you have a remote ssh server with tcpdump or dumpcap installed. From a client which has ssh access to the remote server, you can run wireshark on the client and capture live traffic remote. InĀ case the user needs sudo to capture, wireshark will not prompt for the password. So you need to do the […]
Read More →The accesspoints and wireless management interface should have a routable ip address In priv mode on the Cisco catalyst 3850 AP name <name> mode sniffer AP name <name> sniff <dot11a/dot11b> <channel> <ip address sniffer> On the sniffer you can decode traffic from wireless management interface as peekremote
Read More →Enable modules: sudo a2enmod proxy proxy_http proxy_connect open file ../mods-enabled/proxy.conf uncomment #ProxyRequests On create file ../sites-available/forward_proxy.conf <VirtualHost *:8080> ProxyRequests On ProxyVia On <Proxy “*”> Require ip 192.168 Require ip 127.0.0.1 Require ip 10 </Proxy> ErrorLog ${APACHE_LOG_DIR}/error_forward_proxy.log CustomLog ${APACHE_LOG_DIR}/access_forward_proxy.log combined </VirtualHost> open file ../ports.conf and add the following Listen 0.0.0.0:80 Listen 0.0.0.0:8080 sudo a2ensite forward-proxy.conf service […]
Read More →The following story is fiction. We have an IT security compagny with 1000 employees. In our office, we don’t have a big wired infrastructure, we have high density wifi. Security is based on WPA2-enterprise. To access wifi, internet, intranet, mail and office applications we use one single account…….. Be aware of the man with the […]
Read More →In example below we send a ping from host A to host B. Host A doesn’t have an ARP entry for host B. Host B doesn’t have an ARP entry for host A. Step 1. Host A sends an ARP request for host B. Step 2: Host B stores the MAC – and IP address […]
Read More →In case of no encryption iw dev <device> connect <ssid> [<bssid>] Why bssid? In case you have multiple access points, you can specify a specific accesspoint. If you have just one, there’s no need to specify. i.e. iw dev wlan0 connect Freewifi 40:A5:EF:25:BF:12 In case of WPA/WPA2 apt-get install wpasupplicant wpa_passphrase <ssid> [passphrase] i.e. wpa_passphrase MyWifi Welcome123 Copy output to file wpa_supplicant […]
Read More →With linux we can change the MAC address of an interface via several methods: ifconfig <device> hw ether <mac address> ip link set <device> address <mac address> macchanger <device> <mac address> One disadvantage, we can only configure a unicast MAC address. It’s not possible to configure a non-unicast or bogus address. i.e. ifconfig eth0 hw […]
Read More →This article describes how to capture traffic between a client and the network with a passive “Man in the Middle”. Also it explains how to generate traffic from a VM where the network only sees 1 MAC and 1 IP address form the client PC. In the example below, we use eth0 and eth1 as […]
Read More →This article describes how to capture traffic between a client and the network with a passive “Man in the Middle”. In the example below, we use eth0 and eth1 as a bridge. Configure the MitM interfaces as “link only” interfaces. /etc/network/interfaces auto eth0 iface eth0 inet manual auto eth1 iface eth1 inet manual bring physical […]
Read More →Your free domain go to https://www.freenom.com choose your own free domain sign up Your free website go to https://www.000webhost.com sign up create a website with name example your website name is http://example.000webhostapp.com Link your domain to you website in freenom.com go to services, My Domains Click on Manage Domain Go to Management tools, […]
Read More →