Monday, January 25, 2016

Rogue Access Point Toolkit : MANA

wireless
The MANA Toolkit evilAP attacks first presented at Defcon 22
More specifically, it contains the improvements to KARMA attacks with hostapd, as well as some useful configs for conducting MitM once you’ve managed to get a victim to connect.

Rogue Access Point Toolkit

It contains:
  • kali/ubuntu-install.sh – simple installers for Kali 1.0.9 and Ubuntu 14.04 (trusty)
  • slides – an explanation of what we’re doing here
  • run-mana – the controller scripts
  • hostapd-manna – modified hostapd that implements our new karma attacks
  • crackapd – a tool for offloading the cracking of EAP creds to an external tool and re-adding them to the hostapd EAP config (auto crack ‘n add)
  • sslstrip-hsts – our modifications to LeonardoNVE’s & moxie’s cool tools
  • apache – the apache vhosts for the noupstream hacks; deploy to /etc/apache2/ and /var/www/ respectivley

Installation

  • The simplest way to get up and running is it “apt-get install mana-toolkit” on Kali.
  • To get up and running setup a Kali 1.0.9 box (VM or otherwise), update it, then run kali-install.sh
  • To get up and running setup a Ubuntu 14.04 box (VM or otherwise), update it, then run ubuntu-install.sh
  • The ubuntu installer has much more dependency info than the kali one if you’re looking for a template.

Rogue Access Point Evil Rogue Access Point Rogue Access PointPrerequisites

Software
Check the ubuntu installer for more details on software pre-requisites.
Hardware 
You’ll need a wifi card that supports master mode. You can check whether it does by running: iw list You want to see “AP” in the output. Something like:
Supported interface modes:
         * IBSS
         * managed
         * AP
         * AP/VLAN
         * monitor
         * mesh point

Running

Mana has several components, these can be started using the example start scripts, or you can use these as templates to mix your own.
Mana will be installed to several directories:
  • The mana tools are installed to /usr/share/mana-toolkit
  • The start scripts are in /usr/share/mana-toolkit/run-mana
  • The captured traffic will be in /var/lib/mana-toolkit
The different start scripts are listed below and must be edited to point to the right wifi device (default is wlan0, this may not be right for your installation):
  • start-nat-full.sh – Will fire up MANA in NAT mode (you’ll need an upstream link) with all the MitM bells and whistles.
  • start-nat-simple.sh – Will fire up MANA in NAT mode, but without any of the firelamb, sslstrip, sslsplit etc.
  • start-noupstream.sh – Will start MANA in a “fake Internet” mode. Useful for places where people leave their wifi on, but there is no upstream Internet. Also contains the captive portal.
  • start-noupstream-eap.sh – Will start MANA with the EAP attack and noupstream mode.
While these should all work, it’s advisable that you craft your own based on your specific needs.



Source && Download

https://n0where.net/rogue-access-point-toolkit-mana/
at No comments:

CHECK IT OUT : TACACS+ authentication server

IT LOOKS PRETTY EASY, BUT IS IT?

 welcome back to war!

 "Information in passports is protected by the Basic Access Control protocol, the standard can be found here. In order to read from the passport you need certain pieces of information; the passport number, the D.O.B and the date of expiry.
NFC TagInfo is quite a nice app that can read passports amongst other things, make sure you enter the correct information before attempting the read though. It can take a few seconds to read due to the amount of information being transferred.
In the USA there are foil covers over the passport which prevent the NFC working without the passport being open however with my UK passport I can read it just fine when it's closed."

because this is not the way it looks EASY  : 

"Third party software usage for key distribution If you have OpenView, Nagios or similar monitoring system installed you can use their capabilities to distribute the key.
You can use xargs submitting to it list of servers and using scp command to distribute the files. Parallel is a Perl script written by Ole Tange that extends and improves capabilities of xargs that can optimize this operation creating multiple threads, one for each server. To transfer file to remote computer you can use option --transfer:
Especially convenient are parallel command execution packages. Among the latter we can mention pdsh -- a variant of the rsh(1) command. ROMs are available from Fedora EPEL (pdsh-2.26-4.el6.x86_64.rpm CentOS 6 Download), and SourceForge.net. Unlike rsh(1), which runs commands on a single remote host, pdsh can run multiple remote commands in parallel. pdsh uses a "sliding window" (or fanout) of threads to conserve resources on the initiating host while allowing some connections to time out. pdcp included in pdsh package

http://www.softpanorama.org/Net/Application_layer/SSH/passwordless_ssh_login.shtml#Third_party_software_usage_for_key_distribution_


 I Think I have an attack here Emoji smile 
To enable the TACACS+ password on the switch and specify authentication using the password provided in the ENABLE PASSWORD command is attempted if a TACACS+ server is not available, use the following commands:

awplus> enable
awplus# configure terminal
awplus(config)# aaa authentication enable default group tacacs local
To enable the TACACS+ password on the switch, use the following commands:
awplus> enable
awplus# configure terminal
awplus(config)# aaa authentication enable default group tacacs
at No comments:
Subscribe to: Posts (Atom)