hack

What is AirPWN?

AirPWN? is a tool that first debuted at DefCon 12.

AirPWN? acts as a man in the middle tool for wireless networks. It takes advantage of the time that a website takes to respond to normal page requests. In that lag time, it can inject its own content onto the wireless channel of an access point. For instance, you may request a page from wikipedia.org that takes, round-trip, approximately 125 ms. If someone near you is running the airpwn tool, it will see your request and immediately respond with its own web page and/or content because it is much closer and takes much less time to respond. When your computer receives the data, it will think the original request was answered and display the page. When the real web page is presented, it will either ignore the page, or display some of the content. AirPWN? can be configured to carefully craft responses so that your browser will ignore the real web content as it would with html comments.

In this article i walk you through installing AirPWN on Ubuntu Linux 10.04 and 10.10.

Read on for more.

Aircrack-ng

Aircrack-ng is a set of tools for auditing wireless networks. These tools can recover 802.11 WEP and WPA-PSK keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the all-new PTW attack, thus making the attack much faster compared to other WEP cracking tools.

Last year i walked you through installing the Aircrack-ng suite on Ubuntu Linux.

We will be installing and using just part of the Aircrack-ng suite, airmon-ng. This will allow us to put our wireless card into "Monitor" mode.

Wicrawl

Wicrawl is a simple wi-fi (802.11x) Access Point auditor with a simple and flexible plugin architecture. The plugins allow us to find out useful information about an AP so we don’t have to manually check each access point. Plugins are implemented for existing common tools, and new plugins can be written in any language. Wicrawl is able to use multiple cards, and eventually will be able to use multiple computers.

The goal is to automate the tedious task of scanning wi-fi access points for interesting information. This can be a useful tool for penetration testers looking to “crawl” through massive numbers of APs looking for interesting data. Plugins will be everything from DHCP and nmap to aircrack or hooks to move a motorized directional antenna around.

The guys over at Midnight Research Labs stopped development back in 2007. Being a bit out-dated, it wouldn't compile on the latest Ubuntu without a couple tweeks. I replaced the entire source code in the Aircrack-ng plugin folder with the latest SVN (as of this post). I also had to add a header file to the discovery folder to help it compile.

I went ahead and tared up my folder with all of these edits so you can easily compile it on the latest Ubuntu Linux (9.10 as of this post).

In this video tuorial, i walk you through installing Aircrack-ng as well as Wicrawl.

Video tutorial of my last article on Installing AirPWN.

Read on for the text version.

SSL Strip

This tool provides a demonstration of the HTTPS stripping attacks that was presented at Black Hat DC 2009. It will transparently hijack HTTP traffic on a network, watch for HTTPS links and redirects, then map those links into either look-alike HTTP links or homograph-similar HTTPS links. It also supports modes for supplying a favicon which looks like a lock icon, selective logging, and session denial.

In this article i will walk you through installing SSLstrip along with ettercap and perform a MITM attack.