Hardware acceleration, such as the use of NPU chipsets in Wi-Fi networks, increases the data transmission rate and decreases latency. However, it also creates security problems owing to the direct transmission of wireless frames by Access Point (AP) routers.

Researchers from Tsinghua University and George Mason University have recently found a security weakness in the wireless frame forwarding mechanism used by the NPU. Attackers may take use of the vulnerability to conduct a Man-in-the-Middle attack (MITM) on Wi-Fi networks by circumventing the need for rogue access points (APs). Intercepting a victim’s plaintext communication while avoiding link layer security methods such as WPA3 is possible with this technique. The research paper that  team wrote has been approved for presentation at the 2023 IEEE Symposium on Security and Privacy.

The scenario shown in Figure  depicts a situation in which an attacker and a victim supplicant are both connected to the same Wi-Fi network in order to access Internet services. Imagine that you have successfully completed the phone authentication process and are now able to access the Wi-Fi network at Starbucks. Each session to the AP router is protected by a Pairwise Transient Key (PTK) session key, and the Wi-Fi network that you are trying to connect to has WPA2 or WPA3 installed to provide security.

They made the discovery that the security methods, such as WPA2 and WPA3, may be readily evaded, giving attackers the ability to read the plaintext of the victim supplicant’s communication. An impersonation of the access point (AP) is created by the attacker via the use of spoofing the source IP address. The attacker then sends a victim supplicant an ICMP redirect message, which is an ICMP error message with a type value of 5.

Because of the need to maximize performance, the NPU in the AP router (for example, Qualcomm IPQ5018 and HiSilicon Gigahome Quad-core) would immediately transfer the bogus message of ICMP redirection that it has received to the victim supplicant. After receiving the message, the victim supplicant will be deceived into changing its routing cache and substituting the next hop to the server with the IP address of the attacker. This will allow the attacker to get access to the server. Because of this, future IP packets that were supposed to be sent to the server are instead routed to the attacker at the IP layer. This gives the attacker the ability to send the packets to their intended destination. The MITM attack is successfully carried out by the attacker, who does not make use of any rogue AP in the process. This allows the attacker to intercept and change the traffic of the victim supplicant invisibly.

Both Qualcomm and Hisilicon have verified that their NPUs are susceptible to the vulnerability that prohibits AP devices from successfully blocking faked ICMP redirect packets. This vulnerability has been given the identifier CVE-2022-25667 by Qualcomm.

The researchers recommend two preventative steps that may be taken in response to this attack:

Adding features to access points that will slow down maliciously constructed ICMP redirection. If the message has clear unlawful features (for instance, the source IP address of the message is provided with the AP’s IP address, and the message can only be created by the AP itself), then the AP should block and discard the message as soon as it is detected. This strategy depends on the participation of both the NPU chip makers and the AP suppliers in a collaborative effort.
Improving the ability of supplicants to check the ICMP packets that they have received. The supplicant has the ability to successfully detect bogus ICMP messages and mount a defense against this attack provided it ensures that the source IP address and source MAC address of the received ICMP message are consistent with one another.

The post Hack public Wifi networks using WPA2 or WPA3 security & Radius server with new technique appeared first on Information Security Newspaper | Hacking News.

Password cracking for WiFi networks is one of the hacking activities that most interest beginner researchers, cybersecurity experts and sporadic users alike and, although it is possible to find information about it online, sometimes this is unclear and may not be aimed at the right audience.

That is why the experts of the cybersecurity course of the International Institute of Cyber Security (IICS) how to complete these tasks relatively easily and in just a few steps. To do this, we will use the utility known as coWPAtty, which simplifies and accelerates conventional dictionary attacks.

Before continuing, we remind you as usual that this article was prepared for informational purposes only and should not be taken as a call to action. IICS is not responsible for the misuse that may occur to the information contained herein.

Step 1: Find coWPAtty

The utility is included by default in the Kali Linux software package, although it is not in the /pentest/wireless directory. According to the experts of the cybersecurity course, the application resides in the /usr/local/bin folder, which we will open below.

Let’s run the following code:

cd /usr/local/bin

Since the utility is in the /usr/local/bin directory, it can be launched from any folder on Kali Linux.

Step 2: Use the coWPAtty help screen

For a brief description of the available options, the cybersecurity course experts recommend only typing the following command:

cowpatty

Then, Kali Linux will display a small help screen. Remember that coWPAtty requires some data to work properly:

• Word list
• File with password hashing
• Access point SSID to hack

Step 3: Switch the wireless adapter to monitor mode

Like other hacking tools, coWPAtty requires changing the WiFi adapter to monitor mode to get the password, mention the experts of the cybersecurity course.

Let’s run the following code:

airmon-ng start wlan0

Step 4: Create a file to intercept

Next, we need to create a file to store the password intercepted during the 4-way handshake. To do this, we will use the following code:

airodump-ng --bssid 00: 25: 9C: 97: 4F: 48 -c 9 -w cowpatty mon0

The above command will dump the selected access point (00:25:9C:97:4F:48), the specified channel (-c 9) and save the hash in a file called cowcrack, say the experts of the cybersecurity course.

Step 5: Handshake Interception

Now we just have to wait for someone to connect to the compromised access point, which will allow us to intercept the hashing. Cybersecurity course experts recommend using Airodump-ng to receive a notification when someone connects to the target network.

Step 6: Run the utility

After getting the password with hashing, we can use coWPAtty along with our word list to get the decrypted key.

Let’s run the following code:

cowpatty -f /pentest/passwords/wordlists/darkc0de.lst -r /root/cowcrack-01.cap -s Mandela2

The screenshot above shows how coWPAtty generates a hash for each word in our list with the SSID and compares it to the intercepted hash. Once the hash matches, the utility will display the access point password on the screen.

Step 7: Create your own hash

Typically, coWPAtty uses a list of words provided by the user and calculates the hash of each based on the specified SSID, although this task consumes a large amount of processor resources, mention the experts of the cybersecurity course.

Luckily, now the utility has support for working with a ready-to-use hash file, which makes WPA2-PSK password cracking more efficient by more than 1000%. These files are generated using 172,000 dictionary files and 1,000 of the most popular SSIDs. Remember that if your SSID is not included in this list, the feature will not help us. In this case, we must generate our own hash list from the SSID of the access point used.

Let’s use the following code:

genpmk -f /pentest/passwords/wordlists/darkc0de.lst -d hashes -s Mandela2

Step 8: Using your own hash

After generating a list of hashes for a specific SSID, we can start cracking the password by running the following command:

cowpatty -d hashfile -r dumpfile -s ssid

Although not the only utility of its kind, coWPAtty is one of the best options for WiFi password cracking as it is easy to use and does not require advanced hacking knowledge.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post How to hack WPA2-PSK WiFi passwords easily with just 10 commands using this tool appeared first on Information Security Newspaper | Hacking News.

Developing a functional cyber security strategy not only requires knowing everything about vulnerable software, social engineering campaigns or malware variants employed by hackers, as it is also necessary to know what kind of physical equipment threat actors use during their attacks.

This time, cyber security experts from the International Institute of Cyber Security (IICS) will show you a list of the most popular devices in the cybercriminal and ethical hacking community. Before continuing, we remind you that this article was prepared for informational purposes and should not be taken as a call to action, so IICS is not responsible for the misuse that may be given to the information contained herein.

Sniffer USB

The term USB sniffer refers to devices capable of intercepting traffic on the affected networks, and can be really useful for threat actors during the network diagnostic process and even to intercept user passwords.

These devices can intercept all detected packets, or only the first bytes of any ftp, telnet, pop3 and others. According to cyber security experts, sniffers work from the premise that some passwords are transmitted over the network in clear text, which makes them vulnerable.

Yagi Antenna

Yagi antennas are a kind of longitudinal radiators used to detect radio wavelengths in a very wide spectrum; in other words, they can pick up very high frequencies and even the lowest frequencies known.

In Yagi antennas the interaction between elements is used, in which standing waves of current arise, as a result of which a traveling wave with a pronounced directional pattern appears. Such an antenna consists of one or more active vibrators and additional passive elements.

USB-Bluetooth

These devices allow users to connect a PC with other Bluetooth equipment, whether smartphones, other PCs and all kinds of technology. According to cyber security experts, data exchange occurs through a radio channel.

The range of these devices depends on the characteristics given by the manufacturer, although they can reach up to 100 meters in an open space. Employing a USB-Bluetooth adapter, threat actors can establish communication between two nearby computers and even take control of keyboards, mice, and other devices.

LAN Tap

These are devices that connect directly to a computer network cable and create a copy of the network traffic, which in turn will be sent to another location. LAN taps are normally used in the implementation of intrusion detection systems, although they are also used by malicious hackers.

The logic of these devices depends on the “request-response” scheme, cyber security experts say. Before executing a request to perform an operation, it is necessary to populate the Request data object with a certain set of values, passing this data object to the given interface.

DSTIKE Deauthenticators

This is a technology created to disconnect any wireless device from an access point. Unlike a signal jammer (based on interrupting a signal using another stronger signal), deauthenticators work at the software level, deploying a denial of service (DoS) attack against the target access point, cyber security experts say.

Usually, deauthentication is part of a complex network attack, as it is used to create an “evil twin” of the access point or to intercept a handshake process that eventually allows malicious hackers to crack a password or access sensitive information.

USB “rubber ducky”

It looks and behaves like a conventional USB drive, but it’s actually an advanced hacking tool, cyber security experts say. A rubber ducky allows threat actors to compromise almost any system in a matter of seconds, transmitting a large number of commands to the affected system via a WiFi connection.

The target recognizes the rubber ducky as a standard HID keyboard and serial port, allowing interactive commands and scripts to be executed remotely, representing a considerable attack opportunity.

Smart Key Cloner

This device copies the data from any smart key to turn it into a new device, cyber security experts mention. In addition, this device is not limited to copying smart keys, but works with any type of chip and its use does not require a connection to a PC.

IP Microcamera

An IP microcamera is so tiny that it can be hidden almost anywhere. In the case of a hacking campaign, threat actors will want to hide these devices in locations close to the target in order to inadvertently monitor their activities and discover the victim’s passwords.

WiFi Repeater

These devices copy the features of a WiFi network in order to increase its range. The power these devices supply depends on the router itself, so users don’t have to worry about turning these devices on and off every time they connect to their home WiFi network.

An important feature of the device is the LAN port, through which it can bring up to 100 Mbps of traffic through the cable without charging the air and improving the quality of the network as a whole, plus there are two external 3dBi antennas and an integrated 16dBM transmitter.

USB Data Blocker

According to cyber security experts, a USB data blocker prevents the transfer of unauthorized data when charging a smartphone or any other device through a USB port. These devices are especially useful when charging a smartphone in public places such as shopping malls, airports, and public transport stations.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post 10 Best gadgets and tools for real hackers and cyber security professionals appeared first on Information Security Newspaper | Hacking News.

The flaws were identified by the manufacturer as PSV-2020-0363, PSV-2020-0364 and PSV-2020-0365 and so far do not feature CVE tracking key. These vulnerabilities did receive scores according to the Common Vulnerability Scoring System (CVSS) ranging from 7.4/10 to 9.4/10.

The researchers mention that attackers can abuse these flaws to compromise a router’s management pages without needing to log in to the system, in addition to the ability to perform side-channel attacks to access credentials saved on vulnerable devices.

After noticing something strange, the researchers downloaded the firmware of one of these devices and discovered that anomalous communication used the standard port, so they decided to delve into their finding using the QEMU tool, an open source emulator.

Examining how HTTPd dictates which pages should be served without authentication, the researchers found pseudocode such as the first-page handling code within HTTPd, which automatically approves certain pages as “form.css” or “func.js.”

Although this is not a problematic condition in itself, Netgear employs ‘strstr’ to check if a page has JPG, GIF, or ess_ substrings, trying to match the entire URL. In other words, researchers were able to access any page on the device, including those that require authentication, by simply adding a GET variable with the corresponding substring.

The researchers managed to abuse the first vulnerability, an authentication bypass bug, to see if they could recover the username and password used by the router, focusing specifically on the device’s backup and restore feature. By reverse engineering the functionality, they found that this was a relatively simple process.

For further reports on vulnerabilities, exploits, malware variants, cybersecurity risks and information security courses fell free to visit the International Institute of Cyber Security (IICS) websites, as well as the official platforms of technology companies.

The post 3 critical vulnerabilities in Netgear DGN-2200v1 series routers allows cyber criminals to spy to wifi traffic appeared first on Information Security Newspaper | Hacking News.

Carl Schou, a mobile security specialist, reported how he had a problem while connecting to his own WiFi hotspot (identified as ‘%p%s%s%s%s%n’). After some failed attempts the expert noticed that the WiFi functionality of his device was automatically disabled and enabled, a situation that was repeated even after restarting the device.

The expert mentioned that his tests worked successfully on an iPhone XS device running iOS v14.4.2. Moreover, a group of specialists confirmed that this flaw is also present in iPhone v14.6 devices.

Apparently, the only way to correct this problem is to reset the network settings of the affected devices. Affected iPhone users can follow these steps to address the issue:

• Go to the Settings menu on your iPhone, select the General option
• Under General, select Reset
• You will now be on the Reset screen, where you can reset various functions of the iOS system
• On this screen, select the ‘Reset network settings’ option and confirm that you want to continue with this process

These flaws are considered serious, as threat actors can create malicious WiFi hotspots, attracting users looking for free WiFi connections. The good news is that apparently this issue only exists on some versions of iOS, so Android device users are not affected.

Additional reports indicate that this flaw could exist due to the appearance of strings with the character “%” in the name of some WiFi access points. The operating system may misinterpret this symbol as a string format specification. This hypothesis could be confirmed in the coming days.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post Newly discovered iOS flaw prevents iPhone users from connecting their devices to a WiFi network appeared first on Information Security Newspaper | Hacking News.

Since the RTL8195A chip supports WEP authentication mechanisms, WPA and WPA2, a group of specialists discovered that the WPA2 hands protocol mechanism is susceptible to off-limit write and stack overflow errors: “The most severe of failures, tracked as CVE-2020-9395, is a stack overflow that could be exploited remotely by an unauthenticated threat actor”, mentions the report.

In addition, two minor vulnerabilities were reported that could be exploited even if threat actors do not know the network security key, which could lead to remote code execution or denial of service (DoS) conditions. The remaining three flaws relate to stack-based buffer overflow issues, which could lead to remote code execution, although these attacks require hackers to know the network security key.

In this regard, Realtek issued a security alert for CVE-2020-9395, mentioning that the RTL8711AM modules, RTL8711AF and RTL8710AF are also affected by this flaw: “The finding of a security issue has been reported on Realtek RTL8195AM, RTL8711AM, RTL8711AF and RTL8710AF devices prior to version 2.0.6, which could pose a security risk,” the report says.

On the other hand, the researchers who detected the problem mention that because there are no mitigation factors, the exploitation of this flaw is relatively simple: “This attack is possible regardless of whether the victim is the client or the access point, so it should be corrected as soon as possible.”

Every single flaw was addressed in the latest version of Ameba Arduino, available on Realtek’s official sites. It is recommended that vulnerable system administrators update their installations as soon as possible. Device versions created after March 3, 2020 have the necessary patches for CVE-2020-9395, while versions built after April 21, 2020 are fully patched for the rest of reported issues.

To learn more about information security risks, malware, vulnerabilities and information technologies, feel free to access the International Cyber Security Institute (IICS) website.

The post Multiple vulnerabilities in Realtek routers; update as soon as possible appeared first on Information Security Newspaper | Hacking News.

Below are details on some tools that, while feature different functions, were developed to provide you with as much information as possible about a WiFi network at your fingertips.

When performing these wireless network analyses, pentesting experts mention that you are more likely to choose the network that gives you the best performance and the fastest speeds. In general, most listed programs provide information such as:

• WiFi signal strength
• MAC addresses
• Channels, among others

Other tools feature more advanced options, such as network troubleshooters and modification of established settings, as mentioned by pentesting experts.

Interested administrators will be able to use these tools for basic network analysis tasks in all kinds of environments, from homes to business environments. These tools will help you detect where the WiFi signal strength weakens or find the reasons why your network performance is below optimal.

Xirrus Wi-Fi Inspector

This tool was specifically designed to monitor the status of a wireless network in real time. Available for Windows and macOS systems, Wi-Fi Inspector supports the latest wireless connectivity standards, as well as detecting unauthorized access points and having IT support features, pentesting experts mention.

InSSIDer

This tool displays the MAC address of each access point, in addition to the type of encryption it uses and the signal strength. InSSIDer is one of the most popular network troubleshooters, although there is no free version of the software.

On the benefits side, for less than $20 USD administrators will be able to measure the intensity and performance of their WiFi signal depending on the location of the router, so they can determine how walls or furniture interfere with the network.

WifiInfoView

This is a nearby wireless network scanner that gives users detailed information about each available connection. According to pentesting experts, among the data that this tool can list are:

• Network name (SSID)
• MAC address
• PHY level
• Signal quality
• Top speed
• Router name and model

WifiInfoView also has a special function so that all detected wireless networks are grouped by channel number and their maximum speed. This is a free tool although at the moment it is only available for Windows systems.

Wifi Analyzer for Android

Using this tool you can turn any Android device into a powerful WiFi network analyzer, as mentioned by pentesting specialists. WiFi Analyzer can help you find the best network at your reach for your router, showing nearby WiFi channels looking for the least requested.

WiFi Analyzer also has tools like Lan Neighbors, which provides information about nearby routers, and OUI Lookup, to verify MAC addresses.

NetSurveyor

This is a tool to validate your network configuration, find areas with low WLAN coverage, detect signal interference and unauthorized access points. According to pentesting experts, the data is displayed to the user using several charts and tables very easy to interpret, not to mention that it is possible to obtain the reports thrown in PDF format.

In addition to these advantages, NetSurveyor is a free tool that can provide great learning to the uninitiated, although at the moment it is only available for Windows systems.

IICS experts believe that using these tools can help system administrators complete their security environment, as well as increase the efficiency of WiFi connections.

The post Top 5 apps to audit WiFi networks appeared first on Information Security Newspaper | Hacking News.

Specialists from Ben-Gurion University, Israel, published an investigation describing an attack to turn any device’s RAM card into a wireless transmitter in order to receive sensitive data from air-gapped environments with no WiFi to locations controlled by attackers.

The attack, dubbed AIR-FI, is a type of undercover channel technique for data exfiltration: “This is not a technique for accessing a computer, but is a method of data theft that few security systems could foresee,” experts say.

Although these exfiltration channels do not pose problems for conventional computer users, they are a real threat to air-gapped systems, considered highly secure. These systems are implemented in government, military and business facilities for the protection of confidential documents.

While these attacks are considered rare, their existence has forced multiple organizations to reconsider the architecture of their systems to avoid leaving loose ends.

The AIR-FI attack is based on the electromagnetic waves generated by any electronic component as electricity circulates. Threat actors could place malicious code in an air-gapped system by manipulating the electrical current inside the RAM card of the target device to generate electromagnetic waves with a frequency identical to that generated by the WiFi spectrum (2400 Ghz).

The generated signal can be intercepted by any device with a WiFi antenna integrated within its range. Researchers mention that the attack was tested with various air-gapped systems, managing to extract data at a rate of up to 100b/s, which ended up on computers, smartphones and IoT devices, among others.

As a possible solution, specialists suggest that organizations with air-gapped systems deploy mechanisms to interfere with these signals to prevent transmission to threat actors. Ben-Gurion researchers have found at least a dozen more of similar mechanisms before. Some of these mechanisms are described below:

• LED-it-Go: Data extraction in air-gapped systems through the activity LED lights of a hard drive
• USBee: The data bus of a USB connector emits electromagnetic emissions that can be used for data leakage
• AirHopper: The local GPU card is abused to emit electromagnetic signals to a nearby mobile phone, which is also used to steal data

As mentioned earlier, these are not considered critical flaws, although air-gapped system administrators should consider security recommendations.

The post Converting RAM into WiFi cards and stealing data from computers with no internet appeared first on Information Security Newspaper | Hacking News.

So today we will talk about top 30 WiFi Hacking Apps both for Android and IPhone for the year 2020. Some of these Apps are available on Store and some of them can be download from links provided. Also some Apps might require rooted mobile. We will walk through all the Apps and download link is given under each App section.

1. WLANAudit

WlANAudit is a wifi network scanning app. This Application uses advanced algorithms & security tools. It checks the security of WLAN access points and wifi networks. Using this APP, we get network details like MAC Address, Frequency, Channel, Intensity, and, Default pass. In settings, we can set scan performance, WIFI Autoscan and Autoscan interval. In this application, we can also save known and unknown devices. To check the loopholes in our own wifi network, we can use this App.

Download

2. Andro Dumpper

Andro Dumpper another application to steal wifi. Using this application we can break the key and we can also use this application to find out the WPS security vulnerability. This application has the capability to decode any wifi key. In this application, we have few options like Auto scan notification/set scan period. It’s a new application, working very well and we can use this application in Rooted device.

Download

3. PULWIFI

Pulwifi is the same as the WIFIPass application. It can decrypt the network type of JAZZTEL_XXXX, WLAN_XXXX, YACOMXXXXXX, WIFIXXXXXX, and, WLANXXXXXX. Most of these types are used in the Huawei model and by default D-link routers. When we open this application, automatically it refreshes and captures all the wifi networks and displays them. We can enter the MAC address and network name to check the wifi network. We can also set the refresh rate and it comes with many languages.

Download

4. WIRELESS CRACKER

Wireless cracker is another application to hack/crack the wifi key. This application decrypts the key of different network types Bbox-XXXXXX, INFINITUMXXXXXX, SpeedTouchXXXXXX, Orange-XXXXXX, and ThomsonXXXXXX.

Download

5. Free WIFI Password Router Key

This is the best tool for wifi password hacking applications. This application starts scanning the wifi networks around us and it also has an ability to display the password on the screen by choosing the network. We can share the password with anyone without knowing the owner. We don’t need the internet to use this application and no need to root the device.

Download

6. WIFI Password

WIFI Password is another best application to connect to wifi without knowing the password and this is the application that can hack wifi network directly through any Android phone. We can use this application as a wifi security guard and this application can detect wifi security with network details. The WIFI password shares its password and other security details. This application works very fast.

Download

7. WIFi WPA WPS tester

WIFi WPA WPS tester another best tool for wifi hacking. This application measures wifi signal strengths. This application works like, it tries to gain access using WPA and WPS PIN since most of the wifi networks use the same logical algorithm and security loopholes. We can use this application to check our WIFI network security and we have to root the device to view the wifi passwords.

Download

8. Wifi inspector

WIFI inspector check the security system for our wifi network and it also checks the vulnerability issues. Using this application we can collect all the information related to the wifi network and to check IP & Mac address for those who are connected to our LAN (Local Area Network). This application inspects every 30 seconds. WIFI Inspector application works perfectly on android 4.0.

Download

9. Fing

Fing gives users an option to check those who are connected with device name IP and MAC address and vulnerabilities. This Fing is an advanced application, it gives users an option for internet speed test and we have few more options like ping, Find DNS lookup, open ports, traceroute, and Wake on LAN. We also get some advanced information like NetBios, UPnP, SNMP and, device information. It has the capability to filter spy cameras on a shared network.

Download

10. Wifi analyzer

WIFI Analyzer will collect all the wifi network devices around us and it also displays traffic of these networks and graphical chart. This application also finds a vulnerable network. Using this we can access the network, to find all the network details like IP address, SSID, distance, Netmask number, etc.  

Download

11. Wifi WPS Connect

To use Wifi WPS Connect our device must be rooted. If our device is rooted, we can gain any wifi network access. If wifi is WPS connected, we don’t need to hack this application, we can recover the password of the wifi network which we are previously connected to it and we also get the required network information. This application has a common value for different algorithms. We can use this application only on android 5 or more.

Download

12. WIFI Warden

WIFI Warden application is used to find out the essential information and default PIN. Using this application we can find out the Channel number, Channel bandwidth, SSID, BSSID security, WIFI network around us. This application can increase the security of our WIFI Network.

Download

13. CR WIFI – Social App

CR WIFI is not used for hacking. This application is like social media, where we can chat with different persons. To chat, firstly we have to register with our name and we can view the new blog in this application.

Download

14. Router Keygen

We can decrypt wifi key. For this, we have to scan the wifi networks around us. After that using this application we can decode the password with WEP and WPA. It also decrypt wifi password, if in case SSID and password are not modified/left default.

Download

15. HHG5XX WEP Scanner

This application can decrypt all the wifi passwords of all Huawei brands by using this mac2wepkey algorithm and especially the HHG5XX model & its passive scanning. It will generate the key using the MAC address. This application is especially for Huawei. After hacking the wifi password the results will be stored in the SD card.

Download

16. WIFIPASS

Wifipass is the best application to steal wifi, WiFi network as JAZZTEL_XXXX or WLAN_XXXX. If the SSID is in the database, it decrypts the wifi password immediately, and if wifi default the password has not changed. This application is very past in scanning and decrypting the network key with few minutes.

Download

17. Turbo WIFI

Turbo wifi is another password recovery or it can decrypt the wifi key. This application takes vulnerability as an advantage and if our router has a TURBONET_XXXXXX SSID and WEP key this application makes complete vulnerable.

Download

18. Network Mapper

Network mapper is another best tool to explore wifi network and also useful for wifi hacking for any android mobiles. Experts of International Institute of Cyber Security says that this application shows us the weakest wifi network around us and tells us a vulnerable network. The network mapper application is compatible with all android devices. This application displays all the open and closed ports in the network and it can analyze bandwidth usage information and wifi hotspots.

Download

19. RouterPWN

RouterPwn is one of the programs to steal the password. We can use this application for security auditing and can perform the local test without connecting to the internet.

Download

20. Network Spoofer

Network spoof is used to play with different stuff on other devices, which are connected to the same LAN/wireless network. We can also call this application as playing prank tool. Using this application we can change all the images on the web page, which we visit, change internet search results, redirect website traffic to another phone, play any youtube video, and change the text. To perform all these pranks we have root our device.

Download

 21. WIFI Master

WiFi Master is one of the best applications for wifi hacking. When we open this application, it starts scanning the network around us and it also finds out the vulnerable network devices. This application is available in different counties and in different languages

Download

22. WIFI Password Recovery Pro

Wifi password recovery pro is the best application to recover the passwords of any wifi network. This can retrieve all the passwords which are previously connected or we also find essential information of the previously connected network. This application shows wifi networks in a chat and it has an offline search capability.

Download

 23. Zanti

Zanti is a wifi network hacking toolkit for all android mobile. Using this application we can find out vulnerabilities in our network and easy/simple to use this application. In this option we have 3 different options Redirect HTTP, SSL Strip, and, Replace Images. We have to turn on to perform these options and we have complete information about the MITM option.

Download

24. DSploit

Dsploit is an application that will use to audit the complete wifi network and display all the devices which are connected to LAN and this application captures all the network traffic. It also finds out the vulnerabilities by scanning the ports and we can list out the weak network devices and even we can steal the passwords of Facebook, Twitter, Instagram, or other services. DSploit application can run only on rooted devices.

Download

25. Reaver

The Reaver is a user interface application, this application scan all the router automatically which are nearby and it also supports monitoring WPS enable and disable mode. If the WPA is cracker it allows us to connect to that network. It also supports advanced configuration options. That means beginner and export users can use this application to take advantage of these features.

Download

26. WeeNet

WeeNet is the best application for wifi auditing, using this application it will list out the network information, a number of devices, and type of devices. Using this application we can ping to list out all the open TCP and UDP ports in the network or we can manually enter the IP address or domain to know the information like traceroute, port numbers, whois, and DNS. WeeNet application has network diagnosis, in this will come to know the internet speed and quality of the signal and it also wifi router actual location and signal strength.  

Download

27. Netcut

Netcut application can detect all the users in the wifi network, this application is very important for password security. This is the best application to secure our network.   

Download

28 Wifiaudit – Iphones

Wifi Audit is used to crack the wifi network password of all iPhone and it’s the best application to hack the internet keys of a wifi network. This application takes very little time to crack the password. WiFiAudit application displays all the network information like BSSID, IP/MAC address, Location, latitude, and Longitude of the devices.

Download

29. Wifi Key View

Wifi key view is the best application to crack the wifi network password. We can use this in all android mobiles. This application displays all the network information and it can also crack the passwords around us for this, we have to root our device. It has a modern user interface and also supports different wireless profiles. This can list out all android connections around us.

Download

30. Show Wifi Password

This application shows all the wifi network information in one click like SSID, Encryption, and distance. The main aim of this application is to collect all the wifi password. which we prefer to know and all these passwords are saved in our device. We can use this application in all android mobiles.

Download

Conclusion

So we saw top 30 Android and IPhone Apps to crack nearby WiFi. All hacker while doing and scan change their mobile identity, which sometime make them anonymous.

The post Top 30 WiFi Hacking Apps of Android and IPhone in 2020 appeared first on Information Security Newspaper | Hacking News.

This router was launched almost ten years ago and, for a few months, users in the U.S. stopped receiving updates; on some European websites, the router has stopped selling, although providers are still releasing regular updates. 

A team of specialists from a Palo Alto Networks cyber security course detected these flaws a couple of months ago, which they notified D-Link. Researchers believe that other similar products could be affected by the same flaws (newer models share the same code), although this has not been confirmed. The most severe vulnerabilities are described below, along with their identification keys and scores according to the Common Vulnerability Scoring System (CVSS):

• CVE-2020-13782: This is an arbitrary command injection flaw that received a CVSS score of 9.8/10, so it is considered a critical error. 
• CVE-2020-13786: This is a Cross-Site Request Forgery (CSRF) flaw that received a score of 8.8/10
• CVE-2020-13785: An inadequate encryption failure that received a score of 7.5/10

It should be noted that the most severe of these errors has not been fixed, as only three of the six reported vulnerabilities were updated.

Although CVE-2020-1378 is a critical flaw, experts in a cyber security course say their exploitation requires authentication. This could be achieved by a CSRF attack, but the CVSS score of this failure will most likely be adjusted to the downside. One of Palo Alto’s researchers mentions that the joint exploitation of some of these flaws would allow hackers to detect network traffic and steal session cookies.

In response, D-Link released a beta version of this router’s firmware, although this measure will only correct three of the reported failures. Because this product has stopped receiving updates, the company recommends users purchase one of its most recent products. However, switching devices is not a common practice among home router users.

For further reports on vulnerabilities, exploits, malware variants and computer security risks, it is recommended to enter the website of the International Institute of Cyber Security (IICS), as well as the official platforms of technology companies.

The post D-Link DIR-865L WiFi is the most insecure router; 3 critical security flaws unfixed appeared first on Information Security Newspaper | Hacking News.

The vulnerability, tracked as CVE-2019-15126, is present on devices with Broadcom and Cypress WiFi chips with no updates. It should be noted that these chips are the most used by manufacturers of WiFi-capable devices, such as smartphones, Internet of Things (IoT) devices, laptops, tablets and more. The flaw was dubbed as KrØØk by ESET researchers.

In addition, the flaw does not only affect customer devices, but extends to Broadcom WiFi access points and chip routers, so business and government environments could also be affected.

Regarding the affected devices, ethical hacking specialists say that many of today’s most employed technology developments are vulnerable to these flaws. Affected devices include manufacturers such as:

• Amazon (Echo & Kindle)
• Apple (iPhone, iPad, MacBook)
• Google (Nexus)
• Samsung (Galaxy)
• Xiaomi (Redmi)

The flaw affects WPA2-Personal and WPA3-Enterprise protocols, with AES-CCMP encryption. According to the researchers’ estimates, more than one billion actively used devices worldwide would be exposed to the exploitation of KrØØk, and that’s just users’ devices; the compromised access points’ calculation is still missing.

Ethical hacking specialists say this flaw is related to key reinstallation attacks (KRACK), detected a couple of years ago, albeit with some key differences. “Initially, we found that KrØØk was one of the possible causes of the KRACK attacks, thanks to the finding of a vulnerability in Amazon Echo,” the ESET report mentions.

The International Institute of Cyber Security (IICS) mentions that the flaw was reported to affected manufacturers in a timely manner, so updates must already have been installed on most vulnerable devices. Users are encouraged to verify that there are no pending updates for their devices.

The post Hackers could decrypt WiFi data from Apple (iPhone, iPad, MacBook), Samsung and Xiaomi devices appeared first on Information Security Newspaper | Hacking News.

In case you find a nearby WiFi network, Emotet can infect any connected device, meaning great attack potential for malware developers. This new version of Emotet includes new social engineering evasion tactics to perform malicious activities like credential theft, Trojan deployment, among others.

Although the first records of this wireless malware propagation binary occurred in early 2020, network security specialists mention that the executable has a timestamp of April 16, 2018, meaning that this attack vector remained unnoticed for almost two years.

This new version of Emotet infects the target device with a self-extracting RAR file containing two binaries (worm.exe and service.exe) used for propagation via WiFi. After decompression of the RAR file, the worm.exe binary runs automatically. After execution, the binary begins to scan for other WiFi networks for propagation. Emotet uses the wlanAPI interface, used to manage wireless network profiles and network connections.

When obtaining a WiFi identifier, the malware calls WlanEnumInterfaces (function to enumarate all available networks on the victim’s system). This function returns the wireless networks listed in a series of structures that contains all their details (SSID, signal, encryption, authentication method, etc.).

When data collection for each localized network is complete, Emotet deploys a ‘brute force loop’ to access the attacked networks; if it fails to connect to a target network, the function is repeated on the next network. Network security experts have not determined how hackers obtained the password list, although it may be the product of a data breach.

In case of finding the correct password and realizing the connection, the malware stays asleep for about 15 seconds before sending an HTTP POST to the attacker’s C&C and establishing the connection to the WiFi network. Finally the built-in Emotet executable is delivered, so that the malware begins to infect all possible devices.

Network security experts at the International Institute of Cyber Security (IICS) mention that one of the main ways to protect against potential Emotet infections is the establishment of strong passwords, since the list of passwords used by hackers should contain, for the most part, factory passwords for WiFi devices. 

The post This malware spreads over WiFi networks without user interaction appeared first on Information Security Newspaper | Hacking News.