Monthly news - August 2010

NeoPwn changed their plan and prefer to release it when the final version is ready. It will finally be called NeoPwn v2.

They plan to do two betas:

• Private beta containing the control panel, the injection driver and installer but the number of requests is limited
• Public beta without the control panel, injection driver and installer once the project has reached beta stage.

The final version will be free to download when it is completed and a safe installation process has been developped.

Their website contains more details about the release plan.


I tested the driver and so far it is working really well as you can see:

Last month, the video was showing the injection test on the N900. If you watch carefully, you can note that one of the BSSID is 00:00:00:00:00:00. I first thought it was a bug in aircrack-ng but it's not. I was told it's a unconfigured AP. It only sends beacons and jumps on different channels. If you're as curious as me, here is a capture file with just a beacon.

Forum:

• WiFiCake-NG 1.7 is a Perl/TK interface for manipulating the CSV of airodump-ng. You can find more details in the forum thread here. Their website contains a youtube video as well as a PDF manual for the application.

Other:

• Hack4Fun made an interview with Christophe Devine.
• BlackHat and Defcon presentation slides of Hole 196: WPA Too.
• Blackhat presentation: WPA Migration Mode: WEP is back to haunt you... (Contains paper, presentation slides, videos and patches for Aircrack-ng and Kismet). It is an attack against Cisco WPA Migration mode that allows WEP and WPA clients to associate to an AP with the same ESSID. It will be integrated to Aircrack-ng.

Monthly news (July 2010)

This month I have some really interesting news. A lot of people would like to have Aircrack-ng on their phone (including me) but unfortunatly most phones can't work due to their drivers. Do you remember when I talked about NeoPwn v2 which is BackTrack Mobile?

A beta will be released before BlackHat/Defcon and will include Aircrack-ng. What's really great is that injection works with the internal card of the N900 (the original video can be downloaded here):

 

They also released 2 additional videos on Youtube:

• BackTrack Mobile (Nokia N900) - Packet Injection Aireplay-NG
• BackTrack Mobile (Nokia N900) - Mac Address Changer

Forum:

• There's a new section in the forum for BackTrack Mobile.
• Beini 1.2.1 was released. It can be downloaded from its website.
• Jano updated wesside-ng replacement, one-command WEP crack to save the key into a file.
• criser released WepCrackGui 0.8.1, a GUI for Aircrack-ng in C# (Mono). It can be downloaded on Sourceforge.

Other:

• BlackHat conferences will happen the 28th and 29th. Schedule can be found here.
• Besides BlackHat, there will also be BSides Las Vegas. There aren't as much talks as in BlackHat but they look really interesting.
• Defcon 18 (29 July - 1 August) posted the final schedule a week ago.
• Starting from 2011, the Wifi Alliance will not allow WEP and TKIP in certified Wifi devices. You can read more about it on WiFiNetNews.
• I missed the update (v2.1.7) of the patch for FreeRadius-WPE (Wireless Pwnage Edition) released in May.

Monthly news (April 2010)

Project news:
- ebfe, who created airolib-ng, released an exploit for airodump-ng, aircrack-ng, airdecap-ng. You can find more information in his blog (Post 1, Post 2) but it just makes the tools crash, no real exploit released. It will be fixed in the next few days before the release (v1.1).
- Nearly everything has been moved to the new server, only forum, trac and buildbot needs to be moved :).
- Do you remember I wrote that trac didn't display svn commits for some unknown reason? That's now fixed, I just had to comment out a line in trac.ini.
- For those who can't open the website due to URL filtering, use whydoyoublock.me. It's not a mirror, it points to the exact same content as www.aircrack-ng.org.

Forum news:
- Patches to override the regulatory domain for ath5k, ath9k and ar9170.
- The work on the C# GUI for aircrack-ng, WepCrackGUI, continues. And here is a blog post in italian about it.
- Beini now has its own website. Here is the forum thread.
- Wordlist generation:
    * Here and there
    * Here is a script by Zermolo to generate wordlist with only numbers, called permutate and another post in the same thread about the same subject with JTR.
    * Creating custom rules for John.
    * Word field is an incremental word list generator.

Other news:
- I'll speak at Sharkfest. It will take place in the main campus of the Standford University, June 14-17.
- Ever heard about NeoPwn? Version 2 will be based on the Nokia N900 and will be Backtrack Mobile.
- Remember spoonwep and spoonwep 2? Shamanvirtuel is working on spoonwep 3. Public beta release is planned between 15th-30th April.
- If you're using SliTaz, you might be interested to know that they released v3.0 a week ago.