Posts
Stage 3: CowPatty
- Get link
- X
- Other Apps
CowPatty Stage 3 Introduction: Cowpatty being a tool that related to some of my interests I wanted to take a deeper look into how it works. At the start I understood the basics, feed it a 4-way handshake, SSID name and a dictionary file and it would spit out its best guess of the SSID. While Cowpatty has the ability to 'guess' the SSID's password, its only effective / used to audit networks that have poor / common / default passwords. Interestingly enough in this Defcon video titled "Weaponizing Your Pets: The War Kitteh and the Denial of Service Dog" - Provided he made his warkitteh sniff for packets and save them, he could attempt to hash SSID+handshake to get passcodes. He got quite the list of SSIDs, Some WEP which I dont think is a setting on new routers (hopefully). I do not condone Weaponizing you pets or strapping batteries to them, do not attempt. However, it was neat! Since CowPatty has to match keys it has to got through a large d
Lab3
- Get link
- X
- Other Apps
Compiled C Lab Let's start by writing the hello world. then with this saved we can run the compiler with the Flags specified gcc -g -O0 -fno-builtin hello.c Looking at the objdump header file for our program Objdump -f We see that: Were using an x86 platform File Format is in ELF ( Executable and Linkable Format) We can look at the specific selections of this output file by using objdump with -d flag which disassemble sections containing code Objdump -d This is our main! We can see the function call to printf with callq on line 5. The argument was moved into the register on line 4. - Static gcc -g -O0 -fno-builtin -static hello.c -o hellostatic objdump -s hellostatic The file was huge, when read wouldn't fit in the whole window! This is due to the .static flag. It causes the libraries to be included in the executable because it prevents dynamic l
Stage 2: CowPatty
- Get link
- X
- Other Apps
Introduction Firstly I want to mention you mentioned about hypervisor in class. I want it to be noted that I personally hate hypervisor, I havent really looked into its total purpose however it makes me hate windows 10. Since I use VMware and Android Studio anytime I was to use one or the other I have to turn hypervisor off, Its simply the worst Building On Aarchie Right off the bat, I knew I had to build it differently then I did for on my x86 systems running a different Linux. Once i figured out it was 'yum' as a package manager is was good to go, I had to install libraries as my make file was crashing, the error was related to libpcap not being installed, Once I ran sudo yum install libpcap-devel . my makefile ran fine and my program was able to build. Its great that I have CowPatty built however the test data I was supplied is quite small, I need to make the dictionary much larger. To do this Ill use john the ripper with the dictionary I was give
Cowpatty!
- Get link
- X
- Other Apps
For my project im going to be taking a look at cowpatty. I've used it before not with much success however I think it will be a great hash to take a look at as it seems to be a smaller project. "coWPAtty is a C-based tool for running a brute-force dictionary attack against WPA-PSK and audit pre-shared WPA keys. If you are auditing WPA-PSK networks, you can use this tool to identify weak passphrases that were used to generate the PMK." The owner of my repo was nice to comment where the hash is and ask for help! File - https://github.com/joswr1ght/cowpatty/blob/bc3c6896ba9b6504c994e32dc7e6737b525fe91b/sha1.c This function to me looks rather complected , I dont really know how to approach a problem like this however I am interested in finding out more! I think its best to start with the build flags, I've actually read up on forums and actually made an attempt to edit the makefile as for some reason I was getting a bufferoverflow. The s
Lab 1: Code Review
- Get link
- X
- Other Apps
Code Review Aircrack-ng Aircrack has not many contributors, 16, 4 of which are the main contributors. I found it interesting that issues / bugs are posted right to their Github with collaborators encouraged to fix any issues that are live. Upon viewing the live issues, a group of 3 or 4 people can be seen talking and comparing code in order to fix the issue. Some issues listed are ways they can improve the software. I think this is a good way to continue progression on making your software higher quality. GetTor The tor project is a great github, they tell you directly on the page how people can help. They strongly encourage their community to get involved and want people to look at the source code to learn what it does. The creators of this project also host presentations and demonstrations on how their project works along with future goals. Here is one of the creators speaking about the project. https://www.youtube.com/watch?