Friday, 22 July 2011

Cracking a Wi-Fi network

I had always heard that cracking a Wi-Fi network was really easy, but I never tried to do it. Yesterday I decided to give it a go. Could someone get in my network easily?

Remember that using somebody else's Wi-Fi is probably illegal, so you should probably do this only with your own Wi-Fi networks or with the owners' permission.

I am a complete newbie to this sort of thing, so I started with the easy part: cracking a WEP Wi-Fi. I guess nobody should be using WEP anymore, since according to Wikipedia "The Wi-Fi Alliance defined these [WPA and WPA2] in response to serious weaknesses researchers had found in the previous system, WEP (Wired Equivalent Privacy). " But WEP is still everywhere... Right now my laptop detects 5 Wi-Fi spots, and the only one that uses WPA is my own!




Next step was to do some research, since "wifi crack" gives you about 31,000,000 results in Google... A key aspect of this is to have a network adapter capable of "packet injection". There are many cheaps models available, but it turned out that my modest netbook comes with a "Intel Corporation WiFi Link 5100" adapter, which is able to do it. In order to make it work with my standard Linux distribution, I should probably need to update the firware and/or patch the kernel. But safer and easier was to just grap a copy of BackTrack Linux (version 5), make a LiveUSB out of it and reboot the netbook. With it, the Link 5100 was apparently ready for packet injection....

Then, after a failed attempt I stumbled upon this guide, which made the process very easy. I was not sure that my network adapter was 100% up to the task, so I decided to go for a field test. I just walked around the town in search of a good WEP Wi-Fi. After a few attempts in which I got the "Association successful" message but then the Data collection was very slow, I hit a busy WEP Wi-Fi network which made the whole process a breeze, and in 10-15 minutes I had the key (hidden below):


Aircrack-ng 1.1 r1899


[00:00:00] Tested 676 keys (got 68393 IVs)

KB depth byte(vote)
0 0/ 1 5A(99328) 1B(78336) 54(78080) EB(77568) 66(76032)
1 11/ 1 B5(75264) 2C(75008) 35(75008) 8F(75008) C2(75008)
2 2/ 7 8A(80128) 26(79104) 0C(77824) 4B(77056) BF(76800)
3 14/ 3 04(75264) 00(74752) 6E(74752) 60(74240) 15(73984)
4 0/ 5 1C(94720) 74(80384) 77(79872) 18(78592) 8B(78336)

KEY FOUND! [ XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX ] (ASCII: XXXXXXXXXXXXX )
Decrypted correctly: 100%



The person in the guide mentioned above says that she could not get to the stage where enough data was collected for aircrack-ng to succeed, and it looks like that is quite common in networks with very low wi-fi traffic. Out of the 10 or so networks that I tried, only in this one I was getting data at a very high rate. In other ones perhaps I should wait hours in order to get to the recommended 10k data mark.

So, I'm happy that my Wi-Fi network (and all the ones at work) are not WEP-protected, since getting into them seems a piece of cake. Next turn, my own WPA network (which I hope it will be much more difficult).

Friday, 15 July 2011

A portable linux distribution.

Summer is sometimes a great time to organize you life a little, and these weeks I've been busy streamlining the way I keep my computer-life organized. The most important things I did so far:
  1. Change my mail reading program to Gnus, so that I can now keep exactly the same mail reading experience wherever I am.
  2. Get all contacts and passwords into a usable format. Cleaning up the data is not finished yet, but necessary in the long run.
  3. Avoid wasting time; reclaim my privacy; do things locally, if possible: so I closed my accounts at: Facebook, Anobii, LinkedIn, Twitter, XING, Dropbox, Yahoo (which also deleted flickr, so I transfered all the pictures to Picasaweb with migratr). I'm still looking for a way to drop Delicious as well and organize my bookmarks locally.
  4. Get a portable linux distro that I can use to go quickly to my workbench whenever I happen to be using another computer.

A portable linux distribution.

Sometimes I need to work away from my computers, and doing so is sometimes a bit annoying: sometimes I cannot find a decent terminal emulation software to connect back to my workstation; other times the machine is using Windows; etc. So I looked at a number of small Linux distributions that I can put in a USB pendrive and carry with me at all times.

In the past I have installed a number of computers with PuppyLinux and this time I also tried SliTaz. SliTaz looks really nice, fast and small, but I had to go for something more heavy becuase hardware recognition is a bit flaky (as with many other small distributions). If I wanted to give a second life to an old computer, I certainly would go for one of these two, but in this case I wanted to get a Linux system that I can carry in my bag and that it will work in most computers without the need to tweak boot parameters, etc.

So, I decided to go with what I currently have in my workstation: Ubuntu 10.04.02 LTS (though 32-bit). To get it all working I did the following:

  1. Create a VirtualBox virtual PC and install the server edition of Ubuntu, with NO extra software.
  2. After first boot, install the "basics" (taken loosely from here): xserver-xorg-core, xinit, network-manager, lxde, alsa-utils, gdebi-core and google chrome (see how).  
  3. In the file /etc/NetworkManager/nm-system-settings.conf change "manage=false" to "manage=true"
  4. Make nm-applet to start automatically (see instructions).
  5. Install Remastersys (followed these and these instructions) and create modified ISO file.
    • sudo apt-get update ;; sudo apt-get install remastersys
    • modify /etc/remastersys.conf file
    • "sudo su" to become root and then run "remastersys dist"
  6. Test the created ISO file (I managed to get it down to 350MB) with VirtualBox. Once satisfied with the result it is time to make it into a LiveCD (just record it to a CD with, for example, K3b) and a LiveUSB.
  7. In order to create the LiveUSB, at my workstation (Ubuntu 10.04 LTS) I launch the "Startup Disk Creator", selecting the customized ISO file, and my 16GB USB pendrive. I erase the entire USB disk, and reserve 128MB (though you could reserve all the remaining space in the pendrive) for "extra space" to store documents and settings (see for example these instructions).
  8. Trial run: go to one of the "offending" machines, and reboot with the USB pendrive. It looks fine and I get both wired and wireless connectivity, though there are some small problems:
    • The persistence file seems to be working, but I always get a "Install Portable Linux" icon in the desktop.
    • The password I set for my account is deleted every time, so I just can login with no password.

 The mandatory screenshot:


    Notes:

    • I tried the same with the newest version of Ubuntu 11.04, but then I had problems booting from the USB (it would just show the "boot:" prompt, but then it would get stuck in there). 
    • With another, smaller pendrive (1GB), I also had problems: I managed to login the first time, but on reboot the pendrive would complain. No idea why...

      Friday, 8 July 2011

      Changing mail reader again. This time: Gnus

      After a year reading my mail with Thunderbird, I have decided to try Gnus. I was already using it (though not often) for newsgroups, but now I wanted to do it for regular e-mail. In the past I have played with Gnus a bit, but never spent the necessary time to learn and configure it properly. This time I took a couple of "slow" days and decided to make the effort to dump Thunderbird and go for Gnus.

      Some things that I didn't like in Thunderbird during this last year:
      • Synchronizing between different computers was not straightforward. Mails were in the IMAP server, so that was not a problem, but I wasn't sure how I could easily synchronize news (from newsgroups), filters, etc. in different computers
      • For some reason, Thunderbird would mark some messages as read, even when I didn't say so (quite dangerous, as once I read a message, I normally don't go back to it).
      • The IMAP connection to my server was very slow after having thousands of messages, so I ended up archiving messages by year. This was a bit annoying, since from my home computer then I could not access those messages.
      • Probably related to the archives, when searching for messages, sometimes a relevant message would show up in the search results, but when I tried to open the message, then nothing would show up. I would have to remember the date of the message and go and find it manually. Not very convenient.
      •  Many times Thunderbird complained of server timeouts. As a result, messages that I thought were deleted, actually remained in the server and other oddities...
      So I decided to give another chance to Gnus. Can it do everything I need? Was the effort to replace Thunderbird worthwhile?

      My current mail setting now involves two accounts (work and private), which are backed up in a third account (which I never touch, this is just a repository of ALL the mail I get). At my workstation I run fetchmail to download locally (and delete from the mail accounts) all the e-mails I get in both accounts (the setting for this only involves creating a .fetchmailrc file where I specify the servers, accounts, etc.). (sendmail also needs to be running in the machine).

      The Gnus manual (the PDF version) has 435 pages, so configuring it to your taste is going to take a while, but it is (like Emacs), incredibly flexible and powerful. For me the main features that I was looking for were:
      • Reliability (I hate when software starts doing "things" on its own).
      • Possibility of having exactly the same environment and configuration, no matter where in the whole Internet I was located.
      • Good filing and searching of messages.
      So after a while, reading the manual and asking in the relevant newsgroup, I have more or less everything I need (though this being Emacs, I'll probably never stop modifying the configuration):
      1. mail is sorted into different groups, and those in the "MailingList" groups are deleted automatically in one week (unless I say otherwise), and other Mail is never deleted (unless I say otherwise); 
      2. the search engine works really fast and well (actually much better than the Thunderbird search engine); 
      3. this works inside Emacs, which I run in text mode (emacs -nw), inside GNU screen (well, actually Byobu), so wherever I am, I only need to connect through ssh to my workstation, and I have full control and exactly the same configuration everywhere.

      And this is how it looks right now. The "Folder" view:



      The messages view in one of the groups:



      I have only used it for a couple of days, so I'm not sure how it will score against Thunderbird in a year from now, but so far I didn't have any problems, and it looks a better approach for my needs. I will report back in a year!