers, and ARP Request Attack sometimes worked and others not.
What still I can't understand is if this attack works if no client is connected, or a client is connected, but there's no activity (the client is "idle")
I can swear it worked with my router with a client connected and no activity (the router with which I'm trying is not connected to the Internet, so, to generate data, I have to "surf" in the router control panel
)
But I've just tried again, in the same situation (one client connected and no activity), and no success.
Last edited by Mr Wolf; 2012-02-18 at 21:02.
I tried with my router, whose ESSID contains spaces, if it can be useful.
EDIT: replay*.cap files can be deleted. So, maybe the problem is in spaces. (???)
Then, I have a question: I tried with ARP Request Attack and I got no packets, then I tried with Interactive Inijection, used the first packet proposed and got a lot of packets! So, Interactive Inijection is "better"?
I made many attempts with several routers, and ARP Request Attack sometimes worked and others not.
What still I can't understand is if this attack works if no client is connected, or a client is connected, but there's no activity (the client is "idle")
I can swear it worked with my router with a client connected and no activity (the router with which I'm trying is not connected to the Internet, so, to generate data, I have to "surf" in the router control panel
)But I've just tried again, in the same situation (one client connected and no activity), and no success.
__________________
I'm Winston Wolf, I solve problems
I'm Winston Wolf, I solve problems
Last edited by Mr Wolf; 2012-02-18 at 21:02.
|
|
2012-02-19
, 09:29
|
|
Posts: 298 |
Thanked: 341 times |
Joined on Aug 2010
@ This world :)
|
#1170
|
Originally Posted by Mr Wolf
Mr Wolf;
I think I'm having the same problem: the cap files are not deleted when I click "Delete Cap".
I tried with my router, whose ESSID contains spaces, if it can be useful.
EDIT: replay*.cap files can be deleted. So, maybe the problem is in spaces. (???)
Then, I have a question: I tried with ARP Request Attack and I got no packets, then I tried with Interactive Inijection, used the first packet proposed and got a lot of packets! So, Interactive Inijection is "better"?
I made many attempts with several routers, and ARP Request Attack sometimes worked and others not.
What still I can't understand is if this attack works if no client is connected, or a client is connected, but there's no activity (the client is "idle")
I can swear it worked with my router with a client connected and no activity (the router with which I'm trying is not connected to the Internet, so, to generate data, I have to "surf" in the router control panel
But I've just tried again, in the same situation (one client connected and no activity), and no success.
Problem confirmed, fix will be posted in the next few days, there is a bug in the deletion subroutine.
__________________
My phone evolution: Nokia 7610 (RIP), N82 (RIP), BB9000 (RIP), N900, BB9760 (RIP), N8, BB9900, N9 64GB
Working: Python Gorillas (Maemo5) Faircrack0.50 Update (Maemo5)
Not so much: WPScrack (Maemo5)
My phone evolution: Nokia 7610 (RIP), N82 (RIP), BB9000 (RIP), N900, BB9760 (RIP), N8, BB9900, N9 64GB
Working
: Python Gorillas (Maemo5) Faircrack0.50 Update (Maemo5) Not so much
: WPScrack (Maemo5)
 |
| Tags |
| aircrack, aircrack-ng, epicfacepalm, pen testing, rtfm dude! |
«
Previous Thread
|
Next Thread
»
| Thread Tools | |
|
All times are GMT. The time now is 07:59.