Transcript Reaver
Linux Deploy
This application is open source software for quick and easy installation of the operating system (OS) GNU/Linux on your Android device. The application creates a disk image on the flash card, mount it and install there OS distribution. Applications of the new system are run in a chroot environment and working in parallel with platform Android. All changes made on the device are reversible, ie the application and components can be removed completely. Installation of a distribution kit is carried out on a network from the official mirrors online. The application are required superuser rights (ROOT).
Linux Deploy Features
• Supported distributions: Debian, Ubuntu, Arch Linux, Fedora, openSUSE, Kali Linux, Gentoo • • Installation type: file, partition, directory Supported file systems: ext2, ext3, ext4 • Control interface: SSH, VNC, X, framebuffer • Desktop environment: XTerm, LXDE, Xfce, GNOME, KDE • Supported languages: English, Russian
Prerequisites for Kali
• A device running Android 2.1 and above, rooted.
• At least 5 GB free space on internal or external storage.
• • A fast, wireless internet connection.
Patience to wait for a distribution to bootstrap from the network.
Aircrack-ng
Aircrack-ng is an 802.11 WEP and WPA-PSK keys cracking program that can recover keys once enough data packets have been captured. It implements the standard FMS attack along with some optimizations like KoreK attacks, as well as the PTW attack, thus making the attack much faster compared to other WEP cracking tools.
In fact, Aircrack-ng is a set of tools for auditing wireless networks.
Reaver
• • • Reaver implements a brute force attack against Wifi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases, as described in http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf
. Reaver has been designed to be a robust and practical attack against WPS, and has been tested against a wide variety of access points and WPS implementations. On average Reaver will recover the target AP's plain text WPA/WPA2 passphrase in 4-10 hours, depending on the AP. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase.
Metasploit
• Validate security risks as part of your vulnerability management program. • • Safely simulate attacks on your network to uncover security issues.
Verify your defenses, security controls and mitigation efforts.
• Measure the effectiveness of your security awareness program.
• Audit password security beyond Windows and Linux logins.
Nmap
Nmap ("Network Mapper") is a free and open source ( license ) utility for network discovery and security auditing. Many systems and network administrators also find it useful for tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. It was designed to rapidly scan large networks, but works fine against single hosts. Nmap runs on all major computer operating systems, and official binary packages are available for Linux, Windows, and Mac OS X. In addition to the classic command-line Nmap executable, the Nmap suite includes an advanced GUI and results viewer ( Zenmap ), a flexible data transfer, redirection, and debugging tool ( Ncat ), a utility for comparing scan results ( Ndiff ), and a packet generation and response analysis tool ( Nping ).
Kali Linux ISO of Doom
• Unattended, self-deploying • • On reboot after the installation completes, Kali would automagically connect back to the attacker using a reverse OpenVPN connection
Remote Hardware Backdoor
• The “backdoor” would once again be a fully fledged Kali Linux installation running our reverse bridging VPN connection. The hardware could be a small netbook, an android phone, or a small USB powered ARM device. This device is left at the customer site tucked away in a place it won’t be noticed, allowing you to bypass external defenses.
Sources
• https://play.google.com/store/apps/details?id=ru.meefik.linuxdeploy
• http://www.kali.org/how-to/kali-linux-android-linux-deploy/ • www.rapid7.com/ (Metasploit) • http://www.offensive-security.com/kali-distribution/kali-linux-iso-of doom/