WiFi Hack {Get On Your Neighbours Internet} [h33t][migel] Includes: 1. Auditor-200605-02-no-ipw2100.iso This version is for systems with the Intel B/G wireless cards (IPW2200) only. All other system should take the version below. The md5sum of auditor-200605-02-no-ipw2100.iso is "70a5f3e47c191c055366b3b0a3fa2c90" 2. Auditor-200605-02-ipw2100.iso This version is for all systems except systems with the Intel B/G wireless cards (IPW2200). The md5sum of auditor-200605-02-ipw2100.iso is "cdec4b975c1001ddc127a16a32ed1dd7" Both is bootable Live CD's (no need install nothing) Image format: .ISO Burn with UltraISO, Alcohol. Nero etc. ====================================== Description: Including everything you need to hack and crack Wifi internet connections. Wireless Hacking Live-CD (FBI version) Hack a WLAN / Wireless Access Point WEP is an encryption scheme, based on the RC-4 cipher, that is available on all 802.11a, b and g wireless products. WEP uses a set of bits called a key to scramble information in the data frames as it leaves the access point or client adapter and the scrambled message is then decrypted by the receiver. Both sides must have the same WEP key, which is usually a total of 64 or 128 bits long. A semi-random 24 bit number called an Initialization Vector (IV), is part of the key, so a 64 bit WEP key actually contains only 40 bits of "strong" encryption while a 128 bit key has 104. The IV is placed in encrypted frame's header, and is transmitted in plain text. Traditionally, cracking WEP keys has been a slow and boring process. An attacker would have to capture hundreds of thousands or millions of packetsa process that could take hours or even days, depending on the volume of traffic passing over the wireless network. After enough packets were captured, a WEP cracking program such as Aircrack would be used to find the WEP key. Fast-forward to last summer, when the first of the latest generation of WEP cracking tools appeared. This current generation uses a combination of statistical techniques focused on unique IVs captured and brute-force dictionary attacks to break 128 bit WEP keys in minutes instead of hours. As Special Agent Bickers noted, "It doesn't matter if you use 128 bit WEP keys, you are vulnerable! Basic Directions: 1)Boot from cd 2)get the wep key 3)write it down 4)reboot into windows 5)connect using wep key. Auditor: The security tool collection The Auditor security collection is a GPL-licensed live CD based on Knoppix, with more than 300 security software tools. Auditor gives you easy access to a broad range of tools in almost no time. To get started, download the latest image of Auditor and burn it as a bootable image. Remember to use the image option -- just copying the file will not produce a bootable image. After you have successfully written the image to disc, you can start Auditor directly from the CD. It will not install any permanent software on the hard disk unless you request it to, so don't be nervous to use Auditor on a client workstation. The structure of Auditor Auditor's menu is divided into several "tool groups" for easy recognition: Footprinting -- Applications to gain initial knowledge about a server, such as Whois and Dig. Analysis -- Tools to analyze a network, such as Ethereal. Scanning -- Tools to scan the network, such as Nmap. Wireless -- Applications to test the wireless network. Brute-forcing -- The brute-force password cracking word list holds more than 64 million word entries, according to the Auditor Web site. Cracking -- Cracking tools to be used with the brute-force word lists. How can Auditor help you with IT security? Many security engineers arrive on a client's site and find that the network documentation required for solving the task properly is incorrect or even obsolete. In Auditor's Scanning submenu you'll find the Nmap network scanner. You can choose the traditional shell version or Nmap FE, which provides a graphical front-end for Nmap. After you have gained a basic overview of the network you can use NBTScan, a NetBIOS name scanner, and Nessus, a vulnerability scanner. If the audit includes Web applications, try the Nikto and Amap application scanners. Let's say you've been called in to examine a possible compromised server, and until the integrity of the server has been established you are not allowed to install any forensic software or even take the server offline. You can take your Auditor CD and start running the chkrootkit utility to see if any known rootkits are installed on the server. If you find any suspicious activity, you can take a disk image with the dd command and examine it for any possible rootkits or strange processes. You can also use the Autopsy Forensic Browser, a graphical interface that can analyze Windows, Linux, and BSD file systems (NTFS, FAT, Ext2/3) to search for files. If you are analysing a Linux or Unix system, you can use Nibbler to extracts known offsets from binaries to find hidden trojan horses. Suppose you've been asked to do the security survey on a wireless network for possibly weaknesses. Auditor includes the Kismet and wellenreiter wireless analyzers, which both support automatic hardware identification, helping you avoid wasting time configuring your wireless card. Also on the Auditor CD is Airodump, a kind of wireless TCPdump application which can capture packets to assist in brute force analysis of the data later. Furthermore, there are many crackers, including some against WEP encryption to crack the wireless key. Another interesting application is hotspotter, a program for wireless client hijacking. In addition to all the security tools Auditor includes several common useful applications, such as the Firefox and Konqueror Web browser and some text editors. You can write full reports directly from the Auditor CD and either burn the result on a CD with the Cdrecord program or place it on a remote server with either SSH or remote desktop tools. About this CD - Auditor security collection The Auditor security collection is a Live-System . With no installation whatsoever, the analysis platform is started directly from the CD-Rom and is fully accessible within minutes. Independent of the hardware in use, the Auditor security collection offers a standardised working environment, so that the build-up of know-how and remote support is made easier. Even during the planning and development stages, our target was to achieve an excellent user-friendliness combined with an optimal toolset. Professional open-source programs offer you a complete toolset to analyse your safety, byte for byte. In order to become quickly proficient within the Auditor security collection, the menu structure is supported by recognised phases of a security check. (Foot-printing, analysis, scanning, wireless, brute-forcing, cracking). By this means, you instinctively find the right tool for the appropriate task. In addition to the approx. 300 tools, the Auditor security collection contains further background information regarding the standard configuration and passwords, as well as word lists from many different areas and languages with approx. 64 million entries. Current productivity tools such as web browser, editors and graphic tools allow you to create or edit texts and pictures for reports, directly within the Auditor security platform. Many tools were adapted, newly developed or converted from other system platforms, in order to make as many current auditing tools available as possible on one CD-ROM. Tools like Wellenreiter and Kismet were equipped with an automatic hardware identification, thus avoiding irritating and annoying configuration of the wireless cards. --------- Liability The software and the collection are published by Max Moser with no liability. No guarantee or liability claims can be accepted, as Max Moser takes no responsibility or liability for the Auditor security collection or any part thereof. ---------------------------------------------------------------------
Aloksei