Category: Wireless Hacking

Mar 05 2011

PacketFence – Open Source Network Access Control (NAC) System

PacketFence is a fully supported, trusted, Free and Open Source network access control (NAC) system.

Boasting an impressive feature set including a captive-portal for registration and remediation, centralized wired and wireless management, 802.1X support, layer-2 isolation of problematic devices, integration with the Snort IDS and the Nessus vulnerability scanner; PacketFence can be used to effectively secure networks – from small to very large heterogeneous networks.

What you can do with PacketFence :
PacketFence

  • Block iPods wireless access
  • Forbid rogue access points
  • Perform compliance checks
  • Eliminate Peer-to-Peer traffic
  • Provide guest access
  • Simplify VLAN management

Download: packetfence-2.1.0.tar.gz

Feb 01 2011

Ubertooth One : A Bluetooth Network Hacking Tool

Ubertooth One is a cheap, open-source Bluetooth network sniffer. Unlike Wi-Fi, which has had a wide range of free network monitoring tools for years, Bluetooth has remained pretty closed. Michael Ossman is about to change this, with his Ubertooth Kickstarter project.

Ubertooth One

The Ubertooth One is a USB plug with an antenna, and a ARM Cortex-M3 processor-based board in-between. Plug it into your computer and you can use it with various wireless monitoring tools like Kismet. The Ubertooth allows you to use Bluetooth in monitoring mode. This “promiscuous” mode makes the radio pass everything that it picks up onto the host computer. Normally, wireless receivers will ignore anything not addressed to them. In promiscuous mode, you can sniff and gather data meant for other devices.

These tools can be used for testing network security, or for hacking. Kismet, for example (and derivatives like the Mac OS X version KisMac) can be used to crack Wi-Fi networks’ passwords.

Until now, Bluetooth monitoring hardware would cost upward of $1,000. Ossman’s device will cost just $100 and, because both the software and hardware are open-source, you can build your own.

Ossman demonstrated the Ubertooth One at the ShmooCon hackers convention on Friday. Future software updates will enable Bluetooth injection and expanded monitoring modes.

More Info:
Project Ubertooth [Sourceforge]

Ubertooth One on Kickstarter [Michael Ossman’s blog

Jan 05 2011

Researchers hack GSM mobile calls

Researchers have demonstrated an alarmingly simple technique for eavesdropping on individual GSM mobile calls without the need to use expensive, specialised equipment.

During a session at the Chaos Computer Club Congress (CCC) in Berlin, Karsten Nohl and Sylvain Munaut used cheap Motorola handsets running a replacement firmware based on open source code to intercept data coming from a network base station.

Armed with this, they were able to locate the unique ID for any phone using this base, breaking the encryption keys with a rainbow table lookup.

Although far from trivial as hacks go, the new break does lower the bar considerably compared to previous hacks shown by the same reasearchers. In 2009, Nohl published a method for cracking open GSM’s A5/1 encryption design using a lookup table in near real time.

Another important detail is that Nohl was able to replace the firmware of the handsets with custom software. According to the BBC report on which most stories are being based, this was only possible because the Motorola handsets in question had been reverse engineered after an unspecified leak.

How easy would it be to exploit the new hack? In short, not particularly easy. Creating a custom lookup table similar to Nohl’s would take months of work and any eavesdropper would still need to break into the handset in question.

The crack does lower the bar from being a hardware problem to one of software expertise, which will cause some alarm in the GSM engineering community.

By John E Dunn,
TechWorld

Sep 24 2010

wifite – Mass Wifi WEP / WPA Cracker

wifiteTo attack multiple WEP and WPA encrypted networks at the same time. this tool is customizable to be automated with only a few arguments. wifite can be trusted to run without supervision.

Features :

  • sorts targets by power (in dB); cracks closest access points first
  • automatically deauths clients of hidden networks to decloak SSIDs
  • numerous filters to specify exactly what to attack (wep/wpa/both, above certain signal strengths, channels, etc)
  • customizable settings (timeouts, packets/sec, channel, change mac address, ignore fake-auth, etc)
  • all WPA handshakes are backed up to wifite.py's current directory
  • smart WPA deauthentication — cycles between all clients and broadcast deauths
  • stop any attack with Ctrl+C — options: continue, move onto next target, skip to cracking, or exit
  • switching WEP attack methods does not reset IVs
  • intel 4965 chipset fake-authentication support; uses wpa_supplicant workaround
  • SKA support (untested)
  • displays session summary at exit; shows any cracked keys
  • all passwords saved to log.txt
  • built-in updater: ./wifite.py -upgrade

Requirements:

  • linux operating system (confirmed working on Ubuntu 8.10 (BT4R1), Ubuntu 10.04.1)
  • tested working with python 2.4.5 and python 2.5.2; might be compatible with other versions,
  • wireless drivers patched for monitor mode and injection: backtrack4 has many pre-patched drivers,
  • aircrack-ng (v1.1) suite: available via apt: apt-get install aircrack-ng
  • xterm, python-tk module: required for GUI, available via apt: apt-get install python-tk
  • macchanger: also available via apt: apt-get install macchanger
  • pyrit: not required, optionally strips wpa handshake from .cap files

Download : wifite.py

More Info : wifite – Project Hosting on Google Code

Dec 14 2009

inSSIDer – Wi-Fi Network Scanner For Windows

inSSIDer is an award-winning free Wi-Fi network scanner for Windows Vista and Windows XP. Because NetStumbler doesn’t work well with Vista and 64-bit XP, an open-source Wi-Fi network scanner designed for the current generation of Windows operating systems.

inSSIDer

What’s Unique about inSSIDer?

  • Use Windows Vista and Windows XP 64-bit.
  • Uses the Native Wi-Fi API.
  • Group by Mac Address, SSID, Channel, RSSI and “Time Last Seen”.
  • Compatible with most GPS devices (NMEA v2.3 and higher).

How can inSSIDer help me?

  • Inspect your WLAN and surrounding networks to troubleshoot competing access points.
  • Track the strength of received signal in dBm over time.
  • Filter access points in an easy to use format.
  • Highlight access points for areas with high Wi-Fi concentration.
  • Export Wi-Fi and GPS data to a KML file to view in Google Earth.

Download: Inssider_Installer.msi

More Info: inSSIDer Wi-Fi Scanner | Metageek