Compiling Wireless Tools for Nokia N810

 Compiling, Configuration Tutorials, Installing & Using Tools  No Responses »
Apr 222012
 

This tutorial will help you configure the Scratchbox environment to compile the latest svn of aircrack-ng, latest stable kismet, and reaver 1.4 for the Nokia n810. A lot of love is getting sent to the N900 but the n8x0 series of devices are still great for wireless testing. With this tutorial you will be not only to compile the software but create Debian packages for easy installation on your Nokia device. Of important note were the errors I encountered while compiling aircrack-ng. The error had not been documented on the Internet. Trust me I Googled my heart out. Everyones solution was update the linux kernel headers. Well in this case that wasn’t possible. I’m not a Linux programmer but I figured out how to edit the header file to make the changed needed to get Aircrack-ng to compile.
Continue reading »

Parse Kismet NETXML for Aireplay-ng

 Scripts  No Responses »
Apr 052012
 

This post deals with gathering the information you need to use aircrack-ng to capture a WPA/WPA2 handshake for offline bruteforce attacks.  When running aireplay-ng to send out de-authentication packets you need the MAC address of the Access Point and a Client that is associated with it.  The way I would collect the information is run Kismet.  With the older version of Kismet I would monitor the client (panel view) and select (copy/paste) the access point and client MAC.  With the new version of Kismet you cannot select a MAC address.  So I wrote myself a quick Perl script to parse the Kismet NETXML file to create output with the MAC addresses of AP and associated client pairs.
Continue reading »

Linux Penetration Testing Laptop Setup v4 (Ubuntu 11.4 Natty Narwhal)

 Configuration Tutorials  2 Responses »
Sep 192011
 

I’m now providing an updated Linux Penetration Testing Laptop Setup document to help install popular and useful vulnerability assessment tools for the Linux operating system. You can go and obtain Backtrack but I feel that you will have more understanding of the tools and Linux in general if you install the tools yourself. You will also have the most current version available. See Configuration Tutorials for the latest document.

Nokia N810 – Wireless Auditing

 Configuration Tutorials, Installing & Using Tools, Using the Tools  3 Responses »
Sep 082011
 

I created a tutorial on how to setup and configure the Nokia N810 Internet Tablet to conduct a wireless assessment or audit. The tools included in the tutorial include how to setup kismet (oldcore and newcore), aircrack-ng (airbase and aircrack), and btscanner. I’m still working on developing steps to install Metasploit and Karmetasploit for wireless client attacks. The tutorial also details using the internal GPS as well as adding an external wireless adapter. The latest version of the tutorial can be found here.

LAMP setup for .nessus v2 custom report generation.

 Installing & Using Tools, Scripts  2 Responses »
May 022011
 

I created Project RF to have a reporting framework that provides  consistent reports for various vulnerability scanning tools.  The  project started with support for Nessus back when I would parse nbe files.   I’ve  since included reporting for eEye Retina, Nmap, HP WebInpect,  AppScan AppDetective,  Kismet, and GFI Languard.  This project is still in its alpha stages as  I’m not a top notch web program developer.  Scan results are exported to  XML which is then uploaded, parsed, and imported into a backend MySQL  database.  I have found this framework very useful in generating reports  for my workpapers.  I still continue to work on this project even though I’m no longer an auditor.  Recently I stripped it down to just Nessus and I rewrote the Nessus portion to support the .nesses v2 xml output.  Installation and setup instructions can be found here.

This framework supports many options for report generation and executive reporting.

Linux Penetration Testing Laptop Setup v3.5

 Configuration Tutorials  No Responses »
Mar 302011
 

I’m now providing an updated Linux Penetration Testing Laptop Setup document to help install popular and useful vulnerability assessment tools for the Linux operating system. You can go and obtain Backtrack but I feel that you will have more understanding of the tools and Linux in general if you install the tools yourself. You will also have the most current version available. See Configuration Tutorials for the latest document.

Update:  The latest version is now v4 on Ubuntu 11.4 Natty Narhwal.

Updated Linux Laptop configuration for Auditors v3

 Configuration Tutorials  No Responses »
Mar 102010
 

I’ve created an updated configuration tutorial for setting up your Linux laptop to conduct system and network audits.  This version details how to get everything up and running on the latest Ubuntu currently at version 10.04 LTS (Lucid Lynx).  See the Configuration Tutorials to download the latest pdf document (currently at version 3).