Sahil's Life

Official Blog of Sahil. Get to know interesting stuff

Archive for the tag “Hackers”

This is an Awesome Video


How to Hack Wifi (and how to avoid being hacked): WEP/WPA/WPA2 (IMP.)

How to Hack Wifi (and how to avoid being hacked): WEP/WPA/WPA2
This guide is meant to show how easy it is to hack wireless networks if the proper security measures are not in place. First I will show how to hack a WEP or WPA/WPA2 Network and then I will give tips on how to avoid getting hacked.

This is important information in our techno-savy culture. If your wireless network is compromised you can be liable for any illegal activity on it. There are numerous stories of child pornographers and black-hat hackers using other peoples wireless networks.

NOTE: Hacking your neighbors or anyone else’s Wifi without their permission is ILLEGAL. Be smart!

Step 1What you Need

What you Need


-A Computer. (A Laptop works best)-A Wireless Card capable of packet injection.
-If your laptop wireless card can’t do packet injection you can purchase a wireless adapter such as the Netgear WG111 v2 for around $8-$12 on eBay.

-A Live installation of BackTrack either on a CD or USB stick.
-BackTrack 5 Can be found Here
-Create a Live USB Install Here

Step 2Hack WEP

Hack WEP
WEP is the predecessor of WPA and has been hacked for the past 5+ years yet people continue to use it. With the instructions below we can crack WEP in under 15 minutes.You can crack WEP from the command line but there is an easy GUI interface in backtrack which makes it a much less painful experience for those who are scared of command prompts.

1. Boot into BackTrack

2. Click on the Backtrack applications menu -> Backtrack -> Exploitation tools -> Wireless exploitation -> WLAN Exploitation -> gerix-wifi-cracker-ng (This will open up the GUI interface seen in the picture).

3. Go to the configuration menu and select the wireless interface wlan0
-Click on Enable/Disable Monitor Mode (this will put the wireless card into monitor mode).
-Select the newly created mon0 interface.

4. Now click on the WEP tab at the top of the window.
-Click on “Start sniffing and logging” and leave the terminal open.
-Once the wireless network you want to crack* shows up (it has to be WEP encryption of course) select the WEP Attacks (with clients). *note that the PWR has to be high enough to work so the closer you can get, the better.
-There you click on “Associate with AP using fake auth”, wait a few seconds and click on “ARP request replay”.

5. Once the Data number reaches over 10,000 you are ready to try (if the data is coming fast wait until 20 or 30,000 to be safe) and crack the key, but don’t close any windows yet.
-Go to the cracking tab and click on “Aircrack-ng – Decrypt WEP password” under Wep Cracking.

It will take a few seconds to minutes to crack the password and then you are good to go.

Step 3Hack WPA/WPA2



At least WPA and WPA2 are safe right? Wrong. WPA and WPA2 are both crackable but the time it takes to crack depends on the strength of their password.-Boot into BackTrack
-Open up Konsole which is a command line utility built into BackTrack. It is the Black Box in the Lower-Left Hand Corner (See Image).
We will now be entering the following commands into the command line noted by Bold as well as explanations as to what they do:

-The following commands stop the wireless interface so you can change your mac address, this is important because your mac address is a unique identifier so faking one is a good idea if you are accessing a network you don’t have permission to. (which by the way I wholly condemn)

airmon-ng stop wlan0
ifconfig wlan0 down
macchanger –mac 00:11:22:33:44:55 wlan0
airmon-ng start wlan0

-Now we will put the airodump-ng tool into monitor mode, this will allow us to see all of the wireless networks around us (See the first Picture).

airodump-ng mon0

Now choose the network you want to hack and take note of the BSSID, and the Channel it is one as well as the ESSID. The PWR has to be fairly high to be able to hack it, this is determined by how close you are to the wireless router. The closer you are, the better.

Once you have chosen the wireless network enter the following into the terminal:
This will write capture packets and put them into the “filename” file, we are trying to capture the handshake between the router and wireless connection which will give us the key we need to crack.

airodump-ng mon0 –channel * –bssid **:**:**:**:**:** -w filename

The following step is optional but is highly recommended as it will speed up the process a great deal.

Once “WPA handshake: **:**:**:**:**:**” appears in the top right-hand corner we can move on. If you are having trouble getting the WPA handshake to occur then do step 4.

aireplay-ng -0 1 -a **:**:**:**:**:** -c **:**:**:**:**:** mon0

What this step (4) does is it deauthorizes a wireless connection and trie to re-establish it so it will generate a new handshake to capture. This step ends once you have captured the handshake.

aircrack-ng –w wordlist.lst -b **:**:**:**:**:** filename.cap

Step 5 is now trying to crack the password in “filename.cap” using a list of words, here called “wordlist.lst” you can download a good 200 million word dictionary here (128MB but unzipped is 800MB).

Your computer has to compute the hash value of every password in that list but a computer can go through those 200 million passwords in 6-12 hours.


If the password isn’t found in the dictionary you can try and brute-force the password with this command: (Note this could take a very long time depending on their password strength).

/pentest/password/jtr/john –stdout –incremental:all | aircrack-ng -b **:**:**:**:**:** -w – filename.cap

Step 4Secure Your Own Wireless Network

Secure Your Own Wireless Network


Hopefully you gained some insight into how to not get your own wireless connection hacked:1. Use WPA2 (WPA2-AES) if available and by all means never use WEP.
2. Don’t base your password on a dictionary word. The next section focuses on passwords in general.
3. In your router settings you can usually hide your ESSID (the name of the wireless network) this will add a small layer of security.
4. In your router there is probably a mac-address filtering service where you can specify the mac addresses that are allowed to connect. This will make sure that only your approved devices can connect to your network. (obviously a problem though if you have a guest over and wants to connect to your Wifi).

Step 5Passwords

You have to have good passwords in this day and age. If not your credit card information, your personal information and identity are available to those who want to use it and abuse it. Here are some guidelines to coming up with a secure password:1. At least 8 characters.
2. At least one number, letter and special character ie: $ # % ^ @ !
3. NOT based on a dictionary word
4. Multiple transitions: ie: aaa111aaa111 not aaaa11111.

How can I remember these passwords?

Come up with a word such as: calculus and substitute numbers and other characters for letters ie: c@1cu1u$
This is still based on a dictionary word though so you should still make it harder such as appending something to the end or beginning.

I also highly recommend using a different password for every website, how can you do this easily? Remember random variables in algebra? Have a random variable in your password that is based on the website or some other information.

IE: XpasswordY where the first X is the last letter of the website name and the last Y is the first letter of the website name:

So the Instructables website password would be SpasswordI or your Facebook password would be KpasswordF and your Hotmail password will be LpasswordH.

It might seem like a lot but it’s worth the time to prevent the potential theft of your money, identity and your life ruined.

Cyber-Crimes Pose ‘Existential’ Threat, FBI Warns

Despite the increased frequency and severity of online crime and espionage in 2011, many American corporations and consumers are still not taking the threat seriously, the FBI’s top cyber official said Thursday.Cyber Threat

The risk posed by criminal hackers is “existential, meaning it could eliminate whole companies,” said Shawn Henry, the FBI’s executive assistant director. If hackers were able to tamper with critical infrastructure such as the power grid, “it could actually cause death,” Henry said in remarks at the International Conference on Cyber Security in New York.

To highlight the growing threat, Henry cited several recent FBI investigations, such as one involving a smaller company that went out of business after hackers stole $5 million from accounts, another concerning a larger firm that “virtually overnight” lost a decade of research and development worth $1 billion, and still another regarding hackers who encrypted millions of records of a health services company and demanded money for the password.

“We’ve seen the number and sophistication of the attacks by these cyber actors increase dramatically,” Henry said.

“Hundreds of millions of dollars have been stolen, primarily through the financial services sector, just in the last couple years,” he said. An organized crime ring in Eastern Europe, for example, earned about $750,000 per week from cyber theft, he added.

Henry’s warnings came after what some have called the Year of the Hacker. Numerous major organizations, from Sony to the U.S. Chamber of Commerce, revealed last year that hackers had infiltrated their networks to steal corporate secrets or leak sensitive customer data.

Many security breaches last year were attributed to the hacker group Anonymous, which claimed responsibility over the holidays for bringing down the servers of global intelligence firm Stratfor and stealing thousands of credit card numbers and other customer information.

But Henry made no mention of the group in his remarks. Instead, he said today’s most dangerous hackers generally fit three profiles: nation states targeting research and development, intellectual property and corporate strategies of American companies; terrorists who have shown a growing interest in using cyber attacks against critical infrastructure; and organized criminals wielding botnets (or networks of zombie computers) to attack corporate computer networks.

The FBI is also noticing more “persistent threats,” hackers who access a company network “for many months, in some cases years” without detection, Henry said.

In one case, Henry said, “the administrator of a network … had no concept or understanding that an adversary had been pilfering data, viewing data and all the transactions within that organizations for a very long time.”

To combat rising cyber-crime, Henry said, the FBI has taken several new measures, such as embedding agents with police departments across Eastern Europe, including Estonia, Romania and Ukraine. Such efforts have paid dividends, he said, citing Operation Ghost Click, a two-year FBI investigation that led to the arrests of six men from Estonia for allegedly running a sophisticated Internet fraud ring that netted more than $14 million in online advertising revenue.

The growing cyber risks threaten not just corporations but also consumers, Henry said. The advent of new technology, particularly smartphones, has opened up new attack vectors for hackers. Many Americans now conduct personal banking by accessing Wi-Fi hot spots on their smartphones, which can lead them directly into traps set by cybercriminals.

“We’ve seen adversaries who set up these Wi-Fi hotspots intentionally to pilfer data,” Henry said.

Hackers working within organizations, or “insider threats” have also become a growing risk, he said. In February an Apple employee was convicted of transmitting confidential information to Asian suppliers of iPhone and iPod accessories in return for more than $1 million dollars in kickbacks, he said.

Yet despite the growing cyber-security threats, many organizations continue to ignore it, Henry said: “Either they don’t recognize it, they don’t understand it or they don’t care.”

Said Henry: “They look at many risks but they don’t see this risk — the loss of all their intellectual property, the loss of all their corporate strategies into the ether.”

Your Phone’s Biggest Security Risk

Do you have a sexy pic of your girlfriend on your phone? What would she do to you if it ended up on the Internet? This risk is greater than you might think—especially if you own an Android—according to research from North Carolina State University.

Certain Android phones like the EVO 4G and HTC Legend have preset apps that allow access to personal information or exposed phone features without requesting necessary permissions for the actual use, the researchers discovered. The apps are built on top of Google’s baseline Android software and are often used to notify users if they have missed a call or received a text message, explains Xuxian Jiang, Ph.D., an assistant professor of computer science at North Carolina State.

The problem: Hackers then access these backdoor apps and record phone calls, send text messages, and see personal information you send.

Jiang’s team told all of the manufacturers about the risk as soon as they discovered it. But that doesn’t mean you’re entirely safe. A 2011 Juniper Networks Global Threat Center study found in May that malware attacks were up 400 percent since the summer of 2010.

Michael Gregg, cyber expert with Superior Solutions Inc., offers these tips on how to keep the information on your phone secure.

· Turn off apps and services you aren’t using. Hackers wait in WiFi hot spots and look for open apps like a GPS tracker to link into your phone. They gain access to the apps and browsers you use, take information from your personal email, and can even steal your identity.

· Make a great password. The best practice is to use a passphrase. To start, think of a phrase and then turn it into a complex password. As an example, “rock and roll forever” becomes “Rock&roll4ever.” It’s upper case, lower case, special character, and numeric. And as it’s a phrase its much harder for an attacker to guess but easy for the user to remember.

· Encrypt sensitive data. Most BlackBerry, iPhone and Android smartphones have built-in encryption software. For more advanced security a third party like Whisper Systems has downloadable software to make sure that even if someone gets your files, they can’t read them. Do it for any files containing personal information like your address, birthday, or anything that you wouldn’t want anyone else knowing.

· Lock others out of your phone. Apps like The Perfect App Protector (free for Android), Smart Lock ($1.80 for Android), Lock Apps ($2.99 for BlackBerry) and Pic Lock 2.0 (free for iPhone) keep your photos, videos, and files safe by closing them to backdoor applications. Just ask the RNC: A reporter bought a BlackBerry formerly used by a Republican, which just happened to have Gov. Schwarzenegger’s personal cell phone. We’re sure the Governator wasn’t a big fan of the crank calls.

· Be wary of “SMishing”. Hackers have gotten creative and will send texts appearing to be from your bank. Only use official bank websites or apps, and if something looks suspicious always call your bank to verify the sender.

· Install anti-virus software. Many smartphones are now more advanced than computers. Jiang recommends the free NetQin Mobile Security software to all of his friends with Android and BlackBerry phones. For iPhone check out VirusBarrier iOS $2.99.

· Catch the thief yourself. There are two types of apps that are great for getting your phone back if ever stolen. Gregg recommends getting both.

-GPS tracker. If your phone is ever stolen, an app like TekTrak Pro ($4.99 for Android), Mobile Defense (free for Android), Find My Phone ($2.99 for BlackBerry) will show your phone’s current coordinates. The iCloud allows users to track their phone’s coordinates but the free Find my iPhone guarantees people cannot turn off the cloud system.

-The Gotya! Face Trap! App for Android $1.99. This app takes a picture whenever your screen lock is entered incorrectly. After taking the picture, it acquires the location of your device and forms a Google maps link, sending it with the time stamped picture to your email/Facebook helping you and the police track him down.

Post Navigation