Will Hack For SUSHI

Hacking and Defending Wireless

• Home
• Defensive
• Offensive
  • file2air
  • FreeRADIUS-WPE
  • Asleap
  • Cowpatty
  • Bluecrypt
  • eapmd5pass
  • wlan2eth
• Projects
• Research
• Presentations
• Old Site
• About

Archive for the ‘802.11’ Category

Reflections on “hole196″

Last week at BlackHat, AirTight Networks security analyst Md Sohail Ahmad presented his findings on a vulnerability dubbed “hole196″. Affecting WPA/WPA2 Enterprise networks, this issue allows an authenticated user to manipulate other clients on the network to establish ARP spoofing attacks, to impersonate data frames from the AP or to create a DoS attack [...]

August 3, 2010   Posted in: 802.11, Uncategorized  5 Comments

Updated FreeRADIUS-WPE

Brad brought the FreeRADIUS-WPE patch up to date for FreeRADIUS 2.1.7, which I’ve posted in the Offensive Section. This tool still works very reliably for me, and it’s always a treat when a target wireless network is running PEAP or TTLS and I get to use it.

Code is posted on the FreeRADIUS-WPE page. [...]

May 18, 2010   Posted in: 802.11, Hacking  Comments Closed

Verizon MiFi Pwned (maybe they should take my class)

Update: Please also see my post about the hidden page for advanced MiFi configuration settings.
Recently, I picked up a Verizon MiFi device for $50 and the extension of my service contract for another 2 years. The fun that I’ve had with the device so far has well made up for both costs.
Background
The MiFi is [...]

February 2, 2010   Posted in: 802.11, Wireless  4 Comments

Special Evening Webcast on Kismet Newcore Thursday!

On Thursday night at 7pm EDT (4pm PDT) I’ll be giving a special evening webcast called “Budget Wireless Assessment using Kismet-Newcore”. I delivered this content at the SANS Denver conference a few weeks ago, but several people have contacted me complaining that they wanted to get in on the new features Kismet has to [...]

July 28, 2009   Posted in: 802.11, Bluetooth, Training, ZigBee  2 Comments

802.11 Pocket Reference Guide

I’ve posted my IEEE 802.11 pocket reference guide to the Projects Section. This legal-sized guide provides some quick-reference resources for wireless analysis including common acronyms, Wireshark display filters, Kismet shortcuts and a breakdown of several of the IEEE 802.11 header fields. This will be especially helpful to my SANS SEC617 Ethical Hacking Wireless [...]

July 9, 2009   Posted in: 802.11, Wireless  8 Comments

New Presentation: Budget Wireless Assessment with Kismet Newcore

New slides I’m delivering tonight at the SANS Denver 2009 conference on using Kismet Newcore for wireless assessment in the role of wireless network administrator, auditor or ethical hacker. Check it out in the usual place.
Thanks to @jabra for his help in getting the BT4 update repository current with the most recent Kismet Newcore [...]

July 8, 2009   Posted in: 802.11  No Comments

Cowpatty 4.6 (with less teh suck)

As it turns out, there was a pretty significant bug in cowpatty 4.5 and earlier when built on systems with a more modern version of OpenSSL than what I was testing against:

typedef struct {
unsigned char [...]

July 3, 2009   Posted in: 802.11, Code, Security, Tool  No Comments

Cowpatty 4.5

After too much time I have posted coWPAtty 4.5 with several fixes and a couple of new features:

Fewer restrictions on collecting the data needed to mount an attack.  The default behavior requires all 4 frames of the 4-way handshake to mount an attack.  If you specify “-2″ on the command-line, coWPAtty will only require frames [...]

June 4, 2009   Posted in: 802.11, Penetration Testing, Security, Tool  4 Comments

Kismet-Newcore Screenshots

Dragorn has posted a bunch of screenshots for Kismet-Newcore, demonstrating some of the cool UI features including traffic activity timeline view, update client list view, plugins view, network details view, color preferences, channel utilization (signal and noise) view, and channel configuration.
Check them out at http://kismetwireless.net/screenshot.shtml.
-Josh

May 26, 2009   Posted in: 802.11, Security, Tool  No Comments

Kismet Newcore RC1 Released

Just a little while ago, dragorn released RC1 of Kismet-Newcore, the much-awaited next-generation of Kismet. From the release news:
After 5+ years of development, this staging release is to work out any final minor issues before a full release. Kismet-2009-05-RC1 is expected to be fully functional, so please report problems on the forums or via [...]

May 26, 2009   Posted in: 802.11, Security, Tool  4 Comments

• « Older Entries

• Twitterific

  • @bug_bear I can't believe I forgot this one: One Second After by William Forstchen, awesome PA book about the destruction following EMP
  • TaoSecurity: Review of Hacking Exposed: Wireless, 2nd Ed Posted http://t.co/aicbN1F via @taosecurity (Awesome!)
  • @bug_bear World War Z was an awesome book
  • @bug_bear "The Taking" was not my favorite PA book. I think my favorite is still "Swan Song" or "The Stand"
  • @digininja Glad to hear your wife is well, best wishes.
  • Free chapters for Hacking Exposed Wireless 2nd Edition available online: http://bit.ly/bNzksI (all new content in this edition)

• Categories

  802.11 Administrative Apple Bluetooth Code Defending Exploit Fuzzing Hacking Hardware iPhone Linux Malware Penetration Testing Privacy Reverse Engineering Security Smart Grid Tool Training Uncategorized Vista Windows 2003 Wireless ZigBee

• Pages

  • About
  • Defensive
  • Offensive
    • Asleap
    • Bluecrypt
    • Cowpatty
    • eapmd5pass
    • file2air
    • FreeRADIUS-WPE
    • wlan2eth
  • Old Site
  • Presentations
  • Projects
  • Research