Lister
2016-12-04, 03:22
So after many months of fiddling with stuff such as Mana-Wireless-Toolkit, service isc-dhcp-server, modifying *.conf files... I finally realized that the reason why my uplink in my Evil AP is being terminated was because of gnome-network-manager. NetworkManager interferes with HostAPD, forcing the Mana scripts to rfkill it. So I replaced gnome-network-manager with wicd, and now I made a successful fake AP in my neighborhood.
https://scontent.flas1-2.fna.fbcdn.net/v/t1.0-9/15230757_376626836014991_7140333616980590670_n.jpg ?oh=9294697e74bc15fbddd9e3ace235020f&oe=58B0DE45
I even managed to capture a Twitter autologin cookie overnight during my sleep.
But it expired (client logged off) before I woke :(
I am using the screen shots of my efforts to use in a class presentation for my capstone accounting class. Basically I screenied and videotaped myself successfully creating a fake AP, get someone to connect to it and then edited the contents to make sure that I am not going to get caught for violating any anti-hacking statutes under Chapter 18 of the United States Code Subsections 1029 to 1362. I edited the pics, drew some black boxes covering up specific SSIDs in the outputs, as well as obscuring my personal MAC address, hostnames, etc.
I am sure I am gonna get a A for this group project lol. The point that I was making, was that someone other than I (AKA a "hacker", correct term is a script kiddie though), can pose as a legitimate-looking router for a casino (MGM Grand Guest Wi-Fi for example), to trick hotel customers and gamblers into connecting to it, in an effort to grab unencrypted personal payment information. I did however leave out a few facts, like defeating the software level encryption provided by phone apps and websites, so I won't confuse my class and my instructor. It's a Gaming Audit Class, not a Information Technology course.
But now, I have a question. What else should I learn?
According to this, there seems to be a big developing market for cybersecurity professionals, thanks to media fear-mongering: http://money.cnn.com/2016/12/02/technology/commission-on-enhancing-national-cybersecurity/
When I initially installed Kali half a year ago, I was playing around with services like Metasploit Framework and the apps that were built around Metasploit, like Armitage, and Social Engineer's Toolkit. I created my own VM out of Metasploitable Linux to use as a punching bag.
First lesson I learned. Thanks to auto-updating/forced-update services, nowhere in real life, would a modern Windows PC be as vulnerable as back in those pre-Windows XP days. "Hackers" nowadays better get crafty. Really crafty.
Due to that fact, I concluded that creating fake APs and then accompanying it with a downgrade attack running in the background is probably the most foolproof method to grift information from passers by. It will circumvent the security placed by IT professionals for legitimate routers as long as the victims are tricked or are foolish enough to connect to the fake AP. Suddenly, all the effort to put together a Wi-Fi network secured with WPA2 encryption, CCMP ciphers, and MGT/ENT type authorization, seems for naught. I don't have to mount direct attacks at all. Just go after the users instead.
Is there any other essentials I need to know to get started? I felt that creating Evil APs was a good starting foundation.
FYI I am on my last college semester for my Accounting Degree, however I am planning to return to the local community college to get started on my CHFI Certification Course (Computer Hacking Forensics Investigator).
I realized that I can recover old deleted files, even files that were permanently deleted out of the Windows recycling bin. I even found... old images of my deleted porn, and even a thumbnail directory for that porn *blush*, with a find command.
https://scontent.flas1-2.fna.fbcdn.net/v/t1.0-9/15230757_376626836014991_7140333616980590670_n.jpg ?oh=9294697e74bc15fbddd9e3ace235020f&oe=58B0DE45
I even managed to capture a Twitter autologin cookie overnight during my sleep.
But it expired (client logged off) before I woke :(
I am using the screen shots of my efforts to use in a class presentation for my capstone accounting class. Basically I screenied and videotaped myself successfully creating a fake AP, get someone to connect to it and then edited the contents to make sure that I am not going to get caught for violating any anti-hacking statutes under Chapter 18 of the United States Code Subsections 1029 to 1362. I edited the pics, drew some black boxes covering up specific SSIDs in the outputs, as well as obscuring my personal MAC address, hostnames, etc.
I am sure I am gonna get a A for this group project lol. The point that I was making, was that someone other than I (AKA a "hacker", correct term is a script kiddie though), can pose as a legitimate-looking router for a casino (MGM Grand Guest Wi-Fi for example), to trick hotel customers and gamblers into connecting to it, in an effort to grab unencrypted personal payment information. I did however leave out a few facts, like defeating the software level encryption provided by phone apps and websites, so I won't confuse my class and my instructor. It's a Gaming Audit Class, not a Information Technology course.
But now, I have a question. What else should I learn?
According to this, there seems to be a big developing market for cybersecurity professionals, thanks to media fear-mongering: http://money.cnn.com/2016/12/02/technology/commission-on-enhancing-national-cybersecurity/
When I initially installed Kali half a year ago, I was playing around with services like Metasploit Framework and the apps that were built around Metasploit, like Armitage, and Social Engineer's Toolkit. I created my own VM out of Metasploitable Linux to use as a punching bag.
First lesson I learned. Thanks to auto-updating/forced-update services, nowhere in real life, would a modern Windows PC be as vulnerable as back in those pre-Windows XP days. "Hackers" nowadays better get crafty. Really crafty.
Due to that fact, I concluded that creating fake APs and then accompanying it with a downgrade attack running in the background is probably the most foolproof method to grift information from passers by. It will circumvent the security placed by IT professionals for legitimate routers as long as the victims are tricked or are foolish enough to connect to the fake AP. Suddenly, all the effort to put together a Wi-Fi network secured with WPA2 encryption, CCMP ciphers, and MGT/ENT type authorization, seems for naught. I don't have to mount direct attacks at all. Just go after the users instead.
Is there any other essentials I need to know to get started? I felt that creating Evil APs was a good starting foundation.
FYI I am on my last college semester for my Accounting Degree, however I am planning to return to the local community college to get started on my CHFI Certification Course (Computer Hacking Forensics Investigator).
I realized that I can recover old deleted files, even files that were permanently deleted out of the Windows recycling bin. I even found... old images of my deleted porn, and even a thumbnail directory for that porn *blush*, with a find command.