post.author

Admin

Tampilkan postingan dengan label attacks. Tampilkan semua postingan
Tampilkan postingan dengan label attacks. Tampilkan semua postingan

Jumat, Februari 21, 2020

Config Wireless to Hacked, Your Own Attacks internet here!

Airoscript-ng configuration file

Airoscript-ng's config is divided in two files, and some (not all) oiptions are configurable by arguments. Conffiles are airoscript-ng.conf and airoscript-ng_advanced.conf.

Standard configuration file

Here, we'll find a couple of sections, defining sets of arrays or variables.

Wordlists

WORDLIST The variable WORDLIST sets the original location of the wordlist that will be used by airoscript to crack WPA or manual dictionary WEP (see crack section).

Note that this file will be copied to DUMP_DIR, so, if you want to use a custom wordlist, AFTER airoscript-ng initialization, you've got to copy it to DUMP_PATH/WORDLIST_FILE_NAME having in account that WORDLIST_FILE_NAME contains no directories, is the basename of the WORDLIST variable.

db_location This variable will be passed to aircrack as the PMK database location.

Plugins support

The variable enabled_plugins is just an array of the plugins that will be loaded by default Actually, those are john the ripper and MDK3

Wireless interfaces

You can setup here wifi and iwifi interfaces. Wifi interface is the standard wifi interface, this will allow you to setup a iwifi interface, it will also make it not ask you to select an interface each time you start airoscript-ng.

Appearance

This configuration section will allow you to make airoscript prettier for you. Variables:

  • theme : The theme file, theme files are stored in path/themes/
  • DEFAULT_MONITOR_MODE : (Bool) start or not monitor mode on selected interface by default.
  • SHOW_SMALL_MENU : (Bool) Show a small version of all the menus, with just the title, perfect for small screens.
  • show_only_wireless_extensions: (Bool) Show only interfaces with wireless extensions enabled. If your card is not detected by airoscript, you might set this to 0.
  • Show warning (Bool) (Currently no effect) Shows an usage warning at startup
  • INTERACTIVE (Bool): Asks for some more stuffs than usual
  • force_mac_address (Bool): Do not check for mac address mode.
  • MON_PREFIX : Prefix to use for airoscript-created virtual interfaces (passed to airmon_ng), this will be used, for example, for interface cleanup.
  • ADDOPTIONS : HARDCORE: THIS WILL ASK YOU FOR EXTRA OPTIONS FOREACH COMMAND IT EXECUTES.

Advanced configuration file

Advanced configuration will not be covered here, it's allways changing, and the most remarcable things are aircrack-ng configuration values and debug mode.

https://www.izoologic.com/wp-content/uploads/2018/09/New-Way-to-Crack-WiFi-Passwords-Revealed.png

WMM Attacks Wifi to hacked Guides | Cyber wapmild wireless it

WPA attacks

https://macbold.com/wp-content/uploads/2015/11/WiFi-hacker.jpg

Standard attack

Here airoscript will send a deauth attack, so we can get the handshake, and launch airodump-ng to listen for it.

::
airodump-ng -w DUMP_PATH/HOST_MAC --bssid HOST_MAC --channel CHANNEL -a WIFI_INTERFACE

It will ask you for the kind of deauth attack you want to use (have a look at Authentication) TODO: ADD LINK

You can read more about it on: https://www.aircrack-ng.org/doku.php?id=cracking_wpa&s[]=wpa

WMM Attack

Have in account that this attacks will most probably not work, it an advanced attack not meant for novice users that might need fine-tuning inside airoscript itself.

Got from the aircrack-ng wiki:

Tkiptun-ng is the proof-of-concept implementation the WPA/TKIP attack.
This attack is described in the paper, Practical attacks against WEP and
WPA written by Martin Beck and Erik Tews. The paper describes advanced
attacks on WEP and the first practical attack on WPA. An additional excellent
references explaining how tkiptun-ng does its magic is this ars technica
article Battered, but not broken: understanding the WPA crack by Glenn Fleishman.

Basically tkiptun-ng starts by obtaining the plaintext of a small packet and
the MIC (Message Integrity Check). This is done via chopchop-type method.
Once this is done, the MICHAEL algorithm is reversed the MIC key used to
protect packets being sent from the AP to the client can be calculated.

At this point, tkiptun-ng has recovered the MIC key and knows a keystram
for access point to client communication. Subsequently, using the XOR file,
you can create new packets and inject them. The creation and injection are
done using the other aircrack-ng suite tools.

You can read more here: https://www.aircrack-ng.org/doku.php?id=tkiptun-ng