The following story is fiction. We have an IT security compagny with 1000 employees. In our office, we don’t have a big wired infrastructure, we have high density wifi. Security is based on WPA2-enterprise. To access wifi, internet, intranet, mail and office applications we use one single account…….. Be aware of the man with the […]
Read More →In case of no encryption iw dev <device> connect <ssid> [<bssid>] Why bssid? In case you have multiple access points, you can specify a specific accesspoint. If you have just one, there’s no need to specify. i.e. iw dev wlan0 connect Freewifi 40:A5:EF:25:BF:12 In case of WPA/WPA2 apt-get install wpasupplicant wpa_passphrase <ssid> [passphrase] i.e. wpa_passphrase MyWifi Welcome123 Copy output to file wpa_supplicant […]
Read More →With linux we can change the MAC address of an interface via several methods: ifconfig <device> hw ether <mac address> ip link set <device> address <mac address> macchanger <device> <mac address> One disadvantage, we can only configure a unicast MAC address. It’s not possible to configure a non-unicast or bogus address. i.e. ifconfig eth0 hw […]
Read More →This article describes how to capture traffic between a client and the network with a passive “Man in the Middle”. Also it explains how to generate traffic from a VM where the network only sees 1 MAC and 1 IP address form the client PC. In the example below, we use eth0 and eth1 as […]
Read More →This article describes how to capture traffic between a client and the network with a passive “Man in the Middle”. In the example below, we use eth0 and eth1 as a bridge. Configure the MitM interfaces as “link only” interfaces. /etc/network/interfaces auto eth0 iface eth0 inet manual auto eth1 iface eth1 inet manual bring physical […]
Read More →Apt-get install hostapd Apt-get install isc-dhcp-server Accesspoint Note1: hostapd won’t work with 2 wlan interfaces from which 1 is connected to Internet. Thus use wired internet via Ethernet. This can be also a phone connected to your USB which acts as hotspot. Note2: hostapd won’t work while wpa_supplicant is active. example hostapd.conf (/etc/hostapd/hostapd.conf) interface=wlan0 ssid=somename […]
Read More →Download latest receiver: https://www.citrix.nl/downloads/citrix-receiver/linux/receiver-for-linux-latest.html For debian: dpkg -i xxxxx.deb if you encounter certificate isssues? sudo ln -s /usr/share/ca-certificates/mozilla/* /opt/Citrix/ICAClient/keystore/cacerts/
Read More →How to capture ethernet and 802.11 traffiic at once. Use a linux OS PC with wlan interface In a terminal use the following commands: sudo iw dev wlan0 interface add mon0 type monitor sudo ifconfig mon0 up Start wireshark and select wlan0 and mon0 to capture traffic If needed you can add a capture […]
Read More →Turn your PC (OS linux) with multiple interfaces into a filtered tap. Connect your PC eth0 to a span/monitor port on your switch Connnect a Sniffer, APM, IDM or IPS to eth1, eth2 and/or eth3 1. set eth0 promiscious ifconfig eth0 promisc 2. set eth0 to accept data tc qdisc add dev eth0 ingress 3.a. […]
Read More →Turn your PC into a WAN simulator To add a delay of 100 msec tc qdisc add dev eth0 root netem delay 100 msec Note, this is one way delay in the outbound direction To add a delay in the inbound direction modprobe ifb ip link set dev ifb0 up tc qdisc add dev eth0 […]
Read More →