EvilZone
Hacking and Security => Beginner's Corner => : meareiguana April 26, 2015, 05:23:02 AM
-
Hey guys,
I probably should've posted this in the newbie section but oh well... Alright so, I'd been using a wep secured network up until few days ago when it got turned off for w/e reason so I was forced to find another victim in the building.
To begin with, I'm pretty limited with both hardware (a wifi adapter that doesn't support packet injection and software (win8). While capturing packets (passively, low signal strength, hella slow) from a wep secured network, I've accidentally captured a 4-way handshake. The encryption is WPA2-TKIP, if it means anyhing to you... Currently in the process of cracking it by using aircrack.(00000000-99999999 lst file). Using english dictionary is basically worthless in the country I live in so yeah, I was hoping the pw would be as short as possible and that it would contain numbers only. Since ssid revealed the ISP as well as the router model, I called their customer service and tricked them into confirming that the default password is indeed 8 digits. - can only hope that it remained unchanged, otherwise I'm screwed, right? It would take ages to crack it. Oh and yeah WPS is disabled, too.
A question regarding 4-way handshakes - if i understood correctly, they can be captured only the first time a person enters the password on a wireless device, right? Otherwise I would've captured dozens by now, whenever a cell gets back into wifi range, heh.
After obtaining the password, my next goal is to stay anonymous so that I don't get noticed. Well, one would think that only an average user would leave the default password, bur you never know who you're dealing with. Quite honestly I have no idea what can happen to my devices/datq when Im connected to someone else's network. Pretty much anything, I guess.
should i use a proxy/vpn, like hot-spot shield? Would it be ossible to hide (spoof) my mac address so it isn't visible when they log into router settings?
Is there something else you'd advise me to do? But please keep in mind that my level of expertise is pretty low. I'm willing to do some reading and educate myself, though.
Thanks in advance!
-
/move newbies section
http://evilzone.org/tutorials/using-pixiewps-on-ralink-chipset-routers/
https://evilzone.org/tutorials/wpa-cracking-with-backtrack-5/
https://evilzone.org/tutorials/cracking-wpawpa2-encryption-pre-shared-key-(psk)/
https://evilzone.org/tutorials/rogue-ap-mitm-attack-(fake-ap)/
And for you to stay hidden:
1. Disable shares
2. http://bit.ly/1PCYeh9
Damn you dont read...
-
The AP that I'm trying to hack does not have WPS enabled and secondly, I don't use kali linux - I stated that quite clearly. Wifi hacking is my only point of interest and so far windows has done the job for me. Yes, I'm well-aware of its limitations and if I don't succeed with the current method, I might invest some time into learning basic linux.
i always disable sharing, of course. Have already googled about mac addresses, merely wondered if there is something else worth mentioning.
Thanks for the links, though!
-
The AP that I'm trying to hack does not have WPS enabled and secondly, I don't use kali linux - I stated that quite clearly. Wifi hacking is my only point of interest and so far windows has done the job for me. Yes, I'm well-aware of its limitations and if I don't succeed with the current method, I might invest some time into learning basic linux.
i always disable sharing, of course. Have already googled about mac addresses, merely wondered if there is something else worth mentioning.
Thanks for the links, though!
Simple if you are serious about this learn some linux.
The default WPS password is 8 digits not the WPA password.
Well some ISP's do set default just to digits, I have seen in before.
Recently some popped up where I live that uses stupidly simple defaults.
-
Hey guys,
I probably should've posted this in the newbie section but oh well...
I have a real problem with this statement here. Being ignorant is one thing, but realizing and being too damn lazy to switch to a different section? Come on man.
-
And too lazy to download kali.. I posted what he needs and hes an asshole about it.. Fuck him
-
Agreed, locked, all info is here.