2010
03.23

News and updates…

Well it’s been in the making for a while. Due to certain events and health issues we’ve had trouble being consistent. Good for us, we’ve been able to work on our pet project. A all French language podcast :)
Loosely styled around Pauldotcom security weekly’s format, we try to inform and give out bits of information to people. We also try to entertain, but remember we are not professionals at this. No spoon feeding, you won’t learn to hack, penetrate or compromise systems, but you will learn basic information and where to start if you’re interested.

So far, we have 2 episodes available for download on iTunes, or direct links from our site.
Episode 1: We introduce ourselves, talk a bit about the Sulley Framework
Episode 2: Quick talk on Internet Explorer, Snort and Airdrop-ng
Here’s the RSS feed if you wish.

Keep in mind we’re knew at this, and will try to come out with new episodes once every 3 weeks to a month.

Also as a reminder, HackUS’s CTF is very close so check them out and get registered.
Hackfest.ca 2010′s Call for paper is also open, so if you’re interested or have something to say drop them an email

Hope you enjoy the podcast,
Have a good one.

2010
03.13

Hackus.org CTF soon upon us

Well, it’s almost time for Sherbrooke University’s CTF. You can get all the information at the HackUS.org site.
Everyone from Kioptrix.com will be participating…yes all 2 of us.

This 3 day event will be my first CTF experience. Should be interesting to see how my new-ish skills stack up to more seasoned and experienced computer geeks. Although I don’t consider myself a “hacker”, I expect we’ll do poorly compared to other teams. For example, the team from the Universite de Quebec a Montreal (UQAM) took first place at Hackfest.ca‘s CTF last novermber. I don’t expect to even come close to these guys. Our goal? 1 point..at least.

Nothing really security related on this post, just wanted to inform to whom ever is reading this, we’ll be reporting back from HackUS with a nice play-by-play of the CTF.

Remember to visit those sites I mentioned above, and also kioptrix.com

Have a good one,
LF

2010
03.09

Airdrop-ng.. what I’ve learned

It’s been sometime since I’ve posted something, and I apologize. Changed jobs, then the training and getting used to the new people and work environment (which is still on going) has prevented me from investing time into learning new security related…stuff.

Well today I took the time to try out “airdrop-ng”. The new de-authentication tool developed by TheX1le if I’m not mistaken. The basic premise behind this python application is pretty simple: prevent or allow connections to wireless access points to clients. Either by MAC address, vendor name etc. Or by the access point’s MAC and vendor etc.
You can prevent 1 specific client to connect to any access point in your area, or allow only that 1 client to connect. The possibilities are enormous. In a nutshell, you’re deciding who can connect, and to what they are connecting.

Here’s the video presentation of airdrop-ng at Schmoocon 2010 – here -

Installing airdrop-ng is quite simple (as usual I’m using Backtrack 4):
I suggest reading the README file.

root@bt:~# apt-get install python-psyco
root@bt:~# cd /pentest/wireless/
root@bt:/pentest/wireless# svn co http://trac.aircrack-ng.org/svn/trunk/scripts/airdrop-ng
root@bt:/pentest/wireless/airdrop-ng/python install.py
root@bt:/pentest/wireless/airdrop-ng/airdrop-ng -u #this is to update the OUI text file

There you have it, it’s installed. Take the time to read the README file and examples and explanations found in the docs folder.

Using airdrop-ng is pretty easy (so far). For now I can only test it using 1 wireless card (second is one the way). It works with the single card, but I can see why it would better with 2.
Using only 1 card, you need to be specific in your rules file. For example, “d/ANY|ANY” won’t work as well as “d/ANY|Apple”. Since you need airodump-ng running the whole time airdrop-ng is. They seem to be battling each other for use of the card. Running the “d/ANY|ANY” with one card will generate lots of errors.
So “d/”AP MAC ADDY”|ANY” works also, but won’t completely deny access to the access point. As far as my tests here, my laptop would lose 50% of it’s pings. Although my laptop was still connected to the router, Internet access was pretty darn slow.

Guess that’s all for my findings on airdrop-ng so far. Once I get my second wireless adapter, I’ll be in a better position to experiment and report on it’s usage. TheX1le’s application is very nice, easy to use and understand. Besides a few typos in the documentation, it’s an easy read and something I suggest you do.

I’ll try and whip up a video of it in action in the next few weeks.
Thanks for reading, and remember to visit us at kioptrix.com