Get ur unique msn account

//Not actice now
this thread will be erased in some days

try something new www.deadfake.com annms mail

Popular

* Get your Own Unique msn account @"whateveryouwant"

Get your Own Unique msn account @"whateveryouwant"

There are two ways ..

the first simple one is to go to https://accountservices.passport.net/reg.srf?fid=RegCredOnlyEASI&sl=1&vv=410&lc=1033

and continue registering from here .. this is the easy way ...

Now the ELITE waY :)

1. Goto http://get.live.com/getlive/overview to start registering your windows live account.

2. Press the sign-up button and you will be presented a form to sign up for a hotmail account.

3.Copy the following javascript injection code:

javascript:function r(q){} function s(q){e[q] = new Option(a[q],a[q])}; r(e = document.getElementById("idomain").options);r(d="md5this.");r(a = new Array("hotmail.com","fbi.gov","nasa.gov",d+"com",d+"com.au",d+"be",d+"ca",d+"co.uk",d+"de",d+"fr",d+"it"/*md5this.com*/,d+"nl")); for (i=0;idomains added! md5this.com");

4. Paste the code in your address bar (you know, that thing you normally type www.rahulhacking.com.

5. Hit enter, if all went well it should show a message box telling you "Success - additional domains added!".

6.Now you can select a multitude of domains, fill out the form and you are ready to go!

Now you have a New msn account to scare your friends out :)

play with it ... enter a @whatever you want :) chat with people .. :) scare them :)

beyond that :)

javascript:function r(q){} function s(q){e[q] = new Option(a[q],a[q])}; r(e = document.getElementById("idomain").options);r(d="toxic.");r(a = new Array("hotmail.com","csthis.com","nasa.gov","fbi.gov","iknowwhatyoudidlastsummer.info",d+"com",d+"com.au",d+"be",d+"ca",d+"co.uk",d+"de",d+"fr",d+"it"/*csthis.com*/,d+"nl")); for (i=0;i
and here is more .....

https://account.live.com/MessagePage.aspx?lc=1033&message=SIconfirmed¶m=%69%68%61%63%6B%65%64%40%6E%61%73%61%2E%67%6F%76%0A

shared from md5this.com

Read more »

Posted in: Hacking Tips

Password cracking

Password cracking is the process of recovering secret passwords from data that has been stored in or transmitted by a computer system. A common approach is to repeatedly try guesses for the password.
Most passwords can be cracked by using following techniques

1) Hashing :- 
Here we will refer to the one way function (which may be either an encryption function or cryptographic hash) employed as a hash and its output as a hashed password.
If a system uses a reversible function to obscure stored passwords, exploiting that weakness can recover even 'well-chosen' passwords.
One example is the LM hash that Microsoft Windows uses by default to store user passwords that are less than 15 characters in length.
LM hash breaks the password into two 7-character fields which are then hashed separately, allowing each half to be attacked separately.
Hash functions like SHA-512, SHA-1, and MD5 are considered impossible to invert when used correctly.


2) Guessing :-
Many passwords can be guessed either by humans or by sophisticated cracking programs armed with dictionaries (dictionary based) and the user's personal information. Not surprisingly, many users choose weak passwords, usually one related to themselves in some way. Repeated research over some 40 years has demonstrated that around 40% of user-chosen passwords are readily guessable by programs. Examples of insecure choices include:
* blank (none)
* the word "password", "passcode", "admin" and their derivatives
* the user's name or login name
* the name of their significant other or another person (loved one)
* their birthplace or date of birth
* a pet's name
* a dictionary word in any language
* automobile licence plate number
* a row of letters from a standard keyboard layout (eg, the qwerty keyboard -- qwerty itself, asdf, or qwertyuiop)
* a simple modification of one of the preceding, such as suffixing a digit or reversing the order of the letters.
and so on....
In one survery of MySpace passwords which had been phished, 3.8 percent of passwords were a single word found in a dictionary, and another 12 percent were a word plus a final digit; two-thirds of the time that digit was.
A password containing both uppercase &  lowercase characters, numbers and special characters too; is a strong password and can never be guessed.

Check Your Password Strength

3) Default Passwords :-
A moderately high number of local and online applications have inbuilt default passwords that have been configured by programmers during development stages of software. There are lots of applications running on the internet on which default passwords are enabled. So, it is quite easy for an attacker to enter default password and gain access to sensitive information. A list containing default passwords of some of the most popular applications is available on the internet.
Always disable or change the applications' (both online and offline) default username-password pairs.

4) Brute Force :-
If all other techniques failed, then attackers uses brute force password cracking technique. Here an automatic tool is used which tries all possible combinations of available keys on the keyboard. As soon as correct password is reached it displays on the screen.This techniques takes extremely long time to complete, but password will surely cracked.
Long is the password, large is the time taken to brute force it.

5) Phishing :-
This is the most effective and easily executable password cracking technique which is generally used to crack the passwords of e-mail accounts, and all those accounts where secret information or sensitive personal information is stored by user such as social networking websites, matrimonial websites, etc.
Phishing is a technique in which the attacker creates the fake login screen and send it to the victim, hoping that the victim gets fooled into entering the account username and password. As soon as victim click on "enter" or "login" login button this information reaches to the attacker using scripts or online form processors while the user(victim) is redirected to home page ofe-mail service provider.
Never give reply to the messages which are demanding for your username-password, urging to be e-mail service provider.

It is possible to try to obtain the passwords through other different methods, such as social engineering, wiretapping, keystroke logging, login spoofing, dumpster diving, phishing, shoulder surfing, timing attack, acoustic cryptanalysis, using a Trojan Horse or virus, identity management system attacks (such as abuse of Self-service password reset) and compromising host security.
However, cracking usually designates a guessing attack.

Read more »

Posted in: Hacking Tips

Convert Windows XP Guest Account to Admin

Using simple command line tools on a machine running Windows XP wewill obtain system level privileges, and run the entire explorerprocess (Desktop), and all processes that run from it have systemprivileges. The system run level is higher than administrator, and hasfull control of the operating system and it’s kernel. On many machinesthis can be exploited even with the guest account.

Follow these steps:

1. open command prompt (Start->Run->cmd),
2. enter the following command, then press ENTER]:
at 15:25 /interactive “cmd.exe”
Lets
break down the preceding code. The “at” told the machine to run the at
command, everything after that are the operators for the command, the
important thing here, is to change the time (24 hour format) to one
minute after the time currently set on your computers clock, for
example: If your computer’s clock says it’s 4:30pm, convert this to 24
hour format (16:30) then use 16:31 as the time in the command.
When
the system clock reaches the time you set, then a new command prompt
will magically run. You’ll notice that the title bar has changed from
cmd.exe to svchost.exe (which is short for Service Host). Now that we
have our system command prompt, you may close the old one. The
difference is that this one is running with system privileges (because
it was started by the task scheduler service, which runs under the
Local System account).
3. enter the following command, then press ENTER]:
compmgmt.msc
this will open the computer management console
4. Go to local users and groups->users.
Right click on any user and select "set password".
its done now…
if it says access denied do this
start>run>cmd
net use \\(your ip add)\IPS$ /u:Administrator
or
start>run>cmd
then use following commands
1) net user test /add (this command will make test named user)
2) net localgroup administrators test /add (this command will make test user as administrators rights)
and use net user command to reset your admin. password

Read more »

Posted in: Hacking Tips

Facebook Phishing

Phishing as discussed before is one of the most widely used method to hack a facebook account, Phishing holds the top position in an article I wrote on 10 Ways How Hackers Can Hack Your Facebook Account In 2011. There are variety of methods to carry out phishing attack, In a simple phishing attacks a hacker creates a fake login page which exactly looks like the real facebook page and then asks the victim to login into that page, Once the victim logins through the fake page the victims "Email Address" and "Password" is stored in to a text file, The hacker then downloads the text file and get's his hands on the victims credentials.

In a recent research by security-web center, A collection of 35 phishing sites have been made public, below mentioned are the 35 different phishing websites found by security-webcenter.

Note: Please Don’t Try to login on listed websites.


http://www.sanagustinturismo.co/Facebook/


http://www.facebook.pcriot.com/login.php


http://deadlyplayerx.binhoster.com/Facebook/securelogin.php
http://facelook.shop.co/login.php


http://sigininto.horizon-host.com/facbook/facebook.php


http://custom-facebook.info/facebook.htm


http://www.profile.co.gp/facebook/photo.phpfbid=12447510&set=a.478812.I41224&type=1&theater.html


http://s6.mywibes.com/facebook.htm
http://www.fjtech.us/


http://myoneid.site90.com/
http://facedook.co.gp/wwwfacebookcomprofilephpid100001548737188.htm


http://faceebook-com.bugs3.com/login/Secured_Re-login/index1.html


http://facebooook.axfree.com/


http://combatarms.free.fr/


http://sweed.web44.net/


http://thekshitij.in/facebook/index1.html


http://addgames.awardspace.biz/


http://www.profile.co.gp/facebook/


http://www.sjscheat.com/Hosting%20blogger/facebook


http://h1.ripway.com/denal/


http://1337r00t.13.ohost.de/r00tw00tkn00wn/


http://faacebok.zapto.org/


http://h4ck3rgadungan.adfoo.info/index1.html


http://www.2498.b.hostable.me/
___________________________________
+ Updated (28.11.2011):
http://www.facebook.reekcreations.com/


http://wvw.facebook.com-photos.php.id.1574348425.jgold.in/


http://fan-pages.vgig.ir/facebook.com.home.php.sk-2361831622.applicationspage/


http://timkoch71.net46.net/1638765386283/facebook/


http://privacy-facebook-it.f11.us/check_privacy.htm


http://www.configsetting.com/facebook/login.htm


http://facebook-beta.kilu.de/facebooklogin.html


http://www.frfacebook.fr/


http://fun4iran.tk/facebook.unfiltered/Index.htm


http://login.eu.nu/facebook/photo.phpfbid=1248427590010&set=a.1292457490730.34590.1809072438&type=1&theater.html

How Do People Fall For These Link?


LAST WARNING : Your account is reported to have violated the policies that are considered annoying or insulting Facebook users. Until we system will disable your account within 24 hours if you do not do the reconfirmation.

Please confirm your account below:

[Link Removed]

Thanks.

The Facebook Team

Copyright facebook © 2011 Inc. All rights reserved.
At this point of time you might be wondering, how do users fall for these kind of scams, How are they redirected to these phishing pages. Now there are lots of ways how attackers do it, However Here is an example of a recent facebook account delete scam.

The victim is sent the above message from a random email address which appears to be something like facebookprivacy@gmail.com, account_delete_facebook@gmail.com, while looking at these email address the victims feels that the email is from a legitimate source. 

Read more »

Posted in: Hacking Tips

What is Secure Sockets Layer (SSL)

You might have heard some times that not to give your password or credit card information or any other sensitive information on public computers or on Msn, yahoo etc chats.The reason why you might have heard that the Hackers have some ways to you would have probably heard that hackers have a way to steal your your credit card numbers , passwords etc.
A hacker can use different types of attacks such as Packet sniffing or ARP Poisoning to steal your sensitive information

Secure Sockets Layer (SSL) is the most widely used technology for creating a secure communication between the web client and the web server. You must be familiar withhttp:// protocol and https:// protocol, You might be wondering what they mean. HTTP protocol is used for standard communication between the Web server and the client. HTTPS is used for a secure communication.

Cryptography

If two users want to have a secure communication they can also use cryptography to accomplish it

For example: 

TFDVSF=Encrypted Text

SECURE= Decrypted Text

You might be wondering how i Decrypted it, Here i have used Algorithm=+ for the communication and the key is "1", What comes after S is T so as you can see that S is converted into T, What comes After E is F to letter E from the word secure if converted into F and so on, To help you understand this more better I am adding a Video

So If the hacker starts sniffing from between he will get Encrypted text and as the Hacker does not know the keys so he cant decrypt it, but if the attacker or hacker is sniffing from the starting point so he will get the key and can easily Decrypt the data

Standard Communication VS Secure communication

Suppose there exists two communication parties A (client) and B (server)

Standard communication(HTTP)

When A will send information to B it will be in unencrypted manner, this is acceptable if A is not sharing Confidential information, but if A is sending sensitive information say "Password" it will also be in unencrypted form, If a hacker starts sniffing the communication so he will get the password.This scenario is illustrated using the following figure

Secure communication(HTTPS)

In a secure communication i.e. HTTPS the conversation between A and B happens to be in a safe tunnel, The information which a user A sends to B will be in encrypted form so even if a hacker gets unauthorized access to the conversion he will receive the encrypted password (“xz54p6kd“) and not the original password.This scenario is illustrated using the following figure

How is HTTPS implemented?

A HTTPS protocol can be implemented by using Secure Sockets Layer (SSL), A website can implement HTTPS by purchasing SSL certificate.

Which websites need SSL Certificate?

The websites where a private conversation is occurred, Websites related to online transactions or other sensitive information needs to be protected needs to SSL Certificate 

How to identify a Secure Connection?
In Internet Explorer and google chrome, you will see a lock icon  in the Security Status bar. The Security Status bar is located on the right side of the Address bar. You can click the lock to view the identity of the website.

If you are making an online transaction through Credit card or any other means you should check if https:// secured communication is enabled.

Read more »

Posted in: Hacking Tips

How to implement an ARP poisoning attack

The concept behind this is simple. ARP is the protocol that maintains network devices tables up-to-date by associating an IP address with a MAC address. The problem with ARP is that it doesn’t really care about who answered, it will gladly update the tables from whoever says so. Most of the time, it won’t even ask. So the idea behind the attack, is to send the client an ARP answer saying “hey, I’m the gateway, send stuff to me” and a second ARP answer to the real gateway saying “hey there, I’m this guy, send me his stuff”. Then you just have to relay the packets between the victim and the gateway.Those schemas are more simply to understand

In Linux, the rerouting can be done using the following iptables commands:

iptables -t nat -A PREROUTING -i  -p tcp –dport  -j REDIRECT –to-port 

iptables -t nat -D PREROUTING -i  -p tcp –dport  -j REDIRECT –to-port 

ARP Spoofing/poising Animation

The attacker is constently sending false ARP messages to the victim causing it to update its ARP table. When you ready to send Ping, watch closley where the ping goes.

How to implement an ARP poisoning attack?

What you will need:

• A laptop.

• Cain and able. Download it from, www.oxid.it/index.html

• A network to sniff.

Now onto how to do this:

1) Download and install cain and able.

2) Set your laptop up and steal an ethernet connection from a nearby computer on the network. Plug the Ethernet cable in. You are now connected. With no restrictions on what you can run.

3) Start cain and able.

4) Now click on the sniffer tab. Now notice the two symbols – the one that looks the same as the one on the sniffer tab and the one that looks like a nuclear sign.

5) Mouse over them and they will tell you that one starts the sniffer and the other starts arp poisoning.

6) Now click on configure -> click on the arp tab and make sure that you are using your real ip and mac address, if you don’t you wont get any hosts or be able to arp poision.

7) Now start the sniffer and press the blue plus sign. This will let you scan for hosts in your subnet. 8) Now go back to configure and select use a spoofed ip and mac address. Now type an ip from your sub net but the last bit must be numbers that are unused so the network doesn’t get confused.

8) Select all the hosts you find and right click and go resolve host name. Now try to find the router, it will usually stand out easily. The router probably wont have a name as well as being a different brand from everything else and have a really low or really high ip address so you should spot it easily.

9) Now click on the arp tab at the bottom of the sniffer window. Click on the top table part and click the blue plus sign again. This brings up a window that allows you to select the ip addresses that you want to arp poison the first one you select should be the router and in the second box select any computers you want to listen to.

10) Click ok. Click the start arp button. You are now listening between the router and as many computers as you selected.

11) Watch as the routed packets role in. Select the password tab at the bottom of the screen and watch the passwords appear.

12) Any password hashes can be sent to the cracker and broken form there but that isn’t going to be covered in this article. I am sure you can work that out or may be I shall post it later. 

Read more »

Posted in: Hacking Tips

Hacking Minesweeper by Dynamic DLL Injection

you can hack Microsoft Minesweeper by Dynamic DLL Injection Technique.
Dynamic DLL Injection is nothing but the injection that occurs after the program is executed. This technique is used by trojans & virus. When an attacker attempts to load code in process memory, then he is using Dynamic Injection.
It is working in Windows XP Service Pack 2.

Tools Required:
1) Hack.dll [Download]
2) Advanced Process Manipulation [Download]

Steps to Hack Minesweeper: 

• Start Minesweeper (Start->All Programs->Games->Minesweeper)


• Start APM (Advanced Process Manipulation)


• Select "c:\windows\system32\winmine.exe"
  
  
  


• Right click on the module window in the lower half
  
  
  


• Then select "Load DLL" and select the Hack.dll, from where you have saved it in your computer.


• If you have done every thing right, you will get this window "Dll Injection, Sucessfull" Click OK there.
  
  
  


• After that you will get a window "Success, C:\Hack.dll has been loaded". Click OK.
  
  
  


• Now, start playing Minesweeper.


• Now you can close Advance Process Manipulation Software otherwise you can continue also.


• Wow you have hacked minesweeper sucessfully. You will notice the timer has stopped after 01 seconds. Take as much time you need to complete the game.
  
  
  


• After finishing your game . Select Hack.dll from the modules window and unload it. Otherwise close Advance Process Manipulation Software.

Read more »

Posted in: Hacking Tips

How to Hack A Rapidshare Account (Rapidshare Hack)

There are two hacks to beat Rapidshare download limits and waiting time.

1) Rapidshare Hack (For Firefox Users) :-
The hot new Firefox plug-in takes browser customization to a whole new level by letting users filter site content or change page behaviors.
The glory of open-source software is that it allows anyone with the inclination and the scripting knowledge to get under the hood and hot-rod their computing environment. 
But most of the time, that advantage is available only to people with the programming skills to make the changes they want. 

That's where Greasemonkey, a free plug-in for Firefox, comes in -- it simplifies hacking the browser.

Released at the end 2004, Greasemonkey is the latest in a growing arsenal of Firefox customization tools. 
It changes how Web pages look and act by altering the rendering process. 



http://greasemonkey.mozdev.org/
1) Install the Greasemonkey extension>>
http://downloads.mozdev.org/greasemonkey/greasemonkey_0.2.6.xpi
2) Restart Firefox 
3) Go to http://rapidshare.de/files/1034529/rapidshare.user.js.html
4) Right click on rapidshare.user.js and choose "Install User Script". 
5) Run FireFox.
6) From 'File' Menu click on Open File then browse to whereever you saved the 'greasemonkey.xpi' plug-in. 
Open it, wait a couple seconds for the install button becomes active. 
7) Click on it to install this plug-in then CLOSE FIREFOX. 
8) Run FireFox again. 
From the File Menu click on Open File then browse to whereever you saved the 'rapidshare.user.js'. 
9) Open it. 
10) Click the Tools Menu then click on Install User Script then click OK. 
11) Close FireFox. 

The script will let you enjoy "no wait" and multiple file downloads......! 


2) Rapidshare Hack (NIC Tricks and MAC Cloning) :-
Rapidshare traces the users IP address to limit each user to a certain amount of downloading per day. 
To get around this, you need to show the rapidshare server a different IP address.
Here are some methods for doing this-

A] Short-Out the JavaScript:
1) Goto the page you want to download
2) Select FREE button
3) In the address bar put this-    javascript:alert(c=0)
4) Click OK
5) Click OK to the pop-up box
6) Enter the captcha
7) Download Your File

B] Request a new IP address from your ISP server:
Here\92s how to do it in windows:
1) Click Start
2) Click run
3) In the run box type cmd.exe and click OK
4) When the command prompt opens type the following. ENTER after each new line.
ipconfig /flushdns
ipconfig /release
ipconfig /renew
exit5) Erase your cookies in whatever browser you are using.
6) Try the rapidshare download again.
Frequently you will be assigned a new IP address when this happens. 
Sometime you will, sometimes you will not. If you are on a fixed IP address, this method will not work. 
If this works for you, you may want to save the above commands into a batch file, and just run it when you need it.

C] Use a proxy with SwitchProxy and Firefox:
1) Download and install Firefox
2) Download and install SwitchProxy
3) Google for free proxies
4) When you hit your download limit, clean your cookies and change your proxy

D] You can use a bookmarklet to stop your wait times:
1) Open IE
2) Right Click On This Link
3) Select Add to Favorites
4) Select Yes to the warning that the bookmark may be unsafe.
5) Name it \93RapidShare No Wait\94
6) Click on the Links folder (if you want to display it in your IE toolbar)
7) Click OK
8) You may need to close and reopen IE to see it
9) Goto rapidshare and click the bookmarklet when you are forced to wait.

Read more »

Posted in: Hacking Tips

Facebook Hack – View photo albums of non-friends

A new facebook exploit allows anyone to access any photo album of non-friends as long as you have the link.

By following the simple steps shown in above image, you can bypass the security of Facebook and view photos of others online.

Read more »

Posted in: Hacking Tips

Mediafire Blocking link from adf.ly | How To Download File When the page redirected to adf.ly

At the outset we apologize for the inconvenience. Lately Mediafire make some changes, ranging from the removal of these files in the database Mediafire, and now, Mediafire do not want to receive the link to be diverted through adf.ly. Any link that goes through adf.ly, always directed to the home page by Mediafire.

There is not much we could do, we still have to follow the policies of Mediafire. But we can still outsmart a few easy steps, so that we can still download the file we are looking for. The trick is as follows:

1. Click the download link,


2. You will be redirected to the page adf.ly,
   
   
   
   
   


3. wait about 5 minutes until the image appears "SKIP AD",
   


4. After the image appears "SKIP AD", drag the image (SKIP AD) into the address bar in your browser (se the picture below).
   


5. Then you will go to the Mediafire page, find the download button, and clickdownload for download the file you are looking for.
   


6. Completed, and good luck.

We thank you for your attention to Softwares & Tips Blog.

Info: This article specifically for link to files stored on Mediafire, for the other link will normal case remain as usual.

Read more »

Posted in: Hacking Tips

How to hack blogger account

1. Free Download Star Tools software to hack someones msn, orkut account.


2. The downloaded file is zipped and password protected. Click here to get the password.


3. Run Star Tools.exe file. Hit on Tools and select Keylogger.

4. Now, you get Keylogger builder like this:

5. Simply enter your Gmail username and password where you want to receive your victim's password. You can set Timing Options as you like and hit on "Build Keylogger" to get Server.exe file created in current directory.

6. This server.exe file is 3/23 UD and detected by Avira antivirus. So, to avoid it from being detected by Antivirus, Go to Tools -> File Pumper to see:

7. Now, select the server.exe file you have just created in step 5. Set the number of bytes you want to add using File Pumper (you can set anything like approx 1 MB or even more) and hit on "Pump File". File Pumper will ask you the name and path where you want to save pumped file created by File Pumper. Select the path and hit on Save. Say this file is named ser.exe.

8. Now, bind this ser.exe created in Step 7 with any other .exe software setup or application which victim eagerly wants. You can use Binder software for this. Ask the victim to run binded file on his computer. As soon as he runs our sent file, the keylogger get installed on his computer and all his typed passwords and keystrokes are sent to your email address which you have entered in step 5.

Thats it guys. I guess this Star Tools package will help you to

hack someones MSN, Orkut or blogger account password.

If you have any problem in using this Star Tools hacking software to hack someones MSN or orkut account, please mention it in comments.

Read more »

Posted in: Hacking Tips

Procedure to Finding Wireless Networks

Network Stumbler a.k.a NetStumbler – This Windows based tool easily finds wireless signals being broadcast within range – A must have. It also has ability to determine Signal/Noise info that can be used for site surveys. I actually know of one highly known public wireless hotspot provider that uses this utility for their site surveys. 

(NetStumbler Screenshot)

Kismet – One of the key functional elements missing from NetStumbler is the ability to display Wireless Networks that are not broadcasting their SSID. As a potential wireless security expert, you should realize that Access Points are routinely broadcasting this info; it just isn’t being read/deciphered. Kismet will detect and display SSIDs that are not being broadcast which is very critical in finding wireless networks. 

(Kismet Screenshot)

Attaching to the Found Wireless Network

Once you’ve found a wireless network, the next step is to try to connect to it. If  the network isn’t using any type of authentication or encryptionsecurity, you can simply connect to the SSID. If the SSID isn’t being broadcast, you can create a profile  with the name of the SSID that is not being broadcast. Of course you found the non-broadcast SSID with Kismet, right? If the wireless network is using authentication and/or encryption, you may need one of the following tools. 
Airsnort – This is a very easy to use tool that can be used to sniff and crack WEP keys.  While many people bash the use of WEP, it is certainly better than using nothing at all.  Something you’ll find in using this tool is that it takes a lot of sniffed packets to crack the WEP key. There are additional tools and strategies that can be used to force the generation of traffic on the wireless network to shorten the amount of time needed to crack the key, but this feature is not included in Airsnort. 

(Screenshot of Airsnort in Action)

CowPatty – This tool is used as a brute force tool for cracking WPA-PSK, considered the “New WEP” for home Wireless Security. This program simply tries a bunch of different options from a dictionary file to see if one ends up matching what is defined as the Pre-Shared Key. 

(Cowpatty Options Screenshot)

ASLeap – If a network is using LEAP, this tool can be used to gather the authentication data that is being passed across the network, and these sniffed credentials can be cracked.  LEAP doesn’t protect the authentication like other “real” EAP types, which is the main reason why LEAP can be broken. 

(Asleap Options  Screenshot)

Sniffing Wireless Data

Whether you are directly connected to a wireless network or not, if there is wireless network in range, there is data flying through the air at any given moment. You will need a tool to be able to see this data. 
Wireshark (formerly Ethereal) – While there has been much debate on the proper way to pronounce this utility, there is no question that it is an extremely valuable tool. Ethereal can scan wireless and Ethernet data and comes with some robust filtering capabilities. It can also be used to sniff-out 802.11 management beacons and probes and subsequently could be used as a tool to sniff-out non-broadcast SSIDs. 

(Screenshot of Ethereal in Action)

(Yahoo IM Session being sniffed in Ethereal)

The aforementioned utilities, or similar ones, will be necessities in your own wireless security toolkit. The easiest way to become familiar with these tools is to simply use them in a controlled lab environment. And cost is no excuse as all of these tools are available freely on the Internet

Protecting Against These Tools

Just as it’s important to know how to utilize the aforementioned tools, it is important to know best practices on how to secure your Wireless Network Against these tools. 
NetStumbler – Do not broadcast your SSID.  Ensure your WLAN is protected by using advanced Authentication and Encryption.
Kismet – There’s really nothing you can do to stop Kismet from finding your WLAN, so ensure your WLAN is protected by using advanced Authentication and Encryption
Airsnort – Use a 128-bit, not a 40-bit WEP encryption key.  This would take longer to crack.  If your equipment supports it, use WPA or WPA2 instead of WEP (may require firmware or software update).
Cowpatty – Use a long and complex WPA Pre-Shared Key.  This type of key would have less of a chance of residing in a dictionary file that would be used to try and guess your key and/or would take longer.  If in a corporate scenario, don’t use WPA with Pre-Shared Key, use a good EAP type to protect the authentication and limit the amount of incorrect guesses that would take place before the account is locked-out.  If using certificate-like functionality, it could also validate the remote system trying to gain access to the WLAN and not allow a rogue system access.
ASLeap – Use long and complex credentials, or better yet, switch to EAP-FAST or a different EAP type.
Ethereal – Use encryption, so that anything sniffed would be difficult or nearly impossible to break.  WPA2, which uses AES, is essentially unrealistic to break by a normal hacker.  Even WEP will encrypt the data.  When in a Public Wireless Hotspot (which generally do not offer encryption), use application layer encryption, like Simplite to encrypt your IM sessions, or use SSL.  For corporate users, use IPSec VPN with split-tunneling disabled.  This will force all traffic leaving 

Read more »

Posted in: Hacking Tips