Hosted by Darren Kitchen and Shannon Morse.
Whether you're a beginner or a pro, HakTip is essential viewing for current and aspiring hackers, computer enthusiasts, and IT professionals. With a how-to approach to all things Information Technology, HakTip breaks down the core concepts, tools, and techniques of Linux, Wireless Networks, Systems... Read More
This time on the show we're getting a little BASH happy with Standard Streams and pipelines as we break the encryption on a WPA protected wireless access point using John the Ripper and Aircrack-ng.
Standard Streams in Unix like operating systems -- and Windows to some extent -- are the inputs and outputs between a program and it's environment.
Our environment in this case is BASH, the bourne-again shell. It's my personal favorite but there are a few others, like C-Shell.
Now three are three standard streams: STDIN, STDOUT and STDERR
Standard Input is data, usually text, that goes into the program. 9 times out of 10 this is just what you're typing on the keyboard.
Similarly Standard Output is where the program writes its output data. This could be to a file, a com port, the network, but quite often its simply your terminal or display.
Now not all programs have input and output. For example, dir or ls doesn't take any input. You issue ls and it outputs the contents of the directory. Similarly issuing rename or mv to rename a file doesn't send any output. You INPUT the oldname and newname to the MV or Rename program with your keyboard and the file name is changed. Nothing really that exciting to write home about, hu?
Finally Standard Error is another output from the program. It's independent from Standard Ouput and is used to send error messages, which are typically to the terminal or display. But it's nice to know we can send 'em elsewhere if need be.
Now I mentioned sending the output somewhere and that's exactly what we'll be doing today. While the output of a program typically goes to the terminal it doesn't have to. For example we could take the output of the "ls" or "dir" program and send it to input of the "more" program.
ls | more
More allows us to read the output of the ls or dir command one page at a time, using the spacebar to advance. The Q key quits by the way.
This is what's called piping. We can run the programs together, and the output of the first programs gets "piped" into the input of the next.
If you're not familiar with John the Ripper it's a fantastic tool for cracking passwords. You can use it to generate or process word lists, or even come up with 'em on the fly with a little bit of brute force.
And John the Ripper is the perfect companion to aircrack-ng, a suite of network tool for all sorts of WiFi mischief.
I've already gone ahead and set my wireless card to monitor mode, started packet sniffing, deauthorizing users and successfully captured a bunch of traffic, including the 4-way handshake. This means I can start attempting to crack the pre-shared-key. If that sounded greek to you don't worry we'll be disecting all of that in an upcoming HakTip.
The aircrack-ng program wants three things. The BSSID of the access point we're cracking. The packet capture file containing the handshake, and a wordlist or dictionary file. Now since the WPA key of our access point isn't in the dictionary we're going to send in John the Ripper.
John has a nifty little option called incremental which will try every password possible -- 8 characters by default. With John we specify the stdout option which will output the candidate passwords it generates to standard output.
So using what we just learned we can take the output from John the Ripper, which is busy coming up with every password possible, and "pipe it" to aircrack-ng, which will try those passwords against the captured handshake.
And in anywhere between one second and 16 years we'll have cracked this network! Rock on!
Contact Us!
What program or command is giving you warm fuzzies? Hit me up -- tips@hak5.org
And be sure to check out our sister show, Hak5 for more great stuff just like this.
Carbonite
Computer disasters eventually happen to everyone. Your computer crashes, gets infected with a virus, you drop it, etc. But if you get Carbonite Online Backup before your disaster then NO NEED TO WORRY because your files will be backed up automatically and safely offsite and it's easy to get them back. Plus, you get anytime, anywhere access to your backed up files from any computer, smartphone or ipad with a free Carbonite app. With Carbonite , unlimited backup for your PC or Mac is just $59 a year. Use the offer code "Hak5" to start your Free 15-day trial to get Two Months Free if you decide to buy. All details are at www.Carbonite.com.
20 days ago
Hackers!! Our new episode of Hak5 will be posting soon! It's jam packed with epic interviews this week, so stay tuned!
20 days ago
@michael_a_nass Are you enjoying the awesomeness that is Hack Across America?
20 days ago
@jardinesoftware Thanks for the bump! The Throwing Star LAN Tap Pro is one of my favorite tools (though, I prefer soldering mine! :) -@snubs
about a month ago
Employers want social media passwords, US gets a #CPO, and #TheOnion! All that and more this time on #ThreatWire! http://t.co/SrZpicvnt6
about a month ago
#Installing #Solar panels, #Google #Chrome #extensions, and more on @Hak5! http://t.co/QppYLgZpi5
about a month ago
Legalizing #Internet eavesdropping, #LivingSocial is #hacked, and more on this weeks #ThreatWire! http://t.co/xyIxzy8kes
