Fork me on GitHub





събота, 20 декември 2014 г.

SSL Stripping & Sniffing HTTPS LOGIN internet explorer 11 windows 8.1 sucks (SSLStrip)


WARNING: THIS IS COMPUTER CRIME, DO NOT DO THIS!
THIS IS ONLY FOR EDUCATION.

Method
Performing a ‘Man In The Middle’ attack therefore all the traffic flows through the attacker. Picks out HTTP traffic from port 80 and then packet redirection / forwarding onto a different port. SSLStrip is then listening on that port and removes the SSL connection before passing it back to the user, ettercap then picks out the username & password.








Stripping SSL & Sniffing HTTPS_internet... by nu11secur1ty


WARNING: DO NOT USE INTERNET EXPLORER!

Need to install:

SSLSrip
arpspoof (DSniff)
Ettercap

Using tools:

netdiscover




arpspoof (DSniff)




ettercap




sslstrip

петък, 12 декември 2014 г.

WPA WPA2 aircrack bruteforce how to...


WARNING: THIS IS COMPUTER CRIME!!!

WPA WPA2 aircrack bruteforce from nu11secur1ty on Vimeo.

Download video
Why should use WPA/WPA2 encryption?!!!

In order to protect your data from snooping or prying eyes, you should encrypt, or scramble, it so that nobody else can read it. Most recent wireless equipment comes with both WEP (wired equivalent privacy) and WPA (wifi protected access) encryption schemes that you can enable. WEP was the encryption scheme included with the first generation of wireless networking equipment. It was found to contain some serious flaws which make it relatively easy to crack, or break into, so it is not the best form of security for your wireless network. WPA was later rolled out to provide significantly stronger wireless data encryption than WEP. But, in order to use WPA, all of the devices communicating on the network need to be configured for WPA. If any of the devices in the chain of communication are configured for WEP, the WPA devices will typically fall back to the lesser encryption so that all of the devices can still communicate. Refer to the owner's manual for your wireless router or access point to determine how to enable and configure encryption for your device. Once you enable encryption on your router or access point, you will need to configure your wireless network devices with the proper information to access the network. If you can use WPA you should because it is much more secure. However, even WEP is better than nothing and will keep casual snoopers and novice hackers out of your wireless network. Using encryption with a longer key length will provide stronger security, but with a slight performance impact.It is an interim solution that is used now until 802.11i comes out. TKIP basically works by generating a sequence of WEP keys based on a master key, and re- keying periodically before enough volume of info. could be captured to allow recovery of the WEP key. TKIP changes the Key every 10,000 packets, which is quick enough to combat statistical methods to analyze the cipher. TKIP also adds into the picture the Message Integrity Code (MIC). The transmission’s CRC, and ICV (Integrity Check Value) is checked. If the packet was tampered with. WPA will stop using the current keys and re-keys.

You need to know!

WPA and WPA2 was more strongly from WEP encryption! Because WPA/WPA2 is on another level of encryption! The breaking of WPA/WPA2 is very very hard and maybe may take long long time. If you have a good "@*dictionary" for the case you may successful to breaking the WPA or WPA2 encryption!!In this video I show you just exaple how can you do this but if you want to seriously do this!! You will do this. But you know!That is risky and very hard..anyway... Of Course there are another way to decrypt WPA/WPA2 but better you do not know anyway...Thanks for watching guys :) Somthing important that you know: When you are write a password "USE LETTERS AND NUMBERS".Make your password with 20 or 30 symbols!!!

YOU HAVE TO KNOW!!!
@*The dictionary is a list of special words who you type in " .text" file. Wordlist who identify this victim!!! It is very hard to do this wordlist. May you take year or days to do this. You must know this victim. The way this victim thinks and more.. however... You should know something. Maybe you never discover the right words and never find this password!
I DO NOT RECOMMEND THIS! THIS IS A LOST TIME!!!