Welcome To The Hacker Club 4U
On This Blog Now You can get knowledge about how to to do hacking and also Know how to prevent from hacking and know many tips And tricks of computer and internet
Hacking
Click Here To Know Many Tricks and Tips Of HACKING facebook,twitter and other accounts and passwords
Hacking Safety And Security
Click Here to know how to protect your computer and inetrnet from hacking and know hacking safety and security tips and tricks
Facebook And Twitter
Click On Picture For TWITTER And Click On This Tittle For FACEBOOK .Hacking And Security Tips Of facebook and twitter.Know how to byepass facebook login and twitter login
Gmail And Yahoo
Click On Above Picture For GMAIL Hacking And Security Tips . And.Click On This Title For YAHOO Hacking and security tips
Infamous MacBook WiFi hack demonstrated, dubious code to go public
This on-again / off-again storyline surrounding the infamous MacBook WiFi hack has us all in a bit of a whirlwind, but it looks like the responsible party is finally coming clean. David Maynor, who is now the CTO at Errata Security, broke the silence regarding the questionable WiFi vulnerability that he claimed existed in Apple's MacBook by actually demonstrating his findings in front of the crowds at the Black Hat DC event. The meddlesome duo elicited all sorts of backlash from Apple after the story surfaced, and a showing at the ToorCon hacker convention in San Diego was actually axed after Cupertino threatened to sue Maynor's now-former employer, SecureWorks. Yesterday, however, Maynor streamed rogue code from a Toshiba laptop while his MacBook (running OS X 10.4.6) scanned for wireless networks; sure enough, the laptop crashed, and he insinuated that the code could actually be used to do far worse things, such as control functions of the computer -- but interestingly enough, it wasn't noted whether the MacBook's WiFi adapter was Apple's own or of the third-party variety. The angst still felt by Maynor primarily stems from Apple's outright denial of his claims, only to provide an elusive patch that fixed the issue in OS X 10.4.8, essentially making its operating system more secure without giving David his due credit. Mr. Maynor also said that he would no longer attempt to work with Apple and wouldn't report any further findings to them, and while most Macs have certainly done their duty and upgraded to the latest version of OS X, users can reportedly expect a public release of the rogue code to hit the web soon.
How To Crack 128-bit Wireless Networks In 60 Seconds
Just for fun (since I’m a dork), I was looking for a wireless stumbler for Macintosh that supported a GPS unit because I thought it would be interesting to map how many wireless networks there are in my neighborhood (I usually can see 15-30 unique wireless networks from any given point). In my search, I ran across one called kismac that does exactly what I wanted (it even generates the maps for you, so I didn’t need to code something to plot the GPS coordinates on a map):
I download it and start playing around with it. It turns out it also has security testing functions within it (although I would guess that most of the people using the cracking functions are just trying to gain access to “secured” networks… which is beside the point I suppose).
Anyway, so I start monkeying around with those functions to see if I could learn something about WEP encryption on my own 2 wireless networks (I have a Linksys WRT54G and an Apple Airport Express which I use for beaming iTunes music to the living room stereo), both are currently secured with 128-bit wireless security and I did not change anything in them for the purpose of this video. My “word list” is just the standard dictionary word list that comes with most any UNIX distribution (like Mac OS X) and resides in /usr/share/dict/.
So here’s the scary part, from the time it started scanning for wireless networks to the time I was able to crack both wireless network keys (which is all you need to gain access to the wireless network), it took right around 60 seconds. Check out this video…
Okay, so what just happened here? I just cracked my two 128-bit wireless networks in roughly 60 seconds from start to finish.
Even as a relatively knowledgeable tech guy, this seems like utter insanity to me. Okay, obviously I didn’t have some crazy, ultra-secure password for my networks, but I would guess 90% of all the wireless network passwords out there are based on simple (easy to remember) word(s). After doing some reading, an “ultra-secure” password/MD5 seed would be relatively useless anyway… all it would do is force the attacker to spend 10 minutes on it instead of 10 seconds (see this FAQ and this FAQ), all of which is easily done from the kismac Network menu. It doesn’t even matter if you setup your wireless network to be public or not, because kismac can see it even if the base station isn’t showing the SSID publicly.
I’m going to poke around and see how secure RADIUS authentication is for a wireless network, but even if RADIUS is more secure, what normal person is going to have the technical knowledge and an extra few thousand dollars to setup and run a RADIUS server for their wireless network? I’m not even sure if I want to run a wireless network anymore to be honest… or maybe shut them down except for the times I’m actually using them (talk about annoying though).
click image for larger view)
Anyway, so I start monkeying around with those functions to see if I could learn something about WEP encryption on my own 2 wireless networks (I have a Linksys WRT54G and an Apple Airport Express which I use for beaming iTunes music to the living room stereo), both are currently secured with 128-bit wireless security and I did not change anything in them for the purpose of this video. My “word list” is just the standard dictionary word list that comes with most any UNIX distribution (like Mac OS X) and resides in /usr/share/dict/.
So here’s the scary part, from the time it started scanning for wireless networks to the time I was able to crack both wireless network keys (which is all you need to gain access to the wireless network), it took right around 60 seconds. Check out this video…
Even as a relatively knowledgeable tech guy, this seems like utter insanity to me. Okay, obviously I didn’t have some crazy, ultra-secure password for my networks, but I would guess 90% of all the wireless network passwords out there are based on simple (easy to remember) word(s). After doing some reading, an “ultra-secure” password/MD5 seed would be relatively useless anyway… all it would do is force the attacker to spend 10 minutes on it instead of 10 seconds (see this FAQ and this FAQ), all of which is easily done from the kismac Network menu. It doesn’t even matter if you setup your wireless network to be public or not, because kismac can see it even if the base station isn’t showing the SSID publicly.
I’m going to poke around and see how secure RADIUS authentication is for a wireless network, but even if RADIUS is more secure, what normal person is going to have the technical knowledge and an extra few thousand dollars to setup and run a RADIUS server for their wireless network? I’m not even sure if I want to run a wireless network anymore to be honest… or maybe shut them down except for the times I’m actually using them (talk about annoying though).
MacBook Wi-Fi hack exposed
A claimed security hole in Apple's MacBook has been exposed as a misrepresentation.
Earlier this month, a researcher at SecureWorks said he had revealed a vulnerability in the laptop's wireless software driver that would allow him to take control of the machine. There was a vulnerability but it was exploited by using a third-party wireless driver rather than the one that ships with the MacBook.
"Despite SecureWorks being quoted saying the Mac is threatened by the exploit demonstrated at Black Hat, they have provided no evidence that in fact it is," said an spokeswoman. "To the contrary, the SecureWorks demonstration used a third party USB 802.11 device - not the 802.11 hardware in the Mac - a device which uses a different chip and different software drivers than those on the Mac. Further, SecureWorks has not shared or demonstrated any code in relation to the Black Hat-demonstrated exploit that is relevant to the hardware and software that we ship."
SecureWorks researcher David Maynor and "Johnny Cache" demonstrated the vulnerability at the Black Hat conference using a MacBook. Maynor told the Washington Post at the time that they demoed the flaw on the Mac because of the "Mac user base aura of smugness on security".
SecureWorks' website has been updated since the demonstration to reflect that fact a third-party driver had been used in the demonstration:"Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver - not the original wireless device driver that ships with the MacBook. As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available."
Only yesterday, Cisco put a big questionmark over another claimed security hole in its firewall. Despite claiming that it was "really easy" to exploit, Cisco has so far been unable to replicate the problem.
Earlier this month, a researcher at SecureWorks said he had revealed a vulnerability in the laptop's wireless software driver that would allow him to take control of the machine. There was a vulnerability but it was exploited by using a third-party wireless driver rather than the one that ships with the MacBook.
"Despite SecureWorks being quoted saying the Mac is threatened by the exploit demonstrated at Black Hat, they have provided no evidence that in fact it is," said an spokeswoman. "To the contrary, the SecureWorks demonstration used a third party USB 802.11 device - not the 802.11 hardware in the Mac - a device which uses a different chip and different software drivers than those on the Mac. Further, SecureWorks has not shared or demonstrated any code in relation to the Black Hat-demonstrated exploit that is relevant to the hardware and software that we ship."
SecureWorks researcher David Maynor and "Johnny Cache" demonstrated the vulnerability at the Black Hat conference using a MacBook. Maynor told the Washington Post at the time that they demoed the flaw on the Mac because of the "Mac user base aura of smugness on security".
SecureWorks' website has been updated since the demonstration to reflect that fact a third-party driver had been used in the demonstration:"Although an Apple MacBook was used as the demo platform, it was exploited through a third-party wireless device driver - not the original wireless device driver that ships with the MacBook. As part of a responsible disclosure policy, we are not disclosing the name of the third-party wireless device driver until a patch is available."
Only yesterday, Cisco put a big questionmark over another claimed security hole in its firewall. Despite claiming that it was "really easy" to exploit, Cisco has so far been unable to replicate the problem.