Wapmild: wifi
Tampilkan postingan dengan label wifi. Tampilkan semua postingan
Tampilkan postingan dengan label wifi. Tampilkan semua postingan

Selasa, April 07, 2020

Menjadi master LAN hacker dengan "Jaringan Lokal Hacker Simulator"

Prank your friends and look like a real local network device hacker!


"Local Network Hacker Simulator" is an app that lets you appear to be a hacker in front of your friends.

This is a PRANK hack app and does NOT really hack phones, computers or any device; but it makes you look like you are hacking!

How does it work?

"Local Network Hacker Simulator" makes shows you fake network devices along with fake IP addresses in a list.

You can then select one of the devices from the list, a hacking progress bar will appear and you can show your friends that you are hacking the phone, computer or device!
You will then be presented with the "hacked" password from the target (a randomly generated password)!

The clean retro-inspired graphics and "hacking text" (based on real exploits) give the app a real "hacker" feel.

This app generates FAKE LAN devices, even if you are not connected to any network. Look like a computer pro any time and anywhere!

                Again, this is a PRANK and there is no real hacking. Passwords shown are fake and randomly generated!
             For suggestions and feedback, you        can send an email to the email address at the bottom of the page

Akses Wifi Gratis Melalui HP Dengan Sandi Generator key

you can show your friends that Wifi Password hacker is a application that help you hack password of a wifi network.

        WiFi Password Hacker makes it look like you can hack any WiFi network.

It can pretend hacking into secured wifi network using WEP, WPA2 or AES encryption and so on.

It just presents a fancy animations and nothing else. So it is not harmful to the network. You can trick your friends that you can hack WEP password , WPA2 Password and AES password also .

It makes you look like a proficient hacker and a technical genius. This is a very delightful prank to play on your friends.

This app will work like WEP password generator and will show you some fake password of a wifi around you.

You can pretend that you just hack wifi and got a free wifi on your phone .

This wifi hacking is just for prank it will just show you list of wifi networks around you and pretend to be hacking WEP, WPA2 or AES.You can use it to trick your friends that you can hack into their private wifi network. Just run this tool in their house, the wifi scanner will detect all the wifi hotspot no matter whether the signal is good or not.

   And then select their wireless wifi id. Fake password will be displayed, but they will think that you have just broken into their network! Watch the reaction on their scared face and have a lot of fun.


          Disclaimer  : This app does not generate any real wifi password by hacking any wifi network it only generate fake wifi password for fun and prank with friends only.

Jumat, Februari 21, 2020

Wifi determine the network IP scheme, reinject ARP requests and finally

Others menu

https://i1.wp.com/gbhackers.com/wp-content/uploads/2018/08/kvspr1533597422.png?fit=1020%2C572&ssl=1

This menu contains all not-frequently used (but nice) options.

Airoscript options

This menu provides with a set of airoscript-ng configuration options, wich can be changed after startup.

  • Change / reset interface
  • Change interface MAC
  • Enable monitor mode
  • Change dump path
  • Try to configure network

External plugins

Here, plugins enabled in config or startup parameters will have its menus. Each plugin gets itself into menu by adding its menu entry directly to ${plugins_menu} array, this way:

plugins_menu+=("This is the menu entry");

And then creating a function, composed by the menu name, replacing spaces by underscores.

::

This_is_the_menu_entry(){

# Here do stuff

}

For more info on plugin creation you can have a look at the manual page.

Advanced tools

Advanced aircrack-ng tools (not frequently used), aircrack-ng tools that are available in a less-customizable manner in other menus, and diagnostics tools are presented here.

Injection

Chop chop and fragmentation attacks. Those are only usable when you already have xor files.

About chopchop attack (got from aircrack-ng wiki):

This attack, when successful, can decrypt a WEP data packet without knowing the key. It can even work against dynamic WEP. This attack does not recover the WEP key itself, but merely reveals the plaintext. However, some access points are not vulnerable to this attack. Some may seem vulnerable at first but actually drop data packets shorter that 60 bytes. If the access point drops packets shorter than 42 bytes, aireplay tries to guess the rest of the missing data, as far as the headers are predictable. If an IP packet is captured, it additionally checks if the checksum of the header is correct after guessing the missing parts of it. This attack requires at least one WEP data packet.

About frag attack (got from aircrack-ng wiki):

::
This attack, when successful, can obtain 1500 bytes of PRGA (pseudo random generation algorithm). This attack does not recover the WEP key itself, but merely obtains the PRGA. The PRGA can then be used to generate packets with packetforge-ng which are in turn used for various injection attacks. It requires at least one data packet to be received from the access point in order to initiate the attack.

Autentication

This will provide Fake auth and Deauth attacks.

Fake auth attack, from aircrack-ng wiki:

The fake authentication attack allows you to perform the two types of WEP authentication (Open System and Shared Key) plus associate with the access point (AP). This is only useful when you need an associated MAC address in various aireplay-ng attacks and there is currently no associated client. It should be noted that the fake authentication attack does NOT generate any ARP packets. Fake authentication cannot be used to authenticate/associate with WPA/WPA2 Access Points.

Deauth attack, from aircrack-ng wiki:

This attack sends disassocate packets to one or more clients which are currently associated with a particular access point. Disassociating clients can be done for a number of reasons:
- Recovering a hidden ESSID. This is an ESSID which is not being broadcast. Another term for this is “cloaked”.
- Capturing WPA/WPA2 handshakes by forcing clients to reauthenticate
- Generate ARP requests (Windows clients sometimes flush their ARP cache when disconnected)
- Of course, this attack is totally useless if there are no associated wireless client or on fake authentications.

Operations with ivstools

Makes it possible to merge ivs (with ivstools) from either one airoscript session or all the previous saved ones.

Decloak packages

Launches a nice selection menu about airdecloack-ng options.

::
Airdecloak-ng is a tool that removes wep cloaking from a pcap file. Some WIPS (actually one) actively “prevent” cracking a WEP key by inserting chaff (fake wep frames) in the air to fool aircrack-ng. In some rare cases, cloaking fails and the key can be recovered without removing this chaff. In the cases where the key cannot be recovered, use this tool to filter out chaff.

Create virtual interface with airtun-ng

Creates a virtual interface with the cracked wep key using airtun-ng.

Diagnostics and reports

This menu makes airgraph-ng reports.

Auto crack wep with wesside-ng

Launches wesside-ng to try to auto-crack the network.

Wesside-ng is an auto-magic tool which incorporates a number of techniques to seamlessly obtain a WEP key in minutes. It first identifies a network, then proceeds to associate with it, obtain PRGA (pseudo random generation algorithm) xor data, determine the network IP scheme, reinject ARP requests and finally determine the WEP key. All this is done without your intervention.

Easside-ng

An auto-magic tool which allows you to communicate via an WEP-encrypted AP without knowing the key .. _easside-ng at aircrack-ng wiki: https://www.aircrack-ng.org/doku.php?id=easside-ng

https://i1.wp.com/gbhackers.com/wp-content/uploads/2018/08/kvspr1533597422.png?fit=1020%2C572&ssl=1

Config Wireless to Hacked, Your Own Attacks internet here!

Airoscript-ng configuration file

Airoscript-ng's config is divided in two files, and some (not all) oiptions are configurable by arguments. Conffiles are airoscript-ng.conf and airoscript-ng_advanced.conf.

Standard configuration file

Here, we'll find a couple of sections, defining sets of arrays or variables.

Wordlists

WORDLIST The variable WORDLIST sets the original location of the wordlist that will be used by airoscript to crack WPA or manual dictionary WEP (see crack section).

Note that this file will be copied to DUMP_DIR, so, if you want to use a custom wordlist, AFTER airoscript-ng initialization, you've got to copy it to DUMP_PATH/WORDLIST_FILE_NAME having in account that WORDLIST_FILE_NAME contains no directories, is the basename of the WORDLIST variable.

db_location This variable will be passed to aircrack as the PMK database location.

Plugins support

The variable enabled_plugins is just an array of the plugins that will be loaded by default Actually, those are john the ripper and MDK3

Wireless interfaces

You can setup here wifi and iwifi interfaces. Wifi interface is the standard wifi interface, this will allow you to setup a iwifi interface, it will also make it not ask you to select an interface each time you start airoscript-ng.

Appearance

This configuration section will allow you to make airoscript prettier for you. Variables:

  • theme : The theme file, theme files are stored in path/themes/
  • DEFAULT_MONITOR_MODE : (Bool) start or not monitor mode on selected interface by default.
  • SHOW_SMALL_MENU : (Bool) Show a small version of all the menus, with just the title, perfect for small screens.
  • show_only_wireless_extensions: (Bool) Show only interfaces with wireless extensions enabled. If your card is not detected by airoscript, you might set this to 0.
  • Show warning (Bool) (Currently no effect) Shows an usage warning at startup
  • INTERACTIVE (Bool): Asks for some more stuffs than usual
  • force_mac_address (Bool): Do not check for mac address mode.
  • MON_PREFIX : Prefix to use for airoscript-created virtual interfaces (passed to airmon_ng), this will be used, for example, for interface cleanup.
  • ADDOPTIONS : HARDCORE: THIS WILL ASK YOU FOR EXTRA OPTIONS FOREACH COMMAND IT EXECUTES.

Advanced configuration file

Advanced configuration will not be covered here, it's allways changing, and the most remarcable things are aircrack-ng configuration values and debug mode.

https://www.izoologic.com/wp-content/uploads/2018/09/New-Way-to-Crack-WiFi-Passwords-Revealed.png

WMM Attacks Wifi to hacked Guides | Cyber wapmild wireless it

WPA attacks

https://macbold.com/wp-content/uploads/2015/11/WiFi-hacker.jpg

Standard attack

Here airoscript will send a deauth attack, so we can get the handshake, and launch airodump-ng to listen for it.

::
airodump-ng -w DUMP_PATH/HOST_MAC --bssid HOST_MAC --channel CHANNEL -a WIFI_INTERFACE

It will ask you for the kind of deauth attack you want to use (have a look at Authentication) TODO: ADD LINK

You can read more about it on: https://www.aircrack-ng.org/doku.php?id=cracking_wpa&s[]=wpa

WMM Attack

Have in account that this attacks will most probably not work, it an advanced attack not meant for novice users that might need fine-tuning inside airoscript itself.

Got from the aircrack-ng wiki:

Tkiptun-ng is the proof-of-concept implementation the WPA/TKIP attack.
This attack is described in the paper, Practical attacks against WEP and
WPA written by Martin Beck and Erik Tews. The paper describes advanced
attacks on WEP and the first practical attack on WPA. An additional excellent
references explaining how tkiptun-ng does its magic is this ars technica
article Battered, but not broken: understanding the WPA crack by Glenn Fleishman.

Basically tkiptun-ng starts by obtaining the plaintext of a small packet and
the MIC (Message Integrity Check). This is done via chopchop-type method.
Once this is done, the MICHAEL algorithm is reversed the MIC key used to
protect packets being sent from the AP to the client can be calculated.

At this point, tkiptun-ng has recovered the MIC key and knows a keystram
for access point to client communication. Subsequently, using the XOR file,
you can create new packets and inject them. The creation and injection are
done using the other aircrack-ng suite tools.

You can read more here: https://www.aircrack-ng.org/doku.php?id=tkiptun-ng

Atatacks Wifi wireless card And You're Auditing Your Own Network here guides!

Wep attacks

https://img.wonderhowto.com/img/12/82/63635426022058/0/fluxion-cracking-wifi-without-bruteforce-wordlist-kali-linux-2017-1-full-guide.w1456.jpg

Attacks not using a client

https://1.bp.blogspot.com/-2TRQqfQyI9Q/W2norubouBI/AAAAAAAAxyU/8Cw9SEDW3Csm2dkzXi2XLQ3kw_AlRwMggCLcBGAs/s728-e100/how-to-hack-wifi-password-software.png

If you have no connected clients (for example, if you've only got one wireless card, and you're auditing your own network) you might need to use this attacks.

Fake auth (Automatic)

Airoscript here performs a fake auth attack, to associate with AP, and a arp replay attack for injection, typically doing something like:

aireplay-ng WIFI_INTERFACE --arpreplay -b TARJET_MAC -d INJECTION_MAC -f 1 -m 68 -h FAKE_MAC -x 1000
aireplay-ng -3 -b AP_MAC -h SOURCE_MAC WIFI_INTERFACE

Where source mac (in this case) is INJ_MAC

That is, fake auth and arp replay attacks. Basically, according to aircrack-ng wiki:

The fake authentication attack allows you to perform the two types of WEP
authentication (Open System and Shared Key) plus associate with the access point (AP).
This is only useful when you need an associated MAC address in various aireplay-ng attacks
and there is currently no associated client. It should be noted that the fake authentication
attack does NOT generate any ARP packets. Fake authentication cannot be used to
authenticate/associate with WPA/WPA2 Access Points.

The classic ARP request replay attack is the most effective way to generate new
initialization vectors (IVs), and works very reliably. The program listens for an ARP packet
then retransmits it back to the access point. This, in turn, causes the access point to repeat
the ARP packet with a new IV. The program retransmits the same ARP packet over and over.
However, each ARP packet repeated by the access point has a new IVs. It is all these new IVs
which allow you to determine the WEP key.

In interactive mode, you'll be asked for the "f" (from-to destination bit), making you able to make it into a t, and the destmac (wich, by default, is FF:FF:FF:FF:FF:FF)

Have a look at _Fake auth at aircrack-ng wiki: https://www.aircrack-ng.org/doku.php?id=fake_authentication and _ARP replay at: https://www.aircrack-ng.org/doku.php?id=arp-request_reinjection

Fake auth (Interactive)

Almost same as fake auth, automatic, except for aireplay being called in interactive mode, wich will force the user to select a packet instead of injecting the first that it gets.

Have a look at _Fake auth at aircrack-ng wiki: https://www.aircrack-ng.org/doku.php?id=fake_authentication

Fragmentation attack

Here, airoscript-ng kills every airodump-ng and aireplay-ng processes (-9 kill, be careful as all airodump processes will stop recording and not save data) and removes all old fragmentation captures and normal captures (hard-cleans everything). Be careful!

Note to self: IF NO _DUMP_PATH_ PROVIDED, AND NO HOST MAC PROVIDED (It's imposible to get here with airoscript, just if you source attacks/wep and execute directly wep_attacks_fragmentation) it will do a rm /* wich is dangerous

Then it launches aireplay, in this case, assuming you've no clients, with injection (-5, --fragment option) like this:

aireplay-ng -5 -b AP_MAC -h FAKE_MAC -k FRAG_CLIENT_IP -l FRAG_HOST_IP WIFI_INTERFACE

Have a look at _Fragmentation at aircrack-ng wiki: www.aircrack-ng.org/doku.php?id=fragmentation

Chopchop attack

Makes a hardclean. Starts capturing, fake auth (3) and aireplay with chopchop attack, then it calls the _Injection menu: injection.html

aireplay --chopchop -b AP_MAC -h FAKE_MAC WIFI_INTERFACE

According to aircrack-ng wiki:

This attack, when successful, can decrypt a WEP data packet without knowing the key.
It can even work against dynamic WEP. This attack does not recover the WEP key itself,
but merely reveals the plaintext. However, some access points are not vulnerable to this
attack. Some may seem vulnerable at first but actually drop data packets shorter
that 60 bytes. If the access point drops packets shorter than 42 bytes, aireplay
tries to guess the rest of the missing data, as far as the headers are predictable.
If an IP packet is captured, it additionally checks if the checksum of the header
is correct after guessing the missing parts of it. This attack requires at
least one WEP data packet.

Have a look at its aircrack-ng docs at _aircrack-ng wiki: https://www.aircrack-ng.org/doku.php?id=korek_chopchop

Attacks using a client

images/wep-attacks-client.png

When the ap has a client connected, you can use the following attacks.

Arp replay (Automatic)

Calls aireplay-ng for a arpreplay, as in fake auth, except that does not execute a fake auth attack.

aireplay WIFI_INTERFACE --arpreplay -b AP_MAC -d INJECTION_MAC\
-f 1 -m 68 -n 86 -h CLIENT_MAC -x INJECTRATE

Arp replay (Interactive)

Same as previous attack, interactive mode.

Fragmentation attack

Have a look at fragmentation attack without clients, this is basically the same, except for aireplay-ng being called with -7 option, like this:

aireplay-ng -7 -b AP_MAC -h CLIENT_MAC -k FRAG_CLIENT_IP -l FRAG_HOST_IP WIFI_INTERFACE

Have a look at _Fragmentation at aircrack-ng wiki: www.aircrack-ng.org/doku.php?id=fragmentation

Chopchop attack

Almost the same as non-client directed chopchop, except this one does not make a fake_auth attack, and provides client_mac like this:

aireplay-ng --chopchop -h CLIENT_MAC WIFI_INTERFACE

It also calls inject menu, directed for chopchop.

Cafe latte attack

It just executes fakeauth3 and caffe late attack ( -6 option to aireplay-ng )

According to aircrack-ng wiki:

The Cafe Latte attack allows you to obtain a WEP key from a client system.
Briefly, this is done by capturing an ARP packet from the client, manipulating
it and then send it back to the client. The client in turn generates packets
which can be captured by airodump-ng. Subsequently, aircrack-ng can be used
to determine the WEP key.

Have a look at its aircrack-ng docs at _aircrack-ng wiki: https://www.aircrack-ng.org/doku.php?id=caffe-lat

Feb 22, 2020 10:12:28 AM wapmild cyber sites.

Crack Wpa, Wep, Wpa2, Wifi hacked Linux Guides

crack hacked

Crack

This section defines cracking menu.

Note: If "pipe" variable is set, it will be executed and piped into aircrack-ng (that's the way the john the ripper plugin works, actually)

Note: If writekey variable contains a set of commands to write the key to a file (wich is default on auto)

WPA Crack

It will execute attacks against a wordlist.

WEP Crack

Default

Executes aircrack-ng with the following options

"$pipe $AIRCRACK -0 -a 1 -b $Host_MAC -f $FUDGEFACTOR -l $DUMP_PATH/$Host_MAC.key -0 -s $DUMP_PATH/$Host_MAC-01.cap $crack_extra_opts $writekey"; $clear; break ;;

Korek

Executes aircrack-ng with the following options

AIRCRACK -0 -a 1 -b $Host_MAC -f $FUDGEFACTOR -l $DUMP_PATH/$Host_MAC.key -0 -s $DUMP_PATH/$Host_MAC-01.cap -K $crack_extra_opts $writekey

Interactive

Same as default, except that it allows you to enter personalized fudge_factor and enc_size.

Executes aircrack-ng with the following options:

::
AIRCRACK -0 -a 1 -b $Host_MAC -f $FUDGEFACTOR -l $DUMP_PATH/$Host_MAC.key -0 -s $DUMP_PATH/$Host_MAC-01.cap -K $crack_extra_opts $writekey

Others menu

This menu contains all not-frequently used (but nice) options.

Airoscript options

This menu provides with a set of airoscript-ng configuration options, wich can be changed after startup.

  • Change / reset interface
  • Change interface MAC
  • Enable monitor mode
  • Change dump path
  • Try to configure network

External plugins

Here, plugins enabled in config or startup parameters will have its menus. Each plugin gets itself into menu by adding its menu entry directly to ${plugins_menu} array, this way:

plugins_menu+=("This is the menu entry");

And then creating a function, composed by the menu name, replacing spaces by underscores.

::

This_is_the_menu_entry(){

# Here do stuff

}

For more info on plugin creation you can have a look at the manual page.

Advanced tools

Advanced aircrack-ng tools (not frequently used), aircrack-ng tools that are available in a less-customizable manner in other menus, and diagnostics tools are presented here.

Injection

Chop chop and fragmentation attacks. Those are only usable when you already have xor files.

About chopchop attack (got from aircrack-ng wiki):

This attack, when successful, can decrypt a WEP data packet without knowing the key. It can even work against dynamic WEP. This attack does not recover the WEP key itself, but merely reveals the plaintext. However, some access points are not vulnerable to this attack. Some may seem vulnerable at first but actually drop data packets shorter that 60 bytes. If the access point drops packets shorter than 42 bytes, aireplay tries to guess the rest of the missing data, as far as the headers are predictable. If an IP packet is captured, it additionally checks if the checksum of the header is correct after guessing the missing parts of it. This attack requires at least one WEP data packet.

About frag attack (got from aircrack-ng wiki):

::
This attack, when successful, can obtain 1500 bytes of PRGA (pseudo random generation algorithm). This attack does not recover the WEP key itself, but merely obtains the PRGA. The PRGA can then be used to generate packets with packetforge-ng which are in turn used for various injection attacks. It requires at least one data packet to be received from the access point in order to initiate the attack.

Autentication

This will provide Fake auth and Deauth attacks.

Fake auth attack, from aircrack-ng wiki:

The fake authentication attack allows you to perform the two types of WEP authentication (Open System and Shared Key) plus associate with the access point (AP). This is only useful when you need an associated MAC address in various aireplay-ng attacks and there is currently no associated client. It should be noted that the fake authentication attack does NOT generate any ARP packets. Fake authentication cannot be used to authenticate/associate with WPA/WPA2 Access Points.

Deauth attack, from aircrack-ng wiki:

This attack sends disassocate packets to one or more clients which are currently associated with a particular access point. Disassociating clients can be done for a number of reasons:
- Recovering a hidden ESSID. This is an ESSID which is not being broadcast. Another term for this is “cloaked”.
- Capturing WPA/WPA2 handshakes by forcing clients to reauthenticate
- Generate ARP requests (Windows clients sometimes flush their ARP cache when disconnected)
- Of course, this attack is totally useless if there are no associated wireless client or on fake authentications.

Operations with ivstools

Makes it possible to merge ivs (with ivstools) from either one airoscript session or all the previous saved ones.

Decloak packages

Launches a nice selection menu about airdecloack-ng options.

::
Airdecloak-ng is a tool that removes wep cloaking from a pcap file. Some WIPS (actually one) actively “prevent” cracking a WEP key by inserting chaff (fake wep frames) in the air to fool aircrack-ng. In some rare cases, cloaking fails and the key can be recovered without removing this chaff. In the cases where the key cannot be recovered, use this tool to filter out chaff.

Create virtual interface with airtun-ng

Creates a virtual interface with the cracked wep key using airtun-ng.

Diagnostics and reports

This menu makes airgraph-ng reports.

Auto crack wep with wesside-ng

Launches wesside-ng to try to auto-crack the network.

Wesside-ng is an auto-magic tool which incorporates a number of techniques to seamlessly obtain a WEP key in minutes. It first identifies a network, then proceeds to associate with it, obtain PRGA (pseudo random generation algorithm) xor data, determine the network IP scheme, reinject ARP requests and finally determine the WEP key. All this is done without your intervention.

Easside-ng

An auto-magic tool which allows you to communicate via an WEP-encrypted AP without knowing the key .. _easside-ng at aircrack-ng wiki: https://www.aircrack-ng.org/doku.php?id=easside-ng

Autopwn

Autopwn function will try each available (and enabled) attack against every network available. You can specify essid filters, and change enabled attacks in advanced airoscript-ng configuration, have a look at main usage for argument.

Kamis, Februari 13, 2020

The applications available above are just tools and require your own responsibility

Just like our computer programs, there are so many Android applications used for many different tasks, and here we will discussing the best Android applications meant to do Penetration Testing or Ethical Hacking.The best Android apps below was chosen by comparing users experience, and my personal experience with the apps (I use most of these tools for daily use). Some of the tools require root access of your Android phone, and absolutely, the best applications below are all in active development.

8. Orbot: Proxy with Tor

Anonymity is the first thing you need to concern before doing Penetration Testing. Among many others apps which provide privacy connection like VPN, Orbot is the best at hiding your identity. Orbot is free and open source project (which you can take a look at the source code in Github or join their community) to provide anonymity on the internet for Android users. Orbot uses Tor to encrypt the internet traffic by bouncing through available server around the world. Orbot can help you to defend against personal and privacy threatens, hidden from monitoring internet traffic third parties app.

tor bouncing connection

TOR – bouncing connections

8tor log

TOR – live log

7. Wifi Master Key – by wifi.com

Wifi Master Key is the biggest peer-to-peer Wi-Fi key sharing for free Wi-Fi access developed by LinkSure Network (wifi.com). This is my favorite apps when i need Wi-Fi connection around. This app will shorten my tasks to break the locked (password-ed) Wi-Fi. The concept is sharing Wi-Fi key (password) to provide free internet access. Whether the user knows the password or not, they will be able to connect to any nearby Wi-Fi hotspots that are listed with “connect button” without input any login details. Another interesting feature of Wifi Master Key is the Wifi Map to help users find free and open hotspots Wi-Fi available in location.

wifi key to hack wpa

Wifi Key Master – Display available Free connect hotspots

wifi master key

Wifi Master Key – MAP display available Free and Open Hotspots

6. Fing – Network Tools

Fing is a network discovery tool to do information gathering about devices connected in wireless network connection. Fing also offers several networking utilities including Ping, Traceroute, DNS Lookup, and Service scanning.

Fing network discovery Fing scan services

5. Netcut (free, requires root)

Netcut is popular desktop network discovery tool which also available on Android. Netcut helps discover device connected on wireless network and display the information including IP address, MAC address, and device name. The difference between Fing and Netcut is, Netcut has feature to change MAC address of your device, and the main feature is to cut connections of others clients connected in your wireless network using ARP spoofing attack. Netcut also can protects users from ARP spoofing attack, using built-in feature Netcut Defender.

4. Packet Capture

Packet Capture is a network traffic sniffer with SSL decryption. Packet Capture has the same main function as Wireshark program on desktop. It is very powerful Android app to debugging, or to monitor the network communication in and out going internet connection. Packet Capture use local VPN to capture and record the traffic. The good news is it doesn’t need any root permission. Not only capturing all packets, Packet Capture is able to decrypt SSL communication using MITM method.

Capture

Packet Capture – Sniffing “Mobile Legends” game connections

spoofer

3. Network Spoofer (requires root)

Network Spoofer is Android app project to perform ARP Spoofing attack to mess the network and clients. Network Spoofer let you prank clients connected on your wireless network, the attack feature Network Spoofer provides are: Flip picture and text upside down, website page redirect, delete and replace words from website and change all pictures on website to trollface meme image.

2. Termux

Termux is terminal emulator for Android with bash linux environment. If you are familiar with Terminal Linux environment than you will not find any difficult on using Termux. Termux using the APT package manager to automate installing any packages. The reason why i exclude “Nmap for Android” on the list is, you can actually install popular Penetration Testing program directly in your Android using Termux “pkg install” command, such NMAP, Metasploit, Traceroute, and much more.

Nmp

Termux – running NMAP on Termux Android

termux

Termux – Running Metasploit Framework on Termux Android

1. zANTI (requires root)

zANTI is very powerful full-fledged penetration testing toolkit. zANTI has so many features, it is a collection of tools, including network discovery using NMAP, MITM Attack, MAC Address spoofing, password auditing, vulnerability scanning and much more. In the MITM Attack itself has so much features which mostly has the main feature like “Network Spoofer” does, with HTTP sessions hijacking, HTTP requests and responses modifying, capture download files, router exploit and able to check device for shellshock and SSL poodle vulnerability.

CONCLUSION

Nowadays, hacking is much easier to do in line with the advances of technology, even by using your “handy-computer” a.k.a smartphone you can perform Penetration Testing tasks. The applications available above are just tools and require your own responsibility. Be wise (and wild sometimes :-D).

Minggu, Februari 09, 2020

Cara Mengubah - Mengganti Sandi Wifi Router Dengan Mudah

Bagaimana Sih Cara Mengganti Password WiFi dengan Mudah Begini!

wifi

Yang terpenting untuk anda ketahui jika WiFi itu merupakan teknologi yang menggunakan gelombang radio untuk menyediakan konektivitas jaringan. Koneksi WiFi dibuat menggunakan adaptor nirkabel untuk membuat hotspot - area di sekitar router nirkabel yang terhubung ke jaringan dan memungkinkan pengguna untuk mengakses layanan internet. Banyak orang menggunakan WiFi karena kemudahan pemakaian hingga harganya yang kini cukup terjangkau.

Untuk menggunakan WiFi, seseorang harus terhubung ke jaringan WiFi setelah sebelumnya menggunakan password. Password berfungsi menjaga jaringan WiFi Anda untuk tidak sembarangan digunakan oleh orang lain. Tentu. Nah, oleh karena itu Anda tidak hanya perlu memasang password, namun juga secara reguler menggantinya (jika perlu) agar WiFi Anda terlindungi. Bagaimana caranya? Simak informasi lengkapnya berikut ini!

Buka halaman konfigurasi router

Halaman konfigurasi router dapat diakses melalui browser web di komputer yang terhubung ke jaringan. Jika Anda tidak bisa terhubung melalui Wi-Fi karena lupa password, Anda bisa menggunakan kabel Ethernet untuk menghubungkan komputer langsung ke router. Sebagai informasi, alamat router standar adalah 192.168.1.1, 192.168.0.1, 192.168.2.1, atau 10.0.1.1 (untuk Apple) atau 10.0.0.1 (untuk Xfinity). Masukkan alamat tersebut ke bilah alamat browser Anda.

Masukkan nama pengguna dan password router Anda

Setiap router membutuhkan nama pengguna dan password agar Anda dapat mengakses bagian dalamnya. Jika saat pertama kali Anda melakukan konfigurasi pada router Anda tidak pernah melakukan perubahan apapun, kemungkinan besar nama penggunanya adalah "admin" dan password-nya adalah "admin" atau "password". Untuk tiap-tiap model router tentu memiliki konfigurasi yang berbeda, jadi Anda perlu mencari informasi login yang tepat melalui internet.

Jika Anda pernah melakukan perubahan informasi login sebelumnya, sudah melupakannya, atau router tersebut adalah pemberian orang lain dan pemilik lama tidak pernah me-reset perangkat tersebut, Anda harus menekan dan menahan tombol Reset di router selama kira-kira 30 detik. Dengan begitu, pengaturan router akan disetel ulang ke default, sehingga Anda dapat masuk dengan menggunakan nama pengguna dan kata sandi default.

(RUJUKAN UNTUK ANDA JIKA: Bingung Cari Paket Wifi Murah untuk di Rumah? saya rujuk anda ke GIG by Indosat Solusinya!)

Buka bagian Wireless

Apabila Anda sudah masuk ke router, carilah bagian Wireless di halaman konfigurasi. Nama yang tepat akan berbeda-beda di setiap produsen, akan tetapi biasanya Anda harus mencari tab atau tombol yang betuliskan "Wireless" atau "Wireless Settings/Setup". Jika bagian "Wireless" terdiri dari sejumlah subbagian, buka saja halaman Wireless Security.

Ganti kata sandi

Untuk mengganti password, cari kotak yang bertuliskan "Password", "Shared Key" atau "Passphrase". Selanjutnya Anda bisa memasukkan password baru ke dalam kotak tersebut. Sebagian router akan meminta Anda mengetikkan password sekali lagi dengan tujuan memastikan Anda telah memasukkan kata sandi dengan benar.

Sebaiknya Anda membuat password yang kuat, sulit atau bahkan tidak mungkin ditebak oleh siapapun. Password baru Anda tidak boleh berhubungan dengan sesuatu yang bersifat pribadi, dan harus mengandung sejumlah angka secara bebas, kejadian acak, dan karakter khusus misalnya "#", "!" dan "$". Password yang kuat setidaknya harus terdiri dari 8 karakter.

Simpan pengaturan yang telah diubah

Jika Anda sudah memasukkan password baru, selanjutnya Anda cukup klik tombol Apply atau Save. Masing-masing router menempatkan tombol Apply atau Save di lokasi yang berbeda-beda, tetapi biasanya berada di bagian atas atau bawah halaman. Router membutuhkan waktu beberapa saat untuk melakukan proses terhadap perubahan tersebut. Setelah perubahan berhasil, semua perangkat yang saat ini terhubung akan diputus koneksinya. Jadi, Anda perlu memasukkan ulang password di setiap device yang menggunakan WiFi Anda.

Nah, itulah informasi yang bisa wapmild share cara mengganti password WiFi yang perlu Anda ketahui. Cukup mudah, bukan? Semoga informasi di atas tadi dapat bermanfaat ya!