Rise my pretties! RISE!
Posted on June 16th, 2009
Sorry, they’re all spoken for. I’ll have another batch available in a about a week.
If you’re not familiar with ze WiFi Pineapple, watch any of these Hak5 videos on Jasager
post_break: @hak5darren Have you automated that task yet? If not, yikes.
@post_break Only one of the dozen or so steps is automated. The rest is by hand. It takes about an hour per pineapple. Needz moar robotz!
Cracking WPA with Cowpatty 4.5
Posted on June 16th, 2009A lot has changed since I last talked about WPA Cracking on Hak5. Specifically Joshua Wright, author of CowPatty has released a new version that dramatically changes the way one thinks about cracking WPA and WPA2 TKIP keys.
The most notable new feature in Cowpatty 4.5 is the “-2″ option, which only requires the first two frames of the 4-way handshake to start attacking.
By removing the need for the third and fourth frames of the handshake, an attacker is now more likely to successfully crack WPA keys when channel hopping. Furthermore, the lack of the third and fourth frame opens up a world of possabilities when it comes to trapping targets with rogue access points, or “honey pots”.
An example scenario illustrated on Wright’s blog details how an attacker may pose as a victim’s corporate wireless access point. Since it doesn’t matter if the target associates with the honey pot, anything from hostap to a spare WPA supporting access point with a bogus key will due.
Of course this has our friend Robin Wood pondering a Jasager plugin. Pineapples anyone?
As for carrying out the attack it’s pretty straight forward. I BackTrack as my hacking OS of choice coupled with an eee PC or Acer Aspire One. When it comes to Wireless I’m a big fan of the ALFA AWUS036H 500mW USB Wireless Adapter.
Other tools needed to carry out the attack include WPA tables like these SSID specific Cowpatty WPA Tables from Offensive Security and the Aircrack-ng suite.
The commands are pretty straight forward and well highlighted in the episode. There are a number of ways to go about this so if you’ve got another method you’d like to share with me, questions about this, or suggestions for future topics drop me a line. darren[at]hak5=dot=org.
Recording Hak5 episode 518
Posted on June 14th, 2009Friday June 12th we recorded episode 518 of Hak5.
We went back to a season 3 format for the A block with the table between two hosts.
It looks like Paul got a little bored during one of the segment takes.
There are 6 cameras in this photo. Can you find ‘em all?
Jason Appelbaum visited us for this shoot. We love having him over.
Matt’s laptop eats my eee PC.
Ride around York River State Park
Posted on June 12th, 2009It was too beautiful to stay in doors, even if I did have a WPA cracking demo to finish setting up.
This 30 mile ride was quite enjoyable.
Aside from the back country roads, the highlight of the trip was seeing horseys.
Looking at the map you can tell I didn’t have a destination in mind. Sometimes I’ll scour google maps for something interesting. Sometimes I’ll just ride where the road takes me.
If the weather is nice I’ll be taking a much longer trip this weekend out to Richmond. It’ll be the first trip on the interstate of extensive length with the new bike.
Okies, time to do a show!
Sharing EVDO with Jasager.
Posted on June 12th, 2009This question comes from Josh Price. Josh asks:
What all are you using when you share your tether your blackberry to your PC and share it through the Jasager?
I tether using the application provided by Verizon. I could do it with Windows Dial Up Networking but the VZW app gives me signal strength. If you’re on Linux I recommend checking out Berry4All
I use Windows Internet Connection Sharing to share out the tethered EVDO connection. I directly connect to the pineapple via ethernet. My ethernet is bound to a static IP — doesn’t matter what rang. I use 10.10.42.x but you could use whatever.
I then fire up tftpd and use it’s nifty little DHCP server to start handing out addresses to the access point. The trick is to bind the dhcpd to your ethernet’s static IP, give it a DNS server (I use opendns but 4.2.2.2 would work as well) and throw in a range of like 10.10.42.100-10.10.42.200 or so. Make sure your ethernet IP is specified as the default gateway — that’s what makes it all work with windows ICS.
Next boot up your Pineapple. Mine always gets the same IP from the DHCP server but the first time you’ll need to scan to find it. nmap, cain & abel, whatever. Once you find your Pineapple, hit up it’s Jasager interface at http://ipaddress:1472. Login and enable Karma.
Grab yourself an oz of light rum, 2 oz pineapple juice, a dash of lemon juice and a tbsp of simple syrup and garnish with a pineapple wedge because you’re now everyone bestest wifi friend around.
If you’ve got an IPTABLES or other good way to do this in Linux please let me know. Thanks!
New Desk
Posted on June 12th, 2009
While the tripple screens don’t fit as well as I had hoped at least I have room for all the label printers, scales and other such stuff that goes into running the HakShop.
Click the image to see notes on flickr if you’re that interested in what all this junk is.
Chesapeake Bay Reservoir Ride - Back Roads to Diascund Creek
Posted on June 11th, 2009Today’s ride was based on one suggested at motorcycleroads.com.
It was a scenic ride visiting a few ponds and reservoirs in the Chesapeake bay area.
I had no idea how much farm land was in my back yard until I ventured far outside the city.
I really enjoyed the back roads. Most of them were very well kept and had just the right mix of straight-aways and windy bits.
I did notice as soon as I crossed into New Kent county that the first stretch of road wasn’t very well kept.
I didn’t make it to my intended destination — Diascund Creek. I must have written the directions down wrong since I ended up making a right instead of a left onto Stage Rd.
Instead of a creek I found horses. I really couldn’t complain, they’re such pretty animals. Instead of hooking up with Rte. 60 I ended up doubling back.
On my way back I was greeted with newly repaved road — right where I had thought it could use some repairs.
Unfortuantely this meant that I would have to ride on half-finished road for a stretch. It wasn’t fun at all.
I’m looking forward to doing this ride again. Next time I’ll be sure to bring a GPS, or at least some better directions.
Snubs on the list. The ten spot: hottest geek women!
Posted on June 9th, 2009I stumbled upon this the other day and figured I’d share. I think it’s pretty kickass that Shannon made #3 on this list. The ten spot: hottest geek women!.
Snubs came into the geek scene when she started co hosting and helping with the very own home brewed geek show hak5. She has gone onto mention her love for gaming and tech news, while keeping in close touch with her fan base, this hot vixen nabs my number 3 spot for having the hot/cute look that you wish your girlfriend had…especially if she came with a great geek personality!
Guess who got made the #1 position?
Road atop American Revolutionary period dam now serves bull frogs and otters. Closed to people.
Posted on June 9th, 2009The Jolly Pond Dam dates to the American Revolutionary period. Sited near a documented free black settlement, it was likely built by slave labor and has remained in continuous use without physical change since 1782.
Milling operations continued until the 1900’s. Ruins of the old mill have never been excavated and the original wagon road at the top of the dam is now used as a part of Jolly Pond Road.
Back in 2006 Tropical Storm Emesto tore up the privately owned dam on Jolly Pond Rd.
James City County leased the dam from the owner and made repairs.
It was given a temporary operation and maintenance certificate set to expire January 31, 2009.
The time came and wen’t and since the dam wasn’t kept up the state closed the dam section of the road.
The Jolly Pond Rd. is a D shape route connected to Centerville Rd at both ends.
There is now an 8 mile detour adding 20 minutes to any emergency vehicle’s response.
It’s a fun motorcycle ride with good speed and plenty of banking tight turns. The road is in fine condition.
The closed dam section of the road is quite scenic and full of wild life including what sounds like an army of bull frogs and curious little otters.
Gorillapod - Handy tripod or face sucking alien?
Posted on June 9th, 2009Gorillapods are a menace to society and should be beaten with a crowbar Gordon Freeman style. It is quite obvious after browsing flickr that they have a tendency to latch onto faces, likely to eat your brains with a headcrabesque appetite.
Don’t let yourself fall victim to these creatures!