Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
Search - "wpa"
I just fired off my stickers e-mail !!
Oh and: R.I.P WPA
Also, get this: Website uses PHP V < 5, no HTTPS, shitty code..
It got hacked and guess what ? The website maintainers got surprised !!2
Wi-Fi WPA2 has supposedly been successfully hacked and a proof of concept is supposed to be released later today. Thoughts? Link below.
Monday morning, went to the local grocery store to get myself some croissants and 2 bottles of wine.
Cashier: "Already at it in the morning, you sure about that?"
Me: "Long story short, I've got a Wi-Fi driver from Intel to debug and rewrite, and it's a fucking piece of shit.. can't go at it without hitting or preferably exceeding the Ballmer Peak... Also I'm awake since yesterday evening already."
Why even ask? Yeah I'm a fucking alcoholic, and guess why that is.. stupid nontechnical fucks, certified enganeers like that motherfucker at Intel who wrote this pile of garbage called ipw2200, and technology that can't be arsed to work properly on its own unless I build the fucking thing myself, just to name a few reasons.
You know what, fucking piece of shit from Intel, whoever it is? How about I let you choke on my dick while fucking hanging you with a sharp metal wire that's carrying 2kVAC from a microwave transformer, just to see whether I'd nut first, or you either choke, get electrocuted, or get your fucking throat slit first. Certificates aren't an excuse for committing this fucking pile of shit and calling it a fucking product!!
Now, it's time to dive into this giant stinking fucking turd I guess.. first glass of wine to get myself prepared for the shitstorm that's a giant 20k LoC C file with barely any comments, to look what the fuck causes this fucking pile of shit to disconnect and ask for WPA credentials after a while, despite having them stored.. and not reconnect after that, because why the fuck would you?!11
Every time I hear my boss say "surely it can't be that hard" or "that's what, like a 5 minute job?"
So I have that custom-made wifi router I've built. And it uses a USB wifi adapter with AC (wifi5) capability - the fastest one I could find in AliExpress.
I set it up a while ago - the internet access works fine, although speeds are somewhat sluggish. But hey, what to expect from a cheapo on Ali! Not to mention it's USB, not a PCIe...
A few days ago I ran a few speedtest.net tests with my actual AC router and the one I've built. Results were so different I wanted to cry :( some pathetic 23Mbps with my custom router :(
This evening I had some time on my hands and finally decided to have an umpteenth look.
nmcli d wifi
this is what caught my eye first. The RATE column listed my custom router as 54Mbps, whereas the actual router had 195Mbps.
I have reviewed the hostapd configuration sooo many times - this time nothing caught my eye as well.
Googling did not give anything obvious as well.
What do we do next? Yes, that's right - enable debug and read the logs.
> VHT (IEEE 802.11ac) with WPA/WPA2 requires CCMP/GCMP to be enabled, disabling VHT capabilities
This is one of the lines at the top of the log. Waaaaiiitttt.. VHT is something I definitely want with ac -- why does it disable that??? Sounds like a configuration fuckup rather than the HW limitation! And config fuckups CAN be fixed!
Turns out, an innocently looking
made a world of a difference!
connect to the hostapd hotspot and run that iperf3 test again, and... Oh my. Oh boi! My pants fell off -- the speed increased >3x times!
A quick speedtest.net test deems my custom router's download speeds hardly any worse than the speeds obtained using my LInksys!!
The moral of the story: no matter how innocent some configurations look, they might make a huge difference. And RTFL [read the fucking logs]
In the pic -- left - my actual router, right - my custom-built router with a USB wifi adapter. Not too shabby!8
FYI to anyone following the Krack WPA2 vulnerability
A testing suite in python has made its way to github.
On a 5 hour bus ride for which the company advertised that they have WiFi. Technically they did, it just didn't seem to be connected to anything. (it was but it was unusable). I tried logging into the router as i always do and one default "admin" password later i was in.
I didn't want to mess up anything too badly, however i did change the wpa password to "YouShouldMakeThisABitMoreSecure"5
Last night I was exploring the feasibility of cracking the WPA2 key of my own router at home. I set out on a late night adventure, set up a couple devices and, knowing the default password convention of the manufacturer, setup a Hashcat instance with the relevant masks on my laptop, created a Crunch wordlist and ran aircrack on my Raspberry Pi 3, and thought "Hey - maybe there's something for Android too."
Hashcat on Android is a cat based social media app. I'm a little scared.4
My non dev friend called me in middle of night for getting shortcut virus removed! I would have blasted 🔫 him but I felt pity on the guy as I know that he is poor with tech stuff
Any he had only windows, so I Google up solution and replied back to him.
He asked where to put it. I told him in cmd. He is like what so I told him to press win+r then in that type d and "black" 🏴 window will appear. Type in that.
guess what he typed exactly as mentioned in the reply and didn't replace the drive name properly .😑
I told him to put proper drive and saw that he missed spaces so l told him that he missed space 😤 and he put only one space and it still had problem so I had to explain it in weirdest was possible( shown in fig 1.1 had been writing report and figure gave yo be mentioned with number 😅)
Finally. It was all done! Well some pf my cs ( !counter strike but computer science friend) are worse then this can't use teminal or even connect to WiFi (wpa-enterprise @ college with mschap v2 and peap auth which is crackable using twin tower and brute force) properly, do I guess it not BA's that this guy cry to get rid of shortcut virus (virus > wifi setup) 😬
Finally I feel relived after ranting 😪5
Whenever you can't connect to a wifi using wpa_cli know that it's WPA supplicant and not WPA supplican.
I am going to stab a brick wall. I am at my university trying to install Arch Linux, but the connection is WPA-EAP and wifi-menu does not work. I need it installed by class tomorrow or else I'll have to use Windows. I don't understand how to set up a wpa_supplicant file. I'm sure it's simple for PSK's... But I don't know what to put for "eap" Linux is making me so pissed today. (but I still love her) I am really done with this2
Anyone have much success with Kali/WiFi penetration testing?
I've been tasked with trying to break WPA security within a couple of hours without a dictionary attack - is that even possible?
I have an Alfa AWUS036NHA capable of monitoring mode if that makes any difference. It's my first time trying anything like this.10
WEP security on a brand new wifi rollout. Do it for the legacy because no one knew the scanner gun (like target or walmart has) could operate on WPA Personal or even....802.1x Kerberos Security login. At least it was *something* but the whole place was on windows xp and server 2003.
It is 2016. Lets learn our technologies and read the manuals.
Experienced devs please tell help me.
Learning software development has been a challenge. Many times it's frustrating.
I also learn languages and I find them to share one trait with software development, which is complexity.
At first I looked at languages the way I'm currently doing with software. I'd look in a new language and after decided it's cool to learn it, I would stare at it for a few weeks trying to realize what the heck I was going to do. I wouldn't even know how to get started.
Eventually this stage goes away and I think that is about to happen with me with software.
But then a new challenge would come, which is me not making progress as I wanted. That's sort of happening with me by learning software as well, bit in language I now know how to deal with it.
That's because I work full time with something that isn't in my interests and when I arrive home Im tired and want to relax. So I decided my language learning had to go slower as long as I have this job, meaning no hours spent in front of books or a pc studying - that's what I could do with English, I was a teenager and had 12 hours a day to do whatever I wanted.
So I usually spent 5 minutes here and there learning something in my target language when I can, no frustration needed, my only rule is: practice everyday, even if I don't learn anything new.
With software, that doesn't apply though.
So, what I mean by tracing a parallel between these to fields is that I have a strong conviction is that once you get the principles on how a certain kind of learning works, you can apply it everywhere in the field. But with software it's been harder.
Anyways, I see that are some principles that apply, cause trying to learn software is changinge and teaching a lot of things like:
*you have to read a lot (of documentation) . At first I thought all documentation was painful to read and understand, but I found out some software are well documented and one can use those only to get used with it.
*immersion / discipline are important. I'm not very disciplined, I'm better with immersion but both are important if you need to acquire complex subjects/skills
*how to deal with complexity. I installed Arch Linux a few days ago. Just to install it I ended up reading more than 20 pages of documentation (install guide, Wpa supplicant, systemd, networkd, xorg, etc etc). Gradually I'm realizing that when you have to install/tweak something in that distro you necessarily spend a bunch of time trying to understand how it works, otherwise you don't get too far like in Ubuntu or Debian.
*and lastly the one that bothers me. Constantly getting frustrated and feeling crap about my poor skills. No matter how much I progress, it still seems like I'm stuck.
(that's when I ask your help/opinion :) )4
3 hotel wifis (in this order):
Unstable, weak and needed to go to a diff building
WPA (why the fuck did they even >downgrade< the security from the default...)
Why is everybody using "wpa_passphrase" instead of "psk" in wpa_supplicant.conf is beyond me. You have an option to avoid plaintext passwords, the wpa_passphrase CLI tool even generates an entry for suppliant configuration, yet it seems nobody is using it.9