Apparently a kid ran off because his parents took away his xbox? I wonder if entertainment can be classified as an addiction yet…Microsoft is matching the reward to help find him…

Microsoft, which makes the Xbox 360, said it would match the existing reward of C$25,000 ($19,400) for information leading to Brandon Crisp’s return.

Generous. The kid’s safe return is worth about 150 xbox 360s…harsh…

The 15-year-old has been missing since October 13. He ran away from his home in Barrie, Ontario, north of Toronto, after his parents took away his gaming privileges because of his excessive playing of “Call of Duty 4: Modern Warfare”.

Probably rude of me to crack a joke…but did they check the backyard?

It is possible that police will ask or have already asked Microsoft to divulge the list of players with whom Brandon Crisp has played recently.

Hopefully not a kidnapping. Here’s the original article.

http://www.reuters.com/article/technologyNews/idUSTRE49Q5N320081027

Got a shirt from Rackspace! Woot!

Rackspace shirt! woot!

Rackspace rocks!

ZOMBIE BUNNY!

YES! YES YES YES YES! LOL!

*hiss*

*Twitch*

For most of my password generating in windows I use a tool from pctools.com. You can get the tool here. An excerpt from the website is appropriate…

Password Generator - is an offline version of the web-based Password Generator which allows you to securely and easily create passwords locally on your own PC.

Really the only part of the tool I use but it also includes other tools…

Password Checker - a new feature that lets you check the quality and strength of a password. By entering your password in the checker it will run a series of tests on the password to indicate how strong it is, and therefore how easy it may be to guess or crack.

Could be useful, but I do most of my pentesting in linux…

Password Revealer - works with Internet Explorer to reveal saved password that you have entered in web-forms but may have subsequently forgotten or lost. Simply bring up the hidden password in Internet Explorer, highlight it, and Password Revealer will tell you the saved password.

Handy! I was able to reveal passwords when I wasn’t an admin. I’m smiling.

The web version of the password generator is here. I recommend the encrypted connection.

https://secure.pctools.com/guides/password/

I haven’t been posting much these days. I’m busy with work, having recently moved also I’m still settling some, and I things coming up. Email me or catch me on IM…or facebook. Lots of people have been using facebook to contact me recently.

Later

PS. Big change happening to kowblog before the end of the year…

I’ve been asked twice in the last 24 hours what i’m up to by people who typically don’t speak to me. Maybe someone will decide to pick up on one of these community sites I go to every so often and read…yeah?

I’m ok. Still working hard. Moved east. Same city. Still busy. Everything else is the same. If you don’t know what the everything else is ask me sometime.

Changed my blog some…

I suppose there’s probably a slew of other documents detailing…or summarizing…how to crack a WEP key with BackTrack. That’s fine. I’ll probably link to some later.

I’m assuming whomever reading this already knows about atheros devices. I’m assuming a lot of other things too and I’m not one to detail the primer; plenty of linux help out there on google.

Concepts

1. Create monitoring interface.
2. Select a target.
3. Capture ARP for a replay attack.
4. Attack the client; force deauthorization and replay.
5. Crack it.

Step Through Summary

1. Created the monitoring interface using the command airmon-ng start wifi0. This created an interface ath1 which I then used for the rest of the process.
2. Using airodump I located an Access Point and chose a target associated. airodump-ng ath1 Found an AP/client pair on channel 1 and decided to pursue it using the command airodump-ng -w target1_datetime -c 1 –ivs ath1. (–ivs switch used for cracking…I recommend reading manpages [airodump-ng, ivstools, makeivs] dumpfile is required when using –ivs)
3. Grabbing the AP/client MAC mapping I’m going to try to capture IVs aireplay-ng -3 -b {APMAC} -h {CLIENTMAC} ath1. Stepping into it…
4. I want to deauth the target to capture ARP and replay when I get it. aireplay-ng -0 -2 -a {APMAC} -c {CLIENTMAC} ath1. (research the syntax. deauth(0) twice(2). I’d imagine anything much higher and you risk losing heartbeat)
5. I collected IVs over the course of a minute so I decided to try cracking it. aircrack-ng target1_datetime Wasn’t long enough…So I tried about 5 minutes. Cracked the key.

I recommend more reading on PCAP and the tools used. Also some interesting things could be done with netcat…

Google similar documents: “Backtrack 3 + cracking WEP”

I only used this on my own networks…