EvilZone
Hacking and Security => Hacking and Security => : manuel87rm December 07, 2015, 12:56:07 PM
-
Hello everyone!
I'm using kali linux on virtual box on my macbook pro and here is how i connected my wifi adapter chipset RT3072 to be able to attemp some hacks:
* Opened virtualbox devices/network clicked on "connect network adapter"
* Then network setting and set--> attached to: bridge adapter and name: en0:wi-fi (airport)
* Cliked on Devices/USB and clicked on my adapter which is RALINK 802.12 n wlan [0101]
I THINK THIS IS CORRECT SETTING BUT IF YOU THINK IT IS NOT PLEASE LET ME KNOW.
After this point I'm having 2 big problems:
1 - trying to bypass an internet hotspot login page
2 - cracking wpa2 password.
First of all i want to say that i'm on a place where they have:
* one hidden open network (which i know the name of) where you have to enter your first name/last name/cabin number/password to login,then buy an internet plan (which is time dependent,pay per hours) and then decide or not to connect to the internet. So basically everyone that wants to use internet has to login first and then on the next page click on CONNECT to be able to use internet,then its when the counter starts.
* Then they also have another hidden network (which i know the name of) but encrypted wpa2.
* And many routers around the place to repeat the signal and allow people to connect wirelessly everywhere.
BYPASSING THE LOGIN PAGE
So,first of all what i tried to do was trying to bypass the login page doing this:
– open terminal in kali linux and type:
* Ifconfig (to see my wifi adapter wich in my case was wlan0)
– then type in order:
* ifconfig wlan0 down
* Iwconfig wlan0 mode monitor
* Ifconfig wlan0 up
(I did this way to enter the monitor mode because for some reason when i typed: airmon-ng wlan0 and then airodump-ng wlan0 didn't work)
– Then i typed:
* iwconfig (and i could see the wlan0 that was in mode:monitor)
– Then i run the command to monitor the network around me:
* airodump-ng wlan0
And now it showed me many network around me (see pictures below) *i just blured the mac addresses for privacy reason*
As you can see in the photos some of the network shows the ESSID (name of the network) but most of the others don't and they show <lengh: 1> (which i have no idea what they are).
After few minutes the monitoring finishes and at the bottom of the page appears this:
PROBLEM 1: As you can see it doesn't show any string details,nothing, and i don't know why! i can't even proceed to copy one of the MAC addresses of the devices connected to it and spoof it to my MAC address to be able to bypass the login to use free internet because as i said there is nothing in there.
CAN ANYONE GIVE ME SOME HELP ON THIS?
Ps: DO YOU THINK IS POSSIBLE TO BYPASS THIS KIND OF LOGIN PAGE TO USE FREE INTERNET?
CRACKING THE WPA2 PASSWORD
PROBLEM 2: I wanted to try to crack one of the network on the list that has wpa2 encryption.
After the list has shown up (see above) no strings appeared at the bottom page (which is a problem as i already mentioned before).
Said so,i tried to open a new page to check if the networks that i wanted to attack was using WPS protocol and typed:
* wash -i wlan0 (and this is what it showed me)
As you can see it says repeatedly "found packet with bad FCS, skipping.." And in this way i can't even proceed to crack the wpa2 network.
DOES ANYONE KNOW WHY?
IF YOU COULD HELP ME IN THIS WOULD BE GREAT AND MUCH APPRECIATED.
THANK YOU A LOT IN ADVANCE
-
(http://i3.kym-cdn.com/photos/images/original/000/549/816/6e5.jpg)
(http://weknowmemes.com/wp-content/uploads/2014/06/youre-doing-it-wrong-23.jpg)
(http://i0.kym-cdn.com/photos/images/original/000/104/052/0e1.png)
-
What the fuck are this pictures for??!! [emoji35]
-
It doesnt look like you know what you are doing.
First off your wifi device isnt scanning in monitor mode.
Second, your wifi device probly doesnt even support monitor mode or packet injection.
Your going to need to get the names of the hidden access points by running airdump-ng on one that has clients and deauthing the clients till airodump-ng picks up the hidden access point name.
Then you will need to capture the handshake, also by deauthing a client while runnig airodump-ng on the access point that is no longer hidden.
With the handshake captures you can run it against a wordlist.
None of this is going to be possible with a incompatible wifi device.
You havent given us any information related to the html login.
Btw - your doing it wrong.
-
The wifi adapter is a "one way devices" brand with chipset rt3072 that what it says on the box but running ifconfig it show me also that has rt2800 driver
-
The html site is basically a cruise ship internet wifi where as i said you have to enter name surname password and then on the next page either buy internet plan or just click connect to be able to use it
-
They also have another network hidden and encrypted with wpa2
-
It doesnt look like you know what you are doing.
First off your wifi device isnt scanning in monitor mode.
Second, your wifi device probly doesnt even support monitor mode or packet injection.
Your going to need to get the names of the hidden access points by running airdump-ng on one that has clients and deauthing the clients till airodump-ng picks up the hidden access point name.
Then you will need to capture the handshake, also by deauthing a client while runnig airodump-ng on the access point that is no longer hidden.
With the handshake captures you can run it against a wordlist.
None of this is going to be possible with a incompatible wifi device.
You havent given us any information related to the html login.
Btw - your doing it wrong.
Hes right do yourself a favor google and see if yours will if not pay the 30$ and get you one that will work. I had to do the same in Afghanistan. My laptop's network card wasn't compatible.
-
The Alfa AWUS051NH seems to be a popular adapter for what you are trying to do. This specific one does not support 802.11ac though. If you feel that is something you need just do some research.
-
So you definately think is not compatible? Because i googled it and i kinda found some page that were saying the Rt3072 or even when i type ifconfig it show me the driver rt2800 that on google it says is compatible [emoji37]
-
How is possible then that it show me the network near me if as you are saying its not in monitor mode? Look at these photos you can see that it is in mode: monitor
-
(http://images.tapatalk-cdn.com/15/12/07/8ead173fa60bd89bb1f3dfbd2fa8e86a.jpg)
(http://images.tapatalk-cdn.com/15/12/07/c17db6c60e642e99f655d1e633ba2355.jpg)
-
I also just tried now from to type:
ifconfig , then airmon-ng start wlan0 and it show me 2 strings: mac80211 monitor mode vif enabled for [phy0]wlan0 on [phy0]wlan0mon
And the other string:
Mac80211 station mode vif disabled for [phy0]wlan0... What this mean? That the wifi adapter is not compatible to attemp bypassing wifi network or cracking password? (http://images.tapatalk-cdn.com/15/12/07/ab3442a6baf676eed1b83b6d9833a071.jpg)
-
but it doesnt appear your using the monitor mode..
aka:
airodump-ng -channel -file -bssid wlan0mon
A little moderation is needed in the thread... dont double/trupple/fourple post.
-
/bos
-
quickest way to check if your card can do injection is aireplay-ng -9
-
1. Learn to blur correctly, I can read through it without efforts at all.
2. You have a fucking screen capture tool, is it that hard to use ?
3. I guess an evil twin would do the job, better than trying to crack it for ages.
4. Learn about what you're trying to achieve and your material.
6. There is no 5.
7. Stop multi posting and just edit.
-
1- Guys i'm sorry if i'm bothering you but i'm not double /trupple post i'm just replying under the one i posted atthe begeining
2- i know the blur is not great but that is just the crap application i have on my iphone
3- what do you mean with evil twin will do the job?
4- thanks white knight i will try this and let you know what itsays
5- 0E800 you are saying it doesn't appear but in the photo above it shows: mac80211 monitor mode vif enabled?! And anotherstring saying mac802 station mode vif disabled
PLEASE HELP,i'm not an expert thats why i asked you guys.
-
You need to understand that the people posting are coming from a neutral rational position and so will not care as much about your objectives as you do.
Best thing to do is, before you post anything, think about compiling what you have written into 'evilzone' code and define exactly what you want to do and why you want to do it. Serve it on a plate.
I know it's frustrating as you find this on stack overflow all the time, people don't seem to take you seriously. But the best thing to take from it is that people aren't taking it seriously for a reason. Backtrack through what they aren't taking seriously, learn more about it.
IF learning more about it gives you the answer to your own question
THEN say thanks and end query
ELSE revise original post to include new information to better guide people to your intentions and knowledge boundaries
-
Here is a FREE WIFI course with 52 videos that may help you hack the planet .
http://www.securitytube.net/groups?operation=view&groupId=9
-
5- 0E800 you are saying it doesn't appear but in the photo above it shows: mac80211 monitor mode vif enabled?! And anotherstring saying mac802 station mode vif disabled
PLEASE HELP,i'm not an expert thats why i asked you guys.
He is trying to tell you that you clearly gave it the command "airodump-ng wlan0" and you should instead be using the monitor mode interface which again the screen clearly tells you is "wlan0mon".
Now go fucking type "airodump-ng wlan0mon".
If you are the last one to reply to a post and you have something you would like to add use the "modify" button to add whatever it is instead of replying again. These guys are actually trying to help you but you are making it impossible.