Teknik Informatika

Despite the security concerns that have plagued Facebook for years, most people are sticking around and new members keep on joining. This has led Facebook to break records numbers with over  one billion monthly active users  as of October 2012—and around 600 million active daily users. We share our lives on Facebook. We share our birthdays and our anniversaries. We share our vacation plans and locations. We share the births of our sons and the deaths of our fathers. We share our most cherished moments and our most painful thoughts. We divulge every aspect of our lives. We even clamor to see the  latest versions even before they're ready  for primetime. But we sometimes forget who's watching. We use Facebook as a tool to connect, but there are those people who use that connectivity for malicious purposes. We reveal what others can use against us. They know when we're not home and for how long we're gone. They know the answers to our security questions. People c...

Most of you lot would be aware what WPA/WPA2 is so I won't bang on about the encryption or protocols a great deal. In short WPA and WPA2 both have a maximum of 256bit encrypted with a maximum of 64 characters in the password. The encryption is really only 64bit but x 4 because of the way the authentication functions as a 4 way handshake. Before starting with oclHashcat. I would suggest to test for a WPS/Wifi Protected Setup' using Reaver and more recently the Pixie-dust method as it can effectively crunch the 11,000 WPS pins and extract the WPA pre shared key a lot faster than a complex WPA/WPA2 password. If WPS is secure I would suggest to then move onto WPA/WPA2 this method or the Evil twin method that clones the AP. The tool Hashcat has been around for sometime and is CPU based, oclHashcat makes use of modern GPU processors and makes use of its physics abilities to crack most modern encrypted user/pass hashes. oclHachcat will function in linux and also in windows. . ...

Fluxion is a remake of linset by vk439 with fixed bugs and added features. It's compatible with the latest release of Kali (Rolling) How it works •Scan the networks. •Capture handshake (can't be used without a valid handshake, it's necessary to verify the password) •Use WEB Interface  •Launches a FakeAP instance imitating the original access point •Spawns a MDK3 processs, which deauthentificates all of the users connected to the target network, so they can be lured to connect to FakeAP network and enter the WPA password. •A DHCP server is lainched in FakeAP network •A fake DNS server is launched in order to capture all of the DNS requests and redirect them to the host running the script •A captive portal is launched in order to serve a page, which prompts the user to enter their WPA password •Each submitted password is verified against the handshake captured earlier •The attack will automatically terminate once correct password is submitted Download

WPA Enterprise is widely used in large corporations as it offers individual and centralized control through a server that authenticate the users (RADIUS server). In this tutorial I will show you how to break the barrier and obtain the user credentials. How It Works? Let's have a quick look about what we are talking. RADIUS  is the acronym of  R emote  A uthentication  D ial- I n  U ser  S ervice. When a user requests a connection to the network using his credentials, the request is redirected to the RADIUS server. It checks the information and if correct, assigns network resources to the client such as a specific IP address. In some cases the credentials used to connect to the company's network are the same that users use to access the services of the company. This means that if you obtain the credentials, you would be able to enter in the user's mail account, for example. Interesting? I think so. In large companies network's Access Points ar...