Sunday, November 17, 2013

Running Aircrack-ng for Windows:

Once as many IVs as required have been captured using the airodump packet capture utility the resultant [filename].cap file can be imported into aircrack to break the static WEP or WPA-PSK keys.

To view all available switches:

cd  c:\aircrack-ng-[version]

Basic usage:

aircrack  -q  -n  [WEP key length]  -b [BSSID]  [filename].cap

Breaking WEP:

As you can see the capture file in use below (capture1.ivs) was created with airodump capture option "Only capture WEP IVs (y/n)" set to "y" as the resultant file is in the .ivs format.  If n had been selected the resultant file would be in the .cap format.

Whilst this will work, we can could have cut down the cracking options for Aircrack-ng by specifying the WEP key length (-n) or by specifying the target AP MAC address (-b) on the command line:

aircrack -a 1 -q  -n 128  -b  11:11:11:11:11:11  capture1.ivs  (Where 11:11:11:11:11:11 = Target AP's MAC address)

As you can see aircrack found the WEP key for our 1008195 IV capture file (capture1.ivs) in only 4 seconds.The capture file itself (capture1.ivs) is included here to test your own aircrack installs (note: the file is a 5.77mb download).
Breaking WPA:

In order to be carry out the WPA dictionary attack using aircrack-ng we either have to:
  1. Wait for a WPA client to associate to the network (This could take a while)
  2. Force a WPA client off the network, forcing it to reassociate.
Either of these two method allows us to capture the WPA handshake, which is what we require to perform a dictionary attack.The downside to using this Windows version of aircrack-ng is that there are not any freely available tools to perform this attack.  So we have to either use a Linux tools (e.g. aireplay or void11) or wait for an association to occur.Which ever way we gather the WPA handshake we still use the same tool; airodump

Once we think we have captured the WPA handshake, we simply run the capture file through aircrack for confirmation:

If have confirmed we have the WPA handshake (as above) we can attempt the dictionary attack:

As you can see above aircrack found the WPA PSK of "passphrase"
The capture file itself (capture2.cap) is included here to test your own aircrack installs


Record and Replay all remote user sessions on your network servers. Any remote access or console session is searchable and ready for playback! Protocol-agnostic: ObserveIT records Terminal Server, Citrix, Remote Desktop, SSH, VMware and more.ObserveIT makes easy work out of security audits by generating video and text logs for everything that happens on your servers. (Even for apps that don't have their own internal logs!) You'll be up and running in minutes.Download Here

Thursday, November 7, 2013


An NCURSES-based, all-in-one instrument panel for professional Wardriving.


I use Airodump-ng's output which I parse and add GPS coordinates. These are then used by the lib::GMAPS Google Maps Perl module that I made for creating code which is then viewed in the web browser. (most of this done as a proof of concept). TCPDUMP was initially used for 802.11 scanning on the RFMON device, but it doesn't return which encryption type is in use by the AP from the Beacon packets (just says 1 for PRIVACY). Scapy uses TCPDUMP and can only do the same thing. After doing research with C+Libpcap I recognized that Airodump-NG was the best option and that no other 802.11 protocol analyzer should ever be needed.


The current version (all versions are in testing) includes support for the Ubertooth Bluetooth dongle for spectrum analyzing the 802.15 band of the ISM spectrum (2.400GHz-2.485GHz). Current

Global Positioning

This can only be used with the tested version of GPSd (3.4). The Perl modules lib::GPSO uses an OO algorithm to obtain the JSON data from gpspipe.


All logging is done with txt,HTML, and/or JavaScript. The Google Maps API is used for mapping Bluetooth devices found and WiFi APs. There currently is no logging function for Stations.

WarcarrierOS Live DVD ISO with a professional Wardriving Theme created around the Warcarrier application.


The wcd file is a "daemon" which will be called from the WARCARRIER application. This is programmed this way because while polling a GPS device, we can easily get a lot of lag. This means that say we are lagging by the 3 seconds it takes to initiate a new POLL to the GPS device on our on screen display. If we are wardriving at 30 miles an hour, we will be losing 44ft 3s in our scan! WARCARRIER is smart and logs the data instantly. If you are standing still you may notice that trilateration shows you "moving" according to the GPS coordinates. This is because even with WAAS, GPS isn't 100% accurate, but because you are seeing this change, WARCARRIER is 100% accurate according to your device!

Its first release will be with WEAKERTH4N: BLUE GHOST Edition and inspired by the "Blue Ghost" USS Lexington.



Hci-utils (Bluetooth scanning)
Current version of GPSd (NMEA support)
Airodump-ng (for WiFi Monitoring and logging)
spectools_raw (may be included in future releases) for Ubertooth raw data poll


GPS Device and current drivers
Bluetooth Device and current drivers
802.11 WiFi Device with driver that supports "Monitor Mode"

YUMI – Multiboot USB Creator

YUMI (Your Universal Multiboot Installer), is the successor to our MultibootISOs. It can be used to create a Multiboot USB Flash Drive containing multiple operating systems, antivirus utilities, disc cloning, diagnostic tools, and more. Contrary to MultiBootISOs which used grub to boot ISO files directly from USB, YUMI uses syslinux to boot extracted distributions stored on the USB device, and reverts to using grub to Boot Multiple ISO files from USB, if necessary.Aside from a few distributions, all files are stored within the Multiboot or yumi folder (depending on version), making for a nicely organized Multiboot USB Drive that can still be used for other storage purposes.Creating a YUMI Multiboot MultiSystem Bootable USB Flash Drive.YUMI works much like Universal USB Installer, except it can be used to install more than one distribution to run from your USB. Distributions can also be uninstalled using the same tool!

 YUMI's Main Multiboot Boot Menu
NOTE: YUMI V2 can't remove distributions previously installed with Legacy YUMI! Although no longer supported, you can still Download Legacy YUMI
Linux Based Legacy YUMI Downloads:

Make a USB Boot CD for Ubuntu 11.10

Creating a USB Boot CD that can be used to boot your Ubuntu Live 11.10 USB Flash Drive from a PC or Mac with a BIOS that doesn't natively support booting from a USB device (USB drivers are loaded from CD). I used a Macbook Pro to test this tutorial. This process is similar to our older USB Boot CD for Ubuntu tutorial, with new requirements added to make it work with 11.10. A boot menu option has been included for booting from a Macbook (forcing bypass of the Nouveau nVidia drivers, which do not play well with a Macbook.). 
Boot CD for Ubuntu 11.10 USB Prerequisites:

1.PC or Macbook that can Boot from a Live CD
2.USB flash drive with Ubuntu preinstalled
3.Working CD Burner and USB Port
4.Active Internet Connection
Making a USB Boot CD to Boot Ubuntu 11.10 from a Flash Drive
Note: I prefer to perform the following steps by booting from a prebuilt Live Ubuntu Flash Drive created using UUI, using a machine that does support booting from USB. This allows us to free up the CD Burner and use it to burn the final ISO.
1.Insert your Ubuntu Live USB (or Ubuntu CD) and restart your computer, booting from the CD or USB
2Open a Terminal
3.Type sudo apt-get update
4.Type sudo apt-get install --reinstall nvidia-current grub
5.Type mkdir -p ubcd/boot/grub
6.Type cp /usr/lib/grub/i386-pc/stage2_eltorito ubcd/boot/grub
7.Type gedit ubcd/boot/grub/menu.lst
Add the following information to your menu.lst file and click save:

title Start Ubuntu from USB DISK (MACBOOK)
root (cd)
kernel /boot/vmlinuz file=/cdrom/preseed/ubuntu.seed boot=casper noprompt cdrom-detect/try-usb=true persistent nouveau.noaccel=1 blacklist=vga16fb
initrd /boot/initrd.lz
title Start Ubuntu from USB DISK (PC)
root (cd)
kernel /boot/vmlinuz file=/cdrom/preseed/ubuntu.seed boot=casper noprompt cdrom-detect/try-usb=true persistent
initrd /boot/initrd.lz

1.Type cp /cdrom/casper/vmlinuz ~/ubcd/boot
2.Type sudo gedit /etc/initramfs-tools/modules
Add the following lines to the modules file and click save:


3.Type sudo gedit /etc/initramfs-tools/initramfs.conf
Add the following line to the bottom of the file and click save:


4.Type sudo mkinitramfs -o ubcd/boot/initrd.lz
5.Type mkisofs -R -b boot/grub/stage2_eltorito -no-emul-boot -boot-load-size 4 -boot-info-table -o usbcd.iso ubcd
6.Insert a blank CD and type brasero -i usbcd.iso (to burn the usbcd.iso to a CD)

Install SliTaz to USB from Windows

How to Install SliTaz to a USB Flash Drive using Windows. SliTaz Linux is a tiny and very fast running free operating system that can be run entirely from system memory. Founded by Christian Lincoln, SliTaz is one of the smallest portable Linux distributions available and can be stored and run directly from a USB key or other removable media.  The SliTaz team anlong with  Cedric Tissieres of Ophcrack have developed their own  SliTaz USB installer called tazusb.exe that can be used to create a SliTaz Live USB from within a running Windows environment.Distribution Home Page.
Minimum Flash Drive Capacity: 32MB

Persistent Feature: Yes

Essentials to create a USB SliTaz:

Windows Computer to perform the install
32 MB or larger USB Key
SliTaz Cooking ISO
How to Install SliTaz on USB using Windows
1.Download the SliTaz Cooking ISO
2.Insert your USB Flash Drive
3.Download and run tazusb.exe and follow the onscreen instructions to create a bootable SliTaz USB Flash Drive (or alternately you can use our Universal USB Installer).
4.Reboot your PC and set your BIOS boot menu to boot from the USB device
If all goes well, you should now be running from your own portable USB SliTaz
To enable SliTaz Persistence for persistently saving SliTaz changes, simply type slitaz home=usb at the Boot prompt. You will need to do this at every boot.Alternately, you can edit the append line in /boot/syslinux/syslinux.cfg file to automate your SliTaz persistent boots by adding slitaz home=usb.

append initrd=/boot/rootfs.gz rw root=/dev/null vga=normal autologin slitaz home=usb

Similar Portable Linux Posts:

Saturday, November 2, 2013

Update Gr3eNoX Exploit Scanner V 1.3

 A Glimpse(with older banner)
LFI Fuzzer in action
with new banner
Now with Gr3eNoX Exploit scanner you can find alot of vulnerable sites
Google Based Search
100 links per page
Excludes google,youtube,rss2 links
Import from file
Custom Domain
SQLi Scanner
LFi Scanner
LFi Fuzzing up to 11 directories
RFi Scanner
Progress bar
Download Via Box And Via Sendspace


Subscribe in Bloglines Msn bot last visit powered by MyPagerank.Net Yahoo bot last visit powered by MyPagerank.Net
I heart FeedBurner downtime checker The Ubuntu Counter Project - user number # 31290

Twitter Delicious Facebook Digg Stumbleupon Favorites More

Powered by TadPole