Bypass Hidden SSID & MAC Address Filtering

The purpose of this blog post is to demonstrate why hidden SSID & MAC Address filtering should only be layers of wireless security used in conjunction with strong encryption such as WPA.Below are the steps an attacker could take to bypass a hidden SSID and MAC Address filtering to gain a foothold on your network and either instigate further attacks or use your internet connection.Tools Kismet The Attack1. I first use kismet to look...

Read More

Metasploit Payloads Tutorial

Metasploit Payloads - msfpayload This entry is really just a place for me to keep notes on working msfpayload details. I will expand on this post as i get more working examples. These payloads will be detected by AV, I will cover methods of avoiding AV detection in another post. In my examples 192.168.1.110 is the victim, and 192.168.1.112 is the attacker. Where I have not specified the port it will default to 4444. 1. For a listening shell on the target Create payload: ./msfpayload windows/shell_bind_tcp LPORT=2482 X >...

Read More

OPH crack Live CD

Ophcrack  is a free Windows password cracker based on rainbow tables. It is a very efficient implementation of rainbow tables done by the inventors of the method. It comes with a Graphical User Interface and runs on multiple platforms. Features: Runs on Windows, Linux/Unix, Mac OS X, ... Cracks LM and NTLM h ashes. Free tables available for Windows XP and Vista. Brute-force module for simple passwords. Audit mode and CSV export. Real-time...

Read More