Government Security
Network Security Resources

Jump to content

Photo

Auditor Cd Tut (bootable Knoppix)


  • Please log in to reply
21 replies to this topic

#1 beardednose

beardednose

    Retired GSO First Lieutenant

  • Sergeant Major
  • 1,916 posts

Posted 25 January 2005 - 06:30 AM

Here's the beginnings of a tut I wrote for the Knoppix Auditor system. This tut goes into some of the wireless crack tools. Auditor is a CD that boots a Knoppix version of Linux and is fully functional.

I'd appreciate any comments you have on it, including of course, any boneheaded errors. (See the intro to the tut for more info and my intentions).

While I tried to write it for Linux noobs, in reality it's better if you have a bit of wireless and Unix experience. Having said that, I cut some of my Unix baby teeth on another Knoppix distro and this one was the best of the 3 similar bootable CD's I've used.

UNFORTUNATELY, I haven't finished my tut on Ethereal, which is key to using the wireless hacks. Anyone got a good tut on this? I couldn't find a simple one.

And, as usual, skip the THANKS posts (I'm presuming this may be worthy of a thanks or two, but we'll see) UNLESS you explain what you liked.
I'm also interested in what you DISliked or thought confusing....

Here's some helpful info I posted earlier which describes Auditor a bit -- I'd suggest you read this first...

http://www.governmen...ndpost&p=103875

Latest update:
05/09/05
• Added some more info on unmounting your USB drive.
• Corrected the cp command under Copying Files to Your Thumbdrive topic (nice catch, Packet!)
• Updated the Cracking WEP Keys LIVE with airodump & aircrack topic, explaining how to crack different size keys and how to change the fudge factor used to crack keys.
• Added Changing the fudge factor topic (for aircrack).


3/9/05 Note: When using aircrack, you can crack 64, 128, 256, and 512-bit keys. Just replace the "64" in the command with the key size you want to go after. Ex: # aircrack -n 128 AP36explosive.cap I'll update the tut next time around.

2/27/05 Update: I added much more Kismet info to this tut, plus a little more. Download the new version below! Version 2.1

Attached Files


Don't post just a THANKS! Here's why...

Forum Rules you need to know...RuLeS

#2 u533m3n0t

u533m3n0t

    Staff Sergeant

  • Sergeant Major
  • 267 posts

Posted 25 January 2005 - 07:36 AM

Hey BN,
Was going to try out Auditor, but the link kept yeilding this...

Fehler 404 - Datei nicht gefunden!

--------------------------------------------------------------------------------


Folgender Fehler ist aufgetreten:

Die angegebene URL wurde auf diesem Server nicht gefunden.
Bitte überprüfen Sie die Schreibweise der URL oder wenden Sie sich an den Webmaster.


Tried googling another link for it with no success. Do you know where another copy of it may be laying about? :)

BN says:
The mirrors are listed here:
http://new.remote-ex...Auditor_mirrors

Google this for the latest copy; you'll find it. Just be careful where you get it, of course: auditor-081004-01.iso.zip

Very Best Regards,
Johnny "U533m3n0t"
Firefighter/Paramedic

There are those who talk about it and those who do it. Which are you?

#3 tolf

tolf

    Specialist

  • Members
  • 108 posts

Posted 27 January 2005 - 07:30 PM

nice tut buddy....

BN Says:
I especially hate to whack folks on a topic I created, but I've said it some many times (and even said it above in my post!)

And, as usual, skip the THANKS posts (I'm presuming this may be worthy of a thanks or two, but we'll see) UNLESS you explain what you liked.



#4 jubbly

jubbly

    Private First Class

  • Members
  • 89 posts

Posted 28 January 2005 - 10:01 AM

Nice mate, the best bit i found was the usb drive cos I did loose data trying to save to my hdd.

As I'm still learning I also had problems with my g card (didn't realise gKismet) and ended up using a b card. Gonna give my wireless g card yet another go and see if i get better results.

#5 beardednose

beardednose

    Retired GSO First Lieutenant

  • Sergeant Major
  • 1,916 posts

Posted 28 January 2005 - 11:48 AM

I just got a G card, so I haven't tried it yet.

I haven't tried installing this to my HDD yet; anyone who does, pls report back.
Don't post just a THANKS! Here's why...

Forum Rules you need to know...RuLeS

#6 beardednose

beardednose

    Retired GSO First Lieutenant

  • Sergeant Major
  • 1,916 posts

Posted 08 February 2005 - 08:24 AM

Lost my G card. I confiscated it from a user, but it turned out to be innocent, so being the nice guy that I am (there is a soul under all that hair), I gave it back with a polite lecture. Guess the boss will just have to buy me one!
Don't post just a THANKS! Here's why...

Forum Rules you need to know...RuLeS

#7 wd_stroke

wd_stroke

    Private First Class

  • Members
  • 60 posts

Posted 08 February 2005 - 04:58 PM

It work like a charm on my DLink DWL-G520 Card....nothing to configure, just input SSID/Channel/WEP PASSCODE and that puppy connected to my AP. I must admitt this was byfar, the EASIEST version of Linux to work with my PCI card and Router (DLink DI-624). The instructions included by beardednose was AWESOME! The only problem I ran into was trying to tell it to monitor a single channel. Card ONLY recognize as atho0..whatever that is.

Connecting to insecure WIFIs was WAY easier than letting windows xp connection manager.

All-in-all...great from CD.

I ventured and installed to HDD. Most of the applications available from LiveCD was NOT installed to HDD. There was no selector/installation notice of applications to choose. That really chaffed my arse.

#8 SteveW

SteveW

    Sergeant

  • Sergeant Major
  • 241 posts

Posted 08 February 2005 - 05:45 PM

Downloading the cd now. My Netgear g card works but only on linux 2.6 kernels. I have kismet and aircrack working with it on fedora core 3.
Snort saved my Bacon!
AKA SgtRush

#9 Red Section

Red Section

    Private First Class

  • Members
  • 80 posts

Posted 09 February 2005 - 01:03 AM

Ok any one got it working out the box for a PCMCIA card, mine has just died and has now taken a part time job as a coffee mug mat <_<

So I need to know which ones you guys/gals have gotten to work, and no I cant just get another one the same as my olden, as the one I had was an old B card that was unbranded :(

Any help would be good.

#10 SteveW

SteveW

    Sergeant

  • Sergeant Major
  • 241 posts

Posted 09 February 2005 - 01:15 PM

Netgear WG511, but be carefull later version don't use the Prism54 driver.
Snort saved my Bacon!
AKA SgtRush

#11 beardednose

beardednose

    Retired GSO First Lieutenant

  • Sergeant Major
  • 1,916 posts

Posted 09 February 2005 - 01:31 PM

I have a Cisco 350 B that works as well as a long range wireless lan PC card (also a B card) from Simple Mobility (the one that came with the class).

Thanks for the tut input. Keep it coming. I have some Kismet info to add and a note about the cisco 350 card. Coming soon.

When you make comments about the tut, please indicate whether you're a Linux and wireless beginner, intermediate, or expert so I know from which perspective you come.

I couldn't find all high range G cards with external attenane like my Simple Mobililty B. Anyone know of any?
Don't post just a THANKS! Here's why...

Forum Rules you need to know...RuLeS

#12 Guest_Jay_*

Guest_Jay_*
  • Guests

Posted 26 February 2005 - 12:44 PM

Thanks for the tutorial BN. Apart from installing Linux sometime ago and a little bit of war driving with netstumbler, I would consider myself a newbie in both.

Recently I got a new card and antenna so I thought I would try it out.
I armed myself with a copy of WI-FOO the Secrets of Wireless Hacking which is very good and even has made me think about installing BSD.

I did notice that all I needed was iwconfig rather than the –a switch. Not sure if this is an error. Could not find the - a switch option in the man file.

Over all you made it really easy and walked me through. The tools are pretty intuitive and self-explanatory.

Just cannot wait for my high gain antenna to arrive now.

Seems to be many options for Kismet but have not had the chance to play properly with it yet so look forward to your next tutorial.

#13 Spookie

Spookie

    Staff Sergeant

  • Sergeant Major
  • 293 posts

Posted 27 February 2005 - 09:08 AM

I armed myself with a copy of WI-FOO the Secrets of Wireless Hacking

Very informative book for both those getting involved with wireless.

Recommend this reading material for those hum drum nights when you need a change of pace. Will make you want to get your wireless kit up and running in no time.

Current run is the MAC OS X laptop being wiped and having Linux Mandrake put on it.

Got a buddy who swears by this. I know everyone has there own flavor of linux that they prefer, just informing everyone of a possible solution they may want to look into.

Just cannot wait for my high gain antenna to arrive now.


War Driving Kit
Beauty is only a light switch away

#14 beardednose

beardednose

    Retired GSO First Lieutenant

  • Sergeant Major
  • 1,916 posts

Posted 27 February 2005 - 12:34 PM

2/27/05 Update: I added much more Kismet info to this tut, plus a little more. Download the new version by going up to the first post.

Let me know what you think.

Don't post just a THANKS! Here's why...

Forum Rules you need to know...RuLeS

#15 Jeeve5

Jeeve5

    Private First Class

  • Members
  • 83 posts

Posted 23 March 2005 - 02:55 AM

Quite a nice tutorial you wrote there mate. I like the WEP part. I think it covers the basics quite well. What I am missing though is that many APs as a additional security feature implement MAC Address filtering. So even if you have the WEP Key you cannot access their LAN since your WLAN card doesn't have the right MAC address.

I don't know if any of this is gonna be much help since I am myself just getting into the whole WLAN with Linux thing (used Windows before). First off. The MAC address is part of a TCP Packet's header. So if the admin is stupid and thinks MAC Address filtering is enough and doesn't enable WEP Encryption you can just sniff a bit of traffic and read the MAC Adresses in plain text with ethereal for example. After that you can use a tool, such as travesty to change your WLAN card's MAC Address. Beware of trying to connect though because AFAIK it will not work since two the same MAC Addresses are being used. So come back in the night and maybe you are lucky that you spoofed MAC Address isn't up anymore. Viovla, you should have access.

If WEP Encryption is enabled you have to crack the WEP Key first and then you can read the MAC Addresses from the TCP Packet Header.

Disclaimer: I just wrote the above written stuff from memory and haven't tried it myself. I am not sure if the procedure is right but I have done some research in the past and it seems like the right way to me. So please don't kill me if it's wrong just correct me ;) I am always eager to learn.

With that said. Thanks beardednose for the tutorial. Helped me a bit :)




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users