Rescuing articles from a friend's web site...

[alexander]

So i have a friend (acquaintance, contact, this guy i know, whatever you choose to refer to him to, and no i am not going to release his name), who's also interested in security, and he had a blog/site deal going on, called morallycorrupted.net, where he used to post tutorials on how to do some things (that can be used by the black hats) to test your security (even though it may not be presented as such in the article). I think his statement was a bit shady (badly worded), and he started noticing 2 ips constantly visiting his website, which happen to belong to a security agency, so he freaked out and now the information is gone.... so in an effort to not loose information that took (at times) days to compile, i am putting forth an effort to save it (like saving historic documents). And i figured what better place to do it then here, in a CS community i have created.... :eek2:

[alexander]

First article deals with WifiZoo

 

 

WifiZoo Tutorial

 

Category: Tutorials |

 

What is WifiZoo? WifiZoo is a tool used to gather wifi information passively.

 

I’ve seen a lot of information floating around the web in regards to WifiZoo and it’s setup/usage. I wanted to create a tutorial for it’s setup and implimentation from start to finish including the creation of monitoring devices so here it is…

 

First and foremost, a prerequisite for this is to have python already installed on your machine. To get the latest version of python visit Python for Linux

 

Download WifiZoo from WifiZoo

 

You’ll also need to download a copy of Scapy as well from http://hg.secdev.org/scapy/raw-file/tip/scapy.py

 

Extract the files from wifizoo

 

Code: tar zvxf wifizoo_vX.X.tgz

 

Place Scapy.py into the directory created when extracting WifiZoo

 

Both WifiZoo.py and Scapy.py need to be edited for your specific wireless settings. In this particular instance we are going to use ‘ath1′ as our device. You can use whatever program you like to edit the files.

 

In wifizoo.py on line 49(Previous tutorials have this listed as line 48) add your device to the conf.iface.

 

Code: conf.iface = ‘ath1′

 

Save and close wifizoo.py and open scapy.py with your text editor again.

 

In scapy.py you need to specify a few things(chipset,cardname,chipset), my card is an atheros chipset so my setup will reflect that so you may need to adjust yours accordingly.

 

In scapy.py on line 13064(Previous tutorials had this line listed as 13213 where as mine was different so it may vary from file to file depending on age/version, etc.. so you may have to search for it a bit) find the line that reads ‘conf.iface = betteriface and change it to reflect your wireless settings.

 

Code : conf.iface = ‘madwifi_ag,wifi0,madwifi’

 

Save and close scapy.py and you should be all set as far as WifiZoo goes.

 

Now you need to set your device in monitor mode so that you can passively listen to the wireless traffic

 

Code : wlanconfig ath1 create wlandev wifi0 wlanmode monitor

 

What that does is create a new device in monitor mode off the parent device, which in this case is wifi0 but could also be wlan0 as well.

 

Now that the new device is created you need to enable it

 

Code : ifconfig ath1 up

 

If you type ifconfig you should now see a listing of all you devices and you should see ‘ath1′ UP and Running in Monitor Mode

 

Now to start WifiZoo

 

Code : python wifizoo.py

 

You should see Wifizoo start up and data packets will begin to stream within the shell. Go to Hypography: Science for everyone within your browser to view the WifiZoo GUI. You will also need to set your http:// proxy within your browser to Hypography: Science for everyone in order to jump correctly.

[alexander]

Second article deals with the NSM console:

 

 

NSM-Console (Network Security Monitoring)

 

Category: Tools |

 

On my usual daily search for new and exciting techniques and tools for network securities I came across ‘Hex‘ Linux Distro by the group over at Rawpacket Security. At first glance it is a very well thought out LiveCD distro geared towards Pentesting/Forensics much like ‘Backtracks‘ and various others. It includes a wide range of securities tools that I’ve come to expect from such releases. What intrigued me most was mention in the notes about the inclusion of the NSM-Console in the latest build.

 

NSM-Console is a packet analysis tool that impliments a modular structure that allows for the inclusion of numerous different modules as well as the ability to quickly write modules of your own.

 

Check out http://rawpacket.org/projects/hex/nsm-console and NSM Console « :wq for more information on NSM-Console as well as a screencast outlining some of it features and uses.

 

-Int3rc3pt

[alexander]

lastly, Mac spoofing:

 

 

Mac Spoofing (HowTo:)

 

Category: Tutorials |

 

I just posted a response on a securities forum yesterday for a subject I haven’t really thought about in some time, Mac Spoofing.

 

At first when people where talking about mac spoofing I thought everyone was full of ****(the name of the site is Morally Corrupted so I’m not one to censor my vulgarity for the sake of others). I was going through and using “Macchanger” to create random mac addresses but no matter what I did I just couldn’t connect to the internet. I googled the subject and got responses such as this one that I saw posted in the forum.

 

Changing your mac address in Linux is very easy you just do

 

Code

 

* ifconfig eth0 down

* ifconfig eth0 hw ether “mac address”

* ifconfig eth0 “ip you want”

* ifconfig eth0 up

 

That unfortunately was not the case for me. Atheros cards can be a bit difficult to spoof with and I required a much different technique. After I googled around some more on the subject and read up on it I found a solution that worked for me, and here it is.

 

Code

 

* macchanger -A wifi0

* wlanconfig ath0 create wlandev wifi0 wlanmode managed

* ifconfig ath0 up

* delete file “/etc/dhcpc/dhcpcd-ath0.pid”

* dhcpcd ath0

 

 

 

-Int3rc3pt

[alexander]

I hope some of this information will hope some people out there trying to set up these things (for testing purposes). I come from this theory that those that need to know how to do this, can do it anyways regardless of whether or not someone posts a tutorial on how to do it, but security professionals that do not at times have time to fully figure out why a piece of software is not working as it should, and thus can not test for a possible volnurability of a system, well this is who the above tutorials are for...

 

by the way, in this thread: http://hypography.com/forums/computer-science/11872-error-message-day.html

Lemon posted:

"The page you are tryingto access has been denied on the following grounds:

 

Nudity

Profanity

Violence

Suicide

Gore

 

Please use the computers for something else." - At the public Library

 

What was I trying to get to you may ask,

 

Hypography!

 

Get ready to see Hacking in that list as well now.... lol, sad, but watch it, it's gonna be true... :eek2:

[alexander]

So my friend, who runs morally corrupted website, stopped being a whus and will now recreate all the articles again on his website (thank you the conservative me, who saved the information :) )

[Morally.Corrupted]

While the articles are no longer on Morally Corrupted DC860-1 Home they have be-relocated on Securityenthusiast.com so check them out there, when the site is actually up

[alexander]

Hey, it's up.... though it was funny when they screwed up httpd.conf on the server lol