"Arguing that you don't care about the right to privacy because you have nothing to hide is no different than saying you don't care about free speech because you have nothing to say." --Edward Snowden
>Recommended operating systems General purpose: Fedora, K/L/Xubuntu, Arch Linux Privacy focused: Whonix, Tails, Qubes OS
>Recommended mobile operating systems Android based: GrapheneOS, CalyxOS, LineageOS/DivestOS Linux based: PureOS, postmarketOS
Once you're inside an enemy's LAN, you have a lot of control of their network. They're basically pwned at that point. In the old days, hacking a WiFi network would be easy. You would run a pixie-dust attack on a WEP network and you'd be in. Or, you'd find an unsecured network. That's all in the past now.
>Previous research I was active in a lainchan thread a while back about wardriving using Android. I can't find archives of lainchan anywhere. Thread subject was Mobile Hacking/Wardriving General. The thread image was some Android with an external wifi chip connected through the USB port. Pls find the thread if you can. These repos are for hacking WiFi: github.com/derv82/wifite2 github.com/JPaulMora/Pyrit github.com/aircrack-ng/aircrack-ng
>Experiment Goals To run a setup with an external FullMAC NIC on an Android phone using a USB-C--->USB A adapter. Goal is to use this network card for 802.11 injection and side-channels on WPA2 and WPA3.
>Why do you want do attach an external NIC to your Android when you already have a NIC built in to the Android device? Built-in NIC doesn't work.
>What wardriving functionality does an unrooted Android have? Actually, there are apps which allow you to map WiFi networks in your area such as Wigle. That's all you can do.
>How do you plan on attacking 802.11 networks from Android? If you're using a device with Linux on it, then there are a few tools available on GitHub for auditing wireless networks. Most importantly, there's WiFite (python), aircrack-ng (multiple utilities for 802.11 hacking, most notably airmon-ng and airreplay-ng), and Pyrit. Using those tools, it's possible to break into a WPA2-PSK network especially if the key is weak.
>Challenges Need a proper WiFi chip, a USB-C-->A adapter, and I need the drivers for the NIC to run on Android. So, how would I compile NIC drivers into an Android kernel? The lainchan thread explained it to me, but I can't find the archives.
PART 2 >experiment requirements >Android tablet or phone. I had a Google Pixel I was experimenting on, but it got smashed. Now I'm running a beat up old Lenovo tablet.
>Compatible WiFi card capable of promi/monitor mode, Needs to be able to run airmon-ng and other aircrack tools while interfacing with Linux. I heard alfa adapters are excellent, and they support monitor and injection mode. I found this video about selecting NICs: youtube.com/watch?v=5MOsY3VNLK8
>do you need root in order to hack 802.11 with Android obviously yes, but you don't need root to map networks to GPS data, or to scan networks using ICMP.
>what else did I learn from lainchan about this subject Had to cut info out of previous post due to char limit. Lainons said that running an externally attached wifi adapter on an Android cell phone is possible, but it drains the battery. Seriously, can someone find me some lainchan archives? There is valuable data hidden there. And I've go to look on my hard disk. I know I saved that thread...
>What types of attacks do you get once you're on the WiFi At that point, I would start using nmap to port scan. Another reason to have root--nmap can identify devices on the network. Computers, phones, cameras, You should root your device before you start.
diamondback, welcome to Way of the White. The tournament begins tomorrow. I hope you have been staying on these threads. We will use posts on /sec/ to communicate. Other anons could help us (or make fun of us) if they feel like it.
No, there is a hacking tournament called SEETF today. I am the captain of the team Way of the White. We need one more person to join the team because it's trio max.
Colton Barnes
>wifite2 Yeah, comes up on GitHub under the same acc that made WiFite. It may be better, but both WiFite and WiFite 2 are lacking in features without customization of the python script. Aside from the fact that it can be hard to install all the stuff it wants to run, there's just so much useless bloat on it. And for how much useless bloat it has, it isn't any good at installing dependencies. >it should have a script which installs the dependencies >need it to always randomize MAC for maximum privacy >don't want it to try anything but WPA2 attacks, such as Reaver and possibly hcxdumptool. >Want it to check if wifi deauthentication frames are being blocked >Doesn't ask before starting bruteforce crack of captured handshake >no DOS option
...and most importantly of all to me, if considering ONLY the current wifite and wifite2 scripts: >when it starts to deauthenticate, I want it to allow me to choose which clients on the WiFi I want to attack, or at least how many maximum clients I want to deauth. This part is important because an IDS or a switch might catch you sending management frames to multiple clients like that. I don't like the default behavior of WiFite to just send deauth frames to every client that it sees. It's too obvious, even though proven effective.
now if we consider what (unimplemented features) the wifite2 documentation says they want to do for the future of the project... >wpa3 crack (dragonfly) They haven't implemented this yet, and I might do this for them.
>rogue access point attack They haven't implemented that either, and are looking for people to help do that. They say they're currently collaborating on that.
For all of the above reasons, WiFite isn't very good. I'm considering creating a fork of it with the changes outlined above. With that said, my experiment focuses on airmon-ng on Android. WiFite uses airmon, but my goal isn't really to run WiFite on Android.
>DuckDuckGo Shouldn't that at least have a note mentioning that they don't block Microsoft trackers, because of that Bing ads deal that they have? Or is that only on their android browser? Haven't looked too deep into it yet.
Can you fuck off with >Google vs DDG DDG uses Amazon servers so it clearly glows. Just because it's a little more TOR-friendly doesn't mean it doesn't glow. The result quality is comparable to Google, but not as good as Google. All other search engines are somewhat inferior, except when searching for niche/blacklisted stuff that wouldn't appear on Google. Yandexing for pirated shit is an example of that. Also, all major search engines are pretty much the same at this point, except for who owns them.
Christopher Edwards
We are having an actual educated discussion on hacking this evening. Please don't come in here and fuck it up with your stupid >NordVPN vs. ProtonVPN bullshit If you're not hosting your own VPN with OpenVPN, then you can assume all critical logs are both kept and shall be turned over to a US authority within US jurisdiction, as well as any other authority who is in power/jurisdiction. It's obvious.
Kayden Murphy
>script kiddie talks about wlan cracking
lmao, what is this, 2010? seriously, fuck off with that bullshit. its obvious you don't know shit.
Angel Harris
>this is for skiddies and it's obsolete That's what they said on lainchan actually. I get why you'd call me a skiddie. You don't expect me to do anything but install WiFite and run it. I'm not exactly a skiddie though because I mess with source code all the time at this point. Not that it takes very much skill to crack a weak WPA2-PSK password. But aside from that, they've already discovered WPA3 side-channel attacks, and various DoS for WLAN hax. Not to mention rogue AP's. And sniffs with 2 NICs. All sorts of stuff which you can do, if you can get an external WLAN card to run on Android. Also, how would a skiddie learn all this if the knowledge barely exists on the internet? All I could find was a single XDA thread!
>what is this, 2010? I don't understand what's changed, besides the really dangerous and easy types of attacks getting patched out of existence. I mean, I understand that the network could be detecting management frames and blocking the deauth. Then, I could sniff the handshake when someone connects. WiFite doesn't do that, by the way.
Why do you call me a skiddie? Do you disagree with what I'm saying? Do you not see the value in it? Is it just because I brought up WiFite? You know you can't talk about WiFi cracking without talking about WiFite. I demand more information since you started flinging shit. In all honesty, I bet (you) couldn't get airmon-ng to work from your Android. Just try it, and then we'll see who's the fucking skid.
Aaron White
Just because Pyrit says it's obsolete doesn't mean WLANs are completely secure. KYS.
>they don't block Microsoft trackers Their browser is not recommended, this has nothing to do with the search engine, please stop conflating these two things.
Samuel Hill
>walk into my room >hud on top of my smartphone's screen lights up I'm starting to feel a little paranoid..
