Wednesday, February 11, 2009

We're jamming

Again, I have been neglecting my blog and I apologise! Little one was in hospital for the first 2 weeks of the year and I've taken 3 weeks to catch up.

Continuing with the wireless attack theme I came across an interesting way (illegal) to force a deauth. As some of you will know, to get the 4-way handshake needed for WPA cracking you need to force a authentication of a client and pick up the transaction of packets as it reauthenticates. However, this is easier said than done and does not always work.

One way to ensure deauth is to employ a hardware wifi jammer. You can readily source from the Far East a jammer with 30+ft range which is sufficient to take out a house's wifi network whilst walking by. Now I am at pains to say that jamming a radio signal in the UK is illegal and I mention this only for my LE friends who may be able to get the appropriate clearances/warrant to achieve a deauth this way. Of course you would need an antenna faced on the property ready and running Kismet or Airodump to grab the packets as the reauth takes place. I wrote some great Linux Shell scripts to automate the process recently to achieve just this type of situation.

I wont publish where to purchase them, you can always get in touch.

You can also pick up a GSM jammer while you have your credit card out and next time you see in your rear view mirror the lorry driver chatting on the phone whilst passing the local primary school you could have the satisfaction of hitting the button and jamming his call. Oh if only it was legal!!