tag:blogger.com,1999:blog-60295103391538735122024-03-12T22:01:22.578-07:00NETWORK SECURITY (click here!)chikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comBlogger11125tag:blogger.com,1999:blog-6029510339153873512.post-38033026113997380372010-07-26T22:48:00.001-07:002011-07-12T03:23:50.040-07:00<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMrLf_nJHue45Iz-4tAwrIe1LrCTjsxHpfANiXs6_KiZUZyVraeNG3I2ViXigLR6EARj0PEejojJMI7EZU-cYptMntKG90BPw4z6FuLLMI-kmVukkRVSZcHCrvZ8aPLhksoYifqjBL9u8/s1600/final.png"><img style="margin: 0pt 10px 10px 0pt; float: left; cursor: pointer; width: 320px; height: 22px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhMrLf_nJHue45Iz-4tAwrIe1LrCTjsxHpfANiXs6_KiZUZyVraeNG3I2ViXigLR6EARj0PEejojJMI7EZU-cYptMntKG90BPw4z6FuLLMI-kmVukkRVSZcHCrvZ8aPLhksoYifqjBL9u8/s320/final.png" alt="" id="BLOGGER_PHOTO_ID_5518277363630949890" border="0" /></a><br /><br /><br />You have protected your wireless internet network with WEP or WPA password. Do you think your wifi network really secure now?<br /><br />If you follow my tutorial and use fish pentesting software correctly, I GUARANTEE you will find that even with WEP or WPA your wifi is not fully secure. A hacker with fish software will be able to easily crack your WEP or WPA password within 3 minute.<br /><br />Picture I: My setup<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOVSPBIjw6MC3ebSD2m5oIpkmt2W-K3lqxkt2OgOJQ87n1VqHt4LsJ4TKOaG0fvibbPDh-X_u4g6EnQJ5lXLXM9weJoFS-DUy7bitnrkZfI1gR8_rYEfQ5Tr2ehbVBFjttC3X6KOANVt0/s1600/Senao1.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 320px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiOVSPBIjw6MC3ebSD2m5oIpkmt2W-K3lqxkt2OgOJQ87n1VqHt4LsJ4TKOaG0fvibbPDh-X_u4g6EnQJ5lXLXM9weJoFS-DUy7bitnrkZfI1gR8_rYEfQ5Tr2ehbVBFjttC3X6KOANVt0/s320/Senao1.jpg" alt="" id="BLOGGER_PHOTO_ID_5505332189893361154" border="0" /></a><br /><br />A. <a href="http://www.youtube.com/watch?v=tZMugKB0a9o&feature=channel_page"><span style="text-decoration: underline;">YouTube demo video</span></a>.<br /><br />B. <a href="http://www.backtrack-linux.org/downloads/"><span style="text-decoration: underline;">Backtrack (bt) 3, 4 and 5</span></a>.<br /><br />C. Complete kit to hack (refer to title/post on right of screen).<br /><br />D. Download <a href="http://www.box.net/shared/q94re2h936"><span style="text-decoration: underline;">fish</span></a> (trial version) usable under ALL Backtrack version (bt3,4,5) to hack any wifi password.<br /><br />Picture II: Step 2 (if you use bt3)<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://img834.imageshack.us/img834/571/snapshot1d.png"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 320px; height: 192px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgTjCoK9BgdpYDH-6p8QbxB1f-7ORTMWdnRRynw7wvhEvRyU7lnQy60eo8Of1c5fDOdbpuc3oNZdzBzZlfs500mMZIqR75dCwJbdxRMYCw6-PbXMOOgz5beTCCSmLCwyf_pKDX3PQxg1ig/s320/snapshot1.png" alt="" id="BLOGGER_PHOTO_ID_5505331338347725282" border="0" /></a><br /><br /><span style="color:#000000;"><div style="background-color: rgb(255, 204, 0);">E. How to hack any wifi password in 3 insanely easy steps.<br /><br />Step 1) Download fish (trial) from above links and save into USB pendrive.<br /><br />Step 2) Boot your bt3, bt4 or bt5 then copy and paste fish from USB pendrive:<br />- Into 'Home' desktop icon ........if you use bt3<br />- On the desktop ...........................if you use bt4 <br />- Into 'Dolphin File Manager'..... if you use bt5<br /><br />Step 3) Click konsole and key in:<br />chmod {leave a space} +x {leave a space} /root/fi.sh<br />THEN<br />/root/fi.sh<br />THEN<br />Follow screen instruction for fish to automatically crack the wifi password for you.</div></span><br /><br />Picture III: Step 3 (if you use bt3)<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="http://img64.imageshack.us/img64/2513/snapshot2of.png"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 320px; height: 192px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiU5A7WYFhp_wjX8j1-zPK8uisqqCvG7cLlsbM82W-O8JlSjqh5OTr7zXtfIN7LvAY9T5UbmPGtr7cDSpbOPh33oCRTuiICeL00FTni2O2mC72FODnc5oEpRnPel1Gk6lvMXQUP3XBbE6c/s320/snapshot3.png" alt="" id="BLOGGER_PHOTO_ID_5505331866338454594" border="0" /></a><br /><br />HOW TO GET fish (full version)<br />==============================<br /><br />Try the fish (trial version) and if it is compatible with your hardware, compose an email as per below format to get your personalized fish (full version) that can hack wep, wpa and wpa2 password (click to see the request code):<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPefIrhuZX1jGMpsS-a8POZxA7sqdRvN2MQq0uH1kUa-xlF-i1V_Y5Tvq_n7ytRGcbUi0p8D91QfAXQC4kpNy5OX3IvLJnNCH0nhPrMYcZ1n6pvgomKS2k_MdruVAtbfqvXRkYVSOlHm0/s1600/snapshot1.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 200px; height: 120px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiPefIrhuZX1jGMpsS-a8POZxA7sqdRvN2MQq0uH1kUa-xlF-i1V_Y5Tvq_n7ytRGcbUi0p8D91QfAXQC4kpNy5OX3IvLJnNCH0nhPrMYcZ1n6pvgomKS2k_MdruVAtbfqvXRkYVSOlHm0/s200/snapshot1.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5548818578532203826" /></a><br /><br /><br /><br />Note: Direct backtrack boot from live cd, hdd or usb flash drive is recommended for better performance. VMware will slow down the hacking process a bit and only usable with usb wifi adapter.chikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comtag:blogger.com,1999:blog-6029510339153873512.post-15118975283308981822010-07-26T21:14:00.001-07:002010-10-25T00:50:33.003-07:00TERMINOLOGYI know some of you might be new to this 'hobby'. I herewith list a simple elementary terminology and definition for newbie to understand and perhaps assist them to pursue this subject further<br /><br />Picture: My wifi Adapter<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0lr4gu1YOOs2dBOfSSBVK22m_QRAfcgJq6nBGnvVH1xR3GzR7dHM7_2-m4TjgEk1hiAYRPk2lUX-d7EDmLqwPUj5vNtlSczG7unmjvgYydixbQoD3WxmgAtq3DmlemDsmvPtNc8wZvu4/s1600-h/Senao3.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 300px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg0lr4gu1YOOs2dBOfSSBVK22m_QRAfcgJq6nBGnvVH1xR3GzR7dHM7_2-m4TjgEk1hiAYRPk2lUX-d7EDmLqwPUj5vNtlSczG7unmjvgYydixbQoD3WxmgAtq3DmlemDsmvPtNc8wZvu4/s400/Senao3.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5359356966254232050" /></a><br /><br />1. Backtrack3, bt3<br />Backtrack3 is a linux distribution (distro) and is alternative to Windows operating system ie vista, xp etc<br /><br />2. fish<br />fish is an application programmed under linux platform and specifically to be used with Backtrack3<br />fish enable newbie to linux or aircrack-ng suite to decode WEP and WPA without having to learn or keyin the detail linux command. This method is suitable for people who don't have the time and limited resource to study the knowledge<br /><br />*Below (#3-#9) is the only thing you ever need to know when using fish script<br /><br />3. BSSID<br />BSSID is a unique identification number given by manufacture to their Access Point (AP)<br /><br />4. STATION<br />STATION is a unique identification number given by manufacture to their wifi adapter<br /><br />5. ESSID<br />ESSID is the name given to the AP by their administrator or owner<br /><br />6. SSID<br />(same as #5)<br /><br />7. WEP, WPA, WPA2<br />Above are the encryption type use by AP administrator or owner to protect their wifi from unwanted guest<br /><br />8. CHANNEL <br />Channel is the radio spectrum use by the AP specified by their administrator or owner<br /><br />9. Boot-from-CD<br />The action whereby one use the CD-ROM to boot their pc using, in this case, Backtrack3 CD. 1. Boot your pc in window, 2. Insert your Backtrack3 CD in the CD-ROM, 3. Restart your pc, 4. Press key F1 or F2 or F3 etc to enter the system BIO 5. Select 'boot from CD-ROM' as your 1st booting priority and save the setting<br /><br />I will add more terminology from time to time<br /><br />Cheerschikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comtag:blogger.com,1999:blog-6029510339153873512.post-36016436791411087022010-02-21T21:38:00.001-08:002010-12-09T15:14:35.383-08:00HACK WPA SERVICE<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAJADMSO0GfN9RPi8m_SeYghb_Y_J70xI1ksY9aaVnM6NUtIVynjpB4Z_w5viRWbcXMRunZNaM2u3Dd6HDR2sL_IYqrsmJ589FW0zC8OD8hjLaUTFglIt1JjdT3DP9USskWvUQX2-iPsY/s1600-h/g4_cluster.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 300px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhAJADMSO0GfN9RPi8m_SeYghb_Y_J70xI1ksY9aaVnM6NUtIVynjpB4Z_w5viRWbcXMRunZNaM2u3Dd6HDR2sL_IYqrsmJ589FW0zC8OD8hjLaUTFglIt1JjdT3DP9USskWvUQX2-iPsY/s400/g4_cluster.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5440946207973891682" /></a><br /><br />We have setup cluster of computers with NVIDIA graphic card (CUDA) in each of them with the ultimate aim and purpose to hack any password (WPA included). We are also fortunate to have been attached and associated with local universities that made available to us their main frame computer to conduct our R&D.<br /><br />At the moment, WPA password below 15 characters might get cracked. We will improve our computational power and overcome that limitation once we commit more hardware to the project from other institutions.<br /><br />The workload are evenly distributed among these computers (clusters and mainframe) where each computer will only responsible for a specific group of wordlist consist of digit, uppercase, lowercase, special characters and combinations of them and so forth. Thus, making the cracking process so much more faster and feasible.<br /><br />The wordlist was generated by our hash script for password under ASCII code.<br /><br /><br /><div style="background-color: #666600;">NOTE:<br />---------<br />Other similar online crack WPA password services were also provided; for a nominal fee, by our collegue <a href="http://tools.question-defense.com/wpa-password-cracker/"><span style="text-decoration:underline;">pureh@te</span></a> and <a href="http://www.wpacracker.com/"><span style="text-decoration:underline;">Moxie Marlinspike</span></a>.<br /><br />The mathematics of permutation:<br />-------------------------------------------<br /><span style="font-weight:bold;">x^y</span><br /><br />where,<br />x= number of letter to choose from<br />y= length of password<br /><br />Example.<br />Q: How many 2 length password can be formed using letter A,B,C (repetition allow) ?<br />A: 3^2 = 9 (AA,AB,AC,BA,BB,BC,CA,CB,CC)<br /></div><br />You are welcome to submit your WPA handshake cap file for us to crack your WPA cap handshake using our system on 'first come first serve basis'. We will tell you the WPA password within 7 days.<br /><br />Kindly compose an email using following format and send it to us for processing (click to see the request code)<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMZSzGOaLyeQmneImDiKc327KuZRL5fuis8tSePYxKt4yq-0aeAbpXLyorCBF7ugHMhnGRasXXyfu9izyDxdVuiU-OIrCnDTgkIdfJRVfNTOJw8bqS5c23SL-h7KxdC5lkjcSbmGxYS20/s1600/snapshot1.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 200px; height: 120px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMZSzGOaLyeQmneImDiKc327KuZRL5fuis8tSePYxKt4yq-0aeAbpXLyorCBF7ugHMhnGRasXXyfu9izyDxdVuiU-OIrCnDTgkIdfJRVfNTOJw8bqS5c23SL-h7KxdC5lkjcSbmGxYS20/s200/snapshot1.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5548824785129117554" /></a>chikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comtag:blogger.com,1999:blog-6029510339153873512.post-70357619298502407672010-02-01T10:59:00.001-08:002010-12-09T15:20:26.869-08:00BRUTE FORCING WPA<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4Ou7utTWiKM-jk1C_VU8IQBpRrGr57HB8irlpMj1TWePhKmpqac4obViNpor9Gyhz2b21LiFxqy3Uqw_Zb__P7YkpkeWUmmrQp4yHJtN5gUkE4OGsf793_7EYZdaP-HdPCPactG8csSo/s1600-h/dictionaries460.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 400px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj4Ou7utTWiKM-jk1C_VU8IQBpRrGr57HB8irlpMj1TWePhKmpqac4obViNpor9Gyhz2b21LiFxqy3Uqw_Zb__P7YkpkeWUmmrQp4yHJtN5gUkE4OGsf793_7EYZdaP-HdPCPactG8csSo/s400/dictionaries460.jpg" alt="" id="BLOGGER_PHOTO_ID_5433539732266229794" border="0" /></a><br />The success of your WPA password hack using brute-force will depend on the dictionary used.<br /><br />The more elaborate your dictionary the better chances you would be able to crack the WPA password<br /><br />Below are dictionaries (1.5 Gigabyte) that can be used to hack WPA password. These dictionaries will be updated from time to time so do comeback later for latest edition.<br /><br />These dictionaries can be used with Aircrack, Brutus, Hydra, Medusa and other hacking applications.<br /><br />Each dictionary will contain ALL POSSIBLE PASSWORD COMBINATION / PERMUTATION as follows:-<br />(size= after extraction of the compressed dictionary)<br /><br />1. <a href="http://www.box.net/shared/6bb9txgdbp"><span style="text-decoration:underline;">Digit</span></a><br />(0123456789)<br />wpa password sample= 19780408<br />size= 286.4mb<br /><br />2. <a href="http://www.box.net/shared/465b52hlii"><span style="text-decoration:underline;">Lowercase alphabet</span></a><br />(abcdefghijklmnopqrstuvwxyz)<br />wpa password sample= mypasswd<br />size= 68.0mb<br /><br />3. <a href="http://www.box.net/shared/nulgqhmm59"><span style="text-decoration:underline;">Uppercase alphabet</span></a><br />(ABCDEFGHIJKLMNOPQRSTUVWXYZ)<br />wpa password sample= ILUVPIZA<br />size= 68.0mb<br /><br />4. <a href="http://www.box.net/shared/p3up7hc0b6"><span style="text-decoration:underline;">Digit and lowercase alphabet</span></a><br />(0123456789abcdefghijklmnopqrstuvwxyz)<br />wpa password sample= ny123wpa<br />size= 276.9mb<br /><br />5. <a href="http://www.box.net/shared/js5rjo9qja"><span style="text-decoration:underline;">Digit and uppercase alphabet</span></a><br />(0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZ)<br />wpa password sample= 1SAQ2TR3<br />size= 231.5mb<br /><br />6. <a href="http://www.box.net/shared/xs0tm8otpx"><span style="text-decoration:underline;">Lowercase and uppercase alphabet</span></a><br />(abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ)<br />wpa password sample= abCDefGH<br />size= 276.9mb<br /><br />7. <a href="http://www.box.net/shared/zeghctt366"><span style="text-decoration:underline;">Digit and lowercase and uppercase alphabet</span></a><br />(abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789)<br />wpa password sample= a1YZb2cD<br />size= 281.0mb<br /><br />8. Dictionary with special characters<br />size= (run out of web storage space to upload)<br /><br /><div style="background-color: #000000;">9. You could also generate your own WPA dictionary and cowpatty rainbow table using <a href="http://www.box.net/shared/otlehl9ul5"><span style="text-decoration:underline;">hash (trial version)</span></a>.<br />How to run hash (trial version) in Backtrack3:<br />a) Download hash from given above link<br />b) Boot bt3, copy and paste ha.sh to desktop 'Home' icon<br />c) Click konsole and key in 'chmod +x /root/ha.sh' then<br />d) key in '/root/ha.sh' to run.<br />e) Run 'fi.sh' to get WPA 'hand-shake' and execute ha.sh to hack the WPA password</div><br />Screen shot I: ha.sh<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEwwHZfmkgknHQC51Ms_rhZV6dWX9x9wBWzRSyTqwkz9ciNv0VlVc_RfrQ92wnC53IGg6nwCfdijhMYw2JOoWipyFdFTtc7QfAgSTpWLyuCACaO0dnECQ0XnzKp9-6pKNuYF8J7yCEwe4/s1600-h/snapshot1.png"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 120px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEwwHZfmkgknHQC51Ms_rhZV6dWX9x9wBWzRSyTqwkz9ciNv0VlVc_RfrQ92wnC53IGg6nwCfdijhMYw2JOoWipyFdFTtc7QfAgSTpWLyuCACaO0dnECQ0XnzKp9-6pKNuYF8J7yCEwe4/s200/snapshot1.png" alt="" id="BLOGGER_PHOTO_ID_5366138884968189266" border="0" /></a><br /><br />Screen shot II: Generate your own WPA dictionary and cowpatty rainbow table (below)<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7YU0aaSD9gBGB0EDZfyRdpXZNVfGgao6Ql5JD2Mz2xSVL3jzlovfnKcc97oz5FvWlvRrmA7aXgmwk_hL_gzoGMdBitmOz9OS_knb07u6fR7tKPJ6cGYCFJAPQeNwPIUv3Lc07J5X9rpw/s1600-h/hash.png"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 200px; height: 120px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj7YU0aaSD9gBGB0EDZfyRdpXZNVfGgao6Ql5JD2Mz2xSVL3jzlovfnKcc97oz5FvWlvRrmA7aXgmwk_hL_gzoGMdBitmOz9OS_knb07u6fR7tKPJ6cGYCFJAPQeNwPIUv3Lc07J5X9rpw/s200/hash.png" alt="" id="BLOGGER_PHOTO_ID_5366142008368665266" border="0" /></a><br /><br /><br /><br />HOW TO GET HASH (FULL VERSION)<br />==============================<br /><br />Compose an email as per below format (click to see the request code) to get your personalized hash (full version):<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6ls7a2XFYPPNMdE3JrUyOR5Nmp3qr6uHvOucUBn57A_5tUvzsw1bF1_s4hl-nrGGcvY33d6q1jiFZhYc2pseRcudhfw4d3ZrTv0d84h_ECCJZV4rEDnUYr77nAFdUcrwgWUQfG9Td7jA/s1600/snapshot2.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 200px; height: 120px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6ls7a2XFYPPNMdE3JrUyOR5Nmp3qr6uHvOucUBn57A_5tUvzsw1bF1_s4hl-nrGGcvY33d6q1jiFZhYc2pseRcudhfw4d3ZrTv0d84h_ECCJZV4rEDnUYr77nAFdUcrwgWUQfG9Td7jA/s200/snapshot2.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5548826304919817954" /></a>chikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comtag:blogger.com,1999:blog-6029510339153873512.post-47796818344032639992009-11-15T02:28:00.001-08:002011-02-27T02:28:53.962-08:00HACK WPA WITHOUT USING DICTIONARY<center>Video: See how our script work<br /><object height="349" width="425"><param name="movie" value="http://www.youtube.com/v/jqic_aY3TqQ&rel=0&border=1&color1=0x3a3a3a&color2=0x999999&feature=player_embedded&fs=1"><param name="allowFullScreen" value="true"><param name="allowScriptAccess" value="always"><embed src="http://www.youtube.com/v/jqic_aY3TqQ&rel=0&border=1&color1=0x3a3a3a&color2=0x999999&feature=player_embedded&fs=1" type="application/x-shockwave-flash" allowfullscreen="true" allowscriptaccess="always" height="349" width="425"></embed></object></center><br /><br />Below are method to setup your ordinary usb wifi adapter and transform it into fake access point (gateway) ready to intercept password key by broadcasting far and wide a fake login page. <br /><br />Using this method, you NEED NOT have to capture any WPA or WPA2 'handshake' and use dictionary or brute force to crack the WPA password key. <br/> <br/>Just present the fake WPA page (or any other login page to your liking) via your fake ap and wait for victims to go after your bait. At the same time, the script will do DOS (Denial Of Service) attack to the real ap and render it useless. This is totally new concept to hack WPA (or any other) password key!<br /><br />Requirement:<br/><br/> (A) Backtrack 4 (final or R1 version) but not (Pre or Beta version) <br/> (B) Do not run Backtrack 4 using vmware<br/> (C) USB wifi adapter with either Ralink, Realtek or Zydas chipset as fake ap. <br/> <br/>Do the following: <br /><br /> i) Download script below and put them on your Bt 4 desktop: <br /><a href="http://www.box.net/shared/l4d42kzoox"><span style="text-decoration:underline;">'fakeap.tar.gz'</span></a><br /><br /> ii) Open konsole and type:<br /> tar {leave a space} -xvzf {leave a space} /root/fakeap.tar.gz<br /><br />A blue folder 'fakeap' will be created<br /><br /> iii) Open konsole and type in the following 2 line command:<br /> chmod {leave a space} +x {leave a space} /root/fakeap/wpa_no_dic.sh<br /> THEN <br /> /root/fakeap/wpa_no_dic.sh<br /><br />Thats it. You are done! It takes less than 2 minute (really) to setup from start to finish, effortlessly!<br /><br /><br /><br />Sample: Fake WPA login page (replaceable as you wish) that victims will see.<br /> <br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh54iLWsbXNaXwTfOka3ytM1fRDhhcddJtNarmxtr2MUL6XKac-cczIr9LSozQyMp29TF-MaPhtLUrc2bw8u_Cia3LefaolIBRBrasSTtvcWSKtXGE5zgXbF6Gdo2r6IHYxi3piP_19GFc/s1600/fake_wpa_login.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 128px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh54iLWsbXNaXwTfOka3ytM1fRDhhcddJtNarmxtr2MUL6XKac-cczIr9LSozQyMp29TF-MaPhtLUrc2bw8u_Cia3LefaolIBRBrasSTtvcWSKtXGE5zgXbF6Gdo2r6IHYxi3piP_19GFc/s400/fake_wpa_login.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5528511742790393298" /></a><br /><br />The best part is you don't need to have internet service to setup your fakeap and yet your victims will be able to 'see' your fake login page and got owned, anywhere and anytime especially if your 'wifi' is the only one available around.<br /><br />Once you able to execute the trial version, email me for the full version where you can change the SSID wifi network name (such as enticing 'freeNet', 'Public_wifi' etc), broadcast channel (1-14) of your fake ap to your liking plus the DNS poison window period to intercept password is NOT limited to 15 minute (trial default period).<br /><br />STOP WONDERING! Why not give it a try?. Its free, lethal, fun and effective all rolled into one small program! BTW, this is a knowledge base website and DO NOT condone any illegal activities.<br /><br />Compose an email with the following format for full version of 'HACK WPA WITHOUT USING DICTIONARY' (click to see the request code):<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB-UiQ53VwhYTwzH1v7iZSRODOy_tyYG4xW5U9n34h8iUU7x7whMnAbq2m_XCydw8R6Sq-eZyDrjNyhIkpgDHPqiymF4E4ZUBrE-Jsjl0cOkJ4rxY2yzkekTdRsRzTQUPpSIGy7UQXG2A/s1600/snapshot1.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhB-UiQ53VwhYTwzH1v7iZSRODOy_tyYG4xW5U9n34h8iUU7x7whMnAbq2m_XCydw8R6Sq-eZyDrjNyhIkpgDHPqiymF4E4ZUBrE-Jsjl0cOkJ4rxY2yzkekTdRsRzTQUPpSIGy7UQXG2A/s400/snapshot1.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5547049833191265906" /></a>chikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comtag:blogger.com,1999:blog-6029510339153873512.post-64068145001611856512009-07-10T09:08:00.001-07:002010-12-09T15:09:15.376-08:00EASY FAKE ACCESS POINT SETUPCan you spot the difference? One of the hotspot login pages below is a fake. It was broadcast from a fake access point purposely setup to lured in visitors and then intercept their user name and password! So beware.<br /><br />Foto A: A Real wireless hotspot login page<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf2VDXPcSXhKBThxrQIDuemlugdE9Wd19r00hV0MZZ835hHkkvnz2T1WI8iwhyzUr_fSVHE-7vy3mfqB_rdqJMN8MXNLSt__TzmXWlMkc9xu_SAebK33dI1Ny0K2NnSHF6S8Y7anX9aik/s1600-h/welcome-436x549.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 318px; height: 400px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf2VDXPcSXhKBThxrQIDuemlugdE9Wd19r00hV0MZZ835hHkkvnz2T1WI8iwhyzUr_fSVHE-7vy3mfqB_rdqJMN8MXNLSt__TzmXWlMkc9xu_SAebK33dI1Ny0K2NnSHF6S8Y7anX9aik/s400/welcome-436x549.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5450773567355732786" /></a><br /><br />Foto B: A Fake wireless hotspot login page<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf2VDXPcSXhKBThxrQIDuemlugdE9Wd19r00hV0MZZ835hHkkvnz2T1WI8iwhyzUr_fSVHE-7vy3mfqB_rdqJMN8MXNLSt__TzmXWlMkc9xu_SAebK33dI1Ny0K2NnSHF6S8Y7anX9aik/s1600-h/welcome-436x549.jpg"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 318px; height: 400px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhf2VDXPcSXhKBThxrQIDuemlugdE9Wd19r00hV0MZZ835hHkkvnz2T1WI8iwhyzUr_fSVHE-7vy3mfqB_rdqJMN8MXNLSt__TzmXWlMkc9xu_SAebK33dI1Ny0K2NnSHF6S8Y7anX9aik/s400/welcome-436x549.jpg" border="0" alt=""id="BLOGGER_PHOTO_ID_5450773567355732786" /></a><br /><br />Video 1: Fake AP in action<br /><object height="349" width="425"><param name="movie" value="http://www.youtube.com/v/jqic_aY3TqQ&rel=0&border=1&color1=0x3a3a3a&color2=0x999999&feature=player_embedded&fs=1"><param name="allowFullScreen" value="true"><param name="allowScriptAccess" value="always"><embed src="http://www.youtube.com/v/jqic_aY3TqQ&rel=0&border=1&color1=0x3a3a3a&color2=0x999999&feature=player_embedded&fs=1" type="application/x-shockwave-flash" allowfullscreen="true" allowscriptaccess="always" height="349" width="425"></embed></object><br /><br />Want to turn your normal and innocent looking wifi adapter into a fake access point and able to do EXACTLY as above video? Just follow the 3 simple step.<br /><br />Requirement:<br />-------------------<br /><br />#1. Backtrack4 <br /><br />#2. Your pc must already be connected to internet service via item #4<br /><br />#3. 1 usb wifi adapter (mine is ralink, yours might differ). This wifi adapter will be transformed into a fake access point where all the victims will be connected to. Here is where DNS poisoning, 'Secure site' SSL sniffing, email and instant messaging monitoring is being done. You will be able to see exactly what the victim saw on their pc screen, remotely.<br /><br />#4. 1 usb or internal wifi adapter (mine is centrino, yours might differ). This wifi adapter will be connected to the internet (item #2) and forward all internet traffic to item #3.<br /><br />#5. fakeap.sh and dhcpd script software<br /><br />Step 1. Download <a href="http://www.box.net/shared/0cxdytknfs"><span style="text-decoration:underline;">fakeap.sh</span></a> and <a href="http://www.box.net/shared/jz108n7gmm"><span style="text-decoration:underline;">dhcpd.conf</span></a> onto the Bt4 desktop. This is a trial version.<br /><br />Step 2. Open konsole and type in 'chmod {leave a space} +x {leave a space} /root/fakeap.sh' then<br /> <br />Step 3. type in '/root/fakeap.sh' and follow instruction as per Picture A to G below.<br /><br />*Key in all command without the quote notation.<br /><br />Picture A: Download 'fakeap.sh' and 'dhcpd.conf' onto bt4 desktop <br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEzvsKeW7o8DLh8Ho7WDYoDCuHcIaeRlIO0YJk2TDqULqoKpFACxIDjtrdQXtUqXQqUknXhBHHA3GspgIbgn7XC7ZhhwwxFn2imE9TZalhZ0x6I9aDqsWfQ1v3syzotg-RQyktH2agfLc/s1600/snapshot1.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjEzvsKeW7o8DLh8Ho7WDYoDCuHcIaeRlIO0YJk2TDqULqoKpFACxIDjtrdQXtUqXQqUknXhBHHA3GspgIbgn7XC7ZhhwwxFn2imE9TZalhZ0x6I9aDqsWfQ1v3syzotg-RQyktH2agfLc/s400/snapshot1.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5459889106799334770" /></a><br /><br />Picture B: Execute 'fakeap.sh' (trial version) script<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCSM_J0QD2G_mJuhwBzUnpftTq2BfXhAeFnuQYV4QLPKWLize8IPZ8GOqO9HC6bQXSxHMFobbW0B1dL3qVj7uPLQ4NEuZT0AS6y_Cla4SDjESThp-eo4JsBKQUT8ZIQnBzNYqKgZyvgJM/s1600/snapshot2.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiCSM_J0QD2G_mJuhwBzUnpftTq2BfXhAeFnuQYV4QLPKWLize8IPZ8GOqO9HC6bQXSxHMFobbW0B1dL3qVj7uPLQ4NEuZT0AS6y_Cla4SDjESThp-eo4JsBKQUT8ZIQnBzNYqKgZyvgJM/s400/snapshot2.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5459888963308120946" /></a><br /><br />Picture C: Unplug wifi adapter to be used as fakeap (mine is 'ralink', yours might differ)<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZGx_GJ3pqmEfF2sezeDxNOyAHKPJpAD-laFPnB2OMKZEVK49ktZhGr-hW2oGdf5Mh1-t1WhgTs3BZkS7CNBrzNlp2_cD0XJBoGx02IKYp4vtRv8-hchJcTvIJQoy5DElFXGfLCL44MG0/s1600/snapshot3.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZGx_GJ3pqmEfF2sezeDxNOyAHKPJpAD-laFPnB2OMKZEVK49ktZhGr-hW2oGdf5Mh1-t1WhgTs3BZkS7CNBrzNlp2_cD0XJBoGx02IKYp4vtRv8-hchJcTvIJQoy5DElFXGfLCL44MG0/s400/snapshot3.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5459888834847192962" /></a><br /><br />Picture D: Specify interface for internet connection (mine is 'eth1', yours might differ)<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwnGKyMUErLV_p3ApXYVQ7zQeww9aSXoxgseUIueKsrywR1XixTSNdi3sfyMlg84ExynncpEEE-pLTpiRjT8Sz3EgsaSl1XKrHj1bBDTzCQA0qgMjgt_PT6_MTL2kxej3v1WdX-kpOmBE/s1600/snapshot4.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgwnGKyMUErLV_p3ApXYVQ7zQeww9aSXoxgseUIueKsrywR1XixTSNdi3sfyMlg84ExynncpEEE-pLTpiRjT8Sz3EgsaSl1XKrHj1bBDTzCQA0qgMjgt_PT6_MTL2kxej3v1WdX-kpOmBE/s400/snapshot4.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5459888646210351714" /></a><br /><br />Picture E: Specify IP gateway (mine is '200.70.1.1', yours might differ)<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1R0cGxuZbxIwqEHCfff2-SJdrf0q_0B9REMsLLC5w2G7Cf7QhV2TcxL1HG7vclpSzAmaYoqzuIJGSLHdaZXBpKOvUeWpFXDezeQbL3CZ1m7xJZBwFIpfnkilRPjtHrRGLAQ3GH_HKvAw/s1600/snapshot5.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1R0cGxuZbxIwqEHCfff2-SJdrf0q_0B9REMsLLC5w2G7Cf7QhV2TcxL1HG7vclpSzAmaYoqzuIJGSLHdaZXBpKOvUeWpFXDezeQbL3CZ1m7xJZBwFIpfnkilRPjtHrRGLAQ3GH_HKvAw/s400/snapshot5.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5459888498651600434" /></a><br /><br />Picture F: Configure 'dhcpd.conf' and plugin wifi adapter to be used as fakeap<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx74YUT5IvAAr6dlnV4mObapQTMHloWzPkcOeVMms3tGNmuHnlEE9667IxPugUotupXfLFvKoEyh0XgNKHOGGabA0GmXXdoZtw4YtloayR6b3qt6Gssmf0PJg1NYkwJh7xqQdXe6LO7mA/s1600/snapshot6.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjx74YUT5IvAAr6dlnV4mObapQTMHloWzPkcOeVMms3tGNmuHnlEE9667IxPugUotupXfLFvKoEyh0XgNKHOGGabA0GmXXdoZtw4YtloayR6b3qt6Gssmf0PJg1NYkwJh7xqQdXe6LO7mA/s400/snapshot6.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5459888389211751122" /></a><br /><br />Picture G: 'fakeap' wifi network is now successfully launched.<br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-E5VkBuL-PFpR-LpzwFysaPvjNpMVtnEicI5L2xns3EjOfZv3iLVfpfJhkLKma5QyUDE00yQdIS4j_kga6gKYCAsjBsGYSaDMY1ua5j-cjvBBu4WlkiSj1Bf2yBh3lxfdYqd4dO603A/s1600/snapshot7.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhc-E5VkBuL-PFpR-LpzwFysaPvjNpMVtnEicI5L2xns3EjOfZv3iLVfpfJhkLKma5QyUDE00yQdIS4j_kga6gKYCAsjBsGYSaDMY1ua5j-cjvBBu4WlkiSj1Bf2yBh3lxfdYqd4dO603A/s400/snapshot7.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5459888250290044338" /></a><br /><br />Your wifi adapter is now turned into a fake access point. Your 'fakeap' ssid will be visible by other pc in the vicinity. Unsuspecting visitors who connected to your 'fakeap' will be able to surf the internet as normal, just like what you saw in above video. <br /><br />We will then do a DOS attack to block all other real ap's broadcast signal so that surfers in the vicinity can only connect to our network. Mid way into their individual internet session (via our fakeap) the script will pop-up an alert message that says "Network disconnected. Re enter WPA key to establish connection." and then prompt a login box asking for WPA key, or popup what ever fake login page you desire. Once victim fall into this fake web page, they will unable to escape from it and entrapped in a loop cycle.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihfCB2piu8YWUISsZvlMgTtYUHWGDyEcCHZyGMPuL0glIXDpw_YNk6MSoMjFda5Rsvq8cHi6ooOED-7NIYYGwORGZCluS5FOCoW_aqglYoV6S01FU8cc7nw8ZQY9r0lncDa6S0LwpSLHY/s1600-h/e.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 400px; height: 79px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihfCB2piu8YWUISsZvlMgTtYUHWGDyEcCHZyGMPuL0glIXDpw_YNk6MSoMjFda5Rsvq8cHi6ooOED-7NIYYGwORGZCluS5FOCoW_aqglYoV6S01FU8cc7nw8ZQY9r0lncDa6S0LwpSLHY/s400/e.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5451106335695084306" /></a><br /><br />With fakeap.sh (full version) script you will also have additional option to remotely monitor visitor's traffic and inject DNS poison to their internet session to divert them to a fake login web page, if you wish. This attack is only limited by your imagination.<br /><br />Some people might say this method is more like 'social engineering' than macho 'hacking'. Well, call it what ever you want, to me, the end justified the mean. If i can get 50% success rate using this method, i am a happy man. BTW, what is the success rate if you use pure brute force ? Well, not that good if you ask me.<br /><br /><br /><br />HOW TO GET FAKEAP FULL VERSION<br />==============================<br /><br />You can get your personalized fakeap full version code by sending email to us using the following format (click to see the request code).<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1O4CEu5k9mAxzR1oy15h_xa9Q8EUCuqoclk4rTvwTRzzvvJQIhihpJK3xdZs6Mr8bf1BUZFinegwZt-ngUZYsTfLcXdj5OlQlEkIeDxbIt4eVtqhr9U9oaGX1wQFXuBFpIPn-6TSNzrw/s1600/snapshot1.png"><img style="display:block; margin:0px auto 10px; text-align:center;cursor:pointer; cursor:hand;width: 200px; height: 120px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg1O4CEu5k9mAxzR1oy15h_xa9Q8EUCuqoclk4rTvwTRzzvvJQIhihpJK3xdZs6Mr8bf1BUZFinegwZt-ngUZYsTfLcXdj5OlQlEkIeDxbIt4eVtqhr9U9oaGX1wQFXuBFpIPn-6TSNzrw/s200/snapshot1.png" border="0" alt=""id="BLOGGER_PHOTO_ID_5548823394581714770" /></a>chikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comtag:blogger.com,1999:blog-6029510339153873512.post-11042619037417618772009-04-19T19:52:00.001-07:002010-10-25T00:50:33.098-07:00Q & A FOR NEW USERBelow are common questions that i receive via my e-mail from visitor to this blog. I post them here for your perusal<br /><br />Q1. I have windows operating system (xp, vista etc). Can i still do it?<br /><span style="font-style:italic;">A1. Yes</span>.<br /><br />Q2. What hardware and software do i need in order to run fish?<br /><span style="font-style:italic;">A2. You need 1) Backtrack3, 2) fish, 3) wifi adapter and 4) Dictionary for WPA </span><br /><br />Q3. I do not have cd rom in my pc. What should i do? <br /><span style="font-style:italic;">A3. You can run bt3 in window via VMplayer, cd-rom (if you have one) and boot from pendrive. <br /></span><br />Q4. I am new to linux. Is it difficult to learn the skill?<br /><span style="font-style:italic;">A4. It is easy. In fact, you don't need to learn any linux line command. Fish is for linux newbie like most of us.<br /></span><br />Q5. How long does it takes to learn the skill?<br /><span style="font-style:italic;">A5. With proper kits and with 'fi.sh' it normally takes 5 minute to learn the skill</span><br /><br />Q6. Why are you releasing this knowledge to public. Are you not promoting something illegal here?<br /><span style="font-style:italic;">A6. I want public to aware of wifi weaknesses and take proper action to plug the loop hole and weaknesses in their system. </span><br /><br />Q7. I have a slow internet connection that discourage me from downloading bt3. Can you help?<br /><span style="font-style:italic;">A7. Email me to get all the necessary software in usb stick by mail.</span> <br /><br />Q8. Apart from decoding the WEP encryption, what else can your fish do ?<br /><span style="font-style:italic;">A8. My fish can do the following action. a) decode WEP with station/client b) decode WEP without station/clientless and c)WPA encryption</span><br /><br />Q9. I understand that you need a dictionary wordlist to decode WPA encrypted AP. Where can i get one?<br /><span style="font-style:italic;">A9. I have a 7gb dictionary that have served me well. I can send it to you if you require one</span><br /><br />Q10. I am using MAC filtering in my AP on top of WEP/WPA encryption. Is it safe?<br /><span style="font-style:italic;">A10. Even if with MAC filtering and WEP/WPA, your AP is still vulnerable. <br /></span><br />Q11. What is your suggestion for me to secure my AP?<br /><span style="font-style:italic;">A11. Use very long password (longer than 26 character with special characters). But a resourceful intruder might still able to decode your wifi (with time). What they need is to just capture your 'hand-shake' file and do the actual decoding elsewhere using dictionary</span> <br /><br />Q12. What are the differences between your fish (trial) and fish (full version) ?<br /><span style="font-style:italic;">A12. Trial version can decode WEP with station/client only but the fish (full version) can decode 1) WEP with station/client, 2) WEP without station/client and 3) WPA with dictionary<br /></span><br />Q13. How can i get the fish (full version) ?<br /><span style="font-style:italic;">A13. Read my posting #1 to download the fish (trial version). For the lethal full version, kindly email me with your wifi adapter MAC Address. I need to incorporate your Mac Address into the fish (full version) script for your security and control distribution. ONLY YOU be able to access that fish script (full version). This is the reason why i did not upload the fish (full version) to file hosting website. The fish script (size 20kb only) can be sent to your email or sms to your mobile phone.<br /></span><br /><br /><br />If you have any more question, don't hesitate to press 'contact me' button.<br /><br /><br />Cheerschikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comtag:blogger.com,1999:blog-6029510339153873512.post-43794072273454772372009-04-18T20:31:00.001-07:002010-10-25T00:50:33.127-07:00USER LIST & TESTIMONIALThey say 'the proof of the pudding is in the eating'. The only way for you to know if my 'fi.sh' work is to try it for yourself.<br /><br />If you are a novice to linux but are eager to learn how to decode WEP/WPA (with permission from the AP owner), here is your chance to do so easily. Come on in and join the many visitors of this blog that have benefited and successfully use the software.<br /><br /><span style="font-weight: bold;">Successful 'fi.sh' users</span><br />As of 19th April 2009, there are already 323 user from various nationality that have used 'fi.sh' successfully since it was first introduce on 5th January 2009. I enlist some of their email here for you to personally verify, seek independent third-party opinion, compare and exchange notes. Please contact any of them to confirm fi.sh effectiveness.<br /><br /><object id="_ds_32954841" name="_ds_32954841" width="450" height="550" type="application/x-shockwave-flash" data="http://viewer.docstoc.com/"><param name="FlashVars" value="doc_id=32954841&mem_id=1229476&doc_type=txt&fullscreen=0&allowdownload=1&showrelated=0&showotherdocs=0" /><param name="movie" value="http://viewer.docstoc.com/"/><param name="allowScriptAccess" value="always" /><param name="allowFullScreen" value="true" /></object><br /><font size="1"><a href="http://www.docstoc.com/docs/32954841/User_list">User list</a></font><br /><br /><object id="_ds_32954820" name="_ds_32954820" width="450" height="550" type="application/x-shockwave-flash" data="http://viewer.docstoc.com/"> <param name="FlashVars" value="doc_id=32954820&mem_id=1229476&doc_type=txt&fullscreen=0&showrelated=0&showotherdocs=0&showstats=0 "/> <param name="movie" value="http://viewer.docstoc.com/" /> <param name="allowScriptAccess" value="always" /> <param name="allowFullScreen" value="true" /> </object> <br /> <font size="1"><a href="http://www.docstoc.com/docs/32954820/Testimonial"> User testimonial</a></font> <br /><br />Cheers.chikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comtag:blogger.com,1999:blog-6029510339153873512.post-51647459412286881862009-04-18T19:52:00.001-07:002010-10-25T00:50:33.142-07:00HOW TO USE FISH<a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYQGmPKnzfHleK_0pAB9b6_AhL7SqAzlIndi_XnwzSPcH0VR1owjVorDxl0JQsjKxIZa4eKGw70Cm-TLwDFS_g4dPYHCzLCJBsA4qyf3Y999RlBu7T8FoneAoJdzxmi007sdO0ZXfj_54/s1600-h/k.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 282px; height: 320px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYQGmPKnzfHleK_0pAB9b6_AhL7SqAzlIndi_XnwzSPcH0VR1owjVorDxl0JQsjKxIZa4eKGw70Cm-TLwDFS_g4dPYHCzLCJBsA4qyf3Y999RlBu7T8FoneAoJdzxmi007sdO0ZXfj_54/s320/k.jpg" alt="" id="BLOGGER_PHOTO_ID_5328072968105574050" border="0" /></a><br /><br /><div style="background-color: #660000;"><span style="font-weight: bold;"><br />A. Use 'fi.sh': step-by-step procedure<br /><br /></span>1. Boot your Backtrack3-final cd via cd-rom, hdd or usb flash drive. Download 'fi.sh' script relevant to your wifi adapter chip set from my link 'HACK ANY WIFI PASSWORD'.<br /><br />2. Save 'fi.sh' in your 'Home' icon located in your Backtrack3-final desktop.<br /><br />3. Plug-in your USB wifi adapter.<br /><br />4. Click the 'konsole' icon located at the bottom right corner of your screen (black square icon).<br /><br />5. Type 'chmod {leave space} +x {leave space} /root/fi.sh' then '/root/fi.sh' without the quote.<br /><br />6. Follow the screen instruction.</div><br /><br /><div style="background-color: #666600;"><span style="font-weight: bold;">B. How to decode AP's WEP/WPA : step-by-step procedure</span><br /><br />1. For practical purpose, you need 2 pc as per diagram above (called STATION-PC and H4CKER-PC) and 1 access point (AP).<br /><br />2. Configure your AP with WEP or WPA wireless encryption.<br /><br />3. Use the STATION-PC to surf the internet by connecting wirelessly with your AP. Of course you have to key-in the WEP password into your STATION-PC in order to get connected to the AP.<br /><br />4. The purpose for above action is to simulate a wireless traffic between AP and STATION-PC. In real world, this could be other people's wireless traffic that you are monitoring (Please ask for permission before you do it otherwise it is illegal).<br /><br />5. Above action will enable our H4CKER-PC to intercept and collect the wireless packet communication data between the AP and STATION-PC for decoding the WEP or WPA password using the recommended 'complete kits' and 'fi.sh' script.<br /><br />6. Follow 'How to use fish' instruction stated above<br /><br />Press the 'contact me' button if you need further clarification.</div><br />Cheerschikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comtag:blogger.com,1999:blog-6029510339153873512.post-37210607296738769912009-04-16T18:34:00.001-07:002010-10-25T00:50:33.167-07:00COMPLETE KIT TO HACKIn order for us to take the necessary precaution in strengthening our wifi security, we must know where are the weakness point in our wireless system.<br /><br />I will teach you wifi hacking and war driving.<br /><br />There are 5 items required for this task.<br /><br />1. Pc or laptop<br />2. Backtrack3-final.iso software (free)<br />3. 'fi.sh' script (free)<br />4. Compatible usb wifi adapter<br />5. Dictionary wordlist for WPA and WPA2 (free) <br /><br /><span style="font-weight: bold;">1. PC or Laptop</span><br />My hacking software (fish) will work with any Windows and Mac Operating system. <br /><br /><span style="font-weight: bold;">2. Backtrack3-final.iso</span><br />Go to my posting titled 'FISH SOFTWARE DOWNLOAD'. Burn the downloaded file to cdr using Nero or any other equivalent software.<br /><br /><span style="font-weight: bold;">3. 'fi.sh' script </span><br />You do not need to learn linux to run fish. Everything is done automatically for you in 3 steps.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-UWOj-Uxe5ZXdfacVS9Pc0-HXdOYMi5_b4OYuafpyG4TrW-9bfygqOUN71AwEWXE7gRlAm5RFiHh8Pt-8t9_VSKpnaAYukC1IZwgN12Dbq2MSX2MTxdh-psmIPDTB2rDNzSLuLPcQK7o/s1600-h/DLINK+WUA.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 320px; height: 204px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj-UWOj-Uxe5ZXdfacVS9Pc0-HXdOYMi5_b4OYuafpyG4TrW-9bfygqOUN71AwEWXE7gRlAm5RFiHh8Pt-8t9_VSKpnaAYukC1IZwgN12Dbq2MSX2MTxdh-psmIPDTB2rDNzSLuLPcQK7o/s320/DLINK+WUA.jpg" alt="" id="BLOGGER_PHOTO_ID_5325516706741436770" border="0" /></a><br /><br /><span style="font-weight: bold;"><br />4. Compatible usb wifi adapter</span><br />This adapter should be supported by linux kernel for packet injection for wifi hacking and war driving.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHjIvPJSn-GjFBUAg_8Um3mgRvADrDhi3Aq_A8P9DFwaB8zwL5yrTtvcyp5itiqt4D1Qj3Xxny2th9qimlZkxc80-X3dGtqbC_y1aYGuLIIISN2mUOPIMydB2LSI8k2oonMZBi3YrW32A/s1600-h/ALFA+AWUS036s.jpg"><img style="margin: 0pt 10px 10px 0pt; float: center; cursor: pointer; width: 320px; height: 240px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHjIvPJSn-GjFBUAg_8Um3mgRvADrDhi3Aq_A8P9DFwaB8zwL5yrTtvcyp5itiqt4D1Qj3Xxny2th9qimlZkxc80-X3dGtqbC_y1aYGuLIIISN2mUOPIMydB2LSI8k2oonMZBi3YrW32A/s320/ALFA+AWUS036s.jpg" alt="" id="BLOGGER_PHOTO_ID_5325501643731802642" border="0" /></a><br /><br /><br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7lKsJQDoSWWyMkVIR-LwW0dCCUBOXZIgs3LSPf14JCSodTj-t24Mf9Kb9glLcZeAa-NzBIwAM0zH5_Iz7lsAk3uicMNrA9E0f4x28dIsgEb_TsoBwjEpsg5M_FfWaRL2Gdl5kwm7RcNk/s1600-h/HAWKING+HWUG1.gif"><img style="margin: 0pt 10px 10px 0pt; float: center; cursor: pointer; width: 320px; height: 320px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEg7lKsJQDoSWWyMkVIR-LwW0dCCUBOXZIgs3LSPf14JCSodTj-t24Mf9Kb9glLcZeAa-NzBIwAM0zH5_Iz7lsAk3uicMNrA9E0f4x28dIsgEb_TsoBwjEpsg5M_FfWaRL2Gdl5kwm7RcNk/s320/HAWKING+HWUG1.gif" alt="" id="BLOGGER_PHOTO_ID_5325502878398425186" border="0" /></a><br /><br /><span style="font-weight: bold;"><br /><br />5. Dictionary wordlist for WPA and WPA2</span><br />You will need this only for WPA or WPA2 wireless hack. Below is the sample of<br />dictionary wordlist. I have compiled a 7gb dictionary wordlist that have served me well.<br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhi3GHsliRJOO0iSnewPC5qsD0P-lpmEGGGVcWOhmTsNQmLeb1IlqMmfTo0VlDg09Kya9qF7gmjf1oU1L4lGYRoIfWS_A3nW-57EtyGvc7Xdy8tXXa_zeRV_i25-q89kazBGo59uPKHCUI/s1600-h/DLIN.jpg"><img style="margin: 0px auto 10px; display: block; text-align: center; cursor: pointer; width: 320px; height: 310px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhi3GHsliRJOO0iSnewPC5qsD0P-lpmEGGGVcWOhmTsNQmLeb1IlqMmfTo0VlDg09Kya9qF7gmjf1oU1L4lGYRoIfWS_A3nW-57EtyGvc7Xdy8tXXa_zeRV_i25-q89kazBGo59uPKHCUI/s320/DLIN.jpg" alt="" id="BLOGGER_PHOTO_ID_5325513811153880386" border="0" /></a><br /><br />Once you have all 5 items, you are now ready for wifi hacking and war driving<br /><br />Cheerschikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.comtag:blogger.com,1999:blog-6029510339153873512.post-38901897128907084272009-04-15T21:32:00.001-07:002010-10-25T00:50:33.194-07:00WIFI VULNERABILITYMost of us take for granted that when we secured our wireless internet with either WEP or WPA encryption, we thought our wifi is safe from uninvited guest.<br /><br />Well, i am going to tell you the bad new. Your wireless internet network is unsafe although you have secured it with WEP or WPA password. I am going to show you how anybody with my software can hack your wifi password.<br /><br />By demonstrating to you how easy it is to intrude your wireless internet network i hope to be able to convince you to take the necessary precaution to overcome the weakness in your wireless setup.<br /><br />Kindly watch my video below<br /><br /><object width="425" height="344"><param name="movie" value="http://www.youtube.com/v/tZMugKB0a9o&hl=en&fs=1"></param><param name="allowFullScreen" value="true"></param><param name="allowscriptaccess" value="always"></param><embed src="http://www.youtube.com/v/tZMugKB0a9o&hl=en&fs=1" type="application/x-shockwave-flash" allowscriptaccess="always" allowfullscreen="true" width="425" height="344"></embed></object><br /><br />The above procedure can only be done if you have the complete kits as shown below<br /><br /><br /><a onblur="try {parent.deselectBloggerImageGracefully();} catch(e) {}" href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHPNRtz6jX6fPVTLQfFrvoauZh7xHQObBSRD4GvWCauVYcUBnjQ_Kt_M3fFYrGHKck2HP7LodK0LpFSpFDFnTXZVHeaEZOrisXsMV1USh-r_5EKFJIBCt6bmFwMSXS5Vn0MzDhWBJb5aU/s1600-h/Complete_kits_2.JPG"><img style="margin: 0pt 10px 10px 0pt; float: left; cursor: pointer; width: 320px; height: 166px;" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHPNRtz6jX6fPVTLQfFrvoauZh7xHQObBSRD4GvWCauVYcUBnjQ_Kt_M3fFYrGHKck2HP7LodK0LpFSpFDFnTXZVHeaEZOrisXsMV1USh-r_5EKFJIBCt6bmFwMSXS5Vn0MzDhWBJb5aU/s320/Complete_kits_2.JPG" alt="" id="BLOGGER_PHOTO_ID_5325282679875543394" border="0" /></a><br /><br /><br /><br />Kindly read my other posting for more tips and tricks on hacking.<br /><br />In future, i will also advise you the necessary precaution that you might take to strengthen your wireless internet security.<br /><br />Please remember that you must not use other people's wireless internet without the owner permission. It is wrong and unethical.chikiabuhttp://www.blogger.com/profile/11066226878295608537noreply@blogger.com