Sunday, August 15, 2010

Monthly news - August 2010

NeoPwn changed their plan and prefer to release it when the final version is ready. It will finally be called NeoPwn v2.

They plan to do two betas:
  • Private beta containing the control panel, the injection driver and installer but the number of requests is limited
  • Public beta without the control panel, injection driver and installer once the project has reached beta stage.
The final version will be free to download when it is completed and a safe installation process has been developped.

Their website contains more details about the release plan.


I tested the driver and so far it is working really well as you can see:


Last month, the video was showing the injection test on the N900. If you watch carefully, you can note that one of the BSSID is 00:00:00:00:00:00. I first thought it was a bug in aircrack-ng but it's not. I was told it's a unconfigured AP. It only sends beacons and jumps on different channels. If you're as curious as me, here is a capture file with just a beacon.

Forum:
  • WiFiCake-NG 1.7 is a Perl/TK interface for manipulating the CSV of airodump-ng. You can find more details in the forum thread here. Their website contains a youtube video as well as a PDF manual for the application.
Other:
Posted by Mister_X at 10:45 PM 1 comments Links to this post
Labels: , , , , , , , , , ,

Wednesday, July 14, 2010

Monthly news (July 2010)

This month I have some really interesting news. A lot of people would like to have Aircrack-ng on their phone (including me) but unfortunatly most phones can't work due to their drivers. Do you remember when I talked about NeoPwn v2 which is BackTrack Mobile?

A beta will be released before BlackHat/Defcon and will include Aircrack-ng. What's really great is that injection works with the internal card of the N900 (the original video can be downloaded here):


video 

They also released 2 additional videos on Youtube:

Forum:

Other:
  • BlackHat conferences will happen the 28th and 29th. Schedule can be found here.
  • Besides BlackHat, there will also be BSides Las Vegas. There aren't as much talks as in BlackHat but they look really interesting.
  • Defcon 18 (29 July - 1 August) posted the final schedule a week ago.
  • Starting from 2011, the Wifi Alliance will not allow WEP and TKIP in certified Wifi devices. You can read more about it on WiFiNetNews.
  • I missed the update (v2.1.7) of the patch for FreeRadius-WPE (Wireless Pwnage Edition) released in May.
    Posted by Mister_X at 12:09 AM 3 comments Links to this post
    Labels: , , , , , , , , , , , , , ,

    Monday, June 7, 2010

    Monthly news (June 2010)

    Here is the 5th edition of our monthly news.

    Project:
    • We had some downtime on the server hosting trac and forum between the 16th and the 20th (hardware issues) and fortunatly nothing was lost. You can read more in these 2 posts: Trac and forum down and Trac and forum up again.
    • The forum will be moved to the new server in a bit more than 2 weeks. The change will be transparent for you. And that means only trac and buildbot are left on the old server. They should be done before Defcon.


    Forum:
    • Airoscript not dead. It got some updates and is now renamed to Airoscript-ng. To get it, type svn co http://trac.aircrack-ng.org/svn/branch/airoscript-ng in a console.
    • Beini 1.2.1 was released a few days ago. It can be downloaded it from its website.
    • minidwep-gtk, a GUI of aircrack-ng in shell script, has been updated to work with Aircrack-ng 1.1.
    • criser, the author of WepCrackGui, is developping a QT frontend for WepCrackGUI that should be included in the next release, v0.9. You can find instructions to get the sources and test it in this post. He also posted some screenshots. You can follow him on twitter: @wepcrackgui.

    Other:
    • I'll give a talk at Sharkfest about wireless security next week.
    • digininja released a Karma patch for hostapd. It now works with ath5k and ath9k. It should work with prism54 and various other cards but that's untested.
    • Backtrack 4 r1 was released. Changes: new kernel (2.6.34-rc6), packages updates, and new drivers. Note that it is an unofficial build meant for assesing hardware incompatibilities with the new kernel.
    • The WiFi Alliances and WiGig announced alliance on multi-Gigabit wireless networks in the 60Ghz band. It will allow up to 7 Gigabit/s. You can read more here. The official press release can be found on WiGig website.
    • Here is another GUI in Java for Aircrack-ng: GRIM WEPA.
    Posted by Mister_X at 9:36 PM 0 comments Links to this post
    Labels: , , , , , , , , , , ,

    Thursday, May 20, 2010

    Trac and forum up again

    You probably noticed earlier today that the trac and forum were working again. They finally fixed the issue (which was according to them probably a bad RAM module or the CPU fan) by replacing completely the server (but keeping the hard drive).

    I think that it's the CPU fan that failed, not the RAM module. But whatever, it works again and that was what we all wanted.
    Posted by Mister_X at 8:26 PM 0 comments Links to this post
    Labels: , , , , , , , ,

    Wednesday, May 19, 2010

    Trac and forum down

    All started Sunday, around 6AM GMT, our 4-year old dedicated server wasn't responding anymore and even a hardware reboot didn't bring it up. So, I opened a ticket and the technicians noticed the power supply died and quickly replaced it.

    Everything worked fine until Monday morning, 9AM GMT, the server started to be unstable. I first thought it was Apache because during my tests, the process used several times 100% CPU when it crashed.
    Then I tried stopping Apache and MySQL, the 2 most consuming processes (the CPU usage was on average at 6% without these 2 processes) and even with that, it was crashing after 15 minutes.

    I thought that our kernel might be corrupted due to the crash of the server, so I tried using one of their netboot kernel (as well as the hardware testing mode) and it kept crashing.

    So, I just opened another ticket for this issue. I really wonder what's going on.

    Also, the migration of the forum and trac to the new server was planned at the end of this month but it might happen sooner than expected (I'll try to do it this week-end).

    I'll keep you updated.
    Posted by Mister_X at 11:29 PM 4 comments Links to this post
    Labels: , , , , , ,

    Tuesday, May 4, 2010

    Monthly news (May 2010)

    Project:
    - Aircrack-ng 1.1 was released a bit more than a week ago. A lot of bug fixes (including the buffer overflow in different tools) and improvements have been done. The most noticeable changes are the addition of airdrop-ng by TheX1le and the interaction in airodump-ng.
    The following screenshot shows some of the possibilities of the interaction (more details in the wiki and in the manpage). In this case, when you color an AP, its clients are automatically colored the same:


    Forum:
    - criser released v0.8 of his C# (Mono) GUI, wepcrack. He uses git for his source control and if you want to use the latest source and don't know much git, read the following. He is looking for someone who can design an icon for his software.
    - Zermolo released permutator beta 1.3. It generates incremental wordlists/dictionaries based on your needs. The package by Jano contains the source code and an Ubuntu package.

    Other:
    - ShamanVirtuel released a GUI to capture WPA handshakes called Autohs-GUI. His project is hosted on Google Code along with a few other programs.
    Posted by Mister_X at 11:08 PM 1 comments Links to this post
    Labels: , , , , , , ,

    Sunday, April 25, 2010

    Aircrack-ng 1.1

    Aircrack-ng 1.1 is released ;)

    A lot of bug fixes (including the buffer overflow in different tools) and improvements have been done. The most noticeable changes are the addition of airdrop-ng by TheX1le and the interaction in airodump-ng.

    Here is the changelog:
    - airdrop-ng: New tool by TheX1le.
    - airodump-ng, aircrack-ng, airdecap-ng, airbase-ng: Fixed buffer overflow in airodump-ng due to forged eapol frame.
    - aircrack-ng: Fixed multicast detection (WPA handshake detection).
    - airodump-ng: Added interaction (see wiki for the commands).
    - airodump-ng: Fixed client time in netxml file.
    - airtun-ng: Add WDS and bridge support.
    - airbase-ng: automatically set privacy bit to 1 if WPA or WPA2 is used (-Z or -z option).
    - airmon-ng: Updated iw URL for v0.9.19.
    - airdriver-ng: Fixed link for madwifi-ng.
    - aireplay-ng: Chopchop enhancement to not stop but wait on deauth packets.
    - tkiptun-ng: Fixed segfault.
    - wesside-ng: Fixed compilation bug with recent version of gcc.
    - cygwin: Compiling sqlite isn't necessary anymore, libsqlite3-devel package can be used.
    - osdep: Strict aliasing and x86_64 fix.
    - osdep: Add tap support for Darwin/OS X. Still require tuntaposx from sourceforge to work.
    - All: Fixed compilation on cygwin 1.7.
    - All: Fixed compilation on recent version of OSX.
    - manpages: Fixed aireplay-ng manpage for attack 0: not disassociation packets, deauth packets.
    - manpages: Added the keys for interaction in airodump-ng.
    - patches: Added regulatory domains override patches for atheros drivers (ath5k, ath9k and ar9170).
    - patches: Added 2.6.32 patch for r8187 driver (ieee80211).
    - Makefiles: Fixed make uninstall.

    Download: aircrack-ng-1.1.tar.gz
    Posted by Mister_X at 2:29 AM 0 comments Links to this post
    Labels: , , , , , , , ,
    Subscribe to: Posts (Atom)