[Ben Kurtz] is doing a little WEP cracking but in a bit of a different way than we’re used to. WEP cracking makes us think of war driving; driving around with your laptop open, looking for WiFi access points, and stopping to run some software when you find them. [Ben’s] way is similar but different in one key way, he’s using an iPhone as the frontend.
This started as a way to find a use for some leftover equipment. He threw together a Linux box and loaded up Aircrack-ng, the software we often see used in penetration testing. To remove himself from shady-looking activities in public he coded a web interface using the Python package Turbogears. It uses screen, a program often used with SSH to run services concurrently in different terminals, with the option to disconnect without stopping the processes. Now it’s just a matter of parking the hardware near an AP, and doing the work in a browser on your mobile device. You can check out the script he wrote, as well as installation instructions, in his post linked above.
[Thanks Tech B.]
[Note: Banner image not directly related to this post]
I used to do something similiar before the iPhone came out. Had a symbian phone with Wifi.and use putty for symbian. Would set up a ad-hoc network with another wireless card in my laptop. So the main wifi card was free to do what you wish.
The ubiquity of SSH!
It is a very nice idea, however I thing this could have also been done with VNC.
…. seriously? Already been done.
http://hackaday.com/2010/08/18/make-iphone-a-penetration-testing-tool/
Those crooks never stop learing new tricks.
This is retarded.
404Usernotfound knows the real deal: do everything straight from the iPod, no laptop required.
On that note, does anybody know of a similar setup for Android devices? All I see are a lot of “it would work but nobody ever compiled it” posts.
So, what, the computer system is the one doing the actual wireless data gathering from the AP? Seems a little useless to me, honestly. I mean, do people really think twice about someone on a laptop in a car? I know I wouldn’t.
It is interesting, though.
Wardriving has nothing to do with cracking networks.
aircrack-ng installs directly on my nokia n900.. just sayin’.
Most people have no preconception of WEP cracking OR wardriving, so y’all have nothing to worry about.
yep its retarded
especially the newcommers who believe its gunna work by just loading up some tool
if you dont have amplifiers and good antennas all you gonna capture is trash, fragments
not to mention that for doing deauth attacks you have 2be close to the ap as well
pff only reason i can think of using this is to not look to suspicious in front of peoples houses while cracking there wep or the more challenging wpa.
Neat and all that screen is, this is pretty trivial stuff. I’m surprised to see it here.
How is this different from sshing into the laptop to do this? You could even restore a screen session from there!?
Shady is as shady does…
karma works on openwrt
Google and now Apple already do this.
Every Android device – well, a significant majority of them – is already setup to do something similar. Well, I’m exaggerating a bit, but you’d still be interested.
When you use the data capacity of your phone, your phones equivalent of a mac address, along with your GPS coordinates AND a list of all the ESSIDs of the visible wifi networks in the area are uploaded regularly.
It used to be that only the cellphone providers had this data. Now google and apple have it.
If GPS isn’t available, the cell tower triangulation algorithms are used. As a distant third, they can use already mapped ESSIDs – and since this has been going on for a while, that map is already pretty darned complete.
Why is this important? Because now google (and to a lesser extent but pulling up into the #2 spot in a hurry) has THE BEST AND MOST COMPLETE universal database of ip address to actual location mapping in the world.
Oh, and your real identity information, even though that isn’t being openly sold. Yet.
Rest assured – you’re already tagged, bagged and about to be slagged. I don’t actually know what slagging is, but for my purposes it means that you and all your relationships and interactions with other people will be available for instant recall and cross-reference.
Is that totally cool, or what?
The future is pretty damned rad!
VNC client, ssh client, or native aircrack tools do this better, easier, and faster and have a higher coolness factor because you dont look like the chump that poorly reinvented the wheel poorly.
lol said poorly twice. Now im the chump thats too tired to proof read so as not to make an ass of myself.