Lets Hack the Wi-Fi with backtrack

Welcome back, my Friends Today we are going to learn about the hacking of Wi-Fi. It sounds cool isn't it ? :) 

Now, you might be asking yourself, "Why would I want to hack Wi-Fi when I have my own Wi-Fi router and access ?" 

The answer is multi-fold.

1. if you hack someone else's Wi-Fi router, you can navigate around the web anonymously, or more precisely, with someone else's IP address.
2. Once you hack the Wi-Fi router, you can decrypt their traffic and use a sniffing tool like Wireshark or tcpdump to capture and spy on all of their traffic. 
3. If you use torrents to download large files, you can use someone else's bandwidth, rather than your own. (Its sounds better :P)

Let's take a look at cracking WEP with the best wireless hacking tool available with backtrack aircrack-ng! 

Step 1: Open Aircrack-Ng in BackTrack

Let's start by firing up BackTrack and make certain that our wireless adapteris recognized and operational.

• iwconfig

Let's note that our wireless adapter is recognized by BackTrack and is renamed wlan0. Yours may be wlan1 or wlan2.

Step 2: Put the Wireless Adapter into Monitor Mode

Next, we need to put the wireless adapter into monitor or promiscuous mode. We can do that by typing:

• airmon-ng start wlan0

Note that the interface's name has been changed to mon0 by airmon-ng.

Step 3: Start Capturing Traffic

We now need to start capturing traffic. We do this by using the airmon-ng command with the monitoring interface, mon0.

• airodump-ng mon0

As we can see, we are now able to see all the APs and clients within our range!

Step 4: Start a Specific Capture on the AP

As you can see from the screenshot above, there are several APs with WEP encryption. Let's target the first one from the top with the ESSID of "mandela2." Let's copy the BSSID from this AP and begin a capture on that AP.

• airodump-ng --bssid 00:25:9C:97:4F:48 -c 11 -w WEPcrack mon0

This will start capturing packets from the SSID "mandela2" on channel 11 and write them to file WEPcrack in the pcap format. This command alone will now allow us to capture packets in order to crack the WEP key, if we are VERY patient.

But we're not patient, we want it now! We want to crack this key ASAP, and to do that, we will need to inject packets into the AP.

We now need to wait for someone to connect to the AP so that we can get the MAC address from their network card. When we have their MAC address, we can spoof their MAC and inject packets into their AP. As we can see at the bottom of the screenshot, someone has connected to the "wonderhowto" AP. Now we can hasten our attack!

Step 5: Inject ARP Traffic

To spoof their MAC and inject packets, we can use the aireplay-ng command. We need the BSSID of the AP and the MAC address of the client who connected to the AP. We will be capturing an ARP packet and then replaying that ARP thousands of times in order to generate the IVs that we need to crack WEP.

• aireplay-ng -3 -b 00::09:58:6F:64:1E -h 44:60:57:c8:58:A0 mon0

Now when we inject the ARPs into the AP, we will capture the IVs that are generated in our airodump file WEPcrack.

Step 6: Crack the Password

Once we have several thousand IVs in our WEPcrack file, all we need to do is run that file against aircrack-ng, such as this:

• aircrack-ng WEPcrack-01.cap

If we have enough IVs, aircrack-ng will display the key on our screen, usually in hexadecimal format. Simply take that hex key and apply it when logging into the remote AP and you have free wireless!

If you have any dought feel free to ask in the comment section

Note: If you enjoyed this post, you might want to Follow our Twitter or become our Facebook fan.  You will get all the latest updates at both the places. And also don't be selfish Share this post with your friends

Read More

Creating Directories & Files in backtrack

In my previous post about the basics of backtrack we discussed the importance of hackers using Linux and the structure of the directory system. We also looked briefly at the cd command. In this second Linux guide, I'll spend a bit more time with changing directories, listing directories, creating files and directories, and finally, getting help.


Change Directory (Cd)

We can change directories in multiple ways with cd. As I showed you in my previous article, we can use cd .. to move up one level in the directory tree. We can also move directly to the root directory by typing cd / or move to our home directory by cd ~.

More often, we will use cd to move to a directory by using the absolute path of the directory. This mean that we write out the entire path of the directory we want to move to after cd. We can also move to the directory by using the relative path of the directory. This means that we don't need to write the entire path, but simply use the path that we're currently in and append to it. Let's look at some examples.

Let's say we're in our root user directory in BackTrack and we want to move to the aircrack-ng directory . We can simply type:

• bt > cd /pentest/wireless/aircrack-ng

This will take us directly to the aircrack-ng directory.

Now let's say we want to go to the scripts sub-directory within aircrack-ng. We could type out the full path to the sub-directory, but it's much simpler to type the relative path from where we are. We know we are/pentest/wireless/aircrack-ng, so type:

• bt > cd scripts

And that takes us to the scripts sub-directory within aircrack-ng or/pentest/wireless/aircrack-ng/scripts.

Once again, it's critical to emphasize that Linux is case sensitive, so typing the directory without the proper case will result in the error message, "no such file or directory".

Listing Command (Ls)

Once of most used and important commands in Linux is ls or list. This command is used to list the contents of a directory or sub-directory so that we can see the contents. It's very similar to the dir command in Windows. So let's use it in the aircrack-ng directory;

• bt > ls

We can see that Linux listed all the files and directories within the aircrack-ng directory. Linux allows us to modify its commands by using switches; these are usually letters preceded by the dash (-). With ls, it's helpful to use two of theses switches, -a and -l.

The -a switch means all, so when we use it, Linux will list all files and directories, even those that are hidden. When we use the -l switch, it gives us a long listing, meaning it gives us info on the security permissions, the size, the owner, the group of the file or directory, when it was created, etc.

Let's type:

• bt > ls -la

We'll examine more closely the security permissions in a later tutorial, but you must know that you need execute (x) permission on any file you want to execute. So, if you download a new tool, you must make certain that you have execute permission on it.

Create a File (Touch)

The create a file in Linux, it's a bit different from Windows. In Linux, we use the touch command. So, let's create a new file called newfile:

• bt > touch newfile

Now we can check to see if that file exists by doing a directory listing:

• bt > ls -la

Create a Directory (Mkdir)

Similar to Windows, we can create a directory by using the make directory command (mkdir). Let's now make a new directory.

• bt > mkdir newdirectory

Getting Help (Man)

Linux has a very useful utility called man. Man is the manual for nearly every command. If you should forget what a command does, simply typeman and the name of the command and it will display the manual with all the info you need about that command, its switches, and arguments. For instance, type:

• bt > man touch

With most commands, you can also use either the -h switch or the --helpswitch after the command to obtain "help" about a particular command. In the case of "touch", we must use the --help to obtain help on the touchcommand.

• bt > touch --help

And that's it for this brief tutorial on Linux for aspiring hackers. Make sure to check out the first part if you haven't already.

I'll be going more into depth in my next Posts , so keep coming back and Don't be selfish !

If you have any doubt feel free to ask in the comment section :) :) :) :) :)

Note: If you enjoyed this post, you might want to Follow our Twitter or become our Facebook fan.  You will get all the latest updates at both the places. And also don't be selfish Share this post with your friends

Read More

Interview With King Haxor

Hello, My friends . Today, we conducted first ever Interview with the King haxor . Yes, Member of  PAKISTAN HAXORS CREW (PHC) One of the top hacker of Pakistan and one of the best hacker in the world. We asked personal to hacking related questions. We try to cover things in every perspective. We are very thankful to King haxor  for giving us his precious time.

Ok Let's start 

Q: Hi King Haxor , thanks for giving us your precious time. First of all  please introduce yourself to our Readers.

A: Hi Hi this is KING_HAXOR From PAKISTAN work with PAKISTAN HAXORS CREW

Q: Could you introduce your crew  to our Readers.

A: Pakistan Haxors Crew is the Hacking Crew which all the time support the innocent people Voice and Supporting Kashmir, and Palestine

|| Azhar Haxor || ASif Haxor || Hunter Khan || KinG_HaXoR || D4NY4l PHC || Anon Rdx || Zaryab Jamil || PwrinCe PHC || Syed Wajeeh Hyder ||

This is our crew 

Q: When and why did you start hacking?

A: i started hacking in previous year 2013 , i just seen some hackers they wrote thier names on website page. that's why i get some attraction towards it

Q: Can you tell me your actual age?

A: 14

Q: What you used to do, when you were not a hacker?

A: i was simple student , and just playing PC games

Q: Could you remember the first site you hacked ?

A: Yes it is http://kent.com.bd 

Q: How You select Your targets?

A: I target anti Muslim , Anti Pakistan , Anti ISLAM sites

Q: Do you work for any government organizations like FIA ?

A: No

Q: What kind of method you used to hack websites?

A: SQLI, BLIND SQLI, ASP , XSS , EXPLOITS, SYMLINK , ROOTING

Q: Do you ever attack on your own country Pakistani Sites? If yes why ?? 

A: Yes, Some time just for security reminder

Q: Define Hacktivism ?

A: As i think so Hacktivism is the act of hacking, or breaking into a computer system... Simple

Q: What do you think of other Hacker groups?

A: Other hacking groups also doing well , i don't know so much about other country hackers but in PAKISTAN hackers doing well

Q: What are your future plans?

A: Want to continue my IT as in future also

Q: What kind of advice would you have for new Hackers?

A: I am also new hacker in the cyber world , but as i learn t form my seniors they suggest me to work hard and give a proper time to study and to HACKING

Q: What do you think about Pakistan Cyber Security ?

A: I think some sites have pretty much but as all experts hackers say " No one is Safe In this Cyber World "So PAKISTAN's sites have many security holes in thier sites and database

Q: Have you ever thought of working for a company to help protect against hackers?

A: No , i want to work for hackers and to support them

Q: It is nice to talk to you. What do you think about our blog ?

A: Thats good but u have to work on your SEO , and get some traffic

Mirrors of King Haxor 

• http://www.hack-mirror.com/hacker/KinG_HaxoR/all.html
• http://www.zone-h.org/archive/notifier=king_haxor

Do you want to connect with King haxor Click here 

Read More

Backtrack 5 Basics for the aspiring hacker

Welcome back, my dear friends!

For those of you who've never used Linux (specially backtrack), I dedicate the next few posts (tutorials) on the basics of Linux with an emphasis on the skills you need for hacking. So, let's open up Backtrack. (To know the way of installing backtrack 5 click here )

Open a terminal  

To become proficient in Linux, you MUST master the terminal. Many things can be done now in the various Linux distributions by simply pointing and clicking, similar to Windows or Mac OS, but the expert hacker must know how to use the terminal to run most of the hacking tools.

So, let's open a terminal by clicking on the terminal icon on the bottom bar. That should give us a screen that looks similar to this.

If you've ever used the command prompt in Windows, the Linux terminal is similar, but far more powerful. Unlike the Windows command prompt, you can do EVERYTHING in Linux from the terminal and control it more precisely than in Windows.

It's important to keep in mind that unlike Windows, Linux is case-sensitive. This means that "Sivarathan" is different from "sivarathan" which is different from "SIVARATHAN". Those who are new to Linux often find this challenging, so try to keep this in mind.

Examine the directory structure

Let's start with some basic Linux. Many beginners get tripped up by the structure of the file system in Linux. Unlike Windows, Linux's file system is not linked to a physical drive like in Windows, so we don't have a c:\ at the beginning of our Linux file system, but rather a /.

The forward slash (/) represents the "root" of the file system or the very top of the file system. All other directories (folders) are beneath this directory just like folders and sub-folders are beneath the c:\ drive.

To visualize the file system, let's take a look at this diagram below.

It's important to have a basic understanding of this file structure because often we need to navigate through it from the terminal without the use of a graphical tool like Windows Explorer.

A couple key things to note in this graphical representation:

• The /bin directory is where binaries are stored. These are the programs that make Linux run.
• /etc is generally where the configuration files are stored. In Linux, nearly everything is configured with a text file that is stored under /etc.
• /dev directory holds device files, similar to Windows device drivers.
• /var is generally where log files, among other files, are stored.

Using pwd

When we open a terminal in BackTrack, the default directory we're in is our "home" directory. As you can see from the graphic above, it's to the right of the "root" directory or one level "below" root. We can confirm what directory we are in by typing:

• bt > pwd

pwd stands for "present working directory" and as you can see, it returns "/root" meaning we're in the root users directory (don't confuse this with the top of the directory tree "root." This is the root users directory).

pwd is a handy command to remember as we can use it any time to tell us where we are in the directory tree.

Using cd command

We can change the directory we're working in by using the cd (change directory) command. In this case, let's navigate "up" to the top of the directory structure by typing:

• bt > cd ..

The cd command followed by the double dots (..) says, "move me up one level in the directory tree." Notice that our command prompt has changed and when we type pwd we see that Linux responds by telling us we are in the "/" or the top of the directory tree (or the root directory).

Using whoami Command 

In our last lesson of this tutorial, we'll use the whoami command. This command will return the name of the user we're logged in as. Since we're the root user, we can log in to any user account and that user's name would be displayed here.

• bt > whoami

I thing this is enough for today in our following posts I will continue to give you the basics of backtrack that you'll need to be a pro hacker, so keep coming back! Bye from Sivarathan

If you have any doubt feel free to ask in the comment section :) :) :) :) :)

Note: If you enjoyed this post, you might want to Follow our Twitter or become our Facebook fan.  You will get all the latest updates at both the places. And also don't be selfish Share this post with your friends

Read More