Your first hacking job - war driving

Exchange the techniques and skills needed to walk the shadows. Post your guides and how-tos here.
Post Reply
MustacheOperator
Member
Posts: 29
Joined: Sat May 22, 2021 2:45 am
Contact:

Your first hacking job - war driving

Post by MustacheOperator » Mon May 24, 2021 6:29 am

If you have a SUAS, vehicle or good pair of walking shoes, you can do this.

We are going to get our aspiring hackers started by cracking their first wireless network.

The hardware requirements are fairly simple, although you'll need a wifi radio capable of packet injection. If you don't have one (they cost $10-$30) that's ok, but you'll have to monitor the connection until a handshake is generated via normal use. I haven't had to do this in awhile, since packet injection capable cards are a dime a dozen these days.

You will need a computer, this can be a Raspberry Pi (model 3 is fine), a laptop or even your phone if you're comfortable virtualizing an OS and messing with drivers.

Next, download the latest build of Kali linux and use a tool like LiLi, rufus or any third party tool to install it to a USB as a live boot OS. Once you've verified your USB boots into Kali (may require changing boot order in BIOS), connect your WiFi adapter and get ready to ride/fly/walk.

If you are using a drone, be sure to orient the antenna properly. Also, many WiFi cards included with your phone/tablet/laptop support packet injection AKA promiscuous mode, but Alfa makes several well known models that work flawlessly and accept external antenna and amps via RP-SMA connection.

After booting into Kali with your WiFi card attached, open a console/shell and type "sudo airmon-ng" This will display a list of wireless radios. If you're using the Alfa Networks product, you'll see an Atheros or Realtek chipset, and most importantly, an interface name. Once you ID the right one, you'll enter "sudo airmon-ng start wlan0" (where 0 = x, the number assigned to the interface)

This will cause the following output: monitor mode enabled for wlan0 on wlan0mon

wlan0mon is the virtual adapter created for packet injection. This is how we will force authenticated users to reauth to the access point, allowing us to sniff the ensuing handshake between the client and AP.

If your card doesn't support injection, you can skip the above steps. You will have to wait on a legitimate client to reauthenticate on its own. You'll still be able to capture the handshake, you just can't force the process.

OK. Great. So we have a card un monitor mode. Sweet.

Now lets fire up one of my favorite tools.

"sudo besside-ng wlan0mon"

Press enter and you'll see something along the lines of "lets ride. saving to besside.log"

Your setup is now automatically attacking any network in sight. If you're lucky enough to encounter a WEP encrypted network, besside-ng will crack the key outright. This process is typically very fast. For WPA/2-PSK, by far the most common, additional steps are required.

As besside-ng runs, it will force any connected clients to disconnect from the AP and reauthenticate. Any handshakes it is able to capture will be saved to your home directory as wpa.cap. These will be the targets of our cracking efforts.

I'd suggest downloading the crackstation and rockyou wordlists (widely available) although most online GPU cracker arrays as a service offer a free "basic search" and this will accomplish the same thing. The paid service costs as much as $100, but its a far more extensive search and only costs money if the key is found.

Don't worry about specific targets right now. We're going after low hanging fruit for this training exercise. Later, we will use this network access to pivot further, but we're getting ahead of ourselves.

Once you've walked around for a bit, you should have many handshakes available listed in besside.log, along with any WEP keys it cracked on the spot. Go ahead and "control+c" the shell window running besside-ng.

If you took my advice, you can use the following to initiate cracking against the freshly captured handshakes: "aircrack-ng -w rockyou.txt wpa.cap"
If you have multiple handshakes, and you probably will, it will give you a list of them and ask you to select one by entering its arbitrarily assigned numeric value. Because we are going for easy targets, we will work through them 1-n. Hit 1 (whatever number it is) and press enter to start.

If the key is in your wordlist, it will notify you with a happy Key found! [Mykeyhere] message. Don't bother with JTR, exhausting this keyspace isn't practical unless you have a multi-GPU array on hand. If not, move on to the next. If so, take note of the key and BSSID. Feel free to keep cracking more, or you can stop here.

Next steps to come after you've gained access to a secured network of opportunity.
Last edited by MustacheOperator on Fri May 28, 2021 1:56 am, edited 2 times in total.

MustacheOperator
Member
Posts: 29
Joined: Sat May 22, 2021 2:45 am
Contact:

Re: Your first hacking job - war driving

Post by MustacheOperator » Mon May 24, 2021 6:42 am

https://www.amazon.com/gp/aw/d/B004YD7UBQ/

Great card.

Plenty of others work too.

If you seriously can't afford one, PM me. I'll send you $50 in Bitcoin you can use. Established members only please.

Also, here is a good chance to read up on a tool called Wireshark. https://www.javatpoint.com/wireshark

We we will definitely be using this frequently.

One more big one is nmap. https://bytexd.com/how-to-use-nmap/ Its a tiered tutorial, so you can go as far as you want.

Nameless
Member
Posts: 18
Joined: Wed May 19, 2021 6:05 pm

Re: Your first hacking job - war driving

Post by Nameless » Wed Jun 23, 2021 10:38 pm

Forgive me if the assumption is seen as offensive but after reading for quite a bit it would seem that the community here tends to get intimidated by branching out into new skill sets such as this or cannot see the value.

In all reality this is entry level stuff. Anyone here is capable of doing it if they just take a little time to understand how it works. Doing so would be the first step in learning to cope with more complicated targets than simply places under construction. As we move forward in technology we will have to contend with it if we wish to explore live targets or anything of genuine interest at all.

Lest this appear ignorant since I am well aware of my lack of history here, having read through the older Night Ops posts this would seem well within the intended scope of the hobby. To be able to infiltrate increasingly difficult targets with impunity.

One might look at this as the first step in learning to access and control most private, low level camera systems which are becoming increasingly common and do not appear to be very secure.

User avatar
Sicarius
Member
Posts: 428
Joined: Wed Mar 04, 2020 6:50 pm
Location: Possibly on a distant Mediterranean shore... one day
Contact:

Re: Your first hacking job - war driving

Post by Sicarius » Thu Jun 24, 2021 11:53 am

Nameless wrote:
Wed Jun 23, 2021 10:38 pm
Forgive me if the assumption is seen as offensive but after reading for quite a bit it would seem that the community here tends to get intimidated by branching out into new skill sets such as this or cannot see the value.

In all reality this is entry level stuff. Anyone here is capable of doing it if they just take a little time to understand how it works. Doing so would be the first step in learning to cope with more complicated targets than simply places under construction. As we move forward in technology we will have to contend with it if we wish to explore live targets or anything of genuine interest at all.

Lest this appear ignorant since I am well aware of my lack of history here, having read through the older Night Ops posts this would seem well within the intended scope of the hobby. To be able to infiltrate increasingly difficult targets with impunity.

One might look at this as the first step in learning to access and control most private, low level camera systems which are becoming increasingly common and do not appear to be very secure.
You all can learn to juggle baby alligators if you want, but learning some of this stuff is useless AT FIRST when you could train other skills, like the ones the people are on this website for. I myself like this website, but understand my goals are different. Discussing science, like psychology and biomechanics, or advanced firearm concepts, like "stealth" CQB or correct pistol application in a Splinter Cell scenario, is not practical here. I think some parts of the community are lacking, such as hacking. But the main focus, based on what I have read, is stealth and infiltration.

Practicing too many skills is a waste of time, which is a hard fact. The forum has its focus, and too many new things at once is bad in the long run. I agree, training skills on the site only would be bad. The human brain can learn so much more, and enhance or compliment the skills form this site with new ones from elsewhere. But as stated, the forum has its focus. I would skip over security cameras and other stuff for now. For example, using angles and understanding FOV, you can pass some cameras by moving on the wall they are mounted on. You can use concealment and cover of course. Or, you could plan an entirely different route. There are multiple solutions to a problem, always remember. Most of the people here have basic stealth skills, myself included. Psychlonic and Xanatos have lots of experience, and some other people.
"If one cannot be both, it is much better to be feared than loved" - Niccolo Machiavelli, The Prince

Nameless
Member
Posts: 18
Joined: Wed May 19, 2021 6:05 pm

Re: Your first hacking job - war driving

Post by Nameless » Thu Jun 24, 2021 3:51 pm

A reasonable stance. However while war driving in itself will not find uses for night ops it also requires almost no practice. Once you have the hardware and software you are ready to go. Fat creepy people do this all the time by driving around with a laptop and high gain antenna looped around their rear window.

It may seem like a "waste of time" but personally, I appreciate the content and have no problem exploring the ideas while practicing skills for physical infiltration.

User avatar
Xanatos
Moderator
Posts: 2675
Joined: Sun Jun 21, 2009 2:51 am
Location: The last place you look.
Contact:

Re: Your first hacking job - war driving

Post by Xanatos » Thu Jun 24, 2021 10:03 pm

I'm all for this sort of stuff, especially in today's increasingly tech-heavy world. I'm just not quite tech-savvy enough to give it a go.
We are all books containing thousands of pages and within each lies an irreparable truth.
What is locked, can be opened. What is hidden, can be found. What is yours... can be mine.

User avatar
Sicarius
Member
Posts: 428
Joined: Wed Mar 04, 2020 6:50 pm
Location: Possibly on a distant Mediterranean shore... one day
Contact:

Re: Your first hacking job - war driving

Post by Sicarius » Fri Jun 25, 2021 12:23 am

Nameless wrote:
Thu Jun 24, 2021 3:51 pm
A reasonable stance. However while war driving in itself will not find uses for night ops it also requires almost no practice. Once you have the hardware and software you are ready to go. Fat creepy people do this all the time by driving around with a laptop and high gain antenna looped around their rear window.

It may seem like a "waste of time" but personally, I appreciate the content and have no problem exploring the ideas while practicing skills for physical infiltration.
I understand where you are coming from, and I want to say again that I am interested in hacking and think its practical for night ops. In fact, I am learning HTML and CSS right now to practice webpage building, and then I plan on learning as much as possible about cybersecurity and pentesting before I go into one of my degrees, which is supposed to be in Cybersecurity or something similar. I just wanted to explain why I think the content has place elsewhere, or should be focused on more practical hacking targets. By more "practical", I specifically mean a physical extension of digital espionage. Hacking only takes you so far, and many companies and organizations lack good physical security. This is similar to what physical pentesters, and the fictional Sam Fisher from Splinter Cell, do in the field. Accessing the physical hardware, planting malware, espionage, etc. DeAuthers, specifically the watches, could be useful for wifi home security cameras. This would be most useful for assassinations at night in residential housing, since many homes feature wifi security(including the alarms, simplisafe and ring are easy and cheap to bypass covertly if you know what you are doing). I think hacking security cameras and webcams to look through them in liveview could also be very useful, to check the grounds for people. Some lights can be hacked, although this is more rare and may not be worth it as it draws attention.
"If one cannot be both, it is much better to be feared than loved" - Niccolo Machiavelli, The Prince

NewGuy
Member
Posts: 21
Joined: Wed Jul 28, 2021 7:11 am
Contact:

Re: Your first hacking job - war driving

Post by NewGuy » Thu Jul 29, 2021 6:15 am

All right, I ordered the card. It should be coming within the next few days, I probably won't have time to give it a try until next week, but I'll post about it here talking about how it went.

Post Reply