The Conscience Of An Ethical Hacker

As many of you already know, I host a YouTube channel where I share a variety of penetration testing tutorials. As a result, I’ve encountered a handful of individuals who question the ethicality of my YouTube content. Although these individuals form the minority, their argument is valid and, like every perspective, deserves objective consideration. Their […]

The HackBook Is Finally Here!

The HackBook is finally here… and it’s FREE! The HackBook is a free Android app offering more than 50 of the most reliable step-by-step hacking tutorials for users of all skill levels. Get over to the Google Play store and download your copy of the HackBook while it’s still free. Some popular HackBook tutorials include, […]

Traveling the World Through Webcams

When I opened my eyes, I found myself watching the Tonight Show with Jay Leno from the comfort of an unfamiliar couch. It was one of those oversized L-shaped couches that you really want but can’t have because it won’t fit in your 700 square-foot apartment. As I was sitting there, enjoying the luxury of […]

Review: Alfa APA-M04 7dBi Panel Antenna

If you’re a fan of Alfa’s AWUS036NHA USB network adapter, you’ve probably considered picking up an Alfa APA-M04 7dBi directional panel antenna. Although the APA-M04 costs under $8, you’re better off using your hard-earned money to polish your least favorite pair of shoes. I have to admit that I didn’t research this antenna before I bought it. In all honesty, I got caught up in the excitement of ordering an Alfa AWUS036NHA and, when coupled with free shipping, I couldn’t resist spending the extra $8.

When compared against the 5dBi dipole antenna that comes with the Alfa AWUS036NHA, the 7dBi antenna failed to prove itself a worthy contender. To make this comparison, I tested each antenna by performing a 60-second airodump scan in a controlled environment. The test yielded results indicating that the 7dBi antenna is hardly an upgrade. See for yourself.

5dBi Antenna Scan Results:

7dBi Antenna Scan Results:

You probably felt like you were looking at two scans performed by the same antenna. I felt the same way. You may have noticed that the 7dBi antenna’s results reflect a slightly higher signal rating. Although true, the question is whether or not the small increase in performance is worth $8 +shipping?

Review: WiFi Pineapple Mark IV

According to the Hak5 website, “since 2008 the WiFi Pineapple has been a favorite among penetration testers and security enthusiasts” because of its high performance, ease of use, and ability to be concealed. In fact, many Pineapple users would argue that the Mark IV is a must-have tool for pen-testers. The Pineapple, however, isn’t necessarily suitable for everyone. Although the Pineapple prides itself on its high level of automation and community-based support, some basic skill is still required to guarantee a user-friendly experience.

The WiFi Pineapple is designed to work primarily with Windows and Linux operating systems but Hak5’s WiFi Pineapple FAQ page states, “the WiFi pineapple is independent of OS and can be used with anything that has a TCP stack and a browser.” If you expect to connect the WiFi Pineapple to a Mac with no hassles, think again. Mac users will need to manually configure their network settings before they can access the Pineapple’s web-based control center. The good news- I’ve created a step-by-step video tutorial to walk you through the entire process. You can view the video here. The tutorial will teach you how to:

Configure internet connection sharing (ICS) on your Mac. ICS is essential if you plan to use your Pineapple to perform man-in-the-middle (MITM) and other internet-dependent attacks. Without ICS, Pineapple clients will not be supplied with an active internet connection.
Configure ethernet tethering on your Mac. Ethernet tethering is necessary because, in addition to supporting ICS, it is the only pathway to your Pineapple’s web interface. Without access to your Pineapple’s control center, your left with a shiny black box that does nothing.

Now, let’s take a look at the Pineapple’s features.

3G Mobile broadband and Android tethering
Manageable through SSH
Support for auxiliary WiFi adapters
Web-based interface for easy management
Expandable with community modules
Community-based support
Facilitated man-in-the-middle attacks
Expandable storage

As you can see, the Pineapple has an arsenal of features under its hood. The possibilities seem endless, right? Well, not entirely. In respect to the widespread data limitations that many of us have so sadly fallen victim to, grandfather data plan holders are considered to be some of the luckiest people in the world. If you are lucky enough to have a grandfather data plan, however, this is actually bad news if you’re a Pineapple user. Why? The Pineapple only supports Android’s native tethering feature, which, as I’m sure you already know, cannot be enabled unless you have a limited data plan. Currently, there is no 3rd party application capable of enabling the Android’s native tethering feature, not even for root users. So, unless you are willing to sacrifice your unlimited data plan, you won’t be providing unlimited mobile bandwidth to your Pineapple clients any time soon. Wait! There’s good news. Although it’s less convenient, I’ve developed a workaround. Instead of tethering your Android directly to the Pineapple, you can use your computer to bridge the connection. Think of your computer as a sort of middle man. With the help of 3rd party tethering applications, such as FoxFi and PdaNet, sharing your Android’s internet connection with the Pineapple (through your computer) becomes very easy.

What makes the Pineapple unique? Convenience by means of consolidation. The Pineapple executes tasks that would otherwise require the use of multiple applications and hardware components. For example, a man-in-the-middle attack typically requires a computer, an operating system, two network adapters, a router with an internet connection, and a MITM script. The Pineapple consolidates all of these items into one unit, making it a powerful, feature-rich device.

By a standard of reliability and versatility, the WiFi Pineapple Mark IV is an exceptional tool. If you’re not a sucker for convenience however, you may find that there are other more cost-effective alternatives to the Pineapple. It just depends on your requirements and your budget. In addition, due to the lack of support focused on beginner needs, I would not recommend this tool to inexperienced users. Regardless of the issues highlighted during my review, I would argue that the Mark IV is a must-have tool for pen-testers.

Review: Alfa AWUS036NHA

If you’re searching for a reliable and affordable USB network adapter to use with your BackTrack 5 virtual machine, you’ve just found it. The Alfa AWUS036NHA is, hands down, the best Linux-compatible network adapter in its class. The Hak5 website asserts that it’s “the obvious choice for WiFi Hackers.” Why? Because, unlike most of its predecessors, the AWUS036NHA supports all six wireless modes.

When measured on a scale of affordability and reliability, one can easily conclude that the Alfa is a cost-effective solution to their networking needs. In fact, I picked one of these bad boys up for under $29 on the Rokland Technologies website- cheaper than the more favorable Amazon. I also grabbed an Alfa 7dBi directional panel antenna, which I wrote about here.

Let’s take a closer look at the Alfa AWUS036NHA.

Product Overview:

Atheros AR9271 chipset
5dBi interchangeable dipole antenna (RP-SMA connection)
150Mbps data rate
802.11 b/g/n standards
2.4GHz frequency range
64/128-bit WEP, WPA, WPA2, TKIP, and AES data encryption support
Windows and Linux Compatibility

Like I pointed out earlier, the Alfa supports six wireless modes. For those of you who don’t know why this is important, allow me to explain a couple of the modes. Let’s start with monitor mode, not to be confused with promiscuous mode. Monitor mode is a mode that allows you to monitor a wireless network’s traffic without associating with the network’s access point. This mode is commonly used to perform packet analysis and network traffic evaluations but is better known for its ability to facilitate packet sniffing.

Next up is master mode. Master mode is a mode that allows you to impersonate an access point and provide network services (i.e. internet access) to clients. In simpler terms, master mode transforms your network adapter into a wireless router. When a potential client searches for available access points, he or she will be confronted with the option to connect to your access point. This is where things get interesting. If a client elects to connect to your access point, he or she immediately becomes susceptible to all kinds of attacks including the infamous man-in-the-middle (MITM) attack. Believe or not, luring a victim is as easy as naming your access point “Starbucks WiFi.” Something to think about the next time you connect to your favorite coffee shop’s WiFi hotspot.

Now that you have a better understanding of the Alfa AWUS036NHA, I’ll leave it to you to decide whether or not it’s the right adapter for you. If you still are not convinced, don’t take my word for it. Check out Amazon.com and read the reviews left by the dozens of satisfied customers. Better yet, compare it to other USB network adapters.

Wordmerge – A utility for merging multiple wordlist files together

.___ __ _ _____________ __| _/_____ ___________ ____ ____ \ \/ \/ / _ \_ __ \/ __ |/ \_/ __ \_ __ \/ ___\_/ __ \ \ ( <_> ) | \/ /_/ | Y Y \ ___/| | \/ /_/ > ___/ \/\_/ \____/|__| \____ |__|_| /\___ >__| \___ / \___ > \/ […]

HackThis

Watch. Learn. Hack

The Conscience Of An Ethical Hacker

The HackBook Is Finally Here!

Traveling the World Through Webcams

Review: Alfa APA-M04 7dBi Panel Antenna

Review: WiFi Pineapple Mark IV

Review: Alfa AWUS036NHA

Wordmerge – A utility for merging multiple wordlist files together

Share this:

Share this:

Share this: