Contents1. Introduction2. Equipment3. Setup4. Conclusion5. Resources1. IntroductionTo start off, lets define the word �wardriving� : the act of locating and possibly exploiting connections to wireless local area networks while driving around a city or elsewhere. [techtarget.com] Wardriving can be a very useful tool if you don�t feel like paying a monthly fee for a high speed internet connection. It also can be useful if you want to search the web anonymously.Wireless networking is fairly insecure, especially in the hands of Joe Schmoe who wants to be cool with a wireless network. More than 75% of the networks you'll find will have the default SSID, and more than likely, the default router login. ie. Just about all Linksys routers can be connected through via http://192.168.1.1/, leaving the username blank, and using "admin" as the password.But if you get access to a person�s access point (AP) are you really anonymous? No, you are not completely anonymous. Yes, you aren�t using your own internet connection so the ip you are surfing the web from isn�t linked to your ISP account, but if you are constantly using the same person�s AP you are bound to get caught. But there is an easy solution to this:First off, NEVER USE THE SAME AP MORE THAN TWICE IN THE SAME MONTH! Better yet, never use the same AP more than twice!Second, change your MAC address. You might be asking yourself what is a MAC address. Well it�s the address that goes along with your network card. There are programs out there that can do this for you. Macmakeup and SMAC to name a few. (I will be getting into more detail about this later on in the tutorial.)Third, use some form of a proxy after logging into the AP, to help anonymize yourself even more from whoever might be trying to track you down.2. Equipmenta. Wireless network cardb. Laptop or Desktop if you feel like staying at home.c. NetStumbler (www.netstumbler.com)d. Antennae. GPS receiver (optional)f. Power inverter (if you plan on using your laptop in your car for a long period of time)(see the resources section for websites where you can buy wardriving equipment)Why should I have GPS?GPS comes in VERY handy if you want to return to the networks at a later time, or if you're trying to map out all the networks that you find. It's better than having to slow down every time you find an AP, and write down the exact location.What's the big deal with antennas?An antenna is HIGHLY recommended, especially an omnidirectional antenna. There are a lot of tutorials on the web that can tell you how to make your own antenna. Here is a good site to checkout. Most WiFi cards have terminals to hook up an antenna, so if you can get your hands on one, use it to your advantage. It will let you get a MUCH better signal on the AP's, and detect them from further away.3. SetupFew things before you can start wardriving anonymously:Install programs: SMAC, NetStumbler, NetView, and SocksChain.Turn on computer with your wireless card removed.Have your antenna connected to wireless card.Open up NetstumblerInsert Wireless cardGo to Network Connections on your computer and select the wireless card you just inserted and enable it.Ok, now that you have your wireless network card, laptop or desktop, netstumbler installed and your antenna hooked up to your network card we can begin.Start driving around with netstumbler open and put your antenna in a good location in, or on your car. My antenna has a magnetic bottom to it, so I place mine on the top of my car. Soon after driving around neighborhoods or office buildings you should start picking up AP�s. After you get a few, pull over and check them out, if you can log onto a webpage, you�re in and can do whatever you want.For each WiFi network it uncovers, Network Stumbler tells you the network's SSID, name, manufacturer, channel, type, signal strength, signal-to-noise ratio, and whether the network's encryption is enabled, among other details. Armed with that information, you can try to connect to the network. If a network uses encryption, a small lock appears next to it. You are looking for AP�s with a green colored circle next to it.Before you start searching the web like a mad man, lets go over some security procedures you should take before you do anything.MAC Address ChangingNow what you want to do is change your MAC address to a MAC address that is on the network you have just gotten access to. Open up your web browser and go to www.whatismyip.com . Copy the ip that is listed. Open up NetView and go to Tools > Network Scanner. In the IP range take your ip. Ie: 124.232.12.45 and then make a range out of it that looks like this: 124.232.12.1-124.232.12.255 Click the radio button next to ARP under the scan settings section and now hit the start button. (sometimes this doesn�t work, so best thing to do is first scan the range using Ping and then add an ip that gets pinged to the hostlist by right clicking the ip and �add ip to hostlist� and then click the check box next to main hostlist and then click the ARP radio button and scan that to find out its MAC address.) Wow that�s a mouth full.OK, so now you have a person�s MAC address that�s on the network. Now go to SMAC (you need to buy the program or get a crack for it) and then change the MAC address to the one you found on the network.Now if any network admins looks to see who is accessing the network they won�t see an unknown computer logged in. Of course some times the network wont allow u on if there are 2 identical MAC address's, so the program MacMakeup is good to use cus it has a list of a lot of different MAC address. So pick one of those and u will be set to go.Here is a website that lists wireless defaults and vulnerabilities:http://www.remote-exploit.org/content/wlanvuln.htmlUsing a Proxy ChainThis section was written by: BeretaSocksChain � this tool on the localhost port X creates Socks5 server and all data( which is going through created port) transfers through the chain you have made for. At the beginning program connect to the first server of chain and transfers a packet to it then server send to second server and etc. If you want to trace a sender you�ll need to analyze all servers logs and that it�s quite difficult task and if some server doesn�t save log, to trace a sender become impossible.:: Preparing a tool ::Let�s say you have successfully installed and started SocksChain. Now you must to update proxy servers list (which will let you to create chains in the future) for that we must start Proxy Manager (Tools -> Proxy manager) and press the button Add. Now you have to enter proxy server address and press OK in the risen window. Now left only to describe numbers of ports by pressing edit button(which servers use to exchange data) and press test all button to test servers status. I should say about very useful button update list. If you press this button program will automatically update it�s proxy list and test servers status.I think it is very useful function.:: Creating a chain ::First press: Service -> New. Field of name enter a name for your chain, for example �mychain�. Field of port � from 1 to 65535 free select our chain�s port (for example 12345). Now we must select proxy addresses which will make our chain .There are two areas: upper and lower. In the first area place those servers which is going to start our chain and in the second area place those proxy servers which is going to end our chain. If you want to add server to a list, select server from the list on the right and press add button. (usually people prefer socks5 server because they are more universal). If you see that server is successfully added to the list that means you�re in the right way and you can continue your servers list. Don�t do very long chain because it really slows your internet speed. I prefer to choose between 2-5 servers according your internet speed. Then you will choose all servers simply press OK button and service will start.:: Using a chain ::So service is ready and now we need to set data into proxy server�s port which you chose before (for example if I chose 12345 so it�ll be 12345). If program supports proxy servers then do it isn�t difficult in settings just simple enter proxy address 127.0.0.1 and port X you have chose (for example 12345). Now I will talk about what to do if program doesn�t support proxies. SocksCap is ready to help us in this situation. It takes control of all yournet data and send data to proxy server. This tool is easy to config. From meniu selectFile ->tings. In the field of server enter address 127.0.0.1, in the field of port enter port you have chose (12345 for me), in the section of Protocol select select SOCKS version 5 and press OK button.:: Working only with SocksChain ::If you have later than 3.8 SocksChain version you don�t need SocksCap. Just simply add applications to application list in SocksChain by clicking right mouse button and select add. When application is added just double click on it.3. ConclusionOk, now you are all set to go wardriving and surf the web anonymously. Just remember to not use the same AP more than twice and don�t constantly wardrive in the same area. Spice things up a bit and change your locations frequently. This will make it harder for anyone to pinpoint where you might live, or where you might be wardriving. Also, try not to go wardriving at the same time everyday. Make it as hard as possible for anyone that might be looking for you. Randomly pick times of the day and randomly pick areas to go wardriving in to limit the possibilities of being found. Remember admins are getting mad that people are wardriving so people are creating programs that act as honeypots and also programs that can easily triangulate the position of a wardriver. So don�t wardrive in the same location for a long time to minimize being located. Also, when wardriving in your car, I think its best to have a car that has tinted windows. I mean, who wants to be in the back seat of their car on their computer (or with a girl for that matter) and have people walking by and being able to look in? I personally have limo tinted windows on my windows, so no one can see in.. hehe And finally, HAVE FUN! You�re using someone else�s internet for FREE, so enjoy it while you can.4. ResourcesMore Informationwww.wardriving.comwww.wifimaps.com - Great website to find hotspots and AP�s in your area.http://stream.lpbn.org:8080/ramgen/W...rm?usehostname - Video of a guy using NetStumblerhttp://www.jiwire.com/glossary.htm?id=276 - Wardriving glossary termsSoftwarehttp://www.wardrive.net/wardriving/toolswww.netstumbler.comhttp://www.nsd.ru/soft.php?group=hacksoft&razdel=anonim (sockschain and sockscap)http://www.tucows.com/preview/360750.html - Netviewhttp://www.klcconsulting.net/smac/ - SMACEquipmenthttp://www.wlanparts.com/ - GREAT SITE!http://www.jefatech.com/product/WARDRIVINGKIThttp://lists.virus.org/wardriving-0307/msg00019.html - Lists of ways to make homemade antennas.
Комментариев нет:
Отправить комментарий