An (Updated) Hacker’s Toolkit

hacker
Facebooktwittergoogle_plusredditpinterestlinkedinmail

We thought that this would be a good time to update this popular article, as new tools to hack private communications in WiFi hotspots are always evolving. This article discusses some of the most well-known WiFi hacking tools.

Instructions

Unfortunately, novice hackers don’t have to look very hard to find all they need to know regarding how to hack. For example:

  • Kali Linux is one of the best known hacking tool collections, and their website provides many how-to hacking links.
  • YouTube now has more than 300,000 videos on WiFi hacking, some with millions and millions of views. One of the first listed is called “how to hack any WiFi hotspot in about 30 seconds.”
  • There are many other hacking websites out there, but since many of them are dubious and may have malware installed on them, we do not want to link to them as they may put you at risk.

Software

The following is a list of the top 10 tools preferred by both ethical and black hat hackers in 2015:

  • Angry IP Scanner: Angry IP Scanner is a free network scanner that is very easy to use. It scans IP addresses and ports to find open ports.
  • Burp Suite:  A penetration testing tool that has several features that can map out the various pages and structure of a website by looking at cookies, and then initiates attacks on various web applications.
  • Cain & Able: This is a multi-purpose tool that can intercept network traffic, using information contained in those packets to crack encrypted passwords using dictionary, brute-force and cryptanalysis attack methods, record VoIP conversations, recover wireless network keys, and analyze routing protocols. Its main purpose is the simplified recovery of passwords and credentials. This software has been downloaded over 400,000 times.
  • Ettercap: This widely used hacking tool works by placing a user’s network interface into promiscuous mode and by ARP poisoning, which is a process in which the hacker gives the wrong MAC or IP address to the network in order to carry out a Man-in-the-Middle attack.
  • John the Ripper: This hacking tool is popular for dictionary attack. It takes text string samples from a large dictionary, encrypts it in the same way as the password being crack, and then compares the output to the encrypted string. This is an example of a brute force attack.
  • Metasploit: This hacking tool can be used for exploiting a network’s backdoor. While it’s not free, it is a huge popular penetration testing tool used by both ethical hackers, as well as unethical ones. It helps provide information about known security vulnerabilities for a network.
  • NMap: Also known as Network Mapper (or nmap for short), this free hacking tool is used by network administrators for security and auditing purposes. It uses IP packets to determine what hosts are available on the networks, what services they offer, what types of protocols are being used, what operating systems are being used on the network, and what type of packet filters and firewalls are being used.
  • Nessus Remote Security Scanner: This hacking tool can be used with client-server frameworks, and is the most popular vulnerability scanner worldwide.
  • THC Hydra: This is another password hacking tool that uses a dictionary or brute force attack to try various password and login combinations against a log in page.
  • Wapiti: This is a penetration testing tool that is able to scan hundreds of possible vulnerabilities. It can audit the security of web application by performing black box scans, which scans the HTML pages of the application it is trying to attack in order to inject data.

For hackers that prefer a turn-key package, there are also hardware wireless hacking tools available. We’ve highlighted one called WiFi Pineapple. It’s a simple, small, portable device that can be carried into any hotspot and used to attract any laptop trying to find a WiFi  access point. The Pineapple uses a technique called an Evil Twin attack. Hackers have used tools like KARMA to do the same thing for years, but with Pineapple, now you can buy a piece of hardware for only $100 that allows you to become a hacker without downloading or installing any software.

Here’s what their website says: “Of course all of the Internet traffic flowing through the pineapple such as e-mail, instant messages and browser sessions are easily viewed or even modified by the pineapple holder.”

Hacking Countermeasures

Fortunately, there are resources that you can use to help combat these threats. Below are two excellent books:

  • Hacking Exposed: Network Security Secrets & Solutions, by Joel Scambray. This book talks about security from an offensive angle and includes a catalog of the weapons hackers use. Readers see what programs are out there, quickly understand what the programs can do, and benefit from detailed explanations of concepts that most system administrators do not understand in detail. Hacking Exposed wastes no time in explaining how to implement the countermeasures that will render known attacks ineffective. Taking on the major network operating systems and network devices one at a time, the authors tell you exactly what UNIX configuration files to alter, what Windows NT Registry keys to change, and what settings to make in NetWare.
  • Wi-Foo: The Secrets of Wireless Hacking, by A. Vladimirov, K. Gavrilenko, and A. Mikhailovsky. This book is the first practical and realistic book about 802.11 network penetration testing and hardening, based on a daily experience of breaking into and securing wireless LANs. Rather than collecting random wireless security news, tools, and methodologies, Wi-Foo presents a systematic approach to wireless security threats and countermeasures starting from the rational wireless hardware selection for security auditing and describes how to choose the optimal encryption ciphers for the particular network you are trying to protect.

Definitions

The following list includes common WiFi terms discussed in this white paper. For additional terms and definitions, please see our online glossary.

Brute Force Attack

Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords through exhaustive effort (using brute force) rather than employing intellectual strategies. Just as a criminal might break into, or “crack” a safe by trying many possible combinations, a brute force cracking application proceeds through all possible combinations of legal characters in sequence. Brute force is considered to be an infallible, although time-consuming, approach.

Encryption

Encryption is the translation of data into a secret code. To read encrypted data, you must have access to the secret key or password that was used to translate the data into cipher text. That same key or password enables you to decrypt cipher text back into the original plain text. Encryption is the most effective way to achieve data security, but depends on using keys known only by the sender and intended recipient. If a hacker can guess (crack) the key, data security is compromised.

Evil Twin

This is a rogue WiFi access point that appears to be a legitimate one, but actually has been set up by a hacker to intercept wireless communications. An Evil Twin is the wireless version of the “phishing” scam: an attacker fools wireless users into connecting their laptop or mobile phone by posing as a legitimate access point (such as a hotspot provider). When a victim connects to the Evil Twin, the hacker can launch man-in-the-middle attacks, listening in on all Internet traffic, or just ask for credit card information in the standard pay-for-access deal. Tools for setting up an evil twin are easily available (e.g., Karma and Hotspotter). One recent study found that over 56% of laptops were broadcasting the name of their trusted WiFi networks, and that 34% of them were willing to connect to highly insecure WiFi networks – which could turn out to be Evil Twins.

HTTPS

Hypertext Transfer Protocol Secure (HTTPS) combines the Hypertext Transfer Protocol used by browsers and websites with the SSL/TLS protocol used to provide encrypted communication and web server authentication. HTTPS connections are often used to protect payment transactions on the Internet so that anyone that might intercept those packets cannot decipher sensitive information contained therein.

Man-In-the-Middle Attacks

A man-in-the-middle attack is a form of active eavesdropping in which the attacker makes independent connections a communication source and destination and relays messages between them, making those victims believe that they are talking directly to each other, when in fact the entire conversation is being controlled by the attacker. The attacker must be able to intercept all messages exchanged between the two victims. For example, an attacker within reception range of an unencrypted WiFi access point can insert himself as a man-in-the-middle by redirecting all packets through an Evil Twin. Or an attacker can create a phishing website that poses as an online bank or merchant, letting victims sign into the phishing server over a SSL connection. The attacker can then log onto the real server using victim-supplied information, capturing all messages exchanged between the user and real server – for example, to steal credit card numbers.

Sidejacking

Sidejacking is a web attack method where a hacker uses packet sniffing to steal a session cookie from a website you just visited. These cookies are generally sent back to browsers unencrypted, even if the original website log-in was protected via HTTPS.  Anyone listening can steal these cookies and then use them access your authenticated web session. This recently made news because a programmer released a Firefox plug-in called Firesheep that makes it easy for an intruder sitting near you on an open network (like a public wifi hotspot) to sidejack many popular website sessions. For example, a sidejacker using Firesheep could take over your Facebook session, thereby gaining access to all of your sensitive data, and even send viral messages and wall posts to all of your friends.

Sniffers

Packet sniffers allow eavesdroppers to passively intercept data sent between your laptop or smartphone and other systems, such as web servers on the Internet. This is the easiest and most basic kind of wireless attack. Any email, web search or file you transfer between computers or open from network locations on an unsecured wireless network can be captured by a nearby hacker using a sniffer. Sniffing tools are readily available for free on the web and there are at least 184 videos on YouTube to show budding hackers how to use them. The only way to protect yourself against WiFi sniffing in most public WiFi hotspots is to use a VPN to encrypt everything sent over the air.

SSL

A Netscape-defined protocol for securing data communications – particularly web transactions – sent across computer networks. The Secure Sockets Layer (SSL) protocol establishes a secure session by electronically authenticating the server end of any connection, and then using encryption to protect all subsequent transmissions. The Transport Layer Security (TLS) protocol refers to the Internet standard replacement for SSL. Websites that are addressed by URLs that begin with https instead of http use SSL or TLS.

WEP and WPA

WEP and WPA are security protocols used to protect wireless networks. Wired Equivalent Privacy (WEP) is a deprecated security protocol for IEEE 802.11 wireless networks. Because all wireless transmissions are susceptible to eavesdropping, WEP was introduced as part of the original 802.11 standard in 1997. It was intended to provide confidentiality comparable to that of a traditional wired network. Since 2001, several serious weaknesses in the protocol have been identified so that today a WEP connection can be cracked within minutes. In response to these vulnerabilities, in 2003 the Wi-Fi Alliance announced that WEP had been superseded by Wi-Fi Protected Access (WPA). Wi-Fi Protected Access versions 1 and 2 (WPA and WPA2) refer to certification programs that test WiFi product support for newer IEEE 802.11i standard security protocols that encrypt data sent over the air, from WiFi user to WiFi router.

Get Private Wifi   Protect your personal information.
Get DataCompress   Cut your mobile data usage.

Jared Howe

Jared Howe is PRIVATE WiFi’s Senior Manager, Product Marketing Communications. Working in high tech for over 15 years, Jared currently lives in Seattle with his wife, daughter, and their two cats.

147 Responses

  1. Nelson Campbell says:

    I’m glad to say CREDIT FIRM REPAIR is the best credit hacker anyone should trust and confidently work with, after he helped me clear 6 negatives on my profile and raise my FICO score to 807 excellent score, I also recommended him to my friend with bad credit report, he delivered with a satisfying process, thank you for not failing me. Text via creditfirmrepair at gmail dot com for all credit fix, Chex system, DUI fix.

  2. Sarmantha Adams says:

    The decision I made was going to r a y l i n k c y b e r s e r v i c e s [at] gmail [dot] com about my credit issues, I was having a low credit of 503 which prevented me from purchasing a new home, couldn’t believe he is sincere and trustworthy until I came in contact with him. With my greatest surprise he got my credit fixed and raised my score to 792 also deleted all the bad marks on my credit report. Gladly got approved for home loan. Big thanks to him. Contact no; [7707695986]

  3. Andy Livermore says:

    After getting out of prison my credit score was very bad and because of my criminal records I was not able to get a well paying job. I was a changed man but nobody deemed me good enough to work in their firm so a friend referred me to a hacker who helped me wipe all my criminal records and then cleared all the negative items on my credit report. With it I started a new life. Now I am working as a system analyst for a reputable firm and I can afford anything good. I know many face similar issues, if you ever need the hacker he is his contact: W I Z A R D C R E D I T H A C K [@] C O N S U L T A N T . COM.

  4. Terrence Wilson says:

    Please beware there are many fake bitcoin mining/clouding out there, I have been a victim once but now a certified blockchain consultant and I know better. The whole plan was so smooth I could not doubt it. Bitcoin is actually a great investment option but one thing I discovered over time is that it is not possible to mine bitcoin so don’t be deceived. I invested $25000 on a particular website called eurekaminingblock, I monitored the profit yielding but was told to open a new blockchain account to receive my payout. A public wallet was imported into the account and I was made to believe that was my profit. The bitcoin was labelled non spendable and it took me 2 years to be able to access it without the knowledge of the company. The non spendable bitcoin is the scam out there now and a lot of people are falling victim of it. I found Instant recovery (a recovery expert and trader) on Quora who helped me access a significant part of my investment together with the profit without the knowledge of the company. You can reach them at instantrecovery12((At)) gmail{}com

  5. Vince Reed says:

    superfastvenom@ gmail. com improved my business credit score in 72hours, i can say he’s the best hacker i’ve hacked with so far. You can trust him.

  6. Bright Wayne says:

    If you need a loan to buy a home or a new car but your poor credit is hindering you from getting approved for it, You should contact
    ( H A R D W A R E H A C K E R 0 0 2 @ gmail D O T com). They increased my credit score to 790 and expunged all the negative items I had on my credit permanently in the space of 3 weeks. You should reach out to Aceteam if you need your credit improved so you can get that house or car you seek for.

  7. Matilda Perry says:

    ireally just got a new car from the help of this guy i just met after he fixed my credit and i applied for a loan
    i was tryna give a legit plug but they took my first post down…but here you go anyway just crack the code to get the email

    iamthedevil (at) instruction (.) com… thank me later

  8. angelina says:

    I know how desperate you’re to increase your credit score then i got adams who You can as well fix your credit score by contacting +84 92 392 13 41 com . I hope you get lucky with him, too..

  9. Tami Churchil says:

    I was able to recover my funds from a very sketchy credit repair company, Just last month a friend and I invested all our life savings in fixing our credit but got duped in the process. This June, we were able to use the services of ”JimFundsRecovery AT Consultant DOT Com” and we have gotten all our money back. My nightmare is over, It’s a whole new day here. Do be careful when dealing with these companies

  10. Joseph Rubin says:

    I took control and contacted superfastvenom@gmail.com to clear my dmv and upgrade my brother’s credit score, he can also tap into anyone’s phone, the solution is now in your hands.

  11. Joseph Rubin says:

    I took control and contacted superfastvenom@gmail.com to clear my dmv and upgrade my brother’s credit score plus he can also tap into anyone’s phone, the solution is now in your hands.

  12. Andrew says:

    The right hackers are always difficult to come across, stories of hackers been paid to do jobs which are eventually never carried out are very common today, for this very reason i suggest you try out INSTANTRECOVERY12//AT// GMAIL . COM. They help me recover just under 80% of the amount i put in some scam wallet.

  13. David Newsom says:

    I highly recommend Cyberdon for your Credit Repair process. He responded very quickly throughout the credit repair exercise and explained all of my questions and concerns clearly and adequately. Cyberdon is highly knowledgeable in his field and you can’t go wrong with him. I had an eviction, collections and couple of hard inquiries on my credit and it wouldn’t let me qualify for a home purchase. Cyberdon wiped it all clean and raised my score to a high 790 within a few weeks. I bought the house afterwards and thanks to him. you can reach him on; C y B e R d O N at T E c H i E dot C O M.

  14. Julian says:

    Have you lost your hard earned money to; Binary option scam, Forex trading Romance scam and any other kind of online investment? I have a good news for you, it is possible to recover your stolen funds!
    I had doubts it was possible to recover the funds I lost to binary options until i met INSTANT RECOVERY. They asked for a few days to work on my case and they were able to recover 85% of my stolen funds. They literally changed my life.
    However, big thanks to INSTANT RECOVERY for helping me recover a huge sum
    of my stolen funds and still working on full recovery for me…

    Contact them via [instantrecovery12(at)gmail dot coM].

  15. Wilson Scott says:

    We wanted to buy a car, but we found out that my credit score was really low to do anything. I had about 13 cards in collections. One was a medical bill I guess. We hired Cyber Don to assist me with my credit. In 9 days, he raised my score to 797, took care of all collection cards and added a seasoned line of credit. We got the new car ASAP. Cyber Don is a sweetheart, you can hire him too;C Y B E R D O N @ T E C H I E . C O M

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.