Notices


Reply
Thread Tools
Posts: 83 | Thanked: 142 times | Joined on Jun 2011 @ Paris, France
#281
Originally Posted by casper27 View Post
@comaX
Yeah I noticed maemo.org did not work because its sent in md5. It should be possible to crack with John the Ripper. Or even a MD5 cypher online. I will have a go.
Yeah, well, for me trying to crack md5 is a waste of time ! If you have a botnet and a nice online md5 cracker (I did know one, but forgot...) you can have a go, sure. But on your own, even with some high tech two-gpu CUDA cracking gear, it can take forever...
__________________
http://comax.fr/
"I like to dissect girls. Did you know I am utterly insane ?"
 
Posts: 83 | Thanked: 142 times | Joined on Jun 2011 @ Paris, France
#282
Hi guys ! I just moved in, so I'm on a shitty, free wifi connection so I can't test sh|t, which means I can't work on DNS spoofing and all... I don't know when I'll get a decent connection, so just wait and see ! Meanwhile I can still bring support, and modify things here and there, so keep the feedback coming !
__________________
http://comax.fr/
"I like to dissect girls. Did you know I am utterly insane ?"
 

The Following User Says Thank You to comaX For This Useful Post:
Posts: 64 | Thanked: 109 times | Joined on Mar 2010
#283
I have no problem with installation, however MITM doesn't work.

When I invoke script, I can see both ettercap and password terminal window running.

Victim (me) is running Windows 7.
arp -a shows that victim is using spoofed (N900) gateway.

I cannot browse internet on victim machine, (or at least it's to laggy). SSLStrip is not working (tried on facebook).

When I invoke iptables --list on N900 there are no rules.
 
Posts: 83 | Thanked: 142 times | Joined on Jun 2011 @ Paris, France
#284
That's weird to say the least ! Thanks for the detailed symptoms by the way
So, according to what you say, MITM is in fact working since you're using a spoofed gateway !
Now, about it being laggy, that's normal : even when I had an optic fiber connection (soon to come back I hope...) it was laggy during the attack.
Did you go as far as entering a pass for FB ?

For the iptables --list, well, there should be since we create one ! Try to enter it manually perhaps. (look at the script source, or sslstrip's website)
Were you root when doing this ? (I guess yes, but who knows !)

Ps : "Dear journal, I now have been on a shitty connection for a week. It's becoming unbearable."
__________________
http://comax.fr/
"I like to dissect girls. Did you know I am utterly insane ?"
 
Estel's Avatar
Posts: 5,028 | Thanked: 8,613 times | Joined on Mar 2011
#285
Originally Posted by comaX View Post
Ps : "Dear journal, I now have been on a shitty connection for a week. It's becoming unbearable."
Next entry: "Temptation to perform phishing attack on neighbourn's WPA2 password is growing hard to resist" Sorry, can't stop myself from posting that.
__________________
N900's aluminum backcover / body replacement
-
N900's HDMI-Out
-
Camera cover MOD
-
Measure battery's real capacity on-device
-
TrueCrypt 7.1 | ereswap | bnf
-
Hardware's mods research is costly. To support my work, please consider donating. Thank You!
 

The Following 3 Users Say Thank You to Estel For This Useful Post:
Posts: 529 | Thanked: 194 times | Joined on Aug 2010 @ UK
#286
I start yamas via the desktop icon an im presnted with this error highlighted in black , also seems the script is not working .....



I dont get that error in i open xterminal as root an type " yamas " the error is gone but the script doesnt work at all not sure whats gone wrong ...

i ran yamas -d an all is fine there ...
__________________
METASPLOIT INSTALL N900
Keep the forums clean
Dont forget to say thanks

Last edited by stevomanu; 2011-07-06 at 21:54.
 
Posts: 64 | Thanked: 109 times | Joined on Mar 2010
#287
Did you go as far as entering a pass for FB ?
yes, but it was neccessary to do couple of page refreshs (because of laggy connection). SSLStrip didn't do the job - didn't redirect to non-ssl facebook.

I think the main problem is missing rule for iptables. I'll try (as you suggesting) add rule manually and let you know.

Of course I was invoking script as root.
 
yamakasi's Avatar
Posts: 118 | Thanked: 13 times | Joined on Jun 2010 @ mother earth
#288
do I have to install power kernel and bleeding-edge w1251 driver ?
the script is not able to get any passwords, i am getting this error :
Attached Images
 
 
Posts: 83 | Thanked: 142 times | Joined on Jun 2011 @ Paris, France
#289
HI everyone !

To the guys reporting errors, I unfortunately can't help you... It seems launching it with the icon is buggy, for some reason...

@yamakasi (smells like some fellow French there, ain't it ?) : update your iptables ! Maybe an apt-get will do, don't know !

Some dude contacted me from the BT forum to work on a ARM version (and not just N900 or maemo). So apart from places to save files, nothing much should change user-side. But if achieved, it should be compatible with at least maemo and BT-ARM. Which I think would be pretty awesome !

I'll keep you in touch !

Cheers !
__________________
http://comax.fr/
"I like to dissect girls. Did you know I am utterly insane ?"
 
Posts: 64 | Thanked: 109 times | Joined on Mar 2010
#290
comaX I have couple questions for you. Probably answering them, can exclude some possible environment setup problems.

Are you using nokia stock or power kernel?
And are you using stock wlan or bleeding edge drivers?
Are using default busybox or enhanced?

Last edited by mauron85; 2011-07-11 at 20:05.
 
Reply

Tags
pentesting, tester of pens


 
Forum Jump


All times are GMT. The time now is 09:50.