Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Office Demo

  1. #1
    Junior Member
    Join Date
    Feb 2007
    Posts
    26

    Question Office Demo

    In an effort to inform staff and management, I am working on putting together a demo that shows how weak (WEP) wireless security can be compromised and what kind of data can be captured using tools like driftnet, mailsnarf, urlsnarf, etc....

    I've downloaded the latest BT2 disc and have an old IBM T40 notebook with a senao 2511.

    I am fairly new to these sort of tools so any pointer would be helpful. Until I get more familiar I am not using WEP or MAC filtering. My lab includes a wireles router, local workstation, and my notebook running BT2.

    I've tried putting my wifi card into wifi mode (iwconfig <interface> mode monitor), running drifnet, urlsnarf, mailsnarf, and no data is captured. I've also tried the tools without putting the card in monitor mode. The notebook is connected to the wireless LAN and has access to the network.

    The tools work just fine for capturing data from the notebook running BT2, which makes me wonder if I am just not setting up the Senao card properly for sniffing the wifi network.

    Any suggestions would be really appreciated.

    Eric

  2. #2
    My life is this forum Barry's Avatar
    Join Date
    Jan 2010
    Posts
    3,817

    Default

    Hopefully the presentation isn't for a while. I've been playing with this stuff for a couple of years and still figuring some of it out.

  3. #3
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I hate to be the jack ass but each topic you talked about has been covered here and on the backtrack wiki. PLEASE try to utilize the search functions before posting questions that were already answered. Do you really think your the first person to ask this. My suggestion in this situation would be to pay a security proffesonal to come in and do the demo and then MOST importantly that person will know how to eliminate the security flaws. It doesnt do a whole lot of good to point out a flaw if you have no idea how to fix it.

  4. #4
    Member
    Join Date
    Jan 2007
    Posts
    242

    Default

    In an effort to inform staff and management, I am working on putting together a demo that shows how weak (WEP) wireless security can be compromised and what kind of data can be captured using tools like driftnet, mailsnarf, urlsnarf, etc....
    Instead of wasting your valuable time putting together a "presentation", use one of the MANY ones that have already been done. There are countless movies and slide shows on the web that do just that.

    There are also countless tutorials on the web describing how to do what you say you want to do.

    I usually just tell people that I can crack their wep encryption in a few minutes and if they don't believe me to google "crack wep". I then explain how easy it is to use wpa and how quickly I can set it up. I then explain "strong pass phrases" and dictionary attacks. Most management types go for the wpa without having to see any "presentations". I've noticed that conversations like these are taking place less and less so all the publicity must be doing some good.

    If you are just curious about how it works and want to have some fun learning linux and doing "parlor tricks", say so.

  5. #5
    Junior Member
    Join Date
    Feb 2007
    Posts
    26

    Default

    I have tried to search the forums but some of the material is either dated or doesn't work due to updates in the programs or my lack of understanding. Part of the reason I am doing this is to also increase my knowledge in the area of security. Unfortunately as a non-profit we can't afford to hire a security professional.

    If there is a better forum for helping people new to the field I'd be interested in any links you might suggest.

    Thank you!

  6. #6
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    Quote Originally Posted by seag33k View Post
    I have tried to search the forums but some of the material is either dated or doesn't work due to updates in the programs or my lack of understanding. Part of the reason I am doing this is to also increase my knowledge in the area of security. Unfortunately as a non-profit we can't afford to hire a security professional.

    If there is a better forum for helping people new to the field I'd be interested in any links you might suggest.

    Thank you!
    I never said I would not help. You must first make clear what it is your trying to do. If you are truly trying to present to your work the security vunerabilities in wireless networking then do as ghaze said and copy a video from the internet. We are not going to give you a step by step instruction to exploiting a system. If you start to expirement a come back with a specific valid question then I will be glad to help. We are not in the businness of helping people commit crimes (not saying you are) but If you are really doing what you say for a non profit then use our suggestions. they are free.

  7. #7
    Junior Member
    Join Date
    Feb 2007
    Posts
    26

    Default

    Thank you, I appreciate the suggestions. Here is a specific question then:

    When trying to use tools like driftnet, mailsnarf, urlsnarf in my lab where I don't have wep or mac filtering enabled, the tools never capture anything. I am not sure if the tools put my wireless card (senao 2511) into capture mode or if I have to put them into monitor mode before I start the programs. I've tried it either way and no traffic is captured.

    From the forums, one person suggests using airodump to capture traffic, then use tcpreplay to play back the traffic on the lo interface and point the tools to listen on lo. Is this the preferred method? Do tools like drifnet not work on wireless interfaces?

    Thanks again!

  8. #8
    Developer
    Join Date
    Mar 2007
    Posts
    6,126

    Default

    I assume you are talking about my buddy xploitz thread here

    I am not a drift net or dsniff expert. Mostly I do wireless network testing and penetration inorder to excecute code or a .exe file or whatever. I use ettercap and wireshark and tcpdump for all of my sniffing needs. but if xploitz says it will work theres a good chance it will so if I were you I would try it.

  9. #9
    Junior Member
    Join Date
    Feb 2007
    Posts
    26

    Default

    Thanks! I wll give it a try and post my results if anyone is interested in a newbies experience

    Thanks again!

  10. #10
    Junior Member
    Join Date
    Feb 2007
    Posts
    26

    Default

    It looks like I needed to use ettercap before I could run any of the tools like driftnet. I always understood that a wireless network was just one big broadcast domain like a hub. So by using ettercap I was able to use arp poisoning to redirect all the packets to my machine The downside was that the client's (my test machine) network performance was decreased running through my BT2 laptop.

    Thanks for the help!

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •