Hacking Wi-Fi Networks with Fern, Kali and a Raspberry Pi

Fern Wifi Cracker 1

Wouldn’t it be cool to be able to test wireless network security using your Raspberry Pi? Well, thanks to Kali Linux, you can! With Kali you can scan for Wi-Fi networks and even perform active penetration testing using your $35 Raspberry Pi.

I just finished up another article for Hakin9 Magazine. In the article I covered using a Raspberry Pi to crack Wi-Fi security from install to basic pentesting.

With Kali you can use all the normal command line airmon-ng tools that you can use on a regular Linux machine. Fern is nice because it adds a graphical interface to the airmon-ng tools making things so much easier.

Let’s take a quick look at Fern:

(NOTE: As always, these techniques are for IT teams and computer security testers, never attack or attempt to access a network that you do not own or have permission to access.)

From the main menu (see picture above) just select your wireless card, then scan for access points. As they are found Fern lists them under the WEP or WPA Button.

Fern Wifi Cracker Detected

Clicking the associated button will display a list of the access points found. Then just select the one you want to test. You now have two attack options. You can select the Reaver WiFi Protected Setup (WPS) attack and a normal Association Key dictionary brute force attack :

Fern Wifi Cracker Detected 2

Fern works very well and is actually pretty responsive when run on a Raspberry Pi.

With the Pi being so small and cheap, this opens up some interesting options for professional penetration testers, especially when paired with a USB Wi-Fi adapter and a battery back.

For a lot more information on computer security, including bypassing the most common Wi-Fi security techniques, check out my new step-by-step tutorial book, “Basic Security Testing with Kali Linux”.

Data Insecurity: Outsourcing your Data

A former employee of Hostgator has been arrested and charged with installing a backdoor that gave him almost unfettered control over more than 2,700 servers belonging to the widely used Web hosting provider.” – Arstechnica

Just one of the potential dangers of placing control of your data into the hands of others. Unfortunately unauthorized users accessing servers is not an uncommon occurrence.

We have seen former IT Administrators try to log into companies where they no longer worked. In one extreme case one server support company was logging into a company server at night and deleting files. Then charging them emergency fees to “fix it” the next day when they called in a panic.

Cloud storage comes with new risks. A recent report by a multinational company found that data that it had stored on the cloud was actually stored in 15 to 20 different places!

Where those multiple locations as dedicated to security as the main location? What if one of the servers holding the data was compromised? Would the main company even know? Especially if the compromised server was used for backup storage or a somewhat trivial seeming task.

If you have critical data, the best policy is to keep it in corporate hands as much as possible. Change Domain passwords when key IT employees leave the company. Monitor systems and analyze access logs. Research security policies of hosting and cloud companies that you choose to use.

Ask questions like, where will my data be stored? How will it be secured? How many people will have access to it?

Every company must analyze their own needs for external services and must understand the risks.

Poland approves Missile Shield Despite Russian Protest – And Possible Hacking Attempts?

sm-3 interceptor

Poland confirmed today that they will move forward with building a national missile defense shield. A move that will no doubt draw the ire of Russia and possible cyber attacks as they see the missile shield as a threat to their national security.

Today, Polish President Bronislaw Komorowski signed into law an amendment guaranteeing funds for the program through 2023. Polish Foreign Minister Radoslaw Sikorski told Parliment:

We will create our own air defense system. Our national missile shield, with the American shield, the elements of which will be on our territory by 2018 and will make up part of the NATO system.”

Poland’s president also met with Georgian President Mikheil Saakashvili on Thursday to express support for their interest in increasing ties with Europe and bilateral relations. Russia has had rocky relations with Georgia since they declared their independence in 1991 and the Russia-Georgia war in 2008.

The missile defense plan has drawn strong opposition from Russia as they see the shield as a threat to their national security. Add to that Poland’s increasing ties with the US, Georgia and NATO, and you have a potential powder keg.

Last month, Poland’s presidential network was hacked, and the Defence and Foreign Affairs Ministries offices were also attacked. Apparently a hacker known as Alladyn2 has claimed responsibility for the attack. Alladyn2 was quoted as saying his attacks were meant only to “test the government’s ability to withstand them“.

The hacker also claimed to attack the Polish network a year ago and there is a Pastebin post under his name with a list of NT Active Directory account hashes supposedly obtained from a Polish government site in 2012 (But posted last month).

Though Poland has been under attack in the past by the hacker group Anonymous, these were mostly Distributed Denial of Service type attacks, not direct hacking attempts.

Could it have been Russia that was truly behind the intrusion attempts of Poland’s government network?

We may truly never know, as they are not going to release information about it. But with the open protest of Poland’s proposed missile defense shield, and their increased ties with the West, it is definitely a strong possibility.