Domain: dachb0den.com
Stories and comments across the archive that link to dachb0den.com.
Comments · 9
-
h1kari did some smart card work:
-
Uhm dude... that's not a sniffer...A quick rtfa tells me that this isn't a sniffer at all, it's just a perl script that parses the plain-text output from someone elses sniffer. Sorry, no donut. NEXT!
What's up with tcpdump and friends, snort, kismet, bsd-airtools and ethereal anyway?
-
"The best wardriving tool out there"?
I thought opinions were supposed to go in the comments Cowboy...
In any case, anyone who has used the BSD-airtools package would likely argue differently...
-
DSTUMBLER for those on FreeBSD, OpenBSD, NetBSDShould mention the incredible (and similar) dstumbler here - for those on FreeBSD, OpenBSD, NetBSD.
dstumbler is a wardriving/netstumbling/lanjacking utility for bsd operating systems that attempts to provide features similar to netstumbler in a fast and easy to use curses based application. it is part of the bsd-airtools package released by Dachb0den Labs, which provides a complete bsd based tool set for 802.11b penetration testing.
current features of dstumbler include:- color s/n graphs
- detection of weped networks
- detects the beacon interval for aps
- detects the maximum supported rate for aps (with prism2 cards in scan mode)
- reports if the ssid of a network is default
- export/import to wi-scan'esque log format
- support for prism2 cards (without wep detection)
- interactive display of ap statistics
- intuitive navigation hotkeys
- nmea gps support
- monitor mode support for prism2 cards
- /dev/speaker audio support for reporting detected aps and nodes
- realtime logging to file (for wi-scan'esque compatibility)
- detection of weped and adhoc networks
- detection of nodes on bss networks
- detects if a bss network uses shared or keyed authentication
- detects the maximum supported rate of aps and nodes
- detects the beacon interval for aps
- detects if bss nodes are set to connect to any network or a specified one
- partial detection of 40-bit or 104-bit encryption
-
DSTUMBLER for those on FreeBSD, OpenBSD, NetBSDShould mention the incredible (and similar) dstumbler here - for those on FreeBSD, OpenBSD, NetBSD.
dstumbler is a wardriving/netstumbling/lanjacking utility for bsd operating systems that attempts to provide features similar to netstumbler in a fast and easy to use curses based application. it is part of the bsd-airtools package released by Dachb0den Labs, which provides a complete bsd based tool set for 802.11b penetration testing.
current features of dstumbler include:- color s/n graphs
- detection of weped networks
- detects the beacon interval for aps
- detects the maximum supported rate for aps (with prism2 cards in scan mode)
- reports if the ssid of a network is default
- export/import to wi-scan'esque log format
- support for prism2 cards (without wep detection)
- interactive display of ap statistics
- intuitive navigation hotkeys
- nmea gps support
- monitor mode support for prism2 cards
- /dev/speaker audio support for reporting detected aps and nodes
- realtime logging to file (for wi-scan'esque compatibility)
- detection of weped and adhoc networks
- detection of nodes on bss networks
- detects if a bss network uses shared or keyed authentication
- detects the maximum supported rate of aps and nodes
- detects the beacon interval for aps
- detects if bss nodes are set to connect to any network or a specified one
- partial detection of 40-bit or 104-bit encryption
-
Re:WEPNot quite. RC4 has several pretty serious flaws, both in design and popular implementation. Do you remember when it single-handedly rendered SSH1 useless?
http://www.ipsec.co.jp/products/ssh/cert/vulnerab
i lity.htmlHere is an even cuter, step-by-step explanation of how to BRUTE-FORCE CRACK the IV and RC4 encryption in less than 1 MINUTE!
http://www.dachb0den.com/projects/bsd-airtools/we
p exp.txtand the author even provides you with some auditing tools... for your network of course!
http://www.dachb0den.com/projects/bsd-airtools.ht
m lPadding your keys with any number, especially zero, is not a good encryption scheme. Did I mention that RC4 calls for this? It did wonders for the Windows password file. LOL!
http://etudiant.univ-mlv.fr/~ecorreia/toto.html
Want more examples? Email me. It's just not a good algorithm. Unless under some kind of special condition, AES, Blowfish, or something else should be used instead.
Thank you for your time,
Quadgoatboy
-
Re:WEPNot quite. RC4 has several pretty serious flaws, both in design and popular implementation. Do you remember when it single-handedly rendered SSH1 useless?
http://www.ipsec.co.jp/products/ssh/cert/vulnerab
i lity.htmlHere is an even cuter, step-by-step explanation of how to BRUTE-FORCE CRACK the IV and RC4 encryption in less than 1 MINUTE!
http://www.dachb0den.com/projects/bsd-airtools/we
p exp.txtand the author even provides you with some auditing tools... for your network of course!
http://www.dachb0den.com/projects/bsd-airtools.ht
m lPadding your keys with any number, especially zero, is not a good encryption scheme. Did I mention that RC4 calls for this? It did wonders for the Windows password file. LOL!
http://etudiant.univ-mlv.fr/~ecorreia/toto.html
Want more examples? Email me. It's just not a good algorithm. Unless under some kind of special condition, AES, Blowfish, or something else should be used instead.
Thank you for your time,
Quadgoatboy
-
802.11b and OS X (was Re:WarDriving)TellarHK writes:
Heck, I'm still waiting for a good program to use with OSX to do WarDriving with 802.11b.
Dachb0den is working on Darwin/OS-X support:http://lists.dachb0den.com/pipermail/bat/2002-Apr
i l/000202.html -
Is WLAN worth it?Actually, I am using ORiNOCO products for both the AP and the client. Also tried the 3Com. Even at it's very best, 802.11b is an 11mbps shared bandwidth connection. Not so hot.
Most likely the problem is environmental, appears that signal strength is good, but noise is also high, according to dstumbler.
I'm hoping to get a free eval of some of the Cisco products in the next month or so.