Monday, August 5, 2013

Wifi Hacking - WEP - Kali Linux Aircrack-ng suite

Alright, this post is written assuming you have Kali Linux up and running on your computer. If not, here is a post on hacking with kali linux. It will tell you about what Kali Linux is, and how to use it. It will guide you through installation process.
So if you are still following, then just follow these simple steps-


Firstly, create a wireless network to crack. Don't use this method on others. It is illegal. Then proceed with the steps below.

1. Find out the name of your wireless adapter.



Alright, now, your computer has many network adapters, so to scan one, you need to know its name. So there are basically the following things that you need to know-
  • lo - loopback. Not important currently.
  • eth - ethernet
  • wlan - This is what we want. Note the suffix associated.
Now, to see all the adapters, type ifconfig on a terminal. See the result. Note down the wlan(0/1/2) adapter.





2. Enable Monitor mode

Now, we use a tool called airmon-ng to  create a virtual interface called mon. Just type 
airmon-ng start wlan0
 Your mon0 interface will be created.



3. Start capturing packets

Now, we'll use airodump-ng to capture the packets in the air. This tool gathers data from the wireless packets in the air. You'll see the name of the wifi you want to hack.
airodump-ng mon0


4. Store the captured packets in a file 

This can be achieved by giving some more parameters with the airodump command
airodump-ng mon0 --write name_of_file

Now the captured packets will be stored in name_of_file.cap
You have to wait till you have enough data (10000 minimum)


5. Crack the wifi

If all goes well ,then you'll be sitting in front of your pc, grinning, finally you've got 10000 packets (don't stop the packet capture yet). Now, you can use aircrack-ng to crack the password. (in a new terminal)
aircrack-ng name_of_file-01.cap 
The program will ask which wifi to crack, if there are multiple available. Choose the wifi. It'll do its job. If the password is weak enough, then you'll get it in front of you. If not, the program will tell you to get more packets. The program will retry again when there are 15000 packets, and so on.

Note : This will not work with WPA-2. Here is a tutorial on -
Hacking wpa/wpa-2 wps with reaver on kali linux


Troubleshooting : Check this link if you failed to hack the network. 

The missing ingredient

Here is a comparatively advanced tutorial which will require you to have gone through this tutorial as well as the missing ingredient one. After you have got the big picture, you can move on to complicated things like speeding up wifi hacking.
Speeding Up WEP Hacking



Saturday, August 3, 2013

Virtual Private Networks, Another Way To Ensure Privacy

Before we get to the interesting part, first a little bit introduction about what a VPN is -
Put simply, a Virtual Private Network, or VPN, is a group of computers (or discrete networks) networked together over a public network—namely, the internet. Businesses use VPNs to connect remote datacenters, and individuals can use VPNs to get access to network resources when they're not physically on the same LAN (local area network), or as a method for securing and encrypting their communications when they're using an untrusted public network. When you connect to a VPN, you usually launch a VPN client on your computer (or click a link on a special website), log in with your credentials, and your computer exchanges trusted keys with a far away server. Once both computers have verified each other as authentic, all of your internet communication is encrypted and secured from eavesdropping. (lifehacker)
 So basically, what happens here is that the data you send is protected from eavesdropping. It is encrypted in  a way that can't be decrypted easily. So, other than the two methods discussed earlier, VPN is a method to stay anonymous too.

What are the advantages of using a VPN?

  1. Your data is encrypted.
  2. No-one can eavesdrop your communications.
  3. Your privacy is ensured.
  4. You can pretend to be someone you are not (You wanna use some service which is banned in your country, VPN is the answer).
  5. You can overcome browsing restrictions imposed on you.

What makes a good VPN?

  1. Price - Hell yeah, it should be priced reasonably (did I forget to mention VPNs are not free of cost)
  2. Free? Yeah, there are some free VPNs too. They serve you ads and are more or less useless. They dont do what they promise. They are good for beginners though, who want to learn, and privacy is not much of a problem.
  3. They should use SSL. If you have no idea what this means, then, simply put, its the best protocol the VPNs use, and all others come next to SSL. (other protocols have their own pros and cons)
  4. Logging- Some VPNs log your data. Not good.
  5. Exit location - There must be a lot of them. That is, you can pretend to be a lot of people. Also, if there are very less exit locations, then it will affect browsing.

How VPNs work?


If you need more info, google it. I'm not going to name specific VPN service for you, all have their pros and cons. You'll have to do your homework. However, if you need reference, then lifehacker has a good article about it.

Staying Anonymous

Alright Guys, this is the first post of this blog. But I won't waste time with formalities. But before you become a hacker, you must know how to stay anonymous online. There are various levels in which this can be done
(Note: None of these methods are completely foolproof. If you are doing something illegal, then you'll go to jail. That's it.)

Tails OS

"Tails is a live system that aims to preserve your privacy and anonymity. It helps you to use the Internet anonymously almost anywhere you go and on any computer but leaving no trace unless you ask it to explicitly."
This is what their official website has to say about it. Actually, it is nothing but an OS that comes with all applications customized for privacy and anonymity.
Thats what tails OS looks like.


How To Use
  1. Go to their official website and read the stuff there. 
  2. Download the latest version of the OS.
  3. Put it on a USB and boot.
  4. Explore the OS, and learn more about it from their documentation.
Once you are through with the documentation and have practiced enough with the OS, your identity is safe.


Tips
  1. You should have some experience with linux if you want to become a hacker. Ubuntu is good for beginners.
  2. Do not assume that you are completely anonymous. You are not.

TOR BROWSER BUNDLE

"The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world: it prevents somebody watching your Internet connection from learning what sites you visit, it prevents the sites you visit from learning your physical location, and it lets you access sites which are blocked.
The Tor Browser Bundle lets you use Tor on Windows, Mac OS X, or Linux without needing to install any software. It can run off a USB flash drive, comes with a pre-configured web browser to protect your anonymity, and is self-contained." - Official Website
If the idea of downloading a whole OS sounds boring to you, then this browser is made for you. It, however, is not as robust as tails, and its usage is limited to anonymous browsing.

    How To Use
    1. Go to their website and read the documentation.
    2. Download the latest browser bundle.
    3. Read the documentation.
    4. Install and run.
    Note:
    Browsing is annoyingly slow, since the traffic passes through three relays.

    That's all for this post. In the next post we'll talk about VPNs.