10.29.08
Posted in Security, forensics at 11:17 pm by Edward Bjarte Fjellskål
I have always used Autopsy and The Sleuth Kit when diving into hard drives, usb sticks and memory cards ect. It works ok for me, and gets my job done fairly well. But the Autopsy web GUI gives one a feel of being at the end of the 90′is… I’m exited to know, that PTK now has been released in 1.0 version which seems to add new life to TSK, and free forensics… The only drawback is.. that PTK is distributed under “PTK License”, claiming to be free software, which its clearly not!.. It should have been GPL or BSD licensed…
One day in the future, when I got the time… I would love to check it out more in dept though…
Permalink
10.12.08
Posted in OpenSourceSoftware, Linux Distributions, Ubuntu, Security, Wireless at 8:38 pm by Edward Bjarte Fjellskål
I finally got my Alfa AWUS036H USB adapter yesterday, and I got some hours to play with it today. First I saw that the module rtl8187 did not seem to work with my new adapter. A quick google search pointed me in a direction on how to get it up and running, ready for aircrack-ng even. I followed this howto on setting up the adapter, and then I watched this movie on how to crack a WEP network with aircrack-ptw. I tried it out for my self, and it worked right a way… phun! 
I normally use a WPA-PSK network at home, so that was what I was aiming at…
Reading the aircrack-ng WPA/WPA2 howto, I started to try it out… I did several passes at my network, but though I believed I did everything *perfect* the aircrack-ng did not find my WPA-PSK pass phrase (and I know my own pass phrase!). I started googling, and found several similar entries, but non that seem to be helping me out. I connected to the IRC channel for aircrack-ng on Freenode, and popped the question… Two minutes afterwards (Thanks to Mister_X), my problem was solved and I had hacked my WPA-PSK network. The issue seems to be (From my googleing) with dual core processors and the amount of pass phrases >=8 chars in the password file (See this post). The simple solution is to add -p 1 to aircrack-ng (Set this option to the number of CPUs to use (only available on SMP systems). By default, it uses all available CPUs).
So after only ~4 hours (including making and eating dinner), I had cracked my network in WEP and in WPA-PSK (”cracked” when it comes to WPA-PSK) mode
Second, so many wireless Access Points I see with my Alfa… It’s rather cool to have such a powerful wireless adapter!
Permalink
