tag:blogger.com,1999:blog-3500917063499850097.comments2023-04-17T15:20:23.244+02:00Mathy VanhoefMathyhttp://www.blogger.com/profile/12266874794108836514noreply@blogger.comBlogger153125tag:blogger.com,1999:blog-3500917063499850097.post-15280715345368379222017-12-06T10:29:08.529+01:002017-12-06T10:29:08.529+01:00This comment has been hidden from the blog.Leigh Hnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-7445140197012049002017-11-20T20:04:49.490+01:002017-11-20T20:04:49.490+01:00This comment has been hidden from the blog.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-58828987360569910742017-10-19T11:34:09.674+02:002017-10-19T11:34:09.674+02:00Could you please tell me where i can download Eila...Could you please tell me where i can download Eilam's Cryptex tool?<br />I looked for the tool among the downloads for the book on wiley's website, but it was missing.davehttps://www.blogger.com/profile/03002445624972325294noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-64330214156243446812017-10-17T11:56:48.336+02:002017-10-17T11:56:48.336+02:00If your version of Windows 10 does not give you th...If your version of Windows 10 does not give you the option to edit group policies (like mine), you can make this setting in the registry:<br /><br />regedit<br />Browse to HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\System and either set DontDisplayNetworkSelectionUI to 1 or create a new DWORD(32-bit) and set that to 1. Tested and verified.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-44515317910725044472017-10-16T14:27:19.691+02:002017-10-16T14:27:19.691+02:00Both won't make the computer connect automatic...Both won't make the computer connect automatically after the attacker is gone. When the attacker makes the computer connect automatically to a Wifi network, there's a risk of connecting to a malicious network without noticing.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-47425487219023716662017-10-16T08:21:41.363+02:002017-10-16T08:21:41.363+02:00Well, you can also plug-in an Ethernet Cable or an...Well, you can also plug-in an Ethernet Cable or an USB Ethernet Adapter. That is a general risk and not new at all!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-57131392049537685692017-08-16T16:11:07.536+02:002017-08-16T16:11:07.536+02:00Hi yar1k,
Some general remarks.
First, the react...Hi yar1k,<br /><br />Some general remarks.<br /><br />First, the reactive jammer only targets beacons. Missed beacons will not show up in the TX statistics. I also doubt they will show up in the RX statistics.<br /><br />Second, the jammer should be physically close to the victim, and the access point should be relatively far away. This is to assure the jammer can overpower the signal of the access point (in reference to the victim).<br /><br />Finally, to confirm if the reactive jammer is working, I recommend using another WiFi interface. Put it in monitor mode, and right next to the victim. Then see whether beacons are received or corrupted.<br /><br />- MathyMathyhttps://www.blogger.com/profile/12266874794108836514noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-41396161232654577152017-08-15T21:19:55.082+02:002017-08-15T21:19:55.082+02:00modwifi@ubuntu:~/modwifi/tools$ sudo rfkill unbloc...modwifi@ubuntu:~/modwifi/tools$ sudo rfkill unblock wifi<br />[sudo] password for modwifi: <br />modwifi@ubuntu:~/modwifi/tools$ sudo iw wlan1 set type monitor<br />modwifi@ubuntu:~/modwifi/tools$ sudo ifconfig wlan1 up<br />modwifi@ubuntu:~/modwifi/tools$ sudo iw wlan1 set channel 11<br />modwifi@ubuntu:~/modwifi/tools$ sudo ./reactivejam -i wlan1 -s "dom"<br />Jamming 02:1b:11:76:5c:80 SSID dom<br /><br /> >> Press CTRL+C to exit << <br /><br />=========== JAMMING =============<br />=========== JAMMING =============<br />=========== JAMMING =============<br />...<br /><br />Determined the MAC AP correctly!<br />At this time in the second terminal:<br /><br />-----dmesg-skip-start-----<br />[ 1568.321135] ath9k_htc: Reactively jamming 2:1b:11:76:5c:80 for 30000 miliseconds<br />[ 1598.217716] ath9k_htc: Reactively jamming 2:1b:11:76:5c:80 for 30000 miliseconds<br />[ 1628.110949] ath9k_htc: Reactively jamming 2:1b:11:76:5c:80 for 30000 miliseconds<br />[ 1658.003324] ath9k_htc: Reactively jamming 2:1b:11:76:5c:80 for 30000 miliseconds<br />[ 1687.906342] ath9k_htc: Reactively jamming 2:1b:11:76:5c:80 for 30000 miliseconds<br />[ 1717.805230] ath9k_htc: Reactively jamming 2:1b:11:76:5c:80 for 30000 miliseconds<br />...<br /><br />modwifi@ubuntu:~/modwifi/tools$ ip -s link ls wlan1<br />3: wlan1: mtu 1500 qdisc mq state UNKNOWN mode DEFAULT group default <br /><br />qlen 1000<br /> link/ieee802.11/radiotap 14:cc:20:19:38:cc brd ff:ff:ff:ff:ff:ff<br /> RX: bytes packets errors dropped overrun mcast <br /> 732832 1618 0 1604 0 0 <br /> TX: bytes packets errors dropped carrier collsns <br /> 0 0 0 0 0 0 <br />modwifi@ubuntu:~/modwifi/tools$ <br /><br />The TX statistics remain equal to 0.<br />The access point continues to work successfully.<br />Jamming not work :(<br />yar1knoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-86943727339527576302017-08-15T21:18:57.389+02:002017-08-15T21:18:57.389+02:00Hi. Many thanks for the work done.
I try to work w...Hi. Many thanks for the work done.<br />I try to work with modwifi and it does not work ...<br /><br />What equipment do I use:<br />1. TLWN722N v.1 + notebook HP, Host Debian jessie + VMware 12.5 + Xubuntu-Modwifi (official image)<br /><br />2. TLWN722N v.1 (another adapter, but also v.1 - atheros chip) + PC Asus, Host Windows 7 + VMware 12.5 + Xubuntu-Modwifi <br /><br />(official image)<br /><br />3. TLWN722N v.1 + notebook HP, Host Debian jessie + Virtualbox + Xubuntu I installed the system with the kernel 4.4 + <br /><br />modwifi-4.4-1.tar.gz (installed in the official manual, the drivers (fw) are replaced!)<br /><br /><br />In all cases, the situation is identical to each other.<br />When connecting (by transferring from the host machine to the guest):<br /><br />-----dmesg-skip-start-----<br />[ 87.396805] usb 2-1: new full-speed USB device number 2 using uhci_hcd<br />[ 88.457141] usb 2-1: New USB device found, idVendor=0e0f, idProduct=0003<br />[ 88.457171] usb 2-1: New USB device strings: Mfr=1, Product=2, SerialNumber=0<br />[ 88.457197] usb 2-1: Product: VMware Virtual USB Mouse<br />[ 88.457221] usb 2-1: Manufacturer: VMware<br />[ 88.567773] hidraw: raw HID events driver (C) Jiri Kosina<br />[ 88.587309] usbcore: registered new interface driver usbhid<br />[ 88.587332] usbhid: USB HID core driver<br />[ 88.590842] usb 2-2: new full-speed USB device number 3 using uhci_hcd<br />[ 88.603026] input: VMware VMware Virtual USB Mouse as /devices/pci0000:00/0000:00:11.0/0000:02:00.0/usb2/2-1/2-<br /><br />1:1.0/input/input4<br />[ 88.613990] hid-generic 0003:0E0F:0003.0001: input,hidraw0: USB HID v1.10 Mouse [VMware VMware Virtual USB Mouse] on <br /><br />usb-0000:02:00.0-1/input0<br />[ 88.731601] usb 2-2: New USB device found, idVendor=0e0f, idProduct=0002<br />[ 88.731610] usb 2-2: New USB device strings: Mfr=0, Product=1, SerialNumber=0<br />[ 88.731614] usb 2-2: Product: VMware Virtual USB Hub<br />[ 88.740782] hub 2-2:1.0: USB hub found<br />[ 88.742689] hub 2-2:1.0: 7 ports detected<br />[ 1264.563100] usb 1-1: new high-speed USB device number 6 using ehci-pci<br />[ 1264.898240] usb 1-1: New USB device found, idVendor=0cf3, idProduct=9271<br />[ 1264.898269] usb 1-1: New USB device strings: Mfr=16, Product=32, SerialNumber=48<br />[ 1264.898308] usb 1-1: Product: USB2.0 WLAN<br />[ 1264.898334] usb 1-1: Manufacturer: ATHEROS<br />[ 1264.898358] usb 1-1: SerialNumber: 12345<br />[ 1264.916641] usb 1-1: ath9k_htc: Firmware htc_9271.fw requested<br />[ 1265.269131] usb 1-1: ath9k_htc: Transferred FW: htc_9271.fw, size: 51040<br />[ 1265.545357] ath9k_htc 1-1:1.0: ath9k_htc: HTC initialized with 33 credits<br />[ 1266.457978] ath9k_htc 1-1:1.0: ath9k_htc: FW Version: 1.4<br />[ 1266.458102] ath: EEPROM regdomain: 0x809c<br />[ 1266.458123] ath: EEPROM indicates we should expect a country code<br />[ 1266.458174] ath: doing EEPROM country->regdmn map search<br />[ 1266.458201] ath: country maps to regdmn code: 0x52<br />[ 1266.458240] ath: Country alpha2 being used: CN<br />[ 1266.458252] ath: Regpair used: 0x52<br />[ 1266.543701] ieee80211 phy0: Atheros AR9271 Rev:1<br />[ 1266.543942] cfg80211: Calling CRDA for country: CN<br />[ 1266.548917] systemd-udevd[2725]: renamed network interface wlan0 to wlan1<br />[ 1266.562933] IPv6: ADDRCONF(NETDEV_UP): wlan1: link is not ready<br />[ 1266.681207] cfg80211: Regulatory domain changed to country: CN<br />[ 1266.681247] cfg80211: DFS Master region: unset<br />[ 1266.681384] cfg80211: (start_freq - end_freq @ bandwidth), (max_antenna_gain, max_eirp), (dfs_cac_time)<br />[ 1266.681445] cfg80211: (2402000 KHz - 2482000 KHz @ 40000 KHz), (N/A, 2000 mBm), (N/A)<br />[ 1266.681453] cfg80211: (5735000 KHz - 5835000 KHz @ 40000 KHz), (N/A, 3000 mBm), (N/A)<br />[ 1266.681454] cfg80211: (57240000 KHz - 59400000 KHz @ 2160000 KHz), (N/A, 2800 mBm), (N/A)<br />[ 1266.681455] cfg80211: (59400000 KHz - 63720000 KHz @ 2160000 KHz), (N/A, 4400 mBm), (N/A)<br />[ 1266.681457] cfg80211: (63720000 KHz - 65880000 KHz @ 2160000 KHz), (N/A, 2800 mBm), (N/A)<br />-----dmesg-END-----<br />yar1knoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-4856530042850309392017-01-27T12:00:03.059+01:002017-01-27T12:00:03.059+01:00"The fd field points to the previous free chu..."The fd field points to the previous free chunk, and the bk field to the next free chunk."<br /><br />Shouldn't this be the other way around?<br /><br />Thanks.Akshay Sharmahttps://www.blogger.com/profile/17190437215645222065noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-2323215778077735602016-11-03T07:16:03.662+01:002016-11-03T07:16:03.662+01:00Thank you very much, very helpful!Thank you very much, very helpful!Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-18944580109340478742016-10-26T09:54:22.898+02:002016-10-26T09:54:22.898+02:00Very good articleVery good articleKeithhttps://www.blogger.com/profile/02371187885328276169noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-33024173927094154262016-09-17T01:51:03.071+02:002016-09-17T01:51:03.071+02:00We control the second argument: nb (in the #define...We control the second argument: nb (in the #define called s). By debugging the program I found that victim (the older value for av->top) was 0x804b110. Hence the value passed to malloc should be 0x804a000 - 0x804b110 = FFFFEEF0. We now get:<br />By debugging the program I found that victim (the older value for av->top) -> How did you find that out. Can you explain.<br />Unknownhttps://www.blogger.com/profile/02414628511113359293noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-14985123845677211822016-08-05T16:21:23.431+02:002016-08-05T16:21:23.431+02:00Thank you very much for the detailed information. ...Thank you very much for the detailed information. I have few questions.<br /><br />1) I read that, UUID(device id) is deprecated and/or whatsapp has changed it to something else now. what is the new secure process whatsappp is using now to identify a device?.<br />2) I guess, the question is, what are the new data fields used as username/password now? Anonymoushttps://www.blogger.com/profile/03702550218476664737noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-87412333117264581972016-07-22T13:50:37.258+02:002016-07-22T13:50:37.258+02:00I have Nokia Lumia 610, i have been using whatsapp...I have Nokia Lumia 610, i have been using whatsapp. unfortunately i reset my phone and install again whatsapp now this message appear on Verification "Can't register with this phone number. You can only register with the phone number that was last used with Whatsapp on this phone" while i use same number Kindly HelpCrispyhttps://www.blogger.com/profile/11308979591140203882noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-37921807650854115112016-06-18T09:20:44.028+02:002016-06-18T09:20:44.028+02:00Amazing writings from you. I have learned a lot fr...Amazing writings from you. I have learned a lot from this article. Your videos were also great.Rosehttp://www.pccenter.onlinenoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-45385583637155725022016-05-27T00:36:32.281+02:002016-05-27T00:36:32.281+02:00Thanks, this was helpful.Thanks, this was helpful.Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-83960353023489254432016-04-12T18:13:54.557+02:002016-04-12T18:13:54.557+02:00Kali should use wpa_supplicant by default. Changin...Kali should use wpa_supplicant by default. Changing your MAC address in that manner means your real MAC address never gets used - so that's an option. You may also be interested in the following two wpa_supplicant options:<br /><br />mac_addr=1 # use random MAC address for each ESS connection<br />preassoc_mac_addr=1 # use random MAC address for pre-association operations (scanning, ANQP)<br /><br />See wpa_supplicant.conf documentation/example for details.Mathyhttps://www.blogger.com/profile/12266874794108836514noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-56738705950598136532016-04-12T16:25:57.116+02:002016-04-12T16:25:57.116+02:00Why isn't that some one you? Why does it have ...Why isn't that some one you? Why does it have to be some one else all the time ?Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-81752257953666098602016-04-12T15:44:01.174+02:002016-04-12T15:44:01.174+02:00Great write up/paper
Does Kali use wpa_supplicant...Great write up/paper<br /><br />Does Kali use wpa_supplicant by default? If I change my mac with "ifconfig wlan0 hw ether 00:00:xx:xx:xx:xx" or "macchanger -r wlan0" and connect to a HotSpot 2.0 network, will it still send the original mac in ANQP queries? Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-84991568259697392332016-04-12T04:26:13.496+02:002016-04-12T04:26:13.496+02:00Someone should contact Microsoft and ask them to m...Someone should contact Microsoft and ask them to make everything fully random. Perhaps the author can contact the Microsoft security team and let them know to truly implement random mac addresses and post a link back to this post. Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-43106045617193811662016-03-18T21:30:38.791+01:002016-03-18T21:30:38.791+01:00I tried using kali-linux-i386-gnome-vm and still h...I tried using kali-linux-i386-gnome-vm and still have the same problem.<br />Here's a screen-shot of the errors:<br /><br />http://tinypic.com/view.php?pic=2d2fzns&s=9#.Vuxk01WANBcAnonymoushttps://www.blogger.com/profile/11053518339557815610noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-57166736178421712442016-03-18T07:34:33.123+01:002016-03-18T07:34:33.123+01:00Would it be possible to update this post using the...Would it be possible to update this post using the current versions of QEMU? <br />Trying to follow these instructions does not yield a working ARM QEMU due to changes in QEMU the past few years.<br /><br />Update: I noticed you used kali-linux-i386-gnome-vm.<br />I'm thinking that must have been v1.0, as I don't recall ever seeing a newer version for gnome. <br /><br />Can you tell us what version for QEMU you used in this tutorial?<br />(The latest version don't work with these instructions, but I'm thinking if I can find the same one you used....)<br /><br />Thanks for posting this. <br />It's still very relevant today!Anonymoushttps://www.blogger.com/profile/11053518339557815610noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-33263514710442478152016-03-17T09:36:02.863+01:002016-03-17T09:36:02.863+01:00This comment has been removed by the author.Anonymoushttps://www.blogger.com/profile/11053518339557815610noreply@blogger.comtag:blogger.com,1999:blog-3500917063499850097.post-69576248302720338392016-03-10T09:36:03.955+01:002016-03-10T09:36:03.955+01:00Your paper was a really interesting read! Thank yo...Your paper was a really interesting read! Thank you for the detailed analysis and writeup. :)Anonymousnoreply@blogger.com