Personal Web Space

Posts Tagged "packet sniffing"

Crack WEP using KisMAC

By on Jun 7, 2010 in Blog | 0 comments

Things you need: An Intel based macbook (other may work) Time! First thing you need to do is to download and install KisMAC. You can do this from Then launch the program and open Preferences. Go to Driver tab, select Apple Airport Extreme card, passive mode and click Add. Then Select All channels and Keep everything. Make sure Start Channel is set to 1. Close the dialog box. Click on Start Scan on the main window. You will be asked to enter the Admin password since you have to have admin rights to use the Airport cards. Note the channel of the WEP-SSID you want to crack. In this case the channel is 11, so we must stop the scanning process, go back to the Preferences and change the channels from All, to only 11. Then restart the scanning. While scanning go to the top right corner of the window, press on the magnifying glass and select SSID and type name of the network you want to crack in the field next. This will filter the output and you will only see what you need. In the main window you should now see only the network that you are interested in. Double click on it to open a new window. Scroll down the left-hand side of the window until you find the Unique IVs. It is recommended that you should continue collecting packets until that number reaches at least 100,000. This will take a LOT of time though. A way to speed up this process is to use packet reinjection (Network -> Reinject Packets) but you need a USB wireless card to do this because the build in Airport does not support this. To crack the password go to Network -> Crack -> Weak Scheduling Attack -> against both. To download the instructions in a pdf format click...

Read More

Packet Sniffing with WireShark

By on Jun 6, 2010 in Blog | 0 comments

Download and install Wireshark from Launch the application. Go to Capture -> Options. Select the interface for the wireless network card and tick Capture packets in promiscuous mode. Then press Start. MSN conversation hack: Wireshark will start capturing packets that flow around. Among others we notice at the protocol field the MSNMS (Microsoft Network Messenger Service). This is the protocol used for exchanging instant messages between clients in the Microsoft Messenger service. Each line represents a captured frame and the sniffer logs the sequence in which the packets received, the time, the source, the destination, the protocol and some other information. In the next block we can observe information about the protocol used and at the lower part of the figure we can observe the hexdamp form of the captured frame. Using the Filter field we can concentrate on specific information. By typing MSNMS it will only display the packet of the specified protocol. Right click on the packet you want to sniff and select Follow TCP Stream.  This option does exactly what is says, it follows the specific sequence of packets used in this session. Select the ASCII option from the bottom right corner of the dialog box. The following is a cut down version of what will appear in the dialog box. ANS 88;{33C41B80-C54D-4FE6-8E31-5362BD8D23A6} 142171146.40169236 1084207748 IRO 88 1 2;{1cd9c7bd-3e5e-4160-ae5e-9d8766cc6c96} S,TeLi0s 2788999228:136240 IRO 88 2 2 S,TeLi0s 2788999228:136240 ANS 88 OK JOI Stavros 2789003324:136240 MSG S,TeLi0s 148 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-MMS-IM-Format: FN=Microsoft%20Sans%20Serif; EF=; CO=ff0000; CS=0; PF=22 GoodmorningMSG S,TeLi0s 93 MIME-Version: 1.0 Content-Type: text/x-msmsgscontrol TypingUser: MSG S,TeLi0s 149 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 X-MMS-IM-Format: FN=Microsoft%20Sans%20Serif; EF=; CO=ff0000; CS=0; PF=22 how are you?MSG 89 U 96 MIME-Version: 1.0 Content-Type: text/x-msmsgscontrol TypingUser: .................. Goddmorning stelios. I am ok and you?MSG S,TeLi0s 93 .................. fine thanks. What did you think of the test we had yesterday?MSG 92 U 96 .................. i thought it wasnt very difficultMSG 95 U 96 .................. i think i did very weelMSG 97 U 96 ................... sure, that sounds greatMSG S,TeLi0s 93 .................. ok meet there at 730?MSG 105 U 96 .................. ok see you thereMSG 107 U 96 MIME-Version: 1.0 Content-Type: text/x-msmsgscontrol...

Read More