Search:

Type: Posts; User: ternarybit; Keyword(s):

Page 1 of 2 1 2

Search: Search took 0.00 seconds.

  1. Replies
    34
    Views
    24,024

    Re: What can someone do after discovering a "exploit"?

    Thanks for the info! It's amazing he was able to reverse-engineer the setup installer to arrive at the conclusion.

    I'm most interested in this topic because I'm working on the exact same task with...
  2. Replies
    34
    Views
    24,024

    Re: What can someone do after discovering a "exploit"?

    @Snayler this is very interesting. I suspect many router vendors employ similar means to derive default WPA keys. Since the key is ultimately the product of the non-reversible SHA1 hash function, I...
  3. Re: Stuck in a loop: Bios - Boot BT5r2 from USB - Select Text - Repeat.

    If I understand correctly, you select "Text Mode" from the BT5 boot menu, at which point the system reboots?

    What's the last message or text you see on-screen before the reboot?



    Does...
  4. Re: Issues: Wardriving: Tether iPhone with BT5 R2 -> kismet to receive gps signal

    I'm very interested in using a smartphone's GPS with kismet, but I don't have an iPhone (I have an Android), so I can't be much help. I'm monitoring this thread with anticipation, however :)
  5. Re: A way of easily installing to a usb with persistence and encryption?

    I followed the guide you linked to on Infosec Ramblings and got it working. Maybe I can help.

    First, I'll answer your last questions:



    Installing BT5 with persistence means that many things...
  6. Replies
    15
    Views
    8,662

    Re: Defending against WPS attacks

    Interesting thoughts, Snayler and aerokid240. I'm fairly certain these tactics are possible, even if somewhat impractical. Still, its an interesting concept. Thanks for the input!
  7. Replies
    15
    Views
    8,662

    Re: Defending against WPS attacks

    This is only partially correct, as DD-WRT will disable WPS on supported routers, but one cannot toggle it on and off because DD-WRT does not support WPS. DD-WRT uses the WPS button to optionally...
  8. Replies
    15
    Views
    8,662

    Re: Defending against WPS attacks

    thanks for the input. I did mention disabling WPS is the obvious solution in my OP, I was just curious if there was anything else available to a defender, assuming their router cannot disable WPS...
  9. Replies
    15
    Views
    8,662

    Re: Defending against WPS attacks

    Sure, good point.

    In the event that, say, I'm running Kismet and pick up a WPS attack coming from a spoofed MAC 00:11:22:33:44:55, what can I do to stop the attack? Is there a way to deny service...
  10. Replies
    15
    Views
    8,662

    Re: Defending against WPS attacks

    That would definitely make things harder for an attacker, but also very hard, if not impossible for legitimate users--especially on public or mostly-public hotspots. Thanks for the input!
  11. Replies
    15
    Views
    8,662

    Defending against WPS attacks

    After some research and field testing, it's become pretty obvious that WPS is the most dangerous threat to Wi-Fi security, for APs with WPS enabled.

    The most obvious solution is to simply disable...
  12. Discussioni: Final College Work

    by ternarybit
    Replies
    6
    Views
    1,510

    Re: Final College Work

    I found an old Linksys AP in a thrift store for $10. A lot of people replace their AP with a new 802.11n unit and retire their old one. eBay or Craigslist surely has loads of dirt cheap APs.

    Do a...
  13. Replies
    11
    Views
    52,414

    Re: Recommended wireless usb adapters

    Interesting, I think you're right that they may look a bit suspicious. Worth considering!
  14. Replies
    0
    Views
    1,605

    War log: Analyzing AT&T access points

    Seems overnight I've found dozens of new APs in the area, all broadcasting the SSID ATT###, where ### is a 3-digit number. They all employ WPA2/CCMP encryption.

    My office manager also received one...
  15. Re: Method for users having trouble with reaver operating very slow.

    Hey Str8fe, thanks for the info!

    I'm currently blackbox pentesting with Reaver 1.4, and started triggering WPS lockout with Reaver's default settings, just -i and -b. It ended up running about...
  16. Replies
    11
    Views
    52,414

    Re: Recommended wireless usb adapters

    Alfa Network AWUS036H or AWUS036NH. The NH supports 802.11n, but some report it's slightly less stable. I got the AWUS036H through Rokland.com for under $30 USD with free shipping.

    It has...
  17. Replies
    23
    Views
    24,692

    Re: Advanced WPA(2) attack methods?

    I am also very interested in understanding this attack method, with a practical explanation, if possible.
  18. Re: bt5r2 in VMware player having problem with alfa awus036nh... if I change to dual-

    Help us help you.

    What does


    dmesg | tail

    or
  19. Re: Pyrit + Cal++ (Radeon) How-To Guide (BT5R2 KDE 64bit)

    When using attack_batch, pyrit does store the computed PMKs in the DB, and only calculates nonexistent PMKs when starting again. So yes, it does resume where it left off when using attack_batch.
    ...
  20. Replies
    4
    Views
    4,204

    Re: john the ripper not seeing wordlist

    Great! Glad to help.
  21. Re: Pyrit + Cal++ (Radeon) How-To Guide (BT5R2 KDE 64bit)

    Oh, I just noticed!



    You're running it on your laptop. I do expect it to work without segfaults, but I don't expect it to work at really really fast speeds. Any laptop video chipset won't...
  22. Re: Pyrit + Cal++ (Radeon) How-To Guide (BT5R2 KDE 64bit)

    The compliation errors and version mismatches are expected and not important. The original post mentions them and it's OK to ignore them.

    Not sure where the last segfault comes from. This looks...
  23. Re: Will using VMWare leave a bigger footprint than a normal install?

    Depending on how you configure the guest OS' network settings, from the network's perspective, the guest OS will just be a separate network node apart from the host OS. I use VirtualBox, and with...
  24. Replies
    4
    Views
    4,204

    Re: john the ripper not seeing wordlist

    If thorin's suggestion doesn't work, try adding --stdout to your john invocation. Pretty sure it won't pipe to stdout without it.
  25. Replies
    4
    Views
    3,493

    Re: LM, NTLM and Rainbow Tables

    I believe these are what you're looking for. I've also had really good luck cracking unusual / long passwords with the free version of OphCrack. You can generate your own tables, but it's already...
Results 1 to 25 of 42
Page 1 of 2 1 2