Faceniff anyone? - Atrix 4G General

Has anyone tried faceniff on the atrix yet?

yeah it works. lol.

Such a vague post. Whats it all about? Details maaan!

theres always google

I meant on the Atrix which is the forum I am posting in

It works well on the Atrix. I have it and it does seem to work.
Scott

Does anyone know it works on WPA and WPA2? Are they forcing the client re-associate to the AP to sniff the initial key negotiation?

Works on WPA2 here. Does not work on EAP though I don't think.

Why would you want to steal peoples accounts (identities)?
Sent from my MB860 using XDA App

drew68 said:
Why would you want to steal peoples accounts (identities)?
Sent from my MB860 using XDA App
Click to expand...
Click to collapse
To troll in public hotspots

Hmmm does anyone here has an unlocked version? 0.o

Works great for me *edit: on the Atrix*. I asked the dev about putting the unlocked on Market or Amazon (dont like paypal). He said it was removed from the Market and he will look into Amazon.

If he releases some code(maybe he already has, haven't looked), this could open likes of similar apps. I especially like the idea of an Atrix as a wireless monitoring device since it has 5ghz, unlike almost all other phones.

I bought it and got it unlocked. This is more for curiosity's sake than actually hacking. I live out in the country. Not much for open wifi out here.
Scott

I went to a Starbucks today after getting the app, and I couldn't get it to work there.
Not sure if it has to do with the AT&T Wifi at starbucks, but I'm going to do more testing with it.

Did you try stealth mode, I guess some routers are built to monitor that kind of intrusion and stealth mode is the work around
Sent from my MB860 using XDA App

jenarelJAM said:
Faceniff has nothing to do with open vs WEP vs WPA vs WPA2 encryption on the network afaik(I haven't used it, but I read about it). It wont break encryption. My guess is that its doing a simple ARP poisoning attack, routing all network traffic through your phone before it goes out the router, then just filtering for unencrypted facebook/tsitter/etc. packets.
This has been around for years. What's new is that its been ported to a mobile phone and been made accessible to the masses.
Be careful using this guys, your network traffic leaves a trace, and I'm not sure if facesniff spoofs your mac address. You could get in big trouble if you get caught.
Sent from my MB860
Click to expand...
Click to collapse
I understand that you already have to be connected to the AP to do this but... as I understand it with WPA and WPA2 they negotiate session keys so that each connection uses a different key. Hence you cant decrypt another persons traffic. The key is negotiated in the beginning and if you can capture that negotiation, then you can decrypt the traffic.
Does faceniff only monitor new connections and then see if they log into one of those sites? or does it actively try and disassociate people from the AP so they have to reconnect.

Was using it on my home wifi. Was able to hack into mine and my gfs facebook accounts. Then i monitored my neighbors open wifi (tard) and was able to get into his. Told him to put a password on his wifi because of security. I think this is a real eye opener into the world of internet security. Really interesting app. Pretty scary. But yea, using this at school is a bad idea. I was just doing some packet sniffing at college and i got a nasty email saying that if i was doing anything nefarious i could be expelled. So remember: USE STEALTH =)

Hey there,
could someone send me a PM where to get this app.
THX!

jenarelJAM said:
Faceniff has nothing to do with open vs WEP vs WPA vs WPA2 encryption on the network afaik(I haven't used it, but I read about it). It wont break encryption. My guess is that its doing a simple ARP poisoning attack, routing all network traffic through your phone before it goes out the router, then just filtering for unencrypted facebook/tsitter/etc. packets.
This has been around for years. What's new is that its been ported to a mobile phone and been made accessible to the masses.
Be careful using this guys, your network traffic leaves a trace, and I'm not sure if facesniff spoofs your mac address. You could get in big trouble if you get caught.
Sent from my MB860
Click to expand...
Click to collapse
No poisoning needed. Wifi works the same as a hub. If you're associated to the network, you'll see all the traffic. Now there are ways to try to stop this, ap isolation, and whatnot, but it's radio, so there's really no way around it.
CLICK THE "USE SSL CONECTIONS ONLY" PEOPLE!

Related

Captivate & 802.1x

I've had the captivate about 24 hours now and dig it. I've rooted it and remove the att bloatware (per titanium backup), I've also performed a backup using Rom Manager.
I'm having trouble getting it up and running on an enterprise wireless what uses 802.1x PEAP authentication. I can get through all the auth. steps, and the device is assigned an IP, but I am unable to do anything that requires an internet connection; browser, market, etc.
Has anyone else ran into this issue?
*****EDIT*****
sigh i just realized that this is in the wrong area, it should have been over in development...i'm an idiot
I had a similar problem on a WEP-encrypted network, which I fixed by setting a static IP on the phone and then setting it back to DHCP (the correct setting). However, your problem could be entirely different than mine (not that I even am sure what my problem was, just that I fixed it!)
Best of luck!
Having the same problem on enterprise access points regardless of encryption. Home wifi netwroks work great (open and WPA2). Enterprise APs (open and WEP) connect and give me an IP, but will not transfer data. Think its a driver issue with the Wifi, it happens on every captivate ive tested, and seems to be more widespread than the GPS issue.
I have had the same issue with my work at work. I can get it to connect and get a ip but can not pass any data.
Sent from my SAMSUNG-SGH-I897 using XDA App
Had the same problem at work. Luckily I'm an admin and figured mine out. Our monowall portal was the issue. I can give a detailed answer for my problem tomorrow when I get to work.
I actually had the cap wiped to go back, then I literally figured out the problem. Thanks go out to my team mate for helping me talk through this.
Sent from my SAMSUNG-SGH-I897 using XDA App
can't wait to hear what your fix was!
Sent from my SAMSUNG-SGH-I897 using XDA App
This sounds more like your network not being allowing your device rather then the device having an issue.
it's been frustrating as I know two other guys with android devices that didn't have an issue. one is a droid eris running 2.1 and the other is a nexus one running 2.2.
Sent from my SAMSUNG-SGH-I897 using XDA App
designgears said:
This sounds more like your network not being allowing your device rather then the device having an issue.
Click to expand...
Click to collapse
Worked closely with my highly experienced network admin in my dept. for an afternoon (we had some time to kill). He checked the firewall and dhcp servers, ran packet traces, etc.
With what I'm experiencing, its the device. These wifi networks we use with Cisco APs are completely wide-open. All other phones and mobile devices have always worked great for years. We rely on this network for many custom applications and mobile tools.
Once the dhcp server leases an address, it seems like the radio stack hangs, and the device ceases communication. Here's an older thread on the exact issue over at androidfouroms: http://androidforums.com/samsung-captivate/130403-wifi-terrible.html
I have tested multiple new unmodified captivates and the issue is identical accross the board.
Now that I am at work, and have coffee in me and not beer, I will go through the problem I had with miCap and works wireless. Due to my skeptical ways, I will be semi vague for security purposes. On with it.
When I originally got miCap (pet name for it) I was able to access our public wifi. It allowed me into the public portal to agree to terms. I played a little bit on it, but wanted to see if I could access our private wifi. I got in the private no problem. But after that I never was able to get back on to our public. It did the same thing as I've read. It got an ip no problem (via dhcp) and acted like all was well. No browser, or ap could get a connection. The phone would not switch over to 3g to get info.
Armed with ip and mac address, my co-worker and I started to did through our monowall. ( He also has a cap that had no issues on public or private). We try tried reserving the ip for miCap, didn't work. We tried static ip, didn't work. I spent the morning completely wiping miCap to get it back to return worthy.
This was when I decided on last ditch effort.
Our ap's are cisco's that connect into monowall. I got into monowall and dug around. I found that with in the captive portal (how fitting) that the ip/mac associated with my phone hadn't checked in for 8 days. Even though I tried everyday. I deleted the entry to the phone there and suddenly my phone was getting access again.
Now I understand that this may not help everyone, because setups vary from place to place. But digging deeper into configurations at the access points may be what is needed. Do I think the phone had nothing to do with it? No, I think it helped aggravate the problem.
We have had problems with the Intel 3945abg chipsets with the same exact setup. That problem was fixed with driver updates on the laptops.
sorry for the long winded reply.
So in a nut shell you deleted the DNS entry for that ip/mac in the firewall and you are working.
Pmac25 said:
So in a nut shell you deleted the DNS entry for that ip/mac in the firewall and you are working.
Click to expand...
Click to collapse
Essentially yes. But it is not listed like that in the portal. Hmmm. I wonder about the combo of dhcp/dns being the culprit.
I was able to resolve this issue by changing my connection settings from DHCP to static for the Cisco APs.
Installing WiFi Buddy from the market allowed me to access these connection settings.
I just used an address from our static IP pool.
Manually set IP, subnet, gateway, and DNS, and now im finally rolling on our enterprise wifi network
I sent a help ticket into samsung; maybe if enough folks do we can get it on their radar.
jhannaman82 said:
I was able to resolve this issue by changing my connection settings from DHCP to static for the Cisco APs.
Installing WiFi Buddy from the market allowed me to access these connection settings.
I just used an address from our static IP pool.
Manually set IP, subnet, gateway, and DNS, and now im finally rolling on our enterprise wifi network
Click to expand...
Click to collapse
you can set the ip manually with out an app. When on the wifi screen, hit menu-advanced. This is a good time to set the wi-fi sleep policy also.
phlunkie said:
you can set the ip manually with out an app. When on the wifi screen, hit menu-advanced. This is a good time to set the wi-fi sleep policy also.
Click to expand...
Click to collapse
Thanks for that, i figured the menu was built in somewhere just never found it.
:thumbsup:
UPDATE
So I flashed the i9000 Eclair rom last night, and when I got into work today I can connect and use the wifi here. So looks like something AT&T buggered up, big surprise there, when they "customized" the captivate.
As much as I normally love blaming AT&T for problems, that can't be done here. My Captivate (running Stock Firmware) connects just fine to my work network. We use 802.1x with PEAP/MSCHAPv2 for authentication.
Anyone been able to connect at over 802.11b speeds while connected to an 802.1x network? I show connections at G and N speeds on my WPA2 network but nothing over 11Mbps on 802.1x.
Sent from my SAMSUNG-SGH-I897 using XDA App
Hi,
I am also having problems with my work wifi network.
It is 802.1x, on TTLS/PAP it also requires a thawte premium server ca certificate insalled.
Is there any way to connect this kind of networks?
With my previous iphone 3g it was taking only 4-5 seconds.

Wifi issues - most likely not the phones fault

I am having intermittent Wifi on my phone; but at work only. Everywhere works perfect without dropping the signal, but at work the signal drops once every 10 minutes and I have to toggle Wifi to get it back. It doesnt matter of I sit still or have the screen on or off, it always happens.
One thing to point out is that on my iphone I used to use WPA enterprise as security, but on this phone WPA doesn't work, only EAP security. Its the kind if network where you have to login with a username and pass.
Anyone else experiencing this?
Sent from my Atrix using XDA App
This is driving me nuts (as well as the many other things I have posted about. I have a feeling I need to head to a networking forum or something. Can anyone reccomend one?
Even with all the problems im having, I still prefer Android to iOS.
Sent from my MB860 using XDA App
Ok I've figured out where my wifi disconnects are coming from at work. It IS an Android issue so I'll keep posting it here. The problem is that my work needs to use a certificate from entrust.net in order for the wifi to connect and stay connected. I can connect to the network and have full internet access, but after a few minutes its as if the network checks my phone for the certificate, and when it can't find it, throws me offline. Now here's the annoying part. I went to entrust.net to look for the certificate I would need to put on my phone, and found that they offer 4 different certificates. I then looked on the phone at the bottom of settings>location & security and found, "manage trusted certificates". There was a big list of certifcates preloaded on the phone. And guess what? All 4 entrust certificates came pre-loaded on the Atrix. So the problem is not that the certificate is not on my phone, the problem is that I can not associate the certificate to my wifi profile for work.
There are even 2 options under the manage wifi connection that reference certifcates, but when I click them to try and load a certificate, it won't allow me to select anything. I'll post a screen shot of that at the end of this post. If it means anything, the iPhone 4 will auto-pull that certificate when trying to connect to my network here at work. As soon as you connect it will ask to accept the certificate. My work uses WPA Enterprise.
Screenshot: Oh yea.... I forgot, I can't find a single app that will screenshot on the Atrix. What a cool feature we are missing out on. Actually a very needed feature in my opinion.
Please help me or point me in the direction where I can find help. WPA enterprise is pretty common in the business world so someone has already come across this, I am sure.
Sent from my Atrix using XDA App
Android does not have native support for LEAP either. I went through a similar mess as you trying to get my Atrix to connect at work. I had to download the wifi advanced app in order to get a connection.
I'm sure you're already searching "WPA Enterprise Android". It may be worthwhile to see if there's a wifi app out there that could fix your problem.
I have that app and can add extra options yes, it still doesn't allow me to deal with the certificate problem though
Sent from my Atrix using XDA App

How to gain full internet access?

I work in a Govt. office where we have LAN connection. Through the LAN we can only open websites ending with .nic.in. My question is Can I gain full internet access and open websites like google, facebook and xda etc. Please help me out if there is a way to do this with the detail steps. I will be forever gratefull if someone can help me with this. I am using Windows 7 ultimate. Please help.
Sent from my GT-S5360 using xda premium
Odd place to ask this, but I would say try out Tor Browser. Also try Firefox portable (assuming you can stick a flash drive in the computer), there seems to be something about it, can't explain it, my tethering isn't blocked on it, but is on IE, and at my work websense doesn't seem to be able to block me.
Oh, if you get fired for non-work related web-browsing, I claim no responsibility.
Sent from my LG-P999 using xda premium
Волк said:
Odd place to ask this, but I would say try out Tor Browser. Also try Firefox portable (assuming you can stick a flash drive in the computer), there seems to be something about it, can't explain it, my tethering isn't blocked on it, but is on IE, and at my work websense doesn't seem to be able to block me.
Oh, if you get fired for non-work related web-browsing, I claim no responsibility.
Sent from my LG-P999 using xda premium
Click to expand...
Click to collapse
Will changing the DNS Server solve this? Or using a VPN or web proxy?
Sent from my GT-S5360 using xda premium
thadoukuki said:
Will changing the DNS Server solve this? Or using a VPN or web proxy?
Sent from my GT-S5360 using xda premium
Click to expand...
Click to collapse
well that depends, if your admin is worth his pennies then no, it wont help at all.
setup a white list on the physical router to the outside world and your snookered.
If they have just blocked access via the DNS server and its simply unable to resolve names then you could try bring up the command prompt and ping a website via its IP address type
ping 208.67.222.222
if that works then change your DNS server to that IP address, its an OpenDNS server, very good as it happens, if it doesn't then your screwed unless they are operating a black list, but that's just stupid as you could simply find a website not black listed or make your own that uses a frame to redirect to a site of your choosing.
NB, they might have locked that ip address too so try some others, less obvious ones
the trick is finding out how they have blocked you first, then you can see if there is a way, but white lists are a real pain in the arse, they might even just run a proxy server and have cached sites on that, if they are running a proxy server you could try and delete those settings, just make sure you write all this down or your admin will likely get a bit pissed off at you...
and a final point to remember, your often blocked for a good reason and that reason is usually in your contract of employment, you connecting to sites your not supposed to will stick out like a sore thumb on the router logs as well so as ^ said, if you get fired its not our fault
I used to work at a hospital that started blocking us from alot of sites. We eventually figured out they were using Symantec to do it so everyday we would uninstall it. Some days it would last all day, others it would last 10 minutes but we could usually wait and uninstall it again to regain access. We used xp on all the computers and we were assigned to different pods almost daily so we never were caught; not that they couldn't figure it out if they tried. If they are using Symantec then you may be able to uninstall it, otherwise you may be screwed.
I am still a RN and goto school with my patient. We are blocked on laptops from certain sites but I am not blocked on my phone. I can tether my phone to my laptop and it allows me access for some reason. I'm unsure if this is an option but figured I would throw it out there.
Sent from my SCH-I535 using xda app-developers app
jlangleyrn said:
I used to work at a hospital that started blocking us from alot of sites. We eventually figured out they were using Symantec to do it so everyday we would uninstall it. Some days it would last all day, others it would last 10 minutes but we could usually wait and uninstall it again to regain access. We used xp on all the computers and we were assigned to different pods almost daily so we never were caught; not that they couldn't figure it out if they tried. If they are using Symantec then you may be able to uninstall it, otherwise you may be screwed.
I am still a RN and goto school with my patient. We are blocked on laptops from certain sites but I am not blocked on my phone. I can tether my phone to my laptop and it allows me access for some reason. I'm unsure if this is an option but figured I would throw it out there.
Sent from my SCH-I535 using xda app-developers app
Click to expand...
Click to collapse
Symantec .....XP
**shudders**
is it at all possible that even though you have your phone connected via wifi that it still has a GPRS or HSPA signal? if so then its probably bulking at the lack of access on the wifi then switches to GPRS.
dazza9075 said:
Symantec .....XP
**shudders**
is it at all possible that even though you have your phone connected via wifi that it still has a GPRS or HSPA signal? if so then its probably bulking at the lack of access on the wifi then switches to GPRS.
Click to expand...
Click to collapse
Ya I agree about the xp and Symantec but with 2000+ terminals, I'm sure it was the simpliest solution.
When I'm tethering my laptop via phone at the school, we don't have cell coverage in the majority of the rooms, which is why they give us a basic internet access so I don't believe I'm pulling in my mobile data, if I'm understanding your question correctly.
I'm back there on Friday and will see what's being blocked before tethering and then see what my data is looking like afterwards. I was "assuming " they were running different security for the mobile devices, allowing the loophole, but could be wrong.
Sent from my SCH-I535 using xda app-developers app

How Often Do You Change Your Wireless Lan Password?

FYI: I'm writing a paper for a class of mine that concerns wlans. Something that I would like to include is how often peopel change their wlan passwords. I did a search on the internet for a similar poll but I did not find anything of merit. So, I'm hoping I might get some decent data, enough to mention in my paper.
Very rarely.
bump
I never change wlan passwords as i have enabled mac filtering, due to that no one could get access through my router.
same here, have wpa2 + aes with a hidden SSID and enabled mac filtering, so no reason really for me to change it
I never change my wifi password as I'm not the one in charge of that but the one who is I know never changes it as he does not know how to change the password used to auto connect the the router and I'm way too lazy to tell him how
Just FYI MAC filtering isn't the most secure. But using a good WPA/WPA2 password is. I probably should change mine but I don't want to. lol
MrObvious said:
Just FYI MAC filtering isn't the most secure. But using a good WPA/WPA2 password is. I probably should change mine but I don't want to. lol
Click to expand...
Click to collapse
I have router with WPA2 + AES + MAC Filtering enabled and i dont think anybody could crack all this.
jitkr said:
I have router with WPA2 + AES + MAC Filtering enabled and i dont think anybody could crack all this.
Click to expand...
Click to collapse
Technically all encryption can be broken. Right now AES encryption is very hard to break but if you have a weak password it is easy.
I have changed my pw once that's it.
Sent from my LiquidSmooth S3 using xda app-developers app
Every time when I buy a new router!
When:
I update my Router software or change the router.
I told it too many people.
But with the current setup I have something that will propably stay a while.
Wpa2 Aes only. SSID is broadcast, Mac Filtering is off, Key is 46 characters full-typable-charset randomness. Only for my devices.
I have a second network for guests which is open. I have put a button on the router that lets me toggle internet access for the guestnet so that people dont torrent the f*ck outta my bandwidth when I'm away or I'm alone.
If I ever get ultra bored enough I will propably try a overblown EAP-TLS setup just for the lulz, who knows maybe it will be profitable setting such up for other people somewhere in the future.
i never change mine, i guess i should start
I cannt change because I lost my modem login pass
Orginal PWD, never change it
Never. I set a new password when buying a new wireless router, but don't change it once it's set. I live in a very rural area so not much risk of someone trying to hack my network anyway.
twice a month for me
Sent from my Burst S280 using xda premium
never

[Q] How to connect my GT-I9300 to my router when SSID is off?

Well due to a suspicion of someone in my area trying to get into my network I disabled the SSID.
Since then my GT-I9300 stopped seeing it, says it's out of range. My router is TP-Link TL-WR1043ND
Any way I can fix that? I have stock rom with root.
If you disabled your ssid no device will be able to see it. Basically it means your wifi is off. You have to enable ssid in order to connect to it. Few steps you can make to ensure its more secure. Change log in user name and password to your router. Change your wifi ssid and password to a more complicated one.
Sent from my GT-I9305 using Tapatalk
UD3R said:
Well due to a suspicion of someone in my area trying to get into my network I disabled the SSID.
Since then my GT-I9300 stopped seeing it, says it's out of range. My router is TP-Link TL-WR1043ND
Any way I can fix that? I have stock rom with root.
Click to expand...
Click to collapse
I never tried, but I can't believe we don't have the option to connect to a hidden SSID
I downloaded this app and it does work. https://play.google.com/store/apps/details?id=jp.sourceforge.soopy.hidden.ssid.enabler&hl=en
It allowed me to connect to my wifi with the SSID not broadcasting.
If you know the SSID name you can add it manually with the add option.
As has been said, you will need to add your network again, and type the SSID in, just tap "Add Wi-Fi network" under Wi-Fi settings.
Also just so you know hiding the SSID will not provide much more security, it's easy to obtain the SSID even if it's hidden with the right software, also if someone was attempting to gain unauthorised access to your network they probably know your SSID anyway. If you use a strong WPA2 key to secure your network it will provide much more security than hiding your SSID.
No one can crack WPA2. Just stay away from WEP.
jinosong said:
No one can crack WPA2. Just stay away from WEP.
Click to expand...
Click to collapse
Listen to this man.
jinosong said:
No one can crack WPA2. Just stay away from WEP.
Click to expand...
Click to collapse
All kinds of network security can be cracked. It's a matter of resources (time, processing power, etc.). Just keep in mind that some (like WPA2) are just more difficult to break than others (WEP).
And also, don't forget that PEBKAC.
Cheers
PS: I think that changing and hiding the SSID + choosing a strong WPA2 key can bring enough peace of mind. Unless you're dating the daughter of the Head of NSA
Analog33k said:
All kinds of network security can be cracked. It's a matter of resources (time, processing power, etc.). Just keep in mind that some (like WPA2) are just more difficult to break than others (WEP).
Click to expand...
Click to collapse
I knew some idiot was gonna be a smartass and state this. We're talking about a neighbor cracking this guy's home network. Everything can be cracked with enough resources; yes we know that.
jinosong said:
I knew some idiot was gonna be a smartass and state this. We're talking about a neighbor cracking this guy's home network. Everything can be cracked with enough resources; yes we know that.
Click to expand...
Click to collapse
Wow... "Idiot"... "Smartass"... Who is, really? Mr Wikipedia-I-Know-Everything who can't be a bit polite in a forum? Come on, guy... Go breathe some fresh air outside and come back (or not).
Btw, pls give correct answers to the one asking a serious question and stop polluting his thread.
Peace & ciao.
Sent from my GT-I9300 using XDA Premium 4 mobile app
Listen you pre-pubescent know-it-all. I gave him the correct answer, to set it to WPA2, which is safe enough for the guy's needs. Then you come with some wise-ass statement stating nothing's safe from cracking. Do you think the NSA is going to try to crack his internet password?
The worst part of forums like XDA is that we have to put up with little nerdy middle school kids who aren't yet socially apt but want to look like they have a clue.
UD3R said:
Well due to a suspicion of someone in my area trying to get into my network I disabled the SSID.
Since then my GT-I9300 stopped seeing it, says it's out of range. My router is TP-Link TL-WR1043ND
Any way I can fix that? I have stock rom with root.
Click to expand...
Click to collapse
Dude, let's stick to the point you've raised.
YES, you can hide your ssid AND put a WPA2 key on it. You just have to add it as another network. That's my current router configuration, and everything is running quite smoothly.
Let us know if it works.
Cheers
Sent from my GT-I9300 using XDA Premium 4 mobile app
srafa007 said:
If you know the SSID name you can add it manually with the add option.
Click to expand...
Click to collapse
right !

Categories

Resources