Episode 4x01
From Hak5
Contents |
[edit] Wifi Pineapples
[edit] Synopsis
In this episode Darren breaks out the wifi pineapple.
Mubix shows us some of the features of the open source forensics/intelligence tool Maltego (previously known as Evolution).
Shannon shows us Valve's Audiosurf
[edit] Segment One - The pineapple:
Darren opens up the pineapple and we get to see that there is some hardware concealed inside it, a fon router and a battery pack. Robin Wood helped put together the software side of things using Karma and madwifi. The project is known as Yasager (german for yes man)
The way this device works takes advantage of the way that windows/mac wireless authentication works. As Darren explains, when you turn your laptop/PC on it sends a probe request to determine where it is. If the computer finds a wireless network that it knows, it will connect to it.
The hacked Fon takes advantage of this, and when clients send the probe requests the Fon simply says "Yes man, I am it". Once the clients send a probe, the Fon has an AJAX interface that lists the MAC address and gives a drop down that allows basic functions such as DHCP to allow clients to associate.
Once clients are associated, there is the potential to do any sort of security testing such as Metasploit, port scanning, samba scanning etc..)
Darren states that the pineapple will be observed in further details in later episodes.
For information on madwifi goto [1]. For more information on
[edit] Segment Two - Maltego
Mubix shows us some of the things that Maltego can be used for. Maltego essentially finds links between data on the internet. For example, if we are to run a text transform on darren@hak5.org Maltego will try and find links on the internet to darren@hak5.org. As Mubix demonstrates, this finds Darren's facebook, flickr, linked in and a few other links to hak5.org, and the other cast member email addresses that he searches for.
Maltego allows options such as searching social networks, searching for sub domains (dns brute force) and a variety of other queries. The other example given is looking for metadata and PGP keys.
I've used Maltego and its quite easy to figure out, really not hard to use.
To get the free maltego edition for use goto [ http://www.paterva.com/maltego/] and download the community edition. Alternatively, Maltego is included in backtrack3 available from [http://www.remote-exploit.org/backtrack_download.html ]
[edit] Segment Three - Glary Utilities
Darren talks about a utility called Glary Utilities. Listing the most useful feature of this tool to be batch uninstall. If you think it could be useful you can obtain the program from [2]
[edit] Segment - Four Audiosurf
Shannon shows us how Audiosurf works, its an easy game that allows you to import your own music collection. The maps (a guitar hero layout that you race a ship over) is created using the music you import.
Audio-surf sure looks like some quick fun, if you would like to check it out it is available at [http://www.audio-surf.com/ ]