wifiphisher – Man-in-the-middle attack software for WiFi

Wifiphisher is a rogue Access Point framework for conducting red team engagements or Wi-Fi security testing. Using Wifiphisher, penetration testers can easily achieve a man-in-the-middle position against wireless clients by performing targeted Wi-Fi association attacks. Wifiphisher can be further used to mount victim-customized web phishing attacks against the connected clients in order to capture credentials (e.g. from third party login pages or WPA/WPA2 Pre-Shared Keys) or infect the victim stations with malwares. [1] [2]

Installation

In Kali Linux, we can use following command to install wifiphisher

sudo apt install wifiphisher

or using git

git clone https://github.com/wifiphisher/wifiphisher.git
cd wifiphisher
sudo python setup.py install

Usage

1

wifiphisher -i wlan0

2 Use Up/Down Arrow keys to navigate through access points, hit Enter key to select

wifiphishier
wifiphishier

3 We will be asked for which scenario to use

wifiphisher - Available Phishing Scenarios
wifiphisher – Available Phishing Scenarios

4 If we select “2 – Firmware Upgrade Page”, a monitoring screen will appear, wifiphisher will monitor the device which is trying to connect to non-existent network, then create fake version and trick them to connect.

( When victim have submitted the password, we will be notified in wifiphiser )

A successful attack
A successful attack

5 After the victim is joined, they will be asked to enter the wifi password

Fake router configuration page asking for wifi password
Fake router configuration page asking for wifi password

(Other fake login screens)

Fake OAuth Login Page
Fake OAuth Login Page
Fake web-based network manager
Fake web-based network manager

Then the attacked ends, captured password will be displayed on the screen

Attack ends, password shown
Attack ends, password shown

Resources

[1] https://wifiphisher.org

[2] https://github.com/wifiphisher/wifiphisher


How to: Change Sharp multifunctional printer (MFP) Scan file name

1 Find the IP address for the printer for login to web management page

2 Navigate to “System Settings – Image Send Settings” (Login as Administrator as requested)

Sharp, System Settings
Sharp, System Settings

3 Navigate to “Scan Settings – Administration Settings”

Scan Settings
Scan Settings

4 Change the File Naming as you wish, Check to include that part in the file name, un-check to exclude, we can modify the “Text” field as we wish and include in the file name, only only include “Text” part in the file name

Change File name for scanning
Change File name for scanning

How to: Fix pfSense “vnstatd Status Traffic Totals data collection daemon” not Starting

The Issue

Can’t start “vnstatd Status Traffic Totals data collection daemon”

pfSense - vnstatd refuse to start
pfSense – vnstatd refuse to start

The Fix

1 From menu bar, navigate to “Status – Traffic Totals”

pfSense - Menu bar
pfSense – Menu bar
pfSense - Menu bar - Status - Traffic Totals
pfSense – Menu bar – Status – Traffic Totals

2 Click on “Display Advanced”

pfSense - Status - Traffic Totals
pfSense – Status – Traffic Totals

3 Click on “Enable Graphing”

pfSense - Status - Traffic Totals - Enable Graphing
pfSense – Status – Traffic Totals – Enable Graphing

4 Now we can see, Traffic Totals started running

Traffic Totals started running
Traffic Totals started running
Traffic Totals started running
Traffic Totals started running

How to: Find out your genuine Windows 10 product key from the computer easily with different methods

1 Using ProductKey

A free software for reviewing Windows product keys.

ProductKey
ProductKey

Download ProduKey (In Zip file)

Download ProduKey for x64

2 Using Registry Editor

1 Use Win + R key combination to launch “Run” Window

Microsoft Windows - Run window
Microsoft Windows – Run window

2 Type regedit, then hit Enter key, Registry Editor Window will appear

Windows 10 Registry Editor
Windows 10 Registry Editor

3 Navigate to following path

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform
Registry Editor - SoftwareProtectionPlatform
Registry Editor – SoftwareProtectionPlatform

You will be able to find your Windows product key besides “BackupProductKeyDefault” key

3 Using PowerShell/Command Prompt

1 Launch command prompt/PowerShell with Admin privilege.

1.1 By using Win + X key, launch the Command Prompt (Admin) or PowerShell (Admin)

2 Execute following command

wmic path softwarelicensingservice get OA3xOriginalProductKey
wmic path softwarelicensingservice get OA3xOriginalProductKey
wmic path softwarelicensingservice get OA3xOriginalProductKey

4 Using PowerShell/Command Prompt with Registry command



1 Launch command prompt/PowerShell with Admin privilege.

1.1 By using Win + X key, launch the Command Prompt (Admin) or PowerShell (Admin)

2 Execute following command

REG QUERY "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SoftwareProtectionPlatform" /v BackupProductKeyDefault
Get value for "BackupProductKeyDefault" from command prompt or PowerShell
Get value for “BackupProductKeyDefault” from command prompt or PowerShell

URL vs URI vs URN

A URI can be further classified as a locator, a name, or both. The term “Uniform Resource Locator” (URL) refers to the subset of URIs that, in addition to identifying a resource, provide a means of locating the resource by describing its primary access mechanism (e.g., its network “location”). The term “Uniform Resource Name” (URN) has been used historically to refer to both URIs under the “urn” scheme [RFC2141], which are required to remain globally unique and persistent even when the resource ceases to exist or becomes unavailable, and to any other URI with the properties of a name. [1]

An individual scheme does not have to be classified as being just one of “name” or “locator”. Instances of URIs from any given scheme may have the characteristics of names or locators or both, often depending on the persistence and care in the assignment of identifiers by the naming authority, rather than on any quality of the scheme. Future specifications and related documentation should use the general term “URI” rather than the more restrictive terms “URL” and “URN” [RFC3305]. [1]

URI: Identifier of a specific resource. e.g. A page, document or book

URL: A special kind of identifier which also tells us how to access the resource. e.g. HTTP/HTTPS, FTP etc.

Venn diagram of URIs as defined by the W3C
Venn diagram of URIs as defined by the W3C [2]

Resources

[1] “RFC 3986 – Uniform Resource Identifier (URI): Generic Syntax”, Tools.ietf.org, 2005. [Online]. Available: https://tools.ietf.org/html/rfc3986. [Accessed: 22- Mar- 2020].

[2] “What is the difference between a URI, a URL and a URN?”, Stack Overflow, 2015. [Online]. Available: https://stackoverflow.com/questions/176264/what-is-the-difference-between-a-uri-a-url-and-a-urn. [Accessed: 22- Mar- 2020].


How to: Check open ports quickly in Linux

Nmap

sudo nmap -sT -p- 10.0.0.1

-sT: Scan TCP ports

-p-: All 65535 ports

(Without -p-, by default Nmap will scan 1000 ports)

Output

Starting Nmap 7.80 ( https://nmap.org ) at 2020-03-22 23:10 CEST
Nmap scan report for 10.0.0.1
Host is up (0.00010s latency).
Not shown: 998 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
80/tcp open  http
MAC Address: xx:xx:xx:xx:xx:xx
Nmap done: 1 IP address (1 host up) scanned in 0.50 seconds

The above scan shows that only ports 22, 80 are open.

To scan UDP ports use -sU instead of -sT

sudo nmap -sU -p- 10.0.0.1

Netcat

nc -zv 10.0.0.1 20-443

-z: Only scan for open ports without sending any data

-v: Set verbosity level (can be used several times)

Scan host 10.0.0.1 for open ports from 20 to 443

Output

nc: connect to 10.0.0.1 port 20 (tcp) failed: Connection refused
nc: connect to 10.0.0.1 port 21 (tcp) failed: Connection refused
Connection to 10.0.0.1 22 port [tcp/ssh] succeeded!
…
Connection to 10.0.0.1 80 port [tcp/http] succeeded!
Connection to 10.0.0.1 443 port [tcp/https] succeeded!

-u: Scan UDP ports

nc -z -v -u 10.0.0.1 20-443

Only display open ports with grep

nc -z -v 10.0.0.1 20-80 2>&1 | grep succeeded
 
# Output
Connection to 10.0.0.1 22 port [tcp/ssh] succeeded!
Connection to 10.0.0.1 80 port [tcp/http] succeeded!
Connection to 10.0.0.1 443 port [tcp/https] succeeded!

How to: Add specific/custom folders to Windows index (So that contents will come up in search results in Start Menu)

1 Bring up the “Indexing Options”

1.1 Method 1

1.1.1 Click on Start button to bring up Windows Start menu

Start button
Start button

1.1.2 Type index

Type index
Type index

We will find “Index Options”

1.2 Method 2

1.2.1 Use Win + R key combination to bring up Run window

Microsoft Windows - Run window
Microsoft Windows – Run window

1.2.2 Type control then hit Enter key, Control Panel will appear

Windows 10 Control Panel
Windows 10 Control Panel

1.2.3 Click on “Large icons”

Large icons
Large icons

1.2.4 Click on “Index Options”

Index Options
Index Options

1.3 Method 3

1.3.1 Use Win + R key combination to bring up Run window

Microsoft Windows - Run window
Microsoft Windows – Run window

1.3.2 Type one of following commands then hit Enter key

control.exe srchadmin.dll
 
control /name Microsoft.IndexingOptions
 
rundll32.exe shell32.dll,Control_RunDLL srchadmin.dll

2 Add the desired folder to Windows Index

2.1 Click on “Modify” button

Windows 10 Index Options
Windows 10 Index Options

2.2 Check the desired folders, so that they will be indexed. You can select folders from other drives as well, e.g. D, E, F drive

Windows 10 Indexed Locations
Windows 10 Indexed Locations

(If we can’t find what we want to add to index, we can click on “Show all locations” to show more locations)

2.3 Click on “OK” button to save the changes.

(Next time when the system is updating the index, those folders/contents will be indexed as well)

3 Rebuild Index

If you want to rebuild index instantly, here is how

3.1 After we have clicked on “OK” button, we are back to “Index Options” window again

Windows 10 Indexing Options
Windows 10 Indexing Options

3.2 Click on “Advanced” button

3.3 Click on the “Rebuild” button, now the system will start to rebuild the index (Note: It will take awhile, if you have heaps of files, it will take even longer)

Windows 10 Index Options - Advanced Options
Windows 10 Index Options – Advanced Options

When it’s finished, our files/folders will come up in the search results


Useful tools for Python

Python Tutor

Free online Python code visualization, Python learning tool.

Python Tutor
Python Tutor

http://pythontutor.com/

Anaconda

Easy package management

Packed with many useful Python tools

Anaconda
Anaconda
Anaconda - Software
Anaconda – Software

https://www.anaconda.com/distribution/#download-section

Jupyter Notebook

Jupyter notebook is like a magic notebook for Python. It can be used to share Notes, algebra, data analytics, code etc easily.

Jupyter Notebook
Jupyter Notebook

https://jupyter.org/install

(We can use Anaconda to install it easily)

IPython

IPython is a interactive shell for Python.

Supports Automatic indenting, bash shell commands, many built-in functions etc.

https://ipython.org/

Skulpt

Skulpt is a online Python environment built via javascript. Use with CodeMirror, we can do basic Python programming.

Skulpt
Skulpt

http://skulpt.org/