Thursday, January 24, 2013

Cracking WEP Networks with KisMAC+aircrack-ng on Mac OS X Lion

Cracking WEP Networks with KisMAC+aircrack-ng on Mac OS X Lion

UPDATE 12-5-12: Thanks to a reader (see comments below), I've gotten my hands on a version of KisMAC that works on Mac OS X Mountain Lion! While it may be a beta version, it does at least run and collect unique IVs from my Airport Extreme card, and I'm able to use the data in aircrack-ng. Download it here: https://s3.amazonaws.com/kismac2/KisMac2.zip

Your situation: You've spent endless hours researching/experimenting with cracking your own personal WEP encrypted wireless network and you just can't seem to get it accomplished. You don't necessarily have state-of-the-art equipment (other than your super fine Macbook/Macbook Pro), and you can't run other alternatives such as Backtrack 5. You're stuck with KisMAC although it's outdated software. It just so happens you're still in luck. All you need are a couple extra tools and some tips that aren't usually discussed anywhere else.

What you need:
  • KisMAC - the latest version is currently 0.3.3
  • MacPorts - I downloaded the disk image for Lion
Go ahead and install KisMAC and MacPorts (standard installation with defaults is fine). You may need to see the MacPorts installation instructions if you don't already have Apple's developer tools installed. Once MacPorts is installed, you can install the last piece of the puzzle (and most important): aircrack-ng. Just run this command in terminal:
sudo port install aircrack-ng
If you get an error, you may need to update your MacPorts sources:
sudo port selfupdate
Once aircrack-ng is installed, you're ready to go. You should already be familiar with basic KisMAC usage, so if you're not, refer to some beginner tutorials on it first. This guide is targeted at some of the "gotchas" of using KisMAC and aircrack-ng. To briefly get KisMAC set up:
  1. Open KisMAC
  2. Go to Preferences -> Driver
  3. Add your first card (mine was the Airport Extreme passive mode)
  4. Select the channel the target AP is on (if you don't already know this, refer to beginner docs
  5. If the card is used for injection, select the "use as primary device" option
  6. Select "Keep everything" in the Dump Filter settings and select a location to save the dump files
  7. Add your second card and repeat steps 4-6
I recommend that you keep dump files from both cards stored in the same folder (an empty folder somewhere).

Now it's time to start sniffing. Click "Start Scan" and watch as data starts coming in. Double click on the target AP in the list and click Network -> Reinject Packets to start packet reinjection and quickly generate unique IVs. You should see the Unique IV count climb.

The last step is to start aircrack-ng. Open Terminal and type:
aircrack-ng -b
I selected the ~/Desktop/aircrack/ folder to store my KisMAC dumps, so my example would be something like:
aircrack-ng -b 00:00:00:00:00:00 ~/Desktop/aircrack/*
Of course you need to enter the bssid of the target AP after the -b flag. Aircrack-ng should load up any dump files in that directory and start cracking. It will automatically attempt to crack every 5000 IVs, so you don't have to even worry about rerunning it.

Now for the tips that it took me hours to discover:
  1. aircrack-ng can use multiple dump files, so you can stop/start KisMAC all you want and create multiple files. Just use the asterisk like I did in my aircrack-ng example above. You could even do something like ~/Desktop/Dump* to get all the files that begin with "Dump".
  2. If you encounter errors in aircrack-ng about a corrupt file or incorrect packet length, the problem is that KisMAC is dumping management and control packets too. We really only need data packets, so you can go back in the Preferences -> Driver section and instead of selecting "Keep Everything", you can select "Data Only". This should correct the errors.
  3. If you notice that the number of IVs in KisMAC is drastically greater than those showing in aircrack-ng, do tip 2 above. If that doesn't fix it, make sure you are saving dumps from all of your devices.
Once I figured that out, I was able to crack my network in under 5 minutes with only 15,000 unique IVs.

Happy cracking and remember to only experiment on network you own or have permission to crack.
Posted by at 3 comments:

Friday, December 14, 2012

修改DNS地址,直接看奇异、搜狐、PPTV、优酷、电视直播

Apple TV上的设置DNS的方法: 
(首先需连接上家里的网络,进入设置 -> 通用 -> 网络) 
1.进入设置 -> 通用 -> 时区改为自动 
2.进入设置 -> iTunes Store -> 位置 -> United States美国(如主屏幕没有出现很多图标,请尝试选择Hong Kong香港 
3.修改DNS地址改为: 180.153.225.136(IP地址/子网掩码/路由器地址,点“完成”,不用更改,) 
5.0 - 5.0.2版本 手动

5.1版本 
WiFi接入) 		进入WiFi -> 您的WiFi名称-> 手动配置DNS 
5.1版本 
网线接入) 		以太网-> 手动配置DNS
Apple TV当前的软件版本信息从这样查询。(设置 -> 通用 -> 关于 -> 软件版本) 
4.最后连续按menu键退出返回到桌面,进入“预告片程序图标里面就可以观看了。 
   
感谢DNS服务器的多位提供者(TTvast、missle、LSL、坚果壳在线)无偿提供此项服务。 
DNS服务器地址宽带用户 
优先选择 		说明 个人直播功能 服务器 
所在地 
180.153.225.136电信主推荐,可“友情连接”到其他DNS服务器 ,可添加 上海
211.151.45.4网通、联通主推荐,可“友情连接”到其他DNS服务器,可添加北京
210.129.145.150海外
,可添加国外
111.68.8.179海外次推荐,可“友情连接”到其他DNS服务器,可添加香港
58.215.188.82电信

江苏

自己PING 相应的DNS服务器,哪个快用哪个! 

注意: 
1.Apple TV会提示有6.0新版本更新提示,建议不要更新,没有任何新功能,否则需要重新改DNS,保持原状即可。 
2.如设置DNS后,没有“预告片”程序图标或奇异等可播放的视频内容,请尝试重启Apple TV。(设置 -> 通用 -> 重新启动) 
3.移动、铁通、长宽等第三方宽带运营商的用户设置不成功,可以尝试更换以上DNS地址。 
4.如设置不成功,请进入设置 -> 通用 -> 还原 -> 还原所有设置,重新设置每一个步骤。 
5.如进入设置 -> iTunes Store -> 位置下是空的(无法选择国家),您可能需要将TV降级至5.02版本 
降级教程参考链接:http://bangpai.taobao.com/group/thread/15040729-277979858.htm?spm=0.0.0.75.IGVZiy 
6.如使用宽带运营商赠送的路由器,可能会限制DNS功能(仅很少用户反馈)。不管如何,我们还是建议增加一个自已的无线路由器。 
7.建议用户根据自已的宽带类型来优先选择DNS地址,否则可能会出现片源响应速度缓慢,播放中断等不稳定现象。 
8.因为这些DNS服务器不是我们在管理和维护,节目内容随时会无法正常观看,所以只有等待自动修复。 

IOS 5.0的设置界面:(注意把IP地址、子网掩码、路由器地址直接选择“完成”跳过。) 
 

  

IOS 6.0的设置界面:直接配置DNS为手动更改就好了,更方便了。 
    
配置完成DNS地址后,按Menu键退到桌面,进入“预告片程序图标”即可。 
   
会出现很多‘视频’和‘功能菜单’的图标。 

 


-------------------------------------------------------------------------------------------------------- 

预告片中如何添加自定义的个人播放地址? 
1. 进入预告片 -> “菜单” -> 登入/注册账户 
 

   
   

2.电脑上打开这个网址:www.atvttvv.net,使用刚才注册的账户登录,之后就可以编辑个人链接,在“链接列表(名字 地址)”,把下列所有的地址全部复制你粘贴进去,更新列表。(服务器列表不更改) 

3最后在“预告片” -> 个人”就可以看到播放列表。(未添加直播地址,里面是空的)

-------------------------------------------------------------------------------------------------------------- 
个人 如何添加“优酷”? 
1. 首先在优酷选好想看的影片,通过优酷HTML5m3u8工具转换得到m3u8地址, 
2. 然后进入http://www.atvttvv.net/ 把生成的m3u8地址复制到自已的列表中。 
3. 最后Apple TV打开“预告片” -> 进入“个人” -> 进入“个人链接”,就可以看到播放列表。 

以20120810康熙来了为例: 
在优酷的地址为  http://v.youku.com/v_show/id_XNDM3NjQxNDYw.html 
通过转换m3u8,地址为  http://v.youku.com/player/getRealM3U8/vid/XNDM3NjQxNDYw/type//video.m3u8 

优酷HTML5m3u8工具 (下载地址) 
http://www.kuaipan.cn/file/id_37757727514034255.htm 


Posted by at No comments:

Sunday, December 2, 2012

Install jDownloader on Synology NAS

Well, These are the steps I've followed to run jdownlodaer into my ds1812+, please understand my poor english :mrgreen: 

** Install bootstap: just follow these steps from viewtopic.php?f=77&t=48780

1: If you havent enabled ssh earlier, do so in «ControlPanel--->Terminal» and check «Enable SSH service»

2: Connect to youre NAS over SSH (terminal in mac/linux or Putty for Windows) as «root». The password is the same as for «admin»

3: Change to the folder «/volume1/»

4: Download the bootstrap for intel based NAS by typing:
«wget http://ipkg.nslu2-linux.org/feeds/optwa ... 7_i686.xsh»

5: Make the file runable by typing «chmod +x syno-i686-bootstrap_1.2-7_i686.xsh

6: Run it: «sh syno-i686-bootstrap_1.2-7_i686.xsh»

7: Then its finished, change to / by typing «cd /» and then make an symlink by typing «ln -s /volume1/@optware /opt»


8: Use the «vi» editor to edit the file «/etc/profile» («vi /etc/profile») and check that «PATH=/opt/bin:/opt/sbin:$PATH» is in the file. If not, add it to the end of the file. Save and quit «vi»

9: Use «vi» again to edit the file «/root/.profile» («vi /root/.profile») and add and # on the following lines:

#PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/syno/sbin:/usr/syno/bin:/usr/local/sbin:/usr/local/bin
#export PATH

10: Reboot youre NAS by typing «reboot»

11: After the NAS have started, ssh to it again.

** Install chroot debian: You need one debian virtual machine to create the chroot environment, commands with VM prefix belong to Virtual Machine, commands with SN belong to SyNology and commands with DB belong to debian:

1.- Create the folders for the environment:
VM$ mkdir -p /var/tmp/chroottarget
SN$ mkdir -p /volume1/debian

2.- Download bootstrap and install it:
VM$ wget http://ftp.es.debian.org/debian/pool/ma ... 42_all.deb
VM$ dpkg -i debootstrap_1.0.42_all.deb

3.- Download debian environment:
VM$ debootstrap --foreign --arch amd64 squeezey chroottarget "http://ftp.es.debian.org/debian"

4.- Compress it and copy into your synology:
VM$ tar -czf chroottarget.tar.gz chroottarget

5.- Uncompress it:
SN$ tar -xzf chroottarget.tar.gz

6.- Configure it:
SN$ cp /etc/resolv.conf /volume1/debian/etc
SN$ echo `hostname` > /volume1/debian/etc/hostname
SN$ mount -o bind /proc /volume1/debian/proc

7.- Jump into the jail :)
SN$ chroot debian /bin/bash
SN$ echo "deb ftp://ftp.es.debian.org/debian stable main contrib non-free" > /etc/apt/sources.list
SN$ apt-get update

** Install VNC and JDownloader

1.- Install and configure VNC server:
DB$ apt-get install vnc4server
DB$ vnc4server

2.- Install java:
DB$ apt-get install openjdk-6-jre

3.- Download and run jdownloader:
DB$ wget http://installer.jdownloader.org/jd_unix_0_9.sh
DB$ chmod +x jd_unix_0_9.sh
DB$ ./jd_unix_0_9.sh

4.- Access to jdowloader via vnc client and activate web mode (if you want...)

5.- Enjoy!!!!
---------------------------

If your nas doesn't has a x86 proccesor, you have to do this after you copy your debian from your virtual machine to your nas
Code: Select all

chroot debian /debootstrap/debootstrap --second-stage
Posted by at 2 comments:
Subscribe to: Posts (Atom)