From man-in-the-middle attacks to GPU accelerated password cracking, and voiding warranties
Get Ready for Defcon 2011
2 Comments
Hak5 is packed and ready for Def Con 2011! This year, Darren, Paul, and I will be in Las Vegas all weekend- from Wednesday night through Sunday- compiling a delightful Hak5 episode for you to enjoy. We hope to get some good coverage and photos, so show off your Hak5 tshirt! If you see us, make sure to stop by and say hello!
WiFi Pineapple Flashing Guide – Building or Unbricking
48 Comments
WIFI PINEAPPLE VERSION 2 ONLY. THIS WILL NOT WORK WITH THE WIFI PINEAPPLE VERSION 3.
Whether your new to Jasager or you’ve made a configuration change you wish you hadn’t, doing a fresh WiFi Pineapple install is a breeze. This guide walks you through the steps required to flash compatible WiFi Pineapple hardware with the latest version of Robin Wood’s Jasager firmware as well as default configurations and and packages. (more…)
Session Hijacking with a WiFi Pineapple in Windows
7 Comments
In this segment Darren talks about Session Hijacking and demonstrates a tool from Errata Security called Hamster and Ferret that, in conjunction with a WiFi Pineapple, an ICS’d 3G connection and Tftpd32 we’re able to “sidejack” with our little man-in-the-middle setup. Lesson learned? Be suspicious of any wifi. Check for signatures of trusted networks and tunnel your traffic. (more…)
WiFi Pineapple: your first connection
21 Comments
So you’ve built, borrowed or bought a WiFi Pineapple and you’re new to OpenWRT and Jasager. Hopefully this guide will familiarize you with the many aspects of the the WiFi Pineapple. If you have specific questions please leave a comment or email feedback@hak5.org and we’ll try to keep this page updated.
This article will guide you through connecting to the WiFi Pineapple for the first time. For more in-depth how-to’s involving command line control, modules, using the white and black listing functions, sharing Internet access and more please consult the Jasager board on the Hak5 forums and keep an eye on the WiFi Pineapple category of the Hak5.org blog for future articles on these topics. (more…)
Phishing with a WiFi Pineapple
48 Comments
This guide builds on the Auto-Rickroll payload for the WiFi Pineapple. Following this guide you will be able to create a self-contained WiFi Pineapple or similar OpenWRT based wireless access point serving up faux websites to capture login credentials. The purpose of this article is to point out the simplicity of a phishing attack using the dnsmasq technique of the Auto-Rickroll payload, and how you can protect yourself from similar attacks. See the mitigation section at the bottom of the article for defense advice. (more…)
Auto-Rickrolling WiFi Pineapple
26 Comments
John Bebo’s Auto-Rickroll payload for the WiFi Pineapple is an excellent example of using Dnsmasq to forward targets to a hosted site. While this site could be malicious, perhaps hosing the Browser Exploitation Framework, Bebo’s payload is a safe and simple prank. Any web site a victim attempts to browse to brings them to a WiFi Pineapple hosted page containing Rick Astley ASCII Art and looping audio. It uses a similar technique employed by Captive Portals – something we’ll explore in more detail soon – except a lot more annoying. (more…)
Blacksheep – Firesheep defense
4 Comments
This segment, Shannon demonstrates some protecting from Firesheep using; BlackSheep.
ARP Spoofing with DSniff
8 Comments
This segment with Darren he demos a couple of tools for us linux folks.
HakTip – XARP to Detecting ARP Cache Poison Attacks
0 Comments
In this Haktip Darren shows how to detecting ARP Cache Poison Attacks in Windows and Linux using XARP
HakTip – Session hijacking with Firesheep
4 Comments
In this haktip Shannon shows us the setup and use of the cookie steeling tool Firesheep to hijack Darren’s twitter session.
HakTip – ARP Cache Poisoning Attacks on Windows
9 Comments
Shannon shows us how to perform arp cache poisoning attacks with ease.
HakTip – Crafting packets with HPING3
0 Comments
Hping3 is a TCP/IP packet assembler. It’s modeled after the unix ping command
USB Device Tracking
3 Comments
If you’ve ever used a USB storage device and wondered how stealthy you can be with them, you’re in for a scare. Windows XP logs pretty much everything you’d want to know about that USB key in the registry each time it’s plugged in and written to.
Armitage for Metasploit Setup Walkthrough
1 Comments
Rob Fuller and Raphael Mudge talk about Armitage; a cross-platform GUI front-end for Rapid7′s Metasploit. Mudge demonstrate setting up the software, scanning for targets, attacking hosts with client side attacks or remote exploits, and finally pivoting throughout the network using pass-the-hash techniques.
IPv6 from the Pentesters Perspective
1 Comments
This demonstration Mubix joins us to add persistance to our penetration testing with a little Metasploit, Microsoft, and IP version 6.
Tools for Messing Around with DNS
1 Comments
This segment Darren goes over some of the tools to do some interesting things with DNS and hak6.org.
The Stoned Bootkit
0 Comments
Shannon after hijacking someone else’s set brings us the Stoned Bootkit.
Magic Lantern Beta Check
0 Comments
Jason and Darren check out the latest Magic Lantern firmware for the Canon 550D.
Hacking the Motorola Droid: Root Access!
20 Comments
As expected the Motorola Droid has been rooted. That is to say there’s a hack that’ll unlock SU, or super user privileges on the phone. The hack is essentially su bundled in an unsigned update that can be run from the SD card. The unlocking process, which has changed since introduction, is outlined at this AllDroid.org forum thread.
(more…)
Strip SSL security with a man-in-the-middle attack
15 Comments
Darren demonstrates a little man-in-the-middle attack using SSLStrip, an epic tool for removing that pesky encryption from your victims browsing session. Go from secure site to clear-text passwords in one simple step.
Metasploit 101 with Mubix
9 Comments
After much request we’ve dedicated an episode to every hackers favorite framework, Metasploit. Room362.com’s very own Rob Fuller (aka Mubix) joins us in studio to show us the basics of exploiting and the power of auxiliary modules.
Hacking PPTP VPNs with ASLEAP
3 Comments
Darren demonstrates cracking Microsoft VPN tunnels using the MS-CHAPv2 authentication protocol using Joshua Wright’s tool ASLEAP and talks about the theory behind the attack.
Bypass filters with your own Web Proxy
8 Comments
The age old scheme for bypassing restrictive firewalls, like those that block sites at school or work, has been to use a web proxy. Of course this is followed up by the network administrator blocking all mainstream proxies. But what if you could run your own? Well, you can and it’s really freaking easy. In this segment Darren demonstrates PHProxy
(more…)
School firewall evasion with SSH & Proxies
7 Comments
Never again have your curious Google searching or social networking adventures be thwarted by your school or office firewall. Darren show off free and easy ways to bypass the filters using SSH or your own homegrown web proxy.
Unlocking Linux on the Zipit Z2, a $50 hacktop
11 Comments
The Zipit Z2 is an inexpensive wireless handheld instant messaging device by Zipit Wireless. It sports WiFi, a color 320×240 display, backlit keyboard and similar CPU and memory to that of a last-gen smart phone.
It’s also a prime candidate for some hacking. In this segment we’ll unlock the device and install Debian, X, and Pidgin. The Z2 also has potential for emulators, video streaming and more.
Darren on Discovery: Hackers Versus Cyber Criminals
18 Comments
Darren Kitchen, hacker and host of tech show Hak5, says why hacking isn’t the same thing as cyber crime. Jorge Ribas sits down with him to find out the difference.
Read on to watch the video.
Build a touchscreen LCD on the cheap
1 Comments
Adding a touch screen to a LCD is pretty straight forward and fairy inexpensive. There are a few different places to get the touch screen kit, we got ours from ebay for around 80 bucks + shipping. Dealextreme.com has a small selection of smaller touch screen kit perfect for netbooks, because they come with a controller made to connect internally instead of external usb. When buying a kit to make sure it comes with the matching controller to avoid any head aches.