Greetings all,
I have searched around for an answer without success so I thought I would post here to see if anyone may be able to point me in the right direction.
I have a need to develop an app for my research project, that has the ability to inspect and display the header information from an IP packet, recieved through the 802.11 wireless interface a PDA device. Bascially, I want to examine any packet 'sensed' (for the lack of a better word) by the RF interface and view the header info.
I have searched for managed code examples on how to obtain packets from an Windows Mobile inbuilt library's but have not found anything...
I am also looking at the OpenNETCF.org framework for any leads on how to achieve this..( & without sucess as well at present...)
If anyone has been down this path or has any advice I would appreaciate
it.
Many thanks
Cheers
Are you looking for capturing network packets or actual 802.11 frames.
Network traffic is less useful considering most AP's are network switches, and therefor the only network packets coming to your device will be directed at you and/or broadcast traffic.
Wireless frame sniffers on the other hand have the ability to collect all wireless activity in the area. These are useful when trying to find an open channel to put you AP on, but it can also be used to sniff the traffic of other wireless users on your network. Keep in mind though, that encrypted frames will require some extra processing power to read.
In pc land, you can play with Omnipeek to get an idea of the power of a wireless frame sniffer.
Related
Guys.....
I find lot of prepaid wifi network in hotels, restaurants, etc. in order to join the network, I must register with user name & password that will be given by the provider if I paid certain amount of money.
I just wondering is there a way to hack prepaid wifi?
thanks
You will need this l33t t00l: m0n3y.
I remember this was discussed long time ago...
as I recall, you can't do that using WM phone, neither a windows laptop..etc.. you need Linux OS and some special tools...and even though it's possible, it takes very long time 1-2 hour to break the password (according to the encryptions of course)
try to search the forum, you might end up with that thread
I cannot believe how often companies just use the same username and passwords.
You actually crack some networks in 40 mins.
using something like CommView® for WiFi PPC or Airscanner Mobile Sniffer can help in that process.
None of the above techniques will work since the companies use a form of IP Tables.
THE only way is to tunnel with DNS using something like NSTX, but its very alpha. (Easiest way to test if technique works is by trying to ping a website and see if it returns the correct IP address)
The technique is there, just needs a good coder and some time..
Tunneling over DNS. That's clever. But all the commercial hotspots I've ever used resolve every IP address to the login/order form page when you aren't already logged in. That is, you can't tunnel through DNS.
The methods that take "40 minutes" to crack the encryption are talking about something completely different - finding the WEP or WPA keys for a network that has security enabled. It wouldn't be useful for prepaid hotspots, as they generally do not use WEP or WPA encryption. Instead, they let you associate and get an IP quite easily. Then they direct you to the credit card order form.
One method that can be used on some of them is to spoof the MAC address and IP address of an authorized, logged in client. However, you will quite literally steal their internet access, as that client will be knocked off the network. I've done this myself but it doesn't seem to work anymore on any of the big networks like T-Mobile (in Starbucks).
Best bet is trying to find a vulnerability in one of the web applications running on the server. All the layer 2/3 stuff is pretty well locked down.
fluxist
They will resolve but wont actually PING, thats due to IP Routing Tables.
There is no way to crack wifi password for pocket pc and laptop centrino main board. And you need special wirelless hardware. Must be pentium 4 or above.. Airsniffer and other proğrams can helpful. its change on WEP or WAP protocol. WEP is the most hard. You can find how to crack on forums and videos on youtube
^ That is rubbish.
Centrino or not, it has nothing to do with it.
Its all down to the wireless card and whether or not it accepts mode monitor/master.
Its WPA not WAP and WPA is far harder than WEP due to having to be brute forced, unlike WEP which has the well known RC4 weakness.
I think he is referring to the fact that one cannot do promisc mode on PPC, so they can never collect the packets to try and compute a WEP key. And also the fact that on Centrino Wifi cards (2200BG, et al.) the linux drivers cannot due packet injection in promisc mode. However, this limitation is overcome in some recent patched drivers. See the Backtrack linux live cd (www.remote-exploit.org/backtrack.html) for details.
fluxist
I don't think there is a hacking tool for ppc which is too very effective or complete...
All so called cracking tools for ppc are buggy little ****s...
Aircrak ng is best for PCs ... em waiting 4 a version of it on ppc...
Hmmmm.... That would be very interesting if they came out with an application to crack WEP and WPA networks I could see WEP being cracked but not sure about WPA since WEP is extremely easy to crack usually in about 10 minutes or less depending on the strenght of the signal, but WPA is much more difficult since it requires a brute force attack. I'm not so sure that our phones are capable of that.
You are waisting your time thinking of this with a phone as the Colleting of packets will take so long and PPC don't support packet injection and you would be limited to WEP
Get your self a net book that supports CUDA then you stand a chance Google CUDA Brute Force
i can buy a pin to accesses it but i cannot sharing it via hotspot how can i share it
Hi, thanks in advance for help.
I have someone leeching off my Wifi net, who seems to be able to 'break-in' no matter how i secure the WiFi net.
Anyone know of any free Windows Mobile software that will show signal strength of Wifi CLIENTS nearby. Not Access Points, but CLIENTs.
I want to go find this guy.
thanks
Hi there!
If you got an "leecher" on your network I would recommend you to start your search on your router.
You didn't provide any specs, how did you find out that someone is on your network?
Next question, have you changed both, router pass and wlan key?
Are u using weak encryption (wep)?
Whats about your mac-filter?active?
I would guess you've got an dhcp server on your network/router... go there and check the dhcp releases. Any suspicious entrys? You should know all the devices listed there. If you have found a IP you don't know, ping it and check if its alive (those packages can be ignored by the host), try to access it via smb, you could also try a demo of languard and try to read out details like os, user, owner...
I'm almost shure you can't use your wm device to locate a client of a network, unless you can switch your wlancard to ap-mode and he connects to you ^^
Nope, need signal strenght reader if poss.
Thanks for the comment, but I'm pretty security savvy, and have done most of what you recommend.
I actually can't believe he's still getting in when I've locked down so tight.
Anyway, it's a CLIENT signal strengh program that I'm trying to find.
Rogue clients are malicious wireless client devices that either try to gain illegitimate access to your WLAN or try to disrupt normal wireless service by launching attacks. There are numerous ready-to-launch wireless attack tools freely available on the net. Many of them are open sourced and work pretty well with most Wireless client cards. This turns any curious mind to professional hacker in minutes. Many do it simply for the pleasure of being able to disturb someone remotely. All these developments force WLAN administrators to give a second look at any wireless client that is misbehaving.
What means most of that what i recommended?
Did you actually change the router password AND the wlan key?
Sorry, I don't think that you can trace him with your mobile. as long as hes not connected to your mobilephones wireless network (wich requires your mobile wlan device to switch to ap-mode).
Forget about that.
Please tell us, why do you think somebody is on your network, how did you find out... whats the "evidence" for you that there is somebody.
I'd like to help u, but i need some further details to lock him out.
I hope you know that its just a matter of minutes to break a wep key. GPUs are used to decode it, which is damn fast!
So please provide more specs about your network.
Greetings
1: Use WPA instead of WEP.
WEP is crackable in a matter of seconds.
2: Assign access control/MAC filtering
3: Use your network in ad-hoc mode
Well, WPA is crackable too.
The person in question might change his MAC to yours and create collisions anyways
Can you be sure that he has really associated with your router. I have noticed some client/router combinations "apparently" associate but all traffic is blocked because they did not provide the right key.
As others say - use WPA WPA2 and use a strong (non dictionary) passphrase
get a computer that can run airodump or something similar.
run airodump with it set to the channel of you router - not in hopping mode as you will miss lots of packets.
Airodump will tell you the strength of the signal from his computer so if you have this on a laptop you can move around and possibly can an idea roughly where he is
Thank you, i will try Airodump
Thanks in particular Scote.
I didn't list the router config simply becuase I am confident it's pretty secure:
Router is a new Belkin N1
- 63 random char password from grc.com/passwords
- SSID is "netgear" even though its a Belkin : intention to mislead for access URL.
- WPA2-PSK AES encryption
- SSID not broadcasting
I didn't bother with MAC filtering, as I understand a good 'hacker' can spoof it : If this guy can get through WPA2 I would say he can probably MAC spoof.
My 'evidence', is that up to 3 unkown computers turn up on the 'Clients List', around 4 hours after I change the SSID/password : Each time.
I have 2 laptops, so I will try Airodump or maybe Backtrack (suggested elswhere) on these as a 'direction finder' based on signal strength.
Hmmm...I did read somewhere you can set a Kaiser to be an access point...
Thanks all
Yes you can.
Someone found his stolen Wii/mobile phone (don't remember which one) that way.
There was even an article on the net.
I have a very unique situation where I need the wifimanager to scan every 10-20 seconds for a new WiFi Access point, and be able to determine by the RSSI value to either stay connected or switch to the stronger Access point.
We have a routed Mesh network, where the AP's all can are DHCP, but they run through tunnels. So during a VOIP call, it would be nice to have the wifimanager be able to scan and handle that handoff. The asterisk server we are using holds the calls as the handoff is taking place, and when using a windows mobile device I have been able to modify an app to make WM6 make the transition in under 5 seconds.
I am in no way an Android programmer, but my client wants to switch to Android, and I need to see what kind of Mountain I am tackling.
The handheld we are using, is strictly wifi b/g no cellular
Thank you in advance for any help you could offer.
Hey all, I have been doing a lot of searching, and maybe I'm not searching properly, but any help in this area would be great. I have the Moto Xoom. I love it. I bought it without a data plan (who needs it?) and use it exclusively with wifi (sometimes tethered).
I was wondering if anyone knows of any app or whatever that allows me to specify an IP range AND a port range? I was able to find port scanners for SINGLE IPs, but not a range.
For example, my home IP follows the 10.0.0.XXX scheme (router's on .1, devices range from .2 and upwards). Does anyone know of any app that allows me to input an IP range and then specify a port range or even enter a comma delimited list of ports to scan for on that IP range?
Thanks!
Try these...
Looks like Network Discovery will do the trick once its certified on Android 3.0
In the meantime, I tried this Net Scan and it seems to be ok.
quordandis said:
Hey all, I have been doing a lot of searching, and maybe I'm not searching properly, but any help in this area would be great. I have the Moto Xoom. I love it. I bought it without a data plan (who needs it?) and use it exclusively with wifi (sometimes tethered).
I was wondering if anyone knows of any app or whatever that allows me to specify an IP range AND a port range? I was able to find port scanners for SINGLE IPs, but not a range.
For example, my home IP follows the 10.0.0.XXX scheme (router's on .1, devices range from .2 and upwards). Does anyone know of any app that allows me to input an IP range and then specify a port range or even enter a comma delimited list of ports to scan for on that IP range?
Thanks!
Click to expand...
Click to collapse
schergr said:
Looks like Network Discovery will do the trick once its certified on Android 3.0
In the meantime, I tried this Net Scan and it seems to be ok.
Click to expand...
Click to collapse
Net Scan totally is what I'm looking for (sort of). I tried Network Discovery, but you're right, it doesn't work.
Thanks!
Hi all,
I own an a500 and recently flew from Atlanta to San Juan; and the carrier offered wifi onboard.
Now, this is a paid service, and I decided to connect to check their prices on my tablet. While browsing the company's website (before I paid for anything) I see that my tablet informs me of a new email. After some snooping around, I realize that many of my apps, email, pulse and news360, for example, all connect to the internet and download 'stuff'. I even managed to send a handful of emails before the plane went in for landing and I had to disconnect.
This is happening again now while I'm on a cruise ship, where I haven't apid a cent for internet, but simply by connecting to the wifi network, my pulse RSS app updates and even downloads thumbnails.
I cannot, however, use the browser to browse the internet, or use google maps.
What interests me is firstly why my tablet is able to do such a thing (free internet), and secondly: Could I route all my internet traffic through the same ports/whatever that the apps are using in order to have free internet access?
Chances are that the Wifi provider is only blocking regular HTTP traffic (port 80) until you pay which is rather dumb!
If you use a VPN, you should be able to browse too.
Regards,
Dave
Sorry, this might seem like a n00b question, but could you point me to a site or something that would explain how I would use a VPN to browse?
Sorry if this is too dumbed down, but I'm not certain of your technical expertise.
To give a clearer answer to your first question: Basically, internet traffic is transmitted through little virtual "holes" in your computer called ports. Each port has a number. Usually certain port numbers are designated for certain types of traffic. For instance: World wide web traffic transmits through port 80; while e-mail might transmit through port 110.
Here is a list of the most commonly used ports and their purposes:
http://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Now, as the previous posted described, it sounds like they are only blocking port 80 before you pay, which will prevent web browsing. But e-mail and other stuff might use a different port, and is therefore not blocked. This is a sure sign that whoever set up the service on the plane should pick a new line of work.
When the previous poster means to set up a VPN, he means "Virtual Private Network". This is essentially setting up your own little private network between you and your computer at home/work, using the internet as your personal LAN cable. This gives you the added benefit of sharing your home computers internet connection. The downside is that you have to have a rather stable connection at home, or at work, in which to set up a VPN server.
The previous poster is suggesting a kind of "proxy" scenario, where all traffic is sent from your tablet to the home computer (server), and then to the internet. This might work because the link between your tablet and the home computer is encrypted and uses a port other than 80.
Setting this up is a little complicated, but there are instructions all over the web. Here is the first hit I got on google:
http://forums.bit-tech.net/showthread.php?t=64926
A word of caution: VPN is something that can be very easy, but can get very technical very fast. If you're not familiar with network terminology, expect there to be a bit of a learning curve. The good side is that you are unlikely to break anything by a poorly set up VPN, so you should feel free to experiment as long as you don't transmit any sensitive data.
It is also not a topic that specifically pertains to tablets, so I won't get into too much detail here.
Hope that helps,
-PW