What's New Here?

 


ECPPTv2 - Penetration Testing Professional from the popular eLearnSecurity Institute and INE is advanced penetration testing training. Prerequisite for this course is completion of the eJPT course . The eCPPTv2 course is one of the most popular courses in penetration testing. This course is comparable to the SEC560 course from the SANS Institute. This course teaches network penetration testing, web penetration testing, WiFi penetration testing and wireless networks, as well as operating system penetration testing. In this course, you will gain a deep understanding of Buffer overflow and Shellcoding, Windows and Linux exploitation, Post Exploitation, Pillaging. In this course you will learn about Ruby and Powershell to carry out attacks as well as build custom Metasploit tool modules and use them to carry out attacks.


Course prerequisites

  • Beginner knowledge in networking topics, protocols used on the Internet
  • Beginner knowledge in penetration testing topics
  • Ability to read and understand code
  • Course specifications
  • Course level: Intermediate
  • Time: 66 hours and 16 minutes
  • Includes: ‌ 83 videos | 30 labs | ‌ 118 slides
  • Master: Fabrizio Siciliano
  • ECPPTv2 Course Content - Penetration Testing Professional
  • System Security
  • Architecture Fundamentals
  • Assembler Debuggers and Tool Arsenal
  • Buffer Overflows
  • Shellcoding
  • Cryptography and Password Cracking
  • Malware
  • Network Security
  • Information Gathering
  • Scanning
  • Enumeration
  • Sniffing & MitM Attacks
  • Exploitation
  • Post Exploitation
  • Anonymity
  • Social Engineering
  • PowerShell for Pentesters
  • PowerShell Fundamentals
  • Offensive PowerShell
  • Linux Exploitation
  • Information Gathering
  • Exploitation over the Network
  • Post Exploitation
  • Web App Security
  • Information Gathering
  • Cross Site Scripting
  • SQL Injections
  • Other Common Web Attacks
  • Wi-Fi Security
  • Prerequisites
  • Environment Setup
  • Wireless Standards and Networks
  • Discover Wi-Fi Networks
  • Traffic Analysis
  • Attacking Wi-Fi Networks
  • Wi-Fi as Attack Vectors
  • Metasploit & Ruby
  • Installation and Fundamentals
  • Control Structures
  • Methods, Variables, and Scope
  • Classes, Modules, and Exceptions
  • Pentesters Prerequisites
  • Input Output
  • Network and OS Interaction
  • The Web
  • Exploitation with Ruby
  • Metasploit

Related word
  1. Hacking Apps
  2. Hack Tools For Ubuntu
  3. Hacking Tools Online
  4. Hacker Techniques Tools And Incident Handling
  5. Hak5 Tools
  6. Hacking Tools For Kali Linux
  7. Hack Website Online Tool
  8. New Hack Tools
  9. Pentest Tools Online
  10. Install Pentest Tools Ubuntu
  11. How To Install Pentest Tools In Ubuntu
  12. Pentest Tools Website
  13. Hacking Tools For Kali Linux
  14. Black Hat Hacker Tools
  15. Nsa Hack Tools
  16. Github Hacking Tools
  17. Hacker Tools Free
  18. Hack App
  19. Hacker Hardware Tools
  20. Hacker Tools Linux
  21. Pentest Tools Website
  22. Hack Website Online Tool
  23. Nsa Hacker Tools
  24. Tools 4 Hack
  25. Pentest Tools List
  26. Hacker Tools
  27. Pentest Tools Download
  28. Hacker Security Tools
  29. Hacker Tools List
  30. Hacking Tools Name
  31. Hacker
  32. Hack Tools Github
  33. Pentest Reporting Tools
  34. Growth Hacker Tools
  35. Hack Tools For Windows
  36. Pentest Tools For Mac
  37. Hacking Tools Online
  38. Hacker Tools Software
  39. Ethical Hacker Tools
  40. Hacker Tools Mac
  41. Pentest Tools Android
  42. Pentest Tools Alternative
  43. Hacking Tools 2019
  44. Hacking Tools Hardware
  45. Hack Rom Tools
  46. Pentest Tools Nmap
  47. Tools 4 Hack
  48. Wifi Hacker Tools For Windows
  49. Hacking Tools Download
  50. Pentest Tools List
  51. Hack Tools For Windows
  52. Pentest Tools For Windows
  53. Game Hacking
  54. Underground Hacker Sites
  55. Hacker Tools Github
  56. Bluetooth Hacking Tools Kali
  57. Hacking Tools
  58. Hack Tools For Pc
  59. Pentest Tools For Ubuntu
  60. Hacker Tools Mac
  61. Hacker Tools For Pc
  62. Hacking Tools
  63. Hacking Tools For Windows 7
  64. Pentest Tools
  65. Hacker Tool Kit
  66. Best Hacking Tools 2019
  67. Hacking Tools Github
  68. Hack Tools Pc
  69. Hacker Tools Github
  70. Hacks And Tools
  71. Hacker Tool Kit
  72. Pentest Tools Apk
  73. Hacker Tools Github
  74. Hacker Tools Github
  75. Pentest Tools Windows
  76. Pentest Tools Bluekeep
  77. Hacking Tools And Software
  78. Physical Pentest Tools
  79. Easy Hack Tools
  80. Android Hack Tools Github
  81. Hack Tools Online
  82. Top Pentest Tools
  83. Pentest Tools Find Subdomains
  84. Hack App
  85. Hacking Tools For Kali Linux
  86. Hacker Search Tools
  87. Hacking Tools Software
  88. Hacking Tools Mac
  89. Pentest Tools Find Subdomains
  90. Hacking Tools Download
  91. Hacking Tools For Mac
  92. Hack Tools Mac
  93. Install Pentest Tools Ubuntu
  94. Hacker Tools 2019
  95. Hack Tools For Mac
  96. Hacker Tools 2019
  97. Android Hack Tools Github
  98. Hack Apps
  99. Hack Tools Mac
  100. Hack Apps
  101. Pentest Box Tools Download
  102. Hacking Tools Kit
  103. Hacker Tools Hardware
  104. Beginner Hacker Tools
  105. World No 1 Hacker Software
  106. Pentest Tools Bluekeep
  107. Computer Hacker
  108. Hack Tools
  109. Hacker Tool Kit
  110. Hacker Tools List
  111. Hacking Tools Name
  112. Hacking Tools Hardware
  113. Hacker
  114. Pentest Tools Free
  115. Blackhat Hacker Tools
  116. Top Pentest Tools
  117. Hackers Toolbox
  118. Pentest Automation Tools
  119. Nsa Hacker Tools
  120. Wifi Hacker Tools For Windows
  121. Pentest Tools Port Scanner
  122. Pentest Tools For Android
  123. Hacker Techniques Tools And Incident Handling
  124. Hacking Tools Mac
  125. What Is Hacking Tools
  126. Pentest Tools Kali Linux
  127. Pentest Tools Tcp Port Scanner
  128. How To Make Hacking Tools
  129. Hacking Tools Mac
  130. Hacking Tools 2019
  131. Blackhat Hacker Tools
  132. Nsa Hack Tools
  133. Best Hacking Tools 2019
  134. Hacking Tools For Windows Free Download
  135. Pentest Tools Alternative
  136. Pentest Tools Bluekeep
  137. Tools For Hacker
  138. Github Hacking Tools
  139. How To Install Pentest Tools In Ubuntu
  140. Hacking Tools 2019
  141. Hacker Tools Github
  142. Pentest Tools For Ubuntu
  143. Pentest Tools Github
  144. Hack Tools
  145. Pentest Tools Website Vulnerability
  146. Hak5 Tools
  147. Hacking Tools For Games
  148. Hacking Tools Kit
  149. Hacker Tools Free Download
  150. Hacker Hardware Tools
  151. Hack Tools Mac
  152. Best Pentesting Tools 2018
  153. Hacking Tools For Windows
  154. Nsa Hack Tools Download
  155. Hacking Tools For Kali Linux
  156. Pentest Tools Framework
  157. Tools 4 Hack
  158. Pentest Tools Online
  159. Hacker Tools 2020
  160. Pentest Tools Download
  161. What Is Hacking Tools

eCPPTv2 - Penetration Testing Professional

Posted by iNoticiero No comments

 


ECPPTv2 - Penetration Testing Professional from the popular eLearnSecurity Institute and INE is advanced penetration testing training. Prerequisite for this course is completion of the eJPT course . The eCPPTv2 course is one of the most popular courses in penetration testing. This course is comparable to the SEC560 course from the SANS Institute. This course teaches network penetration testing, web penetration testing, WiFi penetration testing and wireless networks, as well as operating system penetration testing. In this course, you will gain a deep understanding of Buffer overflow and Shellcoding, Windows and Linux exploitation, Post Exploitation, Pillaging. In this course you will learn about Ruby and Powershell to carry out attacks as well as build custom Metasploit tool modules and use them to carry out attacks.


Course prerequisites

  • Beginner knowledge in networking topics, protocols used on the Internet
  • Beginner knowledge in penetration testing topics
  • Ability to read and understand code
  • Course specifications
  • Course level: Intermediate
  • Time: 66 hours and 16 minutes
  • Includes: ‌ 83 videos | 30 labs | ‌ 118 slides
  • Master: Fabrizio Siciliano
  • ECPPTv2 Course Content - Penetration Testing Professional
  • System Security
  • Architecture Fundamentals
  • Assembler Debuggers and Tool Arsenal
  • Buffer Overflows
  • Shellcoding
  • Cryptography and Password Cracking
  • Malware
  • Network Security
  • Information Gathering
  • Scanning
  • Enumeration
  • Sniffing & MitM Attacks
  • Exploitation
  • Post Exploitation
  • Anonymity
  • Social Engineering
  • PowerShell for Pentesters
  • PowerShell Fundamentals
  • Offensive PowerShell
  • Linux Exploitation
  • Information Gathering
  • Exploitation over the Network
  • Post Exploitation
  • Web App Security
  • Information Gathering
  • Cross Site Scripting
  • SQL Injections
  • Other Common Web Attacks
  • Wi-Fi Security
  • Prerequisites
  • Environment Setup
  • Wireless Standards and Networks
  • Discover Wi-Fi Networks
  • Traffic Analysis
  • Attacking Wi-Fi Networks
  • Wi-Fi as Attack Vectors
  • Metasploit & Ruby
  • Installation and Fundamentals
  • Control Structures
  • Methods, Variables, and Scope
  • Classes, Modules, and Exceptions
  • Pentesters Prerequisites
  • Input Output
  • Network and OS Interaction
  • The Web
  • Exploitation with Ruby
  • Metasploit

Related word
  1. Hacking Apps
  2. Hack Tools For Ubuntu
  3. Hacking Tools Online
  4. Hacker Techniques Tools And Incident Handling
  5. Hak5 Tools
  6. Hacking Tools For Kali Linux
  7. Hack Website Online Tool
  8. New Hack Tools
  9. Pentest Tools Online
  10. Install Pentest Tools Ubuntu
  11. How To Install Pentest Tools In Ubuntu
  12. Pentest Tools Website
  13. Hacking Tools For Kali Linux
  14. Black Hat Hacker Tools
  15. Nsa Hack Tools
  16. Github Hacking Tools
  17. Hacker Tools Free
  18. Hack App
  19. Hacker Hardware Tools
  20. Hacker Tools Linux
  21. Pentest Tools Website
  22. Hack Website Online Tool
  23. Nsa Hacker Tools
  24. Tools 4 Hack
  25. Pentest Tools List
  26. Hacker Tools
  27. Pentest Tools Download
  28. Hacker Security Tools
  29. Hacker Tools List
  30. Hacking Tools Name
  31. Hacker
  32. Hack Tools Github
  33. Pentest Reporting Tools
  34. Growth Hacker Tools
  35. Hack Tools For Windows
  36. Pentest Tools For Mac
  37. Hacking Tools Online
  38. Hacker Tools Software
  39. Ethical Hacker Tools
  40. Hacker Tools Mac
  41. Pentest Tools Android
  42. Pentest Tools Alternative
  43. Hacking Tools 2019
  44. Hacking Tools Hardware
  45. Hack Rom Tools
  46. Pentest Tools Nmap
  47. Tools 4 Hack
  48. Wifi Hacker Tools For Windows
  49. Hacking Tools Download
  50. Pentest Tools List
  51. Hack Tools For Windows
  52. Pentest Tools For Windows
  53. Game Hacking
  54. Underground Hacker Sites
  55. Hacker Tools Github
  56. Bluetooth Hacking Tools Kali
  57. Hacking Tools
  58. Hack Tools For Pc
  59. Pentest Tools For Ubuntu
  60. Hacker Tools Mac
  61. Hacker Tools For Pc
  62. Hacking Tools
  63. Hacking Tools For Windows 7
  64. Pentest Tools
  65. Hacker Tool Kit
  66. Best Hacking Tools 2019
  67. Hacking Tools Github
  68. Hack Tools Pc
  69. Hacker Tools Github
  70. Hacks And Tools
  71. Hacker Tool Kit
  72. Pentest Tools Apk
  73. Hacker Tools Github
  74. Hacker Tools Github
  75. Pentest Tools Windows
  76. Pentest Tools Bluekeep
  77. Hacking Tools And Software
  78. Physical Pentest Tools
  79. Easy Hack Tools
  80. Android Hack Tools Github
  81. Hack Tools Online
  82. Top Pentest Tools
  83. Pentest Tools Find Subdomains
  84. Hack App
  85. Hacking Tools For Kali Linux
  86. Hacker Search Tools
  87. Hacking Tools Software
  88. Hacking Tools Mac
  89. Pentest Tools Find Subdomains
  90. Hacking Tools Download
  91. Hacking Tools For Mac
  92. Hack Tools Mac
  93. Install Pentest Tools Ubuntu
  94. Hacker Tools 2019
  95. Hack Tools For Mac
  96. Hacker Tools 2019
  97. Android Hack Tools Github
  98. Hack Apps
  99. Hack Tools Mac
  100. Hack Apps
  101. Pentest Box Tools Download
  102. Hacking Tools Kit
  103. Hacker Tools Hardware
  104. Beginner Hacker Tools
  105. World No 1 Hacker Software
  106. Pentest Tools Bluekeep
  107. Computer Hacker
  108. Hack Tools
  109. Hacker Tool Kit
  110. Hacker Tools List
  111. Hacking Tools Name
  112. Hacking Tools Hardware
  113. Hacker
  114. Pentest Tools Free
  115. Blackhat Hacker Tools
  116. Top Pentest Tools
  117. Hackers Toolbox
  118. Pentest Automation Tools
  119. Nsa Hacker Tools
  120. Wifi Hacker Tools For Windows
  121. Pentest Tools Port Scanner
  122. Pentest Tools For Android
  123. Hacker Techniques Tools And Incident Handling
  124. Hacking Tools Mac
  125. What Is Hacking Tools
  126. Pentest Tools Kali Linux
  127. Pentest Tools Tcp Port Scanner
  128. How To Make Hacking Tools
  129. Hacking Tools Mac
  130. Hacking Tools 2019
  131. Blackhat Hacker Tools
  132. Nsa Hack Tools
  133. Best Hacking Tools 2019
  134. Hacking Tools For Windows Free Download
  135. Pentest Tools Alternative
  136. Pentest Tools Bluekeep
  137. Tools For Hacker
  138. Github Hacking Tools
  139. How To Install Pentest Tools In Ubuntu
  140. Hacking Tools 2019
  141. Hacker Tools Github
  142. Pentest Tools For Ubuntu
  143. Pentest Tools Github
  144. Hack Tools
  145. Pentest Tools Website Vulnerability
  146. Hak5 Tools
  147. Hacking Tools For Games
  148. Hacking Tools Kit
  149. Hacker Tools Free Download
  150. Hacker Hardware Tools
  151. Hack Tools Mac
  152. Best Pentesting Tools 2018
  153. Hacking Tools For Windows
  154. Nsa Hack Tools Download
  155. Hacking Tools For Kali Linux
  156. Pentest Tools Framework
  157. Tools 4 Hack
  158. Pentest Tools Online
  159. Hacker Tools 2020
  160. Pentest Tools Download
  161. What Is Hacking Tools

0 comentarios:

Sentry MBA is an automated account cracking tool that makes it one of the most popular cracking tools. It is used by cybercriminals to take over user accounts on major websites. With Sentry MBA, criminals can rapidly test millions of usernames and passwords to see which ones are valid on a targeted website. The tool has become incredibly popular — the Shape Security research team sees Sentry MBA attack attempts on nearly every website we protect.  Download Sentry MBA v1.4.1 latest version.

FEATURES

Sentry MBA has a point-and-click graphical user interface, online help forums, and vibrant underground marketplaces to enable large numbers of individuals to become cybercriminals. These individuals no longer need advanced technical skills, specialized equipment, or insider knowledge to successfully attack major websites.
Sentry MBA attack has three phases,
  • Targeting and attack refinement
  • Automated account check
  • Monetization
Continue reading

DOWNLOAD SENTRY MBA V1.4.1 – AUTOMATED ACCOUNT CRACKING TOOL

Posted by iNoticiero No comments

Sentry MBA is an automated account cracking tool that makes it one of the most popular cracking tools. It is used by cybercriminals to take over user accounts on major websites. With Sentry MBA, criminals can rapidly test millions of usernames and passwords to see which ones are valid on a targeted website. The tool has become incredibly popular — the Shape Security research team sees Sentry MBA attack attempts on nearly every website we protect.  Download Sentry MBA v1.4.1 latest version.

FEATURES

Sentry MBA has a point-and-click graphical user interface, online help forums, and vibrant underground marketplaces to enable large numbers of individuals to become cybercriminals. These individuals no longer need advanced technical skills, specialized equipment, or insider knowledge to successfully attack major websites.
Sentry MBA attack has three phases,
  • Targeting and attack refinement
  • Automated account check
  • Monetization
Continue reading

0 comentarios:

Disclaimer: Don't hack anything where you don't have the authorization to do so. Stay legal.

Ever since I bought my first Android device, I wanted to use the device for WEP cracking. Not because I need it, but I want it :) After some googling, I read that you can't use your WiFi chipset for packet injection, and I forgot the whole topic.

After a while, I read about hacking on tablets (this was around a year ago), and my first opinion was: 
"This is stupid, lame, and the usage of that can be very limited".

After playing one day with it, my opinion just changed: 
"This is stupid, lame, the usage is limited, but when it works, it is really funny :-)"

At the beginning I looked at the Pwn Pad as a device that can replace a pentest workstation, working at the attacker side. Boy was I wrong. Pwn Pad should be used as a pentest device deployed at the victim's side!

You have the following options:
  1. You have 1095 USD + VAT + shipping to buy this Pwn Pad
  2. You have around 200 USD to buy an old Nexus 7 tablet, a USB OTG cable, a USB WiFi dongle (e.g. TP-Link Wireless TL-WN722N USB adapter works).



In my example, I bought a used, old 2012 Nexus WiFi. Originally I bought this to play with different custom Android ROMs, and play with rooted applications. After a while, I found this Pwn Pad hype again and gave it a shot.

The Pwn Pad community edition has an easy-to-use installer, with a proper installation description. Don't forget to backup everything from your tablet before installing Pwn Pad on it!

I don't want to repeat the install guide, it is as easy as ABC. I booted a Ubuntu Live CD, installed adb and fastboot, and it was ready-to-roll. I have not measured the time, but the whole process was around 20 minutes.


The internal WiFi chipset can be used to sniff traffic or even ARP poisoning for active MiTM. But in my case, I was not able to use the internal chipset for packet injection, which means you can't use it for WEP cracking, WPA disauth, etc. This is where the external USB WiFi comes handy. And this is why we need the Pwn Pad Android ROM, and can't use an average ROM.

There are two things where Pwn Pad really rocks. The first one is the integrated drivers for the external WiFi with monitor mode and packet injection capabilities. The second cool thing is the chroot wrapper around the Linux hacking tools. Every hacking tool has a start icon, so it feels like it is a native Android application, although it is running in a chroot Kali environment.

Wifite

The first recommended app is Wifite. Think of it as a wrapper around the aircrack - airmon - airodump suite. My biggest problem with WEP cracking was that I had to remember a bunch of commands, or have the WEP cracking manual with me every time I have to crack it. It was overcomplicated. But thanks to Wifite, that is past.

In order to crack a WEP key, you have to:
  1. Start the Wifite app
  2. Choose your adapter (the USB WiFi)

  3. Choose the target network (wep_lan in the next example)
  4. Wait for a minute 
  5. PROFIT!

SSH reverse shell

This is one of the key functionalities of the Pwn Pad. You deploy the tablet at the Victim side, and let the tablet connect to your server via (tunneled) SSH.

The basic concept of the reverse shells are that an SSH tunnel is established between the Pwn Pad tablet (client) and your external SSH server (either directly or encapsulated in other tunneling protocol), and remote port forward is set up, which means on your SSH server you connect to a localport which is forwarded to the Pwn Pad and handled by the Pwn Pad SSH server.

I believe the best option would be to use the reverse shell over 3G, and let the tablet connect to the victim network through Ethernet or WiFi. But your preference might vary. The steps for reverse shells are again well documented in the documentation, except that by default you also have to start the SSH server on the Pwn Pad. It is not hard, there is an app for that ;-) On your external SSH server you might need to install stunnel and ptunnel if you are not using Kali. The following output shows what you can see on your external SSH server after successful reverse shell.

root@myserver:/home/ubuntu# ssh -p 3333 pwnie@localhost The authenticity of host '[localhost]:3333 ([127.0.0.1]:3333)' can't be established. ECDSA key fingerprint is 14:d4:67:04:90:30:18:a4:7a:f6:82:04:e0:3c:c6:dc. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[localhost]:3333' (ECDSA) to the list of known hosts. pwnie@localhost's password:   _____      ___  _ ___ ___   _____  _____ ___ ___ ___ ___  | _ \ \    / / \| |_ _| __| | __\ \/ / _ \ _ \ __/ __/ __|  |  _/\ \/\/ /| .` || || _|  | _| >  <|  _/   / _|\__ \__ \  |_|   \_/\_/ |_|\_|___|___| |___/_/\_\_| |_|_\___|___/___/   Release Version: 1.5.5  Release Date: 2014-01-30  Copyright 2014 Pwnie Express. All rights reserved.   By using this product you agree to the terms of the Rapid Focus  Security EULA: http://pwnieexpress.com/pdfs/RFSEULA.pdf   This product contains both open source and proprietary software.  Proprietary software is distributed under the terms of the EULA.  Open source software is distributed under the GNU GPL:  http://www.gnu.org/licenses/gpl.html  pwnie@localhost:~$ 

Now you have a shell on a machine that is connected to the victim network. Sweet :) Now Metasploit really makes sense on the tablet, and all other command-line tools.

EvilAP and DSniff

Start EvilAP (it is again a wrapper around airobase), choose interface (for me the Internal Nexus Wifi worked), enter an SSID (e.g freewifi), enter channel, choose whether force all clients to connect to you or just those who really want to connect to you, and start.


The next step is to start DSniff, choose interface at0, and wait :) In this example, I used a popular Hungarian webmail, which has a checkbox option for "secure" login (with default off). There are sooo many problems with this approach, e.g. you can't check the certificate before connecting, and the login page is delivered over HTTP, so one can disable the secure login checkbox seamlessly in the background, etc. In this case, I left the "secure" option on default off.



In the next tutorial, I'm going to show my next favorite app, DSploit ;)

Lessons learned

Hacking has been never so easy before
In a home environment, only use WPA2 PSK
Choose a long, nondictionary passphrase as the password for WPA2
Don't share your WiFi passwords with people you don't trust, or change it when they don't need it anymore
Don't let your client device auto-connect to WiFi stations, even if the SSID looks familiar

I believe during an engagement a Pwn Plug has better "physical cloaking" possibilities, but playing with the Pwn Pad Community Edition really gave me fun moments.

And last but not least I would like to thank to the Pwn Pad developers for releasing the Community Edition!

More articles
  1. Pentest Tools Port Scanner
  2. Hacking Tools For Windows
  3. Hacker Tools 2020
  4. Hacker
  5. Hack Tools Pc
  6. Hacker Tools Apk
  7. Nsa Hack Tools Download
  8. Hacking Tools For Games
  9. Hacker Tools List
  10. Hack Tools Online
  11. Pentest Tools Online
  12. Hack Apps
  13. Hacker Tools Github
  14. Pentest Tools
  15. Pentest Box Tools Download
  16. Hacking Tools 2020
  17. Hacking Tools Github
  18. Hacker Tools
  19. Nsa Hack Tools Download
  20. Best Hacking Tools 2020
  21. Pentest Tools Github
  22. Hacker Tools Free
  23. Hacker
  24. Install Pentest Tools Ubuntu
  25. Pentest Tools Linux
  26. Game Hacking
  27. Hak5 Tools
  28. Hack Apps
  29. Hacking Tools Mac
  30. Hack Tools Online
  31. Pentest Tools For Ubuntu
  32. Hacking Tools And Software
  33. Easy Hack Tools
  34. Hacks And Tools
  35. Hacking Tools And Software
  36. Pentest Box Tools Download
  37. Hacker Tools 2019
  38. Hacking Tools
  39. Hacking Tools For Windows Free Download
  40. New Hack Tools
  41. Hacking Tools Hardware
  42. Pentest Tools Online
  43. Pentest Tools Online
  44. Pentest Tools Github
  45. Hack Tools Mac
  46. What Are Hacking Tools
  47. Pentest Tools Framework
  48. Pentest Tools Find Subdomains
  49. Hacker Tools Windows
  50. Hacker Tools Online
  51. Bluetooth Hacking Tools Kali
  52. Hack Tool Apk No Root
  53. Hacking Tools For Kali Linux
  54. Hacking Tools 2019
  55. Hacker Techniques Tools And Incident Handling
  56. Growth Hacker Tools
  57. Pentest Tools Alternative
  58. Pentest Tools Review
  59. Hacker Techniques Tools And Incident Handling
  60. Pentest Tools Nmap
  61. Pentest Tools Online
  62. Tools Used For Hacking
  63. Best Hacking Tools 2019
  64. Top Pentest Tools
  65. Hacker Tools Apk
  66. Growth Hacker Tools
  67. How To Hack
  68. Pentest Tools Github
  69. Hacker Tools List
  70. Pentest Tools Android
  71. Hack Tools Download
  72. Hacker Tools Software
  73. Ethical Hacker Tools
  74. Hacker Techniques Tools And Incident Handling
  75. New Hacker Tools
  76. Pentest Tools Windows
  77. Pentest Tools Find Subdomains
  78. Hacker Tools Apk Download
  79. Hacking Tools For Windows Free Download
  80. Pentest Tools List
  81. Pentest Tools Website
  82. Bluetooth Hacking Tools Kali
  83. How To Make Hacking Tools
  84. Pentest Tools Github
  85. Hack Tools Github
  86. Kik Hack Tools
  87. Hacking Tools For Pc
  88. What Is Hacking Tools
  89. Tools For Hacker
  90. Best Hacking Tools 2019
  91. Hack Tools Mac
  92. Free Pentest Tools For Windows
  93. Hacker Tools Linux
  94. Pentest Tools Bluekeep
  95. Hack Website Online Tool
  96. Pentest Tools Windows
  97. Pentest Tools Nmap
  98. Hacker Tools Github
  99. Hacking App
  100. Top Pentest Tools
  101. Hacker Tools Software
  102. Install Pentest Tools Ubuntu
  103. Hacker Tools Mac
  104. Hacking Apps
  105. Free Pentest Tools For Windows
  106. Pentest Tools Android
  107. Hack Tools 2019
  108. Hack Tools Pc
  109. New Hacker Tools
  110. Android Hack Tools Github
  111. Hacker Tools 2019
  112. Blackhat Hacker Tools
  113. Hack Tools For Pc
  114. Hacker Tools Mac
  115. Pentest Tools Kali Linux
  116. Hacking Tools For Windows Free Download
  117. Pentest Tools Website
  118. Hacker Techniques Tools And Incident Handling
  119. Hack Tools For Pc
  120. Install Pentest Tools Ubuntu
  121. World No 1 Hacker Software

WiFi Hacking On Tablets

Posted by iNoticiero No comments

Disclaimer: Don't hack anything where you don't have the authorization to do so. Stay legal.

Ever since I bought my first Android device, I wanted to use the device for WEP cracking. Not because I need it, but I want it :) After some googling, I read that you can't use your WiFi chipset for packet injection, and I forgot the whole topic.

After a while, I read about hacking on tablets (this was around a year ago), and my first opinion was: 
"This is stupid, lame, and the usage of that can be very limited".

After playing one day with it, my opinion just changed: 
"This is stupid, lame, the usage is limited, but when it works, it is really funny :-)"

At the beginning I looked at the Pwn Pad as a device that can replace a pentest workstation, working at the attacker side. Boy was I wrong. Pwn Pad should be used as a pentest device deployed at the victim's side!

You have the following options:
  1. You have 1095 USD + VAT + shipping to buy this Pwn Pad
  2. You have around 200 USD to buy an old Nexus 7 tablet, a USB OTG cable, a USB WiFi dongle (e.g. TP-Link Wireless TL-WN722N USB adapter works).



In my example, I bought a used, old 2012 Nexus WiFi. Originally I bought this to play with different custom Android ROMs, and play with rooted applications. After a while, I found this Pwn Pad hype again and gave it a shot.

The Pwn Pad community edition has an easy-to-use installer, with a proper installation description. Don't forget to backup everything from your tablet before installing Pwn Pad on it!

I don't want to repeat the install guide, it is as easy as ABC. I booted a Ubuntu Live CD, installed adb and fastboot, and it was ready-to-roll. I have not measured the time, but the whole process was around 20 minutes.


The internal WiFi chipset can be used to sniff traffic or even ARP poisoning for active MiTM. But in my case, I was not able to use the internal chipset for packet injection, which means you can't use it for WEP cracking, WPA disauth, etc. This is where the external USB WiFi comes handy. And this is why we need the Pwn Pad Android ROM, and can't use an average ROM.

There are two things where Pwn Pad really rocks. The first one is the integrated drivers for the external WiFi with monitor mode and packet injection capabilities. The second cool thing is the chroot wrapper around the Linux hacking tools. Every hacking tool has a start icon, so it feels like it is a native Android application, although it is running in a chroot Kali environment.

Wifite

The first recommended app is Wifite. Think of it as a wrapper around the aircrack - airmon - airodump suite. My biggest problem with WEP cracking was that I had to remember a bunch of commands, or have the WEP cracking manual with me every time I have to crack it. It was overcomplicated. But thanks to Wifite, that is past.

In order to crack a WEP key, you have to:
  1. Start the Wifite app
  2. Choose your adapter (the USB WiFi)

  3. Choose the target network (wep_lan in the next example)
  4. Wait for a minute 
  5. PROFIT!

SSH reverse shell

This is one of the key functionalities of the Pwn Pad. You deploy the tablet at the Victim side, and let the tablet connect to your server via (tunneled) SSH.

The basic concept of the reverse shells are that an SSH tunnel is established between the Pwn Pad tablet (client) and your external SSH server (either directly or encapsulated in other tunneling protocol), and remote port forward is set up, which means on your SSH server you connect to a localport which is forwarded to the Pwn Pad and handled by the Pwn Pad SSH server.

I believe the best option would be to use the reverse shell over 3G, and let the tablet connect to the victim network through Ethernet or WiFi. But your preference might vary. The steps for reverse shells are again well documented in the documentation, except that by default you also have to start the SSH server on the Pwn Pad. It is not hard, there is an app for that ;-) On your external SSH server you might need to install stunnel and ptunnel if you are not using Kali. The following output shows what you can see on your external SSH server after successful reverse shell.

root@myserver:/home/ubuntu# ssh -p 3333 pwnie@localhost The authenticity of host '[localhost]:3333 ([127.0.0.1]:3333)' can't be established. ECDSA key fingerprint is 14:d4:67:04:90:30:18:a4:7a:f6:82:04:e0:3c:c6:dc. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[localhost]:3333' (ECDSA) to the list of known hosts. pwnie@localhost's password:   _____      ___  _ ___ ___   _____  _____ ___ ___ ___ ___  | _ \ \    / / \| |_ _| __| | __\ \/ / _ \ _ \ __/ __/ __|  |  _/\ \/\/ /| .` || || _|  | _| >  <|  _/   / _|\__ \__ \  |_|   \_/\_/ |_|\_|___|___| |___/_/\_\_| |_|_\___|___/___/   Release Version: 1.5.5  Release Date: 2014-01-30  Copyright 2014 Pwnie Express. All rights reserved.   By using this product you agree to the terms of the Rapid Focus  Security EULA: http://pwnieexpress.com/pdfs/RFSEULA.pdf   This product contains both open source and proprietary software.  Proprietary software is distributed under the terms of the EULA.  Open source software is distributed under the GNU GPL:  http://www.gnu.org/licenses/gpl.html  pwnie@localhost:~$ 

Now you have a shell on a machine that is connected to the victim network. Sweet :) Now Metasploit really makes sense on the tablet, and all other command-line tools.

EvilAP and DSniff

Start EvilAP (it is again a wrapper around airobase), choose interface (for me the Internal Nexus Wifi worked), enter an SSID (e.g freewifi), enter channel, choose whether force all clients to connect to you or just those who really want to connect to you, and start.


The next step is to start DSniff, choose interface at0, and wait :) In this example, I used a popular Hungarian webmail, which has a checkbox option for "secure" login (with default off). There are sooo many problems with this approach, e.g. you can't check the certificate before connecting, and the login page is delivered over HTTP, so one can disable the secure login checkbox seamlessly in the background, etc. In this case, I left the "secure" option on default off.



In the next tutorial, I'm going to show my next favorite app, DSploit ;)

Lessons learned

Hacking has been never so easy before
In a home environment, only use WPA2 PSK
Choose a long, nondictionary passphrase as the password for WPA2
Don't share your WiFi passwords with people you don't trust, or change it when they don't need it anymore
Don't let your client device auto-connect to WiFi stations, even if the SSID looks familiar

I believe during an engagement a Pwn Plug has better "physical cloaking" possibilities, but playing with the Pwn Pad Community Edition really gave me fun moments.

And last but not least I would like to thank to the Pwn Pad developers for releasing the Community Edition!

More articles
  1. Pentest Tools Port Scanner
  2. Hacking Tools For Windows
  3. Hacker Tools 2020
  4. Hacker
  5. Hack Tools Pc
  6. Hacker Tools Apk
  7. Nsa Hack Tools Download
  8. Hacking Tools For Games
  9. Hacker Tools List
  10. Hack Tools Online
  11. Pentest Tools Online
  12. Hack Apps
  13. Hacker Tools Github
  14. Pentest Tools
  15. Pentest Box Tools Download
  16. Hacking Tools 2020
  17. Hacking Tools Github
  18. Hacker Tools
  19. Nsa Hack Tools Download
  20. Best Hacking Tools 2020
  21. Pentest Tools Github
  22. Hacker Tools Free
  23. Hacker
  24. Install Pentest Tools Ubuntu
  25. Pentest Tools Linux
  26. Game Hacking
  27. Hak5 Tools
  28. Hack Apps
  29. Hacking Tools Mac
  30. Hack Tools Online
  31. Pentest Tools For Ubuntu
  32. Hacking Tools And Software
  33. Easy Hack Tools
  34. Hacks And Tools
  35. Hacking Tools And Software
  36. Pentest Box Tools Download
  37. Hacker Tools 2019
  38. Hacking Tools
  39. Hacking Tools For Windows Free Download
  40. New Hack Tools
  41. Hacking Tools Hardware
  42. Pentest Tools Online
  43. Pentest Tools Online
  44. Pentest Tools Github
  45. Hack Tools Mac
  46. What Are Hacking Tools
  47. Pentest Tools Framework
  48. Pentest Tools Find Subdomains
  49. Hacker Tools Windows
  50. Hacker Tools Online
  51. Bluetooth Hacking Tools Kali
  52. Hack Tool Apk No Root
  53. Hacking Tools For Kali Linux
  54. Hacking Tools 2019
  55. Hacker Techniques Tools And Incident Handling
  56. Growth Hacker Tools
  57. Pentest Tools Alternative
  58. Pentest Tools Review
  59. Hacker Techniques Tools And Incident Handling
  60. Pentest Tools Nmap
  61. Pentest Tools Online
  62. Tools Used For Hacking
  63. Best Hacking Tools 2019
  64. Top Pentest Tools
  65. Hacker Tools Apk
  66. Growth Hacker Tools
  67. How To Hack
  68. Pentest Tools Github
  69. Hacker Tools List
  70. Pentest Tools Android
  71. Hack Tools Download
  72. Hacker Tools Software
  73. Ethical Hacker Tools
  74. Hacker Techniques Tools And Incident Handling
  75. New Hacker Tools
  76. Pentest Tools Windows
  77. Pentest Tools Find Subdomains
  78. Hacker Tools Apk Download
  79. Hacking Tools For Windows Free Download
  80. Pentest Tools List
  81. Pentest Tools Website
  82. Bluetooth Hacking Tools Kali
  83. How To Make Hacking Tools
  84. Pentest Tools Github
  85. Hack Tools Github
  86. Kik Hack Tools
  87. Hacking Tools For Pc
  88. What Is Hacking Tools
  89. Tools For Hacker
  90. Best Hacking Tools 2019
  91. Hack Tools Mac
  92. Free Pentest Tools For Windows
  93. Hacker Tools Linux
  94. Pentest Tools Bluekeep
  95. Hack Website Online Tool
  96. Pentest Tools Windows
  97. Pentest Tools Nmap
  98. Hacker Tools Github
  99. Hacking App
  100. Top Pentest Tools
  101. Hacker Tools Software
  102. Install Pentest Tools Ubuntu
  103. Hacker Tools Mac
  104. Hacking Apps
  105. Free Pentest Tools For Windows
  106. Pentest Tools Android
  107. Hack Tools 2019
  108. Hack Tools Pc
  109. New Hacker Tools
  110. Android Hack Tools Github
  111. Hacker Tools 2019
  112. Blackhat Hacker Tools
  113. Hack Tools For Pc
  114. Hacker Tools Mac
  115. Pentest Tools Kali Linux
  116. Hacking Tools For Windows Free Download
  117. Pentest Tools Website
  118. Hacker Techniques Tools And Incident Handling
  119. Hack Tools For Pc
  120. Install Pentest Tools Ubuntu
  121. World No 1 Hacker Software

0 comentarios:

Latest Tweets

What they says

© 2013 ECOLOGÍA. WP Theme-junkie converted by BloggerTheme9
Blogger templates. Proudly Powered by Blogger.
back to top