Using wifite and reaver together gives us the possibility of obtaining WPA and WPA2passwords without using dictionaries.
In this post we will see how to install both tools on a Ubuntu machine and a small demonstration of use. Wifite documentation recommends installing other tools such as pyryt, cowpatty and tshark in order to verify WPA handshakes, but in this case we’ll install only reaver, since it’s all we need to attack networks with WPS encryption.
First we’ll download and install reaver:
# wget http://reaver-wps.googlecode.com/files/reaver-1.4.tar.gz
# tar -xzvf reaver-1.4.tar.gz
Before proceeding, we need to install auxiliary libraries:
# sudo apt-get install libpcap-dev sqlite3 libsqlite3-dev libpcap0.8-dev
Finally, we proceed to the installation:
# cd reaver-1.4
# cd src
# ./configure
# make
# sudo make install
Install wifite is equally simple:
# wget -O wifite.py http://wifite.googlecode.com/svn/trunk/wifite.py
# chmod +x wifite.py
# python wifite.py
Usually wifite is used with any of the available options. In this example we are interested in finding WPS enabled networks and, therefore, we run the program with the option:
# python wifite.py -wps
Automatically, wifite enables monitor mode on the network interface -obviously the device must have that capability- and scans looking for networks with WPS enabled. This process ends when they the user types Ctrl + C.
Then we’ll be asked about our targets. The procedure can be seen perfectly in the figure below. When targets are selected, wifite will use reaver to run a brute force attack on them. Now all you need is patience.
When the attack ends, wifite disables automatically monitor mode on the network interface and exits.
Other examples of usage can be found on the official website of wifite. Here are some examples:
to crack all WEP access points: ./wifite.py -all -wep
to crack all WPS access points with signal strength greater than (or equal to) 50dB: ./wifite.py -p 50 -wps
to attack all access points, use ‘darkc0de.lst‘ for cracking WPA handshakes: ./wifite.py -all –dict /pentest/passwords/wordlists/darkc0de.lst
to attack all WPA access points, but do not try to crack — any captured handshakes are saved automatically: ./wifite.py -all -wpa –dict none
to crack all WEP access points greater than 50dB in strength, giving 5 minutes for each WEP attack method, and send packets at 600 packets/sec:/wifite.py –pow 50-wept 300-pps 600
OPTION 1: Build it yourself
Build your dependencies from the repositories
sudo apt-get update
sudo apt-get install build-essential libpcap0.8 libpcap-dev libsqlite3-0 libsqlite3-dev
Download and untar the latest version of reaper (currently v1.4 from Google Code)
cd ~/Downloads
wget http://reaver-wps.googlecode.com/files/reaver-1.4.tar.gz
tar -xvvzf reaver-1.4.tar.gz
Compile and install
./configure
make
sudo make install
Congrats! You’ve installed reaper from source! To test your installation, run the commandwhich reaver in the terminal. If your installation has been set up in the proper directories, you should get a file path for the reaper executable something like this /usr/local/bin/reaver.
OPTION 2: Get the script to do it
After writing this guide, I figured I might as well write a bash script to make what was documented above that little bit easier and a couple minutes later it was complete. To use my script, just download it from the link below and then run it as an executable, remembering to set the executable bit with chmod or nautilus.
Setting Reaver as an executable through Nautilus
Running Reaver in the terminal
Howto: build Naemon from source for Ubuntu 12.04
It’s quite straight forward to build Naemon from source with Ubuntu, all required softwares can be found as packages from the standard repository
Install dependencies
sudo apt-get install bsd-mailx apache2 libapache2-mod-fcgid xvfb nagios-plugins git devscripts debhelper libmysqld-dev build-essential autoconf automake libtool dos2unix patch patchutils libmodule-install-perl gperf libgd2-xpm-dev yui-compressor
Get latest version of Naemon
cd ~/ git clone --recursive https://github.com/naemon/naemon.git
Update source (meta package may not be updated)
cd naemon
make update
Build Naemon
./configure
Create DEB
make deb
Install Naemon
cd ..
sudo dpkg -i naemon-core_*.deb naemon-livestatus_*.deb naemon-thruk-libs_*.deb naemon-thruk_*.deb naemon_*.deb
Restart Apache
sudo service apache2 restart
Change path to Nagios-plugins for Naemon
sudo vi /etc/naemon/resource.cfg
Find row: $USER1$=/usr/lib/naemon/plugins
Change to: $USER1$=/usr/lib/nagios/plugins
Reload config for Naemon
sudo service naemon reload
Howto: build Naemon from source for CentOS 6.5
CentOS are a bit of tricky since a lot of packages are not available from standard repository. We needs to download a lot of components and build from source.
Build Naemon
Install dependencies for Naemon
yum install xorg-x11-server-Xvfb dejavu-fonts-common svn httpd-devel rpm-build doxygen wget httpd mod_fcgid perl-YAML git autoconf automake libtool rpmlint gperf mysql-devel gcc-c++ perl-Module-Install perl-CPAN gd-devel expat-devel dos2unix patch patchutils
Enable epel repository, we need this for nagios-plugins and mod_fcgid
rpm -Uvh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
Install nagios-plugins and mod_fcgid
yum install nagios-plugins nagios-plugins-all nagios-plugins-nrpe nrpe mod_fcgid
Get latest version of Naemon
cd /usr/local/src/
git clone --recursive https://github.com/naemon/naemon.git
Ignore yui-compressor, are not available as a package
export THRUK_SKIP_COMPRESS=1
Update source (meta package may not be updated)
cd naemon
make update
Create compiler configuration
./configure
Create RPM
make rpm
Disable SELinux, not supported by Thruk
setenforce 0
Make it persistent
vi /etc/selinux/config
edit row: “SELINUX=enforcing”
replace with: “SELINUX=disabled”
Install Naemon
cd ~/rpmbuild/RPMS/`uname -p`
rpm -i naemon-core-*.rpm naemon-livestatus-*.rpm naemon-thruk-*.rpm naemon-thruk-libs-*.rpm naemon-*.rpm
Enable new services on boot and start them
service iptables stop #This is just for testing and will restart the firewall after reboot, please adjust your IP-tables accordingly
chkconfig httpd on && service httpd start
chkconfig naemon on && service naemon start
chkconfig thruk on && service thruk start
Done!
How to build monitoring-plugins for CentOS 6.5 for Naemon
This is a quick guide how to build monitoring-plugins (formerly known as nagios-plugins) on CentOS 6.5 (64-bit) for Naemon
cd ~/
# Get monitoring-plugins source
wget https://www.monitoring-plugins.org/download/nagios-plugins-1.5.tar.gz
tar -xzvf nagios-plugins-1.5.tar.gz -C /usr/local/src/
rm -rf nagios-plugins-1.5.tar.gz
# Get qstat precompiled package, can't find source code to build from source
wget http://pkgs.repoforge.org/qstat/qstat-2.11-1.el6.rf.`uname -p`.rpm
rpm -i --nosignature qstat-2.11-1.el6.rf.*.rpm
rm -rf qstat-2.11-1.el6.rf.*.rpm
# Get fping source
wget http://fping.org/dist/fping-3.8.tar.gz
tar -xzvf fping-3.8.tar.gz -C /usr/local/src/
rm -rf fping-3.8.tar.gz
# Get radiusclient-ng source
wget http://downloads.sourceforge.net/project/radiusclient-ng.berlios/radiusclient-ng-0.5.6.tar.gz
tar -xzvf radiusclient-ng-0.5.6.tar.gz -C /usr/local/src/
rm -rf radiusclient-ng-0.5.6.tar.gz
# Get lmutil, this is a tricky one. lmstat is the component that are required but it's
# not longer available. All little tools have been incorporated within lmutil but
# we can create a substitute that will work
wget http://www.globes.com/products/utilities/v11.12/lmutil-x64_lsb-11.12.0.0v6.tar.gz
tar -xzvf lmutil-x64_lsb-11.12.0.0v6.tar.gz -C /usr/local/bin/
rm -rf lmutil-x64_lsb-11.12.0.0v6.tar.gz
chmod +x /usr/local/bin/lmutil
echo \#\!/bin/bash > /usr/local/bin/lmstat
echo /usr/local/bin/lmutil lmstat \"\$\@\" >> /usr/local/bin/lmstat
chmod +x /usr/local/bin/lmstat
# Build and install radiusclient-nt
cd /usr/local/src/radiusclient-ng-0.5.6
./configure
make
make install
# Build and install fping
cd /usr/local/src/fping-3.8/
./configure
make
make install
# Install dependencies
yum install net-snmp-utils postgresql-devel libdbi-devel bind-utils samba-client
# Install perl modules
PERL_MM_USE_DEFAULT=1 perl -MCPAN -e 'install Net::SNMP'
# Build and install nagios-plugins
cd /usr/local/src/nagios-plugins-1.5
./configure --with-nagios-user=naemon --with-nagios-group=naemon --libexec=/usr/lib64/naemon/plugins/
make
make install
smtpd instead of sendmail in OpenBSD
sendmail is in my opinion unessisary advanced and compicated for the most installations and there are a more simpler solution already in base for OpenBSD which is smtpd. This daemon is not active by default but it’s simple to change.
Stop sendmail
pkill sendmail
Edit /etc/mailer.conf and change to the following
sendmail /usr/sbin/smtpctl
send-mail /usr/sbin/smtpctl
mailq /usr/sbin/smtpctl
makemap /usr/libexec/smtpd/makemap
newaliases /usr/libexec/smtpd/makemap
hoststat /usr/libexec/sendmail/sendmail
purgestat /usr/libexec/sendmail/sendmail
Rebuild aliases database
newaliases
Make sure smtpd starts with the system and stop sendmail
echo “sendmail_flags=NO” >> /etc/rc.conf.local
echo “smtpd_flags=” >> /etc/rc.conf.local
Start smtpd
smtpd
Done!
Modifiy /etc/mail/smtpd.conf for your system, it’s a dream in comparison to sendmail
How to compile Reaver under Ubuntu 12.04 (and aircrack-ng)
This is a quick how-to compile and install Reaver under Ubuntu 12.04
Steps:
download source
install required libraries and tools
download and build aircrack-ng
compile and install
run =)
Download Source
First you need to download the latest source from http://code.google.com/p/reaver-wps/
wget http://reaver-wps.googlecode.com/files/reaver-1.4.tar.gz
Extract the tarball
tar -xzvf reaver-1.4.tar.gz
Install Required Libraries and Tools
Before you can build Reaver you need pcaplib and later on aircrack-ng (iw) to run Reaver
sudo apt-get install libpcap-dev sqlite3 libsqlite3-dev libpcap0.8-dev
Compile and Install
Build Reaver
cd reaver-1.4
cd src
./configure
make
Install Reaver
sudo make install
Download aircrack-ng source and build it
Since Ubuntu 12.04 aircrack-ng is not longer in the repository but you can still download it from source and compile it. It’s only one little tweak that need to be done since it will not build without the following errors.
johan@ubuntu-lab:~/aircrack-ng-1.1$ make
make -C src all
make[1]: Entering directory `/home/johan/aircrack-ng-1.1/src’
make -C osdep
make[2]: Entering directory `/home/johan/aircrack-ng-1.1/src/osdep’
Building for Linux
make[3]: Entering directory `/home/johan/aircrack-ng-1.1/src/osdep’
gcc -g -W -Wall -Werror -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=0 -fPIC -I.. -c -o osdep.o osdep.c
gcc -g -W -Wall -Werror -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=0 -fPIC -I.. -c -o network.o network.c
gcc -g -W -Wall -Werror -O3 -D_FILE_OFFSET_BITS=64 -D_REVISION=0 -fPIC -I.. -c -o linux.o linux.c
linux.c: In function ‘is_ndiswrapper’:
linux.c:165:17: error: variable ‘unused’ set but not used [-Werror=unused-but-set-variable]
linux.c: In function ‘linux_set_rate’:
linux.c:334:22: error: variable ‘unused’ set but not used [-Werror=unused-but-set-variable]
linux.c: In function ‘linux_set_channel’:
linux.c:807:22: error: variable ‘unused’ set but not used [-Werror=unused-but-set-variable]
linux.c: In function ‘linux_set_freq’:
linux.c:896:22: error: variable ‘unused’ set but not used [-Werror=unused-but-set-variable]
linux.c: In function ‘set_monitor’:
linux.c:1022:22: error: variable ‘unused’ set but not used [-Werror=unused-but-set-variable]
linux.c: In function ‘do_linux_open’:
linux.c:1366:12: error: variable ‘unused_str’ set but not used [-Werror=unused-but-set-variable]
linux.c:1352:15: error: variable ‘unused’ set but not used [-Werror=unused-but-set-variable]
linux.c: In function ‘get_battery_state’:
linux.c:1982:35: error: variable ‘current’ set but not used [-Werror=unused-but-set-variable]
cc1: all warnings being treated as errors
make[3]: *** [linux.o] Error 1
make[3]: Leaving directory `/home/johan/aircrack-ng-1.1/src/osdep’
make[2]: *** [all] Error 2
make[2]: Leaving directory `/home/johan/aircrack-ng-1.1/src/osdep’
make[1]: *** [osd] Error 2
make[1]: Leaving directory `/home/johan/aircrack-ng-1.1/src’
make: *** [all] Error 2
This is how to build aircrack-ng under Ubuntu 12.04
sudo apt-get install build-essential
sudo apt-get install libssl-dev
wget http://download.aircrack-ng.org/aircrack-ng-1.1.tar.gz
tar -zxvf aircrack-ng-1.1.tar.gz
cd aircrack-ng-1.1
Edit common.mak with vi as example
vi common.mak
Find the following row
CFLAGS ?= -g -W -Wall -Werror -O3
Remove “-Werror” so that it looks like this
CFLAGS ?= -g -W -Wall -O3
Save the file, build and install
make
sudo make install
Run
Reaver is now installed and ready to use. You will first need to put the wifi adapter info monitor mode before you can start and the most easiest way is to use airmon-ng (part of aircrack-ng) that you just installed.
First put your adapter info monitor mode, in my case it’s wlan0
sudo airmon-ng start wlan0
Run Reaver
sudo reaver -i mon0 -b 00:00:00:00:00:00
Replace MAC 00:00:00:00:00:00 with the actual AP:s MAC address to crack
Guide: How to make Gobi 2000 Wirless modem work under Ubuntu 12.04
Install 3G-modemet Sierra Wireless, Inc. Gobi 2000 Wireless Modem
This is a how-to install the 3G modem “Sierra Wireless, Inc. Gobi 2000 Wireless Modem” under Ubuntu 12.04 LTS (Precise Pangolin) with basic support for GPS
This guide should work with the following models:
Fujitsu CELSIUS H700
Fujitsu LIFEBOOK A530 / AH530
Fujitsu LIFEBOOK A550 / AH550 (Intel Gfx)
Fujitsu LIFEBOOK AH550 (NVidia Gfx)
Fujitsu LIFEBOOK E780 (Intel Gfx)
Fujitsu LIFEBOOK E780 (NVidia Gfx)
Fujitsu LIFEBOOK P3110
Fujitsu LIFEBOOK P770
Fujitsu LIFEBOOK P8110
Fujitsu LIFEBOOK PH530
Fujitsu LIFEBOOK S710
Fujitsu LIFEBOOK S760
Fujitsu LIFEBOOK T4410/ T4310
Fujitsu LIFEBOOK T580
Fujitsu LIFEBOOK T730
Fujitsu LIFEBOOK T900
Fujitsu LIFEBOOK TH700
Fujitsu LIFEBOOK UH900
and other models from HP, Lenovo and others with Sierra Wireless, Inc. Gobi 2000 Wireless Modem
First, control so that you really have the integrated modem in you computer with lsusb
johan@ubuntu-lab:~$ lsusb
Bus 001 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 002 Device 001: ID 1d6b:0002 Linux Foundation 2.0 root hub
Bus 001 Device 002: ID 8087:0020 Intel Corp. Integrated Rate Matching Hub
Bus 002 Device 002: ID 8087:0020 Intel Corp. Integrated Rate Matching Hub
Bus 001 Device 003: ID 1199:9000 Sierra Wireless, Inc. Gobi 2000 Wireless Modem (QDL mode)
Bus 001 Device 004: ID 04f2:b186 Chicony Electronics Co., Ltd
Bus 002 Device 003: ID 08ff:2550 AuthenTec, Inc.
Bus 002 Device 004: ID 1b96:0008 N-Trig
Bus 002 Device 005: ID 1690:0741 Askey Computer Corp. [hex]
Bus 001 Device 005: ID 1234:ffff Unknown
Install the wrapper for Gobi that is needed to load the 3G modem firmware and wine that you need to extract the firmware from the driver for the Microsoft Windows XP/Windows 7 installation packet.
johan@ubuntu-lab:~$ sudo apt-get install gobi-loader wine
Start a terminal and navigate to the path where you saved the download. In my case it’s in ~/Downloads.
johan@ubuntu-lab:~$ cd Downloads/
Extract the archive with command unzip FTS_SierraWirelessGobi2000HSUSBMobileBroadband_11180_1053221.zip
johan@ubuntu-lab:~/Downloads$ unzip FTS_SierraWirelessGobi2000HSUSBMobileBroadband_11180_1053221.zip
Navigate to the folder that just been created
johan@ubuntu-lab:~/Downloads$ cd 72-VR322-15_1.1.180
Use wine and the command msiexec to extract the drivers from the MSI-file. The files will be saved in the “virtual” c: for wine that’s really saved under ~/.wine/drive_c
johan@ubuntu-lab:~/Downloads/72-VR322-15_1.1.180$ wine msiexec /a GobiInstaller.msi /qb TARGETDIR="c:\temp"
Create the folder /lib/firmware/gobi and copy the driver to that path
johan@ubuntu-lab:~/Downloads/72-VR322-15_1.1.180$ sudo mkdir /lib/firmware/gobi
johan@ubuntu-lab:~/Downloads/72-VR322-15_1.1.180$ sudo cp ~/.wine/drive_c/temp/Images/Sierra/UMTS/* /lib/firmware/gobi/
johan@ubuntu-lab:~/Downloads/72-VR322-15_1.1.180$ sudo cp ~/.wine/drive_c/temp/Images/Sierra/0/UQCN.mbn /lib/firmware/gobi/
It’s now time to restart the computer to make the 3G modem to load it’s firmware and after that it will be visible in network-manager for example.
GPS
Some models of Gobi 2000 has internal GPS and it’s also possible to use but in my case the 3G modem is disappearing every time I communicate with the GPS and I have not solved that problem yet. If you have any tips that may solve this problem I would be happy.
Install any GPS client of your choice. I have chosen gpsd
johan@ubuntu-lab:~$ sudo apt-get install gpsd gpsd-clients
Configure gpsd
johan@ubuntu-lab:~$ sudo /lib/udev/gpsd.hotplug add /dev/ttyUSB2
johan@ubuntu-lab:~$ sudo dpkg-reconfigure gpsd
Enter /dev/ttyUSB2 as the path to the GPS
Start gpsd
johan@ubuntu-lab:~$ sudo service gpsd start
The GPS wont work until you tell it to do so and you need to manually start it with the following command. Please notice that the 3G modem will stop working as fast as you start to communicate with /dev/ttyUSB2
johan@ubuntu-lab:~$ sudo su -
root@ubuntu-lab:~$ echo "\$GPS_START" > /dev/ttyUSB2
To stop the GPS enter the following command
johan@ubuntu-lab:~$ sudo su -
root@ubuntu-lab:~$ echo "\$GPS_STOP" > /dev/ttyUSB2
Configure SSH for high security
There are some steps to do after SSH is installed on a system and there is a old saying that says “A chain is only as strong as its weakest link” and if you are using a weak password for your root account (or any other account) then you are extremely vulnerable. It does not matter if the communication is secure when you are easily brute forced. All steps is used on a Ubuntu 11.10 but should be the same on OpenBSD, Debian, Linux Mint or any other Linux distribution with none or very few modifications.
We are going to do the following steps
- Create certificate
- Set correct credentials to .ssh folder and files
- Shut down the possibility to log in with password
- Prevent root to log in via SSH
- Remove less secure encryption methods
- Enable visual identification of the server fingerprint
- Optional: Change SSH port (does really not not increase security)
Create certificate
We are going to use a RSA-key with a key length of 4096 bits. Open a terminal and enter the following “‘ssh-keygen -t rsa -b 4096″. 1024 bits key should be enough but better to be safe than sorry.
johan@johan-laptop:~$ ssh-keygen -t rsa -b 4096
Generating public/private rsa key pair.
Then you will be asked where to store the key. If you already got keys in id_dsa then you should enter another file name or your existing keys will be overwritten. If you are satisfied with the suggestion simply press enter.
Enter file in which to save the key (/home/johan/.ssh/id_rsa):
It’s now time to enter a password. Use a strong password with big and small letters, numbers and symbols. The password should also be unique and stored on a secure place like in a encrypted container like Keepass.
Enter passphrase (empty for no passphrase): 2sWf3+@/’?B>.%DpBU”r
Enter same passphrase again: 2sWf3+@/’?B>.%DpBU”r
Your identification has been saved in /home/johan/.ssh/id_rsa.
Your public key has been saved in /home/johan/.ssh/id_rsa.pub.
The key fingerprint is:
31:b0:be:0b:5b:7c:f1:79:65:e4:72:42:18:08:c4:8d
The key’s randomart image is:
+–[ RSA 4096]—-+
| o++ ..o. |
| Eoo .. |
| . o . . |
| . o o + |
| . S + |
| . o o o |
| . + o . |
| + o . |
| . . |
+—————–+
Enable the public key for authentication
The public key should be stored in ~/.ssh/authorized_keys and there can be more then one key for a single user. Just make a new row for each public key. If you key should be installed on the same system from where you just created the private key simply copy id_rsa.pub to authorized_keys
johan@johan-laptop:~$ cd ~/.ssh
johan@johan-laptop:~/.ssh$ cp id_rsa.pub authorized_keys
If you want to use the public key on another machine you could simply copy the public key using scp (secure copy). Please notice that you will replace existing authorized_keys if you already has one in place. To copy simply write the following command.
johan@johan-laptop:~/.ssh$ scp -p ~/.ssh/authorized_keys 192.168.0.1:.ssh/
johan@192.168.0.1’s password:
authorized_keys 100% 1839 1.2MB/s 00:00
Set correct credentials to .ssh folder and files
Make sure that your working folder is your home folder, replace “johan” with your username.
johan@johan-laptop:~/.ssh$ cd ~
johan@johan-laptop:~/.ssh$ sudo chown -R johan:johan .ssh
johan@johan-laptop:~/.ssh$ sudo chmod -R 600 .ssh
johan@johan-laptop:~/.ssh$ sudo chmod +x .ssh
Do a test log in to test the public key
johan@johan-laptop:~/.ssh$ ssh johan@localhostEnter passphrase for key ‘/home/johan/.ssh/id_rsa’:
After you entered the private key password you should have access to your machine, if not you will have to look for errors in the logs but I will not cover this in this guide.
Configure sshd
The next step is to modify sshd. All settings we will change is in the file /etc/ssh/sshd_config. Start to make a backup of sshd_config just in case.
johan@johan-laptop:/$ sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config_backup
Password:
Use desired editor to edit sshd_config. I prefer vi but I will use nano in this example
johan@johan-laptop:/$ sudo nano /etc/ssh/sshd_config
The following lines is going to be added or altered:
- PermitRootLogin yes
- #PasswordAuthentication yes
- Ciphers
PermitRootLogin no
root should never be used since it much more secure to use a regular user instead and then you need to perform a administrative task use the command sudo instead which gives you temporary administrative rights
We are also going to prevent the possibility to log in with password (you will be forced to use the private key). Find the rows which looks like this:
PermitRootLogin yes
Modify it to look like this
PermitRootLogin no
Find the row which look like this
#PasswordAuthentication yes
Modify it to look like this
PasswordAuthentication no
At the end Cipers is going to be added and it may not apply never installations but the default ciphers has not always been the best choices and sshd should be forced to only use the strongest ones.
Ciphers aes128-ctr,aes256-ctr,arcfour256,arcfour,aes128-cbc,aes256-cbc
Verify these entries:
- Protocol 2
- UsePrivilegeSeparation yes
- StrictModes yes
- RSAAuthentication yes
- PubkeyAuthentication yes
Save and exit
Restart to active the settings.
johan@johan-laptop:~/.ssh$ sudo service ssh restart
Password:
ssh start/running, process 2212
Enable visual identification of the servers fingerprint (Visual Host Key)
It’s not easy to verify and remember the fingerprint of a host since it’s a long hexadecimal string that may look like this one: ”31:b0:be:0b:5b:7c:f1:79:65:e4:72:42:18:08:c4:8d” , some one may have altered the DNS record so that you in fact are trying to authenticate to a rouge server and to remember that string is near impossible. . It’s more easy to remember a visual fingerprint but it’s still not bulletproof. It’s absolute best to verify the exact string every time and that is done by most SSH clients and for example openssh stored them in ~/.ssh/known_hosts and gives you a warning if it has changed.
Do the following to enable visual host key
Edit eider /etc/ssh/ssh_config witch effects all users on the system or ~/.ssh/config to enable it for a single user.
Add the following lines (“Host * is already at top of ssh_config)
Host *
VisualHostKey yes
Test and verify
It’s now time to test and verify. You should not be able to log in without your private key and password authentication should been disabled. You should also see your visual finger print when you tries to log in.
Your SSH should be more safe now but remember that SSH probably was the most secure software from the beginning with default settings and MySQL, Apache or any other system also has to be secured.
How to compile Reaver on Ubuntu 11.10
This is a quick how-to compile and install Reaver on a Ubuntu 11.10.
Steps:
- download source
- install required libraries and tools
- compile and install
- run =)
Download Source
wget http://reaver-wps.googlecode.com/files/reaver-1.3.tar.gz
Extract the tarball
tar -xzvf reaver-1.3.tar.gz
Install Required Libraries and Tools
Before you can build Reaver you need pcaplib and later on aircrack-ng to run Reaver
sudo apt-get install libpcap-dev aircrack-ng sqlite3 libsqlite3-dev
Compile and Install
Build Reaver
cd reaver-1.3
cd src
./configure
make
Install Reaver
sudo make install
Run
Reaver is now installed and ready to use. You will first need to put the wifi adapter info monitor mode before you can start and the most easiest way is to use airmon-ng (part of aircrack-ng) that you just installed.
First put your adapter info monitor mode, in my case it’s wlan0
sudo airmon-ng start wlan0
Run Reaver
sudo reaver -i mon0 -b 00:00:00:00:00:00
Replace MAC 00:00:00:00:00:00 with the actual AP:s MAC address to crack
.jpg)
