Using aircrack on Windows to Crack my WPA [closed] - security

Closed. This question is not about programming or software development. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 10 days ago.
Improve this question
I'm new to hacking and security in general. I wanted to learn a few things so I'm trying to break into my Wifi which is using WPA security. I've been googling and trying to find a way to do that for windows. What I found that has been helpful is this tutorial:
https://www.youtube.com/watch?v=TAbS_-uqhJQ
I've downloaded an older aircrack version (aircrack-ng-1.0-rc3-win) and Comm for Wifi like in the video. I ran the Comm for Wifi and I have packets that have the handshake protocol like this:
EAPOL-Key(4-Way Handshake Me...
When I insert the packet log into the aircrack GUI along with my wordlist. I get an error saying there no handshakes when very clearly in the log there are several handshakes. I used a .pcap file from the aircrack website (along with the same password list) and aircrack works fine with that .pcap file. I've compared their .pcap file with mine and I don't see a difference between them besides the obvious ESSID's and BSSID's and other small details but it looks like the same type of handshake packets are there.
I'm very new to this and I understand that probably Windows is not the best OS for hacking but I feel like I'm pretty close. Does anybody have any suggestions as to what to do next? Is there a way to fix this problem?

i prefer you to use kali 2.0 for cracking!
basically wpa cracking steps are
switching your wifi adapter to monitor mode.
locking a base network(to be attacked).
listing the clients connected to it.
(/ in wpa, packets doesnt contain any relevant data)
4.for cracking, we have to disconnect a client for few milliseconds ,forcing to reconnect by sending hand shake packets.
we have to capture above packets, compare with a wordlist.
Note: wpa cracking is hideous task, if we have no idea of password(its length,characters used)!! it could take several days to crack!!!..
u can test it to crack your own network

Related

Linux SSH Server (tunneling) without network tweaks such as port forwarding or firewall exceptions [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 2 years ago.
Improve this question
Background Info:
My office is closing down due to COVID19 outbreak policies.
Unfortunately we do not have a VPN in place, and currently one of my coworkers has to going in every day to make commits for everyone who is working remotely--our repos are stored inside the office internal network.
The Problem:
I need to be able to get inside the internal network remotely using SSH, without having to make any changes to network configuration (I do not have access to the network devices). This means I would not be opening ports, or making firewall exceptions for example.
I was thinking of using a raspberry pi with a fresh linux image (any supported distro would be fine, I'm open to suggestions).
My goal is to plug the pi3 to my workstation ethernet port, and leave it there for the time being. I would not be able to do any physical reboots , etc.
I need a suggestion for a free tunneling solution that would be easy to set up and use for 1-10 people to be able to connect using a secure connection (SSH) and gain access to internal resources remotely.
Question:
I need suggestions for which distro would be nice and light enough for the pi3 to handle, and SSH server software to use.
I looked into OpenSSh which has been suggested in other similar threads, but it would require configuring firewall and opening port 22, which I cannot do.
Other
I've used Google Chrome's remote desktop in the past and it has worked wonderfully. I would set up the "host" machine with it, and then any other machine with Chrome (with the same account) could remote in without any sort of network configuration.
I guess I just need something similar to this, but instead of remote desktop I need an SSH solution. I would create a few root-enabled accounts to allow other devs to connect to it at the same time if possible.
I found a solution to my problem and will pass it along to my IT team for proper approval prior to putting in place. However I wanted to share the answer here in case anyone else ever has a similar situation.
As stated, be sure to check your company's policy and consult the proper channels before doing this sort of thing, as it can cause security risks and could get you fired... so be advised, do this at your own risk!
With that said, a "Reverse SSH" could be the solution to the problem. It allows you to connect to a machine inside of a network without having to open ports or firewall exceptions.
This isn't a good long term solution for most cases, but might be the workaround you need to do the trick in a pinch.

Have I been hardware hacked/backdoored? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 5 years ago.
Improve this question
I'm on Linux Mint, never connected to the internet for weeks, and still not connected, doing some python programming (Python 3.6).
I happened to look at the firewall program in it 'report' section and see this
(please not that the firewall was actually set to ALLOW outgoing until I changed it just before this screenshot (it was only set to block incoming). Again, to my knowledge I am not, and have not, been connected to the internet at all and my networking is turned off.:
I'm not a network programmer, but this seems to be showing that these applications have been accessing network ports, correct?
Why would python 3.6 (which I was using) be on this list or ever need to connect to any port at all?? Am I looking at nefarious activity here?
I've heard that software can be placed directly on the hardware of a system. IS it possible that my network interface card could be activated and used without giving any indication?
And again, why would my python 3.6 application be on a firewall report at all?
I'm very concerned about this. Can someone enlighten me?
What you are looking at are mostly servers that are listening for incoming connections. That certainly covers ntpd, cups, ntpd.
It looks like some python programs have also been listening for connections, maybe as part of your programming exercises.
The fact that programs are listening for incoming connections doesn't mean anything has actually connected to them, or even that anything could.
An address of "*" indicates that it's a potential connection, not an actual connection that happened.

DOS attacks using cmd and protection against them [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 7 years ago.
Improve this question
After finding someones ip you can easily send pings to them to make DOS attacks. Me and my friend tried to make a defense against them and wanted to know how a low level attacker can send this DOS attacks. When one of us sent pings to the other using cmd when we were connected to the same modem(wifi) it succeed in sending pings. But when we were on different networks it failed and sent a message like "Request timed out". I assume this is a failure message but I've some questions in this matter.
I won't write the command to make DOS attacks since I don't want to encourage anyone in making those and anyone who is knowledgeable in this subject already knows how to do that.
//Assume that attacker knows the ip of the victim.
Questions
Can a computer be successful enough to slow down the second computer if he sends infinite pings? If so in how much time(approximately.)(assume their computers are same.) What can be the worst result for the victim?
How can someone be successful in making DOS attacks to people who are connected into different networks from cmd? And how can I take measures against them?
This will not work over the internet if the victim's router is set not to send ICMP replies to ping requests.
Can a computer be successful enough to slow down the second computer
if he sends infinite pings? If so in how much
time(approximately.)(assume their computers are same.) What can be the
worst result for the victim?
Not significantly. What you need is an amplification attack - that is the victim's computer has to do more work than you for each request. Sending a reply to a ping is minimal work and involves sending the same amount of bytes back, so you are not slowing the victim machine anymore than your own.
How can someone be successful in making DOS attacks to people who are
connected into different networks from cmd? And how can I take
measures against them?
You would be better off using a software tool to do this, or by setting up a botnet to do a distributed denial of service instead (DDoS). Usage of such tools are probably illegal depending on your jurisdiction and you should get full permission if testing this from the owners of all networks and systems where your traffic would flow.
Mitigating DDoS is the million dollar question. Services such as CloudFlare can help. It all depends on what you need to protect and who from.

Are files and texts readable for the NSA in video streams like remote desktop? [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 9 years ago.
Improve this question
I was wondering about the following: if I access another Computer over a video stream, (maybe like remote desktop), could the NSA read the websites and texts from that stream, even though only video is transmitted?
thanks!
Remote Desktop, as in RDP does not stream video. Unlike other remote desktop software, RDP actually uses kernel level access which is why RDP is so much smoother than a lot of the software that uses images.
RDP is vulnerable to man-in-the-middle attacks, but this is pretty unlikely to happen to you unless you are a highly valuable target. You can use SSL to prevent this sort of thing.
Regardless of all of that, your question seems to be about image-based remote desktop. You are, I think, correct in your assumption that the images are difficult to read vs. just intercepting plain text/html/etc. If the transmission was intercepted, they could "play it back" if it was not encrypted, and see what happened. The thing is, even the transmission between you and the remote host are secure - what about the transmission between the host and the internet? It is likely that whatever you are doing can be traced to the host, and then to you.

PPP demand dial with modem bank in linux [closed]

Closed. This question does not meet Stack Overflow guidelines. It is not currently accepting answers.
This question does not appear to be about a specific programming problem, a software algorithm, or software tools primarily used by programmers. If you believe the question would be on-topic on another Stack Exchange site, you can leave a comment to explain where the question may be able to be answered.
Closed 4 years ago.
Improve this question
I have a linux box with a bank of modems and need to create demand-dial (outbound) PPP connections to a very large set of remote machines. Since I have far more remotes than local modems, I'd like to launch one or more instances of pppd in demand mode, but not allocate a particular modem until a connection is requested. When the connection becomes idle, I'd like pppd to release the modem so it can be used for a connection to a different remote.
I've been through the pppd man pages and understand the concepts of the call and connect options, as well as the options.DEVICE files and the /etc/ppp/peers directory. Lock files will tell me which modems are in use or available. And I'm able to connect to multiple remote peers as long as I hard-code the modem assignments. But I haven't found a way to assign them dynamically, say by calling a get_available_modem script when pppd needs to dial. Google doesn't seem to know, either.
A work-around might be to detect the need to demand-dial with an external mechanism, and then launch pppd to service it, but it seems cleaner to leverage the facility within pppd itself.
Any pointers or ideas are appreciated. Thanks for your thoughts!
This is the solution I'm going with:
Enumerate the modems as /dev/modem0, /dev/modem1, ...
Start an instance of pppd in demand-dial mode for each peer, but instead of a "real" modem, attach it to /dev/modem.peer, which the "ppp-on-dialer" script soft-links to the first available modem dynamically.
When the connection times out and the modem goes offline, soft link /dev/modem.peer to /dev/null so the modem can be re-used for a connection to a different peer.
Thanks for your comments!
Does it have to be directly driven by the Linux box, or could you use something like the old Lucent Portmaster boxen?

Resources