Seth Leedy’s CWP – Collect WPA Passes script

Standard

This script is a work by Webmaster Seth Leedy.


 Keep tuned to this post for updates.

Bugs:

  •  

Todo:

  •  

Cwp
Cwp
cwp.sh
12.3 KiB
315 Downloads
Details...

Count of script executions:

  • Agent: CWP_Wget_v.0.2, Count: 25
  • Agent: CWP_Wget_v.0.3, Count: 1
.


Version 0.2

619 total views, no views today

That a Phone in Your Pocket or Are You Scanning My Network?

Standard

From: http://www.infosecisland.com/blogview/19425-That-a-Phone-in-Your-Pocket-or-Are-You-Scanning-My-Network-.html

That a Phone in Your Pocket or Are You Scanning My Network?

Monday, January 16, 2012

Malgorzata Skora 

1a490136c27502563c62267354024cd5

Article by Ken Westin

Mobile Penetration Testing: Is That A Phone In Your Pocket Or Are You Scanning My Network?

When most people think of penetration testing, they think of a simulated external attack where the tester tries to break into a network from a remotely.

Companies focus most of the security spending and policies on keeping hackers from the outside in, from firewalls and other security hardening appliances, software and tools.

However, given the proliferation of mobile devices in the workplace and use of Wi-Fi networks inside of an office, attacking from inside the network provides unique opportunities.

Smartphones have become much more powerful over the past few years, with powerful processors and a plethora of hardware at your fingertips. Combine this power into a compact unit with the right apps you can scan a network from the inside in seconds along with several other new types of attacks and information gathering.

Your browser may not support display of this image. Mobile devices have accelerated productivity as they move to replace many of the other devices we used to carry in a small package. Most phones have Wi-Fi capability, cameras, mass storage capability and a persistent internet connection via 3G and 4G and allow a wide number of applications and if rooted provide many of the same tools as a computer, but with more hardware and network capabilities. Continue reading

511 total views, no views today

Hacking the Netgear WGR614

Standard

From: http://ttcshelbyville.wordpress.com/2012/09/29/hacking-the-netgear-wgr614/

Students and readers know that I love DD-WRT and open firmware.   I love finding old routers and refurbishing the routers with firmware or hacks.  Often I find a router that is not upgradeable by way of open source firmware.   What I do is reset the routers, upgrade to the latest manufacturer firmware and then hunt the web for hacks or mods to the routers.   Why?  Refurbish the hardware and reuse these devices for labs (for my students).

The Netgear WGR614 v6 cannot be upgraded but you can enable telnet and get more commands and have more control of the router.  You will first need an enable telnet program.  The enable telnet program can be downloaded here.

  • Login to Windows using an account which has administrative privileges (needed for sending custom crafted network packets which this tool does)
  • Open a command line as an administrator (Type cmd in the Search box and right click on the cmd icon and Run as Administrator).
  • Get the MAC address of your Netgear router. You can use either ‘arp -a’ and use the ‘physical address’ or look it up on the web interface of your router (Maintenance ->Router status -> LAN port –MAC Address)

  • Copy or type the MAC address to a text editor such as Notepad or Wordpad
  • Remove any minus signs (-) or colons (:), replace all characters by their upper caserepresentation (a = A, b =B etc.)
  • Copy the result of your editing to the clipboard and return to the command line window
  • type (without quotes) “telnetenable.exe“, the IP address of your router (e.g. “192.168.1.1“), add another space (“ “), paste the contents of the clipboard, and append ” Gearguy Geardog”. These are the default username and password for telnet console access (they differ from those of the web interface), you need to modify them appropriately if you changed them previously. The result should look similar to this:

Correct character case is important here.

  • Now press Enter to run the tool. It should return to the shell pretty quickly with no error. If it takes a long time and returns a ‘send failed’ error message try again and double check your entry
  • Now login to the router via telnet from any computer in your local subnet (including the one you just used to activate the listening mode). To do so, type the following (no quotes): “telnet “, append the IP of your router and press enter (e.g.telnet 192.168.1.1) (You may have to add telnet under features in Windows 7 )

  • You will be prompted for a login and a password. For the login, type Gearguy, for the password, type Geardog. Correct character case is important here.

  • After successful authentication you will be presented a prompt such as
  • For available commands, type help or ?. To quit the console, type exit.

409 total views, no views today

Easy way to fix ‘unable to open file ‘/var/lib/dpkg/tmp.ci//.svn’: Is a directory’

Standard

From: http://lkubuntu.wordpress.com/2011/06/29/easy-way-to-fix-dpkg-svn-error/

While helping a friend with his computer, I had some issues trying to install a certain .deb package, as there was this error popping up:

This is actually caused by poor packaging, where the package was generated by code in an SVN source tree. To fix it, we just have to remove all .svn directories in the package.

Run this code in a terminal (replace debfile_REPLACE_ME by the name of the broken debfile, and path/to/bad/debfile_REPLACE_ME.deb by the path to the broken debfile, including it):

Now copy the “Raw Paste Data” of this webpage to a file: http://pastebin.com/AvtFVRuK.[I copied it to the bottom of this post] I originally included the contents of this file in the post, but wordpress kept on breaking it, so I had to upload it to a pastebin. Copy the file to /tmp/deb(random numbers, probably 4 of them), and rename it to ‘svn.sh’ (without quotes).

Run this code in the same terminal as before:

You can then install it using:


687 total views, no views today